CRMEB PHP多商户版DOCKER部署实战

#首先，制作docker 镜像#

官方有一个镜像，但是拉不来下，也不知道是没是没有维护，嘎了。只能自己动手做一个。

这里选择ubuntu 24 为基础，制作crmeb-mer的镜像，Dockerfile内容如下：

# 使用官方的Ubuntu 24.04镜像作为基础镜像
FROM ubuntu:24.04

# 设置环境变量以避免交互式配置工具
ENV DEBIAN_FRONTEND=noninteractive

# 设置时区
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
    echo "Asia/Shanghai" > /etc/timezone

# 更新包列表并安装必要的软件包
RUN apt-get update && \
    apt-get install -y software-properties-common ca-certificates nginx supervisor && \
    add-apt-repository ppa:ondrej/php && \
    apt-get update && \
    apt-get install -y \
        php7.4 \
        php7.4-cli \
        php7.4-fpm \
        php7.4-dev \
        php7.4-bcmath \
        php7.4-soap \
        php7.4-intl \
        php7.4-readline \
        php7.4-ldap \
        php7.4-msgpack \        
        php7.4-igbinary \
        php7.4-mysql \
        php7.4-pgsql \
        php7.4-gd \
        php7.4-imagick \
        php7.4-curl \
        php7.4-mbstring \
        php7.4-xml \
        php7.4-zip \
        php7.4-redis \
        php7.4-memcached \
        php7.4-amqp \
        git \
        unzip \
        curl \
    && pecl install swoole-4.8.13 \
    && echo "extension=swoole.so" > /etc/php/7.4/mods-available/swoole.ini \
    && phpenmod swoole \
    && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \
    && apt-get -y autoremove \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

COPY swoole_loader74.so /usr/lib/php/20190902
RUN echo "extension=swoole_loader74.so" > /etc/php/7.4/mods-available/swoole_loader.ini \
    && phpenmod swoole_loader 

# 确保目录存在
RUN mkdir -p /run/php \
    && chown -R www-data:www-data /run/php

# 设置工作目录
WORKDIR /var/www/html

# 设置权限
RUN chown -R www-data:www-data /var/www/html

# 配置 Nginx
COPY nginx.conf /etc/nginx/nginx.conf
COPY default /etc/nginx/sites-available/default

# 配置 Supervisor
COPY supervisord.conf /etc/supervisord.conf
COPY crmeb_swoole.conf /etc/supervisor/conf.d
COPY crmeb_queue.conf /etc/supervisor/conf.d

# 暴露默认的PHP-FPM端口
EXPOSE 80

# 启动 Supervisor
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]

执行编译命令：

docker build -t my-crmeb:7.4 .

#下面来配置nginx#

nginx 配置文件nginx.conf如下：

user www-data;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        types_hash_max_size 2048;
        server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;

        ##
        # Gzip Settings
        ##

        gzip on;

        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_http_version 1.1;
        gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}


#mail {
#       # See sample authentication script at:
#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
#       # auth_http localhost/auth.php;
#       # pop3_capabilities "TOP" "USER";
#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
#       server {
#               listen     localhost:110;
#               protocol   pop3;
#               proxy      on;
#       }
#
#       server {
#               listen     localhost:143;
#               protocol   imap;
#               proxy      on;
#       }
#}

主要是打开了gzip设置。里面没用的注释直接删了吧。

配置默认站点, 文件default内容如下 :

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
server {
        listen 80;
        listen [::]:80;

        root /var/www/html/public;

        # Add index.php to the list if you are using PHP
        index index.php;

        server_name localhost;

        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-Content-Type-Options "nosniff";

        #location / {
        #        # First attempt to serve request as file, then
        #        # as directory, then fall back to displaying a 404.
        #        try_files $uri $uri/ /index.php?$query_string;
        #}

#PROXY-START/

location ^~ /
{
    proxy_pass http://127.0.0.1:8324;
    proxy_http_version 1.1;
    proxy_read_timeout 360s;   
    proxy_redirect off; 
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;

    add_header X-Cache $upstream_cache_status;

    #Set Nginx Cache


    set $static_fileLzXnun8E 0;
    if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
    {
     set $static_fileLzXnun8E 1;
     expires 12h;
        }
    if ( $static_fileLzXnun8E = 0 )
    {
    add_header Cache-Control no-cache;
    }
}

