自定义镜像运行Nginx及Java服务并基于NAS实现动静分离
nginx+tomcat动静分离
业务流程图:
构建jdk与tomcat业务镜像与资源
1、构建jdk镜像
创建profile环境变量文件
root@master1:/dockerfile/web/jdk# cat profile
export JAVA_HOME=/usr/local/jdk1.8.0_191
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
编写Dockerfile
root@master1:/dockerfile/web/jdk# cat Dockerfile
FROM harbor.cncf.net/os/ubuntu:20.04
MAINTAINER LXH
LABEL description="jdk-1.8.191"
ADD jdk-8u191-linux-x64.tar.gz /usr/local/
ADD profile /etc/profile
ENV JAVA_HOME=/usr/local/jdk1.8.0_191
ENV PATH=$JAVA_HOME/bin:$PATH
ENV CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
构建镜像
root@master1:/dockerfile/web/jdk# nerdctl build -t harbor.cncf.net/baseimages/jdk:1.8.191 .
推送镜像到harbor
root@master1:/dockerfile/web/jdk# nerdctl push harbor.cncf.net/baseimages/jdk:1.8.191
2、构建tomcat镜像
root@master1:/dockerfile/web/tomcat# cat Dockerfile
FROM harbor.cncf.net/baseimages/jdk:1.8.191
MAINTAINER LXH
LABEL description="tomcat8.5.43"
ADD apache-tomcat-8.5.43.tar.gz /usr/local
RUN ln -sv /usr/local/apache-tomcat-8.5.43 /usr/local/tomcat
执行构建镜像
root@master1:/dockerfile/web/tomcat# cat build.sh
#!/bin/bash
DIR=$(pwd)
nerdctl build -t harbor.cncf.net/web/tomcat:8.5.13 $DIR
nerdctl push harbor.cncf.net/web/tomcat:8.5.13
3、构建tomcat业务镜像
创建业务镜像相关配置文件和启动文件
打包代码文件
root@master1:/dockerfile/project/tomcat# tar tf app1.tar.gz
./
./index.html
镜像构建文件
root@master1:/dockerfile/project/tomcat# cat build-command.sh
#!/bin/bash
TAG=$1
nerdctl build -t harbor.cncf.net/project/tomcat-app1:${TAG} .
nerdctl push harbor.cncf.net/project/tomcat-app1:${TAG}
tomcat容器前台启动文件
root@master1:/dockerfile/project/tomcat# cat run_tomcat.sh
#!/bin/bash
su - tomcat -c "/usr/local/tomcat/bin/catalina.sh start"
tail -f /usr/local/tomcat/logs/catalina.out
创建Dockerfile
root@master1:/dockerfile/tomcat# cat Dockerfile
FROM harbor.cncf.net/web/tomcat:8.5.13
MAINTAINER LXH
ADD catalina.sh /usr/local/tomcat/bin/catalina.sh
ADD server.xml /usr/local/tomcat/conf/server.xml
ADD app1.tar.gz /data/tomcat/webapps/myapp/
ADD run_tomcat.sh /usr/local/tomcat/bin/run_tomcat.sh
RUN useradd tomcat
RUN chown -R tomcat.tomcat /data/ /usr/local/tomcat/
EXPOSE 8080 8443
CMD ["/usr/local/tomcat/bin/run_tomcat.sh"]
构建业务tomcat镜像
root@master1:/dockerfile/tomcat# ./build-command.sh 1.1.1
验证镜像仓库
运行tomcat业务镜像测试:
root@master1:/dockerfile/project/tomcat# nerdctl run -d -p 8080:8080 --name tomcat-app1 harbor.cncf.net/project/tomcat-app1:1.1.1
9a71d516ff74dfcd9fa4d34dbe4ea9644f8db43c3900102112c613db1f9053e4
root@master1:/dockerfile/project/tomcat# nerdctl logs -f tomcat-app1
准备站点资源文件
配置nfs文件共享
创建k8s业务资源文件
root@master1:/dockerfile/project/tomcat# cat tomcat-app1.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: tomcat-app1-deployment-label
name: tomcat-app1-deployment
namespace: test
spec:
replicas: 1
selector:
matchLabels:
app: tomcat-app1
template:
metadata:
labels:
app: tomcat-app1
spec:
containers:
- name: tomcat
image: harbor.cncf.net/project/tomcat-app1:1.1.2
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
protocol: TCP
name: http
volumeMounts:
- name: tomcatapp1-images
mountPath: /data/tomcat/webapps/myapp/images
readOnly: false
- name: tomcatapp1-static
mountPath: /data/tomcat/webapps/myapp/static
readOnly: false
volumes:
- name: tomcatapp1-images
nfs:
server: 192.168.100.15
path: /data/k8sdata/tomcatapp1/images
- name: tomcatapp1-static
nfs:
server: 192.168.100.15
path: /data/k8sdata/tomcatapp1/static
---
kind: Service
apiVersion: v1
metadata:
labels:
app: tomcat-app1-svc-label
name: tomcat-app1-svc
namespace: test
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
selector:
app: tomcat-app1
验证创建
root@master1:/dockerfile/project/tomcat# kubectl apply -f tomcat-app1.yaml
deployment.apps/tomcat-app1-deployment configured
service/tomcat-app1-svc configured
root@master1:/dockerfile/project/tomcat# kubectl get pods
NAME READY STATUS RESTARTS AGE
