时间戳

首页 > 技术文章 > docker运行wordpress

docker运行wordpress

jcici 2018-08-22 17:43 原文

docker运行wordpress

 

 1、下载centos镜像

  docker pull centos

 

2、安装mysql数据库

 1 FROM centos    #原镜像
 2 MAINTAINER 547253687@qq.com    #作者
 3 
 4 RUN yum -y install mariadb-server openssh-server && yum clean all   #yum安装相应的包
 5 RUN mysql_install_db && chown -R mysql:mysql /var/lib/mysql/  #初始化数据库
 6 
 7 VOLUME /var/lib/mysql   #定义数据卷
 8 
 9 ADD mysql.sh /mysql.sh  #添加已经定义好的脚本
10 RUN chmod 755 /mysql.sh   #赋予脚本权限
11 
12 EXPOSE 22    #暴露22端口
13 EXPOSE 3306    #暴露3306端口
14 
15 CMD ["/mysql.sh"]    #运行脚本

 

#!/bin/bash

mysqld_safe &
sleep 5
mysqladmin -uroot password '123456'
mysql -uroot -p123456 -e "GRANT ALL ON *.* TO 'root'@'%' IDENTIFIED BY '123456';FLUSH PRIVILEGES;"
sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config && ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
echo 123456 | passwd --stdin root
/usr/sbin/sshd -D

 

   执行Dockfile 生成db镜像

  docker build -t cc/wordpress:db .

 

3、生成php镜像

FROM centos
MAINTAINER 547253687@qq.com

RUN yum -y install libxml2 libxml2-devel bzip2 bzip2-devel libjpeg-turbo libjpeg-turbo-devel libpng libpng-devel freetype freetype-devel zlib zlib-devel libcurl libcurl-devel gcc gcc-c++ c++ glibc make autoconf openssl openssl-devel ntpdate crontabs

ADD libmcrypt-2.5.8.tar.gz /usr/local/src
WORKDIR /usr/local/src/libmcrypt-2.5.8/
RUN ./configure && make && make install

ADD php-5.4.44.tar.gz /usr/local/src
WORKDIR /usr/local/src/php-5.4.44/
RUN ./configure --prefix=/usr/local/php --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-mysql=mysqlnd --with-openssl --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-mcrypt --with-zlib --with-libxml-dir=/usr --enable-xml  --enable-sockets --enable-fpm --with-config-file-path=/usr/local/php/etc --with-bz2 --with-gd && make && make install

COPY php.ini-production /usr/local/php/etc/php.ini
COPY php-fpm.conf.default /usr/local/php/etc/php-fpm.conf

RUN useradd -M -s /sbin/nologin php
RUN sed -i -e 's@;pid = run/php-fpm.pid@pid = run/php-fpm.pid@g' -e 's@nobody@php@g' -e 's@listen = 127.0.0.1:9000@listen = 0.0.0.0:9000@g' /usr/local/php/etc/php-fpm.conf
RUN sed -i 's@;daemonize = yes@daemonize = no@g' /usr/local/php/etc/php-fpm.conf

EXPOSE 9000

CMD ["/usr/local/php/sbin/php-fpm"]

 

  生成php镜像

  docker build -t cc/wordpress:php .

 

4、生成nginx镜像

FROM centos
MAINTAINER 547253687@qq.com

RUN groupadd www
RUN useradd  -g  www www
ADD nginx-1.15.2.tar.gz /usr/local/src

RUN yum install libxslt-devel -y gd gd-devel GeoIP GeoIP-devel pcre pcre-devel gcc gcc-c++ c++ glibc make autoconf openssl openssl-devel ntpdate crontabs

WORKDIR /usr/local/src/nginx-1.15.2
RUN ./configure --user=www --group=www --prefix=/usr/local/nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_realip_module    --with-http_addition_module    --with-http_xslt_module   --with-http_image_filter_module    --with-http_geoip_module  --with-
http_sub_module  --with-http_dav_module --with-http_flv_module    --with-http_mp4_module --with-http_gunzip_module  --with-http_gzip_static_module  --with-http_auth_request_module  --with-http_random_index_module   --with-http_secure_link_module   --with-http_degradatio
n_module   --with-http_stub_status_module && make && make install

