目的:访问项目时,将项目容器化,外部访问项目时,通过宿主主机nginx代理到ip:端口访问,项目容器化隔离环境
1jenkins nginx 等环境搭建省略
2jenkins添加项目 配置
附上shell脚本
#!/bin/bashif [[ -z $(docker ps -q -f "name=^party_selftest_admin$") ]];thenecho "需要创建 party_selftest_admin"elseecho "已存在 party_selftest_admin"docker stop party_selftest_admindocker rm party_selftest_adminfidocker ps -a#创建容器 --rm 指停止容器则销毁docker run -u root -d -p 8081:80 -v /home/docker/conf.d/nginx.conf:/etc/nginx/nginx.conf -v /home/docker/conf.d/zzc.conf:/etc/nginx/http.d/zzc.conf -v ${GIT_CHECKOUT_DIR}:${GIT_CHECKOUT_DIR} --link mysql8.0 --link redis6 --name party_selftest_admin 1057249237/php72fpmdocker ps -achmod a+r+w ${GIT_CHECKOUT_DIR}/.envsed -i '6s/hostname = mysql/hostname = mysql8.0/' ${GIT_CHECKOUT_DIR}/.envsed -i '9s/password = admin/password = root/' ${GIT_CHECKOUT_DIR}/.envsed -i '14s/host = redis/host = redis6/' ${GIT_CHECKOUT_DIR}/.envchmod a+r ${GIT_CHECKOUT_DIR}/.envtouch ${GIT_CHECKOUT_DIR}/.envchmod -R 777 ${GIT_CHECKOUT_DIR}/runtime/chmod -R 777 ${GIT_CHECKOUT_DIR}/public/uploads/#/usr/local/nginx/sbin/nginx -t#/usr/local/nginx/sbin/nginx -s reload#/etc/init.d/nginx restart#钉钉通知#common=`git log --pretty=format:"%s" -1`#curl 'https://oapi.dingtalk.com/robot/send?access_token=钉钉令牌' #-H 'Content-Type: application/json' #-d "{'msgtype':'text', 'text': {'content': "测试构建成功:${common}"}}"
宿主代理配置zzc.conf
server { listen 80; server_name www.zzc.com; location / { proxy_pass http://127.0.0.1:8081; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; }}
容器代理配置zzc.conf
172.17.0.1 为宿主机docker0 ip
upstream party_selftest_admin {server 172.17.0.1;}server { listen 80; server_name www.zzc.com; client_max_body_size 100m; #add_header 'Referrer-Policy' 'origin'; #add_header X-Download-Options "noopen" always; #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; #add_header X-Permitted-Cross-Domain-Policies "master-only"; #add_header X-frame-Options SAMEORIGIN; #add_header Content-Security-Policy "default-src 'self' data: * 'unsafe-inline' 'unsafe-eval' mediastream: "; #add_header Content-Security-Policy "script-src 'self' *.yixuanbao.com *.geetest.com 'unsafe-inline' 'unsafe-eval'"; #add_header X-Content-Type-Options nosniff; #add_header X-XSS-Protection "1; mode=block"; #add_header Content-Language zh-CN; #charset koi8-r; #access_log /usr/local/nginx/logs/zzc.log main;root /home/web/party_selftest_admin/public; #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ .php$ { #proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # error_page 404 /404.html; location / {try_files $uri $uri/ /index.php$is_args$args;proxy_set_header HOST $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#proxy_pass http://party_selftest_admin; index index.php index.html index.htm; if (!-e $request_filename) { rewrite ^(.+?.php)(/.+)$ /brnjFxlkdW.php?s=$2 last; rewrite ^(.*)$ /index.php?s=/$1 last; break; } } location ~ .php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_split_path_info ^((?U).+.php)(/?.+)$; fastcgi_param script_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; include fastcgi_params; } }
3构建过程
服务器查看
4ip:端口访问成功
域名访问 配置host
成功