4 案例演示 -自定义镜像运行Nginx及tomcat服务并基于NFS实现动静分离
一 环境前期说明
准备好harbor和nfs服务器,nfs服务:172.31.7.122
harbor服务为 harbor.magedu.com,并且提前创建好项目
二 准备docker镜像
2.1 创建4个基础镜像,centos,nginx,tomcat,jdk
2.1.1 centos镜像
dockfile
[root@k8s-master1 centos]# cat Dockerfile #自定义Centos 基础镜像 FROM centos:7.9.2009 MAINTAINER Jack.Zhang [email protected] ADD filebeat-7.12.1-x86_64.rpm /tmp RUN yum install -y /tmp/filebeat-7.12.1-x86_64.rpm vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop && rm -rf /etc/localtime /tmp/filebeat-7.12.1-x86_64.rpm && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
构建和上传
[root@k8s-master1 centos]# cat build-command.sh #!/bin/bash docker build -t harbor.magedu.com/baseimages/magedu-centos-base:7.9.2009 . docker push harbor.magedu.com/baseimages/magedu-centos-base:7.9.2009
2.1.2 jdk镜像构建
目录结构
dockfile
[root@k8s-master1 jdk-1.8.212]# cat Dockerfile #JDK Base Image FROM harbor.magedu.com/baseimages/magedu-centos-base:7.9.2009 MAINTAINER zhangshijie [email protected] ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/ RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk ADD profile /etc/profile ENV JAVA_HOME /usr/local/jdk ENV JRE_HOME $JAVA_HOME/jre ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/ ENV PATH $PATH:$JAVA_HOME/bin
构建并上传
#!/bin/bash docker build -t harbor.magedu.com/pub-images/jdk-base:v8.212 . sleep 1 docker push harbor.magedu.com/pub-images/jdk-base:v8.212
2.1.3 nginx镜像构建
dockfile内容
[root@k8s-master1 nginx-base]# cat Dockerfile #Nginx Base Image FROM harbor.magedu.com/baseimages/magedu-centos-base:7.9.2009 MAINTAINER [email protected] RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop ADD nginx-1.20.2.tar.gz /usr/local/src/ RUN cd /usr/local/src/nginx-1.20.2 && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx &&rm -rf /usr/local/src/nginx-1.20.2.tar.gz
构建并上传
#!/bin/bash docker build -t harbor.magedu.com/pub-images/nginx-base:v1.20.2 . sleep 1 docker push harbor.magedu.com/pub-images/nginx-base:v1.20.2
2.1.4 tomcat镜像构建
dockfile内容:
[root@k8s-master1 tomcat-base-8.5.43]# cat Dockerfile #Tomcat 8.5.43基础镜像 FROM harbor.magedu.com/pub-images/jdk-base:v8.212 MAINTAINER zhangshijie [email protected] RUN mkdir /apps /data/tomcat/webapps /data/tomcat/logs -pv ADD apache-tomcat-8.5.43.tar.gz /apps RUN useradd tomcat -u 2050 && ln -sv /apps/apache-tomcat-8.5.43 /apps/tomcat && chown -R tomcat.tomcat /apps /data
构建并上传
[root@k8s-master1 tomcat-base-8.5.43]# cat build-command.sh #!/bin/bash docker build -t harbor.magedu.com/pub-images/tomcat-base:v8.5.43 . sleep 3 docker push harbor.magedu.com/pub-images/tomcat-base:v8.5.43
2.2 创建两个业务镜像,tomcat,nginx(k8s使用的)
目录结构
2.2.1 tomcat镜像构建
dockfile内容
#tomcat web1 FROM harbor.magedu.com/pub-images/tomcat-base:v8.5.43 ADD catalina.sh /apps/tomcat/bin/catalina.sh ADD server.xml /apps/tomcat/conf/server.xml #配置文件 #ADD myapp/* /data/tomcat/webapps/myapp/ ADD app1.tar.gz /data/tomcat/webapps/myapp/ #代码目录 ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh #启动脚本 #ADD filebeat.yml /etc/filebeat/filebeat.yml RUN chown -R tomcat.tomcat /data/ /apps/ #ADD filebeat-7.5.1-x86_64.rpm /tmp/ #RUN cd /tmp && yum localinstall -y filebeat-7.5.1-amd64.deb EXPOSE 8080 8443 CMD [/apps/tomcat/bin/run_tomcat.sh]
构建并上传,这个脚本执行的时候需要传个参数,就是你代码的版本号
#!/bin/bash TAG=$1 docker build -t harbor.magedu.com/magedu/tomcat-app1:${TAG} . sleep 3 docker push harbor.magedu.com/magedu/tomcat-app1:${TAG}
2.2.2 nginx镜像构建
dockfile内容
#Nginx 1.20.2 FROM harbor.magedu.com/pub-images/nginx-base:v1.20.2 RUN useradd tomcat -u 2050 ADD nginx.conf /usr/local/nginx/conf/nginx.conf ADD app1.tar.gz /usr/local/nginx/html/webapp/ #静态文件路径 ADD index.html /usr/local/nginx/html/index.html #静态文件路径 #静态资源挂载路径 RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images && chown tomcat.tomcat -R /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images EXPOSE 80 443 CMD [nginx]
构建并上传,也要传递个参数
