基于 Rancher,在 1 个 Git 仓库、1 个容器中部署 2 个域名的实现
1、现在渠道发布接口包含如下应用:企鹅号、微信公众帐号、微博、控制台命令、跨渠道、授权,其中企鹅号、微信公众帐号、微博、跨渠道需要部署为域名 A,且入方向仅支持内网,其中授权需要部署为域名 B,入方向可支持外网,如图1
2、\build\c_files\etc\nginx\conf.d\channel-pub-api.conf,已经支持部署为域名 A,且入方向仅支持内网
server { listen 80; ## listen for ipv4 server_name CHANNEL_PUB_API_CFG_NGINX_SERVER_NAME; charset utf-8; root /sobey/www/channel-pub-api; index index.php; location / { root /sobey/www/channel-pub-api/api/web; try_files $uri $uri/ /api/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/assets/.+\.php(/|$) { deny all; } } location /qq { alias /sobey/www/channel-pub-api/qq/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /qq/ { # return 301 /qq; #} # prevent the directory redirect to the URL with a trailing slash location = /qq { # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /qq/qq/web/index.php$is_args$args; } # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /qq/qq/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/qq/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/qq/assets/.+\.php(/|$) { deny all; } } location /weibo { alias /sobey/www/channel-pub-api/weibo/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /weibo/ { # return 301 /weibo; #} # prevent the directory redirect to the URL with a trailing slash location = /weibo { # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /weibo/weibo/web/index.php$is_args$args; } # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/weibo/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/weibo/assets/.+\.php(/|$) { deny all; } } location /wx { alias /sobey/www/channel-pub-api/wx/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /wx/ { # return 301 /wx; #} # prevent the directory redirect to the URL with a trailing slash location = /wx { # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /wx/wx/web/index.php$is_args$args; } # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /wx/wx/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/wx/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/wx/assets/.+\.php(/|$) { deny all; } } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ ^/.+\.php(/|$) { rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break; rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break; rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break; rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; #fastcgi_pass unix:/var/run/php5-fpm.sock; try_files $fastcgi_script_name =404; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\. { deny all; } }
3、Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80,如图2
4、域名 A 的访问详情如下
企鹅号:https://wjdev2.chinamcloud.com:8661/v1/qq/ 微信公众帐号:https://wjdev2.chinamcloud.com:8661/v1/wx/ 微博:https://wjdev2.chinamcloud.com:8661/v1/weibo/ 跨渠道:https://wjdev2.chinamcloud.com:8661/v1/
5、编辑 \build\c_files\etc\nginx\conf.d\channel-pub-api.conf,以支持授权需要部署为域名 B,入方向可支持外网
server { listen CHANNEL_PUB_API_CFG_NGINX_AUTH_LISTEN; ## listen for ipv4 server_name CHANNEL_PUB_API_CFG_NGINX_AUTH_SERVER_NAME; charset utf-8; root /sobey/www/channel-pub-api/frontend/web; index index.php; location / { # 如果找不到真实存在的文件,把请求分发至 index.php try_files $uri $uri/ /index.php$is_args$args; } # uncomment to avoid processing of calls to non-existing static files by Yii #location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { # try_files $uri =404; #} #error_page 404 /404.html; # deny accessing php files for the /assets directory location ~ ^/assets/.*\.php$ { deny all; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~* /\. { deny all; } } server { listen CHANNEL_PUB_API_CFG_NGINX_API_LISTEN; ## listen for ipv4 server_name CHANNEL_PUB_API_CFG_NGINX_API_SERVER_NAME; charset utf-8; root /sobey/www/channel-pub-api; index index.php; location / { root /sobey/www/channel-pub-api/api/web; try_files $uri $uri/ /api/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/assets/.+\.php(/|$) { deny all; } } location /qq { alias /sobey/www/channel-pub-api/qq/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /qq/ { # return 301 /qq; #} # prevent the directory redirect to the URL with a trailing slash location = /qq { # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /qq/qq/web/index.php$is_args$args; } # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /qq/qq/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/qq/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/qq/assets/.+\.php(/|$) { deny all; } } location /weibo { alias /sobey/www/channel-pub-api/weibo/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /weibo/ { # return 301 /weibo; #} # prevent the directory redirect to the URL with a trailing slash location = /weibo { # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /weibo/weibo/web/index.php$is_args$args; } # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/weibo/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/weibo/assets/.