实践说明:基于RHEL7(CentOS7.9)部署docker环境(23.0.1、24.0.2),所构建的php7.1.33镜像应用于RHEL7-9(如AlmaLinux9.1),但因为docker的特性,适用场景是不限于此的。
文档形成时期:2017-2023年
因系统或软件版本不同,构建部署可能略有差异,但本文未做细分,对稍有经验者应不存在明显障碍。
因软件世界之复杂和个人能力之限,难免疏漏和错误,欢迎指正。
文章目录
- PHP7.1模组选择说明
- 官方php:7.1.33-fpm镜像的临时容器
- 创建自定义网络
- php7.1.33_Dockerfile
- 构建镜像
- 运行容器
- php配置常见调整
- php-fpm配置常见调整
- 正式生产的容器和镜像
- 镜像导出和配置备份
- 镜像和配置下载
- 镜像导入和解压配置
- 镜像信息
PHP7.1模组选择说明
php-7.1.33发布时间是2019.10.24,各模组安装可以参考这个时间。
官方php:7.1.33-fpm镜像的临时容器
通过临时容器获得默认配置和模组信息(可选):
创建临时容器的目的主要是获得默认配置、模组等信息。
docker run -itd --name phpfpm-7.1.33-tmp php:7.1.33-fpm
进入容器查看默认配置
docker exec -it phpfpm-7.1.33-tmp /bin/bash
临时容器默认源
text
# deb http://snapshot.debian.org/archive/debian/20191118T000000Z buster main
deb http://deb.debian.org/debian buster main
# deb http://snapshot.debian.org/archive/debian-security/20191118T000000Z buster/updates main
deb http://security.debian.org/debian-security buster/updates main
# deb http://snapshot.debian.org/archive/debian/20191118T000000Z buster-updates main
deb http://deb.debian.org/debian buster-updates main
可准备国内源,建议用http而不是https
/etc/apt/sources.list阿里云源准备,放构建当前目录
text
deb https://mirrors.aliyun.com/debian/ buster main non-free contrib
deb-src https://mirrors.aliyun.com/debian/ buster main non-free contrib
deb https://mirrors.aliyun.com/debian-security buster/updates main
deb-src https://mirrors.aliyun.com/debian-security buster/updates main
deb https://mirrors.aliyun.com/debian/ buster-updates main non-free contrib
deb-src https://mirrors.aliyun.com/debian/ buster-updates main non-free contrib
#deb https://mirrors.aliyun.com/debian/ buster-backports main non-free contrib
#deb-src https://mirrors.aliyun.com/debian/ buster-backports main non-free contrib
临时容器默认模组
text
Core
ctype
curl
date
dom
fileinfo
filter
ftp
hash
iconv
json
libxml
mbstring
mysqlnd
openssl
pcre
PDO
pdo_sqlite
Phar
posix
readline
Reflection
session
SimpleXML
SPL
sqlite3
standard
tokenizer
xml
xmlreader
xmlwriter
zlib
创建自定义网络
创建自定义网络,并指定网段、网关,只有定义了网段,才可以使用此网络为容器分配固定IP
docker network create -d bridge --subnet 10.1.5.0/24 --gateway 10.1.5.1 custom_bridge_net
php7.1.33_Dockerfile
基于官方php:7.1.33-fpm镜像默认模组、wordpress对php环境的要求,php7.1.33部署常见模组,以及曾经的生产环境常用模组,最终整理了比较完整模组安装的Dockerfile文件。
/root/sh/Dockerfiles/Independent/php7.1.33_Dockerfile 的内容:
text
FROM php:7.1.33-fpm
MAINTAINER Fisher "Y"
# 经过反复偿试,发现php7.1.33中采用install-php-extensions几乎都是失败的,官方的docker-php-ext-install成功率较高,所以暂仍采用docker-php-ext-install和pecl方式。
#Download PHP extensions
#ADD https://raw.githubusercontent.com/mlocati/docker-php-extension-installer/master/install-php-extensions /usr/local/bin/
#RUN chmod uga+x /usr/local/bin/install-php-extensions && sync
#COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/bin/
ADD sources_debian10.list /etc/apt/sources.list
# 设置时区
ENV TZ=Asia/Shanghai
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \
&& mkdir /opt/web && mkdir -p /usr/local/php71/var/log && touch /usr/local/php71/var/log/php-fpm.log && touch /usr/local/php71/var/log/php_errors.log \
&& groupadd www -g 1000 && useradd -s /sbin/nologin -M www -u 1000 -g 1000 && mkdir /home/www && chown www:www /home/www \
&& chown www:www /usr/local/php71/var/log/php-fpm.log /usr/local/php71/var/log/php_errors.log \
&& DEBIAN_FRONTEND=noninteractive apt-get update -q \
&& DEBIAN_FRONTEND=noninteractive apt-get install -qq -y \
curl \
git \
zip unzip \
&& pecl install swoole-4.4.8 && docker-php-ext-enable swoole \
&& DEBIAN_FRONTEND=noninteractive apt-get install -qq -y libmagickwand-dev && pecl install imagick-stable && docker-php-ext-enable imagick \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends libmemcached-dev zlib1g-dev && pecl install memcached-3.1.3 && docker-php-ext-enable memcached \
&& DEBIAN_FRONTEND=noninteractive apt-get install -qq -y libicu-dev && docker-php-ext-install -j$(nproc) intl && docker-php-ext-enable intl \
