我在设置多Docker容器环境时遇到问题。 这个想法很标准:
我的phpfpm Docker文件非常简单:
FROM php:7.0-fpm
# install the PHP extensions we need
RUN apt-get update && apt-get install -y libpng12-dev libjpeg-dev && rm -rf /var/lib/apt/lists/* \
&& docker-php-ext-configure gd --with-png-dir=/usr --with-jpeg-dir=/usr \
&& docker-php-ext-install gd mysqli opcache
# set recommended PHP.ini settings
# see https://secure.php.net/manual/en/opcache.installation.php
RUN { \
echo 'opcache.memory_consumption=128'; \
echo 'opcache.interned_strings_buffer=8'; \
echo 'opcache.max_accelerated_files=4000'; \
echo 'opcache.revalidate_freq=2'; \
echo 'opcache.fast_shutdown=1'; \
echo 'opcache.enable_cli=1'; \
} > /usr/local/etc/php/conf.d/opcache-recommended.ini
VOLUME /var/www/html
CMD ["php-fpm"]
和Nginx更是如此:
FROM nginx
COPY conf.d/* /etc/nginx/conf.d/
conf.d
文件夹内的单个文件default.conf
server {
listen 80;
server_name priz-local.com;
root /var/www/html;
index index.php;
location / {
proxy_pass http://website:9000;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
和docker-compose.yml
website:
build: ./website/
ports:
- "9000:9000"
container_name: website
external_links:
- mysql:mysql
nginx-proxy:
build: ./proxy/
ports:
- "8000:80"
container_name: proxy
links:
- website:website
此精确设置在AWS Elastic Beanstalk上完美运行。但是,在我的本地docker上,我收到的错误如下:
2016/11/17 09:55:36 [错误] 6#6:* 1 connect()失败(111:连接 拒绝)连接上游时,客户端:172.17.0.1,服务器: priz-local.com,请求:" GET / HTTP / 1.1",上游: " http://127.0.0.1:9000/",主持人:" priz-local.com:8888" 172.17.0.1 - - [17 / Nov / 2016:09:55:36 +0000]" GET / HTTP / 1.1" 502 575" - " " Mozilla / 5.0(Macintosh; Intel Mac OS X 10_12_1) AppleWebKit / 537.36(KHTML,与Gecko一样)Chrome / 54.0.2840.71 Safari浏览器/ 537.36" " - "
更新 如果我登录代理容器并尝试卷曲到另一个我得到这个:
root@4fb46a4713a8:/# curl http://website
curl: (7) Failed to connect to website port 80: Connection refused
root@4fb46a4713a8:/# curl http://website:9000
curl: (56) Recv failure: Connection reset by peer
我尝试的另一件事是:
server {
listen 80;
server_name priz-local.com;
root /var/www/html;
#index index.php;
#charset UTF-8;
#gzip on;
#gzip_http_version 1.1;
#gzip_vary on;
#gzip_comp_level 6;
#gzip_proxied any;
#gzip_types text/plain text/xml text/css application/x-javascript;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /nginx_status {
stub_status on;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ \.php$ {
set $nocache "";
if ($http_cookie ~ (comment_author_.*|wordpress_logged_in.*|wp-postpass_.*)) {
set $nocache "Y";
}
fastcgi_pass website:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
include fastcgi_params;
#fastcgi_cache_use_stale error timeout invalid_header http_500;
#fastcgi_cache_key $host$request_uri;
#fastcgi_cache example;
#fastcgi_cache_valid 200 1m;
#fastcgi_cache_bypass $nocache;
#fastcgi_no_cache $nocache;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
allow all;
expires max;
log_not_found off;
fastcgi_pass wordpress:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
include fastcgi_params;
}
}
网站开始运作,但所有资源(js | css | png | jpg | jpeg | gif | ico)现在都返回403
。
我错过了什么?
答案 0 :(得分:0)
在与R0MANARMY进行了很长时间的聊天并得到了很多帮助后,我想我终于理解了问题的根源。
这里的主要问题是我没有使用docker,因为它打算工作。
另一个原因是fpm不是网络服务器,而代理它的唯一方法是通过fastcgi(或者可能不是唯一的,但简单的proxy_pass在这种情况下不起作用)。
因此,正确的设置方法是:
fastcgi
到php容器以下是一些如何操作的示例:
http://geekyplatypus.com/dockerise-your-php-application-with-nginx-and-php7-fpm/
https://ejosh.co/de/2015/08/wordpress-and-docker-the-correct-way/
<强>更新强> 添加对我有用的实际解决方案:
为了更快的周转时间,我决定使用docker-compose和docker-compose.yml,如下所示:
website:
build: ./website/
container_name: website
external_links:
- mysql:mysql
volumes:
- ~/Dev/priz/website:/var/www/html
environment:
WORDPRESS_DB_USER: **
WORDPRESS_DB_PASSWORD: ***
WORDPRESS_DB_NAME: ***
WORDPRESS_DB_HOST: ***
proxy:
image: nginx
container_name: proxy
links:
- website:website
ports:
- "9080:80"
volumes:
- ~/Dev/priz/website:/var/www/html
- ./deployment/proxy/conf.d/default.conf:/etc/nginx/conf.d/default.conf
现在,这里最重要的信息是我将两个容器安装完全相同的代码。原因是因为fastcgi不能提供静态文件(至少据我所知),所以想法是直接通过nginx提供服务。
我的default.conf
文件如下所示:
server {
listen 80;
server_name localhost;
root /var/www/html;
index index.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /nginx_status {
stub_status on;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass website:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_intercept_errors on;
include fastcgi_params;
}
}
所以,这个配置,代理通过php请求由fpm容器处理,而其他一切都是从本地安装的卷中获取。
就是这样。我希望它会帮助别人。
唯一的问题是:
http://localhost:9080
下载index.php文件而不是执行它