用户投稿Docker 部署在 Centos 7.5
专案 Docker 化
打包专案映像档分为两步骤
1.基础映像挡,包含python版本、专案所需要的Library、专案所需要的插件
2.专案映像挡,包含专案程式码
会使用两步骤有几个好处:
一、专案在Docker化的时候可以比较快速,不用重複一直安装相同插件
二、基础映像挡越小越好,而且可以多专案共用
Dockerfile for alpine
# 来源映像档FROM python:3.5-alpineMAINTAINER Pellok "pellok2002@gmail.com"# 安装专案必要的软体RUN apk update && \ apk add --no-cache --virtual deps build-base postgresql-dev libffi-dev openssh libpq gcc python-dev linux-headers musl-dev git autoconf automake openssl-dev zlib zlib-dev jpeg-dev py-pip libmagic && \ mkdir -p /usr/src/app# 複製 requirements.txt 到 /usr/src/app/ 目录底下,并安装 requirements.txt 内的 LibraryCOPY requirements.txt /usr/src/app/RUN pip install --upgrade pip setuptools && \ pip install --no-cache-dir -r /usr/src/app/requirements.txt# 设定工作目录是 /usr/src/appWORKDIR /usr/src/app# 下次执行 複製目录下的所有档案 到 /usr/src/appONBUILD COPY . /usr/src/app创建 Base Docker Image
# 把专案需要的 library 储存到 requirements.txt 档案pip freeze |grep -v git > deploy/docker/alpine/requirements.txt# 建置 project_name alpine 映像档docker build --rm -t project_name:alpine deploy/docker/alpine专案 Dockerfile
# 来源映像档FROM project_name:alpine# 安装 libmagic RUN apk add --no-cache --virtual libmagic# 执行专案初始化,并且最小化映像档(删除一些暂存的档案或不必要的档案)RUN python setup.py develop && \ mkdir -p /usr/src/app/project_name/static/uploads && \ find /usr/local \( -type d -a -name test -o -name tests \) -o \( -type f -a -name '*.pyc' -o -name '*.pyo' \) -exec rm -rf '{}' + && \ runDeps="$( scanelf --needed --nobanner --recursive /usr/local | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' | sort -u | xargs -r apk info --installed | sort -u )" && \ apk add --virtual .rundeps $runDeps && \ apk del deps build-base openssh gcc linux-headers git autoconf automake && \ rm -f /usr/src/app/requirements.txt && rm -rf /var/cache/apk/*# 输出PortEXPOSE 6543# 启动服务CMD pserve production.ini http_port=6543建置 专案 Docker Image
docker build --rm -t project_name .打包上传
docker save -o project_name.tar project_nameor docker save -o project_name-$(git describe).tar project_namescp project_name.tar xxx@192.168.0.1:~Server 安装 Docker
curl -sSL https://get.docker.com | shsystemctl enable dockersystemctl start dockerps aux |grep dockersystemctl status dockerServer 安装 Redis
yum install epel-release yum-utilsyum install http://rpms.remirepo.net/enterprise/remi-release-7.rpmyum-config-manager --enable remiyum -y install redissystemctl start redissystemctl enable redissystemctl status redisnetstat -tunpl修改 redis.conf bind 设定
vim /etc/redis.conf
bind 0.0.0.0重启服务
systemctl restart redis# 检查服务netstat -tunpl # tcp 0 0 0.0.0.0:6379 0.0.0.0:* LISTEN 100575/redis-server开启火墙
firewall-cmd --new-zone=redis --permanentfirewall-cmd --zone=redis --add-port=6379/tcp --permanentfirewall-cmd --zone=redis --add-source=172.17.0.0/24 --permanentfirewall-cmd --reload# 检查防火墙firewall-cmd --zone=redis --list-ports# 6379/tcpiptables-save# -A INPUT_ZONES_SOURCE -s 172.17.0.0/24 -g IN_redis# -A FORWARD_IN_ZONES_SOURCE -s 172.17.0.0/24 -g FWDI_redis# -A FORWARD_OUT_ZONES_SOURCE -d 172.17.0.0/24 -g FWDO_redisServer 安装 Postgresql
vim postgres.sh#/bin/bashrpm -Uvh http://yum.postgresql.org/9.5/redhat/rhel-7-x86_64/pgdg-centos95-9.5-3.noarch.rpmyum -y install postgresql95-server postgresql95 postgresql95-devel/usr/pgsql-9.5/bin/postgresql95-setup initdbsystemctl start postgresql-9.5systemctl enable postgresql-9.5sed -i -e "s@#listen_addresses = 'localhost'@listen_addresses = '*'@" /var/lib/pgsql/9.5/data/postgresql.confecho "host all all 0.0.0.0/0 md5" >> /var/lib/pgsql/9.5/data/pg_hba.confsystemctl restart postgresql-9.5systemctl start firewalldfirewall-cmd --new-zone=postgresql --permanentfirewall-cmd --zone=postgresql --add-port=5432/tcp --permanentfirewall-cmd --zone=postgresql --add-source=172.17.0.0/24 --permanentfirewall-cmd --reloadfirewall-cmd --zone=postgres --list-ports# 执行脚本sh postgres.shServer 安装 Nginx
yum -y install epel-release yum -y install nginxsystemctl start nginx修正 vim /etc/nginx/nginx.conf ,关闭预设的网页
... gzip on; gzip_http_version 1.1; gzip_comp_level 6; gzip_types text/plain text/css text/js text/xml text/javascript application/javascript application/x-javascript application/json application/xml application/rss+xml image/svg+xml; #server { # listen 80 default_server; # listen [::]:80 default_server; # server_name _; # root /usr/share/nginx/html; # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # location / { # } # error_page 404 /404.html; # location = /40x.html { # } # error_page 500 502 503 504 /50x.html; # location = /50x.html { # } #}...设定 project nginx 设定档
vim /etc/nginx/conf.d/project.confupstream project { server 127.0.0.1:6543;}server { listen 80; server_name _ gm.un05.com; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; client_max_body_size 100m; client_body_buffer_size 128k; proxy_connect_timeout 60s; proxy_send_timeout 90s; proxy_read_timeout 90s; proxy_buffering off; proxy_temp_file_write_size 64k; proxy_pass http://project; proxy_redirect off; }}关闭 Selinux
setenforce 0vim /etc/selinux/configSELINUX=enforcing#改成SELINUX=disabled开启防火墙,打开 80 和 443 port
firewall-cmd --permanent --add-port=80/tcpfirewall-cmd --permanent --add-port=443/tcpfirewall-cmd --reloadiptables-save启动 Docker 服务
主机汇入映像党
ssh xxx@192.168.0.1sudos su - rootdocker load -i project_name.tardocker images启动Docker
docker run -d -p 6543:6543 --name project_name \-e REDIS_HOST=10.0.7.4 \-e REDIS_PORT=6379 \-e DB_HOST=10.0.7.4 \-e DB_USER=postgres \-e DB_PORT=5432 \-e DB_PASS=password \-e DB_NAME=project_name \project_nameDocker相关指令
docker imagesdocker ps -adocker logs -f conatiner_iddocker exec -ti conatiner_id /bin/sh
微信扫一扫打赏
支付宝扫一扫打赏
