首先拉取nginx镜像
##搜索镜像docker search nginx##拉取镜像docker pull nginx
创建nginx容器并启动
docker run ##docker 命令--name nginx-81 ##设置容器名称-p 81:80 -p 443:443 ## 设置容器端口与服务器端口映射关系,语法:-p 主机端口:容器对外端口-v /root/Documents/config/nginx/cert:/etc/nginx/cert ##建立软连接-v /root/Documents/config/nginx/nginx.conf:/etc/nginx/nginx.conf-v /root/Documents/config/nginx/html:/usr/share/nginx/html-v /root/Documents/config/nginx/logs:/var/log/nginx-d nginx ## 定义后台运行 镜像名称
copy内容
docker run--name nginx-80 \-p 80:80 -p 443:443 \-v /root/Documents/config/nginx/cert:/etc/nginx/cert \-v /root/Documents/config/nginx/conf.d:/etc/nginx/conf.d:ro \-v /root/Documents/config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro \-v /root/Documents/config/nginx/html:/usr/share/nginx/html \-v /root/Documents/config/nginx/logs:/var/log/nginx \--restart=always \--neywork=webnet \-d nginx
这里需要在/root/Documents/config/nginx/目录想创建配置文件,建立软连接,这个方便维护操作,直接修改此处的配置文件,restart容器即可生效。
目录结构
cert/目录下为网站SSL密钥文件
nginx/conf.d/default.conf
upstream leaf{server www.baidu.com;}server {listen 80;listen [::]:80;server_name javaleaf.cn www.javaleaf.cn;location ^~ /.well-known/acme-challenge/ {default_type "text/plain";root /usr/share/nginx/html;}location = /.well-known/acme-challenge/ {return 404;}location / {proxy_pass http://www.163.com;proxy_redirect off;}error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}}server {listen 443 ssl;listen [::]:443 ssl;server_name javaleaf.cn;#ssl on;ssl_prefer_server_ciphers on;ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_session_cache shared:SSL:10m;ssl_session_timeout 10m;ssl_certificate /etc/nginx/cert/4265089_javaleaf.cn.pem;ssl_certificate_key /etc/nginx/cert/4265089_javaleaf.cn.key;location / {proxy_redirect off;proxy_pass http://www.163.com;}location ^~ /.well-known/acme-challenge/ {default_type "text/plain";root /usr/share/nginx/html;}location = /.well-known/acme-challenge/ {return 404;}}server {listen 443 ssl;listen [::]:443 ssl;server_name www.javaleaf.cn;#ssl on;ssl_prefer_server_ciphers on;ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_session_cache shared:SSL:10m;ssl_session_timeout 10m;ssl_certificate /etc/nginx/cert/4265089_javaleaf.cn.pem;ssl_certificate_key /etc/nginx/cert/4265089_javaleaf.cn.key;location / {proxy_redirect off;proxy_pass http://www.163.com;}location ^~ /.well-known/acme-challenge/ {default_type "text/plain";root /usr/share/nginx/html;}location = /.well-known/acme-challenge/ {return 404;}}
nginx.conf
#user nobody;worker_processes auto;error_log /var/log/nginx/error.log warn;pid /var/run/nginx.pid;events {worker_connections 1024;}http {include /etc/nginx/mime.types;default_type application/octet-stream;sendfile on;keepalive_timeout 65;client_max_body_size 10M;include /etc/nginx/conf.d/*.conf;log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"'; #自定义日志格式access_log /var/log/nginx/access.log main;}
这里暂时还没有进行负载均衡配置,因为一配置就报502错误,暂未清楚原因。
暂未实验:
–net host :启动模式 建议使用 否则做负载均衡会有问题!
若有收获,就点个赞吧
0 人点赞
