1. ==编写Dockerfile注意项==#
- 容器启动的时候,root账号是不会读取/etc/profile的,如果是root登录会找不到java变量
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib
ENV PATH $PATH:$JAVA_HOME/bin- 容器的时区,和宿主机可能不一样
RUN rm -rf /etc/localtime && ln -snf /usr/share/zoneinfo/Aisa/Shanghai /etc/localtime - 目录结构按照业务类型或系统类型等方式划分,方便后期镜像比较多的时候进行分类
mkdir -pv /opt/dockerfile/{web/{nginx,tomcat,jdk,apache},system/{centos,ubuntu,redhat,alpine}}- 写Dockerfile的时候可以写一个脚本,来执行docker build -t
vim build-command.sh
#!/bin/bash
TAG=$1
7.8.2003
docker build -t harbor.123asd.com/docker/centos:${TAG} .
bash build-command.sh 2024-01-01_10-10-45- 注意权限,编译使用默认是root用户
- -p 容器里面的用户是nginx 宿主机的端口最好大于1024,(有些容器不允许使用1024)
- RUN useradd nginx
USER nginx
进去以后是$ 进去以后不是# - WORKDIR 工作目录(可以使用相对路径)
- ENTRYPOINT ["/apps/tomcat/bin/run_tomcat.sh"] ENTRYPOINT [“nginx”,"-g",“daemon off;”] 和CMD混用 ENTRYPOINT [“nginx”] CMD ["-g",“daemon off;”]
- ENTRYPOINT [“docker-entrypoint.sh”] + [“mysqld”] docker-entrypoint.sh mysqld 混合使用的时候会将CMD的命令当做参数传递给ENTRYPOINT后面的脚本可以在脚本中对参数做判断并响应容器的初始化操作
- ENTRYPOINT [“top”,"-b"] CMD ["-c"] 等价于 ENTRYPOINT [“top”,"-b","-c"]
2. Dockerfile基本语法#
dockerfile制作镜像的最标准的方法 可以在vscode里面写,安装插件docker插件 名字一般都为 Dockerfile (不然构建的时候找不到文件,可以加参数-f 文件名 来进行构建)
- 编写vim Dockerfile
- 构建docker build .
- docker build -f dockerfile.txt .
- docker in
- ==FROM== 在整个dockerfile文件中,除了注释之外的第一行,要是FROM,用于指定父镜像
- ==ADD== 用于添加宿主机本地的文件、目录、压缩等资源到镜像里面去,会自动解压tar.gz格式的压缩包(其他格式的压缩包不会解压zip,镜像里面没有unzip)
- ==COPY== 用于添加宿主机本地的文件、目录、压缩等资源到镜像里面去,不会解压任何资源包
- ==LABEL== 设置镜像属性标签 ,(作者信息邮箱)
- ==ENV== 设置容器环境变量
- ==USER== 指定运行操作的用户(不声明就是root用户)
- ==RUN== 执行shell命令(记得加-y)
- ==VOLUME== 定义volume(一般-v会自动创建)
- ==WORKDIR== 用于定义工作目录(也可以&& cd)
- ==EXPOSE== 声明要映射的端口 ,
- ==CMD== 镜像启动为容器时候的默认命令或者脚本
- ==ENTRYPOINT== 如果有CMD CMD的值会作为参数传递给ENTRYPOINT
在一个容器里面,要有一个能在容器tty的前端执行的进程,来维持容器的运行
命令
- tail -f /var/log/nginx_access.log 日志会变化,但是一般不看,会占io 一般不这么做作
- tail -f /etc/hosts 一般建议看不经常变化的文件
- pid为1 容器运行的第一个命令
或者运行服务
- CMD [“nginx”,"-g",“daemon off;”]
- Java
- mysql
脚本 ADD run_nginx.sh /usr/local/nginx/sbin/run_nginx.sh RUN chmod a+x /usr/local/nginx/sbin/run_nginx.sh CMD ["/usr/local/nginx/sbin/run_nginx.sh"] vim Dockerfile docker build -t rockylinux:9.3 -f dockerfile.txt .
