alpine编译安装tengine,并使用supervisor启动
Alpine 是一个小型的 Linux 系统,官方 docker 镜像只有不到5MB,非常适合作为容器镜像。
Alpine Linux is a security-oriented, lightweight Linux distribution based on musl libc and Busybox.
为了更好地了解alpine,我在虚拟机上安装了一个本地alpine。
上官网下载一个标准标准镜像。创建一个虚拟机,我用的 VMWare Fusion,挂载好下载的 iso 镜像。
然后启动就可以了,不过这时是从镜像启动的,需要使用安装脚本安装系统到磁盘。安装过程很简单,初次使用,最重要的是要知道有这个安装脚本。
安装脚本叫做 setup-alpine,其实仔细看的话,系统每次启动和登陆的时候都会有这个提示。
安装系统细节就不说了,如果有疑问可查官方文档。安装完成后,需要重启系统。重启之后,就是从磁盘启动了。
1、配置安装源。
cat >/etc/apk/repositories <<-EOF
https://mirrors.ustc.edu.cn/alpine/edge/main
https://mirrors.ustc.edu.cn/alpine/edge/community
https://mirrors.ustc.edu.cn/alpine/edge/testing
EOF
2、安装sshd服务。Alpine 使用的包管理工具叫 apk。服务管理系统叫 OpenRC。
apk update && apk upgrade
apk add openrc
3、安装 sshd,设置允许 root 登录。
apk add openssh
rc-service sshd start
rc-update add sshd
sed -i '/PermitRootLogin prohibit-password/c\PermitRootLogin yes' /etc/ssh/sshd_config
service sshd restart
4、安装用户管理工具,修改 root 用户的 shell 为 bash,默认使用的是 ash。
apk add shadow
usermod -s /bin/bash root
5、安装常用工具。
apk add vim bash bash-completion
6、设置常用别名。
echo >/etc/profile.d/alias.sh <<-EOF
export LS_OPTIONS='--color=auto'
alias ls='ls $LS_OPTIONS'
alias ll='ls $LS_OPTIONS -l'
alias l='ls $LS_OPTIONS -lA'
EOF
source /etc/profile.d/alias.sh
7、其实在 testing 源里面,已经有现成的 tengine 安装包了。不过这里我会测试手动编译,不会直接使用安装包。
$ apk policy tengine
tengine policy:
2.1.0-r4:
https://mirrors.ustc.edu.cn/alpine/edge/testing
8、如何查看安装包包含哪些文件。有两种方法,不过都只能查看已经安装的包。
$ apk manifest tengine | awk '{print $2}'
etc/tengine/scgi_params
etc/tengine/fastcgi_params
etc/tengine/tengine.conf
etc/tengine/uwsgi_params
etc/tengine/fastcgi.conf
etc/tengine/mime.types
etc/tengine/koi-win
etc/tengine/mime.types.default
etc/tengine/koi-utf
etc/tengine/browsers
etc/tengine/uwsgi_params.default
etc/tengine/scgi_params.default
etc/tengine/module_stubs
etc/tengine/nginx.conf.default
etc/tengine/fastcgi_params.default
etc/tengine/win-utf
etc/tengine/fastcgi.conf.default
etc/logrotate.d/tengine
etc/init.d/tengine
usr/sbin/nginx
usr/sbin/dso_tool
usr/html/index.html
usr/html/50x.html
usr/share/licenses/tengine/LICENSE
9、安装开发组件。
apk add alpine-sdk
10、编译安装tengine。这里我加了ldap模块。
apk add libressl-dev openldap-dev zlib-dev pcre-dev
mkdir /usr/local/src
cd /usr/local/src
git clone https://github.com/kvspb/nginx-auth-ldap.git
wget http://tengine.taobao.org/download/tengine-2.2.0.tar.gz
tar xvf tengine-2.2.0.tar.gz
cd tengine-2.2.0/
./configure --prefix=/usr/local/nginx --with-http_reqstat_module=shared --add-module=../nginx-auth-ldap
make -j 2
make install
make dso_install
11、安装supervisor。
apk add supervisor
修改supervisor的配置文件。
$ vim /etc/supervisord.conf
[unix_http_server]
file=/run/supervisord.sock ; (the path to the socket file)
[supervisord]
logfile=/var/log/supervisord.log ; (main log file;default $CWD/supervisord.log)
loglevel=info ; (log level;default info; others: debug,warn,trace)
pidfile=/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP)
environment=LC_ALL=en_US.UTF-8,LANG=en_US.UTF-8,LANGUAGE=en_US.UTF-8
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///run/supervisord.sock ; use a unix:// URL for a unix socket
[program:nginx-app]
command = /usr/local/nginx/sbin/nginx
这里需要手动创建日志目录,不然supervisord无法启动。算是一个坑。
$ mkdir /var/log/supervisor
$ service start supervisord
$ supervisorctl status
nginx-app RUNNING pid 33479, uptime 0:00:02
apk
apkis the Alpine Package Keeper - the distribution’s package manager.
$ apk --help
apk-tools 2.9.1, compiled for x86_64.
usage: apk COMMAND [options] [ARGS]
The following commands are available:
add Add PACKAGEs to 'world' and install (or upgrade) them, while ensuring that all dependencies are met
del Remove PACKAGEs from 'world' and uninstall them
fix Repair package or upgrade it without modifying main dependencies
update Update repository indexes from all remote repositories
info Give detailed information about PACKAGEs or repositories
search Search package by PATTERNs or by indexed dependencies
upgrade Upgrade currently installed packages to match repositories
cache Download missing PACKAGEs to cache and/or delete unneeded files from cache
version Compare package versions (in installed database vs. available) or do tests on literal version strings
index Create repository index file from FILEs
fetch Download PACKAGEs from global repositories to a local directory
audit Audit the directories for changes
verify Verify package integrity and signature
dot Generate graphviz graphs
policy Show repository policy for packages
stats Show statistics about repositories and installations
manifest Show checksums of package contents
Global options:
-h, --help Show generic help or applet specific help
-p, --root DIR Install packages to DIR
-X, --repository REPO Use packages from REPO
-q, --quiet Print less information
-v, --verbose Print more information (can be doubled)
-i, --interactive Ask confirmation for certain operations
-V, --version Print program version and exit
-f, --force Enable selected --force-* (deprecated)
--force-binary-stdout Continue even if binary data is to be output
--force-broken-world Continue even if 'world' cannot be satisfied
--force-non-repository Continue even if packages may be lost on reboot
--force-old-apk Continue even if packages use unsupported features
--force-overwrite Overwrite files in other packages
--force-refresh Do not use cached files (local or from proxy)
-U, --update-cache Alias for --cache-max-age 60
--progress Show a progress bar
--progress-fd FD Write progress to fd
--no-progress Disable progress bar even for TTYs
--purge Delete also modified configuration files (pkg removal) and uninstalled packages from cache (cache clean)
--allow-untrusted Install packages with untrusted signature or no signature
--wait TIME Wait for TIME seconds to get an exclusive repository lock before failing
--keys-dir KEYSDIR Override directory of trusted keys
--repositories-file REPOFILE Override repositories file
--no-network Do not use network (cache is still used)
--no-cache Do not use any local cache path
--cache-dir CACHEDIR Override cache directory
--cache-max-age AGE Maximum AGE (in minutes) for index in cache before refresh
--arch ARCH Use architecture with --root
--print-arch Print default arch and exit
This apk has coffee making abilities.
最后这句提示特意查了一下,真的有这个 feature,不过没什么用。
$ apk fetch coffee
Go and fetch your own coffee.
参考文档
