目录
2. 获取 Docker Compose LEMP Stack,作为基础配置
部署要求:
- 实现 LEMP栈
- 虚拟主机映射到宿主机,用户一致,读写权限正常
- 实现mariadb数据库数据/日志/配置目录映射,以便持久化
- 实现 nginx / php / mariadb 三者互联,php能扩展更新
- 实现 nginx 域名证书自动续期
- 部署便利化,标准化
目录映射关系如下:
宿主机目录 | 容器内路径 | 备注 |
/data0/Server/Settings/nginx | /etc/nginx/conf.d | nginx配置 |
/data0/Server/Logs/nginx | /var/log/nginx | nginx日志 |
/data0/Server/Tools | /var/server-tools | 站点工具包path |
/data0/Projects | /var/www/html | 项目应用部署目录, 775 owner为 www-data |
/data0/Server/Db/mysql | /var/lib/mysql | 数据库 |
/data0/Server/Logs/mysql | /var/log/mysql | 数据库日志 |
/data0/Server/Settings/php/php.ini | /usr/local/etc/php/php.ini | php.ini |
安装环境:
- Centos7 / Docker 19.03.12
步骤:
0. Docker DNS 设置 (懂?)
Create a /etc/docker/daemon.json
file with this content:
{
"dns": ["8.8.8.8", "8.8.4.4"]
}
and restart the docker service:
sudo service docker restart
src: Post-installation steps for Linux | Docker Documentation
1. 安装Docker Compose
升级到python3后(参考 新装服务器设置Tips(不定期更新)_bennybi的博客-CSDN博客)
pip3 install docker-compose
2. 获取 Docker Compose LEMP Stack,作为基础配置
从https://github.com/stevenliebregt/docker-compose-lemp-stack 获取
cd /data0/gitrepo
git clone https://github.com/stevenliebregt/docker-compose-lemp-stack.git // 签出安装文件
docker-compose up -d // 构建并后台运行里面的服务
3. docker-compose.yml 说明
- 为使得容器内的用户与宿主机用户保持一致 ,需映射宿主机与容器系统的用户文件(不一致的结果会导致访问文件权限问题! 花费不少时间解决这个),即保证容器内运行的用户,预先添加到宿主机用户名单里面,比如www-data
与docker容器中的用户同步
useradd -M -s /sbin/nologin www-data
useradd -M --shell=/bin/false nginx
useradd -M --shell=/bin/false mysql
内容:
version: '3'
services:
nginx:
image: nginx:latest
container_name: ${APP_NAME:?err}-nginx
restart: always
ports:
- '80:80'
- '443:443'
links:
- 'php'
depends_on:
- php
volumes:
- '/data0/Server/Settings/nginx:/etc/nginx/conf.d'
- '/data0/Server/Logs/nginx:/var/log/nginx'
- '/data0/Server/Tools:/var/server-tools'
- '/data0/Projects:/var/www/html'
- '/etc/group:/etc/group:ro'
- '/etc/passwd:/etc/passwd:ro'
- '/etc/shadow:/etc/shadow:ro'
php:
restart: always
build:
context: ./docker
dockerfile: php.Dockerfile
container_name: ${APP_NAME:?err}-php
links:
- 'mariadb'
volumes:
- '/data0/Server/Settings/php/php.ini:/usr/local/etc/php/php.ini'
- '/data0/Projects:/var/www/html'
- '/data0/Server/Tools:/var/server-tools'
- '/etc/group:/etc/group:ro'
- '/etc/passwd:/etc/passwd:ro'
- '/etc/shadow:/etc/shadow:ro'
mariadb:
image: mariadb:10.3.9
container_name: ${APP_NAME:?err}-mariadb
restart: 'on-failure'
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:?err}
ports:
- "3306:3306"
volumes:
- "/data0/Server/Db/mysql:/var/lib/mysql"
- "/data0/Server/Logs/mysql:/var/log/mysql"
- "/data0/Server/Settings/mysql/my.cnf:/etc/mysql/my.cnf"
4. php扩展与build
docker/php.Dockerfile 提供了php rebuild 与扩展机会,为了灵活配置,我把一个默认的php.ini拷贝到容器php配置里面,以方便在docker-compose.yml随时映射更新, 如下:
FROM php:7.2-fpm
RUN apt-get update && \
apt-get install -y git zip libwebp-dev libjpeg-dev libpng-dev libfreetype6-dev
RUN curl --silent --show-error https://getcomposer.org/installer | php && \
mv composer.phar /usr/local/bin/composer
RUN docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/ && \
docker-php-ext-install mysqli -j$(nproc) gd
COPY ./php.ini /usr/local/etc/php/php.ini
5. nginx相关
nginx.conf
server {
index index.php index.html;
server_name localhost;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html;
location / {
try_files $uri $uri/ /index.php$is_args$query_string;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
include /etc/nginx/conf.d/vhost/*.conf;
强制跳转设置, 访问xxx.com转向www.xxx.com
server {
listen 80;
listen [::]:80;
server_name www.xxx.com xxx.com;
if ($host != 'www.xxx.com') {
rewrite ^/(.*)$ https://www.xxx.com/$1 permanent;
}
...
一个vhost配置文件: vhost/ts025.conf
server {
listen 80;
listen 443;
listen [::]:80;
server_name ts025.dev.com;
client_max_body_size 50M;
keepalive_timeout 5;
set $host_path "/var/www/html/ts025/web";
access_log /var/log/nginx/ts025.log main;
error_log /var/log/nginx/ts025.error.log;
charset utf-8;
root $host_path;
index index.html index.htm index.php;
try_files $uri $uri/ @rewrite;
location @rewrite {
rewrite ^/(.*)$ /index.php?_url=/$1;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass php:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location = /sitemap.xml {
rewrite ^(.*)$ /index.php?route=feed/google_sitemap break;
}
location ~ .*\.(eot|ttf|ttc|otf|eot|woff|woff2|svg)(.*) {
add_header Access-Control-Allow-Origin * ;
}
location = /googlebase.xml {
rewrite ^(.*)$ /index.php?route=feed/google_base break;
}
#include agent_deny.def;
}
6 Docker相关命令
运行命令:
docker-compose up -d [service] // 后台方式唤起各个定义好的服务
docker-compose stop [service] // 停止服务
docker-compose rm [service] // 删除服务
docker-compose build --no-cache [service] // 重build服务,比如php
docker-compose -f {path}/docker-compose.yml ps //查看运行中的服务
docker ps
docker exec -it {name} bash //进入服务容器
docker logs {容器name} // 获取容器运行日志
docker stats [CONTAINER_NAME] // 性能监测
or
docker-compose -f /data0/Server/Settings/lemp/docker-compose.yml --env-file /data0/Server/Settings/lemp/.env up -d
7 其他
- 如果需用ps查看容器内的进程,进入容器内运行:
apt-get update && apt-get install procps
- 如果在docker-compose.yml 改变了镜像端口,需rm 容器后再start才起效。
参考:
- Docker入门之docker-compose - minseo - 博客园 docker-compose 命令