-t 是制作出来镜像的名字
#指定文件构建镜像
docker bulid -f 文件名
1. 常用选项说明
--build-arg,设置构建时的变量
--no-cache,默认false。设置该选项,将不使用Build Cache构建镜像
--pull,默认false。设置该选项,总是尝试pull镜像的最新版本
--compress,默认false。设置该选项,将使用gzip压缩构建的上下文
--disable-content-trust,默认true。设置该选项,将对镜像进行验证
--file, -f,Dockerfile的完整路径,默认值为‘PATH/Dockerfile’
--isolation,默认--isolation="default",即Linux命名空间;其他还有process或hyperv
--label,为生成的镜像设置metadata
--squash,默认false。设置该选项,将新构建出的多个层压缩为一个新层,但是将无法在多个镜像之间共享新层;设置该选项,实际上是创建了新image,同时保留原有image。
--tag, -t,镜像的名字及tag,通常name:tag或者name格式;可以在一次构建中为一个镜像设置多个tag
--network,默认default。设置该选项,Set the networking mode for the RUN instructions during build
--quiet, -q ,默认false。设置该选项,Suppress the build output and print image ID on success
--force-rm,默认false。设置该选项,总是删除掉中间环节的容器
--rm,默认--rm=true,即整个构建过程成功后删除中间环节的容器#一般写在第一行,使用的父镜像
FROM rockylinux:9.3
#标签,可以自定义信息,,MAINTAINER #作者是谁,已经弃用
LABEL MAINTAINER="xifds 1234449@163.com" build-time='2024-7-19' project='nginx'
#构建镜像时运行的命令(不能交互 记得加y)
###RUN yum install -y epel-release
RUN yum install -y nginx
#COPY source dest (源 目标)
COPY ./nginx.repo /etc/yum.repos.d/
#拷贝文件到镜像里面,但是支持网络资源url,如果拷贝tar包可以自动将tar包资源拷贝进去,但是不能同时去用
ADD source dest
#工作目录
WORKDIR
#设置环境变量
ENV key value
#可以映射的端口
EXPOSE 9 443
#声明一个数据目录或者是配置目录(容器的目录)
VOLUME ["/usr/share/nginx/html"]
#docker run 时执行的第一条命令,会在原有的命令后面增加命令
ENTRYPOINT ["executable"]
#docker run 时执行的第一条命令,会覆盖原有的启动命令
CMD ["nginx","-g","daemon off;"]3. Dockerfile生产#
1.基于alpine基础镜像制作自定义镜像#
- 换源
- 装包
mkdir -p /opt/dockerfile/system/alpine
cd /opt/dockerfile/system/alpine
vim build-command.sh
#!/bin.bash
docker build -t harbor.123asd.com/docker/apline-nginx:v1.28.0 .
#判断
docker push harbor.123asd.com/docker/apline-nginx:v1.28.0docker pull alpine:v3.22
docker run -it --rm alpine:3.22 sh
sed -i 's#https\?://dl-cdn.alpinelinux.org/alpine#https://mirrors.tuna.tsinghua.edu.cn/alpine#g' /etc/apk/repositories
docker cp 4df758ed62a3:/etc/apk/repositories /opt/dockerfile/system/alpine/https://mirrors.tuna.tsinghua.edu.cn/alpine/v3.22/ 一般都在这两目录 community->x86_64 main->x86_64
wget https://nginx.org/download/nginx-1.28.0.tar.gz
docker run -it --rm alpine:3.22 sh
docker cp id:/apps/nginx/conf/nginx.conf .
