-
K8s复习笔记5-镜像构建
1. 容器化的优势
- 提高资源利用率,节约部署IT成本.
- 提高部署效率,基于kubernetes实现快速部署交付,秒级启动.
- 实现横向扩容,灰度部署,回滚等.
- 可根据业务负载进行弹性扩展.
- 容器将环境和代码打包在镜像内,保证了测试与生产环境一致性.
2. 镜像分层结构
- docker pull 拉取基础镜像(centos,ubuntu,alpine)
- 自定义基础环境(vim,gcc等常用工具),上传harbor仓库.
- 基于自定义镜像安装JDK,Nginx,Tomcat等所需的中间件,打包上传harbor
- 基于tomcat,nginx的基础镜像加上业务数据,构建不同的业务镜像
一般3-4层,不直接在基础镜像的基础上直接生成业务镜像
3. 构建基础镜像
基础镜像Dockerfile
FROM centos:7.9.2009 ADD filebeat-7.12.1-x86_64.rpm /tmp RUN rm -f /etc/yum.repos.d/* ADD Centos-7.repo /etc/yum.repos.d RUN yum clean all && yum makecache RUN yum install -y /tmp/filebeat-7.12.1-x86_64.rpm vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop && rm -rf /etc/localtime /tmp/filebeat-7.12.1-x86_64.rpm && ln -snf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && useradd nginx -u 2022- 1
- 2
- 3
- 4
- 5
- 6
- 7
build文件
#!/bin/bash docker build -t harbor.intra.com/baseimages/centos-base:7.9.2009 . docker push harbor.intra.com/baseimages/centos-base:7.9.2009- 1
- 2
- 3
- 4
构建基础镜像
harbor.intra.com/baseimages/centos-baseroot@k8s-master-01:/opt/k8s-data/dockerfile/system/centos# ./build-command.sh Sending build context to Docker daemon 32.61MB Step 1/6 : FROM centos:7.9.2009 ---> eeb6ee3f44bd Step 2/6 : ADD filebeat-7.12.1-x86_64.rpm /tmp ---> Using cache ---> 470c5717e15e Step 3/6 : RUN rm -f /etc/yum.repos.d/* ---> Using cache ---> 8817eb668724 Step 4/6 : ADD Centos-7.repo /etc/yum.repos.d ---> Using cache ---> 9102543f4c46 Step 5/6 : RUN yum clean all && yum makecache ---> Running in c73bdf76827c Loaded plugins: fastestmirror, ovl Cleaning repos: base extras updates Loaded plugins: fastestmirror, ovl Determining fastest mirrors * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com perl-Time-Local noarch 1.2300-2.el7 base 24 k perl-constant noarch 1.27-2.el7 base 19 k perl-libs x86_64 4:5.16.3-299.el7_9 updates 690 k perl-macros x86_64 4:5.16.3-299.el7_9 updates 44 k perl-parent noarch 1:0.225-244.el7 base 12 k perl-podlators noarch 2.5.1-3.el7 base 112 k perl-threads x86_64 1.87-4.el7 base 49 k perl-threads-shared x86_64 1.43-6.el7 base 39 k vim-common x86_64 2:7.4.629-8.el7_9 updates 5.9 M vim-filesystem x86_64 2:7.4.629-8.el7_9 updates 11 k which x86_64 2.20-7.el7 base 41 k Updating for dependencies: glibc x86_64 2.17-326.el7_9 updates 3.6 M glibc-common x86_64 2.17-326.el7_9 updates 12 M krb5-libs x86_64 1.15.1-54.el7_9 updates 810 k openssl-libs x86_64 1:1.0.2k-25.el7_9 updates 1.2 M Transaction Summary ================================================================================ Install 15 Packages (+57 Dependent packages) Upgrade 1 Package (+ 4 Dependent packages) Total size: 203 M Total download size: 87 M Downloading packages: Delta RPMs disabled because /usr/bin/applydeltarpm not installed. Updated: zlib.x86_64 0:1.2.7-20.el7_9 Dependency Updated: glibc.x86_64 0:2.17-326.el7_9 glibc-common.x86_64 0:2.17-326.el7_9 krb5-libs.x86_64 0:1.15.1-54.el7_9 openssl-libs.x86_64 1:1.0.2k-25.el7_9 Complete! Removing intermediate container 1dd8f4232fff ---> 4aa2d689b2b6 Successfully built 4aa2d689b2b6 Successfully tagged harbor.intra.com/baseimages/centos-base:7.9.2009 The push refers to repository [harbor.intra.com/baseimages/centos-base] d7f831641e18: Pushed f4b52134c525: Pushed 0533300cca03: Pushed 30a12549c4a3: Pushed ce1fb445c72c: Pushed 174f56854903: Pushed 7.9.2009: digest: sha256:ee0d2941ffb9ca5813c96c781b8c03ac6075101ea6065f1c939869614a8ae555 size: 1581 root@k8s-master-01:/opt/k8s-data/dockerfile/system/centos# docker images REPOSITORY TAG IMAGE ID CREATED SIZE harbor.intra.com/baseimages/centos-base 7.9.2009 4aa2d689b2b6 About a minute ago 1.08GB- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
