Docker – 系统整洁之道 – 1中已经对Docker的一些命令和Docker镜像的使用及操作做了记录。
这次就利用docker进行一次真正的实例使用,使用docker搭建一个简单的答题系统,这个系统是当时做来给网络安全周做手机答题的系统,很简单,代码风格很差。

这篇主要记录了三种docker使用的方式。

  • 用supervisor方式运行一个多进程的docker实例
  • 创建一个ngnix和php运行的环境
  • 创建一个ngnix,php,mysql集合运行的环境,使用docker-compose构建

感觉docker的东西越看越多,从刚开始的简简单单的一个docker run,到现在看到要build自己的镜像,compose,也就是以前的Fig,配置网络,还有swarm的docker集群,一点一点来吧。

先把两个附件写在这里吧
此片博客中构建php+ngnix+mysql测试环境的脚本
在测试环境中的答题网站源码

supervisor方式运行一个多进程的docker实例


Docker 容器在启动的时候开启单个进程,比如,一个 ssh 或者 apache 的 daemon 服务。但我们经常需要在一个机器上开启多个服务,这可以有很多方法,最简单的就是把多个启动命令放到一个启动脚本里面,启动的时候直接启动这个脚本,另外就是安装进程管理工具。这里使用进程管理工具 supervisor 来管理容器中的多个进程。使用 Supervisor 可以更好的控制、管理、重启我们希望运行的进程。

首先创一个文件夹叫做supervisor,目录结构为

1
2
3
4
~/Docker tree supervisor
supervisor
├── Dockerfile
└── supervisord

其中文件Dockerfile文件内容为:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
#使用时哪个镜像
FROM ubuntu:13.04
MAINTAINER examples@docker.com
RUN echo "deb http://archive.ubuntu.com/ubuntu precise main universe" > /etc/apt/sources.list
RUN apt-get update
RUN apt-get upgrade -y

#这里安装 3 个软件,还创建了 2 个 ssh 和 supervisor 服务正常运行所需要的目录。
RUN apt-get install -y --force-yes perl-base=5.14.2-6ubuntu2
RUN apt-get install -y apache2.2-common
RUN apt-get install -y openssh-server apache2 supervisor
RUN mkdir -p /var/run/sshd
RUN mkdir -p /var/log/supervisor

#添加 supervisord 的配置文件,并复制配置文件到对应目录下面。
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf

#映射了 22 和 80 端口,使用 supervisord 的可执行路径启动服务
EXPOSE 22 80
CMD ["/usr/bin/supervisord"]

文件supervisord内容为:

1
2
3
4
5
6
7
8
9
#supervsord 配置软件本身,使用 nodaemon 参数来运行
[supervisord]
nodaemon=true

#配置两个服务
[program:sshd]
command=/usr/sbin/sshd -D
[program:apache2]
command=/bin/bash -c "source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND"

使用命令进行构建

1
sudo docker build -t supervisor

输出:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
~/Docker/supervisor  sudo docker build -t supervisord .
Password:
Sending build context to Docker daemon 3.584 kB
Step 1 : FROM ubuntu:13.04
---> a58cd502f927
Step 2 : MAINTAINER examples@docker.com
---> Using cache
---> 15f104cdeb77
Step 3 : RUN echo "deb http://archive.ubuntu.com/ubuntu precise main universe" > /etc/apt/sources.list
---> Using cache
---> c6bb44d794ea
Step 4 : RUN apt-get update
---> Using cache
---> adcd83eecb0d
Step 5 : RUN apt-get upgrade -y
---> Using cache
---> 89e045811261
Step 6 : RUN apt-get install -y --force-yes perl-base=5.14.2-6ubuntu2
---> Using cache
---> bcdc472cc73a
Step 7 : RUN apt-get install -y apache2.2-common
---> Using cache
---> d8991f8aa3c6
Step 8 : RUN apt-get install -y openssh-server apache2 supervisor
---> Using cache
---> a713034800d6
Step 9 : RUN mkdir -p /var/run/sshd
---> Using cache
---> 3138e3644958
Step 10 : RUN mkdir -p /var/log/supervisor
---> Using cache
---> 958c08978b0c
Step 11 : COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
---> 8e9a0c97a133
Removing intermediate container d95b58057f73
Step 12 : EXPOSE 22 80
---> Running in 9cabb0865159
---> b4aa8b82cd57
Removing intermediate container 9cabb0865159
Step 13 : CMD /usr/bin/supervisord
---> Running in 237f71166211
---> 569f95736129
Removing intermediate container 237f71166211
Successfully built 569f95736129

使用docker ps 一下

1
2
3
~/Docker/supervisor  docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c82c830770bc supervisord:latest "/usr/bin/supervisord" 32 seconds ago Up 30 seconds 0.0.0.0:32770->22/tcp, 0.0.0.0:32769->80/tcp supervisord

发现刚才build的镜像已经跑起来了,访问 http://127.0.0.1:32769,可以web服务已经跑起来了。

使用命令docker exec进入container里面看看

1
2
3
4
5
6
 ~/Docker/supervisor  docker exec -it c82c830770bc bash
root@c82c830770bc:/# hello
bash: hello: command not found
root@c82c830770bc:/# ls
bin boot dev etc home lib lib64 media mnt opt proc root run sbin selinux srv sys tmp usr var
root@c82c830770bc:/#

使用passwd修改一下密码,然后在本机的命令行里进行ssh连接吧。

ngnix和php运行的环境


该方法就是直接使用docker命令进行构建一个ngnix,php结合运行的环境,没有使用docker-compose。

先用户根目录~下创建目录,并将该目录设置为Docker的共享目录。

1
2
3
4
5
6
7
8
9
Workspace
└── tmp
├── docker
│   └── nginx
│   └── conf.d
│   └── default.conf
└── www
├── index.html
└── phpinfo.php

其中default.conf文件内容,这是个nginx的配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
server {
listen 80;
server_name localhost;

location / {
root /usr/share/nginx/html;
index index.html index.htm;
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

location ~ \.php$ {
fastcgi_pass php:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html/$fastcgi_script_name;
include fastcgi_params;
}
}

index.html 里写一句 HelloW0rld,phpinfo.php里面写一个<?php phpinfo();?>

然后在命令行下执行命令

1
2
3
4
5
6
7
docker pull php:5.6-fpm-alpine

docker pull ngnix:1.10.2

docker run --name dream.php -d -v ~/Workspace/tmp/www:/var/www/html:ro php:5.6-fpm

docker run --name dream.nginx -p 80:80 -d -v ~/Workspace/tmp/www:/usr/share/nginx/html:ro -v ~/Workspace/tmp/docker/nginx/conf.d:/etc/nginx/conf.d:ro --link dream.php:php nginx:1.10.2

好的,如果不出意外,就可以看到phpinfo的界面了。这个是没有添加mysql的测试环境,直接在目录~/Workspace/tmp/www下面放网页就可以直接使用了。

ngnix,php,mysql集合运行的环境


Supervisor给出了一种能够在container中运行多个线程的方法,但是现在还是不知道要怎么样把自己的web服务部署到container中,数据库怎么建,可以有人会说直接使用SFTP将网站直接传到container里,安装数据库,配环境,但是docker中一旦container被删除,内容就没了。像这样将所有服务放在一个容器内的模式有个形象的非官方称呼:Fat Container。与之相对的是将服务分拆到容器的模式。从Docker的设计可以看到,构建镜像的过程中可以指定唯一一个容器启动的指令,因此Docker天然适合一个容器只运行一种服务,而这也是官方更推崇的。下面就记录一下部署一个简单的php程序和数据库联动的测试环境。

整体的文件结构是这样的
我们创建一个这样的目录

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Docker
└── test
├── data 数据库文件夹
│   └── mysql
├── docker-compose.yml docker-compose配置文件
├── htdocs 网站文件夹
│   ├── index.html
│   └── index.php
├── log 日志文件
│   └── nginx
├── mysql mysql构建文件
│   └── Dockerfile
├── nginx nginx构建文件
│   ├── Dockerfile
│   ├── conf.d
│   │   └── default.conf
│   └── nginx.conf
└── php php构建文件
   └── Dockerfile

mysql 独立部署


mysql目录下的Dockerfile文件只有一行FROM mysql:5.6,也就是直接使用mysql官方镜像5.6,然后使用命令

1
docker build -t phpenv/mysql mysql

构建自己的镜像phpenv/mysql。
使用命令

1
docker run -p 3306:3306 -v ~/Docker/test/data/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 -it phpenv/mysql