vim nginx.conf
user nginx;
daemon off;
location / {
root /apps/nginx/html;
}
mkdir static
cd static/
vim static/index.html
ceshi alpine-text:v1
tar cvzf ../static.tar.gz index.html vim Dockerfile
FROM alpine:3.22
LABEL maintainer="123456@qq.com"
RUN sed -i 's#https\?://dl-cdn.alpinelinux.org/alpine#https://mirrors.tuna.tsinghua.edu.cn/alpine#g' /etc/apk/repositories
#安装编译环境
RUN apk update && apk add iotop gcc libgcc libc-dev libcurl libc-utils pcre-dev zlib-dev libnfs make pcre pcre2 zip unzip net-tools pstree wget libevent libevent-dev iproute2 openssl openssl-dev vim
ADD nginx-1.28.0.tar.gz /opt
RUN cd /opt/nginx-1.28.0 && ./configure --prefix=/apps/nginx && make && make install && ln -sv /apps/nginx/sbin/nginx /usr/bin/ &&rm -rf /opt/nginx-1.28.0
RUN addgroup -g 2021 -S nginx && adduser -G nginx -s /sbin/nologin -S -D -u 2021 nginx
COPY nginx.conf /apps/nginx/conf/nginx.conf
ADD static.tar.gz /data/nginx/html
RUN chown -R nginx:nginx /data/nginx /apps/nginx/
EXPOSE 80 443
CMD ["nginx"]测试
docker run -itd --rm -p 80:80 harbor.123asd.com/docker/alpine-nginx:v1.28.0
http://192.168.1.30/2.基于Ubuntu基础镜像制作自定义镜像#
mkdir -p /opt/dockerfile/system/ubuntu/ubuntu:22.04
cd /opt/dockerfile/system/ubuntu/ubuntu:22.04
vim build-command.sh
#!/bin.bash
docker build -t harbor.123asd.com/docker/ubuntu-nginx:v1.28.0 .
判断
docker push harbor.123asd.com/docker/ubuntu#-nginx:v1.28.0
docker pull ubuntu:22.04
cp /opt/dockerfile/system/alpine/nginx-1.28.0.tar.gz .
cp /opt/dockerfile/system/alpine/static.tar.gz .
cp /opt/dockerfile/system/alpine//nginx.conf .
docker run -it --rm -p 8801:80 ubuntu:22.04 bash
cat > /etc/apt/sources.list << EOF
deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy main restricted universe multiverse
deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse
deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse
EOF
apt update
apt install -y ca-certificates
docker cp 5375e20cdbfb:/etc/apt/sources.list .
mv sources.list sources.list.http
cat > /etc/apt/sources.list << EOF
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse
deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse
EOF
apt update
docker cp 5375e20cdbfb:/etc/apt/sources.list .
mv sources.list sources.list.httpsvim Dockerfile
FROM ubuntu:22.04
LABEL maintainer="123456@qq.com"
ADD sources.list.http /etc/apt/sources.list
RUN apt update && apt install -y ca-certificates
ADD sources.list.https /etc/apt/sources.list
#安装编译环境
RUN apt update && apt install -y iproute2 ntpdate tcpdump telnet traceroute nfs-kernel-server nfs-common lrzsz tree openssl libssl-dev libpcre3 libpcre3-dev zlib1g-dev ntpdate tcpdump telnet traceroute gcc openssh-server iotop unzip zip make && touch /tmp/linux.txt
ADD nginx-1.28.0.tar.gz /usr/local/src
RUN cd /usr/local/src/nginx-1.28.0 && ./configure --prefix=/apps/nginx && make && make install && ln -sv /apps/nginx/sbin/nginx /usr/bin/ &&rm -rf /usr/local/src/nginx-1.28.0
RUN groupadd -g 2021 nginx && useradd -g nginx -s /usr/sbin/nologin -u 2021 nginx
ADD nginx.conf /apps/nginx/conf/nginx.conf
ADD static.tar.gz /data/nginx/html
RUN chown -R nginx.nginx /data/nginx /apps/nginx/
EXPOSE 80 443
CMD ["nginx"]测试
docker rmi -f `docker images |grep none |awk '{print $3}'`
docker run -it --rm -p 80:80 harbor.123asd.com/docker/ubuntu-nginx:v1.28.0 bash
docker run -itd -p 80:80 harbor.123asd.com/docker/ubuntu-nginx:v1.28.0 3. 制作nginx镜像#
- 注意权限
- 编译使用默认是root用户
- -p 容器里面的用户是nginx 宿主机的端口最好大于1024(没测出来,有时候87不可以)
vim build-command.sh #!/bin/bash TAG=$1 7.8.2003 docker build -t harbor.123asd.com/docker/centos:${TAG} .
bash build-command.sh 2024-01-01_10-10-45
编写Dockerfile:
- 生成镜像的时候会在执行命令的当前目录查找Dockerfile文件,所以名称不能写错,而且D必须大写
- 二进制nginx包 wget https://nginx.org/download/nginx-1.28.0.tar.gz
vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true图
nginx需要修改的配置
docker cp ddf344ac3b95:/apps/nginx/conf/nginx.conf .
