我有2个独立的java web(apple& banana)应用程序在同一物理Linux服务器上的2个单独的Tomcat servlet容器中运行:
我想使用NGINX充当反向代理,并将SSL加密的HTTP流量转发到其各自的Tomcat实例进行维护。
我已经在几个地方对网络进行了研究,有些实例是如何加载平衡,缓存,但无法找到与我的方案相关的任何内容,或者我的配置有什么问题。这是我的/ etc / nginx / sites-enabled / default配置:
upstream apple {
server 21.21.21.21:8080;
}
upstream banana {
server 21.21.21.21:8085;
}
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/contint.hln.access.log;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90;
location /banana/ {
proxy_pass http://banana;
}
location /apple/ {
proxy_pass http://apple;
}
# location ~* \.(css|js|gif|jpe?g|png)$ { # -- This doesn't help with caching, rather seems to filter them from the page
# expires 20m;
# }
}
非常感谢任何帮助。