Skip to main content

标 题: 抛砖引玉:用DOCKER在$6刀服务器上跑多个HTTPS网站

发信人: hitmantb (hitmantb), 信区: Programming
标  题: 抛砖引玉:用DOCKER在$6刀服务器上跑多个HTTPS网站
发信站: BBS 未名空间站 (Fri Oct  4 22:30:04 2019, 美东)

个人小东西,弄了一圈还是觉得Digital Ocean这个$6刀(其实是五刀,自动备份一刀
)服务器是强无敌。 25GB SSD, 1GB内存,1TB流量,还自带STATIC IP,比马鬃收费透
明太多了。  这么多年从来没多收过我钱。  

大部分小网站,这么一个服务器跑四五个都真的太浪费了,我就用DOCKER把每个网站封
装了起来。  DOCKER的好处就是保证每个程序互不干扰。 你无论是WORDPRESS/NODEJS/
DJANGO,MYSQL/MONGODB,服务器本身是永远干干净净的,绝不会互相干扰。无论想试
验个新东西,还是想拆下一个组件,都随心所欲。

安装DOCKER和DOCKER-COMPOSE用这个教程就可以了:

https://www.digitalocean.com/community/tutorials/how-to-install-and-use-
docker-on-ubuntu-18-04

1) 我大部分小网站用的是NODE/EXPRESS,在文件夹里加个dockerfile, 记得用alpine
的image,可以让文件大小缩水90%。 

基础Dockerfile: https://pastebin.com/VEqsj7Ub

不需要的文件可以放在.dockerignore里面:

基础.dockerignore: https://pastebin.com/azPsTzVp

2) 然后build image

docker build -t docker_username/app1 .

3) 因为不愿意买docker付费版,就在本地打包成TAR文件

docker save docker_username/app1 > app1.tar

4) SFTP上传到服务器以后,安装image

docker load -i app1.tar

5) 在服务器上创建我这个docker-compose.yml(记得改域名和app名),用docker-
compose启动NGINX PROXY和LETSENCRYPT, docker会自动安装NGINX-PROXY和
LETSENCRYPT, 
然后自动HTTPS保护你的网站。

下载docker-compose.yml: https://pastebin.com/WtMS204h (请修改域名和APP名)

然后运行:docker-compose up -d

看着一个一个网站启动,真的很舒服。 最妙的是更新一个网站,安装新IMAGE然后重新
docker-compose up -d他只会重启你更新过的网站。 如果你服务器重启,因为加了
restart: always, 所有组件也自动重启。   

抛砖引玉,这里高手肯定很多,希望大家多分享DEVOPS的经验。其实这么简单的流程,
我从学习,找教程,踩坑,折腾了足足八个小时才搞定 。 。 。 

Comments

Popular posts from this blog

CKA Simulator Kubernetes 1.22

  https://killer.sh Pre Setup Once you've gained access to your terminal it might be wise to spend ~1 minute to setup your environment. You could set these: alias k = kubectl                         # will already be pre-configured export do = "--dry-run=client -o yaml"     # k get pod x $do export now = "--force --grace-period 0"   # k delete pod x $now Vim To make vim use 2 spaces for a tab edit ~/.vimrc to contain: set tabstop=2 set expandtab set shiftwidth=2 More setup suggestions are in the tips section .     Question 1 | Contexts Task weight: 1%   You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl . Finally write a second command doing the same thing into ...

OWASP Top 10 Threats and Mitigations Exam - Single Select

Last updated 4 Aug 11 Course Title: OWASP Top 10 Threats and Mitigation Exam Questions - Single Select 1) Which of the following consequences is most likely to occur due to an injection attack? Spoofing Cross-site request forgery Denial of service   Correct Insecure direct object references 2) Your application is created using a language that does not support a clear distinction between code and data. Which vulnerability is most likely to occur in your application? Injection   Correct Insecure direct object references Failure to restrict URL access Insufficient transport layer protection 3) Which of the following scenarios is most likely to cause an injection attack? Unvalidated input is embedded in an instruction stream.   Correct Unvalidated input can be distinguished from valid instructions. A Web application does not validate a client’s access to a resource. A Web action performs an operation on behalf of the user without checkin...