一、CentOS 7.x 安装Docker-ce社区版本
https://www.osyunwei.com/archives/11592.html
二、准备安装软件包
cd /usr/local/src #建议先把需要安装的软件包下载到本地目录
1、下载nginx
wget http://nginx.org/download/nginx-1.21.1.tar.gz #nginx
2、下载pcre
wget http://ftp.pcre.org/pub/pcre/pcre-8.45.tar.gz #nginx扩展
3、下载openssl
wget https://www.openssl.org/source/openssl-1.1.1l.tar.gz #nginx扩展
4、下载zlib
wget http://www.zlib.net/zlib-1.2.11.tar.gz #nginx扩展
三、准备Nginx相关配置文件
cd /usr/local/src #配置文件存放目录
1、创建nginx主配置文件
vi nginx.conf
user www www;
worker_processes 1;
worker_rlimit_nofile 655350;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 655350;
}
http {
fastcgi_intercept_errors on;
#error_page 404 http://127.0.0.1/404.html;
#error_page 403 404 http://127.0.0.1/404.html;
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$http_host $upstream_status $upstream_addr $request_time $upstream_response_time';
#access_log logs/access.log main;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;
sendfile on;
tcp_nopush on;
fastcgi_connect_timeout 1200;
fastcgi_send_timeout 1200;
fastcgi_read_timeout 1200;
fastcgi_buffer_size 128k;
fastcgi_buffers 8 128k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
#keepalive_timeout 0;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#server {
#listen 80 default;
#listen 443 default;
#server_name _;
#location / {
#root html;
#return 404;
#}
#location ~ /.ht {
#deny all;
#}
#}
server
{
listen 80;
#listen 443;
#server_name localhost;
index index.php default.php index.html index.htm default.html default.htm ;
location ~ .*\.(php|php5)?$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
location /status {
stub_status on;
#access_log off;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 7300d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
#access_log off;
}
include vhost/*.conf;
}
:wq! #保存退出
2、创建nginx虚拟主机配置文件
vi vhost.conf
#server {
# listen 80;
# server_name localhost;
# rewrite ^(.*)$ https://$host$1 permanent;
#}
server
{
listen 80;
#listen 443 ssl;
#ssl on;
#ssl_certificate /usr/local/nginx/conf/ssl/www.localhost.com.pem;
#ssl_certificate_key /usr/local/nginx/conf/ssl/www.localhost.com.key;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:-RC4+RSA:+HIGH:+MEDIUM:!EXP;
ssl_prefer_server_ciphers on;
#fastcgi_param HTTPS $https if_not_empty;
server_name localhost;
#include /data/web/rewrite/*.conf;
access_log logs/localhost_access.log main;
index index.htm index.html index.php;
root /data/web/;
location ~ .*\.(php|php5)?$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
location /status {
stub_status on;
#access_log off;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 7300d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
#if ($server_port = 80) {
# return 301 https://$server_name$request_uri;
#}
#access_log off;
}
:wq! #保存退出
四、构建nginx容器镜像
1、从docker hub拉取官方基础镜像
#我们用centos系统进行构建
https://hub.docker.com/_/centos?tab=tags&page=1&ordering=last_updated
选择centos:7.9.2009版本
docker pull centos:7.9.2009 #拉取系统镜像
docker image ls #查看docker镜像
docker run -itd --name centos7.9 centos:7.9.2009 #运行容器
docker ps #查看容器
[root@master01 opt]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
adc6473335ee centos:7.9.2009 "/bin/bash" 48 seconds ago
docker exec -it adc6473335ee /bin/bash #进入容器
exit #退出容器
2、编写Dockerfile构建文件
