使用Docker搭建php-fmp+Apache+Mysql+phpmyadmin容器
作者:通过搭建php容器、apache容器、mysql容器、phpmyadmin容器实现的,并不是集成方式。
一、前期配置
1.添加自定义网络,网络名为lamp-net,ip范围192.168.0.0/16,网关192.168.0.1,网络方式为桥接
[root@VM-12-8-centos www]# docker network create --driver bridge --subnet 192.168.0.0/16 --gateway 192.168.0.1 lamp-net
aa4022c7333f3be69e1eb3e2833d80ec36ac766ca9928682ffa0a5955044fd43 # 添加成功
# 列出所有网络模式
[root@VM-12-8-centos www]# docker network ls
NETWORK ID NAME DRIVER SCOPE
7efe6f06a588 bridge bridge local
bf215cd643f3 host host local
aa4022c7333f lamp-net bridge local # 添加成功
a3f94345ead7 none null local
2.创建映射文件夹
# 创建映射目录
[root@VM-12-8-centos home]# mkdir -p /home/lamp/apache/conf/
[root@VM-12-8-centos home]# mkdir -p /home/lamp/www/
[root@VM-12-8-centos home]# mkdir -p /home/lamp/mysql8/logs
[root@VM-12-8-centos home]# mkdir -p /home/lamp/mysql8/conf
[root@VM-12-8-centos home]# mkdir -p /home/lamp/mysql8/mysql-files
二、配置php-fmp容器
1.使用php:7.2.2-fpm-alpine版本的镜像,获取该镜像
[root@VM-12-8-centos www]# docker pull php:7.2.2-fpm-alpine
7.2.2-fpm-alpine: Pulling from library/php
605ce1bd3f31: Pull complete
2f5aa494661d: Pull complete
7963c90c835a: Pull complete
a3f2a1640434: Pull complete
0fda071cd29f: Pull complete
0bf857759796: Pull complete
75199bdd3015: Pull complete
bbecfe647603: Pull complete
ca2ca14e9b19: Pull complete
396930a52810: Pull complete
Digest: sha256:43b82e2de06f7c0ec2f053bce76e474e8fc922a56d97d02234020880a458e7d1
Status: Downloaded newer image for php:7.2.2-fpm-alpine
docker.io/library/php:7.2.2-fpm-alpine # 下载成功
2.启动php容器,将该容器分配到自定义网络lamp-net处
# 以后台方式启动容器,容器名为fpm
# 分配容器网络为lamp-net
# 进行文件夹映射,将主机文件夹/home/lamp/www映射到容器/var/www
# 分配ip为192.168.0.2,待会用得上
[root@VM-12-8-centos www]# docker run -d --name fpm --net lamp-net --ip 192.168.0.2 -v /home/lamp/www:/var/www php:7.2.2-fpm-alpine
48e458fe07ceb42347c4cf4bb14087b29f2fb6844b8c0d118e82bdcbe0dc3405 #启动成功
3.查看php容器分配的IP地址,待会用得上
[root@VM-12-8-centos conf]# docker network inspect lamp-net
[
{
"Name": "lamp-net",
"Id": "aa4022c7333f3be69e1eb3e2833d80ec36ac766ca9928682ffa0a5955044fd43",
"Created": "2022-03-19T23:19:56.371719111+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.0.0/16",
"Gateway": "192.168.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"37a7131e689ae1a9ef91419cddc4aeb7b8e7a8689e6fed573bdcbf69d7373a2f": {
"Name": "fpm",
"EndpointID": "1aab292637d1f9a0b04894db5afbae75a2886ec8822fc3fb1b3ab27440e5f8eb",
"MacAddress": "02:42:c0:a8:00:02",
"IPv4Address": "192.168.0.2/16", # php-fpm分配的IP地址
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
三、配置Apache容器
1.以httpd:2.4.33-alpine 版本为例,下载Apache镜像
[root@VM-12-8-centos www]# docker pull httpd:2.4.33-alpine
2.4.33-alpine: Pulling from library/httpd
911c6d0c7995: Pull complete
fb560bf76af3: Pull complete
b077eec28e12: Pull complete
cbb10f3684e5: Pull complete
28b16b995d79: Pull complete
Digest: sha256:cd4598d3397ed391b8c996d686a3f939cd8e672d31b758faa298a23aaddfa394
