colben/docker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
colben
2022-04-18 11:21:20 +08:00
commit 45a7af638f
210 changed files with 8997 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
nginx/ADD/ccmd Executable file
View File

@@ -0,0 +1,90 @@
#!/bin/bash
##################################################
# Mount dir #
# - /etc/nginx/stream.d #
# - /etc/nginx/http.d #
# - /var/lib/nginx/html #
# - /var/log/nginx #
# ENV #
# - GLOBAL_DIRECTIVES #
##################################################
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
PIDS=
GOT_SIGTERM=
GLOBAL_DIRECTIVES="${GLOBAL_DIRECTIVES:-user nginx;worker_processes auto;}"
function Print {
local file=/dev/null
[ '-f' = "$1" ] && file=$2 && shift && shift
date +"[%F %T] $*" | tee -a $file
}
function Quit {
local running
Print killing nginx ...
nginx -s quit || true
while running= ; do
pkill -f sleep && running=1 && Print killing sleep ...
pkill -f nginx && running=1 && Print killing nginx ...
[ -z "$running" ] && break
sleep 1
done
Print Container stopped.
test -n "$GOT_SIGTERM"
}
function ChangeOwner {
Print Change file owner ...
chown nginx.root /var/log/nginx/
}
function SideCar {
local day= last_day=$(date +%d)
local md5= last_md5=$(find /etc/nginx/ -type f -name "*.conf" \
| xargs -I ^ md5sum ^ | md5sum)
while sleep 10; do
day=$(date +%d) \
&& [ "$day" != "$last_day" ] \
&& last_day=$day \
&& find /var/log/nginx/ -type f -name "*.log" \
| xargs -I ^ mv -f ^ ^.$(date +%F -d yesterday) \
&& nginx -s reopen
md5=$(find /etc/nginx/ -type f -name "*.conf" | xargs -I ^ md5sum ^ \
| md5sum) \
&& [ "$md5" != "$last_md5" ] \
&& last_md5=$md5 \
&& nginx -tq \
&& Print Reload nginx conf ... \
&& nginx -s reload
done
}
function StartProc {
Print Start nginx ...
nginx -g "$GLOBAL_DIRECTIVES" &
PIDS="$PIDS $!"
Print Start nginx sidecar ...
SideCar &
PIDS="$PIDS $!"
}
function Main {
local pid=
ChangeOwner
StartProc
trap "GOT_SIGTERM=1; Print Got SIGTERM ..." SIGTERM
while [ -z "$GOT_SIGTERM" ] && sleep 1; do
for pid in $PIDS; do
[ ! -e /proc/$pid ] && Print Unexpected error! && exit
done
done
}
# Start here
Main

17
nginx/Demo/SingleNode/README.md Normal file
View File

@@ -0,0 +1,17 @@
# 部署单节点 nginx
- 根据实际环境修改
- docker-compose.yml
- nginx/http.d/80.conf
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 上传可能需要的前端文件到 nginx/html/ 下
- 启动
```
docker-compose up -d
```

22
nginx/Demo/SingleNode/docker-compose.yml Normal file
View File

@@ -0,0 +1,22 @@
version: "3.7"
services:
nginx:
image: harbor.colben.cn/general/nginx
container_name: nginx
restart: "on-failure"
stop_grace_period: 5m
privileged: true
ports:
- 80:80
volumes:
- type: bind
source: ./nginx/html
target: /var/lib/nginx/html
- type: bind
source: ./nginx/http.d
target: /etc/nginx/http.d
- type: bind
source: ./nginx/log
target: /var/log/nginx

5
nginx/Demo/SingleNode/nginx/http.d/80.conf Normal file
View File

@@ -0,0 +1,5 @@
server {
listen 80;
location / {}
}

19
nginx/Demo/TwoNodes/README.md Normal file
View File

@@ -0,0 +1,19 @@
# 部署 nginx 双节点+高可用
- 在两台服务器上都执行下面操作
- 根据实际环境修改
- docker-compose.yml
- keepalived/conf/keepalived.conf
- nginx/http.d/80.conf
- 创建目录
```
grep '\<source:' docker-compose.yml | cut -d: -f2 | xargs mkdir -p
```
- 上传可能需要的前端文件到 nginx/html/ 下
- 启动
```
docker-compose up -d
```

38
nginx/Demo/TwoNodes/docker-compose.yml Normal file
View File

@@ -0,0 +1,38 @@
version: "3.7"
services:
keepalived:
image: harbor.colben.cn/general/keepalived
container_name: keepalived
restart: "on-failure"
stop_grace_period: 1m
privileged: true
network_mode: host
volumes:
- type: bind
source: ./keepalived/conf
target: /etc/keepalived
- type: bind
source: ./keepalived/log
target: /var/log/keepalived
nginx:
image: harbor.colben.cn/general/nginx
container_name: nginx
restart: "on-failure"
stop_grace_period: 1m
network_mode: host
volumes:
- type: bind
source: ./nginx/html
target: /var/lib/nginx/html
- type: bind
source: ./nginx/http.d
target: /etc/nginx/http.d
- type: bind
source: ./nginx/stream.d
target: /etc/nginx/stream.d
- type: bind
source: ./nginx/log
target: /var/log/nginx

