Nginx 安装说明(Docker)
构建基于 nginx:stable-alpine 的 前端镜像
Docker Hub:https://hub.docker.com/_/nginx
该镜像优点:
- 官方镜像,支持最新的各种版本镜像
- 同时支持
amd64, arm32v5, arm32v6, arm32v7, arm64v8, i386, mips64le, ppc64le, s390x等多种架构,如果你计划使用buildx构建支持多种架构的镜像,此镜像比较合适
该镜像缺点:
- 不集成
nginx-module-vts模块,仅支持 Nginx 的stub_status状态监控输出 - 启动后占用内存稍大,大概在 400MB+
Dockerfile 参考:
# https://hub.docker.com/_/nginx
FROM nginx:stable-alpine
# 申明临时卷
VOLUME /logs
VOLUME /tmp
# 拷贝打包的资源
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
ADD /dist /usr/local/nginx/html将 本地 nginx.conf 放置在你项目的根目录:
user nginx;
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 65535;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
server_names_hash_bucket_size 512 ;
client_header_buffer_size 128k;
large_client_header_buffers 8 64k;
client_max_body_size 500m;
access_log off;
error_log off;
gzip on; # 开启gzip压缩
gzip_static on; # 读取静态资源
gzip_min_length 4k; # 小于4k的文件不会被压缩,大于4k的文件才会去压缩
gzip_buffers 16 8k; # 处理请求压缩的缓冲区数量和大小,比如8k为单位申请16倍内存空间;使用默认即可,不用修改
gzip_http_version 1.1; # 早期版本http不支持,指定默认兼容,不用修改
gzip_comp_level 2; # gzip 压缩级别,1-9,理论上数字越大压缩的越好,也越占用CPU时间。实际上超过2的再压缩,只能压缩一点点了,但是cpu确是有点浪费。因为2就够用了
#gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
gzip_types text/plain application/x-javascript application/javascript text/javascript text/css application/xml application/x-httpd-php image/jpeg image/gif image/png application/vnd.ms-fontobject font/x-woff font/ttf;
gzip_vary on; # 是否在http header中添加Vary: Accept-Encoding,一般情况下建议开启
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
server {
listen 80;
charset utf-8;
server_name_in_redirect off;
root /usr/share/nginx/html;
# 项目前端负载
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html last;
}
# 提供 Nginx 内置的运行指标采集接口
location /status {
stub_status on;
access_log off;
}
location ~ /api/ {
if ($request_method = OPTIONS ) {
return 200;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
add_header Access-Control-Allow-Origin "$http_origin";
add_header Access-Control-Allow-Credentials "true";
add_header Access-Control-Allow-Methods "GET, PUT, POST, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "Content-Type,*";
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://192.168.3.100:31703;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}构建基于 nginx_v1.23.2 & nginx_module_vts_0.2.1 的 前端镜像(可选)
Docker Hub:https://hub.docker.com/r/zhangqifeng/nginx_vts
该镜像优点:
- 集成 nginx-module-vts 模块,支持 Nginx 更详细的状态监控输出
- 可通过 nginx_vts_exporter 收集 Nginx 状态数据收集给 Prometheus, 实现可视化监控。
- 启动后占用内存小,大概在 200MB
该镜像缺点:
- 仅支持
linux/amd64架构,如果你计划使用buildx构建支持linux/arm,linux/arm64,linux/amd64等多种架构的镜像,此镜像不适用 - 目前只支持 nginx_v1.23.2 ,如果需要更高版本的支持,需要自己构建镜像
Dockerfile 参考:
# https://hub.docker.com/r/zhangqifeng/nginx_vts
FROM zhangqifeng/nginx_vts:v1.56
# 申明临时卷
VOLUME /logs
VOLUME /tmp
# forward request and error logs to docker log collector
#RUN ln -sf /dev/stdout /logs/nginx.access.log \
# && ln -sf /dev/stderr /logs/nginx.error.log \
# 拷贝打包的资源
ADD nginx.conf /usr/local/nginx/conf/nginx.conf
ADD /dist /usr/local/nginx/html将 本地 nginx.conf 放置在你项目的根目录:
user www www;
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 65535;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 65535;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
server_names_hash_bucket_size 512 ;
client_header_buffer_size 128k;
large_client_header_buffers 8 64k;
client_max_body_size 500m;
vhost_traffic_status_zone;
vhost_traffic_status_filter_by_host on;
log_format json '{"created_at":"$time_iso8601",'
'"remote_addr":"$remote_addr",'
'"method":"$request_method",'
'"request":"$request",'
'"status":"$status",'
'"size":$body_bytes_sent,'
'"referer": "$http_referer",'
'"http_host":"$http_host",'
'"response_time":$request_time,'
'"http_x_forwarded_for":"$http_x_forwarded_for",'
'"user_agent": "$http_user_agent"'
'}' ;
#access_log /usr/local/nginx/logs/nginx.access.log json;
#error_log /usr/local/nginx/logs/nginx.error.log;
access_log off;
error_log off;
gzip on; # 开启gzip压缩
gzip_static on; # 读取静态资源
gzip_min_length 4k; # 小于4k的文件不会被压缩,大于4k的文件才会去压缩
gzip_buffers 16 8k; # 处理请求压缩的缓冲区数量和大小,比如8k为单位申请16倍内存空间;使用默认即可,不用修改
gzip_http_version 1.1; # 早期版本http不支持,指定默认兼容,不用修改
gzip_comp_level 2; # gzip 压缩级别,1-9,理论上数字越大压缩的越好,也越占用CPU时间。实际上超过2的再压缩,只能压缩一点点了,但是cpu确是有点浪费。因为2就够用了
#gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
gzip_types text/plain application/x-javascript application/javascript text/javascript text/css application/xml application/x-httpd-php image/jpeg image/gif image/png application/vnd.ms-fontobject font/x-woff font/ttf;
gzip_vary on; # 是否在http header中添加Vary: Accept-Encoding,一般情况下建议开启
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
server {
listen 80;
charset utf-8;
server_name_in_redirect off;
root /usr/share/nginx/html;
# 项目前端负载
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html last;
}
# 提供 Nginx 基于 nginx_vts 的运行指标采集接口,供 prometheus 软件采集
location /vts_status {
vhost_traffic_status_display;
vhost_traffic_status_display_format html;
}
# 提供 Nginx 内置的运行指标采集接口
location /status {
stub_status on;
access_log off;
}
# 设置字体缓存
location ~* \.(eot|otf|ttf|woff|woff2)$ {
expires 1y;
add_header Cache-Control "public";
}
location ~ /api/ {
if ($request_method = OPTIONS ) {
return 200;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
add_header Access-Control-Allow-Origin "$http_origin";
add_header Access-Control-Allow-Credentials "true";
add_header Access-Control-Allow-Methods "GET, PUT, POST, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "Content-Type,*";
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://192.168.3.100:31703;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
作者:Jeebiz 创建时间:2024-01-24 21:45
最后编辑:Jeebiz 更新时间:2024-01-25 09:12
最后编辑:Jeebiz 更新时间:2024-01-25 09:12