4. 构建nginx镜像
Dockerfile
#Nginx Base Image FROM harbor.intra.com/baseimages/centos-base:7.9.2009 RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop ADD nginx-1.18.0.tar.gz /usr/local/src/ RUN cd /usr/local/src/nginx-1.18.0 && ./configure && make && make install && ln -sv /usr/local/nginx/sbin/nginx /usr/sbin/nginx &&rm -rf /usr/local/src/nginx-1.18.0.tar.gz- 1
- 2
- 3
- 4
- 5
- 6
- 7
build文件
#!/bin/bash docker build -t harbor.intra.com/pub-images/nginx-base:v1.18.0 . sleep 1 docker push harbor.intra.com/pub-images/nginx-base:v1.18.0- 1
- 2
- 3
- 4
构建nginx-base镜像
harbor.intra.com/pub-images/nginx-base:v1.18.0root@k8s-master-01:/opt/k8s-data/dockerfile/web/pub-images/nginx-base# ./build-command.sh Sending build context to Docker daemon 1.043MB Step 1/4 : FROM harbor.intra.com/baseimages/centos-base:7.9.2009 ---> 4aa2d689b2b6 Step 2/4 : RUN yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop ---> Running in f404ed615ae9 Loaded plugins: fastestmirror, ovl Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com make[1]: Leaving directory `/usr/local/src/nginx-1.18.0' '/usr/sbin/nginx' -> '/usr/local/nginx/sbin/nginx' Removing intermediate container f8c856f90087 ---> e645795e0516 Successfully built e645795e0516 Successfully tagged harbor.intra.com/pub-images/nginx-base:v1.18.0 The push refers to repository [harbor.intra.com/pub-images/nginx-base] add7044db687: Pushed 48509365cc6b: Pushed 866a31dd9674: Pushed d7f831641e18: Pushed f4b52134c525: Pushed 0533300cca03: Pushed 30a12549c4a3: Pushed ce1fb445c72c: Pushed 174f56854903: Pushed v1.18.0: digest: sha256:1d9a8c1f9c81c7aed5a2c0654e085d84c63effccd2486590059783295c211f1e size: 2215 root@k8s-master-01:/opt/k8s-data/dockerfile/web/pub-images/nginx-base# docker images REPOSITORY TAG IMAGE ID CREATED SIZE harbor.intra.com/pub-images/nginx-base v1.18.0 e645795e0516 35 seconds ago 1.28GB- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
5. 构建业务Nginx镜像
Dockerfile
#Nginx 1.18.0 FROM harbor.intra.com/pub-images/nginx-base:v1.18.0 ADD nginx.conf /usr/local/nginx/conf/nginx.conf ADD app1.tar.gz /usr/local/nginx/html/webapp/ ADD index.html /usr/local/nginx/html/index.html #静态资源挂载路径 RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images EXPOSE 80 443 CMD ["nginx"]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
build文件
#Nginx 1.18.0 FROM harbor.intra.com/pub-images/nginx-base:v1.18.0 ADD nginx.conf /usr/local/nginx/conf/nginx.conf ADD app1.tar.gz /usr/local/nginx/html/webapp/ ADD index.html /usr/local/nginx/html/index.html #静态资源挂载路径 RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images EXPOSE 80 443 CMD ["nginx"] root@k8s-master-01:/opt/k8s-data/dockerfile/web/wework/nginx# cat build-command.sh #!/bin/bash TAG=$1 docker build -t harbor.intra.com/wework/nginx-web1:${TAG} . echo "镜像构建完成,即将上传到harbor" sleep 1 docker push harbor.intra.com/wework/nginx-web1:${TAG} echo "镜像上传到harbor完成"- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
