目录
4.3 准备 php.ini、php-fpm.conf、www.conf 配置文件
前言
在 Docker 上搭建 LNMP 架构(Linux + Nginx + MySQL + PHP)是一种常见的做法,可以通过容器化技术轻松地部署和管理整个 Web 应用程序的运行环境
- Linux:作为操作系统,提供了稳定的运行环境
- Nginx:作为Web服务器,具有高性能和高并发处理能力,可以作为反向代理服务器,负责接收用户的请求并将请求转发给后端的应用服务器
- MySQL:作为关系型数据库,提供了数据存储和管理的功能
- PHP(或Python、Perl):作为服务器端脚本语言,用于处理用户的请求,生成动态的网页内容
1、任务要求
任务说明:需要使用 Docker 技术在一台主机上创建LNMP服务并运行Wordpress网站平台,然后对此服务进行相关的性能调优和管理工作
| 宿主机 | 操作系统 | IP地址 | 主要软件 | 配置要求 |
| Docker | CentOS 7 | 10.4.7.11 | Docker 26.1.4 | 4核8G以上 |
| 容器 | 操作系统 | IP地址 | 主要软件 |
| nginx | CentOS 7 | 172.20.0.10 | Docker-Nginx |
| mysql | CentOS 7 | 172.20.0.20 | Docker-Mysql |
| php | CentOS 7 | 172.20.0.30 | Docker-php |
- 使用 Docker 构建 LNMP 环境并运行 Wordpress 网站平台
- 限制 Nginx 容器最多使用 500MB 的内存和 1G 的 Swap
- 限制 Mysql 容器写 /dev/sda 的速率为 10 MB/s
- 将所有容器进行快照,然后将 Docker 镜像打包成 tar 包备份到本地
1.1 关闭防火墙和核心防护
命令示例:关闭所有设备防火墙和临时防护
systemctl disable --now firewalld
setenforce 0输出结果:
[root@MineGi ~]# systemctl disable --now firewalld
[root@MineGi ~]# setenforce 0
setenforce: SELinux is disabled
[root@MineGi ~]# 
1.2 自定义网络docker1
命令示例:
docker network create --subnet=172.20.0.0/16 --opt "com.docker.network.bridge.name"="docker1" mynetwork
ifconfig docker1输出结果:
[root@MineGi ~]# docker network create --subnet=172.20.0.0/16 --opt "com.docker.network.bridge.name"="docker1" mynetwork
94e730cea05895488461456ed393da6f28be848b096a7e49abd3093e80fbca4c
[root@MineGi ~]# ifconfig docker1
docker1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.20.0.1 netmask 255.255.0.0 broadcast 172.20.255.255
ether 02:42:0a:bd:6d:a4 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@MineGi ~]# 
1.3 所有安装包下载
【lnmp:百度网盘】
命令示例:
wget https://cdn.mysql.com//archives/mysql-5.7/mysql-boost-5.7.20.tar.gz
wget http://nginx.org/download/nginx-1.12.0.tar.gz
wget https://www.php.net/distributions/php-7.1.10.tar.bz2
wget https://cn.wordpress.org/wordpress-4.9.4-zh_CN.tar.gz
ll
ls -lh输出结果:
[root@MineGi ~]# wget -q https://cdn.mysql.com//archives/mysql-5.7/mysql-boost-5.7.20.tar.gz
[root@MineGi ~]# wget -q http://nginx.org/download/nginx-1.12.0.tar.gz
[root@MineGi ~]# wget -q https://www.php.net/distributions/php-7.1.10.tar.bz2
[root@MineGi ~]# wget -q https://cn.wordpress.org/wordpress-4.9.4-zh_CN.tar.gz
[root@MineGi ~]# ll
总用量 72240
-rw-r--r-- 1 root root 48833145 9月 13 2017 mysql-boost-5.7.20.tar.gz
-rw-r--r-- 1 root root 980831 4月 12 2017 nginx-1.12.0.tar.gz
-rw-r--r-- 1 root root 15069098 2月 8 2024 php-7.1.10.tar.bz2
-rw-r--r-- 1 root root 9082696 2月 8 2018 wordpress-4.9.4-zh_CN.tar.gz
[root@MineGi ~]# ls -lh
总用量 71M
-rw-r--r-- 1 root root 47M 9月 13 2017 mysql-boost-5.7.20.tar.gz
-rw-r--r-- 1 root root 958K 4月 12 2017 nginx-1.12.0.tar.gz
-rw-r--r-- 1 root root 15M 2月 8 2024 php-7.1.10.tar.bz2
-rw-r--r-- 1 root root 8.7M 2月 8 2018 wordpress-4.9.4-zh_CN.tar.gz
[root@MineGi ~]# 
2、Nginx 镜像创建
2.1 建立工作目录并上传相关安装包
命令示例:
mkdir -p /opt/lnmp/nginx/html
mv nginx-1.12.0.tar.gz /opt/lnmp/nginx/
tar xf wordpress-4.9.4-zh_CN.tar.gz -C /opt/lnmp/nginx/html/
ls /opt/lnmp/nginx/html/
输出结果:
[root@MineGi ~]# mkdir -p /opt/lnmp/nginx/html
[root@MineGi ~]# mv nginx-1.12.0.tar.gz /opt/lnmp/nginx/
