## 设置继承自己创建的 sshd 镜像
FROM caseycui/ubuntu-sshd
## 维护者
LABEL maintainer="CaseyCui cuikaidong@foxmail.com"
## 安装 nginx
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -yq --no-install-recommends \
nginx \
geoip-bin \
fcgiwrap \
ssl-cert \
&& rm -rf /var/lib/apt/lists/* \
&& chown -R www-data:www-data /var/lib/nginx
## 添加脚本,并设置权限
COPY run-nginx.sh /run-nginx.sh
##RUN chmod 755 /run-nginx.sh
## 定义工作目录
WORKDIR /etc/nginx
## 添加挂载点 /var/www
VOLUME /var/www
## forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log
## 定义输出端口
EXPOSE 80
EXPOSE 443
## 定义输出命令
CMD ["/run-nginx.sh"]
run-nginx.sh 脚本:
## nginx 以 daemon off 形式启动
/usr/sbin/nginx -g "daemon off;"
为什么需要
daemon off;?想象这样的场景:
如果没有 daemon off, nginx 后台运行, 这时 nginx 并不是 pid 为 1 的程序, 而是执行的其他(如 bash), 这个 bash 执行了 nginx 指令后就结束了, 容器也会随之退出.
或直接修改/etc/nginx/nginx.conf 文件:
echo -e "\ndaemon off;" >> /etc/nginx/nginx.conf
Tomcat 最初是由 Sun 的软件架构师詹姆斯.邓肯.戴维森 开发的, 后来在他的帮助下称为开源项目, 并由 Sun 贡献给 Apache 软件基金会.
Tomcat主要功能: 运行 JSP 页面和 Servlet.
企业通常使用 Sun JDK 6 或 Oracle JDK 7+. Dockerfile 如下:
FROM caseycui/ubuntu-sshd
LABEL maintainer="CaseyCui cuikaidong@foxmail.com"
## 创建 /java 目录
RUN mkdir /java
## 解压jdk压缩包到/java目录
ADD jdk-7u80-linux-x64.tar.gz /java
## 1. 删除 src.zip,减少镜像size
## ~~2. 配置JAVA环境变量~~
## ~~3. 使生效~~
## 下面为几种不同的 echo 写法(配置ENV则不需要手动在/etc/profile里添加)
## =======================================================
## echo -e "\nexport JAVA_HOME=/java/jdk1.7.0_80\nexport PATH=/java/jdk1.7.0_80/bin:$PATH\nexport CLASSPATH=.:/java/jdk1.7.0_80/lib/dt.jar:/java/jdk1.7.0_80/lib/tools.jar" >> /etc/profile
## =======================================================
## RUN { \
## echo; \
## echo 'export JAVA_HOME=/java/jdk1.7.0_80'; \
## echo 'export PATH=$JAVA_HOME/bin:$PATH'; \
## echo 'export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar'; \
## } >> /etc/profile \
## && source /etc/profile \
## && rm -f /java/jdk1.7.0_80/src.zip
## =======================================================
RUN rm -f /java/jdk1.7.0_80/src.zip
## 配置ENV
## > The environment variables set using `ENV` will persist when a container is run from the resulting image.
ENV JAVA_HOME /java/jdk1.7.0_80
ENV JAVA_VERSION 7u80
ENV PATH $JAVA_HOME/bin:$PATH
ENV CLASSPATH .:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
❗ 备注:
JDK的压缩包来自 Oracle Support 网站.
