You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
591 lines
16 KiB
591 lines
16 KiB
5 years ago
|
Πανεπιστήμιο Δυτικής Αττικής
|
||
|
Τμήμα Μηχανικών Πληροφορικής και Υπολογιστών
|
||
|
|
||
|
|
||
|
|
||
|
# Υπολογιστική Νέφους και Υπηρεσίες
|
||
|
|
||
|
## Θέμα: Wordpress
|
||
|
#### Στόχος: Δημιουργία docker swarm
|
||
|
#### Υπ. Καθηγητής: Α. Αναγνωστόπουλος
|
||
|
|
||
|
| Ομάδα | AM |
|
||
|
| ---- | ---- |
|
||
|
|Οζμπούρσαλη Φωτεινή - manager | 131039 |
|
||
|
|Κερασιώτης Αθανάσιος - worker | 131113 |
|
||
|
|Αγαθαγγελίδη Αικατερίνη - worker | 151108|
|
||
|
|Μητρόπουλος Ιωάννης - worker | 151015 |
|
||
|
|
||
|
|
||
|
|
||
|
------
|
||
|
|
||
|
### 1. Χρήση παραδείγματος github
|
||
|
|
||
|
```
|
||
|
wget -r -np https://github.com/gabidavila/docker-wordpress-ssl-nginx-mysql
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
### 2. Έλεγχος swarm
|
||
|
|
||
|
*Εκτέλεση*
|
||
|
|
||
|
```
|
||
|
docker node ls
|
||
|
```
|
||
|
|
||
|
*Αποτελέσματα*
|
||
|
|
||
|
```
|
||
|
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
|
||
|
ob89puh8bz9n5cdxrsppmug2z snf-12364 Ready Active 19.03.8
|
||
|
9gx538gc60i9vzda7j5ct31al * snf-12366 Ready Active Leader 19.03.8
|
||
|
6cgh0yeqa65r53n7fabw9079f snf-12565 Ready Active 18.09.7
|
||
|
tjxyrlr4zlj6xgxcsz6gbf6s7 snf-12591 Ready Active 18.09.7
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
### 3. Δημιουργία και εκτέλεση Dockerfile
|
||
|
|
||
|
*Δημιουργία:*
|
||
|
|
||
|
```
|
||
|
# ===============================================================================
|
||
|
# Dockerfile
|
||
|
# "Wordpress + Nginx + Cached + NoDB" docker image - production ready
|
||
|
#
|
||
|
# What's it included:
|
||
|
#
|
||
|
# - php-fpm
|
||
|
# - Wordpress - build with the **latest** version
|
||
|
# - Nginx - as reverse proxy, HTTP / HTTPS enabled.
|
||
|
# - Cache - fastcgi-cache, fastcgi_cache_purge, Opcache
|
||
|
# - No DB included.
|
||
|
#
|
||
|
# Optional
|
||
|
#
|
||
|
# - Deploy `letsencrypt` SSL.
|
||
|
# - Deploy normal SSL.
|
||
|
#
|
||
|
# @link https://letsencrypt.org/ | letsencrypt
|
||
|
#
|
||
|
# It is based on Ubuntu 14.04 LTS
|
||
|
# ===============================================================================
|
||
|
|
||
|
# Set the base image to Ubuntu
|
||
|
FROM ubuntu:14.04
|
||
|
|
||
|
# File Author / Maintainer
|
||
|
MAINTAINER Lei SHI <foxshee@gmail.com>
|
||
|
|
||
|
# Default HTTP and HTTPS and MySQL ports
|
||
|
EXPOSE 80 443 3306
|
||
|
|
||
|
|
||
|
# ===============================================================================
|
||
|
# Env. Setup
|
||
|
#
|
||
|
|
||
|
# Keep upstart from complaining
|
||
|
RUN dpkg-divert --local --rename --add /sbin/initctl && \
|
||
|
