Docker部署实践
1. 概述
Docker容器化是AI UI生成系统部署的核心技术,通过容器化实现应用的一致性部署、环境隔离和资源管理。本章详细介绍Docker镜像构建、容器编排、多服务协同、生产环境部署和运维管理,包括完整的Dockerfile编写、docker-compose配置和最佳实践。
2. Docker基础架构
2.1 容器化架构图
Docker主机 -> Docker引擎 -> 容器编排 -> 多服务容器
↓ ↓ ↓ ↓
物理/虚拟 容器运行时 Docker Compose 应用服务
2.2 服务组件
# docker-compose.yml - 服务组件配置
version: '3.8'
services:
# 主应用服务
ai-ui-system:
build: .
ports:
- "8000:8000"
volumes:
- ./output:/app/output
- ./config:/app/config
- ./models:/app/models
environment:
- ENV=production
- LOG_LEVEL=INFO
depends_on:
- redis
networks:
- ai-ui-network
# Redis缓存服务
redis:
image: redis:7-alpine
ports:
- "6379:6379"
volumes:
- redis_data:/data
networks:
- ai-ui-network
# Nginx反向代理
nginx:
image: nginx:alpine
ports:
- "80:80"
- "443:443"
volumes:
- ./docker/nginx.conf:/etc/nginx/nginx.conf
- ./output:/usr/share/nginx/html
depends_on:
- ai-ui-system
networks:
- ai-ui-network
# 训练服务(可选)
training-service:
build: .
command: python train/finetune_lora.py
volumes:
- ./data:/app/data
- ./models:/app/models
environment:
- CUDA_VISIBLE_DEVICES=0
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities: [gpu]
networks:
- ai-ui-network
volumes:
redis_data:
networks:
ai-ui-network:
driver: bridge
3. Dockerfile详解
3.1 基础Dockerfile
# Dockerfile - AI UI生成系统镜像构建
FROM python:3.9-slim
# 设置工作目录
WORKDIR /app
# 设置环境变量
ENV PYTHONPATH=/app
ENV PYTHONUNBUFFERED=1
ENV DEBIAN_FRONTEND=noninteractive
# 安装系统依赖
RUN apt-get update && apt-get install -y \
build-essential \
curl \
software-properties-common \
git \
wget \
libgl1-mesa-glx \
libglib2.0-0 \
libsm6 \
libxext6 \
libxrender-dev \
libgomp1 \
libgcc-s1 \
&& rm -rf /var/lib/apt/lists/*
# 安装Python依赖
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# 复制应用代码
COPY . .
# 创建必要的目录
RUN mkdir -p /app/output/images \
/app/output/vue \
/app/output/dsl \
/app/output/cache \
/app/logs
# 设置权限
RUN chmod +x /app/scripts/*.sh
# 创建非root用户
RUN useradd -m -u 1000 appuser && \
chown -R appuser:appuser /app
USER appuser
# 健康检查
HEALTHCHECK \
CMD curl -f http://localhost:8000/health || exit 1
# 暴露端口
EXPOSE 8000
# 启动命令
CMD ["python", "api/main.py"]
3.2 多阶段构建Dockerfile
# 多阶段构建Dockerfile - 优化镜像大小
# 第一阶段:构建阶段
FROM python:3.9-slim as builder
# 设置工作目录
WORKDIR /app
# 安装构建依赖
RUN apt-get update && apt-get install -y \
build-essential \
gcc \
g++ \
&& rm -rf /var/lib/apt/lists/*
# 复制依赖文件
COPY requirements.txt .
# 安装Python依赖到虚拟环境
RUN python -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
RUN pip install --no-cache-dir -r requirements.txt
# 第二阶段:运行阶段
FROM python:3.9-slim
# 设置工作目录
WORKDIR /app
# 设置环境变量
ENV PYTHONPATH=/app
ENV PYTHONUNBUFFERED=1
ENV PATH="/opt/venv/bin:$PATH"
# 安装运行时依赖
RUN apt-get update && apt-get install -y \
libgl1-mesa-glx \
libglib2.0-0 \
libsm6 \
libxext6 \
libxrender-dev \
libgomp1 \
libgcc-s1 \
curl \
&& rm -rf /var/lib/apt/lists/*
# 从构建阶段复制虚拟环境
COPY /opt/venv /opt/venv
# 复制应用代码
COPY . .
