Dockerfile构建haproxy镜像

结构

[root@localhost ~]# tree haproxy
haproxy
├── conf
│   └── haproxy.cfg
├── Dockerfile
└── files
    ├── haproxy-2.5.0.tar.gz  //下载网址：https://www.haproxy.org/download/2.5/src/haproxy-2.5.0.tar.gz

    ├── install.sh
    └── start.sh

//Dockerfile
[root@localhost ~]# cat haproxy/Dockerfile 
#基础镜像
FROM centos

#作者信息
LABEL MAINTAINER 'lxx'

#环境变量
ENV VERSION 2.5.0
ENV WEB01=" " WEB02=" "
#传输文件
COPY files  /usr/src/
COPY conf/haproxy.cfg  /usr/local/haproxy/conf/haproxy.cfg

#安装
RUN ["/bin/bash","-c","/usr/src/install.sh"]    

#暴露端口
EXPOSE 80 8189

#启动命令
CMD ["/usr/src/start.sh"]

[root@localhost ~]# cat haproxy/files/install.sh 
rm -rf /etc/yum.repos.d/*  
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-$(awk -F'"' 'NR==5{print $2}'  /etc/os-release).repo 
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo 
yum clean all && yum makecache 
yum -y install make gcc gcc-c++ pcre-devel bzip2-devel openssl-devel systemd-devel
useradd -r -M -s /sbin/nologin haproxy 
cd /usr/src/ && \
tar xf haproxy-${
    
    VERSION}.tar.gz
cd /usr/src/haproxy-$VERSION  
make clean && \
make -j $(nproc) TARGET=linux-glibc USE_OPENSSL=1 USE_PCRE=1 USE_SYSTEMD=1 && \
make install PREFIX=/usr/local/haproxy 
cp /usr/local/haproxy/sbin/haproxy  /usr/sbin/
echo 'net.ipv4.ip_nonlocal_bind = 1' >>  /etc/sysctl.conf 
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
rm -rf /usr/src/haproxy-2.5.0/  /var/cache/*
yum -y remove make gcc gcc-c++

[root@localhost ~]# cat haproxy/files/start.sh 
#!/bin/sh

/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/conf/haproxy.cfg

/bin/bash

[root@localhost ~]# cat haproxy/conf/haproxy.cfg 
#--------------全局配置----------------
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 172.17.0.2:80 check inter 2000 fall 5   
    server web02 172.17.0.3:80 check inter 2000 fall 5

//构建镜像
[root@localhost ~]# docker build -t haproxy:v0.5 haproxy/
Sending build context to Docker daemon  3.812MB
Step 1/9 : FROM centos
 ---> 5d0da3dc9764
Step 2/9 : LABEL MAINTAINER 'lxx'
 ---> Using cache
 ---> 098efe057426
Step 3/9 : ENV VERSION 2.5.0
 ---> Using cache
 ---> 4ba3f482d509
Step 4/9 : ENV WEB01="web01 172.17.0.2:80" WEB02="web02 172.17.0.3:80"
 ---> Using cache
 ---> 36c355491162
Step 5/9 : COPY files  /usr/src/
 ---> Using cache
 ---> 1d7642b06d47
Step 6/9 : COPY conf/haproxy.cfg  /usr/local/haproxy/conf/haproxy.cfg
 ---> 6d5b7b17ac28
Step 7/9 : RUN ["/bin/bash","-c","/usr/src/install.sh"]
 ---> Running in 1ec9684bde09
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2595  100  2595    0     0  14337      0 --:--:-- --:--:-- --:--:-- 14337
0 files removed
CentOS-8 - Base - mirrors.aliyun.com            8.2 MB/s | 3.5 MB     00:00    
CentOS-8 - Extras - mirrors.aliyun.com           79 kB/s |  10 kB     00:00    
CentOS-8 - AppStream - mirrors.aliyun.com        15 MB/s | 8.2 MB     00:00    
。。。
Removing intermediate container 1ec9684bde09
 ---> fc0b495dc677
Step 8/9 : EXPOSE 80 8189
 ---> Running in f7eafb06de69
Removing intermediate container f7eafb06de69
 ---> 89d5638b4c0d
Step 9/9 : CMD ["/usr/src/start.sh"]
 ---> Running in ab0b405b3d62
Removing intermediate container ab0b405b3d62
 ---> 0190b2adbaac
Successfully built 0190b2adbaac
Successfully tagged haproxy:v0.5

//试运行正常
[root@localhost ~]# docker run --name haproxy --rm -it -p 80:80 haproxy:v0.5
[root@fa9001ddec1c /]# ss -antl
State                 Recv-Q                Send-Q                                Local Address:Port                                 Peer Address:Port                Process                
LISTEN                0                     128                                         0.0.0.0:80                                        0.0.0.0:*                                          
LISTEN                0                     128                                         0.0.0.0:8189                                      0.0.0.0:*                            

//起一个apache测试
[root@localhost ~]# docker run --name web1 -itd httpd:v1.0
[root@localhost ~]# docker inspect web1 
...
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2", //地址为haproxy默认配置文件地址
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:02",
                    "DriverOpts": null
.....