[root@MineGi ~]# tar xf wordpress-4.9.4-zh_CN.tar.gz -C /opt/lnmp/nginx/html/
[root@MineGi ~]# ls /opt/lnmp/nginx/html/
wordpress
[root@MineGi ~]#
2.2 编写 Nginx Dockerfile 脚本
命令示例:
cat >/opt/lnmp/nginx/Dockerfile <<'eof'
FROM centos:7
MAINTAINER this is nginx image <lnmp>
RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && \
yum -y install pcre-devel zlib-devel gcc gcc-c++ make && yum clean all && \
useradd -M -s /sbin/nologin nginx
ADD nginx-1.12.0.tar.gz /usr/local/src/
ADD nginx.conf /usr/local/nginx/conf/
WORKDIR /usr/local/src/nginx-1.12.0
RUN ./configure --prefix=/usr/local/nginx \
--user=nginx \--group=nginx --with-http_stub_status_module && \
make -j 4 && make install && \
rm -rf /usr/local/src/nginx-1.12.0 && \
chmod 777 -R /usr/local/nginx/html/
ENV PATH /usr/local/nginx/sbin:$PATH
EXPOSE 80
EXPOSE 443
VOLUME [ "/usr/local/nginx/html/" ]
CMD [ "/usr/local/nginx/sbin/nginx","-g","daemon off;" ]
eof输出结果:
[root@MineGi ~]# cat >/opt/lnmp/nginx/Dockerfile <<'eof'
> FROM centos:7
> MAINTAINER this is nginx image <lnmp>
> RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && \
> yum -y install pcre-devel zlib-devel gcc gcc-c++ make && yum clean all && \
> useradd -M -s /sbin/nologin nginx
> ADD nginx-1.12.0.tar.gz /usr/local/src/
> ADD nginx.conf /usr/local/nginx/conf/
> WORKDIR /usr/local/src/nginx-1.12.0
> RUN ./configure --prefix=/usr/local/nginx \
> --user=nginx \--group=nginx --with-http_stub_status_module && \
> make -j 4 && make install && \
> rm -rf /usr/local/src/nginx-1.12.0 && \
> chmod 777 -R /usr/local/nginx/html/
> ENV PATH /usr/local/nginx/sbin:$PATH
> EXPOSE 80
> EXPOSE 443
> VOLUME [ "/usr/local/nginx/html/" ]
> CMD [ "/usr/local/nginx/sbin/nginx","-g","daemon off;" ]
> eof
[root@MineGi ~]#
2.3 准备 nginx.conf 配置文件
命令示例:
cat >/opt/lnmp/nginx/nginx.conf <<'eof'
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
charset utf-8;
location / {
root html;
index index.html index.php;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root html;
fastcgi_pass 172.20.0.30:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
include fastcgi_params;
}
}
}
eof输出结果:
[root@MineGi ~]# cat >/opt/lnmp/nginx/nginx.conf <<'eof'
> worker_processes 1;
> events {
> worker_connections 1024;
> }
> http {
> include mime.types;
> default_type application/octet-stream;
> sendfile on;
> keepalive_timeout 65;
> server {
> listen 80;
> server_name localhost;
> charset utf-8;
> location / {
> root html;
> index index.html index.php;
> }
> error_page 500 502 503 504 /50x.html;
> location = /50x.html {
> root html;
> }
> location ~ \.php$ {
> root html;
> fastcgi_pass 172.20.0.30:9000;
> fastcgi_index index.php;
> fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name;
> include fastcgi_params;
> }
> }
> }
> eof
[root@MineGi ~]#
2.4 生成镜像
docker build -t nginx:lnmp .
# -t 参数用于指定构建镜像的名称及标签
# . 就是指示Docker在当前目录中查找名为Dockerfile的文件,并以此文件作为构建镜像的基础
docker images #查看所有镜像命令示例:
cd /opt/lnmp/nginx/;ls
docker build -t nginx-lnmp:v1 .
docker images |grep nginx-lnmp输出结果:
[root@MineGi ~]# cd /opt/lnmp/nginx/;ls
Dockerfile html nginx-1.12.0.tar.gz nginx.conf
[root@MineGi nginx]# docker build -t nginx-lnmp:v1 .