JAVA环境变量直接在
ENV里配置即可, 无需手动写入 /etc/profile 中如何把多行, 且含有多种特殊字符的字符串写入文件? - 用大括号
基于 Oracle JDK 7 的 Tomcat 8.0.X 的Dockerfile如下:
FROM caseycui/jdk7:7u80
LABEL maintainer='CaseyCui cuikaidong@foxmail.com'
ENV CATALINA_HOME /tomcat
ENV PATH $CATALINA_HOME/bin:$PATH
RUN mkdir -p "$CATALINA_HOME"
WORKDIR $CATALINA_HOME
## let "Tomcat Native" live somewhere isolated
ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib
ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR
## runtime dependencies for Tomcat Native Libraries
## Tomcat Native 1.2+ requires a newer version of OpenSSL than debian:jessie has available
## > checking OpenSSL library version >= 1.0.2...
## > configure: error: Your version of OpenSSL is not compatible with this version of tcnative
## see http://tomcat.10.x6.nabble.com/VOTE-Release-Apache-Tomcat-8-0-32-tp5046007p5046024.html (and following discussion)
## and https://github.com/docker-library/tomcat/pull/31
ENV OPENSSL_VERSION 1.0.2g-1ubuntu4.8
## RUN set -ex; \
## if ! grep -q stretch /etc/apt/sources.list; then \
## # only add stretch if we're not already building from within stretch
## { \
## echo 'deb http://deb.debian.org/debian stretch main'; \
## } > /etc/apt/sources.list.d/stretch.list; \
## { \
## # add a negative "Pin-Priority" so that we never ever get packages from stretch unless we explicitly request them
## echo 'Package: *'; \
## echo 'Pin: release n=stretch'; \
## echo 'Pin-Priority: -10'; \
## echo; \
## # ... except OpenSSL, which is the reason we're here
## echo 'Package: openssl libssl*'; \
## echo "Pin: version $OPENSSL_VERSION"; \
## echo 'Pin-Priority: 990'; \
## } > /etc/apt/preferences.d/stretch-openssl; \
## fi
RUN apt-get update && apt-get install -y --no-install-recommends \
libapr1 \
openssl="$OPENSSL_VERSION" \
&& rm -rf /var/lib/apt/lists/*
## 安装跟 tomcat 用户认证相关的软件
RUN apt-get update && \
DIBIAN_FRONTEND=noninteractive \
apt-get install -yq --no-install-recommends \
wget \
pwgen \
ca-certificates && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
## see https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/KEYS
## see also "update.sh" (https://github.com/docker-library/tomcat/blob/master/update.sh)
ENV GPG_KEYS 05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288584E7 61B832AC2F1C5A90F0F9B00A1C506407564C17A3 713DA88BE50911535FE716F5208B0AB1D63011C7 79F7026C690BAA50B92CD8B66A3AD3F4F22C4FED 9BA44C2621385CB966EBA586F72C284D731FABEE A27677289986DB50844682F8ACB77FC2E86E29AC A9C5DF4D22E99998D9875A5110C01C5A2F6059E7 DCFD35E0BF8CA7344752DE8B6FB21E8933C60243 F3A04C595DB5B6A5F1ECA43E3B7BBB100D811BBE F7DA48BB64BCB84ECBA7EE6935CD23C10D498E23
RUN set -ex; \
for key in $GPG_KEYS; do \
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
done
## 设置 tomcat 的环境变量
ENV TOMCAT_MAJOR 8
ENV TOMCAT_VERSION 8.0.46
ENV TOMCAT_TGZ_URL http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz
ENV TOMCAT_ASC_URL https://www.apache.org/dist/tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/apache-tomcat-$TOMCAT_VERSION.tar.gz.asc
