云锁docker部署注意点

注意事项目

一、将阿里云服务器80、8088、9000、3306四个端口打开;
二、部署顺序:mysql》》》nginx》》》redis》》》django》》》fastapi
三、mysql
1、修改远程访问密码,跟django和fastapi中设置文件(settings.py和config.py)的密码一致;
2、字符集修改为utf-8;
四、nginx
1、nginx原有的设置文件nginx.conf不做任何改动;
2、添加自有配置文件 xiaoyan到目录conf.d;
3、启动容器后,进入容器bash界面,使用命令(nginx -c /etc/nginx/conf.d/xiaoyan)装入自有配置。
五、django
1、修改代码设置文件(/yunshuo/django/code/xiaoyanwebsite/XiaoyanWebsite/settings.py)中的mysql的host地址和访问密码;
2、django容器启动后,到code目录中运行命令(uwsgi --ini uwsgi.ini),以启动uwsgi服务。
六、fastapi
1、修改代码设置文件(/yunshuo/fastapi/code/DataManager/MySQLManager.py)中的mysql的host地址和访问密码;
2、fastapi容器启动后,到code目录中运行命令(gunicorn -c config.py main:app),以启动gunicorn服务。

 

nginx部署(原nginx.conf不动,自有配置内容在/yunshuo/nginx/conf.d/xiaoyan文件中)

一、dockerfile

FROM nginx:1.14

COPY nginx/conf.d /etc/nginx/conf.d

WORKDIR /etc/nginx
RUN mkdir html log

二、build docker

docker build -f nginx_dockerfile -t xiaoyan-nginx:1.0 .

三、运行docker

docker run -d --restart=always -p 9000:9000 -p 80:80 -p 8088:8088 -v /yunshuo/nginx/conf.d:/etc/nginx/conf.d -v /yunshuo/nginx/log:/etc/nginx/log -v /yunshuo/nginx/html:/etc/nginx/html --name my-nginx xiaoyan-nginx:1.0

四、进入容器bash中装载自有配置文件

复制代码
[root@sam4core yunshuo]# docker exec -it b9d60c1e68f2 /bin/bash

root@b9d60c1e68f2:/etc/nginx/conf.d# nginx -c /etc/nginx/conf.d/xiaoyan
2022/05/26 06:34:28 [emerg] 14#14: open() "/etc/nginx/log/frontend/nginx_access.log" failed (2: No such file or directory)
nginx: [emerg] open() "/etc/nginx/log/frontend/nginx_access.log" failed (2: No such file or directory)

root@b9d60c1e68f2:/etc/nginx/log# mkdir fastapi
root@b9d60c1e68f2:/etc/nginx/log# mkdir frontend
root@b9d60c1e68f2:/etc/nginx/log# mkdir django

root@b9d60c1e68f2:/etc/nginx/conf.d# nginx -c /etc/nginx/conf.d/xiaoyan
复制代码

五、解决nginx中访问后端的跨域问题

      1、后端访问有2种方式

    跨域       https://www.xiaoyan.link:9000/            跨域        http://www.xiaoyan.link:8088/api/test/ 
          非跨域    https://www.xiaoyan.link/fastapi          非跨域     https://www.xiaoyan.link/django/api/test/

      2、非跨域访问方式,跟前端用同样的端口号(80或443),增加标志性的后缀,转发前删除后缀,如下列例子中的 django 和 fastapi     

复制代码
        #后端django API地址暴露为:http://www.xiaoyan.link/django
        #http://www.xiaoyan.link/django/api/test/
        location /django {
            proxy_pass http://127.0.0.1:8080/;
            proxy_pass_request_headers on;
            # 重写URL,去掉django
            rewrite "^/django/(.*)$" /$1 break;
        }    
        #后端fastapi API地址暴露为:http://www.xiaoyan.link/fastapi
        #http://www.xiaoyan.link/fastapi
        location /fastapi {
            proxy_pass http://127.0.0.1:9001/;
            proxy_pass_request_headers on;
            # 重写URL,去掉fastapi
            rewrite "^/fastapi/(.*)$" /$1 break;
        }
复制代码