修改下面的配置
vim nginx.conf
user nginx;
worker_processes auto;
#daemon off;
server{
location / {
root /apps/nginx/html;
}
}vim build-command.sh
#!/bin/bash
TAG=1.28.0
docker build -t harbor.123asd.com/docker/nginx-web:${TAG} .编写all-in-one Dockerfile
vim ./Dockerfile
#除了注释之外的第一行,必须是From xxx(xxx是基础镜像)
#base image for docker111
From centos:7.8.2003
#镜像维护者信息
LABEL maintainer="123456@qq.com"
RUN \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo && \
curl -o /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo && \
yum clean all &&\
rm -rf /var/cache/yum
RUN yum install -y \
vim wget tree lrzsz \
gcc gcc-c++ autoconf automake \
pcre pcre-devel \
zlib zlib-devel \
openssl openssl-devel \
iproute net-tools iotop
ADD nginx-1.28.0.tar.gz /usr/local/src/
#ADD https://nginx.org/download/nginx-1.28.0.tar.gz /usr/local/src/
#RUN tar -xf /usr/local/src/nginx-1.28.0.tar.gz -C /usr/local/src/
#打开监控模块并编译,正常nginx的参数都应该加上,这里演示
RUN cd /usr/local/src/nginx-1.28.0 && ./configure --prefix=/apps/nginx --with-http_sub_module --with-http_ssl_module && make &&make install
#先创建nginx用户再编译安装,但编译过程会生成root属主文件
RUN useradd nginx -s /sbin/nologin
RUN chown -R nginx:nginx /apps/nginx \
&& chmod -R 755 /apps/nginx \
&& touch /apps/nginx/logs/access.log \
&& touch /apps/nginx/logs/error.log \
&& chown nginx:nginx /apps/nginx/logs/*.log
#ADD有重新命明的作用,容器里面没有目录他会自己创建
ADD nginx.conf /apps/nginx/conf/nginx.conf
# ADD code.tar.gz /usr/local/nginx/html
RUN ln -sv /apps/nginx/sbin/nginx /usr/sbin/nginx
RUN echo "test nginx page" > /apps/nginx/html/index.html
#向外开放的端口,多个端口用空格做间隔,启动容器的时候-p需要使用此端向外映射,如 -p 8081:80,则80就是这里的80
EXPOSE 80 443
#运行命令,每个Dockerfile只能有一条,如果有多条则只有最后一条被执行
CMD ["nginx","-g","daemon off;"]
#其他方法,写脚本,把配置写进nginx的配置文件
#脚本名字一般叫run_nginx.sh
#ADD run_nginx.sh /usr/local/nginx/sbin/run_nginx.sh
#RUN chmod a+x /usr/local/nginx/sbin/run_nginx.sh
#CMD ["/usr/local/nginx/sbin/run_nginx.sh"]
#脚本的好处可以进行一些简单操作docker build -t harbor.123asd.com/docker/nginx-web:1.28.0 .
docker run -itd --rm -p 87:80 harbor.123asd.com/docker/nginx-web:1.28.0
curl 192.168.1.30:874.分层构建tomcat镜像#
基础镜像->jdk镜像->Tomcat镜像-业务镜像
1. 制作centos7.8:base#
mkdir -p /opt/dockerfile/system/centos/centos:7.8.2003
cd /opt/dockerfile/system/centos/centos:7.8.2003写base镜像构建脚本
cat > build-command.sh << 'EOF'
#!/bin/bash
#TAG=\$1
TAG=7.8.2003
docker build -t harbor.123asd.com/docker/centos-base:${TAG} .