&& DEBIAN_FRONTEND=noninteractive apt-get install -qq -y libpq-dev && docker-php-ext-install -j$(nproc) pgsql pdo_pgsql && docker-php-ext-enable pgsql pdo_pgsql \
&& DEBIAN_FRONTEND=noninteractive apt-get install -qq -y libssl-dev && docker-php-ext-install -j$(nproc) ftp && docker-php-ext-enable ftp \
&& docker-php-ext-install -j$(nproc) bcmath gettext mysqli pdo pcntl pdo_mysql shmop sockets sysvsem sysvshm calendar exif \
&& docker-php-ext-enable bcmath gettext mysqli pdo pcntl pdo_mysql shmop sockets sysvsem sysvshm calendar exif \
&& apt-get install -y --no-install-recommends libbz2-dev && docker-php-ext-install -j$(nproc) bz2 && docker-php-ext-enable bz2 \
&& apt-get install -y --no-install-recommends libfreetype6-dev libjpeg62-turbo-dev libpng-dev \
&& docker-php-ext-install -j$(nproc) iconv && docker-php-ext-enable iconv \
&& docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ && docker-php-ext-install -j$(nproc) gd && docker-php-ext-enable gd \
&& apt-get install -y --no-install-recommends libgmp-dev \
&& docker-php-ext-install -j$(nproc) gmp && docker-php-ext-enable gmp \
&& apt-get install -y --no-install-recommends libldap2-dev \
&& docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu && docker-php-ext-install -j$(nproc) ldap && docker-php-ext-enable ldap \
&& apt-get install -y --no-install-recommends libmcrypt-dev && pecl install mcrypt-1.0.0 && docker-php-ext-enable mcrypt \
&& pecl install redis-5.1.1 && docker-php-ext-enable redis \
&& pecl install xdebug-2.8.1 && docker-php-ext-enable xdebug \
&& apt-get install -y librabbitmq-dev libssl-dev && pecl install amqp && docker-php-ext-enable amqp \
&& apt-get install -y --no-install-recommends libxml2-dev libtidy-dev libxslt1-dev && docker-php-ext-install -j$(nproc) soap wddx xmlrpc tidy xsl && docker-php-ext-enable soap wddx xmlrpc tidy xsl \
&& apt-get install -y --no-install-recommends libzip-dev && docker-php-ext-install -j$(nproc) zip && docker-php-ext-enable zip \
&& pecl install mongodb-1.11.1 && docker-php-ext-enable mongodb \
&& docker-php-ext-configure opcache --enable-opcache && docker-php-ext-install opcache \
&& apt-get install -y --no-install-recommends unixodbc-dev && pecl install sqlsrv-5.6.1 && docker-php-ext-enable sqlsrv && pecl install pdo_sqlsrv-5.6.1 && docker-php-ext-enable pdo_sqlsrv \
&& rm -rf /var/lib/apt/lists/* > /dev/null 2>&1
# 安装 Composer
ENV COMPOSER_HOME /root/composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
ENV PATH $COMPOSER_HOME/vendor/bin:$PATH
# 部分模组未成功的,如下,或改用安装方式,或弃用:
# geoip odbc
# apt-get install -y --no-install-recommends libgeoip-dev && pecl install geoip && docker-php-ext-enable geoip 报错:geoip.c: In function 'zm_startup_geoip'
模组安装经验
- php7.1.33中安装mongodb-1.11.1这个老版本可以成功,新版本(mongodb-stable,即mongodb-1.16.1)未能成功,pecl+docker-php-ext-enable能成功,install-php-extensions方式未安装成功,虽然都提示安装成功了(install ok: channel://pecl.php.net/mongodb-1.11.1),但docker构建过程提示有错误而退出。后来在php7.4.33中安装mongodb-stable,通过install-php-extensions方式安装成功。
- imagick-3.4.4和imagick-stable(imagick-3.7.0)通过install-php-extensions方式安装没能成功,改用"apt-get install + pecl install + docker-php-ext-enable"的方式均能安装成功。后来在php7.4.33中安装imagick-stable(imagick-3.7.0)
- php7.1.33中中安装geoip未能成功,https://pecl.php.net/package/geoip 中显示该模组最后更新于2016年,估计不常用了,弃之。
- php7.1.33中采用install-php-extensions安装@composer没有成功。改用curl方式。
- 经过反复偿试,发现php7.1.33中采用install-php-extensions几乎都是失败的,官方的docker-php-ext-install成功率较高,所以仍采用docker-php-ext-install和pecl方式。
- memcached-2.2.0没有 PHP 版本限制 ( https://pecl.php.net/package/memcached/2.2.0 ),但memcached-3.1.4需要 PHP 7.0.0 或更新版本
- swoole可参考:https://www.jianshu.com/p/d1a438413255
php模组部署说明
参考:php模组部署说明
构建镜像
docker buildx build -t tmtcha/php:7.1.33-fpm-v1.01 -f /root/sh/Dockerfiles/Independent/php7.1.33_Dockerfile .
错误处理经验
遇错:rm: cannot remove '/var/lib/apt/lists/': No such file or directory
参考:https://github.com/iMacken/DevDock/issues/8
只有在apt出问题时才会使用这个方法,如果想要一个干净的环境 rm -rf /var/lib/apt/lists/ 这个方式可能解决这个问题。
可以输出到空:rm -rf /var/lib/apt/lists/ > /dev/null 2>&1
运行容器
容器运行失败,可查看日志
docker logs 容器ID或名称
以构建的镜像运行一个临时的容器,为查看和拷贝配置等文件。
删除之前的临时容器:docker stop phpfpm-7.1.33-tmp; docker rm phpfpm-7.1.33-tmp
docker run -itd --name phpfpm-7.1.33-tmp tmtcha/php:7.1.33-fpm-v1.01
可以看到,默认加载配置是这样的:
text
root@a2e6b489a34e:/var/www/html# php --ini
Configuration File (php.ini) Path: /usr/local/etc/php
Loaded Configuration File: (none)
Scan for additional .ini files in: /usr/local/etc/php/conf.d
Additional .ini files parsed: /usr/local/etc/php/conf.d/docker-php-ext-amqp.ini,
/usr/local/etc/php/conf.d/docker-php-ext-bcmath.ini,
/usr/local/etc/php/conf.d/docker-php-ext-bz2.ini,
/usr/local/etc/php/conf.d/docker-php-ext-calendar.ini,
/usr/local/etc/php/conf.d/docker-php-ext-exif.ini,
/usr/local/etc/php/conf.d/docker-php-ext-gd.ini,
/usr/local/etc/php/conf.d/docker-php-ext-gettext.ini,
/usr/local/etc/php/conf.d/docker-php-ext-gmp.ini,
/usr/local/etc/php/conf.d/docker-php-ext-imagick.ini,
/usr/local/etc/php/conf.d/docker-php-ext-intl.ini,
/usr/local/etc/php/conf.d/docker-php-ext-ldap.ini,
/usr/local/etc/php/conf.d/docker-php-ext-mcrypt.ini,
/usr/local/etc/php/conf.d/docker-php-ext-memcached.ini,
/usr/local/etc/php/conf.d/docker-php-ext-mongodb.ini,
/usr/local/etc/php/conf.d/docker-php-ext-mysqli.ini,
/usr/local/etc/php/conf.d/docker-php-ext-opcache.ini,
/usr/local/etc/php/conf.d/docker-php-ext-pcntl.ini,
/usr/local/etc/php/conf.d/docker-php-ext-pdo_mysql.ini,
/usr/local/etc/php/conf.d/docker-php-ext-pdo_pgsql.ini,
/usr/local/etc/php/conf.d/docker-php-ext-pdo_sqlsrv.ini,
/usr/local/etc/php/conf.d/docker-php-ext-pgsql.ini,
/usr/local/etc/php/conf.d/docker-php-ext-redis.ini,
/usr/local/etc/php/conf.d/docker-php-ext-shmop.ini,
/usr/local/etc/php/conf.d/docker-php-ext-soap.ini,
/usr/local/etc/php/conf.d/docker-php-ext-sockets.ini,
/usr/local/etc/php/conf.d/docker-php-ext-sqlsrv.ini,
/usr/local/etc/php/conf.d/docker-php-ext-swoole.ini,
/usr/local/etc/php/conf.d/docker-php-ext-sysvsem.ini,
/usr/local/etc/php/conf.d/docker-php-ext-sysvshm.ini,
/usr/local/etc/php/conf.d/docker-php-ext-tidy.ini,
/usr/local/etc/php/conf.d/docker-php-ext-wddx.ini,
/usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini,
/usr/local/etc/php/conf.d/docker-php-ext-xmlrpc.ini,
