docker 打包_分享，项目docker打包

项目团队成员对docker不是很熟悉，所以整理了一下docker打包的过程，方便大家在后面的快速部署打包上能有比较高的效率。

总体流程有以下几个步骤：

准备两台机器：

192.168.0.54(镜像仓库服务器)

192.168.0.55(微服务应用服务器)

1. 支撑环境的安装

• 安装私有镜像仓库(harbor)

在192.168.0.54服务器中安装docker环境和harbor私有镜像仓库，安装过程参考网络文章即可。  同时开通 tcp://192.168.0.54:2375 连接

开通方式(docker 开启2375端口，提供外部访问docker)：

vi /usr/lib/systemd/system/docker.serviceExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock

重启服务

systemctl daemon-reload // 1，加载docker守护线程 systemctl restart docker // 2，重启docker

安装后，浏览器访问如下图：

登录环境，可自行创建

• 安装docker环境及docker-compose服务

在192.168.0.55 安装docker和dokcer-compose，安装过程参考网络文章即可。

2. IDEA配置相环境

• 配置idea环境Docker

• 配置私有镜像仓库docker registry

配置私有镜像仓库

• 通过IDEA 构建打包镜像

配置docker执行文件，选择打包环境，选择已经写好的Dockerfile脚本文件，写好镜像名称，勾选掉运行容器按钮，不让它运行，确认即可。

执行此运行配置，即可打包docker镜像。

• 把已经打好的镜像推送到私有镜像仓库(192.168.0.54)中。

其中：

Registry ：配置的镜像仓库地址 Repository：程仓库地址，如：192.168.0.54/ts-common-lib/ts-basetag：版本标记 如：0.0.1

3. 微服务docker脚本的编写

本次一共需要安装以下几个微服务服务：注册中心、配置中心、网关服务、鉴权服务、业务支撑、BI服务。

需要安装应用服务：nginx

其中redis和数据库为外部提供，因此不需要在容器中安装。

• 安装服务前，安装ts-base基础依赖包，依赖包中包含：centos+jdk环境，这样做的目的统一依赖环境。可以把每个微服务都需要的一些依赖打到这个包中，但要注意的事情，它会影响镜像的容量大小。

#  执行构建程序。FROM       centos:7.5.1804MAINTAINER by bask (jli@tsingsoft.com.cn)#添加jdk安装包ADD ./jdk-8u121-linux-x64.tar.gz /usr/local/# 只有通过ENV 环境变量才会生效，通过写/etc/profile的方式不行。ENV JAVA_HOME /usr/local/jdk1.8.0_121ENV CLASSPATH $JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jarENV PATH $PATH:$JAVA_HOME/bin

如图：

• 注册中心脚本

FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1MAINTAINER by bask (jli@tsingsoft.com.cn)VOLUME /tmpADD ts-eureka-0.0.1.jar eureka.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/eureka.jar"]EXPOSE 1002

• 配置中心

FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1MAINTAINER by bask (jli@tsingsoft.com.cn)VOLUME /tmpADD ts-config-0.0.1.jar config.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/config.jar"]EXPOSE 2002

• 网关服务

FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-gateway-0.0.1.jar gateway.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/gateway.jar"]EXPOSE 3002

• 鉴权服务

FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-auth-0.0.1.jar auth.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/auth.jar"]EXPOSE 4002

• 业务支撑

FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-biz-support-0.0.1-SNAPSHOT.jar support.jarCOPY Apache_OpenOffice_4.1.6_Linux_x86-64_install-rpm_zh-CN.tar.gz Apache_OpenOffice_4.1.6_Linux_x86-64_install-rpm_zh-CN.tar.gz#安装OpenOfficeRUN tar -xvf Apache_OpenOffice*.tar.gz && yum install -y zh-CN/RPMS/*.rpm && yum groupinstall -y "X Window System" && #清除yum缓存yum clean all && #删除压缩包rm -f Apache_OpenOffice_4.1.6_Linux_x86-64_install-rpm_zh-CN.tar.gz&& #删除解压缩的文件rm -Rf zh-CNENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-Duser.timezone=GMT+08","-jar","/support.jar"]EXPOSE 6002

