• docker stack 部署nginx


    ===============================================

     2018/7/29_第1次修改                       ccb_warlock

     

    ===============================================

        nginx作为市场占有率较高的http和反向代理服务,各种需要用到http和网页服务的项目经常需要用nginx做反代,故通过docker部署nginx也是最近的工作之一,故整理完部署后进行记录。

     


     一、前提条件

     

     


     二、部署nginx
     2.1 创建映射的本地目录

    mkdir -p /usr/docker-vol/nginx/conf/conf.d
    mkdir -p /usr/docker-vol/nginx/logs
    mkdir -p /usr/docker-vol/nginx/ssl

     2.2 创建配置文件

     # 创建nginx.conf

    vi /usr/docker-vol/nginx/conf/nginx.conf

     # 将nginx.cnf文件上传到/usr/docker-vol/nginx/conf目录下

    user nginx;
    worker_processes auto;
    pid /run/nginx.pid;
    
    events {
        worker_connections  1024;
    }
    
    http {
        include       mime.types;
        default_type  application/octet-stream;
        keepalive_timeout  65;
    
        sendfile on;
        tcp_nopush     on;
        gzip  on;
        # gzip_disable "msie6";
    
        # 指定日志为json格式,键值对的格式
        log_format access_log_json '{"user_ip":"$http_x_real_ip","lan_ip":"$remote_addr","log_time":"$time_iso8601","user_req":"$request","http_code":"$status","body_bytes_sents":"$body_bytes_sent","req_time":"$request_time","user_ua":"$http_user_agent"}';
    
        
        # 限制上传文件的大小(M)
        # types_hash_max_size 2048;
        
        # include的内容放在log_format之后日志格式的定义才生效
        include /etc/nginx/conf.d/*.conf;

     2.3 配置反代
     # 编辑反代配置文件

    vi /usr/docker-vol/nginx/conf/conf.d/www.conf

     # 将下面的内容添加到www.conf文件内,wq保存

    server {
        listen 80; 
        server_name mydomain.com www.mydomain.com;
    
        autoindex on;
        autoindex_localtime on;
        access_log  off;
        error_log   off;
    
        location ^~ /image/  {
            client_max_body_size   10m;
            proxy_pass http://192.168.12.1:5000/image/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
    
    
        location / {
            proxy_pass  https://192.168.12.1:5001;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            root   html;
            index  index.html index.htm;
        }
    }

     2.4 增加证书及密钥文件
    将证书文件和密钥文件放到/usr/docker-vol/nginx/ssl目录下。

     

     2.5 配置nginx-stack.yml

    cd
    vim nginx-stack.yml

     # 编辑nginx-stack.yml,wq保存

    version: '3.6'
    services:
    
      nginx:
        image: nginx:1.14.0-alpine
        environment:
          - TZ=Asia/Shanghai
        volumes:
          # nginx的配置文件
          - /usr/docker-vol/nginx/conf/nginx.conf:/etc/nginx/nginx.conf
          - /usr/docker-vol/nginx/conf/conf.d/:/etc/nginx/conf.d/
          - /usr/docker-vol/nginx/ssl/:/etc/nginx/ssl/
          - /usr/docker-vol/nginx/logs/:/var/log/nginx/
        deploy:
          replicas: 1
          restart_policy:
            condition: on-failure
          update_config:
            parallelism: 1
            delay: 10s
            monitor: 30s
            max_failure_ratio: 0.1
            order: start-first
        ports:
          - 80:80
          - 443:443
        networks:
          - my-net
    
    networks:
      my-net:
        external: true

    PS.获取请求真实IP的配置方案

    docker service create --name nginx 
      --mount type=bind,source=/usr/docker-vol/nginx/conf/nginx.conf,target=/etc/nginx/nginx.conf,readonly=false 
      --mount type=bind,source=/usr/docker-vol/nginx/conf/conf.d/,target=/etc/nginx/conf.d/,readonly=false 
      --mount type=bind,source=/usr/docker-vol/nginx/ssl,target=/etc/nginx/ssl,readonly=false 
      --mount type=bind,source=/usr/docker-vol/nginx/logs/,target=/var/log/nginx/,readonly=false 
      -p "mode=host,target=80,published=80" 
      -p "mode=host,target=443,published=443" 
      --replicas 1 
      --restart-condition any 
      --network gm-net 
      --update-parallelism 1 
      --update-delay 3s 
      --update-monitor 10s 
      --update-max-failure-ratio 0.1 
      --update-order stop-first 
      --limit-cpu 0.5 
      --limit-memory 300M 
      nginx:1.14.0-alpine

    参考资料:

    1. https://www.cnblogs.com/wwzyy/p/8337965.html

    2. http://www.runoob.com/docker/docker-install-nginx.html

    3. http://www.ttlsa.com/nginx/use-nginx-proxy/

    4. https://blog.csdn.net/bolg_hero/article/details/42105987

     

     

  • 相关阅读:
    docker 001 简介
    Golang 学习笔记 003 标识符、变量和常量
    Golang 学习笔记 002 第一个 go 程序
    Golang 学习笔记 001 环境部署
    nginx配置url中带问号的rewrite跳转
    北京市图书馆免费入口
    编译安装Python3
    Python—进程、线程、协程
    Python—I/O多路复用
    Python—Socket
  • 原文地址:https://www.cnblogs.com/straycats/p/9388219.html
Copyright © 2020-2023  润新知