技术交流QQ群:①185473046   ②190706903   ③203744115   网站地图
登录

下次自动登录
现在的位置: 首页Linux>正文
Docker下使用Dockerfile基于CentOS基础镜像构建Nginx容器镜像
2021年10月16日 Linux 暂无评论 ⁄ 被围观 4,989次+

一、CentOS 7.x 安装Docker-ce社区版本

https://www.osyunwei.com/archives/11592.html

二、准备安装软件包

cd /usr/local/src #建议先把需要安装的软件包下载到本地目录

1、下载nginx

wget http://nginx.org/download/nginx-1.21.1.tar.gz #nginx

2、下载pcre

wget http://ftp.pcre.org/pub/pcre/pcre-8.45.tar.gz #nginx扩展

3、下载openssl

wget https://www.openssl.org/source/openssl-1.1.1l.tar.gz #nginx扩展

4、下载zlib

wget http://www.zlib.net/zlib-1.2.11.tar.gz #nginx扩展

三、准备Nginx相关配置文件

cd /usr/local/src #配置文件存放目录

1、创建nginx主配置文件

vi nginx.conf

user www www;

worker_processes 1;

worker_rlimit_nofile 655350;

error_log logs/error.log;

#error_log logs/error.log notice;

#error_log logs/error.log info;

pid logs/nginx.pid;

events {

use epoll;

worker_connections 655350;

}

http {

fastcgi_intercept_errors on;

#error_page 404 http://127.0.0.1/404.html;

#error_page 403 404 http://127.0.0.1/404.html;

include mime.types;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for" '

'$http_host $upstream_status $upstream_addr $request_time $upstream_response_time';

#access_log logs/access.log main;

server_names_hash_bucket_size 128;

client_header_buffer_size 32k;

large_client_header_buffers 4 32k;

client_max_body_size 300m;

sendfile on;

tcp_nopush on;

fastcgi_connect_timeout 1200;

fastcgi_send_timeout 1200;

fastcgi_read_timeout 1200;

fastcgi_buffer_size 128k;

fastcgi_buffers 8 128k;

fastcgi_busy_buffers_size 256k;

fastcgi_temp_file_write_size 256k;

#keepalive_timeout 0;

keepalive_timeout 60;

tcp_nodelay on;

server_tokens off;

gzip on;

gzip_min_length 1k;

gzip_buffers 4 16k;

gzip_http_version 1.1;

gzip_comp_level 2;

gzip_types text/plain application/x-javascript text/css application/xml;

gzip_vary on;

#server {

#listen 80 default;

#listen 443 default;

#server_name _;

#location / {

#root html;

#return 404;

#}

#location ~ /.ht {

#deny all;

#}

#}

server

{

listen 80;

#listen 443;

#server_name localhost;

index index.php default.php index.html index.htm default.html default.htm ;

location ~ .*\.(php|php5)?$

{

fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

include fastcgi.conf;

}

location /status {

stub_status on;

#access_log off;

}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

expires 7300d;

}

location ~ .*\.(js|css)?$

{

expires 12h;

}

#access_log off;

}

include vhost/*.conf;

}

:wq! #保存退出

2、创建nginx虚拟主机配置文件

vi vhost.conf

#server {

# listen 80;

# server_name localhost;

# rewrite ^(.*)$ https://$host$1 permanent;

#}

server

{

listen 80;

#listen 443 ssl;

#ssl on;

#ssl_certificate /usr/local/nginx/conf/ssl/www.localhost.com.pem;

#ssl_certificate_key /usr/local/nginx/conf/ssl/www.localhost.com.key;

ssl_session_timeout 10m;

ssl_session_cache shared:SSL:10m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers ALL:!ADH:!EXPORT56:-RC4+RSA:+HIGH:+MEDIUM:!EXP;

ssl_prefer_server_ciphers on;

#fastcgi_param HTTPS $https if_not_empty;

server_name localhost;

#include /data/web/rewrite/*.conf;

access_log logs/localhost_access.log main;

index index.htm index.html index.php;

root /data/web/;

location ~ .*\.(php|php5)?$

{

fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

include fastcgi.conf;

}

location /status {

stub_status on;

#access_log off;

}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

{

expires 7300d;

}

location ~ .*\.(js|css)?$

{

expires 12h;

}

#if ($server_port = 80) {

# return 301 https://$server_name$request_uri;

#}

#access_log off;

