-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.windowsservercore-ltsc2019
121 lines (97 loc) · 4.03 KB
/
Dockerfile.windowsservercore-ltsc2019
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
# Dockerfile - Windows
# https://github.com/openresty/docker-openresty
ARG RESTY_INSTALL_BASE="microsoft/windowsservercore"
ARG RESTY_INSTALL_TAG="ltsc2019"
FROM mcr.microsoft.com/windows/servercore:ltsc2019 AS downloader
ARG RESTY_VERSION="1.15.8.1"
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
WORKDIR C:/dl
# Download Perl and OpenResty
RUN Invoke-WebRequest -Uri "https://chocolatey.org/install.ps1" -UseBasicParsing | iex ; \
choco install strawberryperl -y --no-progress ; \
mv C:\Strawberry\ C:\dl\ ; \
Write-Host "Downloading OpenResty.." ; \
Invoke-WebRequest "https://openresty.org/download/openresty-$($env:RESTY_VERSION)-win64.zip" -OutFile C:\openresty.zip ; \
Expand-Archive C:\openresty.zip . ; \
mv .\openresty-*\ .\openresty ;
FROM mcr.microsoft.com/windows/servercore:ltsc2019
ARG RESTY_INSTALL_BASE="microsoft/windowsservercore"
ARG RESTY_INSTALL_TAG="ltsc2019"
ARG RESTY_VERSION="1.15.8.2"
LABEL resty_install_base="${RESTY_INSTALL_BASE}"
LABEL resty_install_tag="${RESTY_INSTALL_TAG}"
LABEL resty_version="${RESTY_VERSION}"
WORKDIR C:/openresty
RUN setx /M PATH "%PATH%;C:\Strawberry\perl\bin;C:\openresty"
# CMD [ "nginx", "-g", "\"daemon off;\""]
COPY --from=downloader C:/dl/ C:/
# nginx config is not overwritten as paths in the Windows distribution are already fine
# we do not move writeable temp paths for Windows (#119)
# sidecar specifics
RUN tree C:/ /A /F
EXPOSE 80 81 82 443 9101
COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf
COPY nginx.conf /tmpl/nginx.conf.tmpl
COPY cors.conf /tmpl/cors.conf.tmpl
COPY lua-init.conf /usr/local/openresty/nginx/conf/includes/lua-init.conf
COPY prometheus.lua /tmpl/prometheus.lua.tmpl
COPY jaeger-nginx-config.yaml /tmpl/jaeger-nginx-config.yaml.tmpl
COPY ./docker-entrypoint.ps1 /
# RUN chmod 500 /docker-entrypoint.sh
# embed self-signed certificate for integration testing (at runtime a valid cert is mounted)
COPY ssl/ssl.pem /etc/ssl/private/ssl.pem
COPY ssl/ssl.key /etc/ssl/private/ssl.key
# runtime environment variables
ENV OFFLOAD_TO_HOST=localhost \
OFFLOAD_TO_PORT=80 \
OFFLOAD_TO_PROTO=http \
PROXY_HOST='$host' \
HEALT_CHECK_PATH=/ \
ALLOW_CIDRS="allow all;" \
SERVICE_NAME="myservice" \
NAMESPACE="mynamespace" \
DNS_ZONE="estafette.io" \
WORKER_PROCESSES="1" \
WORKER_CONNECTIONS="1024" \
WORKER_RLIMIT_NOFILE="1047552" \
WORKER_SHUTDOWN_TIMEOUT="30s" \
MULTI_ACCEPT="on" \
CLIENT_BODY_TIMEOUT="60s" \
CLIENT_HEADER_TIMEOUT="60s" \
CLIENT_BODY_BUFFER_SIZE="128k" \
CLIENT_MAX_BODY_SIZE="0" \
KEEPALIVE_TIMEOUT="10s" \
KEEPALIVE_TIMEOUT_HEADER="10" \
SEND_TIMEOUT="60s" \
PROXY_REQUEST_BUFFERING="off" \
PROXY_BUFFERING="on" \
PROXY_BUFFERS_NUMBER="16" \
PROXY_BUFFERS_SIZE="64k" \
PROXY_BUFFER_SIZE="16k" \
LARGE_CLIENT_HEADER_BUFFERS="4 8k" \
PROXY_CONNECT_TIMEOUT="60s" \
PROXY_SEND_TIMEOUT="60s" \
PROXY_READ_TIMEOUT="60s" \
ENFORCE_HTTPS="true" \
PROMETHEUS_METRICS_PORT="9101" \
DEFAULT_BUCKETS="{0.005, 0.01, 0.02, 0.03, 0.05, 0.075, 0.1, 0.2, 0.3, 0.4, 0.5, 0.75, 1, 1.5, 2, 2.5, 3, 3.5, 4, 4.5, 5, 7.5, 10, 15, 20, 30, 60, 120}" \
NGINX_CONF_TMPL_PATH="/tmpl/nginx.conf.tmpl" \
NGINX_CORS_CONF_TMPL_PATH="/tmpl/cors.conf.tmpl" \
PROMETHEUS_LUA_TMPL_PATH="/tmpl/prometheus.lua.tmpl" \
SSL_PROTOCOLS="TLSv1.2" \
SETUP_CORS="false" \
CORS_ALLOWED_ORIGINS="*" \
CORS_MAX_AGE="86400" \
GRACEFUL_SHUTDOWN_DELAY_SECONDS="15" \
UPSTREAM_KEEPALIVE_CONNECTIONS="32" \
UPSTREAM_KEEPALIVE_TIMEOUT="60s" \
UPSTREAM_KEEPALIVE_REQUESTS="100" \
JAEGER_AGENT_HOST="localhost" \
JAEGER_AGENT_PORT="6831" \
JAEGER_SAMPLER_TYPE="remote" \
JAEGER_SAMPLER_PARAM="0.001" \
JAEGER_REPORTER_LOG_SPANS="false" \
LD_LIBRARY_PATH="/usr/local/lib"
ENTRYPOINT ["/docker-entrypoint.ps1"]
# Reset change of stopsignal in openresty container at https://github.com/openresty/docker-openresty/blob/master/alpine/Dockerfile#L124
STOPSIGNAL SIGTERM