目录下其他文件
root@k8s-master-01:/opt/k8s-data/dockerfile/web/wework/nginx# ls -l total 20 -rw-r--r-- 1 root root 235 Aug 8 12:50 app1.tar.gz -rwxr-xr-x 1 root root 226 Aug 8 12:53 build-command.sh -rw-r--r-- 1 root root 355 Aug 8 12:52 Dockerfile -rw-r--r-- 1 root root 21 Aug 8 12:38 index.html -rw-r--r-- 1 root root 1520 Aug 8 12:55 nginx.conf root@k8s-master-01:/opt/k8s-data/dockerfile/web/wework/nginx#- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
开始构建镜像
root@k8s-master-01:/opt/k8s-data/dockerfile/web/wework/nginx# ./build-command.sh v1 Sending build context to Docker daemon 7.168kB Step 1/7 : FROM harbor.intra.com/pub-images/nginx-base:v1.18.0 ---> e645795e0516 Step 2/7 : ADD nginx.conf /usr/local/nginx/conf/nginx.conf ---> Using cache ---> 10908e179f69 Step 3/7 : ADD app1.tar.gz /usr/local/nginx/html/webapp/ ---> Using cache ---> 7b153044fc53 Step 4/7 : ADD index.html /usr/local/nginx/html/index.html ---> Using cache ---> 063bd75a66ed Step 5/7 : RUN mkdir -p /usr/local/nginx/html/webapp/static /usr/local/nginx/html/webapp/images ---> Using cache ---> 03ac009708c5 Step 6/7 : EXPOSE 80 443 ---> Using cache ---> c8051ce7ed26 Step 7/7 : CMD ["nginx"] ---> Using cache ---> cfaab53ee103 Successfully built cfaab53ee103 Successfully tagged harbor.intra.com/wework/nginx-web1:v1 镜像构建完成,即将上传到harbor The push refers to repository [harbor.intra.com/wework/nginx-web1] 3a5cda11572a: Pushed 157cbe121239: Pushed 2b58dc2a7ea6: Pushed de5ef3221cdb: Pushed add7044db687: Mounted from pub-images/nginx-base 48509365cc6b: Mounted from pub-images/nginx-base 866a31dd9674: Mounted from pub-images/nginx-base d7f831641e18: Mounted from pub-images/nginx-base f4b52134c525: Mounted from pub-images/nginx-base 0533300cca03: Mounted from pub-images/nginx-base 30a12549c4a3: Mounted from pub-images/nginx-base ce1fb445c72c: Mounted from pub-images/nginx-base 174f56854903: Mounted from pub-images/nginx-base v1: digest: sha256:9743f3dcfd1b8f309c41d8afa8d9d9e3c06818bdad2d45b41b74ddbd0cfda61f size: 3043 镜像上传到harbor完成- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
6. 配置nginx yaml
nginx yaml
命名空间 weworkapiVersion: v1 kind: Namespace metadata: name: wework --- kind: Deployment apiVersion: apps/v1 metadata: labels: app: wework-nginx-deployment-label name: wework-nginx-deployment namespace: wework spec: replicas: 1 selector: matchLabels: app: wework-nginx-selector template: metadata: labels: app: wework-nginx-selector spec: containers: - name: wework-nginx-container image: harbor.intra.com/wework/nginx-web1:v1 ports: - containerPort: 80 protocol: TCP name: http - containerPort: 443 protocol: TCP name: https env: - name: "password" value: "123456" - name: "age" value: "20" resources: limits: cpu: 2 memory: 2Gi requests: cpu: 500m memory: 1Gi volumeMounts: - name: wework-images mountPath: /usr/local/nginx/html/webapp/images readOnly: false - name: wework-static mountPath: /usr/local/nginx/html/webapp/static readOnly: false volumes: - name: wework-images nfs: server: 192.168.31.109 path: /data/k8s/wework/images - name: wework-static nfs: server: 192.168.31.104 path: /data/k8s/wework/static --- kind: Service apiVersion: v1 metadata: labels: app: wework-nginx-service-label name: wework-nginx-service namespace: wework spec: type: NodePort ports: - name: http port: 80 protocol: TCP targetPort: 80 nodePort: 30090 - name: https port: 443 protocol: TCP targetPort: 443 nodePort: 30091 selector: app: wework-nginx-selector- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# kubectl apply -f nginx.yaml namespace/wework unchanged deployment.apps/wework-nginx-deployment configured service/wework-nginx-service created root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# kubectl get ns NAME STATUS AGE default Active 103d kube-node-lease Active 103d kube-public Active 103d kube-system Active 103d kubernetes-dashboard Active 8d kuboard Active 7d21h n60 Active 5d3h wework Active 12m root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# kubectl get pods -n wework NAME READY STATUS RESTARTS AGE wework-nginx-deployment-55fd76774f-22lb8 1/1 Running 0 13s root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# kubectl get svc -n wework NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE wework-nginx-service NodePort 10.200.89.252 <none> 80:30090/TCP,443:30091/TCP 19s root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# kubectl get ep -n wework NAME ENDPOINTS AGE wework-nginx-service 172.100.76.147:443,172.100.76.147:80 28s- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
测试
root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# curl 192.168.31.113:30090 nginx wework-web1 v1 root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# curl http://192.168.31.113:30090/webapp/static/index.html in wework/static/ root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# curl http://192.168.31.113:30090/webapp/images/index.html in wework/images- 1
- 2
- 3
- 4
- 5
- 6
7. 构建Jdk
Dockerfile
#JDK Base Image FROM harbor.intra.com/baseimages/centos-base:7.9.2009 ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/ RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk ADD profile /etc/profile ENV JAVA_HOME /usr/local/jdk ENV JRE_HOME $JAVA_HOME/jre ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/ ENV PATH $PATH:$JAVA_HOME/bin- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
build
#!/bin/bash docker build -t harbor.intra.com/pub-images/jdk-base:v8.212 . sleep 1 docker push harbor.intra.com/pub-images/jdk-base:v8.212- 1
- 2
- 3
- 4
构建镜像harbor.intra.com/pub-images/jdk-base:v8.212
root@k8s-master-01:/opt/k8s-data/dockerfile/web/pub-images/jdk-1.8.212# ./build-command.sh Sending build context to Docker daemon 195MB Step 1/8 : FROM harbor.intra.com/baseimages/centos-base:7.9.2009 ---> 4aa2d689b2b6 Step 2/8 : ADD jdk-8u212-linux-x64.tar.gz /usr/local/src/ ---> 72963c7a811d Step 3/8 : RUN ln -sv /usr/local/src/jdk1.8.0_212 /usr/local/jdk ---> Running in 4db0c48add71 '/usr/local/jdk' -> '/usr/local/src/jdk1.8.0_212' Removing intermediate container 4db0c48add71 ---> 87349d90709f Step 4/8 : ADD profile /etc/profile ---> e86576f80d28 Step 5/8 : ENV JAVA_HOME /usr/local/jdk ---> Running in 22ea26aa3d6b Removing intermediate container 22ea26aa3d6b ---> 7cd7fba139c9 Step 6/8 : ENV JRE_HOME $JAVA_HOME/jre ---> Running in e4e3f54035b4 Removing intermediate container e4e3f54035b4 ---> 6a6a39a69d56 Step 7/8 : ENV CLASSPATH $JAVA_HOME/lib/:$JRE_HOME/lib/ ---> Running