       3、跨域方式,使用单独的端口号

复制代码
    server {
        listen 8088;
        server_name 121.43.147.156 xiaoyan.link;

        index index.html;
        location / {
            proxy_pass http://django/; # 将指定的ip或者域名的http请求转发到upstream池中
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
        access_log      /etc/nginx/log/django/nginx_access.log;
        error_log       /etc/nginx/log/django/nginx_error.log;
    }


    server {
        listen 9000;
        ssl    on;
        server_name 121.43.147.156 xiaoyan.link;

        #ssl configuration
        ssl_certificate    /etc/nginx/conf.d/7852698_www.xiaoyan.link.pem; #open here
        ssl_certificate_key     /etc/nginx/conf.d/7852698_www.xiaoyan.link.key; #open here
        ssl_session_timeout    5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols    TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers    on;

        location / {
            proxy_pass http://fastapi/; # 将指定的ip或者域名的http请求转发到upstream池中
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
        access_log      /etc/nginx/log/fastapi/nginx_access.log;
        error_log       /etc/nginx/log/fastapi/nginx_error.log;
    }
复制代码

六、前端echo浏览器的文件类型必须正确,有专门的类型配置语句

复制代码
http {
    include    /etc/nginx/mime.types;
    default_type  application/octet-stream;

    upstream django {
        server 127.0.0.1:8080; # django.gunicorn(0.0.0.0:8080)
    }
    upstream fastapi {
        server 127.0.0.1:9001; # fastapi.gunicorn(0.0.0.0:9001)
    }
复制代码

七、配置ssl文件,要将ssl pem和key文件拷贝到相应位置

复制代码
    server {
        listen 80;
        listen 443 ssl; #open here
        server_name 121.43.147.156 xiaoyan.link;

        #ssl configuration
        ssl_certificate    /etc/nginx/conf.d/7852698_www.xiaoyan.link.pem; #open here
        ssl_certificate_key     /etc/nginx/conf.d/7852698_www.xiaoyan.link.key; #open here
        ssl_session_timeout    5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols    TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers    on;
复制代码

 

redis部署 (可用配置文件:/yunshuo/redis/redis.conf)

最佳参考 https://blog.csdn.net/wangyue23com/article/details/110194399

一、配置文件关键点

      修改redis.conf配置:

      1.dir 配置,改为如下 /data 工作目录

        # Note that you must specify a directory here, not a file name.
        dir /data
      2.logfile配置,修改log路径 为/data目录下

        # output for logging but daemonize, logs will be sent to /dev/null
        logfile /data/redis.log

      3、在共用nginx网络模式下无法确认redis已经正常工作,可以设置loglevel=debug,这样每次写入数据和连接redis都可以在log上实时看到

复制代码
# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
loglevel debug

# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile /data/redis.log
复制代码

二、redis docker有2个主要工作目录

      1、/etc目录下放置 redis.conf文件

      2、/data目录下放置 db文件和log文件

三、运行部署容器命令

云锁部署方式,与nginx网络联结
docker run -d --restart=always --name my-redis --network container:my-nginx --privileged=true -v /yunshuo/redis/redis.conf:/etc/redis.conf -v /yunshuo/redis/data:/data redis:6.0 redis-server /etc/redis.conf
网上例子
docker run -itd  --name  redis --privileged=true -v /etc/redis.conf:/etc/redis.conf -v /usr/local/redis/data:/data  -p 6379:6379  redis redis-server /etc/redis.conf

四、进入容器确认安装好

复制代码
进入容器命令
[root@sam4core yunshuo]# docker exec -it cd4c8ce8dabc bash

查看/etc/redis.conf和/data目录内容
root@b9d60c1e68f2:/# ls /etc/redis.conf
/etc/redis.conf
root@b9d60c1e68f2:/# cd /data        
root@b9d60c1e68f2:/data# ls
dump.rdb  redis-server.log  redis.log
root@b9d60c1e68f2:/data# cat redis.log
1:C 26 May 2022 08:37:43.708 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 26 May 2022 08:37:43.708 # Redis version=6.0.16, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 26 May 2022 08:37:43.708 # Configuration loaded

查看log内容
root@a0436e256c18:/data# cat redis.log
复制代码

 

mysql部署 (mysql只认3306端口外面用3308还是3307,都要映射到docker内3306,密码见笔记和连接软件)