EOF打base镜像
vim DockerfileFROM centos:7.8.2003
LABEL maintainer="name 123456@163.com"
RUN \
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo && \
curl -o /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo && \
yum clean all &&\
rm -rf /var/cache/yum
RUN yum install -y \
vim wget tree lrzsz \
gcc gcc-c++ autoconf automake \
pcre pcre-devel \
zlib zlib-devel \
openssl openssl-devel \
iproute net-tools iotop
#添加系统账户(如果项目都是通过同一个用户启动的,可以在这里添加系统用户)
RUN groupadd www -g 2022 && useradd www -u 2022 -g www
#容器的时区,和宿主机可能不一样
RUN rm -rf /etc/localtime && \
ln -snf /usr/share/zoneinfo/Aisa/Shanghai /etc/localtime 测试
bash build-command.sh2. 制作jdk-24.0.1#
cd /opt/dockerfile/web/jdk
mkdir jdk-24.0.1
cd /opt/dockerfile/web/jdk/jdk-24.0.1wget https://download.oracle.com/java/24/latest/jdk-24_linux-x64_bin.tar.gz写jdk环境变量
docker run -itd --rm harbor.123asd.com/docker/centos-base:7.8.2003
docker cp 2fdcf6b3c8ba:/etc/profile /opt/dockerfile/web/jdk/jdk-24.0.1/
docker rm -f 2fdcf6b3c8ba
#末尾添加
vim profile
export JAVA_HOME=/usr/local/jdk
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin
export CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar
export JAVA_HOME=/usr/local/jdk
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$PATH
export CLASSPATH=.$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/jre/lib:$JAVA_HOME/lib/tools.jar写jdk的构建shell
cat > build-command.sh << 'EOF'
#!/bin/bash
#TAG=$1
TAG=24.0.1
docker build -t harbor.123asd.com/docker/centos-jdk-base:${TAG} .
EOF编写jdk的Dockerfile
vim Dockerfile
FROM harbor.123asd.com/docker/centos-base:7.8.2003
LABEL maintainer="name 12346@163.com"
ADD jdk-24_linux-x64_bin.tar.gz /usr/local/src
RUN ln -sv /usr/local/src/jdk-24.0.1 /usr/local/jdk
ADD profile /etc/profile
#容器启动的时候,root账号是不会读取/etc/profile的
#root用户启动容器不会读取/etc/profile,给root用户设置环境变量
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib
ENV PATH $PATH:$JAVA_HOME/bin测试jdk
tar xvzf dockerfile-jdk-24.0.1.tar.gz
cd jdk-24.0.1/
bash build-command.sh
docker run -it --rm harbor.123asd.com/docker/centos-jdk-base:24.0.1 bash3. 制作tomcat-v10.0.2#
cd /opt/dockerfile/web/tomcat
mkdir tomcat-v10.0.2
cd tomacat-v10.0.2wget https://archive.apache.org/dist/tomcat/tomcat-10/v10.0.2/bin/apache-tomcat-10.0.2.tar.gz写tomcat环境变量
docker run -itd --rm harbor.123asd.com/docker/centos-jdk-base:24.0.1
docker cp 7713a5fe1233:/etc/profile /opt/dockerfile/web/tomcat/tomcat-v10.0.2
docker rm -f 7713a5fe1233
#末尾添加
vim profile
export JAVA_HOME=/usr/local/jdk
export TOMCAT_HOME=/apps/tomcat
export PATH=$JAVA_HOME/bin:$JAVA_HOME/jre/bin:$TOMCAT_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar写Tomcat的构建脚本
vim build-command.sh#!/bin/bash
#TAG=$1
TAG=v10.0.2
docker build -t harbor.123asd.com/docker/tomcat-centos-base:${TAG} .写Tomcat的Dockerfile
vim Dockerfile#tomcat base image
FROM harbor.123asd.com/docker/centos-jdk-base:24.0.1
LABEL maintainer="123 123@qq.com"
#VOLUME /data /apps #通常做挂载点,但是自己添加有小bug
ADD apache-tomcat-10.0.2.tar.gz /apps
RUN ln -sv /apps/apache-tomcat-10.0.2 /apps/tomcat
ADD profile /etc/profile#测试
#这个镜像不用启动,在后面的业务中填写相关代码,但是测试需要手动测试
bash build-command.sh
docker run -it -p 8080:8080 harbor.123asd.com/docker/tomcat-centos-base:v10.0.2 bash
chown -R www.www /apps/
