基于 Rancher,在 1 个 Git 仓库、1 个容器中部署 2 个域名的实现
1、现在渠道发布接口包含如下应用:企鹅号、微信公众帐号、微博、控制台命令、跨渠道、授权,其中企鹅号、微信公众帐号、微博、跨渠道需要部署为域名 A,且入方向仅支持内网,其中授权需要部署为域名 B,入方向可支持外网,如图1
图1
2、\build\c_files\etc\nginx\conf.d\channel-pub-api.conf,已经支持部署为域名 A,且入方向仅支持内网
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 | server { listen 80; ## listen for ipv4 server_name CHANNEL_PUB_API_CFG_NGINX_SERVER_NAME; charset utf-8; root /sobey/www/channel-pub-api; index index.php; location / { root /sobey/www/channel-pub-api/api/web; try_files $uri $uri/ /api/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/assets/.+\.php(/|$) { deny all; } } location /qq { alias /sobey/www/channel-pub-api/qq/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /qq/ { # return 301 /qq; #} # prevent the directory redirect to the URL with a trailing slash location = /qq { # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /qq/qq/web/index.php$is_args$args; } # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /qq/qq/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/qq/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/qq/assets/.+\.php(/|$) { deny all; } } location /weibo { alias /sobey/www/channel-pub-api/weibo/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /weibo/ { # return 301 /weibo; #} # prevent the directory redirect to the URL with a trailing slash location = /weibo { # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /weibo/weibo/web/index.php$is_args$args; } # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/weibo/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/weibo/assets/.+\.php(/|$) { deny all; } } location /wx { alias /sobey/www/channel-pub-api/wx/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /wx/ { # return 301 /wx; #} # prevent the directory redirect to the URL with a trailing slash location = /wx { # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /wx/wx/web/index.php$is_args$args; } # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /wx/wx/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/wx/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/wx/assets/.+\.php(/|$) { deny all; } } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ ^/.+\.php(/|$) { rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break; rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break; rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break; rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; #fastcgi_pass unix:/var/run/php5-fpm.sock; try_files $fastcgi_script_name =404; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\. { deny all; }} |
3、Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80,如图2
图2
4、域名 A 的访问详情如下
5、编辑 \build\c_files\etc\nginx\conf.d\channel-pub-api.conf,以支持授权需要部署为域名 B,入方向可支持外网
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 | server { listen CHANNEL_PUB_API_CFG_NGINX_AUTH_LISTEN; ## listen for ipv4 server_name CHANNEL_PUB_API_CFG_NGINX_AUTH_SERVER_NAME; charset utf-8; root /sobey/www/channel-pub-api/frontend/web; index index.php; location / { # 如果找不到真实存在的文件,把请求分发至 index.php try_files $uri $uri/ /index.php$is_args$args; } # uncomment to avoid processing of calls to non-existing static files by Yii #location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { # try_files $uri =404; #} #error_page 404 /404.html; # deny accessing php files for the /assets directory location ~ ^/assets/.*\.php$ { deny all; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~* /\. { deny all; }}server { listen CHANNEL_PUB_API_CFG_NGINX_API_LISTEN; ## listen for ipv4 server_name CHANNEL_PUB_API_CFG_NGINX_API_SERVER_NAME; charset utf-8; root /sobey/www/channel-pub-api; index index.php; location / { root /sobey/www/channel-pub-api/api/web; try_files $uri $uri/ /api/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/assets/.+\.php(/|$) { deny all; } } location /qq { alias /sobey/www/channel-pub-api/qq/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /qq/ { # return 301 /qq; #} # prevent the directory redirect to the URL with a trailing slash location = /qq { # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /qq/qq/web/index.php$is_args$args; } # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /qq/qq/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/qq/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/qq/assets/.+\.php(/|$) { deny all; } } location /weibo { alias /sobey/www/channel-pub-api/weibo/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /weibo/ { # return 301 /weibo; #} # prevent the directory redirect to the URL with a trailing slash location = /weibo { # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /weibo/weibo/web/index.php$is_args$args; } # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/weibo/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/weibo/assets/.