![c088cbc5cc4932ffbd807d71969b2128.png](https://i-blog.csdnimg.cn/blog_migrate/27ec49544d6b0e0470e9050fff74860d.jpeg)
项目团队成员对docker不是很熟悉,所以整理了一下docker打包的过程,方便大家在后面的快速部署打包上能有比较高的效率。
总体流程有以下几个步骤:
准备两台机器:
192.168.0.54(镜像仓库服务器)
192.168.0.55(微服务应用服务器)
- 支撑环境的安装
- 安装私有镜像仓库(harbor)
在192.168.0.54服务器中安装docker环境和harbor私有镜像仓库,安装过程参考网络文章即可。 同时开通 tcp://192.168.0.54:2375 连接
开通方式(docker 开启2375端口,提供外部访问docker):
vi /usr/lib/systemd/system/docker.serviceExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock
重启服务
systemctl daemon-reload // 1,加载docker守护线程 systemctl restart docker // 2,重启docker
安装后,浏览器访问如下图:
![6eda5904966f3a0d6fb91388c5c638eb.png](https://i-blog.csdnimg.cn/blog_migrate/769c887ec56179f57e0b26d2efe39052.jpeg)
登录环境,可自行创建
![7d7840550d6509b7ba4691d4e1ef15b1.png](https://i-blog.csdnimg.cn/blog_migrate/67caf2d72c194e829d20518b91ac4639.jpeg)
![89bcbf0ebe4de892e0f9845f8ab6ebd5.png](https://i-blog.csdnimg.cn/blog_migrate/fd4830a4924a1245a541116200e6897c.jpeg)
- 安装docker环境及docker-compose服务
在192.168.0.55 安装docker和dokcer-compose,安装过程参考网络文章即可。
- IDEA配置相环境
- 配置idea环境Docker
![4c989e682d39c200d5b05e97fa9742d4.png](https://i-blog.csdnimg.cn/blog_migrate/9bb5d6be8ce23ade559f0e839b5fd0fb.jpeg)
- 配置私有镜像仓库docker registry
![443f4f0dc74980f1fd4862510076736f.png](https://i-blog.csdnimg.cn/blog_migrate/b74ecc67bcf5fe48db4c21d2117bbd40.jpeg)
配置私有镜像仓库
- 通过IDEA 构建打包镜像
![4ef48b1067f69580836b9ca7987f1b19.png](https://i-blog.csdnimg.cn/blog_migrate/6a64fbf3a9c1cf8e1dbbe5645c77de36.jpeg)
配置docker执行文件,选择打包环境,选择已经写好的Dockerfile脚本文件,写好镜像名称,勾选掉运行容器按钮,不让它运行,确认即可。
执行此运行配置,即可打包docker镜像。
- 把已经打好的镜像推送到私有镜像仓库(192.168.0.54)中。
![cdf167c11b45c8617364df8ca3f7c82e.png](https://i-blog.csdnimg.cn/blog_migrate/dcb3ef33dc9c15edbbbb6e5a06dd881c.jpeg)
![19554ba2f7d42f2847fe228f600d02a2.png](https://i-blog.csdnimg.cn/blog_migrate/1be2c022d9c497cf278e97756c4580b2.jpeg)
其中:
Registry :配置的镜像仓库地址 Repository:程仓库地址,如:192.168.0.54/ts-common-lib/ts-basetag:版本标记 如:0.0.1
- 微服务docker脚本的编写
本次一共需要安装以下几个微服务服务:注册中心、配置中心、网关服务、鉴权服务、业务支撑、BI服务。
需要安装应用服务:nginx
其中redis和数据库为外部提供,因此不需要在容器中安装。
- 安装服务前,安装ts-base基础依赖包,依赖包中包含:centos+jdk环境,这样做的目的统一依赖环境。可以把每个微服务都需要的一些依赖打到这个包中,但要注意的事情,它会影响镜像的容量大小。
# 执行构建程序。FROM centos:7.5.1804MAINTAINER by bask (jli@tsingsoft.com.cn)#添加jdk安装包ADD ./jdk-8u121-linux-x64.tar.gz /usr/local/# 只有通过ENV 环境变量才会生效,通过写/etc/profile的方式不行。ENV JAVA_HOME /usr/local/jdk1.8.0_121ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jarENV PATH $PATH:$JAVA_HOME/bin
如图:
![197fcb73dd8d66bb9e7d085f7a41ce23.png](https://i-blog.csdnimg.cn/blog_migrate/caa4216e56527717d16e11e6f9eab103.jpeg)
- 注册中心脚本
FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1MAINTAINER by bask (jli@tsingsoft.com.cn)VOLUME /tmpADD ts-eureka-0.0.1.jar eureka.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/eureka.jar"]EXPOSE 1002
- 配置中心
FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1MAINTAINER by bask (jli@tsingsoft.com.cn)VOLUME /tmpADD ts-config-0.0.1.jar config.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/config.jar"]EXPOSE 2002
- 网关服务
FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-gateway-0.0.1.jar gateway.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/gateway.jar"]EXPOSE 3002
