因为需要接入nginx监控,用的是vts模块,原生nginx并没有包含该模块,原本想着用别人已经编译好的, 但是一想后期可能还需要加入其他的模块,所以还是自己编译一个。
下面说一下具体的步骤。
编写dockerfile文件
此处用的几个主要软件版本:
- alpine: 3.17
- nginx: 1.22.1
- nginx-module-vts: 0.2.1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
| FROM alpine:3.17
ENV NGINX_VERSION nginx-1.22.1
RUN echo https://mirrors.aliyun.com/alpine/v3.17/main/ > /etc/apk/repositories && \
echo https://mirrors.aliyun.com/alpine/v3.17/community/ >> /etc/apk/repositories
RUN apk --update add openssl-dev pcre-dev zlib-dev wget build-base libxslt-dev && \
mkdir -p /tmp/src && \
cd /tmp/src && \
wget -O nginx-module-vts.tar.gz https://github.com/vozlt/nginx-module-vts/archive/refs/tags/v0.2.1.tar.gz && \
wget http://nginx.org/download/${NGINX_VERSION}.tar.gz && \
tar -zxvf nginx-module-vts.tar.gz && \
tar -zxvf ${NGINX_VERSION}.tar.gz && \
cd /tmp/src/${NGINX_VERSION} && \
./configure \
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--with-compat \
--with-pcre-jit \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads \
--with-http_addition_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_sub_module \
--with-http_xslt_module=dynamic \
--with-stream=dynamic \
--with-stream_ssl_module \
--with-mail=dynamic \
--with-mail_ssl_module \
--add-module=/tmp/src/nginx-module-vts-0.2.1 && \
make && \
make install && \
apk del build-base && \
rm -rf /tmp/src && \
rm -rf /var/cache/apk/*
WORKDIR /etc/nginx
EXPOSE 80 443
CMD ["nginx", "-g", "daemon off;"]
|
编译镜像
编译镜像可以直接使用docker命令来编译, 我这儿为了方便,就使用jenkins来编译。
新建一个jenkins项目,项目类型选择”流水线”, 然后编写流水线脚本, 具体jenkins使用步骤这里就不描述了,这里贴一下我的脚本, 包含了代码拉取 -> 镜像构建 -> 镜像推送几个步骤。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
| pipeline {
agent any
stages {
stage ("git pull") {
steps {
git credentialsId: '拉取凭证', url: '你的git仓库地址,dockerfile文件要在仓库根路径'
}
}
stage('docker build') {
steps {
sh 'docker build -t 镜像tag .'
}
}
stage('docker push') {
steps {
sh 'docker login --username=*** --password=*** ***'
sh 'docker push ***'
}
}
}
}
|
运行服务
在运行镜像的时候, 需要将nginx.conf文件挂载出来, 方便后续修改。
下面贴一个支持vts模块的nginx配置文件。
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
#user nobody;
worker_processes 1;
load_module /etc/nginx/modules/ngx_stream_module.so;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
# nginx-vts
vhost_traffic_status_zone;
vhost_traffic_status_filter_by_host on; #开启此功能,会根据不同的server_name进行流量的统计,否则默认会把流量全部计算到第一个上。
vhost_traffic_status_filter on;
vhost_traffic_status_filter_by_set_key $status $server_name;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
location /status {
vhost_traffic_status_display;
vhost_traffic_status_display_format html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
|