[+] Building 85.8s (11/11) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 804B 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> CACHED [1/6] FROM docker.io/library/centos:7 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 981.89kB 0.0s
=> [2/6] RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && yum -y i 58.7s
=> [3/6] ADD nginx-1.12.0.tar.gz /usr/local/src/ 0.2s
=> [4/6] ADD nginx.conf /usr/local/nginx/conf/ 0.0s
=> [5/6] WORKDIR /usr/local/src/nginx-1.12.0 0.0s
=> [6/6] RUN ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module && 25.7s
=> exporting to image 1.0s
=> => exporting layers 1.0s
=> => writing image sha256:f1ea01896901660542579e26040b00db8faa395869169fdbd5dafbf847b3be82 0.0s
=> => naming to docker.io/library/nginx-lnmp:v1 0.0s
[root@MineGi nginx]# docker images |grep nginx-lnmp
nginx-lnmp v1 f1ea01896901 18 seconds ago 336MB
[root@MineGi nginx]#
2.5 创建 Nginx 镜像的容器
docker run -d --name nginx -p 80:80 -v /opt/lnmp/nginx/html:/usr/local/nginx/html -m 500m --memory-swap 1g --net mynetwork --ip 172.20.0.10 nginx:lnmp
#docker run: 运行一个新的容器
#-d: 在后台运行容器
#--name nginx: 为容器指定一个名称为 nginx
#-p 80:80: 将容器的 80 端口映射到主机的 80 端口,允许通过主机的 80 端口访问容器内的服务
#-v /opt/lnmp/nginx/html:/usr/local/nginx/html: 将主机的 /opt/lnmp/nginx/html 目录挂载到容器内的 /usr/local/nginx/html 目录,实现主机和容器之间的文件共享
#-m 500m: 限制容器的内存使用为 500MB
#--memory-swap 1g: 设置容器的内存加交换空间的上限为 1GB
#--net mynetwork: 连接容器到名为 mynetwork 的网络
#--ip 172.20.0.10: 为容器分配 IP 地址为 172.20.0.10
#nginx:lnmp: 使用 nginx:lnmp 镜像来创建容器
docker ps -a #查看所有的容器
docker inspect nginx #查看nginx容器的ip地址等信息命令示例:
docker run -d \
--name nginx -p 80:80 \
-v /opt/lnmp/nginx/html:/usr/local/nginx/html \
-m 500m --memory-swap 1g --net mynetwork --ip 172.20.0.10 nginx-lnmp:v1
docker ps -a
docker inspect -f '{{.NetworkSettings.Networks.mynetwork.IPAddress}}' nginx
输出结果:
[root@MineGi nginx]# docker run -d \
> --name nginx -p 80:80 \
> -v /opt/lnmp/nginx/html:/usr/local/nginx/html \
> -m 500m --memory-swap 1g --net mynetwork --ip 172.20.0.10 nginx-lnmp:v1
37a64f5100f6ef41fb05d7aada3b47f5c4b076ca182010532537e6a9375d5f8b
[root@MineGi nginx]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
37a64f5100f6 nginx-lnmp:v1 "/usr/local/nginx/sb…" 5 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp nginx
[root@MineGi nginx]# docker inspect -f '{{.NetworkSettings.Networks.mynetwork.IPAddress}}' nginx
172.20.0.10
[root@MineGi nginx]# 
#如果有网络报错提示
[Warning] IPv4 forwarding is disabled. Networking will not work.
解决方法:
vim /etc/sysctl.conf
net.ipv4.ip_forward=1
sysctl -p
systemctl restart network
systemctl restart docker2.6 验证nginx服务
命令示例:
echo "welcome to my world" |tee /opt/lnmp/nginx/html/index.html
curl 10.4.7.11输出结果:
[root@MineGi nginx]# echo "welcome to my world" |tee /opt/lnmp/nginx/html/index.html
welcome to my world
[root@MineGi nginx]# curl 10.4.7.11
welcome to my world
[root@MineGi nginx]#
3、Mysql 镜像创建
3.1 建立工作目录并上传相关安装包
命令示例:
mkdir -p /opt/lnmp/mysql
cd !$
mv ~/mysql-boost-5.7.20.tar.gz .输出结果:
[root@MineGi nginx]# mkdir -p /opt/lnmp/mysql
[root@MineGi nginx]# cd !$
cd /opt/lnmp/mysql
[root@MineGi mysql]# mv ~/mysql-boost-5.7.20.tar.gz .