Status: Downloaded newer image for httpd:2.4.33-alpine
docker.io/library/httpd:2.4.33-alpine # 下载成功
2.先临时启动apache容器,将容器内httpd.conf拷贝一份到/home/lamp/conf/
# 启动临时httpd容器
[root@VM-12-8-centos www]# docker run -d --rm --name httpd httpd:2.4.33-alpine
6a6ef5cffbb578b901110d791dfac5280b784d15c863f7649c444559433e0d59
# 将容器内的/usr/local/apache2/conf/httpd.conf拷贝到/home/lamp/apache/conf/httpd.conf
[root@VM-12-8-centos home]# docker cp httpd:/usr/local/apache2/conf/httpd.conf /home/lamp/apache/conf/httpd.conf
# 将httpd容器停止
[root@VM-12-8-centos home]# docker stop httpd
httpd
3.修改/home/lamp/conf/httpd.conf文件
# 将httpd.conf里的下面三处注释去除
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
# 添加虚拟主机
# 注:下面IP必须填写PHP容器真实的IP,fpm端口号默认9000,不用变化
<VirtualHost *:80>
ServerAdmin txl@com.cn
DocumentRoot "/usr/local/apache2/htdocs"
ServerName localhost
<Directory "/usr/local/apache2/htdocs">
Options None
Require all granted
</Directory>
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://192.168.0.2:9000/var/www/$1
</VirtualHost>
4.启动httpd容器,将80端口进行映射,
# 以交互模式启动httpd容器,容器名字为httpd
# 进行端口映射,将主机端口号80映射到容器80
# 分配网络为lamp-net,ip为192.168.0.3
# 将主机文件夹home/lamp/www映射到容器/usr/local/apache2/htdocs/
# 将主机文件home/lamp/conf/httpd.conf映射到容器/usr/local/apache2/conf/httpd.conf
[root@VM-12-8-centos home]# docker run -it -p 80:80 --name httpd --net lamp-net --ip 192.168.0.3 -v /home/lamp/www:/usr/local/apache2/htdocs/ -v /home/lamp/apache/conf/httpd.conf:/usr/local/apache2/conf/httpd.conf httpd:2.4.33-alpine
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.0.3. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.0.3. Set the 'ServerName' directive globally to suppress this message
[Sat Mar 19 16:24:43.180326 2022] [mpm_event:notice] [pid 1:tid 140549116623752] AH00489: Apache/2.4.33 (Unix) configured -- resuming normal operations
[Sat Mar 19 16:24:43.180365 2022] [core:notice] [pid 1:tid 140549116623752] AH00094: Command line: 'httpd -D FOREGROUND'
# 按ctrl+p+q 不结束容器退出
5.往/home/lamp/www文件夹内写demo.php测试脚本
<?php
phpinfo();
?>
6.通过浏览器访问demo.php页面,效果如图所示
四、配置MySql容器
1.下载mysql8.0版本的容器
[root@VM-12-8-centos ~]# docker pull mysql:8.0
8.0: Pulling from library/mysql
a4b007099961: Pull complete
e2b610d88fd9: Pull complete
38567843b438: Pull complete
5fc423bf9558: Pull complete
aa8241dfe828: Pull complete
cc662311610e: Pull complete
9832d1192cf2: Pull complete
f2aa1710465f: Pull complete
4a2d5722b8f3: Pull complete
3a246e8d7cac: Pull complete
2f834692d7cc: Pull complete
a37409568022: Pull complete
Digest: sha256:b2ae0f527005d99bacdf3a220958ed171e1eb0676377174f0323e0a10912408a
Status: Downloaded newer image for mysql:8.0
docker.io/library/mysql:8.0
2.启动临时mysql容器
[root@VM-12-8-centos phpmyadmin]# docker run -p 3306:3306 --name mysql --net lamp-net -e MYSQL_ROOT_PASSWORD=gg445566 --restart=always -d mysql:8.0
a26066e8e7256d66c1770fcd3b9b0192190cec14335eac09cfffdb031cb3d337
3.拷贝配置文件到宿主机
