You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15 KiB
15 KiB
Υπολογιστική Νέφους και Υπηρεσίες
Θέμα: Wordpress
Στόχος: Δημιουργία docker swarm
| Ομάδα | AM |
|---|---|
| manager | 131039 |
| worker | 131113 |
| worker | 151108 |
| worker | 151015 |
1. Χρήση παραδείγματος github
wget -r -np https://github.com/gabidavila/docker-wordpress-ssl-nginx-mysql
2. Έλεγχος swarm
Εκτέλεση
docker node ls
Αποτελέσματα
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
ob89puh8bz9n5cdxrsppmug2z snf-12364 Ready Active 19.03.8
9gx538gc60i9vzda7j5ct31al * snf-12366 Ready Active Leader 19.03.8
6cgh0yeqa65r53n7fabw9079f snf-12565 Ready Active 18.09.7
tjxyrlr4zlj6xgxcsz6gbf6s7 snf-12591 Ready Active 18.09.7
3. Δημιουργία και εκτέλεση Dockerfile
Δημιουργία:
# ===============================================================================
# Dockerfile
# "Wordpress + Nginx + Cached + NoDB" docker image - production ready
#
# What's it included:
#
# - php-fpm
# - Wordpress - build with the **latest** version
# - Nginx - as reverse proxy, HTTP / HTTPS enabled.
# - Cache - fastcgi-cache, fastcgi_cache_purge, Opcache
# - No DB included.
#
# Optional
#
# - Deploy `letsencrypt` SSL.
# - Deploy normal SSL.
#
# @link https://letsencrypt.org/ | letsencrypt
#
# It is based on Ubuntu 14.04 LTS
# ===============================================================================
# Set the base image to Ubuntu
FROM ubuntu:14.04
# File Author / Maintainer
MAINTAINER Lei SHI <foxshee@gmail.com>
# Default HTTP and HTTPS and MySQL ports
EXPOSE 80 443 3306
# ===============================================================================
# Env. Setup
#
# Keep upstart from complaining
RUN dpkg-divert --local --rename --add /sbin/initctl && \
ln -sf /bin/true /sbin/initctl
# Let the container know that there is no tty
ENV DEBIAN_FRONTEND noninteractive
# Update the repository sources list and finish upgrade
RUN apt-get update && apt-get -y upgrade
# ----------------------------------------------------------
# Dependencies
# ----------------------------------------------------------
# Basic Dependencies
#
# The basic dependecies includes:
#
# - PHP & fpm
# - MySQL client
# - curl
# - Git
# - pwgen - Open-Source Password Generator
# - python-setuptools - for `easy_install`
#
RUN apt-get install -y mysql-client-5.6 \
mysql-server-5.6 \
php5-fpm \
php5-mysql \
pwgen \
python-setuptools \
curl \
git \
unzip
# **Wordpress** Dependencies
RUN apt-get install -y php5-curl \
php5-gd \
php5-intl \
php-pear \
php5-imagick \
php5-imap \
php5-mcrypt \
php5-memcache \
php5-ming \
php5-ps \
php5-pspell \
php5-recode \
php5-sqlite \
php5-tidy \
php5-xmlrpc \
php5-xsl
### ---- FIX -----
# Fix 'add-apt-repository: not found' in Ubuntu 14.04 LTS
RUN apt-get -y install software-properties-common \
python-software-properties
# ----------------------------------------------------------
# Nginx
#
# Nginx compiled with `fastcgi_cache` and `fastcgi_cache_purge`
#
# @link https://easyengine.io/wordpress-nginx/tutorials/single-site/fastcgi-cache-with-purging/
# ----------------------------------------------------------
RUN add-apt-repository ppa:rtcamp/nginx && \
apt-get update && \
apt-get remove nginx* && \
apt-get install -y nginx-custom
############################################################
# Configurations
#
# ----------------------------------------------------------
# MySQL Config
# ----------------------------------------------------------
# RUN sed -i -e"s/^bind-address\s*=\s*127.0.0.1/bind-address = 0.0.0.0/" /etc/mysql/my.cnf
COPY config/my.cnf /etc/mysql/my.cnf
# ----------------------------------------------------------
# Nginx Config
# ----------------------------------------------------------
# Create uer for Nginx running
RUN adduser --system --no-create-home --shell /bin/false --group --disabled-login www-front