in 22844d5c04f0 Removing intermediate container 22844d5c04f0 ---> 18073f89ee26 Step 8/8 : ENV PATH $PATH:$JAVA_HOME/bin ---> Running in add95765d747 Removing intermediate container add95765d747 ---> 7c67b5ec4ce0 Successfully built 7c67b5ec4ce0 Successfully tagged harbor.intra.com/pub-images/jdk-base:v8.212 The push refers to repository [harbor.intra.com/pub-images/jdk-base] aadaa9679cb8: Pushed fc305a4ba468: Pushed ab93afc6a659: Pushed d7f831641e18: Mounted from pub-images/nginx-base f4b52134c525: Mounted from pub-images/nginx-base 0533300cca03: Mounted from pub-images/nginx-base 30a12549c4a3: Mounted from pub-images/nginx-base ce1fb445c72c: Mounted from pub-images/nginx-base 174f56854903: Mounted from pub-images/nginx-base v8.212: digest: sha256:dcaabeec3fa813ac755888ec45f98c1e5e3acaf2b81369c940d205ebd7611038 size: 2209 root@k8s-master-01:/opt/k8s-data/dockerfile/web/pub-images/jdk-1.8.212# docker images REPOSITORY TAG IMAGE ID CREATED SIZE harbor.intra.com/pub-images/jdk-base v8.212 7c67b5ec4ce0 2 minutes ago 1.49GB- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
确认镜像java版本及环境变量配置是否正确
root@k8s-master-01:/opt/k8s-data/dockerfile/web/pub-images/jdk-1.8.212# docker run -it --rm harbor.intra.com/pub-images/jdk-base:v8.212 bash [root@6434537b3703 /]# java -version java version "1.8.0_212" Java(TM) SE Runtime Environment (build 1.8.0_212-b10) Java HotSpot(TM) 64-Bit Server VM (build 25.212-b10, mixed mode) [root@7303fd33df25 /]# env HOSTNAME=7303fd33df25 TERM=xterm JRE_HOME=/usr/local/jdk/jre LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/jdk/bin PWD=/ JAVA_HOME=/usr/local/jdk SHLVL=1 HOME=/root CLASSPATH=/usr/local/jdk/lib/:/usr/local/jdk/jre/lib/ _=/usr/bin/env- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
8. 构建Tomcat镜像
Dockerfile
#Tomcat 8.5.43基础镜像 FROM harbor.intra.com/pub-images/jdk-base:v8.212 RUN mkdir /apps /data/tomcat/webapps /data/tomcat/logs -pv ADD apache-tomcat-8.5.43.tar.gz /apps RUN useradd tomcat -u 2050 && ln -sv /apps/apache-tomcat-8.5.43 /apps/tomcat && chown -R tomcat.tomcat /apps /data -R- 1
- 2
- 3
- 4
- 5
- 6
build
#!/bin/bash docker build -t harbor.intra.com/pub-images/tomcat-base:v8.5.43 . sleep 3 docker push harbor.intra.com/pub-images/tomcat-base:v8.5.43- 1
- 2
- 3
- 4
构建Tomcat镜像harbor.intra.com/pub-images/tomcat-base:v8.5.43
root@k8s-master-01:/opt/k8s-data/dockerfile/web/pub-images/tomcat-base-8.5.43# ./build-command.sh Sending build context to Docker daemon 9.721MB Step 1/4 : FROM harbor.intra.com/pub-images/jdk-base:v8.212 ---> 7c67b5ec4ce0 Step 2/4 : RUN mkdir /apps /data/tomcat/webapps /data/tomcat/logs -pv ---> Running in b451e24cdb51 mkdir: created directory '/apps' mkdir: created directory '/data' mkdir: created directory '/data/tomcat' mkdir: created directory '/data/tomcat/webapps' mkdir: created directory '/data/tomcat/logs' Removing intermediate container b451e24cdb51 ---> cee348d63ec3 Step 3/4 : ADD apache-tomcat-8.5.43.tar.gz /apps ---> 94c73987b888 Step 4/4 : RUN useradd tomcat -u 2050 && ln -sv /apps/apache-tomcat-8.5.43 /apps/tomcat && chown -R tomcat.tomcat /apps /data -R ---> Running in 10559cbf38ce '/apps/tomcat' -> '/apps/apache-tomcat-8.5.43' Removing intermediate container 10559cbf38ce ---> 8ea246a48b19 Successfully built 8ea246a48b19 