//另起一台web2
[root@localhost ~]# docker run --name web2 -v /var/www/html:/usr/local/apache/htdocs -itd -p 82:80 httpd:v1.0
3b9401d15c7908a7fcca63be3f5e22af6146c4900a3b10b7344fafa462e1b2c3
[root@localhost ~]# cat /var/www/html/index.html //映射本地目录
test1

测试访问

//取web2ip
[root@localhost ~]# docker inspect web2
......
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.4",//与默认地址不同
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:04",
                    "DriverOpts": null
.....

//另写一个haproxy配置文件
[root@localhost ~]# cat haproxy.cfg 
#--------------全局配置----------------
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
#chroot /usr/local/haproxy
    pidfile /var/run/haproxy.pid
    #maxconn 4000
    user haproxy
    group haproxy
    daemon
#---------------------------------------------------------------------
#common defaults that all the 'listen' and 'backend' sections will
#use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode http
    log global
    option dontlognull
    option httpclose
    option httplog
    #option forwardfor
    option redispatch
    balance roundrobin
    timeout connect 10s
    timeout client 10s
    timeout server 10s
    timeout check 10s
    maxconn 60000
    retries 3
#--------------统计页面配置------------------
listen admin_stats
    bind 0.0.0.0:8189
    stats enable
    mode http
    log global
    stats uri /haproxy_stats
    stats realm Haproxy\ Statistics
    stats auth admin:admin
    #stats hide-version
    stats admin if TRUE
    stats refresh 30s
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server $WEB01 check inter 2000 fall 5   //此变量在Dockfile已定义为空
    server $WEB02 check inter 2000 fall 5

[root@localhost ~]# docker run -e WEB01="web01 172.17.0.4:80" -e WEB02="web02 172.17.0.2:80" --name haproxy -v /root/haproxy.cfg:/usr/local/haproxy/conf/haproxy.cfg --rm -it -p 81:80 haproxy:v0.5
[NOTICE]   (7) : haproxy version is 2.5.0-f2e0833
[NOTICE]   (7) : path to executable is /usr/local/haproxy/sbin/haproxy
[ALERT]    (7) : config : [/usr/local/haproxy/conf/haproxy.cfg:52] : character '$' is not permitted in server name '$WEB01'.
[ALERT]    (7) : config : [/usr/local/haproxy/conf/haproxy.cfg:53] : character '$' is not permitted in server name '$WEB02'.
[ALERT]    (7) : config : Error(s) found in configuration file : /usr/local/haproxy/conf/haproxy.cfg
[ALERT]    (7) : config : Fatal errors found in configuration.
[root@a27649cc8cb2 /]# ss -antl
State                Recv-Q                Send-Q                                 Local Address:Port                                 Peer Address:Port                Process                
[root@a3e801dcdf33 /]# echo $WEB01
web01 172.17.0.4:80
[root@a3e801dcdf33 /]# echo $WEB02
web02 172.17.0.2:80

//利用变量+映射文件办法无法正常修改haproxy.cfg

//手动修改本地文件映射
[root@localhost ~]# cat haproxy.cfg 
#--------------全局配置----------------
global
    log 127.0.0.1 local0  info
    #log loghost local0 info
    maxconn 20480
.....略
#---------------web设置-----------------------
listen webcluster
    bind 0.0.0.0:80
    mode http
    #option httpchk GET /index.html
    log global
    maxconn 3000
    balance roundrobin
    cookie SESSION_COOKIE insert indirect nocache
    server web01 172.17.0.4:80 check inter 2000 fall 5   
    server web02 172.17.0.2:80 check inter 2000 fall 5

//-v 启动容器
[root@localhost ~]# docker run  --name haproxy -v /root/haproxy.cfg:/usr/local/haproxy/conf/haproxy.cfg --rm -it -p 81:80 haproxy:v0.5 

访问测试