# 创建必要的目录
RUN mkdir -p /app/output/images \
/app/output/vue \
/app/output/dsl \
/app/output/cache \
/app/logs
# 创建非root用户
RUN useradd -m -u 1000 appuser && \
chown -R appuser:appuser /app
USER appuser
# 健康检查
HEALTHCHECK \
CMD curl -f http://localhost:8000/health || exit 1
# 暴露端口
EXPOSE 8000
# 启动命令
CMD ["python", "api/main.py"]
3.3 GPU支持Dockerfile
# GPU支持Dockerfile - 支持CUDA训练
FROM nvidia/cuda:11.8-devel-ubuntu20.04
# 设置环境变量
ENV PYTHONPATH=/app
ENV PYTHONUNBUFFERED=1
ENV DEBIAN_FRONTEND=noninteractive
ENV CUDA_VISIBLE_DEVICES=0
# 安装系统依赖
RUN apt-get update && apt-get install -y \
python3.9 \
python3.9-dev \
python3-pip \
build-essential \
curl \
git \
wget \
libgl1-mesa-glx \
libglib2.0-0 \
libsm6 \
libxext6 \
libxrender-dev \
&& rm -rf /var/lib/apt/lists/*
# 设置Python3.9为默认Python
RUN update-alternatives --install /usr/bin/python python /usr/bin/python3.9 1
RUN update-alternatives --install /usr/bin/pip pip /usr/bin/pip3 1
# 设置工作目录
WORKDIR /app
# 安装Python依赖
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# 复制应用代码
COPY . .
# 创建必要的目录
RUN mkdir -p /app/output/images \
/app/output/vue \
/app/output/dsl \
/app/output/cache \
/app/logs
# 创建非root用户
RUN useradd -m -u 1000 appuser && \
chown -R appuser:appuser /app
USER appuser
# 健康检查
HEALTHCHECK \
CMD curl -f http://localhost:8000/health || exit 1
# 暴露端口
EXPOSE 8000
# 启动命令
CMD ["python", "api/main.py"]
4. Docker Compose配置
4.1 开发环境配置
# docker-compose.dev.yml - 开发环境配置
version: '3.8'
services:
# 主应用服务
ai-ui-system:
build:
context: .
dockerfile: Dockerfile
target: builder
ports:
- "8000:8000"
volumes:
- .:/app
- /app/venv
environment:
- ENV=development
- LOG_LEVEL=DEBUG
- RELOAD=true
command: uvicorn api.main:app --host 0.0.0.0 --port 8000 --reload
depends_on:
- redis
networks:
- ai-ui-network
# Redis缓存服务
redis:
image: redis:7-alpine
ports:
- "6379:6379"
volumes:
- redis_dev_data:/data
networks:
- ai-ui-network
# 数据库服务(可选)
postgres:
image: postgres:13
environment:
POSTGRES_DB: ai_ui_system
POSTGRES_USER: admin
POSTGRES_PASSWORD: password
ports:
- "5432:5432"
volumes:
- postgres_dev_data:/var/lib/postgresql/data
networks:
- ai-ui-network
volumes:
redis_dev_data:
postgres_dev_data:
networks:
ai-ui-network:
driver: bridge
4.2 生产环境配置
# docker-compose.prod.yml - 生产环境配置
version: '3.8'
services:
# 主应用服务
ai-ui-system:
build:
context: .
