我是 Docker 的新手,面临着数天的问题,我不知道该如何管理。这是情况;
我在运行这样的服务(例如apache2和mysql和...)的vps服务器中有一个sudoer用户,并且还提供了一些我不希望通过升级或更改php版本或将Web服务器从apache更改为服务来伤害他们的应用程序nginx。
我想在docker中提供laravel应用程序,并在位于docker-compose.prod.yml的项目根文件夹中构建了此/home/myUser/www/laravelProject文件(包含laravel应用程序):
version : '3'
networks:
laravel:
volumes :
dbdata:
driver: local
services:
nginx:
image : nginx:stable-alpine
container_name: nginx
ports :
- "8080:80"
volumes :
- ./:/var/www/html ## i think it would make sens if i do like ./:/home/myuser/www/laravelProject ???!!!
- ./nginx/default.prod.conf:/etc/nginx/conf.d/default.conf
depends_on :
- php
- mysql
- redis
- artisan
networks :
- laravel
mysql :
image : mysql:5.7.29
container_name: mysql
restart : unless-stopped
tty : true
ports :
- "4406:3306"
environment :
MYSQL_DATABASE : ${DB_DATABASE}
MYSQL_USER : ${DB_USERNAME}
MYSQL_PASSWORD : ${DB_PASSWORD}
MYSQL_ROOT_PASSWORD: ${DB_PASSWORD}
SERVICE_TAGS : dev
SERVICE_NAME : mysql
volumes :
- dbdata:/var/lib/mysql
- ./mysql/my.cnf:/etc/mysql/my.cnf
networks :
- laravel
php :
build :
context : .
dockerfile: php.prod.dockerFile
container_name: php
volumes :
- ./:/var/www/html
ports :
- "9000:9000"
networks :
- laravel
artisan :
build :
context : .
dockerfile: php.dockerfile
container_name: artisan
volumes :
- ./:/var/www/html
depends_on :
- mysql
working_dir : /var/www/html
entrypoint : ['php', '/var/www/html/artisan']
networks :
- laravel
redis :
container_name: redis
image : redis
ports :
- "6379:6379"
volumes :
- ./:/data
entrypoint : redis-server --appendonly yes
restart : always
networks :
- laravel
对不起,我想我错过了Tab和空格。但是,这是我的php.prod.dockerfile
FROM php:7.4-fpm-alpine
WORKDIR /home/www/html // again it's not supposed to be /home/myUser/www/project ???!!!
RUN docker-php-ext-install pdo pdo_mysql
RUN chown -R www-data:www-data /var/www // i don't really have any sense why i'm doing this !!
我使用命令成功构建了容器(在我的项目根目录中):
docker-compose -f docker-compose.prod.yml up -d --build
,默认.prod.nginx文件是:
server {
listen 80;
index index.php index.html;
server_name api.myUser.com www.api.myUser.com;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html/public;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
不幸的是,当我尝试到达端点api.myUser.com:8080时
This site can’t be reached
http://api.myUser.com:8080/ is unreachable.
ERR_ADDRESS_UNREACHABLE
我想念什么? (对不起,我的英语)
编辑:这是docker-compose up --build
的输出Creating network "kooche-mobl_laravel" with the default driver
Building php
Step 1/4 : FROM php:7.4-fpm-alpine
---> f9f075c5a926
Step 2/4 : WORKDIR /var/www/html
---> Using cache
---> 5478beb70e23
Step 3/4 : RUN docker-php-ext-install pdo pdo_mysql
---> Using cache
---> 049d5b4134d8
Step 4/4 : RUN chown -R www-data:www-data /var/www
---> Using cache
---> b697f0fb62a1
Successfully built b697f0fb62a1
Successfully tagged kooche-mobl_php:latest
Building artisan
Step 1/4 : FROM php:7.4-fpm-alpine
---> f9f075c5a926
Step 2/4 : WORKDIR /var/www/html
---> Using cache
---> 5478beb70e23
Step 3/4 : RUN docker-php-ext-install pdo pdo_mysql
---> Using cache
---> 049d5b4134d8
Step 4/4 : RUN chown -R www-data:www-data /var/www
---> Using cache
---> b697f0fb62a1
Successfully built b697f0fb62a1
Successfully tagged kooche-mobl_artisan:latest
Creating redis ... done
Creating mysql ... done
Creating php ... done
Creating artisan ... done
Creating nginx ... done
Attaching to redis, php, mysql, artisan, nginx
mysql | 2020-09-04 06:46:10+00:00 [Note] [Entrypoint]:Entrypoint script for MySQL Server 5.7.29-1debian10 started.
