不使用K8S和Docker Swarm的情况下,纯Docker环境下nginx+hyperf+pm2的部署方案

一 、构建Php镜像，其镜像包含pm2和pm2-logrotate以及ssh公钥登录功能

Dockerfile

FROM ubuntu:18.04
MAINTAINER [email protected]
ENV DEBIAN_FRONTEND noninteractive
RUN  sed -i -e s@/archive.ubuntu.com/@/mirrors.aliyun.com/@g -e s@/security.ubuntu.com/@/mirrors.aliyun.com/@g /etc/apt/sources.list
RUN  apt-get update && apt-get install -y apt-utils && apt-get -y install wget
WORKDIR /home/nobody
COPY  php-7.4.20.tar.gz  php-7.4.20.tar.gz
COPY  mongodb-1.9.1.tgz  mongodb-1.9.1.tgz
COPY  redis-5.3.4.tgz  redis-5.3.4.tgz 
COPY  imagick-3.5.0.tgz  imagick-3.5.0.tgz
COPY  inotify-3.0.0.tgz  inotify-3.0.0.tgz
COPY  yaf-3.3.2.tgz  yaf-3.3.2.tgz
COPY  event-3.0.5.tgz  event-3.0.5.tgz
COPY  amqp-1.10.2.tgz  amqp-1.10.2.tgz
COPY  swoole-4.6.7.tgz  swoole-4.6.7.tgz
COPY  rabbitmq-c-0.11.0.tar.gz  rabbitmq-c-0.11.0.tar.gz
RUN  apt-get update && apt-get -y install build-essential && apt-get -y install lrzsz vim libtool re2c krb5-user libkrb5-dev  && apt-get -y install openssl libonig4 libonig-dev && apt-get -y install libreadline-dev libssl-dev libgmp3-dev &&\ 
apt-get -y install zlib1g zlib1g-dev && apt-get -y install libgcrypt-dev && apt-get -y install libcurl4-openssl-dev && apt-get -y install m4 libffi-dev && apt-get -y install libxslt1-dev autoconf &&\ 
apt-get -y install libxml2 libxml2-dev && apt-get -y install python3 python3-dev python3-lxml && apt-get -y install libpcre3 libpcre3-dev && apt-get -y install libbz2-dev libedit-dev &&\ 
apt-get -y install lemon && apt-get -y install argon2 libargon2-0 libargon2-0-dev libxslt-dev && apt-get -y install libevent-dev && apt-get -y install libpng-dev libpng16-16 && apt-get -y install libjpeg9 libjpeg9-dev &&\ 
apt-get -y install libiconv-hook-dev libiconv-hook1 && apt-get -y install libfreetype6 libfreetype6-dev && apt-get -y install libgd-dev libgdchart-gd2-xpm libgdchart-gd2-xpm-dev && apt-get -y install libmhash-dev libmhash2 &&\ 
apt-get -y install libmcrypt4 libmcrypt-dev && apt-get -y install libltdl-dev libssl-dev && apt-get -y install libssh2-1-dev libssh2-1 && apt-get -y install curl libcurl4 zip unzip git &&\ 
apt-get -y install libxtst-dev && apt-get -y install libxpm-dev consul && apt-get -y install bzip2 libbz2-dev libzip-dev && apt-get -y install libicu-dev && apt-get -y install pkg-config &&\ 
apt-get -y install libjemalloc-dev && apt-get -y install libev-dev sqlite3 libsqlite3-dev && apt-get -y install libc-ares-dev libevent-dev && apt-get -y install cmake ssh && apt-get -y install libgtk2.0-dev &&\ 
apt-get -y install pkg-config && apt-get -y install libaio1 sudo && apt-get -y install imagemagick  && apt-get -y install libmagickwand-dev libwebp-dev && apt-get -y install libmagickcore-dev
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - && apt-get install -y nodejs && npm install -g pm2
RUN apt-get -y upgrade && apt-get -y dist-upgrade && apt-get clean && apt-get autoremove && apt-get autoclean
RUN pm2 install pm2-logrotate && pm2 set pm2-logrotate:max_size 5120K
WORKDIR /home/nobody
RUN  groupadd nobody && usermod -s /sbin/nologin -g nobody nobody
RUN ls *.tar.gz | xargs -n1 tar xzvf && ls *.tgz | xargs -n1 tar xzvf && rm -rf /usr/local/php
WORKDIR /home/nobody/php-7.4.20
RUN echo "root:Docker!" | chpasswd
RUN echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
RUN ./configure \
--prefix=/usr/local/php7.4.20 \
--with-config-file-path=/usr/local/php7.4.20/etc \
--enable-fpm \
--enable-pcntl \
--enable-inline-optimization \
--enable-xml \
--enable-intl \
--enable-zend-signals \
--disable-debug \
--disable-rpath \
--enable-shared  \
--with-xmlrpc \
--with-mhash \
--enable-soap \
--with-sqlite3 \
--with-zlib \
--enable-bcmath \
--with-freetype \
--with-iconv \
--with-bz2 \
--with-imap-ssl \
--enable-ftp \
--with-openssl \
--enable-calendar \
--with-curl \
--with-cdb \
--enable-dom \
--enable-exif \
--enable-fileinfo \
--enable-filter \
--with-openssl-dir \
--with-zlib-dir \
--enable-gd \
--enable-gd-jis-conv \
--with-gettext \
--with-gmp \
--with-mhash \
--enable-json \
--enable-mbstring \
--enable-mbregex \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-pdo-sqlite \
--with-readline \
--enable-session \
--enable-shmop \
--enable-simplexml \
--enable-sockets  \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--with-xsl \