## 复制 tomcat 到镜像中
RUN set -x \
\
&& wget -O tomcat.tar.gz "$TOMCAT_TGZ_URL" \
&& wget -O tomcat.tar.gz.asc "$TOMCAT_ASC_URL" \
&& gpg --batch --verify tomcat.tar.gz.asc tomcat.tar.gz \
&& tar -xvf tomcat.tar.gz --strip-components=1 \
&& rm bin/*.bat \
&& rm tomcat.tar.gz* \
\
&& nativeBuildDir="$(mktemp -d)" \
&& tar -xvf bin/tomcat-native.tar.gz -C "$nativeBuildDir" --strip-components=1 \
&& nativeBuildDeps=" \
dpkg-dev \
gcc \
libapr1-dev \
libssl-dev \
make \
" \
&& apt-get update && apt-get install -y --no-install-recommends $nativeBuildDeps && rm -rf /var/lib/apt/lists/* \
&& ( \
export CATALINA_HOME="$PWD" \
&& cd "$nativeBuildDir/native" \
&& gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \
&& ./configure \
--build="$gnuArch" \
--libdir="$TOMCAT_NATIVE_LIBDIR" \
--prefix="$CATALINA_HOME" \
--with-apr="$(which apr-1-config)" \
--with-java-home="/java/jdk1.7.0_80" \
--with-ssl=yes \
&& make -j "$(nproc)" \
&& make install \
) \
&& apt-get purge -y --auto-remove $nativeBuildDeps \
&& rm -rf "$nativeBuildDir" \
&& rm bin/tomcat-native.tar.gz
## verify Tomcat Native is working properly
RUN set -e \
&& nativeLines="$(catalina.sh configtest 2>&1)" \
&& nativeLines="$(echo "$nativeLines" | grep 'Apache Tomcat Native')" \
&& nativeLines="$(echo "$nativeLines" | sort -u)" \
&& if ! echo "$nativeLines" | grep 'INFO: Loaded APR based Apache Tomcat Native library' >&2; then \
echo >&2 "$nativeLines"; \
exit 1; \
fi
## 创建 tomcat 用户脚本
COPY create_tomcat_admin_user.sh /create_tomcat_admin_user.sh
## 创建 tomcat 运行脚本
COPY run-tomcat.sh /run-tomcat.sh
RUN chmod +x /*.sh && \
chmod +x /tomcat/bin/*.sh
## 挂载点
## 日志文件
VOLUME $CATALINA_HOME/logs
## 程序文件
VOLUME $CATALINA_HOME/webapps
EXPOSE 8080
CMD ["/run-tomcat.sh"]
创建 Tomcat 用户和密码脚本文件 create_tomcat_admin_user.sh, 内容如下:
##!/bin/bash
if [ -f /.tomcat_admin_created ]; then
echo "Tomcat 'admin' user already created"
exit 0
fi
## generate password
PASS=${TOMCAT_PASS:-$(pwgen -s 12 1)}
_word=$( [ ${TOMCAT_PASS} ] && echo "preset" || echo "random")
echo "=> Creating and admin user with a ${_word} password in Tomcat"
##sed -i -r 's/<\/tomcat-user>//' ${CATALINA_HOME}/conf/tomcat-users.xml
## 这句的主要用法就是原本的`tomcat-users.xml`里存在一个空的`<tomcat-users>`到`</tomcat-users>`的字段,直接用sed删除最后一行,即`</tomcat-users>`
## 然后补上我们生成的密码的相关内容,最后再加上`</tomcat-users>`
sed -i '$d' ${CATALINA_HOME}/conf/tomcat-users.xml
echo '<role rolename="manager-gui"/>' >> ${CATALINA_HOME}/conf/tomcat-users.xml
echo '<role rolename="manager-script"/>' >> ${CATALINA_HOME}/conf/tomcat-users.xml
echo '<role rolename="manager-jmx"/>' >> ${CATALINA_HOME}/conf/tomcat-users.xml
echo '<role rolename="admin-gui"/>' >> ${CATALINA_HOME}/conf/tomcat-users.xml
echo '<role rolename="admin-script"/>' >> ${CATALINA_HOME}/conf/tomcat-users.xml
echo "<user username=\"admin\" password=\"${PASS}\" roles=\"manager-gui, manager-script, manager-jmx, admin-gui, admin-script\"/>" >> ${CATALINA_HOME}/conf/tomcat-users.xml
echo '</tomcat-users>' >> ${CATALINA_HOME}/conf/tomcat-users.xml
echo "=> Done!"
