[系统运维]Docker基于alpine系统制作haproxy镜像

Docker基于alpine系统制作haproxy镜像

1. 制作镜像的整体结构

   [root@docker ~]# tree /haproxy1/
/haproxy1/
├── Dockerfile
├── entrypoint.sh
└── files
    ├── haproxy-2.5.0.tar.gz
    └── install.sh

1 directory, 4 files
[root@docker ~]# 

2 Dockerfile的编写

[root@docker haproxy1]# cat Dockerfile 
FROM alpine
LABEL MAINTAINER='xixi 1@2.com'
ENV PATH /usr/local/haproxy/sbin:$PATH
ENV version 2.5.0

COPY files /tmp/
COPY entrypoint.sh /

RUN /tmp/install.sh

WORKDIR /usr/local/haproxy
 
EXPOSE 80 8189

ENTRYPOINT ["/entrypoint.sh"]


[root@docker haproxy1]# 

3 运行脚本的编写

//这里的编写和centos系统还是有一点的不同
[root@docker haproxy1]# cat files/install.sh 
#!/bin/sh
# 替换成国内源
sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories
#更新一下源
apk update
#创建组和创建用户
addgroup haproxy
adduser -S -H -s /sbin/nologin haproxy
#下载依赖包
apk add --no-cache -U make gcc pcre-dev bzip2-dev openssl-dev elogind-dev libc-dev dahdi-tools dahdi-tools-dev libexecinfo libexecinfo-dev ncurses-dev zlib-dev zlib
#apk add --no-cache -U make gcc pcre-devel bzip2-devel openssl-devel systemd-devel
#编译安装 
cd /tmp/
tar xf haproxy-$version.tar.gz
cd haproxy-$version
make TARGET=linux-musl  \
  USE_OPENSSL=1  \
  USE_ZLIB=1  \
  USE_PCRE=1  \
make install PREFIX=/usr/local/haproxy 
#cp haproxy /usr/sbin
echo 'net.ipv4.ip_nonlocal_bind = 1' >>  /etc/sysctl.conf
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
sysctl -p 

mkdir /usr/local/haproxy/conf 
apk del  gcc make 
rm -rf /var/cache/*
rm -rf /tmp/*
[root@docker haproxy1]# 

4 启动脚本编写

[root@docker haproxy1]# cat entrypoint.sh 
#!/bin/sh
cat > /usr/local/haproxy/conf/haproxy.cfg <<EOF
#--------------全局配置----------------
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
EOF
count=1
for rs_ip in $(cat /tmp/RSs.txt);do
cat >> /usr/local/haproxy/conf/haproxy.cfg <<EOF
    server web$count $rs_ip:80 check inter 2000 fall 5
EOF
let count++
done

haproxy -f /usr/local/haproxy/conf/haproxy.cfg  -db

[root@docker haproxy1]# 

5 在本机上编写变量文件

[root@docker ~]# cd /haproxy_config/
[root@docker haproxy_config]# ls
RSs.txt
[root@docker haproxy_config]# cat RSs.txt 
192.168.10.2
192.168.10.3
192.168.10.4
192.168.10.5
[root@docker haproxy_config]# 

6 制作镜像

[root@docker haproxy1]# docker build -t haproxy:v1.1
[root@docker ~]#  
[root@docker haproxy1]# docker images
REPOSITORY      TAG       IMAGE ID       CREATED             SIZE
haproxy         v1.1      219dc51c1897   58 seconds ago      54.5MB
nginx           latest    f652ca386ed1   10 days ago      141MB
busybox         latest    d23834f29b38   12 days ago      1.24MB
alpine          latest    c059bfaa849c   2 weeks ago      5.59MB
httpd           latest    ad17c88403e2   3 weeks ago      143MB
centos          latest    5d0da3dc9764   2 months ago     231MB
[root@docker ~]# 

7 用新生成的镜像启动容器访问测试

[root@docker ~]# docker run -itd --name h1 -p81:80 -p 8189:8189 -v /haproxy_config/:/tmp/ haproxy:v1.1
a7bdf9c16fc7949260964bb18b151b8723fa31a1d4d82dc638563c46e18e321b
[root@docker ~]# docker ps
CONTAINER ID   IMAGE          COMMAND            CREATED         STATUS         PORTS                                                                          NAMES
a7bdf9c16fc7   haproxy:v1.1   "/entrypoint.sh"   3 seconds ago   Up 2 seconds   0.0.0.0:8189->8189/tcp, :::8189->8189/tcp, 0.0.0.0:81->80/tcp, :::81->80/tcp   h1

8 访问测试

//新添加两个容器用作RS来访问测试
[root@docker ~]# docker run -itd --name web1 httpd
[root@docker ~]# docker run -itd --name web1 httpd

//访问haproxy容器IP来测试
[root@docker ~]# curl 192.168.10.1
<html><body><h1>It works!</h1></body></html>

[root@docker ~]# curl 192.168.10.1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@docker ~]# 

通过浏览器访问测试

我这里是映射容器的80到本机的81端口，所有访问需要加81端口


我们可以看到有我们创建的两个容器在运行，还有两个变量有值但因为没有容器使用这两个值所以这里是的web3和web4的状态是down的