下载地址
模块下载zip格式的, tar包有一个无法解压
目录结构
tree
.
├── Dockerfile
├── nginx.conf
├── nginx-module-stream-sts-0.1.1.zip
├── nginx-module-sts-0.1.1.zip
├── nginx-module-vts-0.1.18.zip
├── openresty-1.21.4.2.tar.gz
├── upstream-default.conf
└── vhost-default.conf
Dockerfile
FROM alpine:latest AS openresty-vts-build
ADD openresty-*.tar.gz /usr/local/src/
COPY nginx-module-vts-*.zip /usr/local/src/
COPY nginx-module-sts-*.zip /usr/local/src/
COPY nginx-module-stream-sts-*.zip /usr/local/src/
RUN cd /usr/local/src && \
unzip nginx-module-vts-*.zip && \
unzip nginx-module-sts-*.zip && \
unzip nginx-module-stream-sts-*.zip
RUN set -eux && sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
RUN apk add perl build-base make pcre-dev zlib-dev openssl-dev && \
cd /usr/local/src/openresty-* && \
/usr/local/src/openresty-*/configure \
--with-http_stub_status_module --with-http_ssl_module \
--with-http_gzip_static_module --add-module=/usr/local/src/nginx-module-vts-0.1.18 \
--add-module=/usr/local/src/nginx-module-sts-0.1.1 --add-module=/usr/local/src/nginx-module-stream-sts-0.1.1 && \
make && make install
FROM alpine:latest
RUN set -eux && sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
RUN apk add perl pcre-dev zlib-dev openssl-dev
COPY --from=openresty-vts-build /usr/local/openresty /usr/local/openresty
RUN chmod +x /usr/local/openresty/nginx/sbin/nginx && \
mkdir /usr/local/openresty/nginx/conf/{vhosts,upstream} && \
ln -sf /dev/stdout /usr/local/openresty/nginx/logs/access.log && \
ln -sf /dev/stderr /usr/local/openresty/nginx/logs/error.log
COPY nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
COPY vhost-default.conf /usr/local/openresty/nginx/conf/vhosts/default.conf
COPY upstream-default.conf /usr/local/openresty/nginx/conf/upstream/upstream-default.conf
USER root
ENV LUA_PATH="/usr/local/openresty/site/lualib/?.ljbc;/usr/local/openresty/site/lualib/?/init.ljbc;/usr/local/openresty/lualib/?.ljbc;/usr/local/openresty/lualib/?/init.ljbc;/usr/local/openresty/site/lualib/?.lua;/usr/local/openresty/site/lualib/?/init.lua;/usr/local/openresty/lualib/?.lua;/usr/local/openresty/lualib/?/init.lua;./?.lua;/usr/local/openresty/luajit/share/luajit-2.1.0-beta3/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?.lua;/usr/local/openresty/luajit/share/lua/5.1/?/init.lua"
ENV LUA_CPATH="/usr/local/openresty/site/lualib/?.so;/usr/local/openresty/lualib/?.so;./?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so;/usr/local/openresty/luajit/lib/lua/5.1/?.so"
WORKDIR /usr/local/openresty/nginx
EXPOSE 80
EXPOSE 8000
ENTRYPOINT ["/usr/local/openresty/nginx/sbin/nginx"]
CMD ["-g","daemon off;"]
# CMD ["/usr/local/openresty/nginx/sbin/nginx", "-g", "daemon off;"]
nginx.conf
user nobody;
worker_processes auto;
# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;
error_log logs/error.log warn;
pid logs/nginx.pid;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format json
'{"@timestamp":"$time_iso8601",'
'"host":"$hostname",'
'"server_ip":"$server_addr",'
'"client_ip":"$remote_addr",'
'"xff":"$http_x_forwarded_for",'
'"domain":"$host",'
'"url":"$uri",'
'"referer":"$http_referer",'
'"args":"$args",'
'"upstreamtime":"$upstream_response_time",'
'"responsetime":"$request_time",'
'"request_method":"$request_method",'
'"status":"$status",'
'"size":"$body_bytes_sent",'
'"request_body":"$request_body",'
'"request_length":"$request_length",'
'"protocol":"$server_protocol",'
'"upstreamhost":"$upstream_addr",'
'"file_dir":"$request_filename",'
'"http_user_agent":"$http_user_agent"'
'}';
access_log logs/access.log json;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
fastcgi_buffer_size 128k;
fastcgi_buffers 8 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
client_header_buffer_size 128k;
client_body_buffer_size 1m;
underscores_in_headers on;
# prometheus metircs: /status/format/prometheus
vhost_traffic_status_zone;
vhost_traffic_status_filter_by_host on;
stream_server_traffic_status_zone;
server {
listen 8000;
server_name localhost;
location /vts_status {
vhost_traffic_status_display;
vhost_traffic_status_display_format html;
}
location /sts_status {
stream_server_traffic_status_display;
stream_server_traffic_status_display_format html;
}
}
include vhosts/*.conf;
}
stream {
server_traffic_status_zone;
log_format proxy '$remote_addr - [$time_local] $status "$upstream_bytes_sent" "$upstream_bytes_received" - "$upstream_addr" "$upstream_connect_time"';
access_log logs/upstream-access.log proxy;
open_log_file_cache off;
include upstream/*.conf;
}
upstream-default.conf
upstream example-server {
hash $remote_addr consistent;
server 172.16.20.11:8880;
server 172.16.20.12:8880;
server 172.16.20.13:8880;
}
server {
listen 8880;
proxy_pass example-server;
access_log logs/example-upstream.log proxy;
}
vhost-default.conf
server {
listen 80;
server_name 172.16.20.61;
location / {
root html;
index index.html index.htm;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
制作镜像
docker build ./ -t openresty-vts:1.21.4.2-alpine
启动镜像
docker-compose编排文件
mkdir -pv /data/docker-compose/openresty-vts
cat > /data/docker-compose/openresty-vts/docker-compose.yml << 'EOF'
version: "3"
services:
openresty-vts:
container_name: openresty-vts
hostname: openresty-vts
image: openresty-vts:1.21.4.2-alpine
network_mode: host
restart: always
volumes:
- /etc/localtime:/etc/localtime
- /data/openresty-vts/nginx/logs:/usr/local/openresty/nginx/logs
deploy:
resources:
limits:
memory: 4G
EOF
这里仅为了测试, 生产使用可以要把nginx.conf, vhosts, upstream通过volume挂载进去
启动
cd /data/docker-compose/openresty-vts/; docker-compose up -d
grafana 监控模板: 9785