touch /.tomcat_admin_created
echo "======================================================"
echo "You can now configure to this Tomcat server using:"
echo ""
echo " admin:${PASS}"
echo ""
echo "======================================================"
Tomcat 启动脚本 run-tomcat.sh:
##!/bin/bash
if [ ! -f /.tomcat_admin_created ]; then
/create_tomcat_admin_user.sh
fi
exec ${CATALINA_HOME}/bin/catalina.sh run
tomcat 密码脚本最后生成的 tomcat-users.xml 文件:
<?xml version='1.0' encoding='utf-8'?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary. It is
strongly recommended that you do NOT use one of the users in the commented out
section below since they are intended for use with the examples web
application.
-->
<!--
NOTE: The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
them. You will also need to set the passwords to something appropriate.
-->
<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
<user username="role1" password="<must-be-changed>" roles="role1"/>
-->
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="admin-gui"/>
<role rolename="admin-script"/>
<user username="admin" password="vNc8guWjdrBP" roles="manager-gui, manager-script, manager-jmx, admin-gui, admin-script"/>
</tomcat-users>
中间件服务器是 Docker 容器应用的最佳实践, 理由如下:
在使用中间件容器的时候, 需要事先规划好容器的用途和可能开放的网络端口等资源.
❗ 对于程序代码 程序的资源目录 日志 数据库文件 等需要实时更新的数据一定要通过 -v 参数映射到宿主主机的目录中来, 使用 Docker 的 AUFS 文件格式, 会产生较大的性能问题.
三人行, 必有我师; 知识共享, 天下为公. 本文由东风微鸣技术博客 EWhisper.cn 编写.
1.错误信息:Errorresponsefromdaemon:Gethttps://registry-1.docker.io/v2/:net/http:requestcanceledwhilewaitingforconnection(Client.Timeoutexceededwhileawaitingheaders)或者:Errorresponsefromdaemon:Gethttps://registry-1.docker.io/v2/:net/http:TLShandshaketimeout2.报错原因:docker使用的镜像网址默认为国外,下载容易超时,需要修改成国内镜像地址(首先阿里
1.postman介绍Postman一款非常流行的API调试工具。其实,开发人员用的更多。因为测试人员做接口测试会有更多选择,例如Jmeter、soapUI等。不过,对于开发过程中去调试接口,Postman确实足够的简单方便,而且功能强大。2.下载安装官网地址:https://www.postman.com/下载完成后双击安装吧,安装过程极其简单,无需任何操作3.使用教程这里以百度为例,工具使用简单,填写URL地址即可发送请求,在下方查看响应结果和响应状态码常用方法都有支持请求方法:getpostputdeleteGet、Post、Put与Delete的作用get:请求方法一般是用于数据查询,
Ⅰ软件测试基础一、软件测试基础理论1、软件测试的必要性所有的产品或者服务上线都需要测试2、测试的发展过程3、什么是软件测试找bug,发现缺陷4、测试的定义使用人工或自动的手段来运行或者测试某个系统的过程。目的在于检测它是否满足规定的需求。弄清预期结果和实际结果的差别。5、测试的目的以最小的人力、物力和时间找出软件中潜在的错误和缺陷6、测试的原则28原则:20%的主要功能要重点测(eg:支付宝的支付功能,其他功能都是次要的)80%的错误存在于20%的代码中7、测试标准8、测试的基本要求功能测试性能测试安全性测试兼容性测试易用性测试外观界面测试可靠性测试二、质量模型衡量一个优秀软件的维度①功能性功
