准备工作
- 本地docker环境,
- 服务docker镜像下载地址:https://registry-d.ym/harbor/projects/22/repositories
- 哪吒的环境变量配置和挂载配置:http://nezha.compass.ym/#/appManage/appManage
- ssl证书:参考https://blog.51cto.com/u_10624715/3235172
- 项目git代码
环境搭建(JAVA项目,mall-product-service为例)
方式一:docker运行
- 拉取镜像:docker pull registry-t.iauto360.cn/g-mall/mall-product-service@sha256:38e2add4aead9939be5709791a84afc2c5021657b2d75979b812d8ec0d38f118
- 编写docker-compose.yml
version: '3'
services:
product:
image: bb10770fa692
volumes:
- $HOME/work/mall-product-service/target/mall-product-service-assembly:/app #替换为挂载本地parent代码maven编译后的目录,具体细节可以inspect一下java镜像。
- $HOME/docker/shangcheng-uat/volumes/server.properties.java:/opt/settings/server.properties #实现哪吒的文件挂载,文件内容参考哪吒
ports:
- "80:8111"
environment: #实现哪吒环境变量
ENV: DEV #${ENV},也可以用.env环境变量控制
APOLLO_META: http://10.1.1.200:3180
# 容器名称
networks:
- elastic
container_name: product
#profiles: ["product","all"] #选择性启动,docker compose --profile mkt up --remove-orphans
networks:
elastic:
driver: bridge
|
- 启动项目:docker compose up --remove-orphans
方式二:idea运行,可以进行实时开发和debug模式
添加环境变量,并依赖主机的/opt/settings/server.properties 文件。
环境搭建(php-fpm项目,bbc为例)
- 拉取镜像:docker pull registry-t.iauto360.cn/g-mall/bbc@sha256:384b08e12072aa7bbd395cea9708611f037b25fca0e263e6f7b190c6593baeb4
- 编写docker-compose.yml
version: '3'
services:
bbc:
image: b08e7e60ed23
volumes:
- $HOME/work/b2b2c:/data/www/wwwroot #挂载本地代码
- $HOME/docker/shangcheng-uat/volumes/server.properties.php:/opt/settings/server.properties
- $HOME/docker/shangcheng-uat/volumes/apollo-env.properties:/data/www/app/vendor/yamei/apollo-plugin/configs/apollo-env.properties
- $HOME/docker/shangcheng-uat/volumes/bbc/default.conf:/etc/nginx/conf.d/default.conf #这里需要支持https
- $HOME/docker/shangcheng-uat/volumes/bbc/www.conf:/usr/local/etc/php-fpm.d/www.conf
- $HOME/docker/shangcheng-uat/volumes/bbc/certi.php:/data/www/wwwroot/config/certi.php
- $HOME/docker/shangcheng-uat/volumes/bbc/install.lock.php:/data/www/wwwroot/config/install.lock.php
- $HOME/docker/shangcheng-uat/volumes/bbc/app.php:/data/www/wwwroot/config/production/app.php
- $HOME/docker/shangcheng-uat/volumes/bbc/redis.php:/data/www/wwwroot/config/production/redis.php
- $HOME/docker/shangcheng-uat/volumes/bbc/database.php:/data/www/wwwroot/config/production/database.php
- $HOME/docker/shangcheng-uat/volumes/bbc/docker-php-ext-redis.ini:/usr/local/etc/php/conf.d/docker-php-ext-redis.ini
- $HOME/docker/shangcheng-uat/volumes/ssl/ssl.crt:/etc/nginx/conf.d/ssl.crt #挂载证书
- $HOME/docker/shangcheng-uat/volumes/ssl/ssl.key:/etc/nginx/conf.d/ssl.key
ports:
- "80:80"
- "443:443"
environment:
APOLLO_META: http://10.1.1.200:3180
OCS_URL: http://wry-t-ocs.carrieym.com
ENABLE_CROND: enable
APOLLO_ENV_ROOT: /data/www/wwwroot
APOLLO_ENV_NAME: env
APOLLO_APPID: yame-bbc
NGINX_ROOT: /data/www/wwwroot/public
networks:
- elastic
container_name: bbc
networks:
elastic:
driver: bridge
|
default.conf
server {
listen 80 default_server;##
listen [::]:80 default_server;
server_name bbc.dev;
index index.html index.htm index.php;
root /data/www/wwwroot/public;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'userTicket,ssotoken,token,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
send_timeout 600;
client_header_buffer_size 128k;
large_client_header_buffers 4 128k;
proxy_buffer_size 64k;
proxy_buffers 8 64k;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param HTTPS 'on';
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
access_log /data/www/wwwlogs/access.log;
}
server {
listen 443 default_server;##
server_name bbc.dev;
ssl on;
ssl_certificate /etc/nginx/conf.d/ssl.crt;
ssl_certificate_key /etc/nginx/conf.d/ssl.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
index index.html index.htm index.php;
