Nginx 镜像的 DockerFile
FROM centos:7
MAINTAINER peter<peter@gmail.com>
# 安装软件
RUN yum -y update && yum -y install gcc gdb strace gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs patch e2fsprogs-devel krb5-devel libidn libidn-devel openldap-devel nss_ldap openldap-clients openldap-servers libevent-devel libevent uuid-devel uuid openssl openssl-devel pcre pcre-devel
# 创建用户
RUN groupadd www
RUN useradd -g www www -s /bin/false
# 定义Nginx版本号
ENV VERSION 1.14.2
# 下载并解压文件
RUN mkdir -p /usr/local/src/
ADD http://nginx.org/download/nginx-$VERSION.tar.gz /usr/local/src
RUN tar -xvf /usr/local/src/nginx-$VERSION.tar.gz -C /usr/local/src/
# 创建安装目录
ENV NGINX_HOME /usr/local/nginx
RUN mkdir -p $NGINX_HOME
RUN chown -R www:www $NGINX_HOME
# 进入解压目录
WORKDIR /usr/local/src/nginx-$VERSION
# 编译安装
RUN ./configure \
--user=www \
--group=www \
--prefix=$NGINX_HOME \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module
RUN make
RUN make install
# 备份Nginx的配置文件
RUN mv $NGINX_HOME/conf/nginx.conf $NGINX_HOME/conf/nginx.conf.default
# 设置环境变量
ENV PATH $PATH:$NGINX_HOME/sbin
# 创建WebApp目录
ENV WEB_APP /usr/share/nginx/html
RUN mkdir -p $WEB_APP
# 设置默认工作目录
WORKDIR $WEB_APP
# 暴露端口
EXPOSE 80
EXPOSE 443
# 清理压缩包与解压文件
RUN rm -rf /usr/local/src/nginx*
CMD $NGINX_HOME/sbin/nginx -g 'daemon off;' -c $NGINX_HOME/conf/nginx.conf
Tengine 镜像的 DockerFile
FROM centos:7
MAINTAINER 564729737@qq.com
# 安装软件
RUN yum -y install gcc gcc-c++ ncurses-devel pcre* openssl* zlib zlib-devel wget net-snmp-devel curl-devel perl-DBI epel* logrotate anacron
#创建日志切割
COPY nginx /etc/logrotate.d
# 创建用户
#RUN groupadd tengine
#RUN useradd -g tengine tengine
# 定义Tengine版本号
ENV VERSION 2.3.1
# 下载并解压文件
RUN mkdir -p /usr/local/src/
RUN cd /usr/local/src && wget http://tengine.taobao.org/download/tengine-$VERSION.tar.gz
RUN tar -zxvf /usr/local/src/tengine-$VERSION.tar.gz -C /usr/local/src/
# 创建安装目录
ENV TENGINE_HOME /usr/local/tengine
RUN mkdir -p $TENGINE_HOME
# 进入解压目录
WORKDIR /usr/local/src/tengine-$VERSION
# 编译安装
RUN ./configure --prefix=/usr/local/tengine --with-http_ssl_module --with-http_v2_module --without-http_access_module --without-http_geo_module --with-http_addition_module --with-http_stub_status_module --with-stream
RUN make
RUN make install
# 备份Tengine的配置文件
#RUN mv $TENGINE_HOME/conf/nginx.conf $TENGINE_HOME/conf/nginx.conf.default
# 设置环境变量
ENV PATH $PATH:$TENGINE_HOME/sbin
# 创建WebApp目录
ENV WEB_APP /srv/qw
RUN mkdir -p $WEB_APP
# 设置默认工作目录
#WORKDIR $WEB_APP
# 暴露端口
EXPOSE 80
EXPOSE 443
# 清理压缩包与解压文件
RUN rm -rf /usr/local/src/tengine*
CMD $TENGINE_HOME/sbin/nginx -g 'daemon off;' -c $TENGINE_HOME/conf/nginx.conf
yaml部署tengine 需要提前将挂载配置文件准备好
kind: StatefulSet
apiVersion: apps/v1
metadata:
labels:
app: tengine
name: tengine
namespace: yx-test
spec:
replicas: 1
selector:
matchLabels:
app: tengine
template:
metadata:
labels:
app: tengine
spec:
imagePullSecrets:
- name: osale-secret
containers:
- name: tengine
image: gem-acr-p-a01-registry.cn-shenzhen.cr.aliyuncs.com/osale/tengine:v1
imagePullPolicy: Always
ports:
- containerPort: 80
protocol: TCP
name: http
- containerPort: 443
protocol: TCP
name: https
