docker鏡像編排

1.目錄結(jié)構(gòu)

backend/
- Dockerfile 
- scripts/
    - start.sh
    - crontab
    - worker.conf
    - build.sh
    - push.sh
- ...其他Laravel文件直接忽略
scripts/
- nginx/ # nginx 鏡像制作 
    - Dockerfile
    - app.conf
    - nginx.conf
    - build.sh
    - push.sh
- prod/ # 生產(chǎn)環(huán)境的鏡像編排測(cè)試
    - docker-compose.yml
    - update.sh
    - app-backend.env # 不能放git倉(cāng)庫(kù)
- prod-local/ # 本地鏡像編排測(cè)試
    - docker-compose.yml
    - update.sh
    - app-backend.env # 不能放git倉(cāng)庫(kù)

backend/Dockerfile

完全復(fù)制

FROM pheye/php-fpm:latest

MAINTAINER LIUWENCAN <phenye@gmail.com>

# 將源碼拷到鏡像中
COPY . /var/www/backend
# 確保沒(méi)有將.env打包進(jìn)去
RUN cd /var/www/backend && rm .env

# 啟動(dòng)腳本,除了php-fpm還有一些額外的配置
COPY scripts/start.sh /start.sh
RUN chmod +x /start.sh
# 用于任務(wù)調(diào)度的任務(wù)
COPY scripts/crontab /etc/cron.d/www
# 用于支持worker的啟動(dòng)
ADD ./scripts/worker.conf /etc/supervisor/conf.d/worker.conf

# 修改屬主,確保與php-fpm的用戶一致
RUN chown -R www /var/www/backend

VOLUME /var/www/backend

CMD ["/start.sh"]

backend/worker.conf

完全復(fù)制

[program:worker]
process_name=%(program_name)s_%(process_num)02d
command=php /var/www/backend/artisan queue:work --sleep=3 --tries=3 --daemon
user=www
autostart=true
autorestart=true
numprocs=2
stdout_logfile=/dev/fd/1
stdout_logfile_maxbytes=0
stderr_logfile=/dev/fd/2
stderr_logfile_maxbytes=0

backend/start.sh

完全復(fù)制

#!/bin/sh

# 用于啟動(dòng)性能采集
# nohup tideways-daemon &

# 執(zhí)行migration
cd /var/www/backend
php artisan migrate --force
if [ ! -f "public/storage" ] ; then php artisan storage:link; fi

# 下面這2個(gè)被注釋的命令有助于提高性能,但是可能導(dǎo)致應(yīng)用不可用,根據(jù)需要自己?jiǎn)?dòng)
# php artisan optimize 
# php artisan api:cache 
if [ $? -eq 0 ] ; then
    # 啟動(dòng)php-fpm
    php-fpm
else
   exit 1
fi

backend/push.sh

請(qǐng)將以下中文替換為你的信息

#!/bin/bash

pwd=阿里云的登錄密碼
docker login --username=阿里云登錄賬戶 -p $pwd registry.cn-hangzhou.aliyuncs.com
docker tag app-backend:latest registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
docker push registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]


if [ $# -gt 0 ] ; then
  tag=$1
  docker tag app-backend:latest registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:${tag}
  docker push registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:${tag}
fi

backend/crontab

完全復(fù)制

* * * * * www php /var/www/backend/artisan schedule:run > /dev/null 2>&1

backend/build.sh

完全復(fù)制

#!/bin/sh

if [ $# -gt 1 ] ; then
    docker build -t app-backend:$1 -t  app-backend:latest  .
else
    docker build -t  app-backend:latest  .
fi

scripts/nginx/backend.conf

server {
    listen 80;
    listen [::]:80;

    server_tokens off;
    server_name demo.test;
    root /var/www/backend/public;
    index index.php index.html index.htm;

    location ~* .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
        expires      30d;
        add_header Cache-Control "public";
    }

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        internal;
        try_files $uri /index.php =404;
        fastcgi_pass backend:9000; # 這個(gè)名字需要注意
        fastcgi_index index.php;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/letsencrypt/;
        log_not_found off;
    }

}

scripts/nginx/build.sh
完全復(fù)制

#!/bin/sh

if [ $# -gt 1 ] ; then
docker build -t app-nginx:$1 -t  app-nginx:latest  .
else
docker build -t  app-nginx:latest  .
fi

scripts/nginx/Dockfile
完全復(fù)制

FROM nginx:alpine

MAINTAINER LIUWENCAN <phenye@gmail.com>

RUN adduser -D -H -u 5000 -s /bin/sh www
RUN rm /etc/nginx/conf.d/default.conf
ADD nginx.conf /etc/nginx/
ADD backend.conf /etc/nginx/sites-available/