#PROXY-END/

        charset utf-8;

        location = /favicon.ico { access_log off; log_not_found off; }
        location = /robots.txt  { access_log off; log_not_found off; }

        error_page 404 /index.php;

        # pass PHP scripts to FastCGI server
        #

        #location ~ \.php$ {
        #    fastcgi_pass unix:/run/php/php7.4-fpm.sock;
        #    fastcgi_index index.php;
        #    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        #    include fastcgi_params;
        #    fastcgi_hide_header X-Powered-By;
        #}

        #location ~ /\.(?!well-known).* {
        #    deny all;
        #}

        access_log /var/log/nginx/app_access.log;
        error_log /var/log/nginx/app_error.log;

}

这里注意location ~ \.php$ 的设置，普通的php-fpm配置在这里是不需要的，所有的PHP程序都通过swoole来解析。

#接着是supervisord服务#

supervisord.conf 内容如下：

[supervisord]
nodaemon=true
logfile=/var/log/nginx/supervisord.log
pidfile=/run/supervisord.pid

#[program:php-fpm]
#command=/usr/sbin/php-fpm7.4 --nodaemonize --fpm-config /etc/php/7.4/fpm/php-#fpm.conf
#autostart=true
#autorestart=true
#stdout_logfile=/var/log/nginx/php-fpm.stdout.log
#stderr_logfile=/var/log/nginx/php-fpm.stderr.log

[program:nginx]
command=/usr/sbin/nginx -g "daemon off;"
autostart=true
autorestart=true
stdout_logfile=/var/log/nginx/nginx.stdout.log
stderr_logfile=/var/log/nginx/nginx.stderr.log

[include]
files = /etc/supervisor/conf.d/*.conf

这里php-fpm服务被禁用了。因为用不着，所有代码都通过swoole解析。

crmeb需要建两个守护进程，按道理可以跟nginx一样，放到supervisord.conf文件，这里只是为了测试docker里supervisord能不能加载配置文件，所以多加了两个文件。

crmeb系统的启动，crmeb_swoole.conf配置如下：

[program:crmeb-swoole]
command=/usr/bin/php7.4 /var/www/html/think swoole restart
autostart=true
autorestart=true
stdout_logfile=/var/log/nginx/crmeb-swoole.stdout.log
stderr_logfile=/var/log/nginx/crmeb-swoole.stderr.log

crmeb的队列启动，crmeb_queue.conf配置如下：

[program:crmeb-queue]
command=/usr/bin/php7.4 /var/www/html/think queue:listen --tries=2
autostart=true
autorestart=true
stdout_logfile=/var/log/nginx/crmeb-queue.stdout.log
stderr_logfile=/var/log/nginx/crmeb-queue.stderr.log

这两个配置都放supervisord.conf文件里好了，反正supervisorctl也用不了。

#swoole#

制作镜像时还用到swoole_loader74.so文件，这个文件在crmeb程序的安装包里，位置:

crmeb_mer/install/swoole-loader/

找到对应自己PHP版本的swool-loader.so文件放到Dockerfile同级目录下。

#部署#

执行如下命令：

docker run -itd --name=crmeb-mer \

            -v /data/etc/b2b/crmeb_supervisord:/etc/supervisor/conf.d \

            -v /var/www/b2b/crmeb_mer:/var/www/html \

            -v /data/log/crmeb:/var/log/nginx \

            -p 83:80 \

            my-crmeb:7.4

这里多挂载了一个/etc/supervisor/conf.d目录，因为前面说的，为了测试supervisord是否能加载多个配置文件。

所有的日志全部都重定向到了/var/log/nginx目录。

按上述操作，应该会得到一个正常运行的crmeb容器。

为了能让外网能访问，还需要在主机上做个反向代理。

这里只是让crmeb程序在docker里跑，mysql,redis还是在主机上安装配置的，并且主机上还安装了一套nginx,用来反向代理多个容器中的系统。

crmeb的nginx反向代理配置如下：

server {
    listen       80;
    server_name  mer.mysite.com;


    charset utf-8;

    #access_log  /var/log/nginx/host.access.log  main;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location / {
        proxy_pass   http://127.0.0.1:83;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.(?!well-know).* {
        deny  all;
    }


}

域名绑定之后，外网即可正常访问crmeb系统。

-完-