1. Web服务器容器化
1.1 nginx 容器化部署
第一步:准备好一个Web服务器nginx
[root@foundation21 ~]# scp nginx-1.18.0.tar.gz rhel7.tar root@172.25.21.61:docker
第二步:上传本地镜像到仓库
[root@server61 docker]# ll
total 145716
-rw-r--r-- 1 root root 198 May 22 14:16 Dockerfile
-rw-r--r-- 1 root root 15 May 22 13:12 index.html
-rw-r--r-- 1 root root 1039530 May 22 14:21 nginx-1.18.0.tar.gz
-rw-r--r-- 1 root root 1047223 May 22 13:19 nginx-1.19.1.tar.gz
-rw-r--r-- 1 root root 147112448 May 22 14:21 rhel7.tar
[root@server61 docker]# docker load -i rhel7.tar
e1f5733f050b: Loading layer 147.1MB/147.1MB
[root@server61 docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
yakexi007/game2048 latest 19299002fdbe 4 years ago 55.5MB
rhel7 latest 0a3eb3fde7fd 6 years ago 140MB
注意,部署nginx时,需要解决很多依赖性。我们需要为容器准备repo文件
[root@server61 docker]# docker run -it --rm rhel7 bash
bash-4.2# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
bash-4.2# cd /etc/yum.repos.d/
bash-4.2# ls
rhel7.repo
bash-4.2# cat rhel7.repo
cat: rhel7.repo: No such file or directory
bash-4.2#
第三步:复制宿主主机的yum源到测试目录
[root@server61 docker]# cp /etc/yum.repos.d/westos.repo dvd.repo
[root@server61 docker]# ls
Dockerfile dvd.repo index.html nginx-1.18.0.tar.gz rhel7.tar
[root@server61 docker]# cat dvd.repo
[rhel7.6]
name=rhel7.6
baseurl=http://172.25.21.250/westos
gpgcheck=0
第四步:编辑Dockerfile文件
操作:
以rhel7为基础构建镜像;
复制当前目录的dvd.repo文件到容器的/etc/yum.repos.d/;
自动解压nginx到/mnt下;
指定家目录为nginx
运行下述命令,解决依赖性的问题;
运行安装命令;
运行make;
运行make install;
复制当前目录的html文件到nginx的默认发布目录下
暴露出一个端口80,为了测试;
运行nginx
[root@server61 docker]# vim Dockerfile
FROM rhel7
COPY dvd.repo /etc/yum.repos.d/
ADD nginx-1.18.0.tar.gz /mnt/
WORKDIR /mnt/nginx-1.18.0
RUN yum install -y gcc make pcre-devel zlib-devel
RUN ./configure --prefix=/usr/local/nginx
RUN make
RUN make install
COPY index.html /usr/local/nginx/html
EXPOSE 80
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
运行
[root@server61 docker]# docker build -t rhel7:v1 .
再次构建
[root@server61 docker]# vim Dockerfile
FROM rhel7
COPY dvd.repo /etc/yum.repos.d/
ADD nginx-1.18.0.tar.gz /mnt/
WORKDIR /mnt/nginx-1.18.0
RUN rpmdb --rebuilddb && yum install -y gcc make pcre-devel zlib-devel
RUN ./configure --prefix=/usr/local/nginx
RUN make
RUN make install
COPY index.html /usr/local/nginx/html
EXPOSE 80
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
运行
[root@server61 docker]# docker build -t rhel7:v1 .