/usr/local/etc/php/conf.d/docker-php-ext-xsl.ini,
/usr/local/etc/php/conf.d/docker-php-ext-zip.ini
配置均在/usr/local/etc/中,默认没有php.ini主配置,但仍然加载了构建过程中启用模组的子配置,
停止临时docker容器
拷贝配置到宿主机持久化目录中:
宿主机中执行:
mkdir -p /opt/docker_lnmp/{php71_cfg,php71_log}
docker cp phpfpm-7.1.33-tmp:/usr/local/etc /opt/docker_lnmp/php71_cfg
docker cp -a phpfpm-7.1.33-tmp:/usr/local/php71/var/log /opt/docker_lnmp/php71_log
注:会拷贝到目标路径下的子目录,需要再手动拷贝出来,并纠正权限,比如log文件应该是php-fpm运行用户所有,有可读写权限,因为用的www账户,容器内和宿主机的uid/gid一样,所以在宿主机执行chown www:www -R /opt/docker_lnmp/php71_log 也可以。
php配置常见调整
php日志路径变更为 error_log = /usr/local/php71/var/log/php_errors.log
修改内存限制,上传文件大小等必要配置,
upload_max_filesize = 32M
post_max_size = 32M
php-fpm配置常见调整
注,下面一些配置在php-fpm.conf中,一些在子配置www.conf中
user = www-data
group = www-data
改为
user = www
group = www
侦听端口变更为9001
listen = 127.0.0.1:9001
php-fpm日志路径变更为 error_log = /usr/local/php71/var/log/php-fpm.log
child processes视业务场景修改
内存限制
php_admin_value[memory_limit] = 128M
停止临时docker容器,或可删除
docker stop phpfpm-7.1.33-tmp; # docker rm phpfpm-7.1.33-tmp
正式生产的容器和镜像
启动容器
docker run -dit --privileged=true
-p 9001:9001
--network custom_lnmp_bridge_net --ip 10.1.5.130
-v /opt/web:/opt/web
-v /opt/docker_lnmp/php71_cfg:/usr/local/etc
-v /opt/docker_lnmp/php71_log:/usr/local/php71/var/log
--name=phpfpm-7.1.33-v1.01 tmtcha/php:7.1.33-fpm-v1.01
测验
该环境搭配宿主机的nginx+mysql,成功访问。
最终模组结果
text
# php -m
[PHP Modules]
amqp
bcmath
bz2
calendar
Core
ctype
curl
date
dom
exif
fileinfo
filter
ftp
gd
gettext
gmp
hash
iconv
imagick
intl
json
ldap
libxml
mbstring
mcrypt
memcached
mongodb
mysqli
mysqlnd
openssl
pcntl
pcre
PDO
pdo_mysql
pdo_pgsql
pdo_sqlite
pdo_sqlsrv
pgsql
Phar
posix
readline
redis
Reflection
session
shmop
SimpleXML
soap
sockets
SPL
sqlite3
sqlsrv
standard
swoole
sysvsem
sysvshm
tidy
tokenizer
wddx
xdebug
xml
xmlreader
xmlrpc
xmlwriter
xsl
Zend OPcache
zip
zlib
[Zend Modules]
Xdebug
Zend OPcache
镜像导出和配置备份
mkdir /opt/data_bak/backup_ever/docker_images
docker save tmtcha/php:7.1.33-fpm-v1.01 > /opt/data_bak/backup_ever/docker_images/tmtcha-php-7.1.33-fpm-v1.01.tar
cd /opt/docker_lnmp
tar czpf /opt/data_bak/backup_ever/docker_images/php71_cfg.tar.gz php71_cfg
镜像和配置下载
地址:https://download.csdn.net/download/ynz1220/88726762
(资源如果不能打开是可能正在审核中,可过一会儿或次日访问)
镜像导入和解压配置
docker load < /opt/data_bak/backup_ever/docker_images/tmtcha_phpfpm7.1.33-v1.01.tar
tar czpf /opt/data_bak/backup_ever/docker_images/php71_cfg.tar.gz -C /opt/docker_lnmp/
镜像信息
名称:tmtcha/php:7.1.33-fpm-v1.01
大小:796MB