创建nginx脚本
官方及网上大部分的启动nginx-consul-template容器最后ENTRYPOINT都为nginx -sreload,但是因为在重制镜像的时候会将nginx镜像中ENTRYPOINT的nginx -g 'daemonoff'给覆盖掉,导致容器在启动的时候nginx没有启动,而nginx -s reload会去读/run/nginx.pid,如果没有则reload失败,所以这里新建了一个nginx启动及重启的脚本。
#!/bin/bash if nginx -t>/dev/null; then if [[ -s /var/run/nginx.pid ]]; then nginx -s reload if [[ $? != 0 ]]; then rm -f /var/run/nginx.pid nginx -c /etc/nginx/nginx.conf fi else nginx -c /etc/nginx/nginx.conf fi fi
这里做了3层判断,先检查nginx配置是否正确,然后查看检查nginx.pid是否存在且不为空。容器如果退出,会导致nginx.pid里面的ID号不对,再次启动nginx的时候,nginx-s reload会报错,所以需要再判断nginx -s reload是否正确
创建nginx-consul-template的docker file
vim nginx-consul-template.df FROM nginx MAINTAINER Qingwen Zhang <[email protected]> RUN apt-get update && \ apt-get install --no-install-recommends --no-install-suggests -y unzip && \ rm -r /var/lib/apt/lists/* ENV CONSUL_TEMPLATE_VERSION 0.19.4 ADD https://releases.hashicorp.com/consul-template/${CONSUL_TEMPLATE_VERSION}/consul-template_${CONSUL_TEMPLATE_VERSION}_linux_amd64.zip /tmp/consul-template.zip ADD nginx.sh /tmp/nginx.sh RUN chmod +x /tmp/nginx.sh RUN unzip /tmp/consul-template.zip -d /usr/bin && \ chmod +x /usr/bin/consul-template && \ rm /tmp/consul-template.zip RUN mkdir /etc/ctmpl WORKDIR /etc/ctmpl ENTRYPOINT ["/usr/bin/consul-template"]
创建镜像
docker build -t 172.16.4.92/service/nginx-consul-template -f /opt/dockerfile/nginx-consul-template.df . docker push 172.16.4.92/service/nginx-consul-template
创建ctmpl模板
mkdir -p /opt/platform/nginx-calico && cd /opt/platform/nginx-calico && mkdir -p conf modules html logs ctmpl
vim /opt/platform/nginx-calico/ctmpl/ctmpl {{range services}}{{ if in .Tags "calico" }}{{$name := .Name}}{{$service := service .Name}}upstream {{$name}} { zone upstream-{{$name}} 64k; {{range $service}} server {{.Address}}:{{.Port}} max_fails=3 fail_timeout=60 weight=1; {{end}}} server { listen 80; charset utf-8; server_name {{$name|toLower|split "-"|join "."}}.test.com; access_log /var/log/nginx/{{.Name}}.log; location / { proxy_pass http://{{$name}}; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 10s; proxy_send_timeout 150s; proxy_read_timeout 150s; proxy_next_upstream error timeout invalid_header http_404 http_502 http_504 http_500; } } {{end}}{{end}}
运行nginx-consul-template
docker pull 172.16.4.92/service/nginx-consul-template docker run -d \ --restart=always \ --net=calico \ --ip=10.233.2.1 \ --label org.projectcalico.label.role=nginx \ -v /opt/platform/nginx-calico/conf:/etc/nginx \ -v /opt/platform/nginx-calico/modules:/usr/lib/nginx/modules \ -v /opt/platform/nginx-calico/html:/usr/share/nginx/html \ -v /opt/platform/nginx-calico/logs:/var/log/nginx \ -v /opt/platform/nginx-calico/ctmpl:/etc/ctmpl \ --name=calico-nginx1-consul-template \ 172.16.4.92/service/nginx-consul-template \ -consul-addr=172.16.150.25:8500 -wait=5s \ -template="/etc/ctmpl/ctmpl:/etc/nginx/conf.d/app.conf:/tmp/nginx.sh"