mysql | 2020-09-04 06:46:10+00:00 [Note] [Entrypoint]:Switching to dedicated user 'mysql'
mysql | 2020-09-04 06:46:10+00:00 [Note] [Entrypoint]:Entrypoint script for MySQL Server 5.7.29-1debian10 started.
mysql | 2020-09-04T06:46:11.850419Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use -- explicit_defaults_for_timestamp server option (see documentation for more details).
mysql | 2020-09-04T06:46:11.857132Z 0 [Note] mysqld (mysqld 5.7.29-log) starting as process 1 ...
mysql | 2020-09-04T06:46:11.866317Z 0 [Note] InnoDB: PUNCH HOLE support available
mysql | 2020-09-04T06:46:11.866418Z 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
mysql | 2020-09-04T06:46:11.866455Z 0 [Note] InnoDB: Uses event mutexes
mysql | 2020-09-04T06:46:11.866506Z 0 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
mysql | 2020-09-04T06:46:11.866533Z 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
mysql | 2020-09-04T06:46:11.866578Z 0 [Note] InnoDB: Using Linux native AIO
mysql | 2020-09-04T06:46:11.868019Z 0 [Note] InnoDB: Number of pools: 1
mysql | 2020-09-04T06:46:11.868769Z 0 [Note] InnoDB: Using CPU crc32 instructions
mysql | 2020-09-04T06:46:11.876267Z 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
mysql | 2020-09-04T06:46:11.918223Z 0 [Note] InnoDB: Completed initialization of buffer pool
mysql | 2020-09-04T06:46:11.936304Z 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
mysql | 2020-09-04T06:46:11.955456Z 0 [Note] InnoDB: Highest supported file format is Barracuda.
mysql | 2020-09-04T06:46:12.004799Z 0 [Note] InnoDB: Creating shared tablespace for temporary tables
mysql | 2020-09-04T06:46:12.004958Z 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
mysql | 2020-09-04T06:46:12.055925Z 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
mysql | 2020-09-04T06:46:12.058036Z 0 [Note] InnoDB: 96 redo
rollback segment(s) found. 96 redo rollback segment(s) are active.
mysql | 2020-09-04T06:46:12.058061Z 0 [Note] InnoDB: 32 non-redo rollback segment(s) are active.
mysql | 2020-09-04T06:46:12.059038Z 0 [Note] InnoDB: Waiting for purge to start
mysql | 2020-09-04T06:46:12.109390Z 0 [Note] InnoDB: 5.7.29 started; log sequence number 12758905
mysql | 2020-09-04T06:46:12.110224Z 0 [Note] Plugin 'FEDERATED' is disabled.
mysql | 2020-09-04T06:46:12.115113Z 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
mysql | 2020-09-04T06:46:12.126409Z 0 [Note] InnoDB: Buffer pool(s) load completed at 200904 6:46:12
mysql | 2020-09-04T06:46:12.137920Z 0 [Note] Found ca.pem, server-cert.pem and server-key.pem in data directory. Trying to enable SSL support using them.
mysql | 2020-09-04T06:46:12.138013Z 0 [Note] Skipping generation of SSL certificates as certificate files are present in data directory.
mysql | 2020-09-04T06:46:12.139676Z 0 [Warning] CA certificate ca.pem is self signed.
mysql | 2020-09-04T06:46:12.139893Z 0 [Note] Skipping generation of RSA key pair as key files are present in data directory.
mysql | 2020-09-04T06:46:12.141123Z 0 [Note] Server hostname (bind-address): '*'; port: 3306
mysql | 2020-09-04T06:46:12.141277Z 0 [Note] IPv6 is available.