[root@k8s-master1 nginx]# cat build-command.sh #!/bin/bash TAG=$1 docker build -t harbor.magedu.com/magedu/nginx-web1:${TAG} . echo 镜像构建完成,即将上传到harbor sleep 1 docker push harbor.magedu.com/magedu/nginx-web1:${TAG} echo 镜像上传到harbor完成
nginx.conf配置文件说明:我们要用nginx代理tomcat,所以server后面要写tomcat的svc地址
user tomcat tomcat; worker_processes auto; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; daemon off; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] $request ' # '$status $body_bytes_sent $http_referer ' # '$http_user_agent $http_x_forwarded_for'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream tomcat_webserver { server magedu-tomcat-app1-service.magedu.svc.magedu.local:80; } server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } location /webapp { root html; index index.html index.htm; } location /myapp { proxy_pass http://tomcat_webserver; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; } }
三 准备yaml文件
3.1 nginx的yaml
kubectl apply -f /yaml/docker/yaml/magedu/nginx/nginx.yaml
kind: Deployment apiVersion: apps/v1 metadata: labels: app: magedu-nginx-deployment-label name: magedu-nginx-deployment namespace: magedu spec: replicas: 1 selector: matchLabels: app: magedu-nginx-selector template: metadata: labels: app: magedu-nginx-selector spec: containers: - name: magedu-nginx-container image: harbor.magedu.com/magedu/nginx-web1:202205041446 #nginx业务镜像地址 #command: [/apps/tomcat/bin/run_tomcat.sh] #imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent ports: - containerPort: 80 protocol: TCP name: http - containerPort: 443 protocol: TCP name: https env: - name: password value: 123456 - name: age value: 20 volumeMounts: - name: magedu-images mountPath: /usr/local/nginx/html/webapp/images readOnly: false - name: magedu-static mountPath: /usr/local/nginx/html/webapp/static readOnly: false volumes: - name: magedu-images nfs: server: 172.31.7.122 path: /data/k8sdata/magedu/images - name: magedu-static nfs: server: 172.31.7.122 path: /data/k8sdata/magedu/static #nodeSelector: # group: magedu --- kind: Service apiVersion: v1 metadata: labels: app: magedu-nginx-service-label name: magedu-nginx-service namespace: magedu spec: type: NodePort ports: - name: http port: 80 protocol: TCP targetPort: 80 nodePort: 30090 - name: https port: 443 protocol: TCP targetPort: 443 nodePort: 30091 selector: app: magedu-nginx-selector
3.2 tomcat的yaml
kubectl apply -f tomcat-app1.yaml
kind: Deployment #apiVersion: extensions/v1beta1 apiVersion: apps/v1 metadata: labels: app: magedu-tomcat-app1-deployment-label name: magedu-tomcat-app1-deployment namespace: magedu spec: replicas: 2 selector: matchLabels: app: magedu-tomcat-app1-selector template: metadata: labels: app: magedu-tomcat-app1-selector spec: containers: - name: magedu-tomcat-app1-container image: harbor.magedu.com/magedu/tomcat-app1:202205041153 #command: [/apps/tomcat/bin/run_tomcat.sh] imagePullPolicy: IfNotPresent #imagePullPolicy: Always ports: - containerPort: 8080 protocol: TCP name: http env: - name: password value: 123456 - name: age value: 18 resources: limits: cpu: 1 memory: 512Mi requests: cpu: 500m memory: 512Mi volumeMounts: - name: magedu-images mountPath: /usr/local/nginx/html/webapp/images readOnly: false - name: magedu-static mountPath: /usr/local/nginx/html/webapp/static readOnly: false volumes: - name: magedu-images nfs: server: 172.31.7.122 path: /data/k8sdata/magedu/images - name: magedu-static nfs: server: 172.31.7.122 path: /data/k8sdata/magedu/static # nodeSelector: # project: magedu # app: tomcat --- kind: Service apiVersion: v1 metadata: labels: app: magedu-tomcat-app1-service-label name: magedu-tomcat-app1-service namespace: magedu spec: #type: NodePort ports: - name: http port: 80 protocol: TCP targetPort: 8080 #nodePort: 30092 selector: app: magedu-tomcat-app1-selector
创建完两个yaml之后,查看结果
四 验证结果
最终通过域名访问,这里用haproxy,和keppalived产生的虚拟Ip
4.1 haproxy配置
将 www.mysite.com域名解析到172.31.7.188 ,更改host文件
4.2 访问后端tomcat内容
myapp是我后端tomcat提供的服务,有两个pod,默认轮训方式访问,如图所示: