1、使用docker-compose制作nginx+php-fpm,mysql,wordpress镜像,并管理启动,实现wordpress的访问
#环境: 宿主机:10.0.0.27 centos7.9.2009 harbor:10.0.0.27 docker:18.09.9 docker-compose:1.18.0
1.1
#创建制作镜像目录 # mkdir -p /opt/docker/nginx-1.22.1-alpine-3.13.0 # cd /opt/docker/nginx-1.22.1-alpine-3.13.0 #创建dockerfile # vi Dockerfile FROM alpine:3.13.0 LABEL maintainer "Marko.Ou <oxz@qq.com>" RUN sed -ri 's#dl-cdn.alpinelinux.org#mirrors.aliyun.com#g' /etc/apk/repositories; \ sed -ri 's#dl-cdn.alpinelinux.org#mirrors.aliyun.com#g' /etc/apk/repositories; \ apk update; \ apk add iotop gcc libgcc libc-dev libcurl libc-utils pcre-dev openssl-dev zlib-dev libnfs make pcre pcre2 zip unzip net-tools pstree libevent libevent-dev ADD nginx-1.22.1.tar.gz /usr/local RUN sed -ri '/^static.*ngx_http_server_string/s#nginx"#KNM/1.1"#' /usr/local/nginx-1.22.1/src/http/ngx_http_header_filter_module.c; \ cd /usr/local/nginx-1.22.1; \ ./configure \ --prefix=/usr/local/nginx_1.22.1 \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_v2_module \ --with-http_realip_module \ --with-http_stub_status_module \ --with-http_gzip_static_module \ --with-pcre \ --with-stream \ --with-stream_ssl_module \ --with-stream_realip_module && make -j 4 && make install; \ addgroup -S nginx ;\ adduser -G nginx -h /data/www/wordpress -s /bin/false -H -S nginx; \ ln -s /usr/local/nginx_1.22.1/ /usr/local/nginx; \ mkdir /usr/local/nginx/conf.d; \ chown -R nginx.nginx /usr/local/nginx/ ADD nginx.conf /usr/local/nginx/conf ADD www.testou.com.conf /usr/local/nginx/conf.d ADD latest-zh_CN.zip /data/www/ RUN cd /data/www; \ unzip latest-zh_CN.zip; \ rm -rf /data/www/latest-zh_CN.zip /usr/local/nginx-1.22.1.tar.gz /usr/local/nginx-1.22.1; \ chown -R nginx.nginx /data/www/wordpress ENV PATH $PATH:/usr/local/nginx/sbin CMD ["nginx", "-g", "daemon off;"] #目录结构 # tree /opt/docker/nginx-1.22.1-alpine-3.13.0 /opt/docker/nginx-1.22.1-alpine-3.13.0 ├── build-command.sh ├── Dockerfile ├── latest-zh_CN.zip ├── nginx-1.22.1.tar.gz ├── nginx.conf └── www.testou.com.conf 0 directories, 6 files #构建镜像脚本 # cat /opt/docker/nginx-1.22.1-alpine-3.13.0/build-command.sh #!/bin/bash docker login --username=admin --password=123456 10.0.0.27 docker build -t 10.0.0.27/oxz/nginx:1.22.1-alpine-3.13.0 . docker push 10.0.0.27/oxz/nginx:1.22.1-alpine-3.13.0 #nginx配置文件 # cat /opt/docker/nginx-1.22.1-alpine-3.13.0/www.testou.com.conf server { server_name www.testou.com; location / { root /data/www/wordpress; index index.php; access_log /data/www/wordpress/www.testou.access.log main; } location ~ \.php$ { root /data/www/wordpress; fastcgi_pass service-php:9000; #fastcgi_pass php-server:9000; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } #构建镜像 # bash build-command.sh
#创建制作镜像目录 # mkdir -p /opt/docker/php-fpm-8.2.1-centos-7.9.2009 # cd /opt/docker/php-fpm-8.2.1-centos-7.9.2009 #创建dockerfile # vi Dockerfile FROM centos:7.9.2009 LABEL maintainer "Marko.Ou <oxz@qq.com>" RUN cd /etc/yum.repos.d; \ mkdir bakdir; \ mv *.repo bakdir ADD CentOS7.repo /etc/yum.repos.d ADD php-8.2.1.tar.gz /usr/local ADD latest-zh_CN.zip /data/www/ RUN yum -y install gcc make libxml2-devel sqlite-devel openssl-devel oniguruma-devel unzip; \ cd /usr/local/php-8.2.1/; \ ./configure \ --prefix=/usr/local/php_8.2.1 \ --enable-mysqlnd \ --with-mysqli=mysqlnd \ --with-pdo-mysql=mysqlnd \ --with-openssl \ --with-zlib \ --with-config-file-path=/usr/local/php_8.2.1/etc \ --with-config-file-scan-dir=/usr/local/php_8.2.1/etc/php.d \ --enable-mbstring \ --enable-xml \ --enable-sockets \ --disable-fileinfo \ --enable-fpm; \ make -j 4; \ make install; \ ln -s /usr/local/php_8.2.1/ /usr/local/php; \ cp /usr/local/php-8.2.1/php.ini-production /etc/php.ini; \ cp /usr/local/php/etc/php-fpm.conf{.default,}; \ cp /usr/local/php/etc/php-fpm.d/www.conf{.default,}; \ sed -ri '/^user/s#(.*= ).*#\1nginx#' /usr/local/php/etc/php-fpm.d/www.conf; \ sed -ri '/^group/s#(.*= ).*#\1nginx#' /usr/local/php/etc/php-fpm.d/www.conf; \ sed -ri '/^listen =/s#(listen =).*(:9000)#\1 0.0.0.0\2#' /usr/local/php/etc/php-fpm.d/www.conf; \ groupadd -r nginx; \ useradd -g nginx -r -s /bin/false nginx; \ cd /data/www; \ unzip latest-zh_CN.zip; \ rm -rf latest-zh_CN.zip /usr/local/php-8.2.1 /usr/local/php-8.2.1.tar.gz; \ chown -R nginx.nginx /data/www/wordpress ADD run_php-fpm.sh /usr/local/bin CMD ["/usr/local/bin/run_php-fpm.sh"] #目录结构 # tree /opt/docker/php-fpm-8.2.1-centos-7.9.2009 /opt/docker/php-fpm-8.2.1-centos-7.9.2009 ├── build-command.sh ├── CentOS7.repo ├── Dockerfile ├── latest-zh_CN.zip ├── php-8.2.1.tar.gz └── run_php-fpm.sh 0 directories, 6 files #构建镜像脚本 # cat /opt/docker/php-fpm-8.2.1-centos-7.9.2009/build-command.sh #!/bin/bash docker login --username=admin --password=123456 10.0.0.27 docker build -t 10.0.0.27/oxz/php-fpm:8.2.1-centos-7.9.2009 . docker push 10.0.0.27/oxz/php-fpm:8.2.1-centos-7.9.2009 #启动php-fpm脚本 # cat /opt/docker/php-fpm-8.2.1-centos-7.9.2009/run_php-fpm.sh #!/bin/bash /usr/local/php/sbin/php-fpm & tail -f /etc/hosts #构建镜像 # bash build-command.sh
1.3
#创建制作镜像目录 # mkdir -p /opt/docker/mysql-5.7.35-centos-7.9.2009 # cd /opt/docker/mysql-5.7.35-centos-7.9.2009 #创建dockerfile # vi Dockerfile FROM centos:7.9.2009 LABEL maintainer "Marko.Ou <oxz@qq.com>" RUN cd /etc/yum.repos.d; \ mkdir bakdir; \ mv *.repo bakdir; \ groupadd -r mysql; \ useradd -g mysql -r -s /bin/false mysql; \ mkdir -p /data/mysql; \ chown mysql.mysql /data/mysql ADD CentOS7.repo /etc/yum.repos.d COPY mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz /usr/local RUN tar xf /usr/local/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz -C /usr/local; \ ln -s /usr/local/mysql-5.7.35-linux-glibc2.12-x86_64 /usr/local/mysql; \ chown -R root.root /usr/local/mysql/; \ rm -rf /usr/local/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz ADD my.cnf /etc ADD mysql_secure_install.sh run_mysql.sh /usr/local/bin/ RUN yum -y install libaio ncurses-compat-libs numactl expect sysvinit-tools; \ /usr/local/mysql/bin/mysqld --initialize --datadir=/data/mysql --user=mysql; \ cp -a /usr/local/mysql/support-files/mysql.server /etc/rc.d/init.d/mysqld; \ /etc/rc.d/init.d/mysqld start; \ MYSQL_OLD_PW="`awk '/temporary password/{print $NF}' /data/mysql/mysql.log`"; \ /usr/local/mysql/bin/mysqladmin -uroot -p${MYSQL_OLD_PW} password root; \ /usr/local/bin/mysql_secure_install.sh; \ /usr/local/mysql/bin/mysql -uroot -proot -e 'create database wordpress'; \ /usr/local/mysql/bin/mysql -uroot -proot -e "grant all on wordpress.* to wordpress@'172.17.%.%' identified by 'root'"; \ /usr/local/mysql/bin/mysqladmin -uroot -proot shutdown CMD ["/usr/local/bin/run_mysql.sh"] #目录结构 # tree /opt/docker/mysql-5.7.35-centos-7.9.2009 /opt/docker/mysql-5.7.35-centos-7.9.2009 ├── build-command.sh ├── CentOS7.repo ├── Dockerfile ├── my.cnf ├── mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz ├── mysql_secure_install.sh └── run_mysql.sh 0 directories, 7 files #构建镜像脚本 # cat /opt/docker/mysql-5.7.35-centos-7.9.2009/build-command.sh #!/bin/bash docker login --username=admin --password=123456 10.0.0.27 docker build -t 10.0.0.27/oxz/mysql:5.7.35-centos-7.9.2009 . docker push 10.0.0.27/oxz/mysql:5.7.35-centos-7.9.2009 #mysql加固脚本 # cat /opt/docker/mysql-5.7.35-centos-7.9.2009/mysql_secure_install.sh #!/bin/bash expect <<-EOF spawn /usr/local/mysql/bin/mysql_secure_installation expect "Enter password for user root" { send "root\n" } expect "setup VALIDATE PASSWORD" { send "n\n" } expect "Change the password for root" { send "n\n" } expect "Remove anonymous users" { send "y\n" } expect "Disallow root login remotely" { send "y\n" } expect "Remove test database and access to it" { send "y\n" } expect "Reload privilege tables now" { send "y\n" } expect eof EOF #启动mysql脚本 # cat /opt/docker/mysql-5.7.35-centos-7.9.2009/run_mysql.sh #!/bin/bash /etc/rc.d/init.d/mysqld start tail -f /etc/hosts #构建镜像 # bash build-command.sh
1.4 docker-compose.yml
# mkdir -p /opt/docker-compose/nginx-php_fpm-mysql # cd /opt/docker-compose/nginx-php_fpm-mysql # vi docker-compose.yml service-nginx: image: 10.0.0.27/oxz/nginx:1.22.1-alpine-3.13.0 container_name: nginx1 restart: always ports: - "81:80" links: - service-php service-php: image: 10.0.0.27/oxz/php-fpm:8.2.1-centos-7.9.2009 container_name: php1 restart: always #ports: #- "9000:9000" links: - service-mysql service-mysql: image: 10.0.0.27/oxz/mysql:5.7.35-centos-7.9.2009 container_name: mysql1 restart: always #ports: #- "3306:3306" #运行 # docker-compose pull # docker-compose up -d #浏览器访问:http://10.0.0.27:81/进行安装