启动镜像,将容器的3306端口绑定到本机的3306端口,其中参数-v后代表使用~/Docker/test/data/mysql挂在到镜像的/var/lib/mysql,也就是替代源镜像的数据库文件目录,让数据库文件目录暴露在本机上,做到数据库内容的持久化。MYSQL_ROOT_PASSWORD为设置mysql的一个root密码。

运行结果

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
~/Docker/test docker run -p 3306:3306 -v ~/Docker/test/data/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 -it phpenv/mysql
2016-12-27 15:06:49 0 [Note] mysqld (mysqld 5.6.35) starting as process 1 ...
2016-12-27 15:06:49 1 [Warning] Setting lower_case_table_names=2 because file system for /var/lib/mysql/ is case insensitive
2016-12-27 15:06:49 1 [Note] Plugin 'FEDERATED' is disabled.
2016-12-27 15:06:49 1 [Note] InnoDB: Using atomics to ref count buffer pool pages
2016-12-27 15:06:49 1 [Note] InnoDB: The InnoDB memory heap is disabled
2016-12-27 15:06:49 1 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2016-12-27 15:06:49 1 [Note] InnoDB: Memory barrier is not used
2016-12-27 15:06:49 1 [Note] InnoDB: Compressed tables use zlib 1.2.8
2016-12-27 15:06:49 1 [Note] InnoDB: Using Linux native AIO
2016-12-27 15:06:49 1 [Note] InnoDB: Using CPU crc32 instructions
2016-12-27 15:06:49 1 [Note] InnoDB: Initializing buffer pool, size = 128.0M
2016-12-27 15:06:49 1 [Note] InnoDB: Completed initialization of buffer pool
2016-12-27 15:06:49 1 [Note] InnoDB: Highest supported file format is Barracuda.
2016-12-27 15:06:49 1 [Note] InnoDB: 128 rollback segment(s) are active.
2016-12-27 15:06:49 1 [Note] InnoDB: Waiting for purge to start
2016-12-27 15:06:49 1 [Note] InnoDB: 5.6.35 started; log sequence number 1626027
2016-12-27 15:06:49 1 [Note] Server hostname (bind-address): '*'; port: 3306
2016-12-27 15:06:49 1 [Note] IPv6 is available.
2016-12-27 15:06:49 1 [Note] - '::' resolves to '::';
2016-12-27 15:06:49 1 [Note] Server socket created on IP: '::'.
2016-12-27 15:06:49 1 [Warning] 'proxies_priv' entry '@ root@bd69eb248839' ignored in --skip-name-resolve mode.
2016-12-27 15:06:49 1 [Note] Event Scheduler: Loaded 0 events
2016-12-27 15:06:49 1 [Note] mysqld: ready for connections.
Version: '5.6.35' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server (GPL)

使用DBeaver连接后

查看一下当前~/Docker/test/data/mysql数据库目录下的文件

1
2
~/Docker/test/data/mysql  ls
auto.cnf ib_logfile0 ib_logfile1 ibdata1 mysql performance_schema

新建一个库docker_test后~/Docker/test/data/mysql数据库目录下的文件

1
2
~/Docker/test/data/mysql ls
auto.cnf docker_test ib_logfile0 ib_logfile1 ibdata1 mysql performance_schema

