基于基础的linux系统(centos/ubuntu/alpine)镜像,制作Nginx基础镜像
Centos基础镜像制作
tree /opt/k8s-data/dockerfile/system/centos
├── build-command.sh
├── Dockerfile
└── filebeat-6.8.1-x86_64.rpm
Dockerfile文件内容
FROM harbor.magedu.net/baseimages/centos:7.6.1810
ADD filebeat-6.8.1-x86_64.rpm /tmp/
RUN yum install -y epel-release /tmp/filebeat-6.5.4-x86_64.rpm && rm -rf /tmp/filebeat-6.5.4-x86_64.rpm
RUN yum install -y vim wget tree pcre pcre-devel gcc gcc-c++ zlib zlib-devel openssl openssl-devel net-tools iotop unzip zip iproute ntpdate nfs-utils tcp dump telnet traceroute
RUN rm -rf /etc/localtime && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/baseimages/centos-base:v7.6 .
sleep 1
docker push harbor.magedu.net/baseimages/centos-base:v7.6
执行构建centos 基础镜像
bash build-command.sh
Nginx 基础镜像制作
tree /opt/k8s-data/dockerfile/pub-images/nginx-base
├── build-command.sh
├── Dockerfile
└── nginx-1.14.2.tar.gz
Dockerfile文件内容
#Nginx Base Image
FROM harbor.magedu.net/baseimages/centos-base:v7.6
RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop
ADD nginx-1.14.2.tar.gz /usr/local/src/
RUN cd /usr/local/src/nginx-1.14.2 && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx && useradd nginx -u 2001
build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/pub-images/nginx-base:v1.14.2 .
sleep 1
docker push harbor.magedu.net/pub-images/nginx-base:v1.14.2
执行构建Nginx基础镜像
bash build-command.sh
基于基础的linux系统(centos/ubuntu/alpine)镜像,制作JDK基础镜像、Tomcat镜像
JDK基础镜像制作
tree /opt/k8s-data/dockerfile/pub-images/jdk-1.8.212
├── build-command.sh
├── Dockerfile
├── jdk-8u212-linux-x64.tar.gz
└── profile
Dockerfile文件内容
#JDK Base Image
FROM harbor.magedu.net/baseimages/centos-base:v7.6
ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/
RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk && groupadd tomcat -g 2018 && useradd tomcat -u 2018 -g 2018
ADD profile /etc/profile
ENV JAVA_HOME /usr/local/jdk
ENV JRE_HOME $JAVA_HOME/jre
ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/
ENV PATH $PATH:$JAVA_HOME/bin
build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/pub-images/jdk-base:v8.212 .
sleep 1
docker push harbor.magedu.net/pub-images/jdk-base:v8.212
执行构建JDK基础镜像
bash build-command
tomcat基础镜像制作
tree /opt/k8s-data/dockerfile/pub-images/tomcat-base
├── apache-tomcat-8.5.43.tar.gz
├── build-command.sh
└── Dockerfile
Dockerfile文件内容
#JDK Base Image
FROM harbor.magedu.net/pub-images/jdk-base:v8.212
RUN mkdir /apps /data/tomcat/webapps /data/tomcat/logs -pv
ADD apache-tomcat-8.5.43.tar.gz /apps
RUN ln -sv /apps/apache-tomcat-8.5.43 /apps/tomcat && chown -R tomcat.tomcat /apps /data -R
#ADD filebeat-6.4.2-x86_64.rpm /tmp/
#RUN yum install -y /tmp/filebeat-6.4.2-x86_64.rpm && rm -rf /tmp/filebeat-6.4.2- x86_64.rpm
build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/pub-images/tomcat-base:v8.5.43 .
sleep 1
docker push harbor.magedu.net/pub-images/tomcat-base:v8.5.43
构建tomcat基础镜像
bash build-command
tomcat业务镜像app1制作
tree /opt/k8s-data/dockerfile/linux36/tomcat-app1
├── app1.tar.gz
├── build-command.sh
├── catalina.sh
├── Dockerfile
├── filebeat.yml
├── myapp
│ └── index.html
├── run_tomcat.sh
└── server.xml
Dockerfile文件内容
#tomcat web1
FROM harbor.magedu.net/pub-images/tomcat-base:v8.5.43
ADD catalina.sh /apps/tomcat/bin/catalina.sh
ADD server.xml /apps/tomcat/conf/server.xml
#ADD myapp/* /data/tomcat/webapps/myapp/
ADD app1.tar.gz /data/tomcat/webapps/myapp/
ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh
#ADD filebeat.yml /etc/filebeat/filebeat.yml
RUN chown -R tomcat.tomcat /data/ /apps/
EXPOSE 8080 8443
CMD ["/apps/tomcat/bin/run_tomcat.sh"]
build-command脚本
#!/bin/bash TAG=$1
docker build -t harbor.magedu.net/linux36/tomcat-app1:${TAG} .