ln -sf /bin/true /sbin/initctl
|
||
|
|
||
|
# Let the container know that there is no tty
|
||
|
ENV DEBIAN_FRONTEND noninteractive
|
||
|
|
||
|
# Update the repository sources list and finish upgrade
|
||
|
RUN apt-get update && apt-get -y upgrade
|
||
|
|
||
|
# ----------------------------------------------------------
|
||
|
# Dependencies
|
||
|
# ----------------------------------------------------------
|
||
|
|
||
|
# Basic Dependencies
|
||
|
#
|
||
|
# The basic dependecies includes:
|
||
|
#
|
||
|
# - PHP & fpm
|
||
|
# - MySQL client
|
||
|
# - curl
|
||
|
# - Git
|
||
|
# - pwgen - Open-Source Password Generator
|
||
|
# - python-setuptools - for `easy_install`
|
||
|
#
|
||
|
RUN apt-get install -y mysql-client-5.6 \
|
||
|
mysql-server-5.6 \
|
||
|
php5-fpm \
|
||
|
php5-mysql \
|
||
|
pwgen \
|
||
|
python-setuptools \
|
||
|
curl \
|
||
|
git \
|
||
|
unzip
|
||
|
|
||
|
|
||
|
# **Wordpress** Dependencies
|
||
|
RUN apt-get install -y php5-curl \
|
||
|
php5-gd \
|
||
|
php5-intl \
|
||
|
php-pear \
|
||
|
php5-imagick \
|
||
|
php5-imap \
|
||
|
php5-mcrypt \
|
||
|
php5-memcache \
|
||
|
php5-ming \
|
||
|
php5-ps \
|
||
|
php5-pspell \
|
||
|
php5-recode \
|
||
|
php5-sqlite \
|
||
|
php5-tidy \
|
||
|
php5-xmlrpc \
|
||
|
php5-xsl
|
||
|
|
||
|
### ---- FIX -----
|
||
|
# Fix 'add-apt-repository: not found' in Ubuntu 14.04 LTS
|
||
|
RUN apt-get -y install software-properties-common \
|
||
|
python-software-properties
|
||
|
|
||
|
|
||
|
# ----------------------------------------------------------
|
||
|
# Nginx
|
||
|
#
|
||
|
# Nginx compiled with `fastcgi_cache` and `fastcgi_cache_purge`
|
||
|
#
|
||
|
# @link https://easyengine.io/wordpress-nginx/tutorials/single-site/fastcgi-cache-with-purging/
|
||
|
# ----------------------------------------------------------
|
||
|
|
||
|
RUN add-apt-repository ppa:rtcamp/nginx && \
|
||
|
apt-get update && \
|
||
|
apt-get remove nginx* && \
|
||
|
apt-get install -y nginx-custom
|
||
|
|
||
|
############################################################
|
||
|
# Configurations
|
||
|
#
|
||
|
|
||
|
# ----------------------------------------------------------
|
||
|
# MySQL Config
|
||
|
# ----------------------------------------------------------
|
||
|
|
||
|
# RUN sed -i -e"s/^bind-address\s*=\s*127.0.0.1/bind-address = 0.0.0.0/" /etc/mysql/my.cnf
|
||
|
|
||
|
COPY config/my.cnf /etc/mysql/my.cnf
|
||
|
|
||
|
# ----------------------------------------------------------
|
||
|
# Nginx Config
|
||
|
# ----------------------------------------------------------
|
||
|
|
||
|
# Create uer for Nginx running
|
||
|
RUN adduser --system --no-create-home --shell /bin/false --group --disabled-login www-front