一、拷贝配置文件

      /docker/mysql001/config   >>>>>>   /yunshuo/mysql/conf.d

二、运行run命令生成容器     

复制代码
1、run生成容器
[root@sam4core yunshuo]# docker run -d -p 3308:3306 --privileged=true -v /yunshuo/mysql/log:/var/log/mysql -v /yunshuo/mysql/data:/var/lib/mysql -v /yunshuo/mysql/my.conf:/etc/mysql/my.conf -e MYSQL_ROOT_PASSWORD=emi,.123456 --name my-mysql mysql:5.7
c114cf48cdb7e7620d627d39867f15af38161c0db3b5c9274f5ed9a2f1673de8
2、进入容器
[root@sam4core yunshuo]# docker exec -it c114cf48cdb7 bash
3、进入数据库管理设置
root@c114cf48cdb7:/# mysql -uroot -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.36 MySQL Community Server (GPL)
4、设置远程登陆密码
mysql> grant all privileges on *.* to root@'%' identified by 'emi.123456';
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
5、设置本地登陆密码
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('emi.123456'); 
Query OK, 0 rows affected, 1 warning (0.00 sec)
复制代码

 

django部署

最佳参考:https://www.jianshu.com/p/12fd6fb59d4d

一、build命令

[root@sam4core yunshuo]# docker build -f django_dockerfile -t xiaoyan-django:1.0 .

二、run命令生成容器

[root@sam4core yunshuo]# docker run -it  --restart=always --name my-django -v /yunshuo/django/code/xiaoyanwebsite:/code/xiaoyanwebsite -v /yunshuo/django/log:/code/log --network container:my-nginx xiaoyan-django:1.0

三、启动uwsgi服务

# uwsgi --ini uwsgi.ini
[uWSGI] getting INI configuration from uwsgi.ini

 

四、gunicorn部署django

复制代码
docker run命令
docker run -it  --restart=always --name my-django -v /yunshuo/django/code:/code --network container:my-nginx xiaoyan-django:1.0
容器内启动gunicorn
gunicorn xiaoyan.wsgi:application -c gunicorn.conf.py
build命令
docker build -f gunicorn_dockerfile -t xiaoyan-django:1.0 .
容器启动命令(宿主机端口映射方式)
docker run -d  --restart=always --name my-django -v /yunshuo/django/code:/code  -p 3000:8080 xiaoyan-django:1.0 /bin/bash -c "gunicorn XiaoyanWebsite.wsgi:application -c gunicorn.conf.py"
容器启动命令(nginx网络联结方式)
docker run -d  --restart=always --name my-django -v /yunshuo/django/code:/code  --network container:my-nginx xiaoyan-django:1.0 /bin/bash -c "gunicorn XiaoyanWebsite.wsgi:application -c gunicorn.conf.py"
复制代码
gunicorn.conf.py配置文件

复制代码
# -*- coding: utf-8 -*-
#import multiprocessing
#from pathlib import Path

#BASE_DIR = Path(__file__).resolve(strict=True).parent.parent.parent.parent

debug = True

# ============================================================
# gunicorn要切换到的目的工作目录
# ============================================================

#chdir = str(BASE_DIR)
#chdir = '/code/xiaoyanwebsite'

# ============================================================
# server socket相关
# ============================================================

# 指定绑定的ip和端口   注:docker映射端口时默认IP使用0.0.0.0,而不是django平时测试使用的127.0.0.1,
用gunicorn部署主机IP必须设置为0.0.0.0,更奇怪的是nginx送过来的IP必须是127.0.0.1,gunicorn才接受。
bind = "0.0.0.0:8080"

# 服务器中排队等待的最大连接数,建议值64-2048,超过2048时client连接会得到一个error
backlog = 2048

# ============================================================
# 调试相关
# ============================================================

# 当代码有修改时,自动重启workers,适用于开发环境
reload = False

# 以守护进程形式来运行Gunicorn进程,其实就是将这个服务放到后台去运行
daemon = False

# ============================================================
# worker进程相关
# ============================================================

# 用于处理工作的进程数
workers = 1

# worker进程的工作方式,有sync、eventlet、gevent、tornado、gthread, 默认是sync,
# django使用gevent容易造成阻塞, 使用gthread的方式好一些
worker_class = 'sync'

# 指定每个工作进程开启的线程数
threads = 3

# 访问超时时间
timeout = 30

# 接收到restart信号后,worker可以在graceful_timeout时间内,继续处理完当前requests
graceful_timeout = 60

# server端保持连接时间
keepalive = 30

# ============================================================
# 日志相关
# ============================================================

