简介
本章节主要讲解tengine-2.4.1+lua的镜像制作,本文列举出该镜像所用到的一些模块或安装包,以及一些nginx的配置,像nginx.conf主配置,以及日志格式的配置。便于一些网友们在制作类似镜像时可以下载相关的包来参考制作docker镜像,后续将整个包压缩上传到资源。
一.相关安装包准备
1.1.lua安装相关的包
安装lua必须的一些模块 lua-cjson-2.1.0.12.tar.gz lua-nginx-module-0.10.24.tar.gz lua-resty-core-master.tar.gz lua-resty-lrucache-master.tar.gz luajit2-2.1-agentzh.tar.gz
1.2.brotli压缩相关的包
这个包主要是用来开启brotli压缩,该模块的压缩率比gzip的高,如果不需要可以删除相应的代码 ngx_brotli.tar.gz
1.3.nginx状态统计采集
这个包主要是用来采集nginx请求的状态码或响应时间等信息,如果不需要可以删除相应的代码 nginx-module-vts-0.1.18.tar.gz
1.4.nginx的cache清理的包
这个包主要是用来清理nginx cache的模块,如果不需要可以删除相应的代码 ngx_cache_purge-2.3.tar.gz
1.5读取post的模块
这两个包主要是用来提取post的body进行分析,如果不需要可以删除相应的代码 form-input-nginx-module.tar.gz ngx_devel_kit.tar.gz
1.6.tengine-2.4.1版本
tengine-2.4.1.tar.gz : 下载地址:https://tengine.taobao.org/download_cn.html
二.lua的库文件准备及配置文件准备
2.1.配置文件
主配置文件:nginx.conf
user nginx;
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
#error_log /var/log/nginx/error.log crit;
error_log /dev/stdout error;
pid /var/run/nginx.pid;
events {
worker_connections 65535;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
include nginx_logjson.conf;
access_log /dev/stdout tpynormal;
#access_log off;
# Optimize the base setting
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 100m;
sendfile on;
tcp_nopush on;
log_not_found off;
keepalive_timeout 65;
server_tokens off;
server_info off;
server_tag off;
#trim on;
#trim_jscss on;
gzip on;
gzip_disable "msie6";
gzip_min_length 1k;
gzip_buffers 4 16k;
#gzip_http_version 1.0;
gzip_comp_level 9;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_vary on;
gzip_proxied any;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_upstream_tries 2;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 256k;
proxy_connect_timeout 3;
proxy_read_timeout 5;
proxy_send_timeout 15;
proxy_next_upstream http_500 http_502 http_504 error timeout invalid_header;
include /etc/nginx/conf.d/*.conf;
server {
server_name _;
listen 80 default;
return 403;
}
}
json日志格式文件:nginx_logjson.conf
log_format tpynormal '{"@timestamp":"$time_iso8601","remote_addr":"$remote_addr","host":"$host","request_method":"$request_method","uri":"$uri","request_uri":"$request_uri",'
'"status":$status,"body_bytes_sent":$body_bytes_sent,"http_referer":"$http_referer",'
'"http_user_agent":"$http_user_agent","http_x_forwarded_for":"$http_x_forwarded_for",'
'"upstream_addr":"$upstream_addr","upstream_status":"$upstream_status","upstream_response_time":"$upstream_response_time",'
'"server_addr":"$server_addr","request_time":$request_time,"scheme":"$scheme",'
'"remote_port":"$remote_port"}';
2.2.lua的库文件
从openresty下载的lua库
.
└── resty
├── cookie.lua
├── kafka
│ ├── broker.lua
│ ├── client.lua
│ ├── errors.lua
│ ├── producer.lua
│ ├── request.lua
│ ├── response.lua
│ ├── ringbuffer.lua
│ └── sendbuffer.lua
├── memcached.lua
├── mysql.lua
├── redis.lua
└── string
├── aes.lua
├── md5.lua
├── random.lua
├── sha.lua
├── sha1.lua
├── sha224.lua
├── sha256.lua
├── sha384.lua
├── sha512.lua
└── string.lua
2.3.友好错误的页面
errorpage 目录下放了自定义的友好错误页面
.