|
||
|
|
||
|
# Copy config files to `/etc/nginx/` folder
|
||
|
COPY config/nginx.conf /etc/nginx/nginx.conf
|
||
|
|
||
|
COPY config/nginx-site-http.conf /etc/nginx/nginx-site-http.conf
|
||
|
COPY config/nginx-site-https.conf /etc/nginx/nginx-site-https.conf
|
||
|
# Default **site** config - HTTP
|
||
|
# Later if need to enforce SSL, use `nginx-site-http.conf` instead.
|
||
|
COPY config/nginx-site-http.conf /etc/nginx/sites-available/default
|
||
|
|
||
|
COPY config/nginx-ssl.conf /etc/nginx/ssl-template.conf
|
||
|
COPY config/nginx-restrictions.conf /etc/nginx/restrictions.conf
|
||
|
|
||
|
|
||
|
# ----------------------------------------------------------
|
||
|
# PHP-fpm Config
|
||
|
# ----------------------------------------------------------
|
||
|
|
||
|
RUN sed -i -e "s/;cgi.fix_pathinfo\s*=\s*1/cgi.fix_pathinfo = 0/g; s/expose_php\s*=\s*On/expose_php = Off/g" \
|
||
|
/etc/php5/fpm/php.ini
|
||
|
RUN sed -i -e "s/expose_php\s*=\s*On/expose_php = Off/g" /etc/php5/fpm/php.ini
|
||
|
RUN sed -i -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g; s/post_max_size\s*=\s*8M/post_max_size = 100M/g" \
|
||
|
/etc/php5/fpm/php.ini
|
||
|
#RUN sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" /etc/php5/fpm/php.ini
|
||
|
|
||
|
RUN sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php5/fpm/php-fpm.conf
|
||
|
|
||
|
RUN sed -i -e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g; s/listen\s*=\s*\/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g; s/;listen.allowed_clients\s*=\s*127.0.0.1/listen.allowed_clients = 127.0.0.1/g" \
|
||
|
/etc/php5/fpm/pool.d/www.conf
|
||
|
#RUN sed -i -e "s/listen\s*=\s*\/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g" /etc/php5/fpm/pool.d/www.conf
|
||
|
#RUN sed -i -e "s/;listen.allowed_clients\s*=\s*127.0.0.1/listen.allowed_clients = 127.0.0.1/g" /etc/php5/fpm/pool.d/www.conf
|
||
|
|
||
|
|
||
|
# ----------------------------------------------------------
|
||
|
# Opcode Config
|
||
|
# ----------------------------------------------------------
|
||
|
|
||
|
RUN sed -i -e"s/^;opcache.enable\s*=\s*0/opcache.enable = 1/; s/^;opcache.max_accelerated_files\s*=\s*2000/opcache.max_accelerated_files = 4000/" /etc/php5/fpm/php.ini
|
||
|
#RUN sed -i -e"s/^;opcache.max_accelerated_files\s*=\s*2000/opcache.max_accelerated_files = 4000/" /etc/php5/fpm/php.ini
|
||
|
|
||
|
|
||
|
# ===============================================================================
|
||
|
# Install & Config Supervisor
|
||
|
#
|
||
|
# Supervisor is a process manager which makes managing a number of long-running programs a trivial task
|
||
|
# by providing a consistent interface through which they can be monitored and controlled.
|
||
|
#
|
||
|
# it uses `easy_install` (from `python-setuptools`) to install **supervisor**.
|
||
|
#
|
||
|
# @link http://supervisord.org/#
|
||
|
#
|
||
|
|
||
|
RUN /usr/bin/easy_install supervisor && \
|
||
|
/usr/bin/easy_install supervisor-stdout
|
||
|
COPY config/supervisord.conf /etc/supervisord.conf
|
||
|
|
||
|
|
||
|
|
||
|
# ===============================================================================
|
||
|
# Install Wordpress
|
||
|
#
|
||
|
|
||
|
# Get the code of **latest** version.
|
||
|
RUN cd /usr/share/nginx/ && \
|
||
|
curl -o wp-latest.tar.gz https://wordpress.org/latest.tar.gz && \
|
||
|
tar -xvf wp-latest.tar.gz && \
|
||
|
rm wp-latest.tar.gz
|
||
|
|
||
|
# Target **webroot** - `/usr/share/nginx/www`
|
||
|
RUN rm -rf /usr/share/nginx/www && \
|
||
|
mv /usr/share/nginx/wordpress /usr/share/nginx/www && \
|
||
|
chown -R www-data:www-data /usr/share/nginx/www
|
||
|
|
||
|
|
||
|
|
||
|
# ===============================================================================
|
||
|
# System Initialization
|
||
|
#
|
||
|
|
||
|
## Copy the **pre-defined** bash script
|
||
|
COPY bash/init.sh /init.sh
|
||
|
## Modify the permisison - make sure they are excuatable
|
||
|
RUN chmod 755 /init.sh
|
||
|
|
||
|
# Set up default CMD
|
||
|
CMD ["/bin/bash", "/init.sh"]