--enable-mysqlnd \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-opcache \
--with-zip \
--with-ffi \
--with-kerberos \
--with-icu-dir=/usr \
--with-pcre-jit \
--with-password-argon2 \
--with-libxml \
--with-xsl \
--with-webp && make && make install
RUN ln -s /usr/local/php7.4.20 /usr/local/php && ln -s /usr/local/php/bin/php /usr/bin/php
WORKDIR /home/nobody/mongodb-1.9.1
RUN  /usr/local/php/bin/phpize && ./configure --enable-mongodb --with-php-config=/usr/local/php/bin/php-config &&  make &&  make install
WORKDIR /home/nobody/redis-5.3.4
RUN  /usr/local/php/bin/phpize && ./configure --enable-redis --with-php-config=/usr/local/php/bin/php-config &&  make &&  make install
WORKDIR /home/nobody/imagick-3.5.0
RUN  /usr/local/php/bin/phpize && ./configure --enable-imagick --with-php-config=/usr/local/php/bin/php-config &&  make &&  make install
WORKDIR /home/nobody/inotify-3.0.0
RUN  /usr/local/php/bin/phpize && ./configure --enable-inotify --with-php-config=/usr/local/php/bin/php-config &&  make &&  make install
WORKDIR /home/nobody/yaf-3.3.2
RUN  /usr/local/php/bin/phpize && ./configure --enable-yaf --with-php-config=/usr/local/php/bin/php-config &&  make &&  make install
WORKDIR /home/nobody/event-3.0.5
RUN  /usr/local/php/bin/phpize && ./configure --with-php-config=/usr/local/php/bin/php-config --enable-event-debug=no --enable-event-sockets=yes --with-event-core --with-event-libevent-dir --with-event-pthreads=no --with-event-extra --with-event-openssl --with-openssl-dir=no &&  make &&  make install
WORKDIR /home/nobody/swoole-4.6.7
RUN  /usr/local/php/bin/phpize && ./configure --enable-swoole --enable-sockets --enable-openssl --with-openssl-dir --enable-http2 --enable-swoole-json --enable-swoole-curl --with-php-config=/usr/local/php/bin/php-config && make &&  make install &&  ldconfig
WORKDIR /home/nobody/rabbitmq-c-0.11.0
RUN apt-get -y install autoconf automake
RUN cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/rabbitmq-c-0.11.0 &&  make && make install
RUN cd /usr/local/rabbitmq-c-0.11.0/lib && cp -r x86_64-linux-gnu/* .
WORKDIR /home/nobody/amqp-1.10.2
RUN  /usr/local/php/bin/phpize && ./configure --with-php-config=/usr/local/php/bin/php-config --with-amqp --with-librabbitmq-dir=/usr/local/rabbitmq-c-0.11.0 && make && make install
RUN  mkdir /usr/local/php/var/session &&  chmod 777 /usr/local/php/var/session &&  mkdir /usr/local/php/log &&  chmod 777 /usr/local/php/log &&  touch /usr/local/php/var/log/php_errors.log && chmod 777 /usr/local/php/var/log/php_errors.log && chmod -R 777 /usr/local/php/var
WORKDIR /home/nobody/php-7.4.20
RUN  wget https://mirrors.aliyun.com/composer/composer.phar && mv composer.phar /usr/local/php/bin/
WORKDIR /usr/local/php/bin
RUN chmod a+x composer.phar &&  mv composer.phar composer && /usr/local/php/bin/composer self-update && /usr/local/php/bin/composer --version && ln -s /usr/local/php/bin/composer /usr/local/bin/composer
RUN composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/
WORKDIR /home/nobody/php-7.4.20
COPY php_7.4.ini-development /usr/local/php/etc/php.ini
COPY php-fpm_7.4.conf /usr/local/php/etc/php-fpm.conf
COPY php_7.4_www_9999.conf /usr/local/php/etc/php-fpm.d/www.conf
RUN /usr/local/php/bin/pear channel-update pear.php.net
WORKDIR /home/nobody
RUN mkdir /pm2json && rm -rf *.tar.gz && rm -rf *.tgz && rm -rf php-7.4.20 mongodb-1.9.1 redis-5.3.4 imagick-3.5.0 inotify-3.0.0 yaf-3.3.2 event-3.0.5 swoole-4.6.7 rabbitmq-c-0.11.0 amqp-1.10.2
VOLUME /webroot
ADD php_startup.sh /home/nobody
RUN chmod 777 /home/nobody/php_startup.sh
#dood
RUN apt-get update && apt-get install -y apt-transport-https ca-certificates curl && curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | apt-key add -qq - >/dev/null&&\
echo "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu bionic stable" > /etc/apt/sources.list.d/docker.list
RUN apt-get update && apt-get -y install docker-ce-cli
WORKDIR /root/.ssh
COPY id_rsa /root/.ssh/id_rsa
COPY id_rsa.pub /root/.ssh/id_rsa.pub
COPY id_rsa.pub /root/.ssh/authorized_keys
RUN chmod 0644 /root/.ssh/authorized_keys && chmod 0644 /root/.ssh/id_rsa.pub && chmod 0600 /root/.ssh/id_rsa && chmod 0755 /root/.ssh/
USER nobody
EXPOSE 9999
EXPOSE 22
CMD ["/home/nobody/php_startup.sh"]