# resources:
# limits:
# cpu: 2
# memory: 2Gi
# requests:
# cpu: 500m
# memory: 1Gi
volumeMounts:
- name: conf
mountPath: /usr/local/tengine/conf
- name: log
mountPath: /var/log/nginx
- name: timezone
mountPath: /etc/localtime
volumes:
- name: conf
hostPath:
type: DirectoryOrCreate
path: /data/tengine/conf
- name: log
hostPath:
type: DirectoryOrCreate #目录才加这个文件不需要加
path: /data/tengine/logs
- name: timezone
hostPath:
path: /etc/localtime
---
kind: Service
apiVersion: v1
metadata:
labels:
app: tengine
name: tengine
namespace: yx-test
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 30080
- name: https
port: 443
protocol: TCP
targetPort: 443
nodePort: 30081
selector:
app: tengine
如果是阿里云边缘性k8s需要打上标签
nodeSelector:
alibabacloud.com/is-edge-worker: 'false'
beta.kubernetes.io/arch: amd64
beta.kubernetes.io/os: linux
tolerations:
- effect: NoSchedule
key: node-role.alibabacloud.com/addon
operator: Exists
nginx配置挂载文件
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-conf
namespace: halashow
data:
nginx.conf: |-
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format log_json '{"@timestamp": "$time_local","user_ip":"$http_x_real_ip","lan_ip":"$remote_addr","log_time":"$time_iso8601","user_req":"$request","http_code":"$status","body_bytes_sents":"$body_bytes_sent","req_time":"$request_time","user_ua":"$http_user_agent"}';
access_log /var/log/nginx/access.log log_json;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/conf.d/*.conf;
}
nginx代理mysql连接
在文件的最下方(位置也可以不是最下方,stream必须和http平级)添加如下内容:stream {
stream {
upstream gem-yx-t-db1 {
hash $remote_addr consistent;
server 10.36.21.220:30001 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 3001;
proxy_connect_timeout 10s;
proxy_timeout 300s;
proxy_pass gem-yx-t-db1;
}
upstream gem-yx-t-db2 {
hash $remote_addr consistent;
server 10.36.21.220:30002 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 3002;
proxy_connect_timeout 10s;
proxy_timeout 300s;
proxy_pass gem-yx-t-db2;
}
upstream gem-yx-d-db1 {
hash $remote_addr consistent;
server 10.36.21.220:30003 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 3003;
proxy_connect_timeout 10s;
proxy_timeout 300s;
proxy_pass gem-yx-d-db1;
}
}
流水线直接构建
npm install
npm run build
mv dist ${K8S_APP_NAME}
tee ${appName}.conf <<EOF
server {
listen 80;
server_name ${server_name};
root /${K8S_APP_NAME};
index index.html home.html;
location ~ \.(htm|html|xml)$ {
#add_header Cache-Control no-cache,no-store,must-revalidate,private,max-age=0;
add_header Cache-Control no-cache;
}
location ~ \.(ico)$ {
add_header Cache-Control public,max-age=604800;
}
location ~ \.(bmp|css|flv|gif|jpe?g|js|png|svg|swf)$ {
add_header Cache-Control public,max-age=31536000;
}
# default
location / {
try_files \\$uri \\$uri/ /index.html;
}
# deny
location ~ /\.(env|env.example|git|ht|svn) {
deny all;
}
}
EOF
tee Dockerfile <<EOF
FROM gem-acr-p-a01-registry.cn-shenzhen.cr.aliyuncs.com/osale/tengine:v3
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
RUN echo 'Asia/Shanghai' >/etc/timezone
ADD ${appName} /${appName}
COPY ${appName}.conf /etc/nginx/conf.d/
# 暴露端口
EXPOSE 80
EXPOSE 443
CMD /usr/local/tengine/sbin/nginx -g 'daemon off;' -c /usr/local/tengine/conf/nginx.conf
EOF