Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Provides basis for Nginx/PHP-FPM web apps

License

NotificationsYou must be signed in to change notification settings

behance/docker-php

Repository files navigation

Build StatusDocker Pulls

docker-php

Provides a pre-wired, configurable PHP + Nginx setup across multiple runtime versions.

Integrated with Behance’sdocker-nginx

Available onDocker Hub.

Quick-start

  • docker run behance/docker-php:7.4-alpine "php" "-v"
  • docker run behance/docker-php:7.4" "php" "-v"
  • docker run behance/docker-php:8.0" "php" "-v"

Adding code to runtime, seehere.PHP tuning and configuration, seehere.Nginx tuning and configuration, seehere.Adding startup logic,basic oradvanced.

Container tag scheme:PHP_MAJOR.PHP_MINOR(-Major.Minor.Patch)(-variant)

  • PHP_MAJOR.PHP_MINOR, required. Engine versions of PHP. ex.docker-php:8.0
  • (Major.Minor.Patch), optional. Semantically versioned container provisioning code. ex.docker-php:7.4-13.4.0.
  • (-variant), optional. Alpine variants are slim versions of the container. ex.docker-php:7.4-alpine.

Includes

  • Nginx HTTP server
  • PHP / PHP-FPM: primary runtime
  • S6: PID 1 zombie reaping, startup coordination, shutdown signal transferal. Nginx and PHP are preconfigured to shutdown as gracefully as possible.
  • Goss: for serverspec-like testing. Rungoss -g /tests/php-fpm/{PHP_MAJOR.PHP_MINOR}(-variant).goss.yaml to validate any configuration updates
  • Ubuntu (default) or Alpine OSbase
  • Common PHP extensions:

For extension customization, including enabling and disabling defaults, seehere

^ - not available on-alpine variant~ - disabled by default

  • apcu
  • bcmath
  • bz2
  • calendar
  • ctype
  • curl
  • date
  • dom
  • exif
  • cgi-fcgi
  • gd
  • iconv
  • igbinary
  • intl
  • json
  • mbstring
  • memcache ^
  • memcached
  • msgpack
  • mysqli
  • mysqlnd
  • newrelic ~ (activates with env variables)
  • opcache
  • openssl
  • pcntl
  • pdo
  • pdo_mysql
  • pdo_pgsql ~
  • pgsql ~
  • phar
  • posix
  • redis ~
  • shmop
  • SimpleXML
  • sockets
  • sysvmsg
  • sysvsem
  • sysvshm
  • tokenizer
  • xdebug ~
  • xml
  • xmlreader
  • xmlwriter
  • yaml ~
  • zip
  • zlib

Expectations

SampleDockerfile

FROM behance/docker-php:8.0# (optional, recommended) Verify everything is in order from the parentRUN goss -g /tests/php-fpm/8.0.goss.yaml validate && /aufs_hack.sh# Layer local code into runtimeCOPY ./ /app/# Done!

  • Local code should be copied into/app, for example:COPY ./ /app/

  • Nginx is pre-configured to use a front controller PHP file (entrypoint)a front controller calledindex.php within apublic folder./app/public/index.php

  • Dev Mode (no ENV variables): PHP's opcache is enabled, and is set to check files for updates. Code can be developed locally in Docker by mounting into the/app folder.For example, thedocker-compose.yml syntax:

volumes:   - ./:/app
  • Production Mode [recommended]: using ENV variable,CFG_APP_DEBUG=0. Container becomes immutable, PHP's opcache is configured to not check files for updates.
  • NOTE: Nginx is exposed and bound to an unprivileged port,8080.

