阿里云-云小站(无限量代金券发放中)
【腾讯云】云服务器、云数据库、COS、CDN、短信等热卖云产品特惠抢购

线上Nginx镜像构建及容器使用

267次阅读
没有评论

共计 4010 个字符,预计需要花费 11 分钟才能阅读完成。

1.Dockerfile-nginx 文件内容:

FROM CentOS:latest

MAINTAINER nan
RUN yum -y install gcc gcc-c++ make \
openssl-devel pcre-devel gd-devel \
libxml2-devel libxslt-devel zlib-devel \
gd-devel perl-ExtUtils-Embed \
iproute net-tools telnet wget curl && \
yum clean all && \
useradd -s /sbin/nologin -M nginx && \
mkdir -p /var/tmp/nginx && \
rm -rf /var/cache/yum/
RUN wget http://nginx.org/download/nginx-1.15.9.tar.gz &&\
tar -zxvf nginx-1.15.9.tar.gz && \
cd nginx-1.15.9 && \
./configure –prefix=/usr/local/nginx –sbin-path=/usr/local/nginx/sbin/nginx \
–conf-path=/usr/local/nginx/conf/nginx.conf –error-log-path=/var/log/nginx/error.log \
–http-log-path=/var/log/nginx/access.log –pid-path=/var/run/nginx/nginx.pid \
–user=nginx –group=nginx –with-http_ssl_module –with-http_stub_status_module \
–with-threads –with-file-aio –with-http_v2_module \
–with-http_realip_module –with-http_addition_module \
–with-http_xslt_module –with-http_image_filter_module \
–with-http_sub_module –with-http_flv_module \
–with-http_mp4_module –with-http_gunzip_module \
–with-http_gzip_static_module –with-http_auth_request_module \
–with-http_secure_link_module –with-http_slice_module \
–with-http_perl_module –with-compat \
–with-stream –with-stream_ssl_module –with-stream_realip_module \
–with-http_gzip_static_module –http-client-body-temp-path=/var/tmp/nginx/client \
–http-proxy-temp-path=/var/tmp/nginx/proxy –http-fastcgi-temp-path=/var/tmp/nginx/fcgi \
–http-uwsgi-temp-path=/var/tmp/nginx/uwsgi –http-scgi-temp-path=/var/tmp/nginx/scgi –with-pcre && \
make -j 4 && make install && \
cd / && rm -rf nginx-1.15.9 && \
ls -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

ENV PATH $PATH:/usr/local/nginx/sbin
WORKDIR /usr/local/nginx
EXPOSE 80
CMD [“nginx”, “-g”,”daemon off;”]

2. 构建镜像命令:

docker build -t nginx:v2 -f Dockerfile-nginx .

-t: 代表 tag -f: 指定 dockerfile 文件 . 用当前目录的环境变量

3. 从本地镜像仓库下载 nginx 镜像

docker pull xx.xx.xx.xx/library/nginx:v2

4, 在要安装 nginx 的服务器创建目录

4.1 配置文件目录:mkdir -p /opt/nginx/conf/vhost

/opt/nginx/conf 下有两个: 一个为 nginx.conf, 设置 nginx 标准配置 (随着业务可能需优化); 标准配置文件详见 nginx.conf
参考:

server_tokens off;
user nginx;
worker_processes 4;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log;
events
{
use epoll;
worker_connections 10240;

}
http{
log_format  main  ‘$remote_addr $remote_user [$time_local] “$request” ‘
              ‘$status $body_bytes_sent “$http_referer” ‘
              ‘$http_user_agent $http_x_forwarded_for $request_time $upstream_response_time $upstream_addr $upstream_status’;
access_log  /var/log/nginx/access.log  main;               
include      mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;       
sendfile on;
tcp_nopush    on;     
keepalive_timeout 60;
send_timeout 15;
tcp_nodelay on;

fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;

gzip on;
gzip_min_length 1k;
gzip_buffers    4 32k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types      text/plain application/x-Javascript text/css application/xml;
gzip_vary on;
include /usr/local/nginx/conf/vhost/*.conf;

}

> 另一个为 vhost,vhost 配置不同的域名解析文件 (就是真正的业务配置)
>  vhost 下的文件统一命名格式: 域名.conf
参考:

upstream gw_ma {
server xx.xx.xx.xx:5601;

}

server {

listen 80;

server_name www.nan.com;
access_log /usr/local/nginx/logs/www.nan.com.log;
error_log /usr/local/nginx/logs/www.nan.com.err;

listen  443 ssl;

ssl_buffer_size 4k;
ssl_certificate  /usr/local/nginx/cert/1_gw.nan_bundle.crt;  #在 docker 启动镜像的时候挂载证书目录; /opt/nginx/vert
ssl_certificate_key /usr/local/nginx/cert/2_gw.nan.com.cn.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;

location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://gw_ma;
}

}

 

4.2 日志文件目录:mdkir -p /opt/nginx/logs

5. 启动容器

参考:docker run -d –name=nginx02 -p 9999:80 -v /opt/nginx/conf/nginx.conf:/usr/local/nginx/conf/nginx.conf -v /opt/nginx/conf/vhost/:/usr/local/nginx/conf/vhost/ -v /opt/nginx/logs/:/usr/local/nginx/logs/ xx.xx.xx.xx/library/nginx:v2

正文完
星哥玩云-微信公众号
post-qrcode
 0
星锅
版权声明:本站原创文章,由 星锅 于2022-01-21发表,共计4010字。
转载说明:除特殊说明外本站文章皆由CC-4.0协议发布,转载请注明出处。
【腾讯云】推广者专属福利,新客户无门槛领取总价值高达2860元代金券,每种代金券限量500张,先到先得。
阿里云-最新活动爆款每日限量供应
评论(没有评论)
验证码
【腾讯云】云服务器、云数据库、COS、CDN、短信等云产品特惠热卖中