背景:
Docker进入大众的视野已经7个年头了(国内火起来),可谓是经历了多次的大热大冷,走到今天我觉得它还是一个中小企业实现运维自动化的不二选择。18年接触Docker时根据公司业务制作了一系列的订制镜像,今天重启基础服务升级。将制作经验分享出来。
材料:
1、Dockerfile
# base image
FROM docker.io/million12/centos-supervisor:latest
# MAINTAINER
MAINTAINER pengfeima@powerbridge.com
#中文编码
#RUN yum -y install kde-l10n-Chinese telnet && yum -y install glibc-common && yum clean all && localedef -c -f UTF-8 -i zh_CN zh_CN.utf8
ENV LC_ALL en_US.utf8
#解决AWT类库的问题
RUN yum -y install fontconfig && fc-cache --force
#添加依赖库
RUN yum -y install gcc gcc-c++ make zlib-devel pcre-devel openssl-devel curl tree
# make a new directory to store the nginx files
RUN mkdir /etc/nginx
# copy the jdk archive to the image,and it will automaticlly unzip the tar file
ADD nginx-1.22.1.tar.gz /usr/local/
# make a symbol link
RUN cd /usr/local/nginx-1.22.1/ && ./configure --prefix=/etc/nginx && make && make install
#add conf.d
#ADD nginx.conf /etc/nginx/conf/ && mkdir -p /etc/nginx/conf.d/
# change config
RUN mkdir -p /etc/nginx/conf.d/ && chmod +777 /etc/nginx/conf.d/
# 覆盖nginx 默认配置
ADD nginx.conf /etc/nginx/conf/
ADD default.conf /etc/nginx/conf.d/
#start nginx
RUN useradd nginx && cd /etc/nginx/sbin && ./nginx
# set environment variables
ENV NGINX_HOME /etc/nginx/
ENV PATH ${NGINX_HOME}/sbin:$PATH
# set supervisor.d
RUN mkdir -p /etc/supervisor.d && mkdir -p /usr/project
ADD start_shell.sh /usr/project/
ADD supervisord.conf /etc/2、nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/error.log warn;
pid /etc/nginx/logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
3、supervisord.conf
[supervisord]
pidfile = /run/supervisord.pid
# It seems that it's not possible to swith this log to NONE (it creates NONE logfile)
logfile = /data/logs/supervisord.log
# Set loglevel=debug, only then all logs from child services are printed out
# to container logs (and thus available via `docker logs [container]`
loglevel = debug
# These two (unix_http_server, rpcinterface) are needed for supervisorctl to work
[inet_http_server]
port = :9111
username = sv
password = password
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl = http://localhost:9111
username = sv
password = password
[program:start-shell]
autostart=true
priority=111
startsecs=0
directory=/usr/project/
autorestart=unexpected
startretries=3
command = /bin/bash -c "chmod u+x start_shell.sh && ./start_shell.sh"
stdout_logfile=/var/log/startshell.log
stderr_logfile=/var/log/startshell_error.log
[program:nginx]
command = nginx -g 'daemon off;'
startsecs=0
autostart=true
autorestart=true
stdout_logfile=/var/log/nginx_sup.log
stderr_logfile=/var/log/nginx_sup_error.log
stopasgroup=true
killasgroup=true
[include]
files = /etc/supervisor.d/*.ini4、start_shell.sh
#!/bin/bash
echo "update supervisor.config !"
if [ ! -d "/usr/local/pys/" ];then
mkdir -p /usr/local/pys/
else
echo "文件夹/usr/local/pys已经存在"
fi
cd /usr/local/pys/
for file in $(ls *)
do
python $file
done
echo "没有需要执行的py脚本"
cd /etc/nginx/conf.d
for file in $(ls *)
do
mkdir -p /etc/nginx/conf.d.bak/
cp -rf $file ../conf.d.bak/$file.bak
done
sed -i "s/#PB_GATEWAY/$PB_GATEWAY/g" `grep \#PB_GATEWAY -rl /etc/nginx/conf.d`
sed -i "s/#IFRAME_ENTRY/$IFRAME_ENTRY/g" `grep \#IFRAME_ENTRY -rl /etc/nginx/conf.d`
sed -i "s/#IFRAME_PTS/$IFRAME_PTS/g" `grep \#IFRAME_PTS -rl /etc/nginx/conf.d`
sed -i "s/#SERVER_ADDRESS/$SERVER_ADDRESS/g" `grep \#SERVER_ADDRESS -rl /etc/nginx/conf.d`
sed -i "s/#SERVER_ADDRESS_A/$SERVER_ADDRESS_A/g" `grep \#SERVER_ADDRESS_A -rl /etc/nginx/conf.d`
sed -i "s/#SERVER_ADDRESS_B/$SERVER_ADDRESS_B/g" `grep \#SERVER_ADDRESS_B -rl /etc/nginx/conf.d`
sed -i "s/#SERVER_ADDRESS_C/$SERVER_ADDRESS_C/g" `grep \#SERVER_ADDRESS_C -rl /etc/nginx/conf.d`
sed -i "s/#SSL_A/$SSL_A/g" `grep \#SSL_A -rl /etc/nginx/conf.d`
sed -i "s/#SSL_B/$SSL_B/g" `grep \#SSL_B -rl /etc/nginx/conf.d`
sed -i "s/#SSL_C/$SSL_C/g" `grep \#SSL_C -rl /etc/nginx/conf.d`
sed -i "s/#SERVER_PORT/$SERVER_PORT/g" `grep \#SERVER_PORT -rl /etc/nginx/conf.d`
sed -i "s/#IP_ADDR/$IP_ADDR/g" `grep \#IP_ADDR -rl /etc/nginx/conf.d`
sed -i "s/#PB_GATEWAY/$PB_GATEWAY/g" `grep \#PB_GATEWAY -rl /home/soft/`
sed -i "s/#IP_ADDR/$IP_ADDR/g" `grep \#IP_ADDR -rl /home/soft/`
time=$(date "+%Y-%m-%d %H:%M:%S")
filePath="/usr/project/supervisor_file.cfg"
if [ ! -f "$filePath" ];then
supervisorctl update all
sleep 10s
supervisorctl reload
touch $filePath
echo $time > $filePath
echo "成功创建认证文件"
else
echo "已存在认证文件"
fi
5、default.conf
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /etc/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /etc/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
6、nginx-1.22.1.tar.gz
下载地址 :http://nginx.org/download/nginx-1.22.1.tar.gz
8、需要网络
制作:
执行命令:docker build -t 镜像名:版本 .
使用:
1、在docker run -it 镜像名:版本 -e 指定环境变量文件 -v指定映射文件目录 -d 后台运行。。。。
2、docker-compose 中运行,脚本如下:
version: '3'
services:
docker-enms-mobile:
image: docker:9090/enms/docker-enms-mobile:1.0
container_name: docker-enms-mobile
env_file:
- ./envs/enmsConfig.env
ports:
- 80:80
volumes:
- ./logs:/var/log
- /etc/localtime:/etc/localtime3、环境变量文件结构如下:
582
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