[root@MineGi mysql]#
3.2 编写 Mysql Dockerfile 脚本
命令示例:
cat >Dockerfile <<'eof'
FROM centos:7
MAINTAINER this is mysql image <lnmp>
RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && \
yum -y install gcc gcc-c++ ncurses ncurses-devel bison cmake make && yum clean all
ADD mysql-boost-5.7.20.tar.gz /usr/local/src/
WORKDIR /usr/local/src/mysql-5.7.20/
RUN cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock -DSYSCONFDIR=/etc -DSYSTEMD_PID_DIR=/usr/local/mysql \
-DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_ARCHIVE_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
-DWITH_BOOST=boost -DWITH_SYSTEMD=1 && make -j 4 && make install
ADD my.cnf /etc/
WORKDIR /usr/local/mysql
ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
RUN useradd -M -s /sbin/nologin mysql && \
rm -rf /usr/local/src/mysql-5.7.20/ && \
chown mysql:mysql /etc/my.cnf && \
chown -R mysql:mysql /usr/local/mysql/ && \
/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data
EXPOSE 3306
CMD ["/usr/local/mysql/bin/mysqld"]
eof输出结果:
[root@MineGi mysql]# cat >Dockerfile <<'eof'
> FROM centos:7
> MAINTAINER this is mysql image <lnmp>
> RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && \
> yum -y install gcc gcc-c++ ncurses ncurses-devel bison cmake make && yum clean all
> ADD mysql-boost-5.7.20.tar.gz /usr/local/src/
> WORKDIR /usr/local/src/mysql-5.7.20/
> RUN cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data \
> -DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock -DSYSCONFDIR=/etc -DSYSTEMD_PID_DIR=/usr/local/mysql \
> -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_INNOBASE_STORAGE_ENGINE=1 \
> -DWITH_ARCHIVE_STORAGE_ENGINE=1 -DWITH_BLACKHOLE_STORAGE_ENGINE=1 -DWITH_PERFSCHEMA_STORAGE_ENGINE=1 \
> -DWITH_BOOST=boost -DWITH_SYSTEMD=1 && make -j 4 && make install
> ADD my.cnf /etc/
> WORKDIR /usr/local/mysql
> ENV PATH=/usr/local/mysql/bin:/usr/local/mysql/lib:$PATH
> RUN useradd -M -s /sbin/nologin mysql && \
> rm -rf /usr/local/src/mysql-5.7.20/ && \
> chown mysql:mysql /etc/my.cnf && \
> chown -R mysql:mysql /usr/local/mysql/ && \
> /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data> EXPOSE 3306
> CMD ["/usr/local/mysql/bin/mysqld"]
> eof
[root@MineGi mysql]# 
3.3 编写 my.cnf 配置文件
命令示例:
cat >my.cnf <<'eof'
[client]
port = 3306
socket = /usr/local/mysql/mysql.sock
[mysql]
port = 3306
socket = /usr/local/mysql/mysql.sock
[mysqld]
user = mysql
basedir = /usr/local/mysql
datadir = /usr/local/mysql/data
port = 3306
character_set_server=utf8
pid-file = /usr/local/mysql/mysqld.pid
socket = /usr/local/mysql/mysql.sock
server-id = 1
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
eof输出结果:
[root@MineGi mysql]# cat >my.cnf <<'eof'
> [client]
> port = 3306
> socket = /usr/local/mysql/mysql.sock
>
> [mysql]
> port = 3306
> socket = /usr/local/mysql/mysql.sock
>
> [mysqld]
> user = mysql
> basedir = /usr/local/mysql
> datadir = /usr/local/mysql/data
> port = 3306
> character_set_server=utf8
> pid-file = /usr/local/mysql/mysqld.pid
> socket = /usr/local/mysql/mysql.sock
> server-id = 1
>
> sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,PIPES_AS_CONCAT,ANSI_QUOTES
> eof
[root@MineGi mysql]#
3.4 生成镜像
docker build -t mysql:lnmp .
# -t 参数用于指定构建镜像的名称及标签
# . 就是指示Docker在当前目录中查找名为Dockerfile的文件,并以此文件作为构建镜像的基础
docker images #查看所有镜像命令示例:
ls
docker build -t mysql-lnmp:v1 .
docker images |grep mysql-lnmp输出结果:
[root@MineGi mysql]# ls
Dockerfile my.cnf mysql-boost-5.7.20.tar.gz
[root@MineGi mysql]# docker build -t mysql-lnmp:v1 .
[+] Building 1624.6s (13/13) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 1.28kB 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/8] FROM docker.io/library/centos:7 0.0s
=> [internal] load build context 0.5s
=> => transferring context: 48.85MB 0.5s
=> [2/8] RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && yum -y i 61.7s