dockerfile: Dockerfile
ports:
- "8000:8000"
volumes:
- ./output:/app/output
- ./config:/app/config
- ./models:/app/models
- ./logs:/app/logs
environment:
- ENV=production
- LOG_LEVEL=INFO
- WORKERS=4
restart: unless-stopped
depends_on:
- redis
networks:
- ai-ui-network
deploy:
resources:
limits:
memory: 4G
cpus: '2.0'
reservations:
memory: 2G
cpus: '1.0'
# Redis缓存服务
redis:
image: redis:7-alpine
ports:
- "6379:6379"
volumes:
- redis_prod_data:/data
restart: unless-stopped
networks:
- ai-ui-network
deploy:
resources:
limits:
memory: 1G
cpus: '0.5'
reservations:
memory: 512M
cpus: '0.25'
# Nginx反向代理
nginx:
image: nginx:alpine
ports:
- "80:80"
- "443:443"
volumes:
- ./docker/nginx.conf:/etc/nginx/nginx.conf
- ./docker/ssl:/etc/nginx/ssl
- ./output:/usr/share/nginx/html
restart: unless-stopped
depends_on:
- ai-ui-system
networks:
- ai-ui-network
deploy:
resources:
limits:
memory: 512M
cpus: '0.5'
reservations:
memory: 256M
cpus: '0.25'
# 监控服务
prometheus:
image: prom/prometheus
ports:
- "9090:9090"
volumes:
- ./docker/prometheus.yml:/etc/prometheus/prometheus.yml
- prometheus_data:/prometheus
restart: unless-stopped
networks:
- ai-ui-network
# 日志收集服务
grafana:
image: grafana/grafana
ports:
- "3000:3000"
volumes:
- grafana_data:/var/lib/grafana
environment:
- GF_SECURITY_ADMIN_PASSWORD=admin
restart: unless-stopped
networks:
- ai-ui-network
volumes:
redis_prod_data:
prometheus_data:
grafana_data:
networks:
ai-ui-network:
driver: bridge
4.3 GPU训练环境配置
# docker-compose.gpu.yml - GPU训练环境配置
version: '3.8'
services:
# 训练服务
training-service:
build:
context: .
dockerfile: Dockerfile.gpu
volumes:
- ./data:/app/data
- ./models:/app/models
- ./config:/app/config
- ./logs:/app/logs
environment:
- CUDA_VISIBLE_DEVICES=0
- ENV=training
- LOG_LEVEL=INFO
command: python train/finetune_lora.py
restart: unless-stopped
networks:
- ai-ui-network
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities: [gpu]
# 数据生成服务
data-generator:
build:
context: .
dockerfile: Dockerfile
volumes:
- ./data:/app/data
- ./config:/app/config
environment:
- ENV=development
- LOG_LEVEL=INFO
command: python data/generate_synthetic_data.py
networks:
- ai-ui-network
# 模型评估服务
model-evaluator:
build:
context: .
dockerfile: Dockerfile.gpu
volumes:
- ./data:/app/data
- ./models:/app/models
- ./config:/app/config
environment:
- CUDA_VISIBLE_DEVICES=0
- ENV=development
- LOG_LEVEL=INFO
command: python train/evaluate_model.py
networks:
- ai-ui-network
deploy:
resources:
reservations:
devices:
- driver: nvidia
count: 1
capabilities: [gpu]
networks:
ai-ui-network:
driver: bridge
5. Nginx配置
5.1 反向代理配置
# docker/nginx.conf - Nginx反向代理配置
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# 日志格式
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log;
# 基本配置
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# Gzip压缩
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types
text/plain
text/css
text/xml
text/javascript
application/json
application/javascript
application/xml+rss
application/atom+xml
image/svg+xml;
# 上游服务器配置
upstream ai_ui_backend {
server ai-ui-system:8000;
keepalive 32;
}
# 主服务器配置
server {
listen 80;
server_name localhost;
# 客户端最大请求体大小
client_max_body_size 100M;
# 静态文件服务
location /static/ {
alias /usr/share/nginx/html/;
expires 1y;
add_header Cache-Control "public, immutable";
}
# API代理
location /api/ {
proxy_pass http://ai_ui_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 超时配置
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
# 缓冲配置
proxy_buffering on;
proxy_buffer_size 4k;
proxy_buffers 8 4k;
}
# 健康检查
location /health {
proxy_pass http://ai_ui_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# 默认路由
location / {
proxy_pass http://ai_ui_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
5.2 SSL配置
# docker/nginx-ssl.conf - SSL配置
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# SSL配置
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# 上游服务器配置
upstream ai_ui_backend {
server ai-ui-system:8000;
keepalive 32;
}
# HTTP重定向到HTTPS
server {
listen 80;
server_name localhost;
return 301 https://$server_name$request_uri;
}
# HTTPS服务器
server {
listen 443 ssl http2;
server_name localhost;
# SSL证书配置
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
# 安全头
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options DENY always;
add_header X-Content-Type-Options nosniff always;
add_header X-XSS-Protection "1; mode=block" always;
# 客户端最大请求体大小
client_max_body_size 100M;
# 静态文件服务
location /static/ {
alias /usr/share/nginx/html/;
expires 1y;
add_header Cache-Control "public, immutable";
}
# API代理
location /api/ {
proxy_pass http://ai_ui_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 超时配置
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
# 默认路由
location / {
proxy_pass http://ai_ui_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
6. 部署脚本
6.1 一键部署脚本
#!/bin/bash
# scripts/deploy.sh - 一键部署脚本
set -e
# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# 日志函数
log_info() {
echo -e "${GREEN}[INFO]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[WARN]${NC} $1"
}
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
# 检查Docker环境
check_docker() {
log_info "检查Docker环境..."
