我想在 Docker 容器中发布 Laravel 应用程序,我应该在 Docker 中使用 Docker 还是使用 docker-compose 添加所有服务?
[英]I would like to ship a Laravel app in a Docker container, should I use Docker in Docker or docker-compose to add all services?
问题描述
I'm building a Laravel app that behaves like a SaaS application.
我正在构建一个 Laravel 应用程序,它的行为类似于 SaaS 应用程序。 For it to work I have the following containers:为了让它工作,我有以下容器:
- php php
- nginx nginx
- a queue container (running laravel horizon)队列容器(运行 laravel 地平线)
- redis Redis
- mysql mysql
- could become more...可以变得更...
For development I created shares to my local codebase.对于开发,我创建了共享到我的本地代码库。 Now my question is: what is the most professional way to ship such a multi-service application.现在我的问题是:发布这种多服务应用程序的最专业方法是什么。 I know it't not just creating a single ubuntu container running all services.我知道这不仅仅是创建一个运行所有服务的 ubuntu 容器。
This is my current docker-compose.yml这是我目前的 docker-compose.yml
version: "3.7"
services:
store:
restart: unless-stopped
image: redis:4.0.11-alpine
volumes:
- redis-data:/data
database:
restart: unless-stopped
image: mysql:5.7.27
command: --default-authentication-plugin=mysql_native_password
ports:
# So you can use a database client on your host machine
- 3306:3306
environment:
- MYSQL_ROOT_PASSWORD=secret
volumes:
- mysql-data:/var/lib/mysql
php:
restart: unless-stopped
# image: php:7.3.10-fpm-alpine
build:
context: .
dockerfile: ./docker/dockerfiles/PHP/Dockerfile
working_dir: /code
volumes:
- code-sync:/code:nocopy
- terminal-history:/root/
- ./docker/config/php-fpm/xdebug.ini:/usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini
- ./docker/config/php-fpm/www.conf:/usr/local/etc/php-fpm.d/www.conf
queue:
image: custom-laravel_php
entrypoint: php artisan horizon
working_dir: /code
volumes:
- code-sync:/code:nocopy
webserver:
restart: unless-stopped
image: nginx:1.15.0-alpine
depends_on:
- database
- store
# - certbot
- php
ports:
# Exposing both http and https
- 80:80
- 443:443
volumes:
- code-sync:/code:nocopy
- ./docker/config/default.conf:/etc/nginx/conf.d/default.conf
volumes:
mysql-data:
redis-data:
terminal-history:
code-sync:
external: true
1 个解决方案
解决方案1
4 2020-03-31 14:36:34
I would like to ship a Laravel app in a Docker container,
When I was working professional with Laravel I started thePhp Docker Stack , a composer package to deploy Laravel with docker into production, because all the solutions on time where with focus in a development workflow, but meanwhile I moved to work in Security, and stopped it's development, but you can use it as a starting point for your professional deployment, because it separates each service into its own container.当我在 Laravel 专业工作时,我启动了Php Docker Stack ,这是一个 Composer 包,用于将 Laravel 和 docker 部署到生产中,因为所有解决方案都按时集中在开发工作流程中,但同时我转向了安全领域工作,并停止了它是开发,但您可以将其用作专业部署的起点,因为它将每个服务分离到自己的容器中。
The development stack is then extended from the production stack, not the other way around as seen in many other stacks.然后从生产堆栈扩展开发堆栈,而不是在许多其他堆栈中看到的相反。
should I use Docker in Docker or docker-compose to add all services?
Docker in Docker is for docker development, and some use it in CI pipelines and even here use it with caution as per the words of the creator : Docker 中的 Docker 是用于 Docker 开发的,有的在 CI 管道中使用它,甚至在这里按照创建者的话谨慎使用它:
The primary purpose of Docker-in-Docker was to help with the development of Docker itself.
Professional Deployment专业部署
Now my question is: what is the most professional way to ship such a multi-service application.
It really depends on the technical level of your client user base, but you can start with docker compose, and then upgrade to Docker Swarm or Even Kubernetes.这实际上取决于您的客户端用户群的技术水平,但您可以从 docker compose 开始,然后升级到 Docker Swarm 甚至 Kubernetes。
Try to provide all images from an upstream private registry, instead of building them locally, as you do in some of them.尝试提供来自上游私有注册表的所有图像,而不是像在其中一些图像中那样在本地构建它们。
Security安全
Database ports数据库端口
ports:
# So you can use a database client on your host machine
- 3306:3306
This 3306:3306 equivalent to 0.0.0.0:3306:3306 , thus if you want the database to be available only in localhost you should do instead 127.0.0.1:3306:3306 , but if your database only needs to be available to the other containers in the stack then you can remove the ports altogether, and instead you can call the database from your code by using the docker compose service name, that in your case is database .这个3306:3306相当于0.0.0.0:3306:3306 ,因此如果您希望数据库仅在 localhost 中可用,您应该改为127.0.0.1:3306:3306 ,但如果您的数据库只需要对另一个可用堆栈中的容器,然后您可以完全删除端口,而您可以使用 docker compose 服务名称从代码中调用数据库,在您的情况下是database 。
Database Password数据库密码
environment:
- MYSQL_ROOT_PASSWORD=secret
A better way to provide secrets is to set them in the .env file at the root of your project, and then use variables in the docker-compose.yml :提供秘密的更好方法是在项目根目录的.env文件中设置它们,然后在docker-compose.yml使用变量:
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD? Missing password for mysql root user.}
Or just replace environment: on your docker-compose.yml with the .env file in the root of your project:或者只是更换environment:在您的docker-compose.yml与.env在项目的根文件:
env_file:
- ./.env
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.