iT邦幫忙

0

Docker 部署在 Centos 7.5

Docker 部署在 Centos 7.5

專案 Docker 化

打包專案映像檔分為兩步驟
1.基礎映像擋,包含python版本、專案所需要的Library、專案所需要的插件
2.專案映像擋,包含專案程式碼

會使用兩步驟有幾個好處:
一、專案在Docker化的時候可以比較快速,不用重複一直安裝相同插件
二、基礎映像擋越小越好,而且可以多專案共用

Dockerfile for alpine

# 來源映像檔
FROM python:3.5-alpine
MAINTAINER Pellok "pellok2002@gmail.com"

# 安裝專案必要的軟體
RUN apk update && \
    apk add --no-cache --virtual deps build-base postgresql-dev libffi-dev openssh libpq gcc python-dev linux-headers musl-dev git autoconf automake openssl-dev zlib zlib-dev jpeg-dev py-pip libmagic && \
    mkdir -p /usr/src/app

# 複製 requirements.txt 到 /usr/src/app/ 目錄底下,並安裝  requirements.txt 內的 Library
COPY requirements.txt /usr/src/app/
RUN pip install --upgrade pip setuptools && \
    pip install --no-cache-dir -r /usr/src/app/requirements.txt

# 設定工作目錄是 /usr/src/app
WORKDIR /usr/src/app

# 下次執行 複製目錄下的所有檔案 到 /usr/src/app
ONBUILD COPY . /usr/src/app

創建 Base Docker Image

# 把專案需要的 library 儲存到 requirements.txt 檔案
pip freeze |grep -v git > deploy/docker/alpine/requirements.txt
# 建置 project_name alpine 映像檔
docker build --rm -t project_name:alpine deploy/docker/alpine

專案 Dockerfile

# 來源映像檔
FROM project_name:alpine

# 安裝 libmagic 
RUN apk add --no-cache --virtual libmagic

# 執行專案初始化,並且最小化映像檔(刪除一些暫存的檔案或不必要的檔案)
RUN python setup.py develop && \
    mkdir -p /usr/src/app/project_name/static/uploads && \
    find /usr/local \( -type d -a -name test -o -name tests \) -o \( -type f -a -name '*.pyc' -o -name '*.pyo' \) -exec rm -rf '{}' + && \
    runDeps="$( scanelf --needed --nobanner --recursive /usr/local | awk '{ gsub(/,/, "\nso:", $2); print "so:" $2 }' | sort -u | xargs -r apk info --installed | sort -u )" && \
    apk add --virtual .rundeps $runDeps && \
    apk del deps build-base openssh gcc linux-headers git autoconf automake && \
    rm -f /usr/src/app/requirements.txt && rm -rf /var/cache/apk/*

# 輸出Port
EXPOSE 6543
# 啟動服務
CMD pserve production.ini http_port=6543

建置 專案 Docker Image

docker build --rm -t project_name .

打包上傳

docker save -o project_name.tar project_name
or 
docker save -o project_name-$(git describe).tar project_name

scp project_name.tar xxx@192.168.0.1:~

Server 安裝 Docker

curl -sSL https://get.docker.com | sh
systemctl enable docker
systemctl start docker
ps aux |grep docker
systemctl status docker

Server 安裝 Redis

yum install epel-release yum-utils
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
yum-config-manager --enable remi
yum -y install redis

systemctl start redis
systemctl enable redis
systemctl status redis
netstat -tunpl

修改 redis.conf bind 設定

vim /etc/redis.conf

bind 0.0.0.0

重啟服務

systemctl restart redis
# 檢查服務
netstat -tunpl 
# tcp        0      0 0.0.0.0:6379            0.0.0.0:*               LISTEN      100575/redis-server

開啟火牆

firewall-cmd --new-zone=redis --permanent
firewall-cmd --zone=redis --add-port=6379/tcp --permanent
firewall-cmd --zone=redis --add-source=172.17.0.0/24 --permanent
firewall-cmd --reload
# 檢查防火牆
firewall-cmd --zone=redis --list-ports
# 6379/tcp
iptables-save
# -A INPUT_ZONES_SOURCE -s 172.17.0.0/24 -g IN_redis
# -A FORWARD_IN_ZONES_SOURCE -s 172.17.0.0/24 -g FWDI_redis
# -A FORWARD_OUT_ZONES_SOURCE -d 172.17.0.0/24 -g FWDO_redis

Server 安裝 Postgresql

vim postgres.sh
#/bin/bash
rpm -Uvh http://yum.postgresql.org/9.5/redhat/rhel-7-x86_64/pgdg-centos95-9.5-3.noarch.rpm
yum -y install postgresql95-server postgresql95 postgresql95-devel
/usr/pgsql-9.5/bin/postgresql95-setup initdb
systemctl start postgresql-9.5
systemctl enable postgresql-9.5
sed -i -e "s@#listen_addresses = 'localhost'@listen_addresses = '*'@" /var/lib/pgsql/9.5/data/postgresql.conf
echo "host    all             all             0.0.0.0/0               md5" >> /var/lib/pgsql/9.5/data/pg_hba.conf
systemctl restart postgresql-9.5
systemctl start firewalld
firewall-cmd --new-zone=postgresql --permanent
firewall-cmd --zone=postgresql --add-port=5432/tcp --permanent
firewall-cmd --zone=postgresql --add-source=172.17.0.0/24 --permanent
firewall-cmd --reload
firewall-cmd --zone=postgres --list-ports
# 執行腳本
sh postgres.sh

Server 安裝 Nginx

yum -y install epel-release 
yum -y install nginx
systemctl start nginx

修正 vim /etc/nginx/nginx.conf ,關閉預設的網頁

...
    gzip on;
    gzip_http_version 1.1;
    gzip_comp_level 6;
    gzip_types    text/plain text/css text/js
                  text/xml text/javascript
                  application/javascript
                  application/x-javascript
                  application/json
                  application/xml
                  application/rss+xml
                  image/svg+xml;

    #server {
    #    listen       80 default_server;
    #    listen       [::]:80 default_server;
    #    server_name  _;
    #    root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
    #    include /etc/nginx/default.d/*.conf;

    #    location / {
    #    }

    #    error_page 404 /404.html;
    #        location = /40x.html {
    #    }

    #    error_page 500 502 503 504 /50x.html;
    #        location = /50x.html {
    #    }
    #}
...

設定 project nginx 設定檔

vim /etc/nginx/conf.d/project.conf
upstream project {
    server 127.0.0.1:6543;
}

server {
    listen 80;
    server_name _ gm.un05.com;
    location / {
        proxy_set_header        Host $http_host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;

        client_max_body_size    100m;
        client_body_buffer_size 128k;
        proxy_connect_timeout   60s;
        proxy_send_timeout      90s;
        proxy_read_timeout      90s;
        proxy_buffering         off;
        proxy_temp_file_write_size 64k;
        proxy_pass http://project;
        proxy_redirect          off;
    }
}

關閉 Selinux

setenforce 0
vim /etc/selinux/config
SELINUX=enforcing
#改成
SELINUX=disabled

開啟防火牆,打開 80 和 443 port

firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload
iptables-save

啟動 Docker 服務

主機匯入映像黨

ssh xxx@192.168.0.1
sudos su - root
docker load -i project_name.tar
docker images

啟動Docker

docker run -d -p 6543:6543 --name project_name \
-e REDIS_HOST=10.0.7.4 \
-e REDIS_PORT=6379 \
-e DB_HOST=10.0.7.4 \
-e DB_USER=postgres \
-e DB_PORT=5432 \
-e DB_PASS=password \
-e DB_NAME=project_name \
project_name

Docker相關指令

docker images
docker ps -a
docker logs -f conatiner_id
docker exec -ti conatiner_id /bin/sh

尚未有邦友留言

立即登入留言