33
nginx/Demo/TwoNodes/keepalived/conf/keepalived.conf Normal file
View File

@@ -0,0 +1,33 @@
global_defs {
router_id nginx1 # 在另一台服务器中,这里配置 nginx2
script_user root
enable_script_security
}
vrrp_script chk_nginx {
script "/sbin/ss -lnt | grep -q ':80\>'"
interval 10
weight 0
fall 2
rise 2
}
vrrp_instance VI_1 {
state BACKUP
virtual_router_id 14
priority 150 # 在另一台服务器中这里配置100
advert_int 2
nopreempt
interface eth0 # 这里的 eth0 是服务器的网卡名
track_script {
chk_nginx
}
authentication {
auth_type PASS
auth_pass El_en_nginx_1234
}
virtual_ipaddress {
虚拟IP/掩码 dev eth0 # 这里的eth0是服务器的网卡名
}
}

5
nginx/Demo/TwoNodes/nginx/http.d/80.conf Normal file
View File

@@ -0,0 +1,5 @@
server {
listen 80;
location / {}
}

17
nginx/Dockerfile Normal file
View File

@@ -0,0 +1,17 @@
ARG ARCH
FROM harbor.colben.cn/general/alpine$ARCH
MAINTAINER Colben colbenlee@gmail.com
ADD --chown=root:root /ADD/ /opt/
RUN apk update \
&& apk add --no-cache nginx nginx-mod-stream \
&& sed -i \
-e '1a\\n# Added by Dockerfile' \
-e '1adaemon off;' \
-e '1apid /run/nginx/nginx.pid;' \
-e '/^user /,/^worker_processes /d' \
-e '/^#include /s/^#//' \
/etc/nginx/nginx.conf \
&& rm -rf /var/cache/apk/* /etc/nginx/http.d/* \
&& chown nginx.nginx /run/nginx
CMD ["/opt/ccmd"]

20
nginx/README.md Normal file
View File

@@ -0,0 +1,20 @@
# 构建 nginx 镜像
## 定制
- 安装 nginx
- 固定一些常用配置
- 每 10 秒扫描一次配置文件,有变更会立即 reload
## 外挂目录和文件
- /etc/nginx/stream.d: nginx stream 配置文件
- /etc/nginx/http.d: nginx http 配置文件
- /var/lib/nginx/html: nginx 前端文件存放目录
- /var/log/nginx: nginx 日志目录
## 引入环境变量
- GLOBAL_DIRECTIVES: 一般用不到
## 案例
- [Demo/SingleNode/](Demo/SingleNode/): 单节点
- [Demo/TwoNodes/](Demo/TwoNodes/): 两节点+高可用

67
nginx/nginx.sh Executable file
View File

@@ -0,0 +1,67 @@
#!/bin/bash
#=========================================
# Author : colben
#=========================================
set -euo pipefail
export LANG=en_US.UTF-8
trap Quit EXIT
[ 'x86_64' == "$(uname -m)" ] && ARCH='' || ARCH="-$(uname -m)"
ROOT_DIR="$(cd $(dirname $0) && pwd)"
IMAGE="harbor.colben.cn/general/$(basename ${0%.sh})$ARCH:latest"
if [ -t 0 ]; then
function Print { echo -e "\033[36;1m$(date +'[%F %T]')\033[32;1m $*\033[0m"; }
function Warn { echo -e "\033[36;1m$(date +'[%F %T]')\033[33;1m $*\033[0m"; }
function Error { echo -e "\033[36;1m$(date +'[%F %T]')\033[31;1m $*\033[0m"; exit 1; }
else
function Print { echo -e "$(date +'[%F %T INFO]') $*"; }
function Warn { echo -e "$(date +'[%F %T WARN]') $*"; }
function Error { echo -e "$(date +'[%F %T ERROR]') $*"; exit 1; }
fi
function Quit {
local exitCode=$?
[ 0 -ne $exitCode ] && Error Failed to build or push image!
[ -z "${END:-}" ] && echo && Error Interrupted manually!
Print Succeeded to build and push image.
}
function YesOrNo {
Warn $*
local sw=
while :; do
read -p '(Yes/No/Quit) ' -n1 sw
[[ "$sw" =~ ^Y|y$ ]] && echo && return 0
[[ "$sw" =~ ^N|n$ ]] && echo && return 1
[[ "$sw" =~ ^Q|q$ ]] && echo && exit 0
[ -n "$sw" ] && echo
done
}
function Update {
:
}
function Build {
local yn
cd $ROOT_DIR
docker images --format='{{.Repository}}:{{.Tag}}' | grep "^$IMAGE$" \
&& Warn Removing image $IMAGE ... \
&& docker rmi $IMAGE
Warn Building image: $IMAGE ...
docker build --force-rm --build-arg ARCH="$ARCH" -t $IMAGE .
YesOrNo Push image: $IMAGE? && docker push $IMAGE
}
function Main {
Update
Build
END=1
}
# Start here
Main