• BI服务

FROM 192.168.0.54/ts-common-lib/ts-base:0.0.1VOLUME /tmpADD ts-bi-0.0.1-SNAPSHOT.jar bi.jarENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/bi.jar"]EXPOSE 5002

4. 一健部署脚本的编写

version: "3"services:  ts-nginx:    image: 192.168.0.54/ts-common-lib/ts-nginx:1.10.1    ports:      - 80:80      - 443:443    privileged: true #修改容器权限，给容器加特权    volumes:      - /data/nginx/html:/usr/local/nginx/html:rw      - /data/nginx/conf/nginx.conf:/usr/local/nginx/conf/nginx.conf      - /data/nginx/logs:/usr/local/nginx/logs:rw      - /data/nginx/cert:/usr/local/nginx/cert:rw    command: /bin/bash -c "exec nginx -g 'daemon off;'"  ts-center:    image: 192.168.0.54/hb-trade-center/ts-center:0.0.2    ports:      - "1002:1002"    hostname: ts-center    restart: always  ts-config:    image: 192.168.0.54/hb-trade-center/ts-config:0.0.1    ports:      - "2002:2002"    hostname: ts-config    environment:      - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka"    restart: always    depends_on:      - ts-center  ts-gateway:    image: 192.168.0.54/hb-trade-center/ts-gateway:0.0.2    ports:      - "3002:3002"    hostname: ts-gateway    restart: always    depends_on:      - ts-center      - ts-config    environment:      - "spring_profiles_active=hb-test"      - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka"  ts-biz-support:    image: 192.168.0.54/hb-trade-center/ts-biz-support:0.0.2    ports:      - "6002:6002"    hostname: ts-biz-support    restart: always    depends_on:      - ts-center      - ts-config    environment:      - "spring_profiles_active=hb-test"      - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka"  ts-auth:    image: 192.168.0.54/hb-trade-center/ts-auth:0.0.1    ports:      - "4002:4002"    hostname: ts-auth    restart: always    depends_on:      - ts-center      - ts-config    environment:      - "spring_profiles_active=hb-test"      - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka"  ts-bi:    image: 192.168.0.54/hb-trade-center/ts-bi:0.0.1    ports:      - "5002:5002"    hostname: ts-bi    restart: always    depends_on:      - ts-center      - ts-config    environment:      - "spring_profiles_active=hb-test"      - "eureka_client_serviceUrl_defaultZone=http://tsingsoft:Tsingsoft2018@192.168.0.55:1002/eureka"