if ! command -v docker &> /dev/null; then
log_error "Docker未安装,请先安装Docker"
exit 1
fi
if ! command -v docker-compose &> /dev/null; then
log_error "Docker Compose未安装,请先安装Docker Compose"
exit 1
fi
if ! docker info &> /dev/null; then
log_error "Docker服务未运行,请启动Docker服务"
exit 1
fi
log_info "Docker环境检查通过"
}
# 检查GPU环境
check_gpu() {
log_info "检查GPU环境..."
if command -v nvidia-smi &> /dev/null; then
log_info "检测到NVIDIA GPU"
nvidia-smi
return 0
else
log_warn "未检测到NVIDIA GPU,将使用CPU模式"
return 1
fi
}
# 创建必要目录
create_directories() {
log_info "创建必要目录..."
mkdir -p output/{images,vue,dsl,cache}
mkdir -p logs
mkdir -p data/synthetic
mkdir -p models
mkdir -p config
log_info "目录创建完成"
}
# 生成示例数据
generate_sample_data() {
log_info "生成示例数据..."
if [ ! -f "data/synthetic/train.jsonl" ]; then
log_info "生成训练数据..."
python data/generate_synthetic_data.py
else
log_info "训练数据已存在,跳过生成"
fi
}
# 构建Docker镜像
build_image() {
log_info "构建Docker镜像..."
# 检查是否有GPU
if check_gpu; then
log_info "使用GPU版本Dockerfile"
docker build -f Dockerfile.gpu -t ai-ui-system:latest .
else
log_info "使用CPU版本Dockerfile"
docker build -f Dockerfile -t ai-ui-system:latest .
fi
log_info "Docker镜像构建完成"
}
# 启动服务
start_services() {
log_info "启动服务..."
# 检查是否有GPU
if check_gpu; then
log_info "使用GPU版本docker-compose"
docker-compose -f docker-compose.yml -f docker-compose.gpu.yml up -d
else
log_info "使用CPU版本docker-compose"
docker-compose -f docker-compose.yml up -d
fi
log_info "服务启动完成"
}
# 等待服务就绪
wait_for_services() {
log_info "等待服务就绪..."
# 等待主服务
for i in {1..30}; do
if curl -f http://localhost:8000/health &> /dev/null; then
log_info "主服务已就绪"
break
fi
if [ $i -eq 30 ]; then
log_error "主服务启动超时"
exit 1
fi
log_info "等待主服务启动... ($i/30)"
sleep 10
done
# 等待Nginx
for i in {1..10}; do
if curl -f http://localhost/health &> /dev/null; then
log_info "Nginx已就绪"
break
fi
if [ $i -eq 10 ]; then
log_error "Nginx启动超时"
exit 1
fi
log_info "等待Nginx启动... ($i/10)"
sleep 5
done
}
# 显示服务状态
show_status() {
log_info "服务状态:"
docker-compose ps
log_info "服务日志:"
docker-compose logs --tail=20
}
# 测试API
test_api() {
log_info "测试API..."