|
||
|
|
||
|
# ===============================================================================
|
||
|
# Copy "optional" scripts
|
||
|
#
|
||
|
# Under `/addon` folder.
|
||
|
#
|
||
|
|
||
|
# `letsencrypt` SSL related
|
||
|
# @link https://letsencrypt.org/ | letsencrypt
|
||
|
COPY bash/ssl-letsencrypt.sh /addon/letsencrypt/ssl-letsencrypt.sh
|
||
|
|
||
|
# Normal SSL related
|
||
|
COPY bash/ssl.sh /addon/ssl.sh
|
||
|
|
||
|
# Install WP plugins
|
||
|
COPY bash/wp-install-plugins.sh /addon/wp-install-plugins.sh
|
||
|
|
||
|
|
||
|
# ===============================================================================
|
||
|
# Volume Mounting
|
||
|
#
|
||
|
# - Wprdpress webroot
|
||
|
# - Log
|
||
|
#
|
||
|
|
||
|
# Mount the volumns
|
||
|
VOLUME ["/var/lib/mysql", "/usr/share/nginx/www", "/var/log"]
|
||
|
|
||
|
|
||
|
```
|
||
|
*Εκτέλεση:*
|
||
|
|
||
|
```
|
||
|
chmod +x ./Dockerfile
|
||
|
./Dockerfile
|
||
|
docker images
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
### 4. Δημιουργία docker-compose.yml
|
||
|
|
||
|
|
||
|
```
|
||
|
version: '3.7'
|
||
|
|
||
|
services:
|
||
|
db:
|
||
|
image: mariadb
|
||
|
volumes:
|
||
|
- db_data:/var/lib/mysql
|
||
|
ports:
|
||
|
- "3306:3306"
|
||
|
networks:
|
||
|
- wp-net
|
||
|
restart: always
|
||
|
environment:
|
||
|
MYSQL_ROOT_PASSWORD: wordpress
|
||
|
MYSQL_DATABASE: wordpress
|
||
|
MYSQL_USER: wordpress
|
||
|
MYSQL_PASSWORD: wordpress
|
||
|
deploy:
|
||
|
placement:
|
||
|
constraints: [node.role == worker]
|
||
|
replicas: 1
|
||
|
update_config:
|
||
|
delay: 10s
|
||
|
restart_policy:
|
||
|
condition: on-failure
|
||
|
|
||
|
wordpress:
|
||
|
depends_on:
|
||
|
- db
|
||
|
image: wordpress:latest
|
||
|
ports:
|
||
|
- "9000:80"
|
||
|
restart: always
|
||
|
environment:
|
||
|
WORDPRESS_DB_HOST: db:3306
|
||
|
WORDPRESS_DB_USER: wordpress
|
||
|
WORDPRESS_DB_PASSWORD: wordpress
|
||
|
WORDPRESS_DB_NAME: wordpress
|
||
|
volumes:
|
||
|
- wordpress:/var/www/html
|
||
|
networks:
|
||
|
- wp-net
|
||
|
deploy:
|
||
|
placement:
|
||
|
constraints: [node.role == worker]
|
||
|
replicas: 1
|
||
|
resources:
|
||
|
limits: #max resources
|
||
|
cpus: '0.50'
|
||
|
memory: 50M
|
||
|
reservations: #default resources
|
||
|
cpus: '0.25'
|
||
|
memory: 20M
|
||
|
update_config:
|
||
|
delay: 10s
|
||
|
restart_policy:
|
||
|
condition: on-failure
|
||
|
|
||
|
|
||
|
nginx:
|
||
|
image: nginx
|
||
|
ports:
|
||
|
- 80:80
|
||
|
- 443:443
|
||
|
volumes:
|
||
|
- wordpress:/var/www/html
|
||
|
- ./nginx.conf:/etc/nginx/conf.conf
|
||
|
depends_on:
|
||
|
- wordpress
|
||
|
networks:
|
||
|
- wp-net
|
||
|
deploy:
|
||
|
mode: replicated
|
||
|
replicas: 1
|
||
|
restart_policy:
|
||
|
condition: on-failure
|
||
|
|
||
|
minio1:
|
||
|
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
|
||
|
hostname: minio1
|
||
|
volumes:
|
||
|
- minio1-data:/export
|
||
|
ports:
|
||
|
- "9005:9000"
|
||
|
networks:
|
||
|
- minio_distributed
|
||
|
deploy:
|
||
|
restart_policy:
|
||
|
delay: 10s
|
||
|
max_attempts: 10
|
||
|
window: 60s
|
||
|
placement:
|
||
|
constraints:
|
||
|
- node.labels.minio1==true
|
||
|
command: server http://minio{1...4}/export
|
||
|
secrets:
|
||
|
- secret_key
|
||
|
- access_key
|
||
|
healthcheck:
|
||
|
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
|
||
|
interval: 30s
|
||
|
timeout: 20s
|
||
|
retries: 3
|
||
|
|
||
|
minio2:
|
||
|
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
|
||
|
hostname: minio2
|
||
|
volumes:
|
||
|
- minio2-data:/export
|
||
|
ports:
|
||
|
- "9006:9000"
|
||
|
networks:
|
||
|
- minio_distributed
|
||
|
deploy:
|
||
|
restart_policy:
|
||
|
delay: 10s
|
||
|
max_attempts: 10
|
||
|
window: 60s
|
||
|
placement:
|
||
|
constraints:
|
||
|
- node.labels.minio2==true
|
||
|
command: server http://minio{1...4}/export
|
||
|
secrets:
|
||
|
- secret_key
|
||
|
- access_key
|
||
|
healthcheck:
|
||
|