php_startup.sh

#!/bin/bash
if [ -f "/pm2json/pm2.json" ]; then
  pm2 start /pm2json/pm2.json &
  #pm2-runtime start /pm2json/pm2.json &
fi
/etc/init.d/ssh start &
/usr/local/php/sbin/php-fpm

php-fpm_7.4.conf

;;;;;;;;;;;;;;;;;;;;;
; FPM Configuration ;
;;;;;;;;;;;;;;;;;;;;;

; All relative paths in this configuration file are relative to PHP's install
; prefix (/usr/local/php7.4.20). This prefix can be dynamically changed by using the
; '-p' argument from the command line.

;;;;;;;;;;;;;;;;;;
; Global Options ;
;;;;;;;;;;;;;;;;;;

[global]
; Pid file
; Note: the default prefix is /usr/local/php7.4.20/var
; Default Value: none
pid = run/php-fpm.pid

; Error log file
; If it's set to "syslog", log is sent to syslogd instead of being written
; into a local file.
; Note: the default prefix is /usr/local/php7.4.20/var
; Default Value: log/php-fpm.log
error_log = log/php-fpm.log

; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon

; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm

; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice

; Log limit on number of characters in the single line (log entry). If the
; line is over the limit, it is wrapped on multiple lines. The limit is for
; all logged characters including message prefix and suffix if present. However
; the new line character does not count into it as it is present only when
; logging to a file descriptor. It means the new line character is not present
; when logging to syslog.
; Default Value: 1024
log_limit = 4096

; Log buffering specifies if the log line is buffered which means that the
; line is written in a single write operation. If the value is false, then the
; data is written directly into the file descriptor. It is an experimental
; option that can potentionaly improve logging performance and memory usage
; for some heavy logging scenarios. This option is ignored if logging to syslog
; as it has to be always buffered.
; Default value: yes
;log_buffering = no

; If this number of child processes exit with SIGSEGV or SIGBUS within the time
; interval set by emergency_restart_interval then FPM will restart. A value
; of '0' means 'Off'.
; Default Value: 0
emergency_restart_threshold = 60

; Interval of time used by emergency_restart_interval to determine when
; a graceful restart will be initiated.  This can be useful to work around
; accidental corruptions in an accelerator's shared memory.
; Available Units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
emergency_restart_interval = 60

; Time limit for child processes to wait for a reaction on signals from master.
; Available units: s(econds), m(inutes), h(ours), or d(ays)
; Default Unit: seconds
; Default Value: 0
;process_control_timeout = 0

; The maximum number of processes FPM will fork. This has been designed to control
; the global number of processes when using dynamic PM within a lot of pools.
; Use it with caution.
; Note: A value of 0 indicates no limit
; Default Value: 0
process.max = 128

; Specify the nice(2) priority to apply to the master process (only if set)
; The value can vary from -19 (highest priority) to 20 (lowest priority)
; Note: - It will only work if the FPM master process is launched as root
;       - The pool process will inherit the master process priority
;         unless specified otherwise
; Default Value: no set
; process.priority = -19

; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
; Default Value: yes
;docker setting
daemonize = no
;daemonize = yes

; Set open file descriptor rlimit for the master process.
; Default Value: system defined value
;rlimit_files = 1024