+\.php(/|$) { deny all; } } location /wx { alias /sobey/www/channel-pub-api/wx/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /wx/ { # return 301 /wx; #} # prevent the directory redirect to the URL with a trailing slash location = /wx { # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /wx/wx/web/index.php$is_args$args; } # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /wx/wx/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/wx/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/wx/assets/.+\.php(/|$) { deny all; } } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ ^/.+\.php(/|$) { rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break; rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break; rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break; rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; #fastcgi_pass unix:/var/run/php5-fpm.sock; try_files $fastcgi_script_name =404; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\. { deny all; } }
6、Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80,新增 公开主机端口:8662 映射至私有容器端口:81,如图3
添加环境变量
CHANNEL_PUB_API_CFG_NGINX_API_SERVER_NAME=wjdev2.chinamcloud.com # Nginx 服务器名称(接口域名、建议入方向仅支持内网) CHANNEL_PUB_API_CFG_NGINX_API_LISTEN=80 # Nginx 服务器监听端口(接口域名、建议入方向仅支持内网) CHANNEL_PUB_API_CFG_NGINX_AUTH_SERVER_NAME=wjdev2.chinamcloud.com # Nginx 服务器名称(授权域名、建议入方向可支持外网) CHANNEL_PUB_API_CFG_NGINX_AUTH_LISTEN=81 # Nginx 服务器监听端口(授权域名、建议入方向可支持外网)
7、查看 /etc/nginx/conf.d/channel-pub-api.conf,环境变量已被替换
server { listen 81; ## listen for ipv4 server_name wjdev2.chinamcloud.com; charset utf-8; root /sobey/www/channel-pub-api/frontend/web; index index.php; location / { # 如果找不到真实存在的文件,把请求分发至 index.php try_files $uri $uri/ /index.php$is_args$args; } # uncomment to avoid processing of calls to non-existing static files by Yii #location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { # try_files $uri =404; #} #error_page 404 /404.html; # deny accessing php files for the /assets directory location ~ ^/assets/.*\.php$ { deny all; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~* /\. { deny all; } } server { listen 80; ## listen for ipv4 server_name wjdev2.chinamcloud.com; charset utf-8; root /sobey/www/channel-pub-api; index index.php; location / { root /sobey/www/channel-pub-api/api/web; try_files $uri $uri/ /api/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/assets/.+\.php(/|$) { deny all; } } location /qq { alias /sobey/www/channel-pub-api/qq/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /qq/ { # return 301 /qq; #} # prevent the directory redirect to the URL with a trailing slash location = /qq { # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /qq/qq/web/index.php$is_args$args; } # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /qq/qq/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/qq/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/qq/assets/.+\.php(/|$) { deny all; } } location /weibo { alias /sobey/www/channel-pub-api/weibo/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /weibo/ { # return 301 /weibo; #} # prevent the directory redirect to the URL with a trailing slash location = /weibo { # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /weibo/weibo/web/index.php$is_args$args; } # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/weibo/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/weibo/assets/.+\.php(/|$) { deny all; } } location /wx { alias /sobey/www/channel-pub-api/wx/web/; # redirect to the URL without a trailing slash (uncomment if necessary) #location = /wx/ { # return 301 /wx; #} # prevent the directory redirect to the URL with a trailing slash location = /wx { # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri /wx/wx/web/index.php$is_args$args; } # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args" # bug ticket: https://trac.nginx.org/nginx/ticket/97 try_files $uri $uri/ /wx/wx/web/index.php$is_args$args; # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary) #location ~ ^/wx/.+\.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ { # log_not_found off; # access_log off; # try_files $uri =404; #} location ~ ^/wx/assets/.+\.php(/|$) { deny all; } } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ ^/.+\.php(/|$) { rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break; rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break; rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break; rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; #fastcgi_pass unix:/var/run/php5-fpm.sock; try_files $fastcgi_script_name =404; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\. { deny all; } }
8、域名 A、B 的访问详情如下,访问正常,如图4
企鹅号:https://wjdev2.chinamcloud.com:8661/v1/qq/ 微信公众帐号:https://wjdev2.chinamcloud.com:8661/v1/wx/ 微博:https://wjdev2.chinamcloud.com:8661/v1/weibo/ 跨渠道:https://wjdev2.chinamcloud.com:8661/v1/ 授权:https://wjdev2.chinamcloud.com:8662/
近期评论