需要调试网络,发现一般的镜像里很多命令不支持,调试十分不方便,所以需要一个命令完善的镜像供快速调试用
简单点, 在这位大佬的基础上完善指令,保存自己的调试工具
在原作上添加迭代 https://github.com/yobasystems/alpine-nginx
FROM yobasystems/alpine:3.16.2-amd64 ARG BUILD_DATE ARG VCS_REF LABEL maintainer="Dominic Taylor <[email protected]>" \ architecture="amd64/x86_64" \ nginx-version="1.23.1" \ alpine-version="3.16.2" \ build="14-Oct-2022" \ org.opencontainers.image.title="alpine-nginx" \ org.opencontainers.image.description="Nginx Docker image running on Alpine Linux" \ org.opencontainers.image.authors="Dominic Taylor <[email protected]>" \ org.opencontainers.image.vendor="Yoba Systems" \ org.opencontainers.image.version="v1.23.1" \ org.opencontainers.image.url="https://hub.docker.com/r/yobasystems/alpine-nginx/" \ org.opencontainers.image.source="https://github.com/yobasystems/alpine-nginx" \ org.opencontainers.image.revision=$VCS_REF \ org.opencontainers.image.created=$BUILD_DATE ENV REPO="https://[email protected]/yobasystems/default-index.git" ENV NGINX_VERSION=1.23.1 RUN \ build_pkgs="build-base linux-headers openssl-dev pcre-dev wget zlib-dev" && \ runtime_pkgs="ca-certificates openssl pcre zlib tzdata git" && \ apk --no-cache add ${build_pkgs} ${runtime_pkgs} && \ cd /tmp && \ wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz && \ tar xzf nginx-${NGINX_VERSION}.tar.gz && \ cd /tmp/nginx-${NGINX_VERSION} && \ ./configure \ --prefix=/etc/nginx \ --sbin-path=/usr/sbin/nginx \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/var/run/nginx.pid \ --lock-path=/var/run/nginx.lock \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_realip_module \ --with-http_addition_module \ --with-http_sub_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_stub_status_module \ --with-http_auth_request_module \ --with-mail \ --with-mail_ssl_module \ --with-file-aio \ --with-threads \ --with-stream \ --with-stream_ssl_module \ --with-stream_realip_module \ --with-http_slice_module \ --with-http_v2_module && \ make && \ make install && \ sed -i -e 's/#access_log logs\/access.log main;/access_log \/dev\/stdout;/' -e 's/#error_log logs\/error.log notice;/error_log stderr notice;/' /etc/nginx/nginx.conf && \ addgroup -S nginx && \ adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx && \ rm -rf /tmp/* && \ apk del ${build_pkgs} && \ rm -rf /var/cache/apk/* && \ rm -rf /etc/nginx/html/* COPY files/nginx.conf /etc/nginx/nginx.conf COPY files/run.sh /run.sh RUN chmod +x /run.sh && \ apk --no-cache add openssh RUN apk add --no-cache \ ca-certificates \ openssl \ curl \ bash \ sed \ wget \ zip \ unzip \ bzip2 \ p7zip \ drill \ ldns \ openssh-client \ rsync \ git \ gnupg \ tzdata \ iptables \ ipset \ stress-ng \ iproute2 VOLUME ["/var/cache/nginx"] EXPOSE 80 443 ENTRYPOINT /run.sh
构建部署
apiVersion: apps/v1
kind: Deployment
metadata:
name: tool
labels:
app: tool
spec:
replicas: 1
selector:
matchLabels:
app: tool
template:
metadata:
labels:
app: tool
spec:
containers:
- name: tool
image: itworker365/tools:latest
ports:
- containerPort: 80
resources:
limits:
cpu: "500m"
securityContext:
privileged: true
通过securityContext: privileged: true指定特权容器
进入后可以执行常见的网络命令,通过su root可以进入高权账号,进行iptables等操作,掌握集群网络
工具虽小,用处很大
标签:http,log,--,环境,module,nginx,构建,日常,&& From: https://www.cnblogs.com/it-worker365/p/17001116.html