+\.php(/|$) { deny all; } } location /wx { alias /sobey/www/channel-pub-api/wx/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /wx/ { # return 301 /wx; #} # prevent the directory redirect to the URL with a trailing slash location = /wx { # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /wx/wx/web/index.php$is_args$args; } # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /wx/wx/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/wx/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/wx/assets/.+\.php(/|$) { deny all; } } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ ^/.+\.php(/|$) { rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break; rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break; rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break; rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; #fastcgi_pass unix:/var/run/php5-fpm.sock; try_files $fastcgi_script_name =404; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\. { deny all; }} |
6、Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80,新增 公开主机端口:8662 映射至私有容器端口:81,如图3
图3
添加环境变量
1 2 3 4 | CHANNEL_PUB_API_CFG_NGINX_API_SERVER_NAME=wjdev2.chinamcloud.com # Nginx 服务器名称(接口域名、建议入方向仅支持内网)CHANNEL_PUB_API_CFG_NGINX_API_LISTEN=80 # Nginx 服务器监听端口(接口域名、建议入方向仅支持内网)CHANNEL_PUB_API_CFG_NGINX_AUTH_SERVER_NAME=wjdev2.chinamcloud.com # Nginx 服务器名称(授权域名、建议入方向可支持外网)CHANNEL_PUB_API_CFG_NGINX_AUTH_LISTEN=81 # Nginx 服务器监听端口(授权域名、建议入方向可支持外网) |
7、查看 /etc/nginx/conf.d/channel-pub-api.conf,环境变量已被替换
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 | server { listen 81; ## listen for ipv4 server_name wjdev2.chinamcloud.com; charset utf-8; root /sobey/www/channel-pub-api/frontend/web; index index.php; location / { # 如果找不到真实存在的文件,把请求分发至 index.php try_files $uri $uri/ /index.php$is_args$args; } # uncomment to avoid processing of calls to non-existing static files by Yii #location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { # try_files $uri =404; #} #error_page 404 /404.html; # deny accessing php files for the /assets directory location ~ ^/assets/.*\.php$ { deny all; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~* /\. { deny all; }}server { listen 80; ## listen for ipv4 server_name wjdev2.chinamcloud.com; charset utf-8; root /sobey/www/channel-pub-api; index index.php; location / { root /sobey/www/channel-pub-api/api/web; try_files $uri $uri/ /api/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/assets/.+\.php(/|$) { deny all; } } location /qq { alias /sobey/www/channel-pub-api/qq/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /qq/ { # return 301 /qq; #} # prevent the directory redirect to the URL with a trailing slash location = /qq { # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /qq/qq/web/index.php$is_args$args; } # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /qq/qq/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/qq/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/qq/assets/.+\.php(/|$) { deny all; } } location /weibo { alias /sobey/www/channel-pub-api/weibo/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /weibo/ { # return 301 /weibo; #} # prevent the directory redirect to the URL with a trailing slash location = /weibo { # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /weibo/weibo/web/index.php$is_args$args; } # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/weibo/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/weibo/assets/.+\.php(/|$) { deny all; } } location /wx { alias /sobey/www/channel-pub-api/wx/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /wx/ { # return 301 /wx; #} # prevent the directory redirect to the URL with a trailing slash location = /wx { # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /wx/wx/web/index.php$is_args$args; } # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /wx/wx/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/wx/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/wx/assets/.+\.php(/|$) { deny all; } } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ ^/.+\.php(/|$) { rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break; rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break; rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break; rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; #fastcgi_pass unix:/var/run/php5-fpm.sock; try_files $fastcgi_script_name =404; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\. { deny all; }} |
8、域名 A、B 的访问详情如下,访问正常,如图4
图4
近期评论