"""日志文件格式,其每个选项的含义如下:
h          remote address
l          '-'
u          currently '-', may be user name in future releases
t          date of the request
r          status line (e.g. ``GET / HTTP/1.1``)
s          status
b          response length or '-'
f          referer
a          user agent
T          request time in seconds
D          request time in microseconds
L          request time in decimal seconds
p          process ID
"""
access_log_format = '%(t)s %(h)s "%(r)s" %(s)s %(b)s "%(f)s" "%(L)s"'

LOG_DIR = '/code'
#LOG_DIR = Path(BASE_DIR, 'log')
#if not LOG_DIR.exists():
#    LOG_DIR.mkdir(parents=True)

# 错误日志输出等级,访问日志的输出等级无法设置
loglevel = "debug"

# 正常的日志文件路径,'-'表示输出到终端
accesslog = '/code/xiaoyanwebsite/gunicorn_accesslog.log'

# 错误日志文件路径,'-'表示输出到终端
errorlog =  '/code/xiaoyanwebsite/gunicorn_error.log'

# ============================================================
# 进程名相关
# ============================================================

# 设置进程名称,默认是gunicorn
proc_name = 'gunicorn_yunsuo'
复制代码


 


 


gunicorn_dockerfile


复制代码


# 从仓库拉取带有python3.8的Linux环境
FROM python:3.8.6

# 镜像维护者的姓名和邮箱地址
MAINTAINER chenxiaojie  <390976522@qq.com>

# 因为墙的关系,有时安装库可能会很慢或者失败,所以推荐使用国内镜像源
# 此处是创建一个指向阿里云镜像源的参数,以便后面引用
#ARG pip_url=http://mirrors.aliyun.com/pypi/simple/
#ARG pip_host=mirrors.aliyun.com

# 设置python环境变量
ENV PYTHONUNBUFFERED 1

# 容器默认的时间是UTC时间,此处设置为上海时间
RUN cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

# 定义一个变量,其值为项目在docker容器中的工作目录
ARG work_home=/code

# 在容器中创建code文件夹
RUN mkdir ${work_home}

# 将容器中的room文件夹设置为工作目录,拷贝代码到工作目录
WORKDIR /code/xiaoyanwebsite

# 拷贝代码到容器的code目录,因为build中指定的context环境目录为project这一层,所以当前目录即项目目录
COPY django/code ${work_home}

# 将django/code下的startapp.sh 文件拷贝到容器的根目录下
COPY django/code/gunicorn_start.sh /gunicorn_start.sh
# 将django/code下的wait-for-it.sh文件拷贝到容器的根目录下
COPY django/code/wait-for-it.sh /wait-for-it.sh

# 修改文件权限 ,为sh文件增加可执行
RUN chmod +x /gunicorn_start.sh
RUN chmod +x /wait-for-it.sh
RUN chmod +x /code/gunicorn_start.sh
RUN chmod +x /code/wait-for-it.sh

# 更新pip
#RUN pip install pip -U
RUN python -m pip install --upgrade pip -i http://pypi.douban.com/simple/ --trusted-host=pypi.douban.com/simple/

# 安装所有依赖库
#RUN pip install -r ./xiaoyanwebsite/requirements.txt -i ${pip_url} --trusted-host ${pip_host}
RUN pip install -r ./xiaoyanwebsite/requirements.txt -i http://pypi.douban.com/simple/ --trusted-host=pypi.douban.com/simple/


CMD ["sh"]


复制代码


 


fastapi部署思路




fastapi部署总体思路:uvicorn运行代码,gunicorn当服务器

if __name__ == '__main__':
    uvicorn.run(app='main:app', host="127.0.0.1", port=8000, reload=True, debug=True)

# 启动命令
gunicorn main:app -b 0.0.0.0:8001 -w 4 -k uvicorn.workers.UvicornWorker  # -D 守护启动 -c 配置文件




 


dockerfile


复制代码


FROM tiangolo/uvicorn-gunicorn-fastapi:python3.7
#FROM python:3.8.6-slim

COPY fastapi/code /code

WORKDIR /code

RUN python -m pip install --upgrade pip -i http://pypi.douban.com/simple/ --trusted-host=pypi.douban.com/simple/
RUN pip install -r requirements.txt -i http://pypi.douban.com/simple/ --trusted-host=pypi.douban.com/simple/

CMD ["sh"]


复制代码


 


build命令




docker build -f fastapi_dockerfile -t xiaoyan-fastapi:1.1 .