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
|
||
|
interval: 30s
|
||
|
timeout: 20s
|
||
|
retries: 3
|
||
|
|
||
|
minio3:
|
||
|
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
|
||
|
hostname: minio3
|
||
|
volumes:
|
||
|
- minio3-data:/export
|
||
|
ports:
|
||
|
- "9007:9000"
|
||
|
networks:
|
||
|
- minio_distributed
|
||
|
deploy:
|
||
|
restart_policy:
|
||
|
delay: 10s
|
||
|
max_attempts: 10
|
||
|
window: 60s
|
||
|
placement:
|
||
|
constraints:
|
||
|
- node.labels.minio3==true
|
||
|
command: server http://minio{1...4}/export
|
||
|
secrets:
|
||
|
- secret_key
|
||
|
- access_key
|
||
|
healthcheck:
|
||
|
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
|
||
|
interval: 30s
|
||
|
timeout: 20s
|
||
|
retries: 3
|
||
|
|
||
|
minio4:
|
||
|
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
|
||
|
hostname: minio4
|
||
|
volumes:
|
||
|
- minio4-data:/export
|
||
|
ports:
|
||
|
- "9008:9000"
|
||
|
networks:
|
||
|
- minio_distributed
|
||
|
deploy:
|
||
|
restart_policy:
|
||
|
delay: 10s
|
||
|
max_attempts: 10
|
||
|
window: 60s
|
||
|
placement:
|
||
|
constraints:
|
||
|
- node.labels.minio4==true
|
||
|
command: server http://minio{1...4}/export
|
||
|
secrets:
|
||
|
- secret_key
|
||
|
- access_key
|
||
|
healthcheck:
|
||
|
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
|
||
|
interval: 30s
|
||
|
timeout: 20s
|
||
|
retries: 3
|
||
|
|
||
|
volumes:
|
||
|
minio1-data:
|
||
|
|
||
|
minio2-data:
|
||
|
|
||
|
minio3-data:
|
||
|
|
||
|
minio4-data:
|
||
|
|
||
|
db_data:
|
||
|
wordpress:
|
||
|
|
||
|
networks:
|
||
|
wp-net:
|
||
|
minio_distributed:
|
||
|
driver: overlay
|
||
|
|
||
|
secrets:
|
||
|
secret_key:
|
||
|
external: true
|
||
|
access_key:
|
||
|
external: true
|
||
|
|
||
|
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
### 5. Swarm deploy
|
||
|
|
||
|
```
|
||
|
docker stack deploy -c docker-compose.yml wordpress
|
||
|
docker service ls
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
*Αποτελέσματα*
|
||
|
|
||
|
```
|
||
|
vihqdyawjc10 nefos_db replicated 1/1 mariadb:latest *:3306->3306/tcp
|
||
|
y7nbv60la2sg nefos_minio1 replicated 1/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9005->9000/tcp
|
||
|
0bcjccvpagd2 nefos_minio2 replicated 1/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9006->9000/tcp
|
||
|
17vpuld32qui nefos_minio3 replicated 0/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9007->9000/tcp
|
||
|
0mbyzsuq5gvq nefos_minio4 replicated 0/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9008->9000/tcp
|
||
|
8izloz68b9ky nefos_nginx replicated 1/1 nginx:latest *:80->80/tcp, *:443->443/tcp
|
||
|
2cbg82sytzbg nefos_wordpress replicated 1/1 wordpress:latest *:9000->80/tcp
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
### 6. Nginx configuration
|
||
|
|
||
|
```
|
||
|
server {
|
||
|
listen 80;
|
||
|
server_name localhost;
|
||
|
|
||
|
root /var/www/html;
|
||
|
index index.php;
|
||
|
|
||
|
access_log /var/log/nginx/wordpress-access.log;
|
||
|
error_log /var/log/nginx/wordpress-error.log;
|
||
|
|
||
|
location / {
|
||
|
try_files $uri $uri/ /index.php?$args;
|
||
|
}
|
||
|
|
||
|
location ~ \.php$ {
|
||
|
try_files $uri =404;
|
||
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||
|
fastcgi_pass wordpress:9000;
|
||
|
fastcgi_index index.php;
|
||
|
include fastcgi_params;
|
||
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||
|
}
|
||
|
}
|
||
|
```
|
||
|
|
||
|
|
||
|
|
||
|
### 7. Update Minio nodes
|
||
|
|
||
|
```
|
||
|
docker node update --label-add minio1=true snf-12364
|
||
|
docker node update --label-add minio2=true snf-12366
|
||
|
docker node update --label-add minio3=true snf-12565
|
||
|
docker node update --label-add minio4=true snf-12591
|
||
|
docker node update --label-add group=minio snf-12364
|
||
|
docker node update --label-add group=minio snf-12565
|
||
|
```
|
||
|
|