企业🤖AI Agent构建引擎,智能编排和调试,一键部署,支持私有化部署方案 广告
#### 1. 前提是Docker已经安装好了 > 没有安装的可以看这篇文章-->[# centos7安装docker](http://kanclouds.roes.top/linux/1592928) #### 2.拉取Nginx镜像 ```shell docker pull nginx #使用命令查看拉取到的镜像 docker images ``` ![image.png](https://upload-images.jianshu.io/upload_images/7100414-5b458e63101b1829.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) #### 3. 运行Nginx镜像 ```shell docker run -d -p 80:80 --name nginx nginx ``` 参数说明 - ```-d``` 以守护模式运行镜像,也就是后台运行 - ```-p``` 宿主机端口映射的镜像端口,左边是宿主机端口,右边是镜像端口,```80```是Nginx访问端口 - ```--name```给容器起一个唯一的别名 启动后输入```docker ps -a```即可查看运行的容器: ![image.png](https://upload-images.jianshu.io/upload_images/7100414-7afe7820908b9b4f.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) #### 4. 访问Nginx 浏览器访问```http://ip```即可,出现以下页面说明运行成功 ![image.png](https://upload-images.jianshu.io/upload_images/7100414-9fa5415f42474bb1.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) #### 5. 配置Nginx * 我们首先需要在宿主机创建用于存放nginx日志、配置文件和相关静态资源的目录,并将其挂载到容器内对应路径。 * 后续更新我们只需要更改宿主机目录下的配置文件或者静态文件就可以更新容器内资源,这样可以确保容器挂掉只需要重新启动一个容器挂载上数据去就完美无缺的还原,这也是容器轻量快速方便的原因。不只是nginx容器,其余的像mysql容器也一定要记得挂载/data数据文件,防止容器宕掉丢失数据。 ```shell mkdir -p /home/service/nginx/log mkdir -p /home/service/nginx/conf mkdir -p /home/service/nginx/conf.d mkdir -p /home/service/nginx/static mkdir -p /home/service/nginx/ssl ``` 然后从Nginx容器中复制一份配置文件到宿主机刚刚创建的conf目录 ```shell docker cp nginx:/etc/nginx/nginx.conf /home/service/nginx/conf/nginx.conf ``` 可以看到已经有了 ![image.png](https://upload-images.jianshu.io/upload_images/7100414-ca7a9b7741a1e5c6.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) 查看一下内容 ![image.png](https://upload-images.jianshu.io/upload_images/7100414-ab8cf1d95c3aed82.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) 上图可以看出,这个配置文件还引入了其他的配置文件,所以我们需要把```include```引入的文件也复制一份到宿主机,但是我们不知道那些文件叫什么,所以我们需要进入容器内查看 ```shell docker exec -it nginx /bin/bash cd /etc/nginx/conf.d ls ``` 可以看到里面有个default.conf文件 ![image.png](https://upload-images.jianshu.io/upload_images/7100414-e884341bfed498c6.png?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) 我们需要把这个文件复制到宿主机,使用```exit```命令退出容器 ```shell exit docker cp nginx:/etc/nginx/conf.d/default.conf /home/service/nginx/conf.d/default.conf ``` 还记得我们前面访问nginx的时候那个页面吗?是的,那个页面也要复制到宿主机 ```shell docker cp nginx:/usr/share/nginx/html/index.html /home/service/nginx/static/index.html ``` #### 6. 修改配置文件 开始修改宿主机上复制出来的conf文件,首先修改```nginx.conf```,修改配置文件修改后的结果: ```nginx user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { include /etc/nginx/mime.types; default_type application/octet-stream; charset utf-8; keepalive_timeout 60; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; server { listen 80; server_name www.roes.top; location / { root /usr/share/nginx/html; index index.html index.htm; } } include /etc/nginx/conf.d/*.conf; } ``` 查看```default.conf``` ```nginx server { listen 80; server_name localhost; location / { root /usr/share/nginx/html; index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } ``` ##### 停止上次的nginx容器并删除容器 ```shell docker stop nginx docker rm nginx ``` ##### 重新启动一个nginx镜像 ``` docker run -p 443:443 -p 80:80 --name nginx \ --link jenkins \ -v /home/service/nginx/static:/usr/share/nginx/html \ -v /home/service/nginx/conf/nginx.conf:/etc/nginx/nginx.conf \ -v /home/service/nginx/log:/var/log/nginx \ -v /home/service/nginx/conf.d:/etc/nginx/conf.d \ -v /home/service/nginx/ssl:/ssl \ -d nginx ``` ```-v```的意思就是把宿主机目录挂载到冒号后面的容器目录 ```--link```用于连接容器,后面是零一个容器的唯一name,这样nginx就可以在配置文件使用```jenkins:端口```配置了 **此处多监听了一个443端口,用于以后配置https** 修改一下nginx默认的```index.html```,更有辨识度 ```shell vim /home/service/nginx/static/index.html ``` #### 7.配置Https访问 我是在阿里云申请了免费的一年ssl证书,大家可以百度一下,下载的是nginx的 并且在其中加入了许多优化的配置,```nginx.conf``` : ```shell user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { include /etc/nginx/mime.types; default_type application/octet-stream; charset utf-8; server_names_hash_bucket_size 128; client_header_buffer_size 2k; large_client_header_buffers 4 4k; client_max_body_size 8m; sendfile on; tcp_nopush on; keepalive_timeout 60; open_file_cache max=204800 inactive=20s; open_file_cache_min_uses 1; open_file_cache_valid 30s; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; server { listen 80; server_name www.example.com ; rewrite ^(.*)$ https://$host$1 permanent; } server { #监听的端口号 listen 443 ssl; server_name www.example.com ; ssl_certificate /ssl/1492507_www.example.com.pem; ssl_certificate_key /ssl/1492507_www.example.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root /usr/share/nginx/html; index index.html index.htm; } } include /etc/nginx/conf.d/*.conf; } ``` > 注意:这里更新的是宿主机上的nginx.conf > > 然后进入容器重启nginx即可 >也可以不用进入容器重启,直接重启容器也可以 > ```docker restart nginx``` ```shell docker exec -it nginx /bin/bash nginx -s reload ``` 配置完成