[root@server61 docker]# docker images rhel7
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v1 5ac82a252980 53 seconds ago 296MB
rhel7 latest 0a3eb3fde7fd 6 years ago 140MB
[root@server61 docker]# docker run -d --name nginx rhel7:v1
957f5d13395f2966121cad1107ceb9d4fec278e39a5943a1fecfc375e71832fd
[root@server61 docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
957f5d13395f rhel7:v1 "/usr/local/nginx/sb…" 5 seconds ago Up 4 seconds 80/tcp nginx
[root@server61 docker]# docker inspect nginx | grep 172
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.2",
[root@server61 docker]# curl 172.17.0.2
www.westos.org
2. 优化nginx容器
2.1 减少镜像存储
第一步:部署nginx时,关闭debug
添加了sed,关闭debug
清理yum缓存
(使用的是Cache)
[root@server61 docker]# vim Dockerfile
FROM rhel7
COPY dvd.repo /etc/yum.repos.d/
ADD nginx-1.18.0.tar.gz /mnt/
WORKDIR /mnt/nginx-1.18.0
RUN rpmdb --rebuilddb && yum install -y gcc make pcre-devel zlib-devel
RUN sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx && make && make install && rm -fr /mnt/nginx-1.18.0 && yum clean all
COPY index.html /usr/local/nginx/html
EXPOSE 80
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
第二步:构建
[root@server61 docker]# docker build -t rhel7:v2 .
创建的v2比v1少了14M
[root@server61 docker]# docker images rhel7
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v2 dc4e586c9ef1 19 seconds ago 282MB
rhel7 v1 5ac82a252980 42 minutes ago 296MB
rhel7 latest 0a3eb3fde7fd 6 years ago 140MB
2.2 多阶段构建(多层结合)
第一步:编辑Dockerfile文件
此次部署,分成2个阶段完成
FROM rhel7 as build
COPY dvd.repo /etc/yum.repos.d/
ADD nginx-1.18.0.tar.gz /mnt/
WORKDIR /mnt/nginx-1.18.0
RUN rpmdb --rebuilddb && yum install -y gcc make pcre-devel zlib-devel
RUN sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx && make && make install && rm -fr /mnt/nginx-1.18.0 && yum clean all
FROM rhel7
COPY --from=build /usr/local/nginx /usr/local/nginx
COPY index.html /usr/local/nginx/html
EXPOSE 80
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
第二步:构建
[root@server61 docker]# docker build -t rhel7:v3 .
[root@server61 docker]# docker images rhel7
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v3 f030ed6b3177 21 seconds ago 141MB
rhel7 v2 dc4e586c9ef1 4 minutes ago 282MB
rhel7 v1 5ac82a252980 46 minutes ago 296MB
rhel7 latest 0a3eb3fde7fd 6 years ago 140MB
第三步:运行
[root@server61 docker]# docker run -d --name demo rhel7:v3
0a01f2a661e77d4c7c19f2dc0d4410f021fdfeaf1cbe8afc150134fb5b626015
[root@server61 docker]# curl 172.17.0.2
www.westos.org
2.3 精简底层镜像
第一步:准备一个镜像
[root@foundation21 ~]# scp base-debian10.tar root@172.25.21.61:docker
第二步:上传到仓库
[root@server61 docker]# docker load -i base-debian10.tar
de1602ca36c9: Loading layer 3.041MB/3.041MB
1d3b68b6972f: Loading layer 17.77MB/17.77MB
Loaded image: gcr.io/distroless/base-debian10:latest
第三步:查看容器的程序系统函数库
[root@server61 docker]# docker run -it --rm rhel7:v3 bash
bash-4.2# cd /usr/local/nginx/
bash-4.2# ls
conf html logs sbin
bash-4.2# du -sh
876K .