# 测试健康检查
if curl -f http://localhost/health; then
log_info "健康检查通过"
else
log_error "健康检查失败"
exit 1
fi
# 测试UI生成
log_info "测试UI生成..."
curl -X POST "http://localhost/generate-ui" \
-H "Content-Type: application/json" \
-d '{
"prompt": "设计一个简单的首页",
"theme": "obsidian-gold",
"page_type": "home_page"
}' | jq .
log_info "API测试完成"
}
# 主函数
main() {
log_info "开始部署AI UI生成系统..."
check_docker
create_directories
generate_sample_data
build_image
start_services
wait_for_services
show_status
test_api
log_info "部署完成!"
log_info "访问地址:"
log_info " - 主服务: http://localhost:8000"
log_info " - Nginx: http://localhost"
log_info " - API文档: http://localhost/docs"
log_info " - 健康检查: http://localhost/health"
}
# 执行主函数
main "$@"
6.2 环境管理脚本
#!/bin/bash
# scripts/env.sh - 环境管理脚本
# 环境配置
ENV=${1:-development}
case $ENV in
development)
COMPOSE_FILE="docker-compose.dev.yml"
;;
production)
COMPOSE_FILE="docker-compose.prod.yml"
;;
gpu)
COMPOSE_FILE="docker-compose.gpu.yml"
;;
*)
echo "Usage: $0 {development|production|gpu}"
exit 1
;;
esac
echo "使用环境: $ENV"
echo "Compose文件: $COMPOSE_FILE"
# 启动服务
docker-compose -f $COMPOSE_FILE up -d
# 显示状态
docker-compose -f $COMPOSE_FILE ps
7. 监控和日志
7.1 Prometheus配置
# docker/prometheus.yml - Prometheus监控配置
global:
scrape_interval: 15s
evaluation_interval: 15s
rule_files:
- "alert_rules.yml"
scrape_configs:
- job_name: 'ai-ui-system'
static_configs:
- targets: ['ai-ui-system:8000']
metrics_path: '/metrics'
scrape_interval: 5s
- job_name: 'nginx'
static_configs:
- targets: ['nginx:9113']
scrape_interval: 5s
- job_name: 'redis'
static_configs:
- targets: ['redis:6379']
scrape_interval: 5s
alerting:
alertmanagers:
- static_configs:
- targets:
- alertmanager:9093
7.2 日志配置
# docker/logging.yml - 日志配置
version: '3.8'
services:
# 日志收集服务
fluentd:
image: fluent/fluentd:v1.14-1
volumes:
- ./docker/fluentd.conf:/fluentd/etc/fluent.conf
- ./logs:/var/log/fluentd
ports:
- "24224:24224"
- "24224:24224/udp"
networks:
- ai-ui-network
# 日志存储服务
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.15.0
environment:
- discovery.type=single-node
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
volumes:
- elasticsearch_data:/usr/share/elasticsearch/data
ports:
- "9200:9200"
networks:
- ai-ui-network
# 日志可视化服务
kibana:
image: docker.elastic.co/kibana/kibana:7.15.0
environment:
- ELASTICSEARCH_HOSTS=http://elasticsearch:9200
ports:
- "5601:5601"
depends_on:
- elasticsearch
networks:
- ai-ui-network
volumes:
elasticsearch_data:
networks:
ai-ui-network:
driver: bridge
8. 安全配置
8.1 安全扫描
#!/bin/bash
# scripts/security.sh - 安全扫描脚本
# 镜像安全扫描
scan_image() {
local image_name=$1
log_info "扫描镜像: $image_name"
# 使用Trivy扫描
if command -v trivy &> /dev/null; then
trivy image $image_name
else
log_warn "Trivy未安装,跳过安全扫描"
fi
}
# 容器安全扫描
scan_container() {
local container_name=$1
log_info "扫描容器: $container_name"
# 检查容器配置
docker inspect $container_name | jq '.[0].Config'
# 检查挂载点
docker inspect $container_name | jq '.[0].Mounts'
# 检查网络配置
docker inspect $container_name | jq '.[0].NetworkSettings'
}
# 主函数
main() {
log_info "开始安全扫描..."
# 扫描镜像
scan_image "ai-ui-system:latest"
# 扫描容器
scan_container "ai-ui-system"
log_info "安全扫描完成"
}
main "$@"
8.2 访问控制
# docker/access-control.yml - 访问控制配置
version: '3.8'
services:
# 防火墙服务
firewall:
image: nginx:alpine
ports:
- "80:80"
volumes:
- ./docker/firewall.conf:/etc/nginx/nginx.conf
networks:
- ai-ui-network
# 认证服务
auth-service:
image: nginx:alpine
ports:
- "8080:80"
volumes:
- ./docker/auth.conf:/etc/nginx/nginx.conf
networks:
- ai-ui-network
networks:
ai-ui-network:
driver: bridge
9. 备份和恢复
9.1 备份脚本
#!/bin/bash
# scripts/backup.sh - 备份脚本
# 备份配置
BACKUP_DIR="/backup/ai-ui-system"
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_NAME="ai-ui-system_${DATE}"
# 创建备份目录
mkdir -p $BACKUP_DIR
# 备份数据
backup_data() {
log_info "备份数据..."
