前言
使用nginx+php+mysql的环境搭建wordpress博客,开始我使用的是docker pull镜像的方式来构建整体环境。结果发现php的扩展不太灵活,下面我们使用构建Dockfile的方式来搭建,本文使用的是别人构建好的Dockfile,当然你也可以自己创建每个不同的Dockfile来构建Docker镜像
这里我们用github上某位大佬构建好的环境 zPhal-dockerfiles
https://github.com/ZpGuo/zPhal-dockerfiles
系统版本
CentOS 7.4
相关软件版本:
- PHP 7.2
- MySQL 5.7
- Nginx 1.12
- Redis 3.2
用到的PHP扩展:
- redis 3.1.4
- Phalcon 3.3.1
1.安装docker
yum -y install docker-io
- 设置docker随系统开机启动
systemctl enable docker.service
- 启动docker
service docker start
- 安装Docker-compose
sudo pip install -U docker-compose
2.使用git克隆zPhal-dockerfiles
git clone git@github.com:ZpGuo/zPhal-dockerfiles.git
下载PHP扩展包
cd zPhal-dockerfiles/files
wget https://pecl.php.net/get/redis-3.1.6.tgz -O php/pkg/redis.tgz
wget https://codeload.github.com/phalcon/cphalcon/tar.gz/v3.3.1 -O php/pkg/cphalcon.tar.gz
3.使用docker-compose构建项目
cd zPhal-dockerfiles/files
docker-compose up -d
4.文件目录
在这个项目里,我用到PHP,MySQL,Nginx,Redis;以及Composer,Phalcon拓展等。
总的来说,我们做这件事有三个流程:编写好各个软件的dockerfile;编写好配置文件;通过docker-compose处理所有的dockerfile,包括将配置配置文件扔进去 dockerfile 文件将构建的镜像中。
zPhal-dockerfiles
app/
index.php
phpinfo.php
data/
.gitignore
files/
mysql/
conf.d/
mysql-file.cnf
Dockerfile
nginx/
conf.d/
default.conf
zphal.conf
Dockerfile
nginx.conf
php/
pkg/
.gitignore
Dockerfile
php.ini
php-dev.ini
php-fpm.conf
redis/
Dockerfile
docker-compose.yml
logs/
.gitgnore
README.md
5.配置文件
- docker-compose.yml
使用docker-compose.yml,我们就省去了像使用docker pull那样在启动docker容器的在后面加各种各样的参数
version: '3.2'
services:
php-fpm:
build: ./php/
ports:
- "9000:9000"
links:
- mysql-db:mysql-db
- redis-db:redis-db
volumes:
- ../app:/data/www:rw
- ./php/php-dev.ini:/usr/local/etc/php/php.ini:ro
- ./php/php-fpm.conf:/usr/local/etc/php-fpm.conf:ro
- ../logs/php-fpm:/var/log/php-fpm:rw
restart: always
command: php-fpm
nginx:
build: ./nginx
depends_on:
- php-fpm
links:
- php-fpm:php-fpm
volumes:
- ../app:/data/www:rw
- ./nginx/conf.d:/etc/nginx/conf.d:ro
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ../logs/nginx:/var/log/nginx
ports:
- "80:80"
- "8080:8080"
- "443:443"
restart: always
command: nginx -g 'daemon off;'
mysql-db:
build: ./mysql
ports:
- "3306:3306"
volumes:
- ../data/mysql:/var/lib/mysql:rw
- ../logs/mysql:/var/lib/mysql-logs:rw
- ./mysql/conf.d:/etc/mysql/conf.d:ro
environment:
MYSQL_ROOT_PASSWORD: 123456
MYSQL_DATABASE: zphaldb
MYSQL_USER: zphal
MYSQL_PASSWORD: zphal123
restart: always
command: "--character-set-server=utf8"
redis-db:
build: ./redis
ports:
- "6379:6379"
volumes:
- ../data/redis:/data
restart: always
- php Dockerfile
FROM php:7.2-fpm
MAINTAINER goozp "gzp@goozp.com"
# set timezome
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
# Install package and PHP Core extensions
RUN apt-get update && apt-get install -y \
git \
libfreetype6-dev \
libjpeg62-turbo-dev \
libpng-dev \
&& docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \
&& docker-php-ext-install -j$(nproc) gd \
&& docker-php-ext-install zip \
&& docker-php-ext-install pdo_mysql \
&& docker-php-ext-install opcache \
&& docker-php-ext-install mysqli \
&& rm -r /var/lib/apt/lists/*
# Copy extensions had downloaded
COPY ./pkg/redis.tgz /home/redis.tgz
COPY ./pkg/cphalcon.tar.gz /home/cphalcon.tar.gz
# Install PECL extensions (Redis)
RUN pecl install /home/redis.tgz && echo "extension=redis.so" > /usr/local/etc/php/conf.d/redis.ini
# Install Phalcon extensions
RUN cd /home \
&& tar -zxvf cphalcon.tar.gz \
&& mv cphalcon-* phalcon \