; Set max core size rlimit for the master process.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0

; Specify the event mechanism FPM will use. The following is available:
; - select     (any POSIX os)
; - poll       (any POSIX os)
; - epoll      (linux >= 2.5.44)
; - kqueue     (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0)
; - /dev/poll  (Solaris >= 7)
; - port       (Solaris >= 10)
; Default Value: not set (auto detection)
events.mechanism = epoll

; When FPM is built with systemd integration, specify the interval,
; in seconds, between health report notification to systemd.
; Set to 0 to disable.
; Available Units: s(econds), m(inutes), h(ours)
; Default Unit: seconds
; Default value: 10
;systemd_interval = 10

;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;

; Multiple pools of child processes may be started with different listening
; ports and different management options.  The name of the pool will be
; used in logs and stats. There is no limitation on the number of pools which
; FPM can handle. Your system will tell you anyway :)

; Include one or more files. If glob(3) exists, it is used to include a bunch of
; files from a glob(3) pattern. This directive can be used everywhere in the
; file.
; Relative path can also be used. They will be prefixed by:
;  - the global prefix if it's been set (-p argument)
;  - /usr/local/php7.4.20 otherwise
include=/usr/local/php7.4.20/etc/php-fpm.d/*.conf

php_7.4_www_9999.conf

; Start a new pool named 'www'.
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here)
[www]

; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr/local/php7.4.20) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool

; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
user = nobody
group = nobody

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
;                            a specific port;
;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
;                            a specific port;
;   'port'                 - to listen on a TCP socket to all addresses
;                            (IPv6 and IPv4-mapped) on a specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 0.0.0.0:9999
;listen = 127.0.0.1:9999
;listen = /usr/local/php/etc/php-fpm.sock

; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
listen.backlog = 2000

; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
;                 mode is set to 0660
listen.owner = nobody
listen.group = nobody
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =

; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1

; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
;       - The pool processes will inherit the master process priority
;         unless it specified otherwise
; Default Value: no set
; process.priority = -19

; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
; or group is differrent than the master process user. It allows to create process
; core dump and ptrace the process for the pool user.
; Default Value: no
; process.dumpable = yes

; Choose how the process manager will control the number of child processes.
; Possible Values:
;   static  - a fixed number (pm.max_children) of child processes;
;   dynamic - the number of child processes are set dynamically based on the
;             following directives. With this process management, there will be
;             always at least 1 children.
;             pm.max_children      - the maximum number of children that can
;                                    be alive at the same time.
;             pm.start_servers     - the number of children created on startup.
;             pm.min_spare_servers - the minimum number of children in 'idle'
;                                    state (waiting to process). If the number
;                                    of 'idle' processes is less than this
;                                    number then some children will be created.
;             pm.max_spare_servers - the maximum number of children in 'idle'
;                                    state (waiting to process). If the number
;                                    of 'idle' processes is greater than this
;                                    number then some children will be killed.
;  ondemand - no children are created at startup. Children will be forked when
;             new requests will connect. The following parameter are used:
;             pm.max_children           - the maximum number of children that
;                                         can be alive at the same time.
;             pm.process_idle_timeout   - The number of seconds after which
;                                         an idle process will be killed.
; Note: This value is mandatory.
;if memery>8G then static
pm = dynamic
;pm = static

; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
;if static then memery/30M
pm.max_children = 40

; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 10

; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1

; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 10

; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;

; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 1000

; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
;   pool                 - the name of the pool;
;   process manager      - static, dynamic or ondemand;
;   start time           - the date and time FPM has started;
;   start since          - number of seconds since FPM has started;
;   accepted conn        - the number of request accepted by the pool;
;   listen queue         - the number of request in the queue of pending
;                          connections (see backlog in listen(2));
;   max listen queue     - the maximum number of requests in the queue
;                          of pending connections since FPM has started;
;   listen queue len     - the size of the socket queue of pending connections;
;   idle processes       - the number of idle processes;
;   active processes     - the number of active processes;
;   total processes      - the number of idle + active processes;
;   max active processes - the maximum number of active processes since FPM
;                          has started;
;   max children reached - number of times, the process limit has been reached,
;                          when pm tries to start more children (works only for
;                          pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
;   pool:                 www
;   process manager:      static
;   start time:           01/Jul/2011:17:53:49 +0200
;   start since:          62636
;   accepted conn:        190460
;   listen queue:         0
;   max listen queue:     1
;   listen queue len:     42
;   idle processes:       4
;   active processes:     11
;   total processes:      15
;   max active processes: 12
;   max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
;   http://www.foo.bar/status
;   http://www.foo.bar/status?json
;   http://www.foo.bar/status?html
;   http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
;   http://www.foo.bar/s