COPY nginx.conf /usr/local/nginx/conf/nginx.conf
COPY fastcgi_params /usr/local/nginx/conf/fastcgi_params

RUN mkdir -p /data/proxy_cache_path/
RUN mkdir -p /usr/local/nginx/ssl/
RUN mkdir -p /usr/local/nginx/conf.d/
RUN mkdir -p /usr/local/nginx/log/

COPY ssl/cert.key /usr/local/nginx/ssl/
COPY ssl/cert.pem /usr/local/nginx/ssl/
COPY wordpress.conf /usr/local/nginx/conf.d/

EXPOSE 80

CMD ["/usr/local/nginx/sbin/nginx","-g","daemon off;"]

 

 nginx.conf配置文件

 

user  www;
worker_processes  1;

error_log  /usr/local/nginx/log/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
        include       /usr/local/nginx/conf/mime.types;
        default_type  application/octet-stream;
    
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  /usr/local/nginx/log/access.log  main;
    
        sendfile        on;
        #tcp_nopush     on;
    
        #gzip  on;
    
        client_header_timeout 10;
        client_body_timeout 10;
        reset_timedout_connection on;
        keepalive_timeout  60 50;
        client_header_buffer_size 4k;

    map $http_x_forwarded_for $clientRealIp {
        ""  $remote_addr;
        ~^(?P<firstAddr>[0-9\.]+),?.*$    $firstAddr;
        }

    geo $whiteiplist {
    default 1;
    192.168.29.7 0;
    192.168.32.230 0;
    113.91.190.11 0;
    121.34.53.218 0;
    }

    map $whiteiplist $limit {
#    1 $binary_remote_addr;
    1 $clientRealIp;
    0 "";
    }

    
    limit_req_zone $limit zone=one:10m rate=6r/m;
    limit_conn_zone $limit zone=conn_zone:10m;
#    limit_req_status 503;
#    limit_req_zone $limit zone=one:10m rate=6r/m;
#    limit_req_conn 
    
    proxy_cache_path /data/proxy_cache_path levels=1:2 keys_zone=cache_zone:100m max_size=1g inactive=60m use_temp_path=off;
    proxy_temp_path /data/proxy_temp_path;

#    limit_req zone=one burst=3 nodelay;

    server_tokens off;
    
    proxy_connect_timeout  100;
    proxy_send_timeout  300;
    proxy_read_timeout  300;
    proxy_headers_hash_max_size 51200;
    proxy_headers_hash_bucket_size 6400;
    client_max_body_size 30m;
    client_body_buffer_size 512k;
    proxy_buffer_size  16k;
    proxy_buffers  4 64k;
    proxy_busy_buffers_size  128k;
    proxy_temp_file_write_size  128k;
    proxy_hide_header  Vary;
    proxy_set_header  Accept-Encoding "";
    
    proxy_set_header  Referer $http_referer;
    proxy_set_header  Cookie $http_cookie;
    proxy_set_header  Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header  X-Real-IP $remote_addr;
    proxy_set_header X-Real-IP $http_x_real_ip;
    proxy_set_header  X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header  X-Real-IP $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-IP $http_x_forwared_for;

        include /usr/local/nginx/conf.d/*.conf;
}

 

 

 

wordpress.conf配置文件

server {
    listen 443 ssl;
    server_name www.jcici.com;
    root /wordpress;
    index index.php index.html index.htm;
    
    ssl on;
    ssl_certificate /usr/local/nginx/ssl/cert.pem;
    ssl_certificate_key /usr/local/nginx/ssl/cert.key;
    ssl_session_timeout 5m;
    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;


    access_log /usr/local/nginx/log/cc.access.log;
    error_log /usr/local/nginx/log/cc.error.log;

    location ~ \.php$ {
        root /wordpress;
        fastcgi_pass php:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

 

   fastcgi_pass php:9000; 这里的php又link来指定

  生成nginx镜像

  docker build -t cc/wordpress:nginx .

5、运行镜像

  启动db  docker run -d -p 20002:22 --name db cc/wordpress:db  可以用ssh 20002来管理db这个容器

  docker run -d --name=php -v /webapp:/wordpress cc/wordpress:php

  docker run -d -p 443:443 --name nginx --link=php:php -v /webapp:/wordpress cc/wordpress:nginx

访问https://www.jcici.com

 

 

推荐阅读