使用docker一键启动jackblog的所有版本

在未使用docker部署jackblog之前, 先要在服务器上配置环境, 如数据库mongodb, redis. 安装nginx等, 有了docker, 可以将每一个部分当作一个容器, 再结合docker-compose就可以通过一个命令docker-compose up 启动所有容器. 先下载jackblog所有版本镜像:

docker pull jackhu/jackblog-api-koa-deploy
docker pull jackhu/jackblog-admin-deploy
docker pull jackhu/jackblog-angular1-deploy
docker pull jackhu/jackblog-angular2-deploy
docker pull jackhu/jackblog-react-deploy
docker pull jackhu/jackblog-vue-deploy
docker pull mongo
docker pull redis
docker pull nginx

docker-compose文件如下:

jackblog-react:
  ports:
  - 8300:8300/tcp
  image: jackhu/jackblog-react-deploy
  links:
  - 'jackblog-api-koa'
jackblog-api-koa:
  ports:
  - 8800:8800/tcp
  environment:
    GITHUB_CALLBACK_URL: GITHUB_CALLBACK_URL
    GITHUB_CLIENT_ID: GITHUB_CLIENT_ID
    GITHUB_CLIENT_SECRET: GITHUB_CLIENT_SECRET
    MONGO_PASSWORD: ''
    MONGO_USERNAME: ''
    QINIU_APP_BUCKET: QINIU_APP_BUCKET
    QINIU_APP_DOMAIN: QINIU_APP_DOMAIN
    QINIU_APP_KEY: QINIU_APP_KEY
    QINIU_APP_SECRET: QINIU_APP_SECRET
    QQ_CALLBACK_URL: QQ_CALLBACK_URL
    QQ_CLIENT_ID: QQ_CLIENT_ID
    QQ_CLIENT_SECRET: QQ_CLIENT_SECRET
    REDIS_PASSWORD: ''
    WEIBO_CALLBACK_URL: WEIBO_CALLBACK_URL
    WEIBO_CLIENT_ID: WEIBO_CLIENT_ID
    WEIBO_CLIENT_SECRET: WEIBO_CLIENT_SECRET
    INITDATA: 'true'
  links:
  - mongo:mongo
  - redis:redis
  image: jackhu/jackblog-api-koa-deploy
jackblog-angular1:
  ports:
  - 8200:8200/tcp
  image: jackhu/jackblog-angular1-deploy
jackblog-admin:
  ports:
  - 8700:8700/tcp
  image: jackhu/jackblog-admin-deploy
jackblog-vue:
  ports:
  - 8400:8400/tcp
  image: jackhu/jackblog-vue-deploy
jackblog-angular2:
  ports:
  - 8500:8500/tcp
image: jackhu/jackblog-angular2-deploy
redis:
  image: redis
  volumes:
  - ~/data/redis/data:/data
mongo:
  image: mongo
  volumes:
  - ~/data/mongo/db:/data/db
nginx:
  ports:
  - 443:443/tcp
  - 80:80/tcp
  image: nginx
  volumes:
  - ~/data/nginx/conf.d:/etc/nginx/conf.d

在当前用户目录下新建目录 data/mongo/db, data/redis/data, data/nginx/conf.d, 同时在conf.d目录下配置一下新建文件jackblog-api.conf, 内容如下

upstream jackblog-api-koa {
    server jackblog-api-koa容器IP:8800;
}

server {
    listen 443 ssl;
    server_name api.jackhu.top;

    ssl_certificate /etc/nginx/conf.d/ca.crt;
    ssl_certificate_key /etc/nginx/conf.d/ca.key;

    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://jackblog-api-koa;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_read_timeout 900s;
    }
}

server {
    listen 80;
    server_name api.jackhu.top;
    return 301 https://$server_name$request_uri;
}

由于api服务器地址使用了https, 所以不启动nginx并配置证书还没法演示. 所以在conf.d目录下再生成证书文件, 命令如下:

openssl genrsa -out ca.key 2048
openssl req -new -key ca.key -out ca.csr
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

当然使用自签名的证书在浏览器访问是有问题的, 手动允许就可以了.
同是修改一下hosts文件, 将api.jackhu.top转到本机, 否则数据将从线上的jackblog服务器获取

127.0.0.1    api.jackhu.top

接下来启动所有容器.

docker-compose up

容器启动后可以查看jackblog-api-koa容器IP,替换成nginx配置文件里的IP, 并重启nginx容器

docker inspect --format='{{.NetworkSettings.IPAddress}}' $CONTAINER_ID
docker restart nginxcontainerID

输入localhost+相应端口号就可访问了, 以上仅为演示, 实际生产环境当然不能这样部署, nginx和数据库容器要独立出来, 并设置密码验证.如mongodb需要加上

  command:
  - mongod
  - --auth

redis可使用独立的配置文件,并加上密码

  volumes:
  - /opt/redis/data:/data
  - /opt/redis/config:/usr/local/etc/redis

jackblog-api-koa容器中INITDATA环境变量为开启初始化数据, 当数据库设置了密码时, 可使用相应的环境变量传入进去.
docker确实是个好东西, 上面如果用rancher部署, 那自然更简单了.