su - www -c "/apps/tomcat/bin/catalina.sh start"
ss -tlnp4. 制作业务镜像app1#
业务镜像
cd /opt/dockerfile/web/tomcat
mkdir tomcat-app1
cd tomcat-app1#拿配置文件
docker run -it --rm harbor.123asd.com/docker/tomcat-centos-base:v10.0.2 bash
vim /apps/tomcat/conf/server.xml
<Host name="localhost" appBase="/data/tomcat/webapps" unpack="false" autoDeploy="false">
docker cp a024a2919843:/apps/tomcat/conf/server.xml .写一个普通用户启动tomcat的脚本
cat > run_tomcat.sh << 'EOF'
#!/bin/bash
source /etc/profile
chown -R www.www /apps/
su - www -c "/apps/tomcat/bin/catalina.sh start"
tail -f /etc/hosts
EOF
chmod a+x run_tomcat.sh写一个build脚本`
vim build-command.sh
#!/bin/bash
#TAG=$1
TAG=v1
docker build -t harbor.123asd.com/docker/tomcat-app:${TAG} .写一个java测试页面
mkdir myapp
vim myapp/index.jsp
tomcar-text-app1
tar czvf myapp.tar.gz myapp/vim Dockerfile#app1 shangxian
FROM harbor.123asd.com/docker/tomcat-centos-base:v10.0.2
LABEL maintainer="aaa 123@qq.com"
ADD server.xml /apps/tomcat/conf/server.xml
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
ADD myapp.tar.gz /data/tomcat/webapps/
RUN chown www.www /data /apps -R
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]测试
###注意这里不能写bash,会覆盖CMD的命令
ll 检查配置文件权限
bash build-command.sh
docker run -itd --rm -p 8080:8080 harbor.123asd.com/docker/tomcat-app:v1
192.168.1.30:8080/myapp/后期来新业务
cp -r tomcat-app1 tomcat-app2
cd tomcat-app2
tar -xvf myapp.tar.gz
vim myapp/index.jsp
tomcat-text-app2
mv myapp.tar.gz /tmp/
tar cvzf myapp.tar.gz myapp/
vim build-command.sh
#!/bin/bash
#TAG=$1
TAG=v2
docker build -t harbor.123asd.com/docker/tomcat-app:${TAG} .
bash build-command.sh
docker run -itd --rm -p 8080:8080 harbor.123asd.com/docker/tomcat-app:v2
192.168.1.30:8080/myapp/5.docker结合负载均衡实现网站高可用#
192.168.1.31
docker pull harbor.123asd.com/docker/tomcat-app:v1
docker run -itd --name web1 -p 8080:8080 harbor.123asd.com/docker/tomcat-app:v1
192.168.1.32
docker pull harbor.123asd.com/docker/tomcat-app:v2
docker run -itd --name web2 -p 8080:8080 harbor.123asd.com/docker/tomcat-app:v2
192.168.1.30
cp -r /opt/dockerfile/web/nginx/nginx-1.28.0 /opt/dockerfile/web/nginx/nginx-1.28.0-v2
cd /opt/dockerfile/web/nginx/nginx-1.28.0-v2
vim nginx.conf
http{
upstream web {
server 192.168.1.31:8080;
server 192.168.1.32:8080;
}
server {
location /myapp {
proxy_pass http://web;
}
}
}
vim build-command.sh 改成v2
bash build-command.sh
docker run -itd -p 8801:80 harbor.123asd.com/docker/nginx:v2
192.168.1.30
192.168.1.30:8801/myapphaproxy
192.168.1.30
cd /opt/dockerfile/web/haproxy
mkdir -p /data/haproxy/conf/
cp /opt/dockerfile/web/haproxy/haproxy-2.2.11/haproxy.cfg /data/haproxy/conf/
vim /data/haproxy/conf/haproxy.cfg
server web1 192.168.1.30:8801 check inter 3000 fall 2 rise 5
测试
docker run -it --rm -p 80:80 -v /data/haproxy/conf/haproxy.cfg:/etc/haproxy/haproxy.cfg harbor.123asd.com/docker/haproxy:v2.2.11
正式
docker run -itd -p 80:80 -v /data/haproxy/conf/haproxy.cfg:/etc/haproxy/haproxy.cfg harbor.123asd.com/docker/haproxy:v2.2.11
验证
iptables -t nat -vnL
192.168.1.30
192.168.1.30/myapp 刷新查看轮询5. haproxy镜像构建#
https://www.haproxy.org/download/2.2/src/haproxy-2.2.11.tar.gz
mkdir -p /opt/dockerfile/web/haproxy/haproxy-2.2.11
cd /opt/dockerfile/web/haproxy/haproxy-2.2.11编写编译脚本
vim build-command.sh#!/bin/bash
#TAG=$1
