docker - `openssl` 不适用于 `haproxy` docker 镜像
问题描述
我正在编写一个 docker 容器来旋转haproxy以实现负载平衡。
这是我的Dockerfile:
FROM haproxy:1.8
ENV DOCKER_IMAGE haproxy
ENV DOCKER_NAME loadbalancer
ENV TZ Africa/Tunis
ENV DOMAINS="local.loop"
#terminal size
ENV COLUMNS="`tput cols`"
ENV LINES="`tput lines`"
ENV HTTP_BIND_OPTS=""
ENV HTTPS_BIND_OPTS=""
USER root
RUN set -x && \
apt-get update && \
apt-get install -y libssl-dev rsyslog socat && \
# setup files for haproxy logging
touch /var/log/haproxy.log && \
ln -sf /dev/stdout /var/log/haproxy.log && \
# tiny helper to reload haproxy config
printf '#!/bin/bash\nkill -s USR2 `pidof haproxy`\n' >> /usr/local/bin/haproxy-reload && \
chmod +x /usr/local/bin/haproxy-reload && \
# Cleanup
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false && \
rm -rf /var/lib/apt/lists/*
COPY ./etc/ /etc/
VOLUME /var/lib/certs
WORKDIR /etc
EXPOSE 80
EXPOSE 443
COPY ./entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
这是我的entrypoint.sh文件:
#!/bin/bash
set -o errexit
set -o nounset
readonly RSYSLOG_PID="/var/run/rsyslogd.pid"
main() {
for domain in $DOMAINS; do
if [ ! -f /var/lib/certs/haproxy/${domain}.pem ]; then
echo "Creating Self Signed Certificate for ${domain}"
mkdir -p /var/lib/certs/haproxy/
cd /tmp
openssl req -x509 -nodes -subj "/CN=${domain}" -newkey rsa:4096 -keyout ${domain}-key.pem -out ${domain}-cert.pem -days 365
cat "${domain}-cert.pem" "${domain}-key.pem" > /var/lib/certs/haproxy/${domain}.pem
rm "${domain}-cert.pem" "${domain}-key.pem"
fi
done
start_rsyslogd
start_haproxy
}
# make sure we have rsyslogd's pid file not
# created before
start_rsyslogd() {
rm -f $RSYSLOG_PID
rsyslogd
}
# Starts the load-balancer (haproxy) with
# whatever arguments we pass to it ("$@")
start_haproxy() {
# haproxy "$@"
haproxy -W -db -f /etc/haproxy/
}
main
尝试运行容器时,我得到:
Creating Self Signed Certificate for local.loop
/usr/local/bin/entrypoint.sh: line 15: openssl: command not found
我知道这haproxy是用编译的,openssl所以 docker 映像应该已经openssl安装在批处理的右侧。
解决方案
推荐阅读
- variables - 如何将变量传递/连接到`aws_instance`资源中的`data.aws_ami`部分
- linux - 作为独立的 Linux 用户运行 Firefox
- heroku - 在“Gemfile.lock 中的 BUNDLED WITH 版本”处推送 heroku freez
- botframework - 在 bot composer 中设置属性时是否可以扩展 jPath 中的变量?
- python - python-读取文本文件
- javascript - 如何在此 while 循环中添加计数器
- google-cloud-functions - 无法删除指标。错误“在请求期间修改了指标。”
- sql - 查询中的双重结果
- html - 如何在边缘使用 iemoji
- ruby-on-rails-4 - 为什么“gem install bundler”不升级我的捆绑器?