基于 Rancher,在 1 个 Git 仓库、1 个容器中部署 2 个域名的实现

1、现在渠道发布接口包含如下应用:企鹅号、微信公众帐号、微博、控制台命令、跨渠道、授权,其中企鹅号、微信公众帐号、微博、跨渠道需要部署为域名 A,且入方向仅支持内网,其中授权需要部署为域名 B,入方向可支持外网,如图1

现在渠道发布接口包含如下应用:企鹅号、微信公众帐号、微博、控制台命令、跨渠道、授权,其中企鹅号、微信公众帐号、微博、跨渠道需要部署为域名 A,且入方向仅支持内网,其中授权需要部署为域名 B,入方向可支持外网

图1

2、/build/c_files/etc/nginx/conf.d/channel-pub-api.conf,已经支持部署为域名 A,且入方向仅支持内网

server {
    listen 80; ## listen for ipv4
    server_name CHANNEL_PUB_API_CFG_NGINX_SERVER_NAME;
    charset utf-8;

    root /sobey/www/channel-pub-api;
    index index.php;

    location / {
        root /sobey/www/channel-pub-api/api/web;
        try_files $uri $uri/ /api/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/assets/.+/.php(/|$) {
            deny all;
        }
    }

    location /qq {
        alias /sobey/www/channel-pub-api/qq/web/;

        # redirect to the URL without a trailing slash (uncomment if necessary)
        #location = /qq/ {
        #    return 301 /qq;
        #}

        # prevent the directory redirect to the URL with a trailing slash
        location = /qq {
            # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri /qq/qq/web/index.php$is_args$args;
        }

        # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args"
        # bug ticket: https://trac.nginx.org/nginx/ticket/97
        try_files $uri $uri/ /qq/qq/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/qq/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/qq/assets/.+/.php(/|$) {
            deny all;
        }
    }

    location /weibo {
            alias /sobey/www/channel-pub-api/weibo/web/;

            # redirect to the URL without a trailing slash (uncomment if necessary)
            #location = /weibo/ {
            #    return 301 /weibo;
            #}

            # prevent the directory redirect to the URL with a trailing slash
            location = /weibo {
                # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args"
                # bug ticket: https://trac.nginx.org/nginx/ticket/97
                try_files $uri /weibo/weibo/web/index.php$is_args$args;
            }

            # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args;

            # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
            #location ~ ^/weibo/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
            #    log_not_found off;
            #    access_log off;
            #    try_files $uri =404;
            #}

            location ~ ^/weibo/assets/.+/.php(/|$) {
                deny all;
            }
        }

    location /wx {
        alias /sobey/www/channel-pub-api/wx/web/;

        # redirect to the URL without a trailing slash (uncomment if necessary)
        #location = /wx/ {
        #    return 301 /wx;
        #}

        # prevent the directory redirect to the URL with a trailing slash
        location = /wx {
            # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri /wx/wx/web/index.php$is_args$args;
        }

        # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args"
        # bug ticket: https://trac.nginx.org/nginx/ticket/97
        try_files $uri $uri/ /wx/wx/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/wx/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/wx/assets/.+/.php(/|$) {
            deny all;
        }
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
	location ~ ^/.+/.php(/|$) {
        rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break;
        rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break;
        rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break;
		rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break;

		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_pass 127.0.0.1:9000;
		#fastcgi_pass unix:/var/run/php5-fpm.sock;
        try_files $fastcgi_script_name =404;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ //. {
        deny all;
    }
}

3、Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80,如图2

Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80

图2

4、域名 A 的访问详情如下

企鹅号:https://wjdev2.chinamcloud.com:8661/v1/qq/
微信公众帐号:https://wjdev2.chinamcloud.com:8661/v1/wx/
微博:https://wjdev2.chinamcloud.com:8661/v1/weibo/
跨渠道:https://wjdev2.chinamcloud.com:8661/v1/

5、编辑 /build/c_files/etc/nginx/conf.d/channel-pub-api.conf,以支持授权需要部署为域名 B,入方向可支持外网

server {
    listen CHANNEL_PUB_API_CFG_NGINX_AUTH_LISTEN; ## listen for ipv4
    server_name CHANNEL_PUB_API_CFG_NGINX_AUTH_SERVER_NAME;
    charset utf-8;

    root /sobey/www/channel-pub-api/frontend/web;
    index index.php;
    location / {
        # 如果找不到真实存在的文件,把请求分发至 index.php
        try_files $uri $uri/ /index.php$is_args$args;
    }