Successfully tagged harbor.intra.com/pub-images/tomcat-base:v8.5.43 The push refers to repository [harbor.intra.com/pub-images/tomcat-base] dd8f6a0cdeaa: Pushed 3447904f79c4: Pushed 7adc429e9dda: Pushed aadaa9679cb8: Mounted from pub-images/jdk-base fc305a4ba468: Mounted from pub-images/jdk-base ab93afc6a659: Mounted from pub-images/jdk-base d7f831641e18: Mounted from pub-images/jdk-base f4b52134c525: Mounted from pub-images/jdk-base 0533300cca03: Mounted from pub-images/jdk-base 30a12549c4a3: Mounted from pub-images/jdk-base ce1fb445c72c: Mounted from pub-images/jdk-base 174f56854903: Mounted from pub-images/jdk-base v8.5.43: digest: sha256:52d05e86cb0651f2fe224ef97c19015776556eb9eec9d573bd0b870d7c8851eb size: 2838- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
9. 构建Wework项目Tomcat app
Dockerfile
#tomcat web1 FROM harbor.intra.com/pub-images/tomcat-base:v8.5.43 ADD catalina.sh /apps/tomcat/bin/catalina.sh ADD server.xml /apps/tomcat/conf/server.xml ADD app1.tar.gz /data/tomcat/webapps/myapp/ ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh RUN chown -R nginx.nginx /data/ /apps/ EXPOSE 8080 8443 CMD ["/apps/tomcat/bin/run_tomcat.sh"]- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
build
#!/bin/bash TAG=$1 docker build -t harbor.intra.com/wework/tomcat-app1:${TAG} . sleep 3 docker push harbor.intra.com/wework/tomcat-app1:${TAG}- 1
- 2
- 3
- 4
- 5
构建wework项目tomcat app
harbor.intra.com/wework/tomcat-app1:v1
root@k8s-master-01:/opt/k8s-data/dockerfile/web/wework/tomcat-app1# ./build-command.sh v1 Sending build context to Docker daemon 24.13MB Step 1/8 : FROM harbor.intra.com/pub-images/tomcat-base:v8.5.43 ---> 8ea246a48b19 Step 2/8 : ADD catalina.sh /apps/tomcat/bin/catalina.sh ---> cea5baadac4d Step 3/8 : ADD server.xml /apps/tomcat/conf/server.xml ---> 58f377ffd9bb Step 4/8 : ADD app1.tar.gz /data/tomcat/webapps/myapp/ ---> 22022b6ad43b Step 5/8 : ADD run_tomcat.sh /apps/tomcat/bin/run_tomcat.sh ---> a8168086d164 Step 6/8 : RUN chown -R nginx.nginx /data/ /apps/ ---> Running in 2bf1890a814d Removing intermediate container 2bf1890a814d ---> cf2a0a834e48 Step 7/8 : EXPOSE 8080 8443 ---> Running in 700d0997c9aa Removing intermediate container 700d0997c9aa ---> b111c2979f17 Step 8/8 : CMD ["/apps/tomcat/bin/run_tomcat.sh"] ---> Running in a0014defd1a5 Removing intermediate container a0014defd1a5 ---> 87152ed32f8c Successfully built 87152ed32f8c Successfully tagged harbor.intra.com/wework/tomcat-app1:v1 The push refers to repository [harbor.intra.com/wework/tomcat-app1] 6e39205ea13e: Pushed 0fdcd2c4b787: Pushed 14f65bcfbf17: Pushed 524d0b6013b3: Pushed e03b1f42acaa: Pushed dd8f6a0cdeaa: Mounted from pub-images/tomcat-base 3447904f79c4: Mounted from pub-images/tomcat-base 7adc429e9dda: Mounted from pub-images/tomcat-base aadaa9679cb8: Mounted from pub-images/tomcat-base fc305a4ba468: Mounted from pub-images/tomcat-base ab93afc6a659: Mounted from pub-images/tomcat-base d7f831641e18: Mounted from wework/nginx-web1 f4b52134c525: Mounted from wework/nginx-web1 0533300cca03: Mounted from wework/nginx-web1 30a12549c4a3: Mounted from wework/nginx-web1 ce1fb445c72c: Mounted from wework/nginx-web1 174f56854903: Mounted from wework/nginx-web1 v1: digest: sha256:c5d2a0b8086c7343e64e31434b79e054cbeff97a6cafc3ea1e114898a9289f3c size: 3879- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