mysql | 2020-09-04T06:46:12.141345Z 0 [Note] - '::' resolves to '::';
mysql | 2020-09-04T06:46:12.141398Z 0 [Note] Server socket created on IP: '::'.
mysql | 2020-09-04T06:46:12.168549Z 0 [Note] Event Scheduler: Loaded 0 events
mysql | 2020-09-04T06:46:12.169118Z 0 [Note] mysqld: ready for connections.
mysql | Version: '5.7.29-log' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server (GPL)
nginx | /docker-entrypoint.sh: /docker-entrypoint.d/ is not
empty, will attempt to perform configuration
nginx | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
nginx | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
php | [04-Sep-2020 06:46:10] NOTICE: fpm is running, pid 1
php | [04-Sep-2020 06:46:10] NOTICE: ready to handle connections
nginx | 10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
redis | 1:C 04 Sep 2020 06:46:10.064 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
redis | 1:C 04 Sep 2020 06:46:10.064 # Redis version=6.0.6, bits=64, commit=00000000, modified=0, pid=1, just started
redis | 1:C 04 Sep 2020 06:46:10.064 # Configuration loaded
redis | 1:M 04 Sep 2020 06:46:10.068 * Running mode=standalone, port=6379.
redis | 1:M 04 Sep 2020 06:46:10.068 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
redis | 1:M 04 Sep 2020 06:46:10.068 # Server initialized
redis | 1:M 04 Sep 2020 06:46:10.068 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
redis | 1:M 04 Sep 2020 06:46:10.070 * Ready to accept connections
nginx | 10-listen-on-ipv6-by-default.sh: error:
/etc/nginx/conf.d/default.conf differs from the packages version
nginx | /docker-entrypoint.sh: Launching /docker-
entrypoint.d/20-envsubst-on-templates.sh
nginx | /docker-entrypoint.sh: Configuration complete; ready
for start up
我在netstat -tulnp | grep 8080上也有这行
tcp6 0 0 :::8080 :::* LISTEN 16093/docker-proxy
编辑2:
以及有关防火墙(iptables)的信息
cat /etc/sysconfig/iptables |grep ACCEPT
它的输出
:PREROUTING ACCEPT [884:49904]
:INPUT ACCEPT [262:14960]
:OUTPUT ACCEPT [60:4106]
:POSTROUTING ACCEPT [77:5110]
:INPUT ACCEPT [247:22593]
:OUTPUT ACCEPT [199:50843]
-A INPUT -p tcp -m tcp --dport 8090 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
-A FORWARD -p tcp -m tcp --dport 8090 -j ACCEPT
-A FORWARD -p tcp -m tcp --dport 8080 -j ACCEPT
-A FORWARD -o br-4a4e80432e3f -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br-4a4e80432e3f ! -o br-4a4e80432e3f -j ACCEPT
-A FORWARD -i br-4a4e80432e3f -o br-4a4e80432e3f -j ACCEPT
-A FORWARD -o br-8e73d0dbe1df -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br-8e73d0dbe1df ! -o br-8e73d0dbe1df -j ACCEPT
-A FORWARD -i br-8e73d0dbe1df -o br-8e73d0dbe1df -j ACCEPT
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 209 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --gid-owner 12 -j ACCEPT
-A OUTPUT -d 127.0.0.1/32 -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 201 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 25,465,587 -m owner --uid-owner 0 -j ACCEPT
-A DOCKER -d 192.168.32.2/32 ! -i br-4a4e80432e3f -o br-4a4e80432e3f
-p tcp -m tcp --dport 3306 -j ACCEPT
-A DOCKER -d 192.168.32.3/32 ! -i br-4a4e80432e3f -o br-4a4e80432e3f
-p tcp -m tcp --dport 9000 -j ACCEPT
-A DOCKER -d 192.168.32.4/32 ! -i br-4a4e80432e3f -o br-4a4e80432e3f
-p tcp -m tcp --dport 6379 -j ACCEPT
-A DOCKER -d 192.168.32.6/32 ! -i br-4a4e80432e3f -o br-4a4e80432e3f
-p tcp -m tcp --dport 80 -j ACCEPT
我认为这还可以,但是当我尝试telnet myPort 8080
说:
telnet: Unable to connect to remote host: No route to host