Monitoring

  • NewRelic APM: automatically enabled by adding providing environment variablesREPLACE_NEWRELIC_APP andREPLACE_NEWRELIC_LICENSE
  • NewRelic Distributed Tracing: Before enabling distributed tracing be sure to read thetransition guide. To enable this setNEWRELIC_TRACING_ENABLED totrue.
  • NewRelic Loglevel: you can override the NewRelicnewrelic.loglevel andnewrelic.daemon.loglevel config defaults (currentlywarning) to something more verbose for debugging purposes by setting environment variableNEWRELIC_LOGLEVEL to an available option (options includeinfo,debug,verbosedebug)
  • NewRelic Special: NewRelic has anewrelic.special config for special debug (sometimes requested by the NewRelic support team), you can turn that option on as directed by NewRelic support by setting enviroment variableNEWRELIC_SPECIAL to whatever value requested.
  • PHP-FPM Status: availableonly inside container at/__status. Application healthcheck can pull PHP-FPM statistics fromhttp://127.0.0.1/__status?json. To open to more clients than local, add moreallow statements in__status location block in$CONF_NGINX_SITE(/etc/nginx/sites-available/default)
  • Nginx Status: availableonly inside container at/__nginx_status. Application healthcheck can pull nginx statistics fromhttp://127.0.0.1/__nginx_status. To open to more clients than local, add moreallow statements in__nginx_status location block in $CONF_NGINX_SITE (/etc/nginx/sites-available/default)

Downstream Configuration

PHP Extensions

A variety of common extensions are included, and can be enabled or disabled as needed.

Toenable a built-in and disabled extension:

On Ubuntu (default):

# phpenmod XXX

On Alpine variant:

# sed -i "s/^;ext/ext/" $CONF_PHPMODS/XXX.ini
Todisable a built-in extension:

On Ubuntu (default):

# phpdismod XXX

On Alpine variant:

# sed -i "s/ext/;ext/" $CONF_PHPMODS/XXX.ini

Environment variables

Environment variables can be used to tune various PHP-FPM and Nginx parameters without baking them in.

See parent(s) for additional configuration options:

VariableExampleDefaultDescription
(all)DATABASE_HOST=master.rds.aws.com-PHP has access to environment variables by default
CFG_APP_DEBUGCFG_APP_DEBUG=11Setting to1 ortrue will cue the Opcache to watch for file changes. Set to 0 forproduction mode, which provides a sizeable performance boost, though manually updating a file will not be seen unless the opcache is reset.
CFG_XDEBUG_ENABLECFG_XDEBUG_ENABLE=1-Setting to1 ortrue will enable the XDebug extension, which is preconfigured to allow remote debugging as well as profiling. NOTE: Requires "dev" mode be enabled viaCFG_APP_DEBUG.
SERVER_MAX_BODY_SIZESERVER_MAX_BODY_SIZE=4M1MAllows the downstream application to specify a non-defaultclient_max_body_size configuration for theserver-level directive in/etc/nginx/sites-available/default
SERVER_FASTCGI_BUFFERSSERVER_FASTCGI_BUFFERS='512 32k'256 16kdocs,tweaking
SERVER_FASTCGI_BUFFER_SIZESERVER_FASTCGI_BUFFER_SIZE='256k'128kdocs,tweaking
SERVER_FASTCGI_BUSY_BUFFERS_SIZESERVER_FASTCGI_BUSY_BUFFERS_SIZE='1024k'256kdocs
REPLACE_NEWRELIC_APPREPLACE_NEWRELIC_APP=prod-server-abc-Sets application name for newrelic
REPLACE_NEWRELIC_LICENSEREPLACE_NEWRELIC_LICENSE=abcdefg-Sets license for newrelic, when combined with above, will enable newrelic reporting
NEWRELIC_TRACING_ENABLEDNEWRELIC_TRACING_ENABLED=truedisabledSets transaction_tracer and distributed_tracing true for newrelic, when combined with above, will enablenewrelic distributed tracing
NEWRELIC_LOGLEVELNEWRELIC_LOGLEVEL=verbosedebug-Overrides sane default loglevels fornewrelic.loglevel andnewrelic.daemon.loglevel (options includewarning,info,debug,verbosedebug)
NEWRELIC_SPECIALNEWRELIC_SPECIAL=debug_autorum-Special NewRelic environment variable, for use with NewRelic support for when doing special debugging.
PHP_FPM_MEMORY_LIMITPHP_FPM_MEMORY_LIMIT=256M192MBSets memory limit for FPM instances of PHP
PHP_FPM_MAX_EXECUTION_TIMEPHP_FPM_MAX_EXECUTION_TIME=3060Sets time limit for FPM workers
PHP_FPM_UPLOAD_MAX_FILESIZEPHP_FPM_UPLOAD_MAX_FILESIZE=100M1MSets both upload_max_filesize and post_max_size
PHP_FPM_MAX_CHILDRENPHP_FPM_MAX_CHILDREN=154096docs
PHP_FPM_START_SERVERSPHP_FPM_START_SERVERS=4020docs
PHP_FPM_MAX_REQUESTSPHP_FPM_MAX_REQUESTS=1001024docs How many requests an individual FPM worker will process before recycling
PHP_FPM_MIN_SPARE_SERVERSPHP_FPM_MIN_SPARE_SERVERS=105docs
PHP_OPCACHE_MEMORY_CONSUMPTIONPHP_OPCACHE_MEMORY_CONSUMPTION=512128docs
PHP_OPCACHE_MAX_WASTED_PERCENTAGEPHP_OPCACHE_MAX_WASTED_PERCENTAGE=105docs
PHP_OPCACHE_INTERNED_STRINGS_BUFFERPHP_OPCACHE_INTERNED_STRINGS_BUFFER=6416docs
PHP_OPCACHE_FILE_CACHEPHP_OPCACHE_FILE_CACHE=/tmp-docs
PHP_OPCACHE_ENABLE_CLIPHP_OPCACHE_ENABLE_CLI=01docs
PHP_OPCACHE_PRELOADPHP_OPCACHE_PRELOAD=/etc/php/preload.php-docs
PHP_FPM_LOG_LIMITPHP_FPM_LOG_LIMIT=40961024PHP 7.3+ only, allows configurable stdout message max lengthdocs
PHP_FPM_LOG_BUFFERINGPHP_FPM_LOG_BUFFERING=noyesPHP 7.3+ onlydocs

Testing

  • Requiresbash,docker, anddgoss (link)

To test locally, runPHP_VARIANT=8.0 ./test.sh {docker engine IP}.

This will:

  • Build a single containerPHP_VARIANT (ex. 7.4-alpine, 7.4, 8.0)
  • LeveragesGoss to confirm package, config, and extension installation
  • Validates a large file upload
  • Boots container with specific NewRelic configuration overrides

Release Management

Github actions provide the machinery for testing (ci.yaml) and producing tags distributed through Docker Hub (publish.yaml). Testing will confirm thatnginx is able to serve content in various configurations, but also that it can terminate TLS with self-signed certificates. Once a tested and approved PR is merged, simply cutting a new semantically-versioned tag will generate the a matrix of tagged builds. See Container tag scheme above.

Platform support is available for multiple architectures:

  • linux/amd64: Ubuntu and Alpine variants
  • linux/arm64: Ubuntu variants-only

To add new variant based on a new Dockerfile, add an entry tomatrix.props within./github/workflows YAML files.

Github Actions: Simulation

docker-nginx uses Github Actions for CI/CD. Simulated workflows can be achieved locally withact. All commands must be executes from repository root.

Pre-reqs: tested on Mac

  1. Docker Desktop
  2. act

Pull request simulation: executes successfully, but only on ARM devices (ex. Apple M1). ARM emulation through QEMU on X64 machines does not implement the full kernel functionality required by nginx at this time.

  • act pull_request

Publish simulation: executes, but fails (intentionally) without credentials

  • act
[8]ページ先頭
©2009-2025 Movatter.jp