sleep 3
docker push harbor.magedu.net/linux36/tomcat-app1:${TAG}
执行构建tomcat业务镜像
bash build-command.sh
k8s中nginx+tomcat实现动静分离
实现一个通用的nginx+tomcat动静分离web架构,即用户访问的静态页面和图片在由nginx直接响应,而动态请求则基于location转发至tomcat。
重点:Nginx基于tomcat的service name转发用户请求到tomcat业务app
Nginx业务镜像制作
tree /opt/k8s-data/dockerfile/linux36/nginx
├── build-command.sh
├── Dockerfile
├── index.html
├── nginx.conf
└── webapp
└── index.html
Dockerfile文件内容
#Nginx Base Image
FROM harbor.magedu.net/pub-images/nginx-base:v1.14.2
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
ADD webapp/* /usr/local/nginx/html/webapp/
ADD index.html /usr/local/nginx/html/index.html
#RUN mkdir /usr/local/nginx/html/webapp/about /usr/local/nginx/html/webapp/images EXPOSE 80 443
CMD ["nginx"]
build-command脚本
#!/bin/bash docker build -t harbor.magedu.net/linux36/nginx-web1:v1 .
sleep 1
docker push harbor.magedu.net/linux36/nginx-web1:v1
nginx配置文件
upstream tomcat_webserver {
server linux36-tomcat-app1-service.linux36.svc.linux36.local:80;
}
server {
location /myapp{
proxy_pass http://tomcat_webserver;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
}
执行构建Nginx 业务镜像
bash build-command
基于NFS实现动静分离
图片的上传由后端服务器tomcat完成,图片的读取由前端的nginx响应,就需要nginx与tomcat的数据保持一致性,因此需要将数据保存到k8s环境外部的存储服务器,然后再挂载到各nginx与tomcat 的容器中进行相应的操作。
http://docs.kubernetes.org.cn/429.html #存储卷类型及使用
NFS 服务器环境准备
# mkdir /data/linux36/images #图片目录
# mkdir /data/linux36/static #静态文件目录
# vim /etc/exports
/data/linux36 *(rw,no_root_squash)
# systemctl restart nfs-server
NFS客户端挂载并测试写入文件
mount -t nfs 192.168.7.108:/data/linux36 /mnt
cp /etc/passwd /mnt/ #必须能够写入数据
nginx 业务容器yaml
kind:Deployment
apiVersion:extensions/v1beta1
metadata:
labels:
app:linux36-nginx-deployment-label
name:linux36-nginx-deployment
namespace:linux36
spec:
replicas:1
selector:
matchLabels:
app:linux36-nginx-selector
template:
metadata:
labels:
app:linux36-nginx-selector
spec:
containers:
- name:linux36-nginx-container
image:harbor.magedu.net/linux36/nginx-web1:v1
#command:["/apps/tomcat/bin/run_tomcat.sh"]
#imagePullPolicy:IfNotPresent
imagePullPolicy:Always
ports:
- containerPort:80
protocol:TCP
name:http
- containerPort:443
protocol:TCP
name:https
env:
- name:"password"
value:"123456"
- name:"age"
value:"18"
resources:
limits:
cpu:2
memory:2Gi
requests:
cpu:500m
memory:1Gi
volumeMounts:
- name: linux36-images
mountPath: /usr/local/nginx/html/webapp/images
readOnly: false
- name: linux36-static
mountPath: /usr/local/nginx/html/webapp/static
readOnly: false
volumes: #kubectl explain Deployment.spec.template.spec.volumes
- name: linux36-images
nfs:
server: 192.168.7.108
path: /data/linux36/images
- name: linux36-static
nfs:
server: 192.168.7.108
path: /data/linux36/static
---
kind:Service
apiVersion:v1
metadata:
labels:
app:linux36-nginx-service-label
name:linux36-nginx-service
namespace:linux36
spec:
type:
NodePort
ports:
- name:http
port:80
protocol:TCP
targetPort:80
nodePort:30002
- name:https
port:443
protocol:TCP
targetPort:443
nodePort:30443
selector:
app:linux36-nginx-selector
创建Nginx pod
kubectl apply -f nginx.yaml
pod中验证NFS挂载
kubectl get pods -n linux36
tomcat业务pod更新挂载
/opt/k8s-data/yaml/linux36/tomcat-app1/tomcat-app1.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: linux36-tomcat-app1-deployment-label
name: linux36-tomcat-app1-deployment
namespace: linux36
spec:
replicas: 1
selector:
matchLabels:
app: linux36-tomcat-app1-selector
template:
metadata:
labels:
app: linux36-tomcat-app1-selector
spec:
containers:
- name: linux36-tomcat-app1-container
image: harbor.magedu.net/linux36/tomcat-app1:2019-08-02_11_02_30
#command: ["/apps/tomcat/bin/run_tomcat.sh"]
#imagePullPolicy: IfNotPresent
imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
name: http
volumeMounts:
- name: linux36-images
mountPath: /data/tomcat/webapps/myapp/images
readOnly: false
- name: linux36-static
mountPath: /data/tomcat/webapps/myapp/static
readOnly: false
volumes:
- name: linux36-images
nfs:server: 192.168.7.108
path: /data/linux36/images
- name: linux36-static
nfs:
server: 192.168.7.108
path: /data/linux36/static
---
kind: Service
apiVersion: v1
metadata:
labels:
app: linux36-tomcat-app1-service-label
name: linux36-tomcat-app1-service
namespace: linux36
spec:
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 8080
nodePort: 30003
selector:
app: linux36-tomcat-app1-selector
执行更新tomcat app1业务容器yaml
kubectl apply -f tomcat- app1.yaml
访问web测试
上传数据到NFS
tree /data/linux36
├── images
│ └── 1.jpg
└── static
└── index.html
访问nginx 业务pod
http://ip/myaopp/1.jpg
访问tomcat业务pod
http://ip:port/webapp/images/1.jpg