# Copy config files to `/etc/nginx/` folder
COPY config/nginx.conf /etc/nginx/nginx.conf
COPY config/nginx-site-http.conf /etc/nginx/nginx-site-http.conf
COPY config/nginx-site-https.conf /etc/nginx/nginx-site-https.conf
# Default **site** config - HTTP
# Later if need to enforce SSL, use `nginx-site-http.conf` instead.
COPY config/nginx-site-http.conf /etc/nginx/sites-available/default
COPY config/nginx-ssl.conf /etc/nginx/ssl-template.conf
COPY config/nginx-restrictions.conf /etc/nginx/restrictions.conf
# ----------------------------------------------------------
# PHP-fpm Config
# ----------------------------------------------------------
RUN sed -i -e "s/;cgi.fix_pathinfo\s*=\s*1/cgi.fix_pathinfo = 0/g; s/expose_php\s*=\s*On/expose_php = Off/g" \
/etc/php5/fpm/php.ini
RUN sed -i -e "s/expose_php\s*=\s*On/expose_php = Off/g" /etc/php5/fpm/php.ini
RUN sed -i -e "s/upload_max_filesize\s*=\s*2M/upload_max_filesize = 100M/g; s/post_max_size\s*=\s*8M/post_max_size = 100M/g" \
/etc/php5/fpm/php.ini
#RUN sed -i -e "s/post_max_size\s*=\s*8M/post_max_size = 100M/g" /etc/php5/fpm/php.ini
RUN sed -i -e "s/;daemonize\s*=\s*yes/daemonize = no/g" /etc/php5/fpm/php-fpm.conf
RUN sed -i -e "s/;catch_workers_output\s*=\s*yes/catch_workers_output = yes/g; s/listen\s*=\s*\/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g; s/;listen.allowed_clients\s*=\s*127.0.0.1/listen.allowed_clients = 127.0.0.1/g" \
/etc/php5/fpm/pool.d/www.conf
#RUN sed -i -e "s/listen\s*=\s*\/var\/run\/php5-fpm.sock/listen = 127.0.0.1:9000/g" /etc/php5/fpm/pool.d/www.conf
#RUN sed -i -e "s/;listen.allowed_clients\s*=\s*127.0.0.1/listen.allowed_clients = 127.0.0.1/g" /etc/php5/fpm/pool.d/www.conf
# ----------------------------------------------------------
# Opcode Config
# ----------------------------------------------------------
RUN sed -i -e"s/^;opcache.enable\s*=\s*0/opcache.enable = 1/; s/^;opcache.max_accelerated_files\s*=\s*2000/opcache.max_accelerated_files = 4000/" /etc/php5/fpm/php.ini
#RUN sed -i -e"s/^;opcache.max_accelerated_files\s*=\s*2000/opcache.max_accelerated_files = 4000/" /etc/php5/fpm/php.ini
# ===============================================================================
# Install & Config Supervisor
#
# Supervisor is a process manager which makes managing a number of long-running programs a trivial task
# by providing a consistent interface through which they can be monitored and controlled.
#
# it uses `easy_install` (from `python-setuptools`) to install **supervisor**.
#
# @link http://supervisord.org/#
#
RUN /usr/bin/easy_install supervisor && \
/usr/bin/easy_install supervisor-stdout
COPY config/supervisord.conf /etc/supervisord.conf
# ===============================================================================
# Install Wordpress
#
# Get the code of **latest** version.
RUN cd /usr/share/nginx/ && \
curl -o wp-latest.tar.gz https://wordpress.org/latest.tar.gz && \
tar -xvf wp-latest.tar.gz && \
rm wp-latest.tar.gz
# Target **webroot** - `/usr/share/nginx/www`
RUN rm -rf /usr/share/nginx/www && \
mv /usr/share/nginx/wordpress /usr/share/nginx/www && \
chown -R www-data:www-data /usr/share/nginx/www
# ===============================================================================
# System Initialization
#
## Copy the **pre-defined** bash script
COPY bash/init.sh /init.sh
## Modify the permisison - make sure they are excuatable
RUN chmod 755 /init.sh
# Set up default CMD
CMD ["/bin/bash", "/init.sh"]