ES一、简介1、ElasticStackES技术栈:ElasticSearch:存数据+搜索;QL;Kibana:Web可视化平台,分析。LogStash:日志收集,Log4j:产生日志;log.info(xxx)。。。。使用场景:metrics:指标监控…2、基本概念Index(索引)动词:保存(插入)名词:类似MySQL数据库,给数据Type(类型)已废弃,以前类似MySQL的表现在用索引对数据分类Document(文档)真正要保存的一个JSON数据{name:"tcx"}二、入门实战{"name":"DESKTOP-1TSVGKG","cluster_name":"elasticsear
(本文是网络的宏观的概念铺垫)目录计算机网络背景网络发展认识"协议"网络协议初识协议分层OSI七层模型TCP/IP五层(或四层)模型报头以太网碰撞路由器IP地址和MAC地址IP地址与MAC地址总结IP地址MAC地址计算机网络背景网络发展 是最开始先有的计算机,计算机后来因为多项技术的水平升高,逐渐的计算机变的小型化、高效化。后来因为计算机其本身的计算能力比较的快速:独立模式:计算机之间相互独立。 如:有三个人,每个人做的不同的事物,但是是需要协作的完成。 而这三个人所做的事是需要进行协作的,然而刚开始因为每一台计算机之间都是互相独立的。所以前面的人处理完了就需要将数据
我正在尝试使用docker运行一个Rails应用程序。通过github的sshurl安装的gem很少,如下所示:Gemfilegem'swagger-docs',:git=>'git@github.com:xyz/swagger-docs.git',:branch=>'my_branch'我在docker中添加了keys,它能够克隆所需的repo并从git安装gem。DockerfileRUNmkdir-p/root/.sshCOPY./id_rsa/root/.ssh/id_rsaRUNchmod700/root/.ssh/id_rsaRUNssh-keygen-f/root/.ss
我在Heroku上构建了一个必须在Docker容器内运行的RoR应用程序。为此,我使用officialDockerfile.因为它在Heroku中很常见,所以我需要一些附加组件才能使这个应用程序完全运行。在生产中,变量DATABASE_URL在我的应用程序中可用。但是,如果我尝试其他一些使用环境变量(在我的例子中是Mailtrap)的加载项,变量不会在运行时复制到实例中。所以我的问题很简单:如何让docker实例在Heroku上执行时知道环境变量?您可能会问,我已经知道我们可以在docker-compose.yml中指定一个environment指令。我想避免这种情况,以便能够通过项目
我在开发和生产中都使用docker,真正困扰我的一件事是docker缓存的简单性。我的ruby应用程序需要bundleinstall来安装依赖项,因此我从以下Dockerfile开始:添加GemfileGemfile添加Gemfile.lockGemfile.lock运行bundleinstall--path/root/bundle所有依赖项都被缓存,并且在我添加新gem之前效果很好。即使我添加的gem只有0.5MB,从头开始安装所有应用程序gem仍然需要10-15分钟。由于依赖项文件夹的大小(大约300MB),然后再花10分钟来部署它。我在node_modules和npm上遇到了
开门见山|拉取镜像dockerpullelasticsearch:7.16.1|配置存放的目录#存放配置文件的文件夹mkdir-p/opt/docker/elasticsearch/node-1/config#存放数据的文件夹mkdir-p/opt/docker/elasticsearch/node-1/data#存放运行日志的文件夹mkdir-p/opt/docker/elasticsearch/node-1/log#存放IK分词插件的文件夹mkdir-p/opt/docker/elasticsearch/node-1/plugins若你使用了moba,直接右键新建即可如上图所示依次类推创建
文章目录概念索引相关操作创建索引更新副本查看索引删除索引索引的打开与关闭收缩索引索引别名查询索引别名文档相关操作新建文档查询文档更新文档删除文档映射相关操作查询文档映射创建静态映射创建索引并添加映射概念es中有三个概念要清楚,分别为索引、映射和文档(不用死记硬背,大概有个印象就可以)索引可理解为MySQL数据库;映射可理解为MySQL的表结构;文档可理解为MySQL表中的每行数据静态映射和动态映射上面已经介绍了,映射可理解为MySQL的表结构,在MySQL中,向表中插入数据是需要先创建表结构的;但在es中不必这样,可以直接插入文档,es可以根据插入的文档(数据),动态的创建映射(表结构),这就