- 鉴权服务
FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-auth-0.0.1.jar auth.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/auth.jar"]EXPOSE 4002
- 业务支撑
FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-biz-support-0.0.1-SNAPSHOT.jar support.jarCOPY Apache_OpenOffice_4.1.6_Linux_x86-64_install-rpm_zh-CN.tar.gz Apache_OpenOffice_4.1.6_Linux_x86-64_install-rpm_zh-CN.tar.gz#安装OpenOfficeRUN tar -xvf Apache_OpenOffice*.tar.gz && yum install -y zh-CN/RPMS/*.rpm && yum groupinstall -y "X Window System" && #清除yum缓存yum clean all && #删除压缩包rm -f Apache_OpenOffice_4.1.6_Linux_x86-64_install-rpm_zh-CN.tar.gz&& #删除解压缩的文件rm -Rf zh-CNENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/support.jar"]EXPOSE 6002
- BI服务
FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-bi-0.0.1-SNAPSHOT.jar bi.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/bi.jar"]EXPOSE 5002
- 一健部署脚本的编写
version: "3"services: ts-nginx: image: 192.168.0.54/ts-common-lib/ts-nginx:1.10.1 ports: - 80:80 - 443:443 privileged: true #修改容器权限,给容器加特权 volumes: - /data/nginx/html:/usr/local/nginx/html:rw - /data/nginx/conf/nginx.conf:/usr/local/nginx/conf/nginx.conf - /data/nginx/logs:/usr/local/nginx/logs:rw - /data/nginx/cert:/usr/local/nginx/cert:rw command: /bin/bash -c "exec nginx -g 'daemon off;'" ts-center: image: 192.168.0.54/hb-trade-center/ts-center:0.0.2 ports: - "1002:1002" hostname: ts-center restart: always ts-config: image: 192.168.0.54/hb-trade-center/ts-config:0.0.1 ports: - "2002:2002" hostname: ts-config environment: - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka" restart: always depends_on: - ts-center ts-gateway: image: 192.168.0.54/hb-trade-center/ts-gateway:0.0.2 ports: - "3002:3002" hostname: ts-gateway restart: always depends_on: - ts-center - ts-config environment: - "spring_profiles_active=hb-test" - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka" ts-biz-support: image: 192.168.0.54/hb-trade-center/ts-biz-support:0.0.2 ports: - "6002:6002" hostname: ts-biz-support restart: always depends_on: - ts-center - ts-config environment: - "spring_profiles_active=hb-test" - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka" ts-auth: image: 192.168.0.54/hb-trade-center/ts-auth:0.0.1 ports: - "4002:4002" hostname: ts-auth restart: always depends_on: - ts-center - ts-config environment: - "spring_profiles_active=hb-test" - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka" ts-bi: image: 192.168.0.54/hb-trade-center/ts-bi:0.0.1 ports: - "5002:5002" hostname: ts-bi restart: always depends_on: - ts-center - ts-config environment: - "spring_profiles_active=hb-test" - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka"
nginx.conf 主配置参考:
user nginx nginx;worker_processes 1;#daemon off;#error_log logs/error.log;#error_log logs/error.log notice;error_log logs/error.log info;#pid logs/nginx.pid;events { worker_connections 65535; multi_accept on;}http { fastcgi_connect_timeout 1200; fastcgi_send_timeout 1200; fastcgi_read_timeout 1200; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 256k; client_max_body_size 20M; #add_header Access-Control-Allow-Origin *; #add_header Access-Control-Allow-Headers X-Requested-With; #add_header Access-Control-Allow-Methods GET,POST,OPTIONS; include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; #gzip_http_version 1.0; gzip_comp_level 8; gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png; gzip_vary on; gzip_disable "MSIE [1-6].";server { listen 80; server_name 192.168.0.55; charset utf-8; root /usr/local/nginx/html; #access_log logs/host.access.log main; location /{ index index.html index.htm; if ( $request_uri = "/" ) { rewrite "/" http://192.168.0.55/trade/index break; } alias /usr/local/nginx/html/trade; } location /power { try_files $uri $uri/ /power/index.html; index index.html index.htm; root /usr/local/nginx/html; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for; } location /trade { try_files $uri $uri/ /trade/index.html; index index.html index.htm; root /usr/local/nginx/html; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for; } location /trade/login { try_files $uri $uri/ /trade/index.html; index index.html index.htm; root /usr/local/nginx/html; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for; } location /auth { try_files $uri $uri/ /auth/index.html; index index.html index.htm; root /usr/local/nginx/html; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for; } location /api/ { add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Accept"; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for; # /api proxy_pass http://192.168.0.55:3002/; proxy_connect_timeout 300s; proxy_send_timeout 300s; proxy_read_timeout 300s; } location /file { alias file; } location /ws/ { # /ws proxy_pass http://192.168.0.55:3002; proxy_http_version 1.1; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Upgrade websocket; proxy_set_header Connection "Upgrade"; proxy_connect_timeout 1200; proxy_send_timeout 1200; proxy_read_timeout 1200; send_timeout 1200; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # } # include /etc/nginx/dev-conf/*.conf;}
- docker的相关命令
1 优化命令1.1 清理命令 docker image prune -a # 清理没有用到的镜像1.2 删除前应该停止所有的容器: docker stop $(docker ps -a -q)1.3 批量删除tag为""镜像可以采用如下方法(下面两种方式均可以):docker rmi $(docker images | grep "^" | awk "{print $3}")docker images | grep none | awk '{print $3}' | xargs docker rmi1.4 删除所有停止的容器:docker rm $(docker ps -a -q)1.5 强制删除所有的镜像:docker rmi -f $(docker images -q)2 容器相关docker run -d -p 91:80 nginx :在后台运行nginx,若没有镜像则先下载,并将容器的80端口映射为宿主机的91端口。-d:后台运行-P:随机端口映射-p:指定端口映射-net:网络模式docker ps:列出运行中的容器docker ps -a :列出所有的容器docker stop 容器id:停止容器docker kill 容器id:强制停止容器docker start 容器id:启动已停止的容器docker inspect 容器id:查看容器的所有信息docker container logs 容器id:查看容器日志docker top 容器id:查看容器里的进程docker exec -it 容器id /bin/bash:进入容器exit:退出容器docker rm 容器id:删除已停止的容器docker rm -f 容器id:删除正在运行的容器构建镜像确定镜像模板:如java、nginx新建Dockerfile文件使用Dockerfile的指令完善Dockerfile的内容在Dockerfile文件的所在路径执行docker build -t imageName:tag .,-t指定镜像名称,末尾的点标识Dockerfile文件的路径执行docker run -d -p 92:80 imageName:tag即可
- 如何调试查错。
docker logs 【containerId】 # 查看日志docker exec -it 【containerId】 bin/bash # 进入容器内部
docker生态还有很多内容,等待大家去发现。
作者:程序员,晒太阳