tomcat-app1-deployment-9bfb4846c-7wb9q 1/1 Running 0 118s
root@master1:/dockerfile/project/tomcat# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
tomcat-app1-svc ClusterIP 10.100.151.84 <none> 80/TCP 2m5s
构建nginx业务镜像与资源
1、构建nginx镜像
创建构建脚本
root@master1:/dockerfile/web/nginx# cat build.sh
#!/bin/bash
DIR=$(pwd)
nerdctl build -t harbor.cncf.net/web/nginx:1.20.2 $DIR
nerdctl push harbor.cncf.net/web/nginx:1.20.2
创建Dockerfile
root@master1:/dockerfile/web/nginx# cat Dockerfile
FROM harbor.cncf.net/os/ubuntu:20.04
MAINTAINER lxh
#nginx build
ADD nginx-1.20.2.tar.gz /usr/local/src/
RUN useradd nginx -s /sbin/nologin -M
RUN cd /usr/local/src/nginx-1.20.2 && \
./configure \
--user=nginx \
--group=nginx \
--prefix=/usr/local/nginx \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-stream && \
make && make install
RUN rm -fr /usr/local/src/nginx-1.20.2
执行构建
root@master1:/dockerfile/web/nginx# ./build.sh
2、构建nginx业务镜像
创建构建脚本
root@master1:/dockerfile/project/nginx# cat build-command.sh
#!/bin/bash
TAG=$1
nerdctl build -t harbor.cncf.net/project/nginx-web1:${TAG} .
nerdctl push harbor.cncf.net/project/nginx-web1:${TAG}
创建Dockerfile业务镜像
root@master1:/dockerfile/project/nginx# cat Dockerfile
FROM harbor.cncf.net/web/nginx:1.20.2
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
ADD app1.tar.gz /usr/local/nginx/html/webapp/
ADD index.html /usr/local/nginx/html/index.html
#静态资源挂载路径
RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images
EXPOSE 80 443
CMD ["/usr/local/nginx/sbin/nginx"]
创建nginx配置文件
root@master1:/dockerfile/project/nginx# cat nginx.conf
user nginx nginx;
worker_processes auto;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
daemon off;
#取消后台启动
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream tomcat_webserver {
server tomcat-app1-svc.test.svc.cluster.local:80;
#tomcat的svc名称.+namespace名称.+svc.+k8s集群名称
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /webapp {
root html;
index index.html index.htm;
}
#反向代理tomcat后端服务
location /myapp {
proxy_pass http://tomcat_webserver/myapp;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
执行构建
root@master1:/dockerfile/project/nginx# ./build-command.sh 1.0
3、创建nginx k8s资源文件
创建nfs共享站点资源文件
创建nginx yaml
root@master1:/dockerfile/project/nginx# cat nginx.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
app: nginx-deployment-label
name: nginx-deployment
namespace: test
spec:
replicas: 1
selector:
matchLabels:
app: nginx-app
template:
metadata:
labels:
app: nginx-app
spec:
containers:
- name: nginx
image: harbor.cncf.net/project/nginx-web1:1.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 80
protocol: TCP
name: http
- containerPort: 443
protocol: TCP
name: https
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 500m
memory: 256Mi
volumeMounts:
- name: images
mountPath: /usr/local/nginx/html/webapp/images
readOnly: false
- name: static
mountPath: /usr/local/nginx/html/webapp/static
readOnly: false
volumes:
- name: images
nfs:
server: 192.168.100.15
path: /data/k8sdata/nginx/images
- name: static
nfs:
server: 192.168.100.15
path: /data/k8sdata/nginx/static
---
kind: Service
apiVersion: v1
metadata:
labels:
app: nginx-svc-label
name: nginx-svc
namespace: test
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 30180
- name: https
port: 443
protocol: TCP
targetPort: 443
nodePort: 31443
selector:
app: nginx-app
查看创建资源
root@master1:/dockerfile/project/nginx# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-deployment-5b46c8db6c-8qnwd 1/1 Running 0 2m45s
tomcat-app1-deployment-9bfb4846c-7wb9q 1/1 Running 0 98m
root@master1:/dockerfile/project/nginx# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-svc NodePort 10.100.220.87 <none> 80:30180/TCP,443:31443/TCP 8m35s
tomcat-app1-svc ClusterIP 10.100.151.84 <none> 80/TCP 98m
访问tomcat后端反向代理页面
tomcat后端资源文件
访问nginx前端页面
nginx前端资源文件
本文来自博客园,作者:PunchLinux,转载请注明原文链接:https://www.cnblogs.com/punchlinux/p/16575380.html