=> [3/8] ADD mysql-boost-5.7.20.tar.gz /usr/local/src/ 9.1s
=> [4/8] WORKDIR /usr/local/src/mysql-5.7.20/ 0.0s
=> [5/8] RUN cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DMYSQL_UNIX_AD 1476.3s
=> [6/8] ADD my.cnf /etc/ 0.0s
=> [7/8] WORKDIR /usr/local/mysql 0.0s
=> [8/8] RUN useradd -M -s /sbin/nologin mysql && rm -rf /usr/local/src/mysql-5.7.20/ && chown mysql:mysql /et 27.1s
=> exporting to image 50.2s
=> => exporting layers 50.1s
=> => writing image sha256:f24afa726fdc63124622876e113247df2ef39b0ae8a6e04d4eb3370323807cb7 0.0s
=> => naming to docker.io/library/mysql-lnmp:v1 0.0s
[root@MineGi mysql]# docker images |grep mysql-lnmp
mysql-lnmp v1 f24afa726fdc About a minute ago 9.86GB
[root@MineGi mysql]# 
3.5 创建 Mysql 镜像的容器
docker run --name=mysql -d --privileged --device-write-bps /dev/sda:10M -v /usr/local/mysql --net mynetwork --ip 172.20.0.20 mysql:lnmp
#docker run: 运行一个新的容器
#--name=mysql: 为容器指定一个名称为 mysql
#-d: 在后台运行容器
#--privileged: 给容器赋予特权,即容器内的进程可以获得访问主机的权限
#--device-write-bps /dev/sda:10M: 限制容器对指定设备 /dev/sda 的写入速率为 10MB/s
#-v /usr/local/mysql: 挂载主机的 /usr/local/mysql 目录到容器内的相同路径,实现主机和容器之间的文件共享
#--net mynetwork: 连接容器到名为 mynetwork 的网络
#--ip 172.20.0.20: 为容器分配 IP 地址为 172.20.0.20
#mysql:lnmp: 使用 mysql:lnmp 镜像来创建容器
docker ps -a #查看所有的容器
docker inspect mysql #查看mysql容器的ip地址等信息命令示例:
docker run -d \
--name=mysql --privileged --device-write-bps /dev/sda:10M \
-v /usr/local/mysql --net mynetwork --ip 172.20.0.20 mysql-lnmp:v1
docker ps -a
docker inspect -f '{{.NetworkSettings.Networks.mynetwork.IPAddress}}' mysql输出结果:
[root@MineGi mysql]# docker run -d \
> --name=mysql --privileged --device-write-bps /dev/sda:10M \
> -v /usr/local/mysql --net mynetwork --ip 172.20.0.20 mysql-lnmp:v1
4e2a395a1727ce4e34a4e7a7bef63dd539fd3ccd18de52d0aee254178b7d9a12
[root@MineGi mysql]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4e2a395a1727 mysql-lnmp:v1 "/usr/local/mysql/bi…" 13 seconds ago Up 3 seconds 3306/tcp mysql
37a64f5100f6 nginx-lnmp:v1 "/usr/local/nginx/sb…" 2 hours ago Up 24 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp nginx
[root@MineGi mysql]# docker inspect -f '{{.NetworkSettings.Networks.mynetwork.IPAddress}}' mysql
172.20.0.20
[root@MineGi mysql]# 
4、PHP 镜像创建
4.1 建立工作目录并上传相关安装包
命令示例:
mkdir -p /opt/lnmp/php
cd !$
mv /root/php-7.1.10.tar.bz2 .输出结果:
[root@MineGi mysql]# mkdir -p /opt/lnmp/php
[root@MineGi mysql]# cd !$
cd /opt/lnmp/php
[root@MineGi php]# mv /root/php-7.1.10.tar.bz2 .
[root@MineGi php]#
4.2 编写 PHP Dockerfile 脚本
命令示例:
cat >Dockerfile <<'eof'
FROM centos:7
MAINTAINER this is php image <lnmp>
RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && \
yum -y install gd libjpeg libjpeg-devel libpng libpng-devel gcc gcc-c++ make pcre-devel \
freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel curl curl-devel openssl openssl-devel && \
useradd -M -s /sbin/nologin nginx && yum clean all
ADD php-7.1.10.tar.bz2 /usr/local/src/
WORKDIR /usr/local/src/php-7.1.10
RUN ./configure --prefix=/usr/local/php --with-mysql-sock=/usr/local/mysql/mysql.sock \
--with-mysqli --with-zlib --with-curl --with-gd --with-jpeg-dir --with-png-dir \
--enable-session --enable-ftp --enable-pdo --with-freetype-dir --with-openssl --enable-fpm \
--enable-mbstring --enable-xml --enable-tokenizer --enable-zip && make -j 4 && make install
ENV PATH /usr/local/php/bin:/usr/local/php/sbin:$PATH
ADD php.ini /usr/local/php/lib/
ADD php-fpm.conf /usr/local/php/etc/
ADD www.conf /usr/local/php/etc/php-fpm.d/
EXPOSE 9000
ENTRYPOINT [ "/usr/local/php/sbin/php-fpm", "-F" ]
eof输出结果:
[root@MineGi php]# cat >Dockerfile <<'eof'
> FROM centos:7
> MAINTAINER this is php image <lnmp>
> RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && \
> yum -y install gd libjpeg libjpeg-devel libpng libpng-devel gcc gcc-c++ make pcre-devel \
> freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel curl curl-devel openssl openssl-devel && \
> useradd -M -s /sbin/nologin nginx && yum clean all
> ADD php-7.1.10.tar.bz2 /usr/local/src/
> WORKDIR /usr/local/src/php-7.1.10
> RUN ./configure --prefix=/usr/local/php --with-mysql-sock=/usr/local/mysql/mysql.sock \
> --with-mysqli --with-zlib --with-curl --with-gd --with-jpeg-dir --with-png-dir \
> --enable-session --enable-ftp --enable-pdo --with-freetype-dir --with-openssl --enable-fpm \
> --enable-mbstring --enable-xml --enable-tokenizer --enable-zip && make -j 4 && make install
> ENV PATH /usr/local/php/bin:/usr/local/php/sbin:$PATH
> ADD php.ini /usr/local/php/lib/
> ADD php-fpm.conf /usr/local/php/etc/
> ADD www.conf /usr/local/php/etc/php-fpm.d/
> EXPOSE 9000
> ENTRYPOINT [ "/usr/local/php/sbin/php-fpm", "-F" ]
> eof
[root@MineGi php]#
4.3 准备 php.ini、php-fpm.conf、www.conf 配置文件
4.3.1 准备 php.ini 配置文件
情况说明:该配置文件模板位于安装目录的 php-7.1.10/php.ini-development 位置
vim php.ini
#第939行,取消注释,修改
date.timezone = Asia/Shanghai
#第1170行,修改
mysqli.default_socket = /usr/local/mysql/mysql.sock命令示例:
yum install -y bzip2
tar xjf php-7.1.10.tar.bz2
cp php-7.1.10/php.ini-development php.ini
grep "mysqli.default_socket =" php.ini
grep "date.timezone" php.ini
sed -i -e 's#mysqli.default_socket =#& /usr/local/mysql/mysql.sock'# \
-e '/;date.timezone =/a\date.timezone = Asia/Shanghai' php.ini
grep "mysqli.default_socket =" php.ini
grep "date.timezone" php.ini输出结果:
[root@MineGi php]# yum install -y -q bzip2
软件包 bzip2-1.0.6-13.el7.x86_64 已安装并且是最新版本
[root@MineGi php]# tar xjf php-7.1.10.tar.bz2
[root@MineGi php]# cp php-7.1.10/php.ini-development php.ini
[root@MineGi php]# grep "mysqli.default_socket =" php.ini
mysqli.default_socket =
[root@MineGi php]# grep "date.timezone" php.ini
; http://php.net/date.timezone
;date.timezone =
[root@MineGi php]# sed -i -e 's#mysqli.default_socket =#& /usr/local/mysql/mysql.sock'# \
> -e '/;date.timezone =/a\date.timezone = Asia/Shanghai' php.ini
[root@MineGi php]# grep "mysqli.default_socket =" php.ini
mysqli.default_socket = /usr/local/mysql/mysql.sock
[root@MineGi php]# grep "date.timezone" php.ini
; http://php.net/date.timezone
;date.timezone =
date.timezone = Asia/Shanghai
[root@MineGi php]# 
4.3.2 准备 php-fpm.conf 配置文件
情况说明:该配置文件位于 /usr/local/php/etc/php-fpm.conf.default
vim php-fpm.conf
#第17行,删除注释符号“;”
pid = run/php-fpm.pid命令示例:
[root@MineGi php]# cat >php-fpm.conf <<'eof'
> [global]
> pid = run/php-fpm.pid
> include=/usr/local/php/etc/php-fpm.d/*.conf
> eof
[root@MineGi php]#输出结果:
[root@MineGi php]# cat >php-fpm.conf <<'eof'
> [global]
> pid = run/php-fpm.pid
> include=/usr/local/php/etc/php-fpm.d/*.conf
> eof
[root@MineGi php]#
4.3.3 准备 www.conf 配置文件
情况说明:该配置文件位于 usr/local/php/etc/php-fpm.d/www.conf.default
vim www.conf
#第23、24行,修改用户和组
user = nginx
group = nginx
#第36行,修改监听IP和端口为容器IP:9000端口
listen = 172.20.0.30:9000
#第62行,修改被允许监听的客户端容器地址为回环地址和nginx容器地址
listen.allowed_clients = 127.0.0.1,172.20.0.10命令示例:
cat >www.conf <<'eof'
[www]
user = nginx
group = nginx
listen = 172.20.0.30:9000
listen.allowed_clients = 127.0.0.1,172.20.0.10
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
eof输出结果:
[root@MineGi php]# cat >www.conf <<'eof'
> [www]
> user = nginx
> group = nginx
> listen = 172.20.0.30:9000
> listen.allowed_clients = 127.0.0.1,172.20.0.10
> pm = dynamic
> pm.max_children = 5
> pm.start_servers = 2
> pm.min_spare_servers = 1
> pm.max_spare_servers = 3
> eof
[root@MineGi php]# 
4.4 生成镜像
docker build -t php:lnmp .
# -t 参数用于指定构建镜像的名称及标签
# . 就是指示Docker在当前目录中查找名为Dockerfile的文件,并以此文件作为构建镜像的基础
docker images #查看所有镜像命令示例:
ls
docker build -t php-lnmp:v1 .
docker images |grep php-lnmp输出结果:
[root@MineGi php]# ls
Dockerfile php-7.1.10 php-7.1.10.tar.bz2 php-fpm.conf php.ini www.conf
[root@MineGi php]# docker build -t php-lnmp:v1 .