验证tomcat服务
docker run -d --rm -p 8080:8080 harbor.intra.com/wework/tomcat-app1:v1 42dd110163f81f2a56033e598f0e2912dc387aa320b553415576b2a789f338d1 curl http://192.168.31.101:8080/myapp/ tomcat app1 for wework- 1
- 2
- 3
- 4
10. 配置Tomcat app1 yaml
tomcat-app1.yaml
kind: Deployment apiVersion: apps/v1 metadata: labels: app: wework-tomcat-app1-deployment-label name: wework-tomcat-app1-deployment namespace: wework spec: replicas: 1 selector: matchLabels: app: wework-tomcat-app1-selector template: metadata: labels: app: wework-tomcat-app1-selector spec: containers: - name: wework-tomcat-app1-container image: harbor.intra.com/wework/tomcat-app1:v1 ports: - containerPort: 8080 protocol: TCP name: http env: - name: "password" value: "123456" - name: "age" value: "18" resources: limits: cpu: 1 memory: "512Mi" requests: cpu: 500m memory: "512Mi" volumeMounts: - name: wework-images mountPath: /usr/local/nginx/html/webapp/images readOnly: false - name: wework-static mountPath: /usr/local/nginx/html/webapp/static readOnly: false volumes: - name: wework-images nfs: server: 192.168.31.109 path: /data/k8s/wework/images - name: wework-static nfs: server: 192.168.31.104 path: /data/k8s/wework/static --- kind: Service apiVersion: v1 metadata: labels: app: wework-tomcat-app1-service-label name: wework-tomcat-app1-service namespace: wework spec: # type: NodePort ports: - name: http port: 80 protocol: TCP targetPort: 8080 # nodePort: 30092 selector: app: wework-tomcat-app1-selector- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
为了测试打开了NodePort使得tomcat可以通过30092访问.
root@k8s-master-01:/opt/k8s-data/yaml/wework/tomcat-app1# kubectl get svc -n wework NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE wework-nginx-service NodePort 10.200.89.252 <none> 80:30090/TCP,443:30091/TCP 3h14m wework-tomcat-app1-service NodePort 10.200.170.145 <none> 80:30092/TCP 10m root@k8s-master-01:/opt/k8s-data/yaml/wework/tomcat-app1# kubectl get ep -n wework NAME ENDPOINTS AGE wework-nginx-service 172.100.76.147:443,172.100.76.147:80 3h14m wework-tomcat-app1-service 172.100.140.77:8080 10m root@k8s-master-01:/opt/k8s-data/yaml/wework/tomcat-app1# curl 192.168.31.113:30092/myapp/ tomcat app1 for wework root@k8s-master-01:/opt/k8s-data/yaml/wework/tomcat-app1# kubectl exec -it wework-nginx-deployment-55fd76774f-22lb8 -n wework bash kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead. [root@wework-nginx-deployment-55fd76774f-22lb8 /]# curl wework-tomcat-app1-service.wework.svc.magedu.local/myapp/ tomcat app1 for wework [root@wework-nginx-deployment-55fd76774f-22lb8 /]# ping wework-tomcat-app1-service.wework.svc.magedu.local -c 1 PING wework-tomcat-app1-service.wework.svc.magedu.local (10.200.170.145) 56(84) bytes of data. 64 bytes from wework-tomcat-app1-service.wework.svc.magedu.local (10.200.170.145): icmp_seq=1 ttl=64 time=0.023 ms --- wework-tomcat-app1-service.wework.svc.magedu.local ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.023/0.023/0.023/0.000 ms- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
11. 修改nginx镜像的nginx.conf
将tomcat的service写入tomcat_webserver的upstream中,这样后期对tomcat的伸缩就会由service管控,nginx只需要将请求转发值tomcat service即可.