root /data/www/wwwroot/public;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'userTicket,ssotoken,token,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,X-Requested-With';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
send_timeout 600;
client_header_buffer_size 128k;
large_client_header_buffers 4 128k;
proxy_buffer_size 64k;
proxy_buffers 8 64k;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_cache_valid 200 302 1h;
fastcgi_cache_valid 301 1d;
fastcgi_cache_valid any 1m;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param HTTPS 'on';
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
access_log /data/www/wwwlogs/access.log;
}
|
- 启动项目:docker compose up --remove-orphans
- 设置本地hosts :127.0.0.1 bbc.dev
- 浏览器访问bbc.dev,输入thisisunsafe,绕开https证书安全问题
基于docker支持xdebug的配置:
镜像加装xdebug扩展:
apk add make gcc libc-dev libcurl curl-dev libpng libpng-dev openldap-dev postgresql-dev autoconf
pecl install xdebug-2.2.5
php.ini配置:
zend_extension=/usr/local/lib/php/extensions/no-debug-non-zts-20131226/xdebug.so
xdebug.remote_enable=on
xdebug.remote_handler=dbgp
xdebug.remote_host=docker.for.mac.localhost ;如果是远程调试需要开启,docker配置如此
xdebug.remote_port=9000
xdebug.idekey=phpStorm
xdebug.remote_autostart=1
注:此处可以提交镜像,compose用新提交的镜像,防止debug修改被清理。
docker commit bbc bbc:xdebug
chrome浏览器安装xdebug扩展程序
idea配置如下:
注:
浏览器安装xdebug插件,作用是请求发送xdebug参数,告诉php服务端需要xdebug执行模式
Idea开启xdebug监听,并开启9000端口,监听php服务执行代码xdebug发送到此端口的信息。
远程xdebug执行的原理,其实就是将远程的php代码映射到本地,以配合idea(如果本地的不一致,以远程的为准),将代码挂载出来后,此问题解决。
环境搭建(swoole项目,mkt为例)
- 拉取镜像:docker pull registry-t.iauto360.cn/g-mall/mkt@sha256:9d20e5e72beacb844fbf6bcaf6e8fbac41ce14add68d05ed465056d71e796c2d
- 编写docker-compose.yml
version: '3'
services:
mkt:
image: 082f425b82b2
volumes:
- $HOME/work/mkt:/data/www/app #挂载本地代码
- $HOME/docker/shangcheng-uat/volumes/server.properties.php:/opt/settings/server.properties
- $HOME/docker/shangcheng-uat/volumes/apollo-env.properties:/data/www/app/vendor/yamei/apollo-plugin/configs/apollo-env.properties
ports:
- "80:19501"
environment:
ENABLE_CROND: enable
networks:
- elastic
container_name: mkt
networks:
elastic:
driver: bridge
|
- 启动项目:docker compose up --remove-orphans
基于docker支持debug模式:
由于swoole和xdebug拓展冲突,所以需要选用 yasd,安装参考https://github.com/swoole/yasd
需要注意的是swoole模式的debug,并不需要浏览器的debug插件。它的原理是idea的9000端口直接和php服务端通讯。但是启动easyswoole的时候,需要加上-e参数,并且需要指定php服务端的PHP_IDE_CONFIG环境变量,用于idea选择映射的server。所以修改compose如下:
trade:
image: 9e0582fca306
volumes:
- $HOME/work/mall-trade-service:/data/www/app
- $HOME/docker/shangcheng-uat/volumes/server.properties.php:/opt/settings/server.properties
- $HOME/docker/shangcheng-uat/volumes/apollo-env.properties:/data/www/app/vendor/yamei/apollo-plugin/configs/apollo-env.properties
ports:
- "80:9505"
command:
- "/bin/sh"
- "-c"
- "php vendor/bin/ym-annotation compile && php -e easyswoole start" #重写启动命令,加上-e参数
environment:
ENV: ${ENV}
APOLLO_META: ${APOLLO_META}
PHP_IDE_CONFIG: "serverName=demo"# 此处需要设定idea-》preferences->language& frameworks->php->servers的Name
# 容器名称
networks:
- elastic
container_name: trade
profiles: ["trade","all"]
|
开启idea的监听debug按钮,启动容器,debug就完成链接。
nginx统一管理各个服务的办法
nginx:
image: nginx:latest
volumes:
- $HOME/docker/shangcheng-uat/volumes/nginx/conf.d:/etc/nginx/conf.d
ports:
- "80:80"
- "443:443"
networks:
- elastic
container_name: nginx
# depends_on:
# - bbc
# - mkt
profiles: ["nginx","all"]
|
nginx配置
server {
listen 443 ssl;
server_name bbc.dev; #server并不能限制非次servername的域名指向到此处443,如果没有找到,则默认执行第一个server。
ssl_certificate /etc/nginx/conf.d/ssl.crt;
ssl_certificate_key /etc/nginx/conf.d/ssl.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
resolver 127.0.0.11; #此处解决host not found in upstream,其中docker-compose 启动的nginx 内部默认的dns解析服务是127.0.0.11
set $ups bbc:80;
proxy_pass http://$ups;
}
}
|
修改本地/etc/hosts文件
例如:bbc.dev 127.0.0.1
暗夜之中,才见繁星;危机之下,暗藏转机;事在人为,为者常成。
