dockerfile making image

Keywords: Linux Nginx OpenSSL zlib CentOS

The process of making nginx image is divided into three steps
1. Make dockerfile file
2. Make nginx installation script of nginx.sh
3. Make ngx-depolyment.yaml file

Here are the details

#mkdir /root/dockerfile
#cd /root/dockerfile
#touch Dockerfile 
#mkdir nginx

//Making a dockerfile file
root@<cc_172.16.0.2|~/dockerfile/nginx>:#cat Dockerfile 
#Centos based container with tengine2.2
FROM docker.io/centos
MAINTAINER  wbb-20181207 wbb@qq.com

#prepare java environment
ENV LD_LIBRARY_PATH /usr/local/luajit/lib:$LD_LIBRARY_PATH
ENV LUAJIT_INC /usr/local/luajit/include/luajit-2.0
ENV LUAJIT_LIB /usr/local/luajit/lib

#copy jdk tomcat to container
ADD nginx.tar.gz  /root/

RUN cd /root/nginx/ \
&& sh ngxinstall.sh \             #The nginx.sh installation script is written in script separately, as shown below
&& ln -sf /dev/stdout /var/log/nginx/access.log \    #Let nginx log be displayed in k8s Web UI, as shown below
&& ln -sf /dev/stderr /var/log/nginx/error.log

#private expose
EXPOSE 80 

#START NGINX
#ENTRYPOINT [ "/usr/local/nginx/sbin/nginx", "-g", "daemon off;" ]
CMD ["/usr/local/nginx/sbin/nginx", "-g", "daemon off;"]     Be sure to run at the front desk,Otherwise k8s stay deploy Cannot create successfully in
cd /root/dockerfile
docker build -t nginx:v4 .

Screenshot of installation process

The installation script of ngxinstall.sh is referenced in the dockerfile. It is better to test the following installation script on one machine first. If there is no problem, you can directly reference it in the dockerfile

Make nginx installation script of nginx.sh

root@<cc_172.16.0.2|~/dockerfile/nginx/nginx>:#cat ngxinstall.sh 
#!/bin/bash
path=$(pwd)

#Install dependency package
yum makecache
yum -y install gcc gcc-c++ patch make openssl openssl-devel file

#decompression
tar zxvf $path/tar/tengine-2.2.0.tar.gz -C $path/src/
#tar zxvf $path/tar/openssl-1.0.2p.tar.gz -C $path/src/
tar zxvf $path/tar/zlib-1.2.11.tar.gz -C $path/src/
tar zxvf $path/tar/nginx-accesskey.tar.gz -C $path/src/
tar zxvf $path/tar/pcre-8.40.tar.gz -C $path/src/
tar zxvf $path/tar/waf.tar.gz -C $path/src/
tar zxvf $path/tar/nginx_tcp_proxy_module-master.tar.gz -C $path/src/
tar zxvf $path/tar/LuaJIT-2.0.5.tar.gz -C $path/src/
tar zxvf $path/tar/ngx_devel_kit-0.2.19.tar.gz -C $path/src/
tar zxvf $path/tar/lua-nginx-module-0.9.5rc2.tar.gz -C $path/src/

#environment variable
echo "export LD_LIBRARY_PATH=/usr/local/luajit/lib:$LD_LIBRARY_PATH" >> /etc/profile 
echo "export LUAJIT_INC=/usr/local/luajit/include/luajit-2.0" >> /etc/profile
echo "export LUAJIT_LIB=/usr/local/luajit/lib" >> /etc/profile && source /etc/profile

source /etc/profile
cd $path/src/LuaJIT-2.0.5
make PREFIX=/usr/local/luajit
make install PREFIX=/usr/local/luajit

#tengine
#useradd -s /sbin/nologin nginx
cd $path/src/tengine-2.2.0
patch -p1 < $path/src/nginx_tcp_proxy_module-master/tcp.patch

./configure --user=root --group=root \
--prefix=/usr/local/nginx \
--lock-path=/var/run/nginx.lock \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--pid-path=/var/run/nginx.pid \
--add-module=../ngx_devel_kit-0.2.19 \
--add-module=../lua-nginx-module-0.9.5rc2 \
--add-module=../nginx-accesskey-2.0.3 \
--add-module=../nginx_tcp_proxy_module-master \
--with-pcre=../pcre-8.40 \
--with-zlib=../zlib-1.2.11 \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_addition_module \
--with-http_sub_module \
--with-file-aio \
--with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' \
--with-ld-opt=-Wl,-rpath,/usr/local/lib

source /etc/profile
make
make install

#The following is to write the relevant configuration files, and copy them directly, including only some module files. The specific domain name. conf file can be referenced later
cp $path/src/nginx.conf /usr/local/nginx/conf/
cp $path/src/proxy.conf /usr/local/nginx/conf/
cp $path/src/error.conf /usr/local/nginx/conf/
cp -r $path/src/html /usr/local/nginx/
cp -r $path/src/waf /usr/local/nginx/conf/
mkdir -p /usr/local/nginx/vhost
mkdir -p /usr/local/nginx/tcp
cp $path/src/default.conf /usr/local/nginx/vhost/
cp $path/src/tcp.conf /usr/local/nginx/tcp/   #Support for tcp module
rm -rf /root/nginx           #Remove installation files

Make ngx-depolyment.yaml file

---
#Define nginx namespace
#apiVersion: v1
#kind: Namespace
#metadata:
#  name: k8s-go

---
#Define nginx svc
apiVersion: v1
kind: Service
metadata:
  name: k8s-nginx
  namespace: k8s-go
  labels:
    app: k8s-nginx
spec:
  type: NodePort
  ports:
  - port: 80
    targetPort: 80
    nodePort: 10280
    protocol: TCP
  #clusterIP: 169.169.249.80
  selector:
   app: k8s-nginx

---

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deploy
  namespace: k8s-go
  labels:
    app: k8s-nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: k8s-nginx
  template:
    metadata:
      labels:
        app: k8s-nginx
      annotations:
        app: nginx-clouster
    spec:
      containers:
      - name: nginx
        image: 172.16.0.2:5000/nginx:v4   #Load from private warehouse
        imagePullPolicy: Always    #Only from the private warehouse, not to the node node
        volumeMounts:
        - mountPath: /usr/local/www
          name: nginx-data
        #- mountPath: /etc/nginx/conf.d
        #  name: nginx-conf
        resources:
          limits:
            cpu: 300m
            memory: 3000Mi
          requests:
            cpu: 100m
            memory: 100Mi
        ports:
        - containerPort: 80
      volumes:
        - name: nginx-data
          persistentVolumeClaim:
            claimName: nginx-data-nfs-pvc
        #- name: nginx-conf
        #  persistentVolumeClaim:
        #    claimName: nginx-conf-nfs-pvc
      #volumes:
      #  - name: nginx-nfs
      #    nfs:
      #      server: 172.16.0.2
      #      path: /data/nfs-storage/nginx  

The generated nginx pod displayed in k8s dashboard,

Internet access display test page

nginx logs are displayed in the Web UI. To display logs here, you must define them in the dockerfile. Otherwise, they will be displayed. Because the logs displayed in k8s are obtained from / dev/stdout /dev/stderr

Posted by leon_nerd on Sun, 08 Dec 2019 11:32:00 -0800