容器run运行命令




docker run -itd --name my-fastapi -v /yunshuo/fastapi/code:/code  -p 3000:9001  xiaoyan-fastapi:1.1 /bin/bash -c "gunicorn main:app -k uvicorn.workers.UvicornWorker -c gunicorn.conf.py"
项目名:main:app  (main.py启动代码中有)
类别:-k uvicorn.workers.UvicornWorker 
设置文件:-c gunicorn.conf.py




设置文件(gunicorn.conf.py)


复制代码


# -*- coding: utf-8 -*-
#import multiprocessing
#from pathlib import Path

#BASE_DIR = Path(__file__).resolve(strict=True).parent.parent.parent.parent

debug = True

# ============================================================
# gunicorn要切换到的目的工作目录
# ============================================================

#chdir = str(BASE_DIR)
#chdir = '/code/xiaoyanwebsite'

# ============================================================
# server socket相关
# ============================================================

# 指定绑定的ip和端口, 注:docker默认映射主机是0.0.0.0,而不是django项目通常的127.0.0.1
bind = "0.0.0.0:9001"

# 服务器中排队等待的最大连接数,建议值64-2048,超过2048时client连接会得到一个error
backlog = 2048

# ============================================================
# 调试相关
# ============================================================

# 当代码有修改时,自动重启workers,适用于开发环境
reload = False

# 以守护进程形式来运行Gunicorn进程,其实就是将这个服务放到后台去运行
daemon = False

# ============================================================
# worker进程相关
# ============================================================

# 用于处理工作的进程数
workers = 1

# worker进程的工作方式,有sync、eventlet、gevent、tornado、gthread, 默认是sync,
# django使用gevent容易造成阻塞, 使用gthread的方式好一些
worker_class = 'sync'

# 指定每个工作进程开启的线程数
threads = 3

# 访问超时时间
timeout = 30

# 接收到restart信号后,worker可以在graceful_timeout时间内,继续处理完当前requests
graceful_timeout = 60

# server端保持连接时间
keepalive = 30

# ============================================================
# 日志相关
# ============================================================

"""日志文件格式,其每个选项的含义如下:
h          remote address
l          '-'
u          currently '-', may be user name in future releases
t          date of the request
r          status line (e.g. ``GET / HTTP/1.1``)
s          status
b          response length or '-'
f          referer
a          user agent
T          request time in seconds
D          request time in microseconds
L          request time in decimal seconds
p          process ID
"""
access_log_format = '%(t)s %(h)s "%(r)s" %(s)s %(b)s "%(f)s" "%(L)s"'

LOG_DIR = '/code'
#LOG_DIR = Path(BASE_DIR, 'log')
#if not LOG_DIR.exists():
#    LOG_DIR.mkdir(parents=True)

# 错误日志输出等级,访问日志的输出等级无法设置
loglevel = "debug"

# 正常的日志文件路径,'-'表示输出到终端
accesslog = '/code/logs/gunicorn_accesslog.log'

# 错误日志文件路径,'-'表示输出到终端
errorlog =  '/code/logs/gunicorn_error.log'

# ============================================================
# 进程名相关
# ============================================================

# 设置进程名称,默认是gunicorn
proc_name = 'fastapi_yunsuo'


复制代码


 






            

            
posted @ 
 
pearlcity 
阅读(162) 
评论(0编辑 
收藏 
举报


        

	    
	    
    









    
    

    
    



    

        
    

        

            
                
                
            
        

    



    相关博文:

    

            

                ·
                tiangolo/uvicorn-gunicorn:python3.8 fastapi docker部署
            

            

                ·
                2.0版本部署 2022年12月
            

            

                ·
                Ubuntu下docker部署
            

            

                ·
                Django框架项目之上线——docker、部署上线
            

            

                ·
                项目上线流程
            

    





    

    阅读排行:
    

 ·          Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
        

 ·          被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
        

 ·          没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
        

 ·          园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
        

 ·          【自荐】一款简洁、开源的在线白板工具 Drawnix
        



    
    



	

	

	
	

	

	

	





    

    
    








  

  
点击右上角即可分享

  微信分享提示