cd /usr/local/src #进入目录
vi /usr/local/src/dockerfile #dockerfile文件必须和上一步下载的软件包在同一目录
#基于这个镜像进行操作
FROM centos:7.9.2009
#作者和邮箱
MAINTAINER osyunwei osyunwei@osyunwei.com
#指定容器里面的路径,为后面的RUN、CMD或者ENTERPOINT操作指定目录
WORKDIR /usr/local/src
#安装依赖包
RUN yum -y update \
&& set -xe \
&& buildDeps=" \
pcre \
pcre-devel \
autoconf \
automake \
bzip2 \
bzip2* \
gcc \
gcc-c++ \
gtk+-devel \
gettext \
gettext-devel \
glibc \
make \
mpfr \
openssl \
openssl-devel \
patch \
pcre-devel \
perl \
zlib-devel \
" \
&& yum install -y ${buildDeps}
#设置时区
RUN \cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
#设置变量
ENV nginx=nginx-1.21.3 \
openssl=openssl-1.1.1l \
pcre=pcre-8.45 \
zlib=zlib-1.2.11
#将本地的一个文件或目录拷贝到容器的某个目录里
COPY $nginx.tar.gz \
$openssl.tar.gz \
$pcre.tar.gz \
$zlib.tar.gz \
nginx.conf \
vhost.conf ./
#解压软件包
RUN ls *.tar.gz | xargs -n1 tar xzvf
#安装pcre
WORKDIR /usr/local/src/pcre-8.45
RUN ./configure --prefix=/usr/local/pcre && make && make install
#安装openssl
WORKDIR /usr/local/src/openssl-1.1.1l
RUN ./config -fPIC shared zlib --prefix=/usr/local/openssl && make && make install
#安装zlib
WORKDIR /usr/local/src/zlib-1.2.11
RUN ./configure --prefix=/usr/local/zlib && make && make install
#安装Nginx
WORKDIR /usr/local/src/nginx-1.21.3
#创建nginx运行用户和组
RUN groupadd www && useradd -g www www -s /bin/false
#安装nginx
RUN ./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-openssl=/usr/local/src/openssl-1.1.1l --with-zlib=/usr/local/src/zlib-1.2.11 --with-pcre=/usr/local/src/pcre-8.45 && make && make install
#配置nginx以www用户和组运行
RUN sed -i "1iuser www www;" /usr/local/nginx/conf/nginx.conf \
&& mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf-bak \
&& mkdir -p /usr/local/nginx/conf/vhost \
&& mkdir -p /usr/local/nginx/conf/ssl \
&& cp /usr/local/src/nginx.conf /usr/local/nginx/conf/nginx.conf \
&& cp /usr/local/src/vhost.conf /usr/local/nginx/conf/vhost/vhost.conf
#清理安装包
RUN rm -rf /usr/local/src/* && yum clean all
#切换到根目录
WORKDIR /root
#设置nginx运行端口
EXPOSE 80/tcp 443/tcp
#设置nginx以foreground前台方式运行
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]
3、构建容器
docker build -t osyunwei/nginx:1.21.3 /usr/local/src
或者
docker build -t osyunwei/nginx:1.21.3 .
4、运行容器
docker image ls #查看docker镜像
docker run --name nginx -it -d -p 80:80 osyunwei/nginx:1.21.3
docker ps #查看容器
打开http://192.168.21.8/可以看到nginx已经运行
docker exec -it 0d333824c699 /bin/bash #进入容器
#容器内目录说明
/usr/local/nginx/conf/nginx.conf #nginx主配置文件
/usr/local/nginx/conf/vhost #nginx虚拟主机配置文件
/usr/local/nginx/conf/ssl #https证书存放目录
/usr/local/nginx/html #nginx默认web目录
exit #退出容器
5、上传Nginx容器镜像到阿里云容器仓库
docker image ls #查看镜像id
5.1重命名镜像标签
docker tag eb11f99b01d1 registry.cn-hangzhou.aliyuncs.com/osyunwei/nginx:1.21.3
#registry.cn-hangzhou.aliyuncs.com是阿里云容器仓库地址
#osyunwei是自己创建的命名空间
#nginx是自己创建的仓库名称
#:1.21.3是自定义nginx镜像的版本号
5.2登录阿里云仓库
docker login --username=你的阿里云登录账号 registry.cn-hangzhou.aliyuncs.com
[root@master01 src]# docker login --username=你的阿里云登录账号 registry.cn-hangzhou.aliyuncs.com
Password:刚才设置的固定密码
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@master01 src]#
5.3上传镜像到阿里云仓库
docker push registry.cn-hangzhou.aliyuncs.com/osyunwei/nginx:1.21.3
5.4拉取阿里云容器镜像
docker pull registry.cn-hangzhou.aliyuncs.com/osyunwei/nginx:1.21.3
Docker下使用Dockerfile基于CentOS基础镜像构建Nginx容器镜像教程完成。