upstream tomcat_webserver { server wework-tomcat-app1-service.wework.svc.magedu.local:80 }- 1
- 2
- 3
将访问/myapp的请求转发至tomcat service
location /myapp { proxy_pass http://tomcat_webserver; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; }- 1
- 2
- 3
- 4
- 5
- 6
nginx.conf所有内如如下
user nginx nginx; worker_processes auto; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; daemon off; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream tomcat_webserver { server wework-tomcat-app1-service.wework.svc.magedu.local:80; } server { listen 80; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } location /webapp { root html; index index.html index.htm; } location /myapp { proxy_pass http://tomcat_webserver; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
重新构建nginx镜像
root@k8s-master-01:/opt/k8s-data/dockerfile/web/wework/nginx# ./build-command.sh v2 ...略 174f56854903: Layer already exists v2: digest: sha256:36962f095f3e112ec755ccb89aeff278bfafee5f88768ddcad2da9805f2c6780 size: 3043 镜像上传到harbor完成 root@k8s-master-01:/opt/k8s-data/dockerfile/web/wework/nginx# docker images REPOSITORY TAG IMAGE ID CREATED SIZE harbor.intra.com/wework/nginx-web1 v2 7ea9eec844b1 17 seconds ago 1.28GB 略- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
修改nginx.yaml
image: harbor.intra.com/wework/nginx-web1:v2- 1
更新nginx镜像
root@k8s-master-01:/opt/k8s-data/yaml/wework/nginx# kubectl apply -f nginx.yaml namespace/wework unchanged deployment.apps/wework-nginx-deployment configured service/wework-nginx-service unchanged- 1
- 2
- 3
- 4
测试访问nginx的service
root@k8s-master-01:~# kubectl get svc -n wework NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE wework-nginx-service NodePort 10.200.89.252 <none> 80:30090/TCP,443:30091/TCP 18h wework-tomcat-app1-service NodePort 10.200.170.145 <none> 80:30092/TCP 15h root@k8s-master-01:~# kubectl get ep -n wework NAME ENDPOINTS AGE wework-nginx-service 172.100.76.149:443,172.100.76.149:80 18h wework-tomcat-app1-service 172.100.76.151:8080 15h root@k8s-master-01:~# curl 192.168.31.113:30090 nginx wework-web1 v1 root@k8s-master-01:~# curl 192.168.31.113:30090/myapp/ tomcat app1 for wework- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
此时tomcat的nodeport还开着
root@k8s-master-01:~# curl 192.168.31.113:30092/myapp/ tomcat app1 for wework root@k8s-master-01:~# curl 192.168.31.188/myapp/ tomcat app1 for wework- 1
- 2
- 3
- 4
修改tomcat svc部分配置关闭NodePort映射,并更新tomcat
其他部分略 --- kind: Service apiVersion: v1 metadata: labels: app: wework-tomcat-app1-service-label name: wework-tomcat-app1-service namespace: wework spec: #type: NodePort ports: - name: http port: 80 protocol: TCP targetPort: 8080 # nodePort: 30092 selector: app: wework-tomcat-app1-selector- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
更新后可以看到wework-tomcat-app1-service已经不再对外做映射
root@k8s-master-01:/opt/k8s-data/yaml/wework/tomcat-app1# kubectl apply -f tomcat-app1.yaml deployment.apps/wework-tomcat-app1-deployment configured service/wework-tomcat-app1-service configured root@k8s-master-01:/opt/k8s-data/yaml/wework/tomcat-app1# kubectl get svc -n wework NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE wework-nginx-service NodePort 10.200.89.252 <none> 80:30090/TCP,443:30091/TCP 18h wework-tomcat-app1-service ClusterIP 10.200.170.145 <none> 80/TCP- 1
- 2
- 3
- 4
- 5
- 6
- 7
测试访问nginx的service
root@k8s-master-01:~# curl 192.168.31.188 nginx wework-web1 v1 root@k8s-master-01:~# curl 192.168.31.113:30090 nginx wework-web1 v1 root@k8s-master-01:~# curl 192.168.31.113:30090/myapp/ tomcat app1 for wework root@k8s-master-01:~# curl 192.168.31.188/myapp/ tomcat app1 for wework- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
至此通过nginx的service实现动静分离已经实现
-
相关阅读:
CPT205 Lab1 Code Collection
数据结构:平衡二叉树
【转载】分布式训练和集合通信
C++使用for(:)遇到的BUG
02-Sping事务实现之声明式事务基于XML的实现方式
Linux系统下交叉编译工具的安装实现
flask搭建简易版学生信息管理系统
JWT令牌实现登陆校验
黑客(网络安全)技术速成自学
3、常用五大数据类型
- 原文地址:https://blog.csdn.net/qq_29974229/article/details/126250939