可以发现数据库已经创建好了,也如下图

为了验证数据库数据的持久型,我们先停止当前运行的container并产出它,然后从镜像启动一个新的container,如命令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
~/Docker ⮀ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
970dec0f7de9 phpenv/mysql "docker-entrypoint.sh" 30 minutes ago Up 30 minutes 0.0.0.0:3306->3306/tcp berserk_brown
~/Docker ⮀ docker stop 970dec0f7de9
970dec0f7de9
~/Docker ⮀ docker rm 970dec0f7de9
970dec0f7de9
~/Docker ⮀ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c82c830770bc supervisord:latest "/usr/bin/supervisord" 35 hours ago Exited (0) 32 minutes ago supervisord
~/Docker ⮀ docker run -p 3306:3306 -v ~/Docker/test/data/mysql:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 -it phpenv/mysql
2016-12-27 15:38:04 0 [Note] mysqld (mysqld 5.6.35) starting as process 1 ...
2016-12-27 15:38:04 1 [Warning] Setting lower_case_table_names=2 because file system for /var/lib/mysql/ is case insensitive
2016-12-27 15:38:04 1 [Note] Plugin 'FEDERATED' is disabled.
2016-12-27 15:38:04 1 [Note] InnoDB: Using atomics to ref count buffer pool pages
2016-12-27 15:38:04 1 [Note] InnoDB: The InnoDB memory heap is disabled
2016-12-27 15:38:04 1 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2016-12-27 15:38:04 1 [Note] InnoDB: Memory barrier is not used
2016-12-27 15:38:04 1 [Note] InnoDB: Compressed tables use zlib 1.2.8
2016-12-27 15:38:04 1 [Note] InnoDB: Using Linux native AIO
2016-12-27 15:38:04 1 [Note] InnoDB: Using CPU crc32 instructions
2016-12-27 15:38:04 1 [Note] InnoDB: Initializing buffer pool, size = 128.0M
2016-12-27 15:38:04 1 [Note] InnoDB: Completed initialization of buffer pool
2016-12-27 15:38:04 1 [Note] InnoDB: Highest supported file format is Barracuda.
2016-12-27 15:38:04 1 [Note] InnoDB: 128 rollback segment(s) are active.
2016-12-27 15:38:04 1 [Note] InnoDB: Waiting for purge to start
2016-12-27 15:38:04 1 [Note] InnoDB: 5.6.35 started; log sequence number 1626037
2016-12-27 15:38:04 1 [Note] Server hostname (bind-address): '*'; port: 3306
2016-12-27 15:38:04 1 [Note] IPv6 is available.
2016-12-27 15:38:04 1 [Note] - '::' resolves to '::';
2016-12-27 15:38:04 1 [Note] Server socket created on IP: '::'.
2016-12-27 15:38:04 1 [Warning] 'proxies_priv' entry '@ root@bd69eb248839' ignored in --skip-name-resolve mode.
2016-12-27 15:38:04 1 [Note] Event Scheduler: Loaded 0 events
2016-12-27 15:38:04 1 [Note] mysqld: ready for connections.
Version: '5.6.35' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server (GPL)

再次连接数据库验证,发现刚才新建的库docker_test还在,数据库文件持久型保存了。

docker-compose 中mysql配置

待完善

docker-compose 中nginx部署

nginx在构建的时候要替换两个配置文件,Dockfile

1
2
3
4
FROM nginx:1.10.2

ADD nginx.conf /etc/nginx/nginx.conf
ADD conf.d/* /etc/nginx/conf.d/

挂载文件在docker-compose里进行定义。

待完善

docker-compose 中php配置

php什么也不做,只通过Dockfile

1
FROM php:5.6-fpm

来构建

待完善

docker-compose 构建


docker-compose文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
nginx:
build: ./nginx
ports:
- "40080:80"
links:
- "php"
volumes:
- ~/Docker/test/htdocs:/usr/share/nginx/html

php:
build: ./php
ports:
- "49000:9000"
links:
- "mysql"
volumes:
- ~/Docker/test/htdocs:/var/www/html

mysql:
build: ./mysql
ports:
- "43306:3306"
volumes:
- ~/Docker/test/data/mysql:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: 123456

记录一下,首先docker-compse是用来集合构建多个镜像的工具,这里我们集合了nginx,php,mysql来搭建一个php的测试环境,在文件中,有一个links参数,是用来连接其他实例,让多个实例之间可以进行通信。

