dockerfile制作镜像及k8s中应用
2018-12-08 11:49
1051 查看
以下制作nginx镜像过程,分以下几步
1.制作dockerfile文件
包括nginx.sh的nginx安装脚本
2.制作ngx-depoly.yaml文件
包括k8s service,deployment,pv,pvc,nfs
流程如下:
以下是具体内容
制作dockerfile
#mkdir /root/dockerfile #cd /root/dockerfile #touch Dockerfile #mkdir nginx 制作dockerfile文件 root@<cc_172.16.0.2|~/dockerfile/nginx>:#cat Dockerfile #Centos based container with tengine2.2 FROM docker.io/centos MAINTAINER wbb-20181207 wbb@qq.com #prepare java environment ENV LD_LIBRARY_PATH /usr/local/luajit/lib:$LD_LIBRARY_PATH ENV LUAJIT_INC /usr/local/luajit/include/luajit-2.0 ENV LUAJIT_LIB /usr/local/luajit/lib #copy jdk tomcat to container ADD nginx.tar.gz /root/ RUN cd /root/nginx/ \ && sh ngxinstall.sh \ #nginx.sh安装脚本单独用脚本编写,下面有展示 && ln -sf /dev/stdout /var/log/nginx/access.log \ #让nginx日志在k8s的web-ui里显示出来,如下图 && ln -sf /dev/stderr /var/log/nginx/error.log #private expose EXPOSE 80 #START NGINX #ENTRYPOINT [ "/usr/local/nginx/sbin/nginx", "-g", "daemon off;" ] CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"] 一定要前台运行,不然k8s在deploy中无法创建成功
cd /root/dockerfile docker build -t nginx:v4 .
安装过程部分截图
ngxinstall.sh 安装脚本,在dockerfile中引用,以下安装脚本最好先在1台机器测试好,没问题直接在dockerfile引用即可
制作nginx.sh的nginx安装脚本
root@<cc_172.16.0.2|~/dockerfile/nginx/nginx>:#cat ngxinstall.sh #!/bin/bash path=$(pwd) #安装依赖包 yum makecache yum -y install gcc gcc-c++ patch make openssl openssl-devel file #解压 tar zxvf $path/tar/tengine-2.2.0.tar.gz -C $path/src/ #tar zxvf $path/tar/openssl-1.0.2p.tar.gz -C $path/src/ tar zxvf $path/tar/zlib-1.2.11.tar.gz -C $path/src/ tar zxvf $path/tar/nginx-accesskey.tar.gz -C $path/src/ tar zxvf $path/tar/pcre-8.40.tar.gz -C $path/src/ tar zxvf $path/tar/waf.tar.gz -C $path/src/ tar zxvf $path/tar/nginx_tcp_proxy_module-master.tar.gz -C $path/src/ tar zxvf $path/tar/LuaJIT-2.0.5.tar.gz -C $path/src/ tar zxvf $path/tar/ngx_devel_kit-0.2.19.tar.gz -C $path/src/ tar zxvf $path/tar/lua-nginx-module-0.9.5rc2.tar.gz -C $path/src/ #环境变量 echo "export LD_LIBRARY_PATH=/usr/local/luajit/lib:$LD_LIBRARY_PATH" >> /etc/profile echo "export LUAJIT_INC=/usr/local/luajit/include/luajit-2.0" >> /etc/profile echo "export LUAJIT_LIB=/usr/local/luajit/lib" >> /etc/profile && source /etc/profile source /etc/profile cd $path/src/LuaJIT-2.0.5 make PREFIX=/usr/local/luajit make install PREFIX=/usr/local/luajit #tengine #useradd -s /sbin/nologin nginx cd $path/src/tengine-2.2.0 patch -p1 < $path/src/nginx_tcp_proxy_module-master/tcp.patch ./configure --user=root --group=root \ --prefix=/usr/local/nginx \ --lock-path=/var/run/nginx.lock \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --pid-path=/var/run/nginx.pid \ --add-module=../ngx_devel_kit-0.2.19 \ --add-module=../lua-nginx-module-0.9.5rc2 \ --add-module=../nginx-accesskey-2.0.3 \ --add-module=../nginx_tcp_proxy_module-master \ --with-pcre=../pcre-8.40 \ --with-zlib=../zlib-1.2.11 \ --with-http_ssl_module \ --with-http_realip_module \ --with-http_gzip_static_module \ --with-http_stub_status_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_auth_request_module \ --with-http_v2_module \ --with-http_addition_module \ --with-http_sub_module \ --with-file-aio \ --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' \ --with-ld-opt=-Wl,-rpath,/usr/local/lib source /etc/profile make make install #以下是把相关的配置文件也写好,直接复制过去即可,只包括一些模块文件,具体的域名的.conf文件在后面引用即可 cp $path/src/nginx.conf /usr/local/nginx/conf/ cp $path/src/proxy.conf /usr/local/nginx/conf/ cp $path/src/error.conf /usr/local/nginx/conf/ cp -r $path/src/html /usr/local/nginx/ cp -r $path/src/waf /usr/local/nginx/conf/ mkdir -p /usr/local/nginx/vhost mkdir -p /usr/local/nginx/tcp cp $path/src/default.conf /usr/local/nginx/vhost/ cp $path/src/tcp.conf /usr/local/nginx/tcp/ #支持tcp模块 rm -rf /root/nginx #删除安装文件
制作ngx-depolyment.yaml文件