# ===============================================================================
# Copy "optional" scripts
#
# Under `/addon` folder.
#
# `letsencrypt` SSL related
# @link https://letsencrypt.org/ | letsencrypt
COPY bash/ssl-letsencrypt.sh /addon/letsencrypt/ssl-letsencrypt.sh
# Normal SSL related
COPY bash/ssl.sh /addon/ssl.sh
# Install WP plugins
COPY bash/wp-install-plugins.sh /addon/wp-install-plugins.sh
# ===============================================================================
# Volume Mounting
#
# - Wprdpress webroot
# - Log
#
# Mount the volumns
VOLUME ["/var/lib/mysql", "/usr/share/nginx/www", "/var/log"]
Εκτέλεση:
chmod +x ./Dockerfile
./Dockerfile
docker images
4. Δημιουργία docker-compose.yml
version: '3.7'
services:
db:
image: mariadb
volumes:
- db_data:/var/lib/mysql
ports:
- "3306:3306"
networks:
- wp-net
restart: always
environment:
MYSQL_ROOT_PASSWORD: wordpress
MYSQL_DATABASE: wordpress
MYSQL_USER: wordpress
MYSQL_PASSWORD: wordpress
deploy:
placement:
constraints: [node.role == worker]
replicas: 1
update_config:
delay: 10s
restart_policy:
condition: on-failure
wordpress:
depends_on:
- db
image: wordpress:latest
ports:
- "9000:80"
restart: always
environment:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
WORDPRESS_DB_NAME: wordpress
volumes:
- wordpress:/var/www/html
networks:
- wp-net
deploy:
placement:
constraints: [node.role == worker]
replicas: 1
resources:
limits: #max resources
cpus: '0.50'
memory: 50M
reservations: #default resources
cpus: '0.25'
memory: 20M
update_config:
delay: 10s
restart_policy:
condition: on-failure
nginx:
image: nginx
ports:
- 80:80
- 443:443
volumes:
- wordpress:/var/www/html
- ./nginx.conf:/etc/nginx/conf.conf
depends_on:
- wordpress
networks:
- wp-net
deploy:
mode: replicated
replicas: 1
restart_policy:
condition: on-failure
minio1:
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
hostname: minio1
volumes:
- minio1-data:/export
ports:
- "9005:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
placement:
constraints:
- node.labels.minio1==true
command: server http://minio{1...4}/export
secrets:
- secret_key
- access_key
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
minio2:
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
hostname: minio2
volumes:
- minio2-data:/export
ports:
- "9006:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
placement:
constraints:
- node.labels.minio2==true
command: server http://minio{1...4}/export
secrets:
- secret_key
- access_key
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
minio3:
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
hostname: minio3
volumes:
- minio3-data:/export
ports:
- "9007:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
placement:
constraints:
- node.labels.minio3==true
command: server http://minio{1...4}/export
secrets:
- secret_key
- access_key
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
minio4:
image: minio/minio:RELEASE.2020-06-03T22-13-49Z
hostname: minio4
volumes:
- minio4-data:/export
ports:
- "9008:9000"
networks:
- minio_distributed
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
placement:
constraints:
- node.labels.minio4==true
command: server http://minio{1...4}/export
secrets:
- secret_key
- access_key
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
volumes:
minio1-data:
minio2-data:
minio3-data:
minio4-data:
db_data:
wordpress:
networks:
wp-net:
minio_distributed:
driver: overlay
secrets:
secret_key:
external: true
access_key:
external: true
5. Swarm deploy
docker stack deploy -c docker-compose.yml wordpress
docker service ls
Αποτελέσματα
vihqdyawjc10 nefos_db replicated 1/1 mariadb:latest *:3306->3306/tcp
y7nbv60la2sg nefos_minio1 replicated 1/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9005->9000/tcp
0bcjccvpagd2 nefos_minio2 replicated 1/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9006->9000/tcp
17vpuld32qui nefos_minio3 replicated 0/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9007->9000/tcp
0mbyzsuq5gvq nefos_minio4 replicated 0/1 minio/minio:RELEASE.2020-06-03T22-13-49Z *:9008->9000/tcp
8izloz68b9ky nefos_nginx replicated 1/1 nginx:latest *:80->80/tcp, *:443->443/tcp
2cbg82sytzbg nefos_wordpress replicated 1/1 wordpress:latest *:9000->80/tcp
6. Nginx configuration
server {
listen 80;
server_name localhost;
root /var/www/html;
index index.php;
access_log /var/log/nginx/wordpress-access.log;
error_log /var/log/nginx/wordpress-error.log;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
7. Ενημέρωση Minio nodes
docker node update --label-add minio1=true snf-12364
docker node update --label-add minio2=true snf-12366
docker node update --label-add minio3=true snf-12565
docker node update --label-add minio4=true snf-12591
docker node update --label-add group=minio snf-12364
docker node update --label-add group=minio snf-12565