nginx.conf 主配置参考：

user nginx nginx;worker_processes  1;#daemon off;#error_log  logs/error.log;#error_log  logs/error.log  notice;error_log  logs/error.log  info;#pid        logs/nginx.pid;events {    worker_connections  65535;    multi_accept on;}http {    fastcgi_connect_timeout 1200;    fastcgi_send_timeout 1200;    fastcgi_read_timeout 1200;    fastcgi_buffer_size 64k;    fastcgi_buffers 4 64k;    fastcgi_busy_buffers_size 128k;    fastcgi_temp_file_write_size 256k;    client_max_body_size 20M;    #add_header Access-Control-Allow-Origin *;    #add_header Access-Control-Allow-Headers X-Requested-With;    #add_header Access-Control-Allow-Methods GET,POST,OPTIONS;    include       mime.types;    default_type  application/octet-stream;    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '    #                  '$status $body_bytes_sent "$http_referer" '    #                  '"$http_user_agent" "$http_x_forwarded_for"';    #access_log  logs/access.log;    sendfile        on;    #tcp_nopush     on;    #keepalive_timeout  0;    keepalive_timeout  65;    gzip on;    gzip_min_length 1k;    gzip_buffers 4 16k;    #gzip_http_version 1.0;    gzip_comp_level 8;    gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif     image/png;    gzip_vary on;    gzip_disable "MSIE [1-6].";server {        listen   80;        server_name  192.168.0.55;        charset utf-8;        root /usr/local/nginx/html;        #access_log  logs/host.access.log  main;        location /{            index  index.html index.htm;            if ( $request_uri = "/" ) {                rewrite "/" http://192.168.0.55/trade/index break;            }            alias   /usr/local/nginx/html/trade;        }        location /power {            try_files $uri $uri/ /power/index.html;            index  index.html index.htm;            root  /usr/local/nginx/html;            proxy_set_header X-real-ip           $remote_addr;            proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;        }        location /trade {            try_files $uri $uri/ /trade/index.html;            index  index.html index.htm;            root  /usr/local/nginx/html;            proxy_set_header X-real-ip           $remote_addr;            proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;        }        location /trade/login {            try_files $uri $uri/ /trade/index.html;            index  index.html index.htm;            root  /usr/local/nginx/html;            proxy_set_header X-real-ip           $remote_addr;            proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;        }        location /auth {            try_files $uri $uri/ /auth/index.html;            index  index.html index.htm;            root  /usr/local/nginx/html;            proxy_set_header X-real-ip           $remote_addr;            proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;        }        location /api/ {            add_header Access-Control-Allow-Origin *;            add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Accept";            proxy_set_header X-real-ip           $remote_addr;            proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;            # /api            proxy_pass http://192.168.0.55:3002/;            proxy_connect_timeout 300s;            proxy_send_timeout 300s;            proxy_read_timeout 300s;        }        location /file {            alias file;        }        location /ws/ {            # /ws            proxy_pass http://192.168.0.55:3002;            proxy_http_version 1.1;            proxy_set_header X-real-ip           $remote_addr;            proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;            proxy_set_header Upgrade websocket;            proxy_set_header Connection "Upgrade";            proxy_connect_timeout       1200;            proxy_send_timeout          1200;            proxy_read_timeout          1200;            send_timeout                1200;        }        #error_page  404              /404.html;        # redirect server error pages to the static page /50x.html        #    }    # include /etc/nginx/dev-conf/*.conf;}

5. docker的相关命令

1 优化命令1.1 清理命令             docker image prune -a # 清理没有用到的镜像1.2 删除前应该停止所有的容器：     docker stop $(docker ps -a -q)1.3 批量删除tag为""镜像可以采用如下方法(下面两种方式均可以)：docker rmi $(docker images | grep "^" | awk "{print $3}")docker images | grep none | awk '{print $3}' | xargs docker rmi1.4 删除所有停止的容器：docker rm $(docker ps -a -q)1.5 强制删除所有的镜像：docker rmi -f $(docker images -q)2 容器相关docker run -d -p 91:80 nginx ：在后台运行nginx，若没有镜像则先下载，并将容器的80端口映射为宿主机的91端口。-d：后台运行-P：随机端口映射-p：指定端口映射-net：网络模式docker ps：列出运行中的容器docker ps -a ：列出所有的容器docker stop 容器id：停止容器docker kill 容器id：强制停止容器docker start 容器id：启动已停止的容器docker inspect 容器id：查看容器的所有信息docker container logs 容器id：查看容器日志docker top 容器id：查看容器里的进程docker exec -it 容器id /bin/bash：进入容器exit：退出容器docker rm 容器id：删除已停止的容器docker rm -f 容器id：删除正在运行的容器构建镜像确定镜像模板：如java、nginx新建Dockerfile文件使用Dockerfile的指令完善Dockerfile的内容在Dockerfile文件的所在路径执行docker build -t imageName:tag .，-t指定镜像名称，末尾的点标识Dockerfile文件的路径执行docker run -d -p 92:80 imageName:tag即可

6. 如何调试查错。

docker logs 【containerId】 # 查看日志docker exec -it 【containerId】 bin/bash # 进入容器内部

docker生态还有很多内容，等待大家去发现。

作者：程序员，晒太阳