一、环境描述
1. 宿主机
- CPU:双核
- 内存:4 GB
- 硬盘:120 GB
- IP地址:192.168.190.128
- 操作系统:CentOS 7.4 x86_64 Minimal
2. Docker
- 版本:1.12.6
- 安装方式:参考《如何通过yum安装Docker和Docker-Compose》
3. 基础镜像
- 操作系统:CentOS 6.9 x86_64
- 制作方式:参考《如何创建CentOS系统的Docker基础镜像》
二、构建镜像
1. 安装Git
在shell中运行以下命令:
yum install -y git
2. 克隆Disconf的打包文件
从GitHub克隆编译得到的Disconf打包文件,可参考《编译和打包Disconf详解》。在shell中运行以下命令:
cd /root/Downloads
git clone https://github.com/ghoulich/docker.git
cd docker/disconf
3. 创建服务启动脚本
在shell中运行以下命令,创建start.sh
脚本,容器启动时会调用该脚本启动服务:
cat > start.sh << "EOF"
#! /bin/bash
# Source function library.
. /etc/rc.d/init.d/functions
if [ -L $0 ]; then
initscript=`/bin/readlink -f $0`
else
initscript=$0
fi
sysconfig=`/bin/basename $initscript`
if [ -f /etc/sysconfig/$sysconfig ]; then
. /etc/sysconfig/$sysconfig
fi
nginx=${NGINX:-/usr/sbin/nginx}
prog=`/bin/basename $nginx`
conffile=${CONFFILE:-/etc/nginx/nginx.conf}
lockfile=${LOCKFILE:-/var/lock/subsys/nginx}
pidfile=${PIDFILE:-/var/run/nginx.pid}
SLEEPSEC=${SLEEPSEC:-1}
UPGRADEWAITLOOPS=${UPGRADEWAITLOOPS:-5}
CHECKSLEEP=${CHECKSLEEP:-3}
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon --pidfile=${pidfile} ${nginx} -c ${conffile}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
start
exit $RETVAL
EOF
4. 创建镜像源配置文件
本文通过Nginx的官方镜像源安装Nginx,需要创建镜像源配置文件:
cat > nginx.repo << "EOF"
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/$basearch/
gpgcheck=0
enabled=1
EOF
5. 创建supervisor配置文件
supervisor是一种Linux的进程管理工具,Disconf前端容器会用其管理自身的后台服务。在shell中运行以下命令,创建supervisord.conf
文件:
cat > supervisord.conf << "EOF"
[supervisord]
nodaemon=true
[program:nginx]
command=/bin/bash start.sh
EOF
6. 创建Dockerfile文件
在shell中运行以下命令:
cat > /root/Downloads/docker/disconf/Dockerfile << "EOF"
# 使用自建的CentOS 6.9基础镜像
FROM registry.cn-hangzhou.aliyuncs.com/ghoulich-centos/centos:6.9
# 镜像维护者
MAINTAINER ghoulich@aliyun.com
# 添加Nginx镜像源
COPY nginx.repo /etc/yum.repos.d/
RUN rpm --import http://nginx.org/keys/nginx_signing.key
# 安装Nginx
RUN yum install -y epel-release
RUN rpm --rebuilddb && yum install -y nginx supervisor tar
RUN mkdir -p /var/lib/nginx
COPY start.sh /
COPY supervisord.conf /etc/supervisord.conf
# 复制静态资源
COPY disconf-static.tar.gz /
RUN tar xvzf disconf-static.tar.gz && mv disconf-static /var/lib/nginx/disconf && rm -rf disconf-static.tar.gz
# 清理系统
RUN yum clean all
# 开放端口
EXPOSE 80
# 挂载数据、配置和日志目录
VOLUME ["/etc/nginx", "/var/log/nginx"]
# 自动启动Nginx
CMD ["/usr/bin/supervisord"]
EOF
有以下几点需要注意:
- 基于自建的CentOS 6.9基础镜像。
- 开放80端口,这是Nginx的默认服务端口。
- 将Nginx的配置目录和日志目录设置为挂载点。
7. 构建镜像
在shell中运行以下命令:
docker build -t disconf-frontend:latest .
8. 上传镜像
在shell中运行以下命令,登录阿里云的镜像库,然后为新建镜像创建标签,最后推送至镜像库:
# 登录阿里云镜像库
docker login --username=ghoulich@aliyun.com registry.cn-hangzhou.aliyuncs.com
# 创建镜像标签
docker tag disconf-frontend:latest registry.cn-hangzhou.aliyuncs.com/ghoulich-centos/centos-6.9-disconf-frontend:latest
# 推送镜像
docker push registry.cn-hangzhou.aliyuncs.com/ghoulich-centos/centos-6.9-disconf-frontend:latest
三、使用方法
1. 创建MIME类型文件
创建mime.types
文件,指定Nginx支持的多媒体文件类型:
cd /root/Downloads
cat > /root/Downloads/mime.types << "EOF"
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
EOF
2. 创建Nginx配置文件
创建nginx.conf
文件,指定Nginx的全局配置:
cat > /root/Downloads/nginx.conf << "EOF"
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
EOF
3. 创建Disconf站点配置文件
创建disconf.conf
文件,指定Disconf站点的配置:
cat > /root/Downloads/disconf.conf << "EOF"
upstream disconf {
server 192.168.0.5:8080;
}
server {
listen 8080;
server_name 192.168.190.128;
access_log /var/log/nginx/disconf_access.log;
error_log /var/log/nginx/disconf_error.log;
location / {
root /var/lib/nginx/disconf;
if ($query_string) {
expires max;
}
}
location ~ ^/(api|export) {
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://disconf;
}
}
EOF
4. 创建必要的目录
在shell中运行以下命令,创建Disconf前端容器的配置目录和日志目录,然后修改访问权限,最后将上面的配置文件拷贝至相应的目录:
mkdir -p /usr/local/disconf-frontend/{conf,logs}
mkdir -p /usr/local/disconf-frontend/conf/conf.d
chown -R 499:499 /usr/local/disconf-frontend/logs
cp /root/Downloads/{nginx.conf,mime.types} /usr/local/disconf-frontend/conf/
cp /root/Downloads/disconf.conf /usr/local/disconf-frontend/conf/conf.d/
注意,499:499
是Disconf前端容器中的nginx用户的UID和GID,宿主机没有这个用户。
5. 启动容器
在shell中运行以下命令:
docker run --detach \
--name disconf-frontend \
--hostname disconf-frontend \
--volume /usr/local/disconf-frontend/conf:/etc/nginx \
--volume /usr/local/disconf-frontend/logs:/var/log/nginx \
--publish 8080:8080 \
registry.cn-hangzhou.aliyuncs.com/ghoulich-centos/centos-6.9-disconf-frontend:latest
需要注意以下几点:
- 将容器的8080端口映射至宿主机的8080端口。
- 将容器的配置目录和日志目录映射至宿主机的相应目录。