VOLUME /var/www

CMD ["nginx"]

scripts/nginx/nginx.conf

user www;
worker_processes 4;
pid /run/nginx.pid;
daemon off;

events {
  worker_connections  2048;
  multi_accept on;
  use epoll;
}

http {
  server_tokens off;
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout  600;
  fastcgi_read_timeout 300;
  types_hash_max_size 2048;
  client_max_body_size 20M;
  server_names_hash_bucket_size 256;
  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  gzip on;
  gzip_disable "msie6";
  gzip_min_length 1k;
  gzip_comp_level 1;
  gzip_vary on;
  gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';

  log_format access  '$http_x_forwarded_for $remote_addr [$time_local] "http://$host" "$request" '
              '$status $body_bytes_sent "$http_referer" "$http_user_agent" "$remote_user" ';

  log_format main   '{"@timestamp":"$time_iso8601",'
                        '"@source":"$server_addr",'
                        '"hostname":"$hostname",'
                        '"ip":"$http_x_forwarded_for",'
                        '"client":"$remote_addr",'
                        '"request_method":"$request_method",'
                        '"scheme":"$scheme",'
                        '"domain":"$server_name",'
                        '"referer":"$http_referer",'
                        '"request":"$request_uri",'
                        '"args":"$args",'
                        '"size":$body_bytes_sent,'
                        '"status": $status,'
                        '"responsetime":$request_time,'
                        '"upstreamtime":"$upstream_response_time",'
                        '"upstreamaddr":"$upstream_addr",'
                        '"http_user_agent":"$http_user_agent",'
                        '"https":"$https"'
                        '}';
  access_log /dev/stdout main;
  error_log /dev/stderr;
  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-available/*.conf;
  open_file_cache off; # Disabled for issue 619
  charset UTF-8;
}

scripts/nginx/push.sh
請(qǐng)根據(jù)以下中文提示修改

#!/bin/sh
pwd=阿里云登錄密碼
docker login --username=阿里云登錄賬號(hào) -p $pwd registry.cn-hangzhou.aliyuncs.com
docker tag app-nginx:latest registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
docker push registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]


if [ $# -gt 0 ] ; then
  tag=$1
  docker tag app-nginx:latest registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
  docker push registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
fi

scripts/prod-local/app-backend.env
放你項(xiàng)目的env內(nèi)容

scripts/prod-local/docker-compose.yml
請(qǐng)根據(jù)以下中文替換您的信息

version: '2'
services:
  backend:
    image: registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
    env_file: "./app-backend.env"
  cron:
    image: registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
    env_file: "./app-backend.env"
    command: ['cron', '-f']
  worker:
    image: registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
    env_file: "./app-backend.env"
    command: ['/usr/bin/supervisord', '-n', '-c', '/etc/supervisor/supervisord.conf']
  nginx:
    image: registry.cn-hangzhou.aliyuncs.com/命名空間/倉(cāng)庫(kù)名字:[版本號(hào)]
    volumes_from:
      - backend
    depends_on:
      - backend
    ports:
      - "8080:80"

目錄結(jié)構(gòu)其余文件可以不寫(xiě)

構(gòu)建php-fpm鏡像
在dockerfile所在目錄下運(yùn)行

docker build -t  app-backend:latest  .

構(gòu)建nginx鏡像
在scripts中dockerfile所在目錄下運(yùn)行

docker build -t  app-nginx:latest .

docker-comopse.yml 先替換為以下后運(yùn)行

docker-compose up -d --renew-anon-volumes

version: '2'
services:
  backend:
    image: app-backend:latest
    env_file: "./app-backend.env"
  cron:
    image: app-backend:latest
    env_file: "./app-backend.env"
    command: ['cron', '-f']
  worker:
    image: app-backend:latest
    env_file: "./app-backend.env"
    command: ['/usr/bin/supervisord', '-n', '-c', '/etc/supervisor/supervisord.conf']
  nginx:
    image: app-nginx:latest
    volumes_from:
      - backend
    depends_on:
      - backend
    ports:
      - "8888:80"

運(yùn)行出現(xiàn)4個(gè)容器后,在換為第14步的內(nèi)容
運(yùn)行

docker-compose up -d --renew-anon-volumes

推送
在2個(gè)有push.sh的文件目錄下 用powershell打開(kāi) 運(yùn)行
.\push.sh v1.0.0

發(fā)現(xiàn)有bug,在phpstorm里面文件打開(kāi)
改成LF


image.png

教程匆忙,配圖及其他以后更新

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容