# 备份输出文件
tar -czf $BACKUP_DIR/${BACKUP_NAME}_output.tar.gz output/
# 备份配置
tar -czf $BACKUP_DIR/${BACKUP_NAME}_config.tar.gz config/
# 备份模型
tar -czf $BACKUP_DIR/${BACKUP_NAME}_models.tar.gz models/
# 备份日志
tar -czf $BACKUP_DIR/${BACKUP_NAME}_logs.tar.gz logs/
log_info "数据备份完成"
}
# 备份数据库
backup_database() {
log_info "备份数据库..."
# 备份Redis
docker exec redis redis-cli BGSAVE
docker cp redis:/data/dump.rdb $BACKUP_DIR/${BACKUP_NAME}_redis.rdb
log_info "数据库备份完成"
}
# 备份配置
backup_config() {
log_info "备份配置..."
# 备份Docker配置
cp docker-compose.yml $BACKUP_DIR/${BACKUP_NAME}_docker-compose.yml
cp Dockerfile $BACKUP_DIR/${BACKUP_NAME}_Dockerfile
log_info "配置备份完成"
}
# 主函数
main() {
log_info "开始备份..."
backup_data
backup_database
backup_config
log_info "备份完成: $BACKUP_DIR/$BACKUP_NAME"
}
main "$@"
9.2 恢复脚本
#!/bin/bash
# scripts/restore.sh - 恢复脚本
# 恢复配置
RESTORE_DIR=${1:-"/backup/ai-ui-system"}
BACKUP_NAME=${2:-"latest"}
# 恢复数据
restore_data() {
log_info "恢复数据..."
# 恢复输出文件
tar -xzf $RESTORE_DIR/${BACKUP_NAME}_output.tar.gz
# 恢复配置
tar -xzf $RESTORE_DIR/${BACKUP_NAME}_config.tar.gz
# 恢复模型
tar -xzf $RESTORE_DIR/${BACKUP_NAME}_models.tar.gz
# 恢复日志
tar -xzf $RESTORE_DIR/${BACKUP_NAME}_logs.tar.gz
log_info "数据恢复完成"
}
# 恢复数据库
restore_database() {
log_info "恢复数据库..."
# 恢复Redis
docker cp $RESTORE_DIR/${BACKUP_NAME}_redis.rdb redis:/data/dump.rdb
docker restart redis
log_info "数据库恢复完成"
}
# 主函数
main() {
log_info "开始恢复..."
restore_data
restore_database
log_info "恢复完成"
}
main "$@"
10. 最佳实践
10.1 镜像优化
# 镜像优化最佳实践
FROM python:3.9-slim
# 使用多阶段构建
# 使用.dockerignore文件
# 使用非root用户
# 使用健康检查
# 使用标签管理
# 标签管理
LABEL maintainer="your-email@example.com"
LABEL version="1.0.0"
LABEL description="AI UI生成系统"
# 使用.dockerignore
# .dockerignore
# __pycache__
# *.pyc
# .git
# .gitignore
# README.md
# .env
# venv/
# .pytest_cache/
# .coverage
# htmlcov/
10.2 容器编排
# 容器编排最佳实践
version: '3.8'
services:
app:
image: ai-ui-system:latest
deploy:
replicas: 3
resources:
limits:
memory: 2G
cpus: '1.0'
reservations:
memory: 1G
cpus: '0.5'
restart_policy:
condition: on-failure
delay: 5s
max_attempts: 3
update_config:
parallelism: 1
delay: 10s
failure_action: rollback
rollback_config:
parallelism: 1
delay: 5s
networks:
- ai-ui-network
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
networks:
ai-ui-network:
driver: overlay
attachable: true
通过掌握这些Docker部署技术,您可以构建一个稳定、可扩展、易维护的容器化部署方案。Docker容器化是现代应用部署的标准实践,需要精心设计和持续优化,以提供最佳的生产环境体验。