}

:wq! #保存退出

四、构建nginx容器镜像

1、从docker hub拉取官方基础镜像

#我们用centos系统进行构建

https://hub.docker.com/_/centos?tab=tags&page=1&ordering=last_updated

选择centos:7.9.2009版本

docker pull centos:7.9.2009 #拉取系统镜像

docker image ls #查看docker镜像

docker run -itd --name centos7.9 centos:7.9.2009 #运行容器

docker ps #查看容器

[root@master01 opt]# docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

adc6473335ee centos:7.9.2009 "/bin/bash" 48 seconds ago

docker exec -it adc6473335ee /bin/bash #进入容器

exit #退出容器

2、编写Dockerfile构建文件

cd /usr/local/src #进入目录

vi /usr/local/src/dockerfile #dockerfile文件必须和上一步下载的软件包在同一目录

#基于这个镜像进行操作

FROM centos:7.9.2009

#作者和邮箱

MAINTAINER osyunwei osyunwei@osyunwei.com

#指定容器里面的路径,为后面的RUN、CMD或者ENTERPOINT操作指定目录

WORKDIR /usr/local/src

#安装依赖包

RUN yum -y update \

&& set -xe \

&& buildDeps=" \

pcre \

pcre-devel \

autoconf \

automake \

bzip2 \

bzip2* \

gcc \

gcc-c++ \

gtk+-devel \

gettext \

gettext-devel \

glibc \

make \

mpfr \

openssl \

openssl-devel \

patch \

pcre-devel \

perl \

zlib-devel \

" \

&& yum install -y ${buildDeps}

#设置时区

RUN \cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone

#设置变量

ENV nginx=nginx-1.21.3 \

openssl=openssl-1.1.1l \

pcre=pcre-8.45 \

zlib=zlib-1.2.11

#将本地的一个文件或目录拷贝到容器的某个目录里

COPY $nginx.tar.gz \

$openssl.tar.gz \

$pcre.tar.gz \

$zlib.tar.gz \

nginx.conf \

vhost.conf ./

#解压软件包

RUN ls *.tar.gz | xargs -n1 tar xzvf

#安装pcre

WORKDIR /usr/local/src/pcre-8.45

RUN ./configure --prefix=/usr/local/pcre && make && make install

#安装openssl

WORKDIR /usr/local/src/openssl-1.1.1l

RUN ./config -fPIC shared zlib --prefix=/usr/local/openssl && make && make install

#安装zlib

WORKDIR /usr/local/src/zlib-1.2.11

RUN ./configure --prefix=/usr/local/zlib && make && make install

#安装Nginx

WORKDIR /usr/local/src/nginx-1.21.3

#创建nginx运行用户和组

RUN groupadd www && useradd -g www www -s /bin/false

#安装nginx

RUN ./configure --prefix=/usr/local/nginx --without-http_memcached_module --user=www --group=www --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-openssl=/usr/local/src/openssl-1.1.1l --with-zlib=/usr/local/src/zlib-1.2.11 --with-pcre=/usr/local/src/pcre-8.45 && make && make install

#配置nginx以www用户和组运行

RUN sed -i "1iuser www www;" /usr/local/nginx/conf/nginx.conf \

&& mv /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf-bak \

&& mkdir -p /usr/local/nginx/conf/vhost \

&& mkdir -p /usr/local/nginx/conf/ssl \

&& cp /usr/local/src/nginx.conf /usr/local/nginx/conf/nginx.conf \

&& cp /usr/local/src/vhost.conf /usr/local/nginx/conf/vhost/vhost.conf

#清理安装包

RUN rm -rf /usr/local/src/* && yum clean all

#切换到根目录

WORKDIR /root

#设置nginx运行端口

EXPOSE 80/tcp 443/tcp

#设置nginx以foreground前台方式运行

CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]

3、构建容器

docker build -t osyunwei/nginx:1.21.3 /usr/local/src

或者

docker build -t osyunwei/nginx:1.21.3 .

4、运行容器

docker image ls #查看docker镜像

docker run --name nginx -it -d -p 80:80 osyunwei/nginx:1.21.3

docker ps #查看容器

打开http://192.168.21.8/可以看到nginx已经运行

docker exec -it 0d333824c699 /bin/bash #进入容器

#容器内目录说明

/usr/local/nginx/conf/nginx.conf #nginx主配置文件

/usr/local/nginx/conf/vhost #nginx虚拟主机配置文件

/usr/local/nginx/conf/ssl #https证书存放目录

/usr/local/nginx/html #nginx默认web目录

exit #退出容器

5、上传Nginx容器镜像到阿里云容器仓库

docker image ls #查看镜像id

5.1重命名镜像标签

docker tag eb11f99b01d1 registry.cn-hangzhou.aliyuncs.com/osyunwei/nginx:1.21.3

#registry.cn-hangzhou.aliyuncs.com是阿里云容器仓库地址

#osyunwei是自己创建的命名空间

#nginx是自己创建的仓库名称

#:1.21.3是自定义nginx镜像的版本号

5.2登录阿里云仓库

docker login --username=你的阿里云登录账号 registry.cn-hangzhou.aliyuncs.com

[root@master01 src]# docker login --username=你的阿里云登录账号 registry.cn-hangzhou.aliyuncs.com

Password:刚才设置的固定密码

WARNING! Your password will be stored unencrypted in /root/.docker/config.json.

Configure a credential helper to remove this warning. See

https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

[root@master01 src]#

5.3上传镜像到阿里云仓库

docker push registry.cn-hangzhou.aliyuncs.com/osyunwei/nginx:1.21.3

5.4拉取阿里云容器镜像

docker pull  registry.cn-hangzhou.aliyuncs.com/osyunwei/nginx:1.21.3

Docker下使用Dockerfile基于CentOS基础镜像构建Nginx容器镜像教程完成。

     

  系统运维技术交流QQ群:①185473046 系统运维技术交流□Ⅰ ②190706903 系统运维技术交流™Ⅱ ③203744115 系统运维技术交流™Ⅲ

给我留言

您必须 [ 登录 ] 才能发表留言!



Copyright© 2011-2024 系统运维 All rights reserved
版权声明:本站所有文章均为作者原创内容,如需转载,请注明出处及原文链接
陕ICP备11001040号-3