├── 403.html
├── 404.html
├── 499.html
├── 500.html
├── 502.html
├── 503.html
└── 504.html
二.Dockerfile代码
# VERSION 1 - EDITION 1
# # Author: wangbikang
#FROM alpine:latest
FROM alpine:3.18
#ENV TENGINE_VERSION 2.4.1
RUN rm -rf /var/cache/apk/* && \
rm -rf /tmp/*
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
RUN mkdir -p /data/pc-config/cert /usr/local/lib/lua/resty /usr/share/nginx/html/errorpage
COPY conf/pc_all.crt conf/pc_all.key /data/pc-config/cert/
#COPY conf/conf.d/* /etc/nginx/conf.d/
COPY lualib/resty /usr/local/lib/lua/resty/
COPY conf /etc/nginx/
COPY errorpage /usr/share/nginx/html/errorpage
COPY conf /etc/nginx/
COPY tengine-2.4.1.tar.gz form-input-nginx-module.tar.gz ngx_devel_kit.tar.gz ngx_cache_purge-2.3.tar.gz nginx-module-vts-0.1.18.tar.gz lua-cjson-2.1.0.12.tar.gz lua-nginx-module-0.10.24.tar.gz lua-resty-core-master.tar.gz lua-resty-lrucache-master.tar.gz luajit2-2.1-agentzh.tar.gz ngx_brotli.tar.gz /tmp/
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/${TZ} /etc/localtime && echo ${TZ} > /etc/timezone
ENV CONFIG "\
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_gunzip_module \
--with-http_auth_request_module \
--with-http_gzip_static_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-stream_sni \
--with-stream_realip_module \
--with-http_v2_module \
--add-module=/tmp/ngx_cache_purge-2.3/ \
--add-module=/tmp/ngx_devel_kit/ \
--add-module=/tmp/form-input-nginx-module/ \
--add-module=/tmp/nginx-module-vts-0.1.18/ \
--add-module=/tmp/lua-nginx-module-0.10.24 \
--add-module=/tmp/ngx_brotli/ \
--add-module=modules/ngx_http_upstream_session_sticky_module \
--add-module=modules/ngx_http_upstream_consistent_hash_module \
--add-module=modules/ngx_http_proxy_connect_module \
--add-module=modules/ngx_http_reqstat_module \
--add-module=modules/ngx_http_upstream_vnswrr_module \
--add-module=modules/ngx_http_upstream_check_module \
"
RUN addgroup -S nginx \
&& adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \
&& apk add --no-cache --virtual .build-deps \
curl \
libc-dev \
gcc \
make \
openssl-dev \
pcre-dev \
zlib-dev \
linux-headers \
libxslt-dev \
gd-dev \
geoip-dev \
&& cd /tmp && tar zxf luajit2-2.1-agentzh.tar.gz && cd luajit2-2.1-agentzh && make && make install \
&& export LUAJIT_LIB=/usr/local/lib \
&& export LUAJIT_INC=/usr/local/include/luajit-2.1 \
&& ln -s /usr/local/lib/lua/resty /usr/local/share/lua/5.1 \
&& cd /tmp && tar zxf lua-resty-core-master.tar.gz && cd lua-resty-core-master && make install PREFIX=/usr/local \
&& cd /tmp && tar zxf lua-resty-lrucache-master.tar.gz && cd lua-resty-lrucache-master && make install PREFIX=/usr/local \
&& cd /tmp && tar zxf lua-cjson-2.1.0.12.tar.gz && cd lua-cjson-2.1.0.12 && make install \
&& cd /tmp \
&& tar -zxf tengine-2.4.1.tar.gz \
&& tar -zxf form-input-nginx-module.tar.gz \
&& tar -zxf ngx_devel_kit.tar.gz \
&& tar -zxf ngx_cache_purge-2.3.tar.gz \
&& tar -zxf nginx-module-vts-0.1.18.tar.gz \
&& tar -zxf lua-nginx-module-0.10.24.tar.gz \
&& tar -zxf ngx_brotli.tar.gz \
&& rm -f tengine-2.4.1.tar.gz form-input-nginx-module.tar.gz ngx_devel_kit.tar.gz ngx_cache_purge-2.3.tar.gz nginx-module-vts-0.1.18.tar.gz lua-cjson-2.1.0.12.tar.gz lua-nginx-module-0.10.24.tar.gz lua-resty-core-master.tar.gz lua-resty-lrucache-master.tar.gz luajit2-2.1-agentzh.tar.gz ngx_brotli.tar.gz \
&& cd /tmp/tengine-2.4.1 \
&& ./configure $CONFIG --with-debug \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
&& mkdir -p /etc/nginx/conf.d/ \
&& mkdir -p /usr/share/nginx/html/ \
&& chown nginx.nginx -R /var/log/nginx \
&& install -m644 html/index.html /usr/share/nginx/html/ \
&& install -m644 html/50x.html /usr/share/nginx/html/ \
&& strip /usr/sbin/nginx* \
&& cd /tmp && rm -rf tengine-2.4.1 form-input-nginx-module ngx_devel_kit ngx_cache_purge-2.3 nginx-module-vts-0.1.18 lua-cjson-2.1.0.12 lua-nginx-module-0.10.24 lua-resty-core-master lua-resty-lrucache-master luajit2-2.1-agentzh ngx_brotli \
\
# Bring in gettext so we can get `envsubst`, then throw
# the rest away. To do this, we need to install `gettext`
# then move `envsubst` out of the way so `gettext` can
# be deleted completely, then move `envsubst` back.
&& apk add --no-cache --virtual .gettext gettext \
&& mv /usr/bin/envsubst /tmp/ \
\
&& runDeps="$( \
scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /tmp/envsubst \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)" \
&& apk add --no-cache --virtual .nginx-rundeps $runDeps \
&& apk del .build-deps \
&& apk del .gettext \
&& apk add libgcc \
&& mv /tmp/envsubst /usr/local/bin/ \
\
# Bring in tzdata so users could set the timezones through the environment
# variables
# && ln -sf /dev/stdout /var/log/nginx/access.log \
# && ln -sf /dev/stderr /var/log/nginx/error.log
#&& rm -f /tmp/glibc-2.29-r0.apk \
&& apk add --no-cache tzdata
EXPOSE 80 443
STOPSIGNAL SIGTERM
CMD ["nginx", "-g", "daemon off;"]