TAG=v2.2.11
docker build -t harbor.123asd.com/docker/haproxy:${TAG} .编写配置文件
vim haproxy.cfgglobal
chroot /apps/haproxy
#stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
nbproc 1
pidfile /apps/haproxy/run/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
option forwardfor
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:123456
listen web_port
bind 0.0.0.0:80
mode http
log global
balance roundrobin
server web1 192.168.1.31:8080 check inter 3000 fall 2 rise 5
server web2 192.168.1.32:8080 check inter 3000 fall 2 rise 5编写运行脚本
vim run_haproxy.sh#!/bin/bash
/apps/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg
tail -f /etc/hostschmod a+x run_haproxy.sh编写dockerfile
vim Dockerfile#haproxy image
FROM harbor.123asd.com/docker/centos-base:7.8.2003
LABEL maintainer="aaa 123@qq.com"
RUN yum install -y libtermcap-devel ncurses-devel libevent-devel readline-devel gcc gcc-c++ glibc glibc-devel pcre pcre-devel openssl openssl-devel systemd-devel net-tools vim iotop bc zip unzip zlib-devel lrzsz tree screen lsof tcpdump wget ntpdate
ADD haproxy-2.2.11.tar.gz /usr/local/src/
RUN cd /usr/local/src/haproxy-2.2.11 && make ARCH=X86_64 TARGET=Linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 PREFIX=/apps/haproxy && make install PREFIX=/apps/haproxy && cp haproxy /usr/sbin/ && mkdir -p /apps/haproxy/run
ADD run_haproxy.sh /apps/haproxy/bin/run_haproxy.sh
ADD haproxy.cfg /etc/haproxy/haproxy.cfg
EXPOSE 80 9999
CMD ["/apps/haproxy/bin/run_haproxy.sh"]编译安装haproxy使用lua添加的参数
USE_LUA=1 LUA_INC=/usr/local/src/lua-5.3.5/src/ LUA_LIB=/usr/local/src/lua-5.3.5/src/测试
#中途测试
docker run -itd --rm -p 8800:80 -p 9999:9999 harbor.123asd.com/docker/haproxy:v2.2.11
/apps/haproxy/sbin/haproxy -v
#最终测试
docker exec -it id bash
ps -ef | grep haproxy
ss -tlnp
192.168.1.30:9999/haproxy-status
haadmin
123456
192.168.1.30:8800 刷新6. 构建wordpress#
#这里是思路,正确的在下面
#
#
#
FROM rockylinux:9.3
LABEL MAINTAINER="guo guo@163.com" project="wordpress"
#RUN yum install -y http://rpms.remirepo.net/enterprise/remi-release-9.rpm
#Remi repository是包含最新版本PHP和MySQL包的Linux源,由Remi提供维护。
RUN yum -y install https://mirrors.aliyun.com/remi/enterprise/remi-release-9.rpm
RUN yum -y install php80-php-xsl php80-php php80-php-cli php80-php-devel php80-php-gd php80-php-pdo php80-php-mysql php80-php-fpm
#配置nginx源
RUN cat <<EOF > /etc/yum.repos.d
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOF
#COPY ./default.conf /etc/nginx/conf.d
#查看php监听sock文件vim /etc/opt/remi/php80/php-fpm.d/www.conf
sed -i 's/^user = apache/user = apache,nginx/g' /etc/opt/remi/php80/php-fpm.d/www.conf
sed -i 's/^group = apache/group = apache,nginx/g' /etc/opt/remi/php80/php-fpm.d/www.conf
#配置php的nginx
RUN cat <<EOF > /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name _;
location / {
root /usr/share/nginx/html;
index index.php;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_pass unix:///var/opt/remi/php80/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
EOF
ADD ./wordpress-6.6.1-zh_CN.tar.gz /usr/share/nginx/
RUN rm -rf /usr/share/nginx/html/*
RUN tar -xf wordpress-6.6.1-zh_CN.tar.gz -C /usr/share/nginx/
RUN mv /usr/share/nginx/wordpress/* /usr/share/nginx/html
#COPY ./nginx.repo /etc/yum.repos.d
RUN yum install -y nginx