    # uncomment to avoid processing of calls to non-existing static files by Yii
    #location ~ /.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
    #    try_files $uri =404;
    #}
    #error_page 404 /404.html;

    # deny accessing php files for the /assets directory
    location ~ ^/assets/.*/.php$ {
        deny all;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ /.php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~* //. {
        deny all;
    }
}

server {
    listen CHANNEL_PUB_API_CFG_NGINX_API_LISTEN; ## listen for ipv4
    server_name CHANNEL_PUB_API_CFG_NGINX_API_SERVER_NAME;
    charset utf-8;

    root /sobey/www/channel-pub-api;
    index index.php;

    location / {
        root /sobey/www/channel-pub-api/api/web;
        try_files $uri $uri/ /api/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/assets/.+/.php(/|$) {
            deny all;
        }
    }

    location /qq {
        alias /sobey/www/channel-pub-api/qq/web/;

        # redirect to the URL without a trailing slash (uncomment if necessary)
        #location = /qq/ {
        #    return 301 /qq;
        #}

        # prevent the directory redirect to the URL with a trailing slash
        location = /qq {
            # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri /qq/qq/web/index.php$is_args$args;
        }

        # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args"
        # bug ticket: https://trac.nginx.org/nginx/ticket/97
        try_files $uri $uri/ /qq/qq/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/qq/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/qq/assets/.+/.php(/|$) {
            deny all;
        }
    }

    location /weibo {
            alias /sobey/www/channel-pub-api/weibo/web/;

            # redirect to the URL without a trailing slash (uncomment if necessary)
            #location = /weibo/ {
            #    return 301 /weibo;
            #}

            # prevent the directory redirect to the URL with a trailing slash
            location = /weibo {
                # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args"
                # bug ticket: https://trac.nginx.org/nginx/ticket/97
                try_files $uri /weibo/weibo/web/index.php$is_args$args;
            }

            # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args;

            # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
            #location ~ ^/weibo/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
            #    log_not_found off;
            #    access_log off;
            #    try_files $uri =404;
            #}

            location ~ ^/weibo/assets/.+/.php(/|$) {
                deny all;
            }
        }

    location /wx {
        alias /sobey/www/channel-pub-api/wx/web/;

        # redirect to the URL without a trailing slash (uncomment if necessary)
        #location = /wx/ {
        #    return 301 /wx;
        #}

        # prevent the directory redirect to the URL with a trailing slash
        location = /wx {
            # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri /wx/wx/web/index.php$is_args$args;
        }

        # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args"
        # bug ticket: https://trac.nginx.org/nginx/ticket/97
        try_files $uri $uri/ /wx/wx/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/wx/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/wx/assets/.+/.php(/|$) {
            deny all;
        }
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
	location ~ ^/.+/.php(/|$) {
		rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break;
		rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break;
		rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break;
		rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break;

		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_pass 127.0.0.1:9000;
		#fastcgi_pass unix:/var/run/php5-fpm.sock;
		try_files $fastcgi_script_name =404;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ //. {
        deny all;
    }
}

6、Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80,新增 公开主机端口:8662 映射至私有容器端口:81,如图3

Rancher 中端口映射,公开主机端口:8661 映射至私有容器端口:80,新增 公开主机端口:8662 映射至私有容器端口:81

图3

添加环境变量

	CHANNEL_PUB_API_CFG_NGINX_API_SERVER_NAME=wjdev2.chinamcloud.com # Nginx 服务器名称(接口域名、建议入方向仅支持内网)
	CHANNEL_PUB_API_CFG_NGINX_API_LISTEN=80 # Nginx 服务器监听端口(接口域名、建议入方向仅支持内网)
	CHANNEL_PUB_API_CFG_NGINX_AUTH_SERVER_NAME=wjdev2.chinamcloud.com # Nginx 服务器名称(授权域名、建议入方向可支持外网)
	CHANNEL_PUB_API_CFG_NGINX_AUTH_LISTEN=81 # Nginx 服务器监听端口(授权域名、建议入方向可支持外网)

7、查看 /etc/nginx/conf.d/channel-pub-api.conf,环境变量已被替换

server {
    listen 81; ## listen for ipv4
    server_name wjdev2.chinamcloud.com;
    charset utf-8;

    root /sobey/www/channel-pub-api/frontend/web;
    index index.php;
    location / {
        # 如果找不到真实存在的文件,把请求分发至 index.php
        try_files $uri $uri/ /index.php$is_args$args;
    }

    # uncomment to avoid processing of calls to non-existing static files by Yii
    #location ~ /.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
    #    try_files $uri =404;
    #}
    #error_page 404 /404.html;