bash-4.2# ls
conf html logs sbin
bash-4.2# cd sbin/
bash-4.2# ls
nginx
bash-4.2# ldd /usr/local/nginx/sbin/nginx
linux-vdso.so.1 => (0x00007ffcf3180000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f96f8ff1000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f96f8dd5000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f96f8b9e000)
libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f96f893d000)
libz.so.1 => /lib64/libz.so.1 (0x00007f96f8727000)
libc.so.6 => /lib64/libc.so.6 (0x00007f96f8366000)
/lib64/ld-linux-x86-64.so.2 (0x00007f96f91f5000)
libfreebl3.so => /lib64/libfreebl3.so (0x00007f96f80e7000)
第四步:编辑Dockerfile
[root@server61 docker]# mkdir new
[root@server61 docker]# cd new/
[root@server61 new]# vim Dockerfile
FROM nginx as base
# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
ARG TIME_ZONE
RUN mkdir -p /opt/var/cache/nginx && \
cp -a --parents /usr/lib/nginx /opt && \
cp -a --parents /usr/share/nginx /opt && \
cp -a --parents /var/log/nginx /opt && \
cp -aL --parents /var/run /opt && \
cp -a --parents /etc/nginx /opt && \
cp -a --parents /etc/passwd /opt && \
cp -a --parents /etc/group /opt && \
cp -a --parents /usr/sbin/nginx /opt && \
cp -a --parents /usr/sbin/nginx-debug /opt && \
cp -a --parents /lib/x86_64-linux-gnu/ld-* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libpcre.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libz.so.* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libc* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libdl* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libpthread* /opt && \
cp -a --parents /lib/x86_64-linux-gnu/libcrypt* /opt && \
cp -a --parents /usr/lib/x86_64-linux-gnu/libssl.so.* /opt && \
cp -a --parents /usr/lib/x86_64-linux-gnu/libcrypto.so.* /opt && \
cp /usr/share/zoneinfo/${TIME_ZONE:-ROC} /opt/etc/localtime
FROM gcr.io/distroless/base-debian10
COPY --from=base /opt /
VOLUME ["/usr/share/nginx/html"]
EXPOSE 80 443
ENTRYPOINT ["nginx", "-g", "daemon off;"]
[root@server61 new]# \vi Dockerfile
第五步:构建
[root@server61 new]# docker build -t rhel7:v4 .
[root@server61 new]# docker images nginx
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f0b8a9a54136 9 days ago 133MB
[root@server61 new]# docker images rhel7
REPOSITORY TAG IMAGE ID CREATED SIZE
rhel7 v4 3ad414462f47 31 seconds ago 31.9MB
rhel7 v3 f030ed6b3177 18 minutes ago 141MB
rhel7 v2 dc4e586c9ef1 22 minutes ago 282MB
rhel7 v1 5ac82a252980 About an hour ago 296MB
rhel7 latest 0a3eb3fde7fd 6 years ago 140MB
[root@server61 new]# docker images gcr.io/distroless/base-debian10
REPOSITORY TAG IMAGE ID CREATED SIZE
gcr.io/distroless/base-debian10 latest d48fcdd54946 51 years ago 19.2MB
第六步:运行
[root@server61 new]# docker rm -f demo
demo
[root@server61 new]# docker run -d --name demo rhel7:v4
b10e932d786d618353ee12c5d5badb730edf7f6b101bc8f3aecba68a1597291e
测试:
[root@server61 new]# curl 172.17.0.2
www.westos.org
第七步:手动挂接数据卷
删除容器之后,挂接点的数据依旧保存在宿主主机上
再次run镜像,会自动挂接,生效
[root@server61 new]# vim Dockerfile
VOLUME ["/usr/share/nginx/html"]
(和之前的Dockerfile一样,没有修改)
构建
[root@server61 new]# docker build -t rhel7:v5 .
运行,并手动挂接数据卷
[root@server61 new]# docker run -d --name demo -v /data:/usr/share/nginx/html rhel7:v5
2ff742aa059d45ae89f45ef12ead6a37a2328af5f05ac01b24774b0584255e05
验证
[root@server61 data]# docker inspect demo
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "c8f5cc7af3d0229372226ed87f643f0a2479871b0b18a5236108129be7b09da9",
"EndpointID": "6ca2383d7f4c70797b70e1828cdceb5f8b39c7808537c6905e12c21b3e5d9088",
"Gateway": "172.17.0.1",
"IPAddress": "172.17.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
[root@server61 data]# curl 172.17.0.3
www.westos.org
www.westos.org
www.westos.org
如果宿主主机对html文件进行编辑,容器也能立马接收到
[root@server61 data]# echo www.westos.org >> index.html
[root@server61 data]# echo www.westos.org >> index.html
[root@server61 data]# cat index.html
www.westos.org
www.westos.org
www.westos.org
www.westos.org
www.westos.org
[root@server61 data]# curl 172.17.0.3
www.westos.org
www.westos.org
www.westos.org
www.westos.org
www.westos.org
【注意容器的IP】
【以上是镜像优化】