#RAN chmod 777 -R /usr/share/nginx/html
#RAN wget https://cn.wordpress.org/latest-zh_CN.zip
#RAN unzip latest-zh_CN.zip -d /usr/share/nginx
RUN cat <<EOF > /opt/docker-login.sh
nginx&/opt/remi/php80/root/usr/sbin/php-fpm
echo "nginx和php已经启动"
EOF
EXPOSE 80 443
#CMD ["sh","/opt/docker-login.sh"]
RUN chome +x /opt/docker-login.sh
CMD ["bash","/opt/docker-login.sh"]
vim /opt/docker-login.sh
chmod 777 /var/opt/remi/php80/run/php-fpm/www.sock
/opt/remi/php80/root/usr/sbin/php-fpm
nginx -g "daemon off;"
echo "nginx和php已经启动"
#docker run -itd -e MYSQL_ROOT_PASSWORD="123qweR" -e MYSQL_DATABASE="wordpress" -P mysql:8.0
#构建
docker build -t myword:v1.0
docker run -itd -P myword:v1.0
docker exec -it $id /bin/bash
docker run -it myword:v1.2 /bin/bash
#启动php服务
>/opt/remi/php80/root/usr/sbin/php-fpm
#如果一个容器宕了可以创建一个新的容器
docker run -itd -P --name wordpress --link=$镜像名字 myword:v1.0nginx的php配置项
server {
listen 80;
server_name _;
location / {
root /usr/share/nginx/html;
index index.php;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastchi_script_name;
include fastcgi_params;
}
}
#########这次要用的
server {
listen 80;
server_name _;
location / {
root /usr/share/nginx/html;
index index.php;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_pass unix:///var/opt/remi/php80/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastchi_script_name;
include fastcgi_params;
}
}成功案例
FROM rockylinux:9.3
LABEL MAINTAINER="guo guo@163.com" project="wordpress"
RUN yum install -y http://rpms.remirepo.net/enterprise/remi-release-9.rpm
RUN yum -y install php80-php-xsl php80-php php80-php-cli php80-php-devel php80-php-gd php80-php-pdo php80-php-mysql php80-php-fpm
RUN sed -i 's/^user = apache/user = nginx/g' /etc/opt/remi/php80/php-fpm.d/www.conf
RUN sed -i 's/^group = apache/group = nginx/g' /etc/opt/remi/php80/php-fpm.d/www.conf
RUN mkdir -p /etc/nginx/conf.d
RUN touch default.conf
RUN chmod 777 default.conf
RUN cat <<EOF > /etc/nginx/conf.d/default.conf
server {
listen 80;
server_name _;
location / {
root /usr/share/nginx/html;
index index.php;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_pass unix:///var/opt/remi/php80/run/php-fpm/www.sock; fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
include fastcgi_params;
}
}
EOF
RUN yum -y install nginx
RUN rm -rf /usr/share/nginx/html/*
COPY ./wordpress-6.6.1-zh_CN.tar.gz /usr/share/nginx/
RUN pwd
RUN tar -xf /usr/share/nginx/wordpress-6.6.1-zh_CN.tar.gz -C /usr/share/nginx/
RUN mv /usr/share/nginx/wordpress/* /usr/share/nginx/html/
RUN chmod 777 -R /usr/share/nginx/html
RUN cat <<EOF > /opt/docker-login.sh
/opt/remi/php80/root/usr/sbin/php-fpm
chmod 777 /var/opt/remi/php80/run/php-fpm/www.sock
nginx -g "daemon off;"
echo "nginx和php已经启动"
EOF
EXPOSE 80 443
RUN chmod +x /opt/docker-login.sh
CMD ["bash","/opt/docker-login.sh"]
curl -Ik 172.17.0.2
#k
http://192.168.10.71:327867.#
FROM daocloud.io/library/centos:7
LABEL MAINTARER=guo
RUN curl -o
RUN yum install -y nginx
COPY /opt/web /usr/share/nginx/html
EXPOSE 80 443 #告诉inspest的端口信息,-P
VOLUME /usr/share/nginx/html #映射提示
ENV level=1.16.1
CMD ["sh","/docker-enterypoint.sh"]8. python djangou项目#
pythondjango项目,需要构建并运行
1、git clone 项目
2、修改配置文件
redis 地址
mysql 地址和库 mysql.serve
docker run itd -e MYSQL_BOOT_PASSWORD="123QWE"