    # deny accessing php files for the /assets directory
    location ~ ^/assets/.*/.php$ {
        deny all;
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ /.php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~* //. {
        deny all;
    }
}

server {
    listen 80; ## listen for ipv4
    server_name wjdev2.chinamcloud.com;
    charset utf-8;

    root /sobey/www/channel-pub-api;
    index index.php;

    location / {
        root /sobey/www/channel-pub-api/api/web;
        try_files $uri $uri/ /api/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/assets/.+/.php(/|$) {
            deny all;
        }
    }

    location /qq {
        alias /sobey/www/channel-pub-api/qq/web/;

        # redirect to the URL without a trailing slash (uncomment if necessary)
        #location = /qq/ {
        #    return 301 /qq;
        #}

        # prevent the directory redirect to the URL with a trailing slash
        location = /qq {
            # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri /qq/qq/web/index.php$is_args$args;
        }

        # if your location is "/qq", try use "/qq/qq/web/index.php$is_args$args"
        # bug ticket: https://trac.nginx.org/nginx/ticket/97
        try_files $uri $uri/ /qq/qq/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/qq/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/qq/assets/.+/.php(/|$) {
            deny all;
        }
    }

    location /weibo {
            alias /sobey/www/channel-pub-api/weibo/web/;

            # redirect to the URL without a trailing slash (uncomment if necessary)
            #location = /weibo/ {
            #    return 301 /weibo;
            #}

            # prevent the directory redirect to the URL with a trailing slash
            location = /weibo {
                # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args"
                # bug ticket: https://trac.nginx.org/nginx/ticket/97
                try_files $uri /weibo/weibo/web/index.php$is_args$args;
            }

            # if your location is "/weibo", try use "/weibo/weibo/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri $uri/ /weibo/weibo/web/index.php$is_args$args;

            # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
            #location ~ ^/weibo/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
            #    log_not_found off;
            #    access_log off;
            #    try_files $uri =404;
            #}

            location ~ ^/weibo/assets/.+/.php(/|$) {
                deny all;
            }
        }

    location /wx {
        alias /sobey/www/channel-pub-api/wx/web/;

        # redirect to the URL without a trailing slash (uncomment if necessary)
        #location = /wx/ {
        #    return 301 /wx;
        #}

        # prevent the directory redirect to the URL with a trailing slash
        location = /wx {
            # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args"
            # bug ticket: https://trac.nginx.org/nginx/ticket/97
            try_files $uri /wx/wx/web/index.php$is_args$args;
        }

        # if your location is "/wx", try use "/wx/wx/web/index.php$is_args$args"
        # bug ticket: https://trac.nginx.org/nginx/ticket/97
        try_files $uri $uri/ /wx/wx/web/index.php$is_args$args;

        # omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
        #location ~ ^/wx/.+/.(css|js|ico|png|jpe?g|gif|svg|ttf|mp4|mov|swf|pdf|zip|rar)$ {
        #    log_not_found off;
        #    access_log off;
        #    try_files $uri =404;
        #}

        location ~ ^/wx/assets/.+/.php(/|$) {
            deny all;
        }
    }

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
        location ~ ^/.+/.php(/|$) {
                rewrite (?!^/((api|qq|weibo|wx)/web|qq|weibo|wx))^ /api/web$uri break;
                rewrite (?!^/qq/web)^/qq(/.+)$ /qq/web$1 break;
                rewrite (?!^/weibo/web)^/weibo(/.+)$ /weibo/web$1 break;
                rewrite (?!^/wx/web)^/wx(/.+)$ /wx/web$1 break;

                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_pass 127.0.0.1:9000;
                #fastcgi_pass unix:/var/run/php5-fpm.sock;
                try_files $fastcgi_script_name =404;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ //. {
        deny all;
    }
}

8、域名 A、B 的访问详情如下,访问正常,如图4

域名 A、B 的访问详情如下,访问正常

图4

企鹅号:https://wjdev2.chinamcloud.com:8661/v1/qq/
微信公众帐号:https://wjdev2.chinamcloud.com:8661/v1/wx/
微博:https://wjdev2.chinamcloud.com:8661/v1/weibo/
跨渠道:https://wjdev2.chinamcloud.com:8661/v1/
授权:https://wjdev2.chinamcloud.com:8662/

原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/tech/webdev/250629.html

(0)
上一篇 2022年5月1日 00:49
下一篇 2022年5月1日 00:54

相关推荐

发表回复

登录后才能评论