[+] Building 962.5s (13/13) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 1.12kB 0.0s
=> [internal] load metadata for docker.io/library/centos:7 0.0s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/8] FROM docker.io/library/centos:7 0.0s
=> [internal] load build context 0.2s
=> => transferring context: 15.14MB 0.1s
=> [2/8] RUN curl -s -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo && yum -y i 98.4s
=> [3/8] ADD php-7.1.10.tar.bz2 /usr/local/src/ 13.1s
=> [4/8] WORKDIR /usr/local/src/php-7.1.10 1.9s
=> [5/8] RUN ./configure --prefix=/usr/local/php --with-mysql-sock=/usr/local/mysql/mysql.sock --with-mysqli --wi 843.2s
=> [6/8] ADD php.ini /usr/local/php/lib/ 0.2s
=> [7/8] ADD php-fpm.conf /usr/local/php/etc/ 0.2s
=> [8/8] ADD www.conf /usr/local/php/etc/php-fpm.d/ 0.2s
=> exporting to image 4.9s
=> => exporting layers 4.8s
=> => writing image sha256:d61fd605272454d4b249777345a7a1d6696760d0c1d394dbc1d720d380dd698c 0.0s
=> => naming to docker.io/library/php-lnmp:v1 0.0s
[root@MineGi php]# docker images |grep php-lnmp
php-lnmp v1 d61fd6052724 5 minutes ago 965MB
[root@MineGi php]#
4.5 创建该镜像的容器
docker run --name=php -d -p 9000:9000 --volumes-from mysql --volumes-from nginx --net mynetwork --ip 172.20.0.30 php:lnmp
#docker run: 运行一个新的容器
#--name=php: 为容器指定一个名称为 php
#-d: 在后台运行容器
#-p 9000:9000: 将容器的 9000 端口映射到主机的 9000 端口,允许通过主机的 9000 端口访问容器内的服务
#--volumes-from mysql: 将容器 mysql 的数据卷挂载到当前容器中,实现数据共享
#--volumes-from nginx: 将容器 nginx 的数据卷挂载到当前容器中,实现数据共享
#--net mynetwork: 连接容器到名为 mynetwork 的网络
#--ip 172.20.0.30: 为容器分配 IP 地址为 172.20.0.30
#php:lnmp: 使用 php:lnmp 镜像来创建容器
docker ps -a #查看所有的容器命令示例:
docker run --name=php -d -p 9000:9000 \
--volumes-from mysql --volumes-from nginx \
--net mynetwork --ip 172.20.0.30 php-lnmp:v1
docker ps -a
docker inspect -f '{{.NetworkSettings.Networks.mynetwork.IPAddress}}' php
输出结果:
[root@MineGi php]# docker run --name=php -d -p 9000:9000 \
> --volumes-from mysql --volumes-from nginx \
> --net mynetwork --ip 172.20.0.30 php-lnmp:v1
3534665d89413565ab761c309e93c70694268422b0d1a7ed3dc1db798b357ea3
[root@MineGi php]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3534665d8941 php-lnmp:v1 "/usr/local/php/sbin…" 5 seconds ago Up 4 seconds 0.0.0.0:9000->9000/tcp, :::9000->9000/tcp php
4e2a395a1727 mysql-lnmp:v1 "/usr/local/mysql/bi…" About a minute ago Up About a minute 3306/tcp mysql
37a64f5100f6 nginx-lnmp:v1 "/usr/local/nginx/sb…" 2 hours ago Up About a minute 0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp nginx
[root@MineGi php]# docker inspect -f '{{.NetworkSettings.Networks.mynetwork.IPAddress}}' php
172.20.0.30
[root@MineGi php]#
4.6 验证 PHP
#进入到 php 容器中
docker exec -it php bash
ps -aux命令示例:
docker exec -it php bash
ps -aux
exit输出结果:
[root@MineGi php]# docker exec -it php bash
[root@3534665d8941 php-7.1.10]# ps -aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.2 0.0 113028 7520 ? Ss 03:47 0:00 php-fpm: master process (/usr/local/php/etc/php-fpm.conf)
nginx 7 0.0 0.0 113028 3772 ? S 03:47 0:00 php-fpm: pool www
nginx 8 0.0 0.0 113028 3772 ? S 03:47 0:00 php-fpm: pool www
root 9 1.2 0.0 11828 1892 pts/0 Ss 03:48 0:00 bash
root 23 0.0 0.0 51732 1724 pts/0 R+ 03:48 0:00 ps -aux
[root@3534665d8941 php-7.1.10]# exit
exit
[root@MineGi php]#
5、启动 wordpress 服务
5.1 mysql 授权
docker exec -it mysql /bin/bash #进入到 mysql 容器内
mysql -u root -p
Enter password:
#初始密码为空,回车即可
create database wordpress;
#创建wordpress数据库
grant all privileges on wordpress.* to 'wordpress'@'%' identified by '123456';
#授予一个名为 wordpress 的数据库中的用户 wordpress 在任何主机上('%')的所有权限,并使用密码 123456 进行身份验证
#将所有权限授予用户 wordpress,允许其从任何主机连接到 wordpress 数据库,并使用密码 123456 进行身份验证
grant all privileges on *.* to 'root'@'%' identified by 'abc123';
#授予用户名为 root,从任何主机连接到 MySQL 数据库服务器的用户,对所有数据库中的所有表具有全部权限,并设置密码为 abc123
#这样的设置允许用户 root 从任何地方以密码 abc123 连接到 MySQL 数据库,并具有对所有数据库的全部权限
flush privileges;
