docker 实践

下载docker镜像

docker pull daocloud.io/centos:6

以交互方式运行

docker run -it daocloud.io/centos:6

以下是centos 安装各种软件～

安装sudo

yum install -y sudo

新建用户

useradd land && passwd land

修改sudoers文件允许land用户使用无密码sudo

visudo -f /etc/sudoers

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
land    ALL=(ALL)       NOPASSWD:ALL

使用land用户做接下来的操作

su land

安装一些必备库

sudo yum install -y gcc
sudo yum install -y libxml2-devel
sudo yum install -y libxslt-devel
sudo yum install -y bzip2-devel
sudo yum install -y m4
sudo yum install -y autoconf
sudo yum install -y libcurl-devel
sudo yum install -y libmemcached-devel
sudo yum install -y  cyrus-sasl-devel
 

扩展包更新

sudo yum  install epel-release
sudo yum install libmcrypt libmcrypt-devel mcrypt mhash
sudo yum install -y readline-devel
sudo yum install -y openssl*
sudo yum install -y wget
sudo yum install -y gcc+ gcc-c++
sudo yum install -y libtool

因为是64位系统，OpenSSL库安装在/usr/lib64/，但在安装php时，它还是去/usr/lib/ 下查找该库，故报上述错误

sudo ln -s /usr/lib64/libssl.so /usr/lib/

安装我们web必备nginx

sudo rpm -ivh http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm
sudo yum info nginx
sudo yum install -y nginx
sudo service nginx start

安装我们世界上最好的语言php（基础版本）

sudo yum install -y php

安装php多版本管理工具phpbrew

curl -L -O https://github.com/phpbrew/phpbrew/raw/master/phpbrew
chmod +x phpbrew
sudo mv phpbrew /usr/bin/phpbrew
phpbrew init
echo "[[ -e ~/.phpbrew/bashrc ]] && source ~/.phpbrew/bashrc" >> ~/.bashrc
source ~/.phpbrew/bashrc

安装php7.1

phpbrew install php-7.1.0 as php-7.1 +default +mysql +pdo +fpm +curl

默认使用php7.1

phpbrew switch php-7.1
如果报错:You should not see this, if you see this, it means you didn't load the ~/.phpbrew/bashrc script, please check if bashrc is sourced in your shell.,再次执行:phpbrew init && [[ -e ~/.phpbrew/bashrc ]] && source ~/.phpbrew/bashrc

phpbrew ext install curl
phpbrew ext enable curl
```shell
```shell
wget https://launchpad.net/libmemcached/1.0/1.0.18/+download/libmemcached-1.0.18.tar.gz
tar -zxvf libmemcached-1.0.18.tar.gz
cd libmemcached-1.0.18
./configure
make
sudo make install

phpbrew ext install https://github.com/php-memcached-dev/php-memcached php7 -- --disable-memcached-sasl

phpbrew ext enable memcached

nginx配置upstream、vhosts

nginx.conf:

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
    worker_connections 1024;
}
http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

 client_body_timeout 10;
        client_header_timeout 10;
        send_timeout 20;

        large_client_header_buffers 4 16k;
        client_max_body_size    60m;
        client_body_buffer_size 128k;
        client_header_buffer_size 4k;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include       /etc/nginx/conf.d/*.conf.enabled;
    include       /etc/nginx/vhosts/*.conf;
}

/etc/nginx/conf.d/upstream.php.conf.enabled:

upstream phpfpm71 {
    server 127.0.0.1:9000;
}

/etc/nginx/vhosts/test.conf:

server {
    listen       80;
    server_name *.test.com;

    set $web_root /opt; 
    set $web_fpm phpfpm71;  

    root $web_root;
 
    index index.php index.html index.htm;

    # limit_req zone=one burst=40;

    if ($http_user_agent ~* (ApacheBench|EmbeddedWB) ) {
        return 403;
    }

    # Disable logging for favicon
    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    # Disable logging for robots.txt
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
   
    # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }

    # Block access to protected, framework, and nbproject (artifact from Netbeans)
    location ~ /(protected|framework|nbproject) {
        deny all;
        access_log off;
        log_not_found off;
    }

    # Block access to theme-folder views directories
    location ~ /themes/\w+/views {
        deny all;
        access_log off;
        log_not_found off;
    }

    # Attempt the uri, uri+/, then fall back to yii's index.php with args included
    # Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    # END yiiframework.conf

    # Tell browser to cache image files for 24 hours, do not log missing images
    # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires 24h;
        log_not_found off;
    }

    # Block for processing PHP files
    # Specifically matches URIs ending in .php
    location ~ \.php$ {
        try_files $uri $uri/ /index.php?$args;
        # try_files $uri =404;

        # Fix for server variables that behave differently under nginx/php-fpm than typically expected
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        # Include the standard fastcgi_params file included with nginx
        include fastcgi_params;
        fastcgi_param  PATH_INFO        $fastcgi_path_info;
        fastcgi_index index.php;
        # Override the SCRIPT_FILENAME variable set by fastcgi_params
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        # Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
        fastcgi_pass $web_fpm;

    } 

}

/home/land/.phpbrew/php/php-7.1/etc/php-fpm.d/www.conf:

;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses
;                            (IPv6 and IPv4-mapped) on a specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
; listen = /home/land/.phpbrew/php/php-7.1/var/run/php-fpm.sock
listen = 127.0.0.1:9000


; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511

sudo service nginx restart
phpbrew fpm restart
curl http://127.0.0.1/a.html

我们提交docker改动，生成新的镜像

[root@194a44a03bf7 /]# exit
docker commit -m "nginx+phpbrew+php" -a "docker env" 194a44a03bf7 daocloud.io/centos:v2

我们挂载宿主机的代码目录，并且映射80端口给容器

docker run -ti -v /dockerdata:/dockerdata -p 80:80 daocloud.io/centos:v3
su land
sudo service nginx start
phpbrew fpm start

宿主机

curl http://127.0.0.1
大功告成

下一篇使用Dockerfile 来构建优化镜像通过dockerfile来构建优化容器