这里有整合文件的下载链接,下载后,将文件放在用户根目录下,命令行执行docker-compose up,结果

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
~/Docker/test ⮀ docker-compose up
Building mysql
Step 1 : FROM mysql:5.6
---> e1406e1f7c42
Successfully built e1406e1f7c42
WARNING: Image for service mysql was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`.
Building php
Step 1 : FROM php:5.6-fpm
5.6-fpm: Pulling from library/php
75a822cd7888: Already exists
e4d8a4e038be: Pull complete
81d4d961577a: Pull complete
54283fea14a4: Pull complete
a1b82ddb6e57: Pull complete
fe532c795718: Pull complete
f02389f3f13e: Pull complete
5777f6cf03c5: Pull complete
24b45111f193: Pull complete
Digest: sha256:022410892774f45ebd39bdb4df39a4a72e6ae5db96a31ee83e7eb25382cd2491
Status: Downloaded newer image for php:5.6-fpm
---> 55423bcf0cfc
Successfully built 55423bcf0cfc
WARNING: Image for service php was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`.
Building nginx
Step 1 : FROM nginx:1.10.2
---> c2d83d8cde8d
Step 2 : ADD nginx.conf /etc/nginx/nginx.conf
---> e45c0dceafb9
Removing intermediate container ca538d0f2fd1
Step 3 : ADD conf.d/* /etc/nginx/conf.d/
---> bf0d37221331
Removing intermediate container ebaa3b27453a
Successfully built bf0d37221331
WARNING: Image for service nginx was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`.
Creating test_mysql_1
Creating test_php_1
Creating test_nginx_1
Attaching to test_mysql_1, test_php_1, test_nginx_1
mysql_1 | 2016-12-28 07:29:43 0 [Note] mysqld (mysqld 5.6.35) starting as process 1 ...
mysql_1 | 2016-12-28 07:29:43 1 [Warning] Setting lower_case_table_names=2 because file system for /var/lib/mysql/ is case insensitive
mysql_1 | 2016-12-28 07:29:43 1 [Note] Plugin 'FEDERATED' is disabled.
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Using atomics to ref count buffer pool pages
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: The InnoDB memory heap is disabled
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Memory barrier is not used
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Compressed tables use zlib 1.2.8
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Using Linux native AIO
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Using CPU crc32 instructions
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Initializing buffer pool, size = 128.0M
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Completed initialization of buffer pool
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Highest supported file format is Barracuda.
php_1 | [28-Dec-2016 07:29:43] NOTICE: fpm is running, pid 1
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: 128 rollback segment(s) are active.
php_1 | [28-Dec-2016 07:29:43] NOTICE: ready to handle connections
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: Waiting for purge to start
mysql_1 | 2016-12-28 07:29:43 1 [Note] InnoDB: 5.6.35 started; log sequence number 1626263
mysql_1 | 2016-12-28 07:29:43 1 [Note] Server hostname (bind-address): '*'; port: 3306
mysql_1 | 2016-12-28 07:29:43 1 [Note] IPv6 is available.
mysql_1 | 2016-12-28 07:29:43 1 [Note] - '::' resolves to '::';
mysql_1 | 2016-12-28 07:29:43 1 [Note] Server socket created on IP: '::'.
mysql_1 | 2016-12-28 07:29:43 1 [Warning] 'proxies_priv' entry '@ root@bd69eb248839' ignored in --skip-name-resolve mode.
mysql_1 | 2016-12-28 07:29:43 1 [Note] Event Scheduler: Loaded 0 events
mysql_1 | 2016-12-28 07:29:43 1 [Note] mysqld: ready for connections.
mysql_1 | Version: '5.6.35' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server (GPL)

访问一下 http://localhost:40080/index.php ,正常的话,如下图

启动一个真实的代码

下面的代码是今年网络安全周的一个手机在线答题系统,代码很挫,大牛误笑

源码在这里

将目录直接放在~/Docker/test/htdocs下面,然后在test目录下执行docker-compose up,正常情况下,就会跑起来上面的容器,然后按照代码的README将数据库部署就可以运行了。

参考链接


  1. Docker 从入门到实践
  2. 第一本Docker书
  3. 如何进入一个正在运行的Container
  4. Docker在PHP项目开发环境中的应用