本文共 3729 字,大约阅读时间需要 12 分钟。
由rpm构建的apache是适合大多数场合的应用,它包含了大多数的模块,而我们只是用它去构建反向代理,过多大模块反而不好,影响了性能,所以我们选择了针对性的源代码编译,让apache去适应我们的平台。
下载源代码:
wget
解压
tar zxvf httpd-2.2.25.tar.gz
cd httpd-2.2.25
编译安装的前提条件
yum install -y gcc gcc-c++ apr apr-devel apr-util openssl openssl-devel
根据gcc版本,和cpu架构,进行优化编译
使用gcc -v查看gcc的版本
cat /proc/cpuinfo 查看cpu型号
uname –r 查看 操作系统的版本
编译安装
CFLAGS="-march=core2 -mtune=generic -O2 -pipe" CXXFLAGS="{CFLAGS}" ./configure --enable-layout=RedHat --enable-modules=so --enable-ssl --enable-rewrite --enable-proxy
make
make install
清除调试符号,节省内存空间
strip /usr/sbin/httpd
使用httpd –M检查添加的模块
httpd -m |grep rewrite
httpd -m |grep ssl
httpd -m |grep proxy
使用httpd -k start 启动apache
使用 httpd -k stop 关闭
使用 httpd -k restart 重启
echo “/usr/sbin/httpd –k start” >>/etc/rc.local 设为随机启动
配置ssl
红色字体为新添加的配置
#redirect non-ssl request to ssl requres
Redirect /
SSLSessionCache "shmcb:logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
ProxyRequests off
listen 443 https
NameVirtualHost *:443
<VirtualHost *:443>
# Site info
ServerName webprox1.contoso.com
ServerAdmin administrator@contoso.com
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /etc/httpd/conf/ssl/web.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl/web.key
SSLCACertificatePath /etc/httpd/conf/ssl
SSLCACertificateFile /etc/httpd/conf/ssl/ca.pem
# Rewrite engine on
RewriteEngine On
RewriteOptions Inherit
# Log filenames
ErrorLog /etc/httpd/logs/error-inotes-redirect
CustomLog /etc/httpd/logs/access-inotes-redirect common
LogLevel warn
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
# Rule 0 : If Cookie is set and user logs out, remove the cookie
RewriteCond %{HTTP_COOKIE} ^.*iNotesServer=.*
RewriteCond %{QUERY_STRING} ^Logout
RewriteRule ^/.* - [CO=iNotesServer:domino1:.contoso.com:1]
# Rule 1 : Read domino server name from first access to the mail directory,
# save it to the cookie and redirect to the mail server
RewriteCond %{REQUEST_URI} ^/(.*)/mail
RewriteRule /(.*)/mail/(.*) http://$1.contoso.com/mail/$2 [P,CO=iNotesServer:$1:.contoso.com]
# Rule 2 : If cookie is set, use it to rewrite rules for iNotes generated URLs
# and non mail DBs for the server definde in the cookie iNotesServer
RewriteCond %{REQUEST_URI} ^/favicon.ico [OR]
RewriteCond %{REQUEST_URI} ^/domjs [OR]
RewriteCond %{REQUEST_URI} ^/domjava [OR]
RewriteCond %{REQUEST_URI} ^/domcfg.nsf [OR]
RewriteCond %{REQUEST_URI} ^/iNotes [OR]
RewriteCond %{REQUEST_URI} ^/icons [OR]
RewriteCond %{REQUEST_URI} ^/iwaredir.nsf [OR]
RewriteCond %{REQUEST_URI} ^/names.nsf [OR]
RewriteCond %{REQUEST_URI} ^/mail [OR]
RewriteCond %{REQUEST_URI} ^/archive [OR]
RewriteCond %{REQUEST_URI} ^/download [OR]
RewriteCond %{REQUEST_URI} ^/dwa(.*)
RewriteCond %{HTTP_COOKIE} ^.*iNotesServer=([^;]+)
RewriteRule /(.*) http://%1.contoso.com/$1 [P,L]
# Rule 3 : if no cookie set -> on first access on the iNotes iwaredir.nsf
RewriteCond %{REQUEST_URI} ^/favicon.ico [OR]
RewriteCond %{REQUEST_URI} ^/domcfg.nsf [OR]
RewriteCond %{REQUEST_URI} ^/iwaredir.nsf [OR]
RewriteCond %{REQUEST_URI} ^/names.nsf
RewriteRule /(.*) http://domino1.contoso.com/$1 [P,L]
# Rule 4 : everything else should be redirected to the original link
RewriteCond %{REQUEST_URI} ^/
RewriteRule / http://domino1.contoso.com/ [P]
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
ProxyPassReverse /domino1/mail/ http://domino1.contoso.com/mail/
ProxyPassReverse / http://domino1.contoso.com/
</VirtualHost>
性能优化
取消http.conf中
Include /etc/httpd/conf/extra/httpd-mpm.conf 的注释,即删除前面的#号
修改 prefork段的值
<IfModule mpm_prefork_module>
ServerLimit 1000
StartServers 15
MinSpareServers 15
MaxSpareServers 20
MaxClients 1000
MaxRequestsPerChild 3000
</IfModule>
本文转自 高文龙 51CTO博客,原文链接:http://blog.51cto.com/gaowenlong/1281165,如需转载请自行联系原作者