&& cd phalcon/build \
&& ./install \
&& echo "extension=phalcon.so" > /usr/local/etc/php/conf.d/phalcon.ini
# Install Composer
ENV COMPOSER_HOME /root/composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
ENV PATH $COMPOSER_HOME/vendor/bin:$PATH
RUN rm -f /home/redis.tgz \
rm -f /home/cphalcon.tar.gz
WORKDIR /data
# Write Permission
RUN usermod -u 1000 www-data
- mysql Dockerfile
FROM mysql:5.7
# set timezome
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
- mysql配置 mysql-file.cnf
[client]
port=3306
[mysql]
[mysqld]
default-storage-engine=INNODB
max_connections=512
skip-host-cache
skip-name-resolve
query_cache_size = 64M
max_allowed_packet = 4M
server_id=1
log-bin=mysql-bin
slow_query_log = 1
slow_query_log_file =/var/lib/mysql-logs/slow.log
long_query_time = 1
log-queries-not-using-indexes
max_connections = 1024
back_log = 128
wait_timeout = 100
interactive_timeout = 200
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
- nginx Dockerfile
FROM nginx:1.12
# set timezome
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
- nginx配置 nginx.conf default.conf default-ssl.conf
nginx.conf
user www-data;
pid /run/nginx.pid;
worker_processes 4;
worker_cpu_affinity 01 10 01 10;
worker_rlimit_nofile 51200;
events {
worker_connections 10240;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
charset UTF-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
keepalive_timeout 10;
send_timeout 10;
server_name_in_redirect off;
server_names_hash_bucket_size 64;
types_hash_max_size 2048;
client_header_timeout 10;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 100m;
client_body_timeout 10;
client_body_buffer_size 10m;
reset_timedout_connection on;
# log setting
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# access_log /var/log/nginx/access.log main;
access_log off;
error_log /var/log/nginx/error.log warn;
fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 120s;
fastcgi_read_timeout 120s;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_hide_header X-Powered-By;
# Gzip Compression
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_proxied any;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_vary on;
open_file_cache max=10000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
include /etc/nginx/conf.d/*.conf;
}
default.conf
server {
# server名称
server_name www.liyawei.xyz;
# 监听80和443端口,如果强制所有的访问都必须是HTTPs的,这行需要注销掉
listen 80;
# 将http重定向到https
return 301 https://$server_name$request_uri;
# 默认首页
root /data/www;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.html;
}
location ~ \.php {
include fastcgi_params;
fastcgi_pass php-fpm:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/$fastcgi_script_name;
}
}
default-ssl.conf
要使用https需要自己先去申请个证书
server {
# server名称
server_name www.liyawei.xyz;
# 监听443端口
listen 443 ssl;
# 增加ssl
# ssl on; #如果强制HTTPs访问,这行要打开
ssl_certificate /etc/nginx/certs/www.liyawei.xyz.crt;
ssl_certificate_key /etc/nginx/certs/www.liyawei.xyz.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
# 指定密码为openssl支持的格式
ssl_protocols SSLv2 SSLv3 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5; # 密码加密方式
ssl_prefer_server_ciphers on; # 依赖SSLv3和TLSv1协议的服务器密码将优先于客户端密码
# 默认首页
root /data/www;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.html;
}
location ~ \.php {
include fastcgi_params;
fastcgi_pass php-fpm:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /data/www/$fastcgi_script_name;
}
}