#刷新权限
exit #退出 mysql 数据库
exit #退出 mysql 容器命令示例:
docker exec -it mysql /bin/bash
mysql -u root -p
create database wordpress;
grant all privileges on wordpress.* to 'wordpress'@'%' identified by '123456';
grant all privileges on *.* to 'root'@'%' identified by 'abc123';
flush privileges;
exit
exit
输出结果:
[root@MineGi php]# docker exec -it mysql /bin/bash
[root@4e2a395a1727 mysql]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.7.20 Source distribution
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)
mysql> grant all privileges on wordpress.* to 'wordpress'@'%' identified by '123456';
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> grant all privileges on *.* to 'root'@'%' identified by 'abc123';
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> exit
Bye
[root@4e2a395a1727 mysql]# exit
exit
[root@MineGi php]#
5.2 浏览器访问安装 wordpress
浏览器访问
http://10.4.7.11/wordpress/index.php
报错页面:
解决方法:
cd /opt/lnmp/nginx/html/wordpress #切换目录
cp wp-config-sample.php wp-config.php #手动创建wp-config.php文件
vim wp-config.php
#第23行,将'database_name_here'改为'wordpress'
define('DB_NAME', 'wordpress');
#第26行,将'username_here'改为'wordpress'
define('DB_USER', 'wordpress');
#第29行,将'password_here'改为'123456'
define('DB_PASSWORD', '123456');
systemctl restart docker #重启docker服务
docker start nginx;docker start mysql;docker start php #重启docker容器
docker ps #查看当前正在运行中的容器,必须得有nginx、mysql、php命令示例:
ls /opt/lnmp/nginx/html/wordpress/wp-config-sample.php
cp -a /opt/lnmp/nginx/html/wordpress/{wp-config-sample.php,wp-config.php}
ll /opt/lnmp/nginx/html/wordpress/{wp-config-sample.php,wp-config.php}
grep -E "database_name_here|username_here|password_here" \
/opt/lnmp/nginx/html/wordpress/wp-config.php
sed -i -e 's/database_name_here/wordpress/g' \
-e 's/username_here/wordpress/g' \
-e 's/password_here/123456/g' \
/opt/lnmp/nginx/html/wordpress/wp-config.php
grep -E "DB_NAME|DB_USER|DB_PASSWORD" \
/opt/lnmp/nginx/html/wordpress/wp-config.php输出结果:
[root@MineGi php]# ls /opt/lnmp/nginx/html/wordpress/wp-config-sample.php
/opt/lnmp/nginx/html/wordpress/wp-config-sample.php
[root@MineGi php]# cp -a /opt/lnmp/nginx/html/wordpress/{wp-config-sample.php,wp-config.php}
[root@MineGi php]# ll /opt/lnmp/nginx/html/wordpress/{wp-config-sample.php,wp-config.php}
-rw-r--r-- 1 nobody 65534 2930 2月 8 2018 /opt/lnmp/nginx/html/wordpress/wp-config.php
-rw-r--r-- 1 nobody 65534 2930 2月 8 2018 /opt/lnmp/nginx/html/wordpress/wp-config-sample.php
[root@MineGi php]# grep -E "database_name_here|username_here|password_here" \
> /opt/lnmp/nginx/html/wordpress/wp-config.php
define('DB_NAME', 'database_name_here');
define('DB_USER', 'username_here');
define('DB_PASSWORD', 'password_here');
[root@MineGi php]# sed -i -e 's/database_name_here/wordpress/g' \
> -e 's/username_here/wordpress/g' \
> -e 's/password_here/123456/g' \
> /opt/lnmp/nginx/html/wordpress/wp-config.php
[root@MineGi php]# grep -E "DB_NAME|DB_USER|DB_PASSWORD" \
> /opt/lnmp/nginx/html/wordpress/wp-config.php
define('DB_NAME', 'wordpress');
define('DB_USER', 'wordpress');
define('DB_PASSWORD', '123456');
[root@MineGi php]# 
命令示例:
systemctl restart docker
docker ps
docker start nginx mysql php
docker ps输出结果:
[root@MineGi php]# systemctl restart docker
[root@MineGi php]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@MineGi php]# docker start nginx mysql php
nginx
mysql
php
[root@MineGi php]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3534665d8941 php-lnmp:v1 "/usr/local/php/sbin…" 7 minutes ago Up 2 seconds 0.0.0.0:9000->9000/tcp, :::9000->9000/tcp php
4e2a395a1727 mysql-lnmp:v1 "/usr/local/mysql/bi…" 8 minutes ago Up 2 seconds 3306/tcp mysql
37a64f5100f6 nginx-lnmp:v1 "/usr/local/nginx/sb…" 3 hours ago Up 3 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp nginx
[root@MineGi php]#
扫一扫
566
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