--- #定义nginx命名空间 apiVersion: v1 kind: Namespace metadata: name: k8s-go --- #定义nginx svc apiVersion: v1 kind: Service metadata: name: k8s-nginx namespace: k8s-go labels: app: k8s-nginx spec: type: NodePort ports: - port: 80 targetPort: 80 nodePort: 10280 protocol: TCP #clusterIP: 169.169.249.80 selector: app: k8s-nginx --- apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deploy namespace: k8s-go labels: app: k8s-nginx spec: replicas: 1 selector: matchLabels: app: k8s-nginx template: metadata: labels: app: k8s-nginx annotations: app: nginx-clouster spec: containers: - name: nginx image: 172.16.0.2:5000/nginx:v4 #从私有仓加载 imagePullPolicy: Always #只从私有仓加载,不放到node节点 volumeMounts: - mountPath: /usr/local/www name: nginx-data #- mountPath: /etc/nginx/conf.d # name: nginx-conf resources: limits: cpu: 300m memory: 3000Mi requests: cpu: 100m memory: 100Mi ports: - containerPort: 80 volumes: - name: nginx-data persistentVolumeClaim: claimName: nginx-data-nfs-pvc #挂载nginx 数据文件pvc,后面展示详细pv,pvc内容 - name: nginx-conf persistentVolumeClaim: claimName: nginx-conf-nfs-pvc #挂载nginx 域名配置文件pvc,后面展示详细pv,pvc内容 #volumes: # - name: nginx-nfs # nfs: # server: 172.16.0.2 # path: /data/nfs-storage/nginx
制作nginx-data-nfs-pv nginx-data-nfs-pvc
#root@<cc_172.16.0.2|~/project/ngx>:#cat ngx-data-nfs-pv.yaml apiVersion: v1 kind: PersistentVolume metadata: name: nginx-data-nfs-pv namespace: k8s-go labels: pv: nginx-data-pv spec: capacity: storage: 5Gi accessModes: - ReadWriteMany nfs: server: 172.16.0.2 path: "/data/nfs-storage/nginx/data/" ----- #root@<cc_172.16.0.2|~/project/ngx>:#cat ngx-data-nfs-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: nginx-data-nfs-pvc namespace: k8s-go spec: accessModes: - ReadWriteMany resources: requests: storage: 5Gi selector: matchLabels: pv: nginx-data-pv
制作nginx-conf-nfs-pv nginx-conf-nfs-pvc
#root@<cc_172.16.0.2|~/project/ngx>:#cat ngx-conf-nfs-pv.yaml apiVersion: v1 kind: PersistentVolume metadata: name: nginx-conf-nfs-pv #命名最好规范一下,方便后面使用 namespace: k8s-go labels: pv: nginx-conf-pv #pvc绑定此pv这里是通过标签来选择,所以要保持一致 spec: capacity: storage: 500Mi accessModes: - ReadWriteMany nfs: server: 172.16.0.2 #已搭建的nfs path: "/data/nfs-storage/nginx/conf/" ----- #root@<cc_172.16.0.2|~/project/ngx>:#cat ngx-conf-nfs-pvc.yaml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: nginx-conf-nfs-pvc namespace: k8s-go spec: accessModes: - ReadWriteMany resources: requests: storage: 500Mi selector: #通过标签选择器来绑定相应pvc matchLabels: pv: nginx-conf-pv
制作NFS
#root@<cc_172.16.0.2|~/project/ngx>:#cat /etc/exports /data/nfs-storage/nginx *(rw,insecure,sync,no_subtree_check,no_root_squash) /data/nfs-storage/tomcat *(rw,insecure,sync,no_subtree_check,no_root_squash) /data/nfs-storage/app *(rw,insecure,sync,no_subtree_check,no_root_squash) #root@<cc_172.16.0.2|/data/nfs-storage/nginx>:#ls conf data ssl conf里为相应域名的.conf文件,例如default.conf data里为相应域名的.conf文件里的静态文件加载路径,此处不要搞错 ssl里为相应域名的证书文件,例如default.pem,default.key及ssh.conf配置文件
k8s dashboard中显示的生成的nginx pod,
外网访问显示测试页
nginx日志在web-ui中显示,要在此显示日志,就必须在dockerfile中定义,不然是不是会显示的.因为k8s展示的日志是从/dev/stdout /dev/stderr 里获取的
相关文章推荐
- Docker实践(三)应用场景(创建私有库、用dockerfile制作自己应用镜像、利用私有库发布)
- 利用Dockerfile制作node+nginx应用自启动镜像
- 使用Dockerfile创建简单java应用镜像
- docker 应用-2(Dockerfile 编写以及镜像保存提交)
- Docker入门学习(4)----Dockerfile制作第一个镜像和容器中的第一个javaweb应用
- docker 制作tomcat 镜像并应用
- 使用Dockerfile制作Docker镜像
- dockerfile:制作tomcat镜像+javaweb
- dockerfile制作tomcat镜像
- Docker的实例小教程--Dockerfile制作镜像(2)
- 阿里云服务器:Dockerfile利用外网yum源制作镜像,并且安装Apache自启动容器,同时测试外网能连接容器
- 实战docker,编写Dockerfile定制tomcat镜像,实现web应用在线部署
- docker镜像制作之Dockerfile文件---hadooop伪分布式
- Dockerfile生成镜像并实现应用自启
- docker 安装 创建支持ssh服务的镜像 创建nginx服务的镜像 用dockerfile制作nginx镜像
- Docker镜像中Dockerfile的制作或编写
- 使用Dockerfile制作自己的Docker镜像
- Dockerfile编写制作含有node环境的项目镜像
- 3.3、Dcoker-1.12 Dockerfile,镜像制作详解以及使用说明
- docker 镜像制作及dockerfile