以下制作 nginx 镜像过程, 分三步
1. 制作 dockerfile 文件
2. 制作 nginx.sh 的 nginx 安装脚本
3. 制作 ngx-depolyment.YAML 文件
以下是具体内容
- #mkdir /root/dockerfile
- #cd /root/dockerfile
- #touch Dockerfile
- #mkdir nginx
制作 dockerfile 文件
- root@<cc_172.16.0.2|~/dockerfile/nginx>:#cat Dockerfile
- #CentOS?based?container?with?tengine2.2
- FROM docker.io/CentOS
- MAINTAINER wbb-20181207 wbb@qq.com
- #prepare java environment
- ENV LD_LIBRARY_PATH /usr/local/luajit/lib:$LD_LIBRARY_PATH
- ENV LUAJIT_INC /usr/local/luajit/include/luajit-2.0
- ENV LUAJIT_LIB /usr/local/luajit/lib
- #copy jdk tomcat to container
- ADD nginx.tar.gz /root/
- RUN cd /root/nginx/ && sh ngxinstall.sh \ #nginx.sh 安装脚本单独用脚本编写, 下面有展示
- && ln -sf /dev/stdout /var/log/nginx/access.log \ #让 nginx 日志在 k8s 的 web-ui 里显示出来, 如下图
- && ln -sf /dev/stderr /var/log/nginx/error.log
- #private expose
- EXPOSE 80
- #START NGINX
- #ENTRYPOINT [ "/usr/local/nginx/sbin/nginx", "-g", "daemon off;" ]
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"] 一定要前台运行, 不然 k8s 在 deploy 中无法创建成功
- cd /root/dockerfile
- docker build -t nginx:v4 .
安装过程部分截图
ngxinstall.sh 安装脚本, 在 dockerfile 中引用, 以下安装脚本最好先在 1 台机器测试好, 没问题直接在 dockerfile 引用即可
制作 nginx.sh 的 nginx 安装脚本
- root@<cc_172.16.0.2|~/dockerfile/nginx/nginx>:#cat ngxinstall.sh
- #!/bin/bash
- path=$(pwd)
- # 安装依赖包
- yum makecache
- yum -y install gcc gcc-c++ patch make openssl openssl-devel file
- # 解压
- tar zxvf $path/tar/tengine-2.2.0.tar.gz -C $path/src/
- #tar zxvf $path/tar/openssl-1.0.2p.tar.gz -C $path/src/
- tar zxvf $path/tar/zlib-1.2.11.tar.gz -C $path/src/
- tar zxvf $path/tar/nginx-accesskey.tar.gz -C $path/src/
- tar zxvf $path/tar/pcre-8.40.tar.gz -C $path/src/
- tar zxvf $path/tar/waf.tar.gz -C $path/src/
- tar zxvf $path/tar/nginx_tcp_proxy_module-master.tar.gz -C $path/src/
- tar zxvf $path/tar/LuaJIT-2.0.5.tar.gz -C $path/src/
- tar zxvf $path/tar/ngx_devel_kit-0.2.19.tar.gz -C $path/src/
- tar zxvf $path/tar/lua-nginx-module-0.9.5rc2.tar.gz -C $path/src/
- # 环境变量
- echo "export LD_LIBRARY_PATH=/usr/local/luajit/lib:$LD_LIBRARY_PATH">> /etc/profile
- echo "export LUAJIT_INC=/usr/local/luajit/include/luajit-2.0">> /etc/profile
- echo "export LUAJIT_LIB=/usr/local/luajit/lib">> /etc/profile && source /etc/profile
- source /etc/profile
- cd $path/src/LuaJIT-2.0.5
- make PREFIX=/usr/local/luajit
- make install PREFIX=/usr/local/luajit
- #tengine
- #useradd -s /sbin/nologin nginx
- cd $path/src/tengine-2.2.0
- patch -p1 < $path/src/nginx_tcp_proxy_module-master/tcp.patch
- ./configure --user=root --group=root --prefix=/usr/local/nginx --lock-path=/var/run/nginx.lock --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --pid-path=/var/run/nginx.pid --add-module=../ngx_devel_kit-0.2.19 --add-module=../lua-nginx-module-0.9.5rc2 --add-module=../nginx-accesskey-2.0.3 --add-module=../nginx_tcp_proxy_module-master --with-pcre=../pcre-8.40 --with-zlib=../zlib-1.2.11 --with-http_ssl_module --with-http_realip_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_random_index_module --with-http_secure_link_module --with-http_auth_request_module --with-http_v2_module --with-http_addition_module --with-http_sub_module --with-file-aio --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' --with-ld-opt=-Wl,-rpath,/usr/local/lib
- source /etc/profile
- make
- make install
- # 以下是把相关的配置文件也写好, 直接复制过去即可, 只包括一些模块文件, 具体的域名的. conf 文件在后面引用即可
- cp $path/src/nginx.conf /usr/local/nginx/conf/
- cp $path/src/proxy.conf /usr/local/nginx/conf/
- cp $path/src/error.conf /usr/local/nginx/conf/
- cp -r $path/src/html /usr/local/nginx/
- cp -r $path/src/waf /usr/local/nginx/conf/
- mkdir -p /usr/local/nginx/vhost
- mkdir -p /usr/local/nginx/tcp
- cp $path/src/default.conf /usr/local/nginx/vhost/
- cp $path/src/tcp.conf /usr/local/nginx/tcp/ #支持 tcp 模块
- rm -rf /root/nginx #删除安装文件
制作 ngx-depolyment.YAML 文件
- ---
- # 定义 nginx 命名空间
- #apiVersion: v1
- #kind: Namespace
- #metadata:
- # name: k8s-go
- ---
- # 定义 nginx svc
- apiVersion: v1
- kind: Service
- metadata:
- name: k8s-nginx
- namespace: k8s-go
- labels:
- App: k8s-nginx
- spec:
- type: NodePort
- ports:
- - port: 80
- targetPort: 80
- nodePort: 10280
- protocol: TCP
- #clusterIP: 169.169.249.80
- selector:
- App: k8s-nginx
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: nginx-deploy
- namespace: k8s-go
- labels:
- App: k8s-nginx
- spec:
- replicas: 1
- selector:
- matchLabels:
- App: k8s-nginx
- template:
- metadata:
- labels:
- App: k8s-nginx
- annotations:
- App: nginx-clouster
- spec:
- containers:
- - name: nginx
- image: 172.16.0.2:5000/nginx:v4 #从私有仓加载
- imagePullPolicy: Always #只从私有仓加载, 不放到 node 节点
- volumeMounts:
- - mountPath: /usr/local/www
- name: nginx-data
- #- mountPath: /etc/nginx/conf.d
- # name: nginx-conf
- resources:
- limits:
- CPU: 300m
- memory: 3000Mi
- requests:
- CPU: 100m
- memory: 100Mi
- ports:
- - containerPort: 80
- volumes:
- - name: nginx-data
- persistentVolumeClaim:
- claimName: nginx-data-nfs-pvc
- #- name: nginx-conf
- # persistentVolumeClaim:
- # claimName: nginx-conf-nfs-pvc
- #volumes:
- # - name: nginx-nfs
- # nfs:
- # server: 172.16.0.2
- # path: /data/nfs-storage/nginx
k8s dashboard 中显示的生成的 nginx pod,
外网访问显示测试页
nginx 日志在 Web-ui 中显示, 要在此显示日志, 就必须在 dockerfile 中定义, 不然是不是会显示的. 因为 k8s 展示的日志是从 / dev/stdout /dev/stderr 里获取的
来源: http://www.bubuko.com/infodetail-2876881.html