[root@VM-12-8-centos phpmyadmin]# docker cp mysql:/etc/mysql/my.cnf /home/lamp/mysql8/conf/
# 拷贝完后,停止并删除容器
[root@VM-12-8-centos phpmyadmin]# docker stop mysql && docker rm mysql
mysql
mysql
4.重新启动mysql
# -e MYSQL_ROOT_PASSWORD 需要配置root的密码
# 将mysql添加到lamp-net网络
[root@VM-12-8-centos phpmyadmin]# docker run \
-p 3306:3306 \
--name mysql \
--net lamp-net \
--ip 192.168.0.4 \
-e MYSQL_ROOT_PASSWORD=gg445566 \
-v /home/lamp/mysql8/data:/var/lib/mysql:rw \
-v /home/lamp/mysql8/logs:/var/log/mysql:rw \
-v /home/lamp/mysql8/conf/my.cnf:/etc/mysql/my.cnf:rw \
-v /home/lamp/mysql8/mysql-files:/var/lib/mysql-files/ \
--restart=always \
-d mysql:8.0
66e7ecb5e50e41e3e921b7d0b863228f15b0ac6ecdd344bdaa80646d5524a82e
5.进入mysql容器
[root@VM-12-8-centos phpmyadmin]# docker exec -it mysql bash
root@66e7ecb5e50e:/#
6.至此mysql服务成功启动
7.使用navicat工具连接不上数据库,原因在于mysql8版本以上,密码加密方式默认使用caching_sha2_password,只需要把加密方式更改为mysql_native_password即可
# 把root用户的加密方式更改
alter user 'root'@'%' identified with mysql_native_password by 'gg445566'
# 查看是否修改成功
select host,user,authentication_string,plugin from user;
五、配置phpmyadmin
1.下载phpmyadmin最新版
[root@VM-12-8-centos ~]# docker pull phpmyadmin/phpmyadmin
5.1.3-fpm-alpine: Pulling from library/phpmyadmin
59bf1c3509f3: Pull complete
7c7da25b2876: Pull complete
2bc599114627: Pull complete
927a0b37a45a: Pull complete
4980da2f4b2f: Pull complete
2d8d633f9515: Pull complete
db0297103caf: Pull complete
2243a9bddfde: Pull complete
051837e3f6c3: Pull complete
e79a999588a8: Pull complete
501af0bf2ad9: Pull complete
b79422e732d4: Pull complete
4b5b3fc3e13e: Pull complete
38fb48d44981: Pull complete
f34c545bf259: Pull complete
6efb87a1abdc: Pull complete
Digest: sha256:a9394f241879653add70d7375abf7d9b1d61236a807160c4acbaf033c78061e6
Status: Downloaded newer image for phpmyadmin:5.1.3-fpm-alpine
docker.io/library/phpmyadmin:5.1.3-fpm-alpine
2.启动容器
# 以后台方式启动
# 分配
# PMA_HOST:设置mysql的ip
# PMA_PORT:设置mysql端口
# 暴露phpmyadmin页面的入口端口为12580
[root@VM-12-8-centos lamp]# docker run -d --name myadmin --net lamp-net --ip 192.168.0.5 -e PMA_HOST=192.168.0.4 -e PMA_PORT=3306 -p 12580:80 phpmyadmin/phpmyadmin
97cf2492652a20f86907b0f006fc1715e3361709b5dfbcba62591f07eb2837c5
3.访问phpmyadmin页面,输入数据库的密码,并进行登录,出现下述页面,则成功访问!
六、部署项目sqli
1.下载sqli-labs7压缩包
# 切换目录
[root@VM-12-8-centos lamp]# cd /home/lamp/www/
# 通过wget下载,这里注意下,使用的sqli版本为适应php7的
[root@VM-12-8-centos www]# wget https://codeload.github.com/skyblueee/sqli-labs-php7/zip/refs/heads/master
--2022-03-20 10:58:00-- https://codeload.github.com/skyblueee/sqli-labs-php7/zip/refs/heads/master
Resolving codeload.github.com (codeload.github.com)... 20.205.243.165
Connecting to codeload.github.com (codeload.github.com)|20.205.243.165|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/zip]
Saving to: ‘master’
[ <=> ] 11,487,894 10.2MB/s in 1.1s
2022-03-20 10:58:02 (10.2 MB/s) - ‘master’ saved [11487894]
# 解压下载好的压缩包
[root@VM-12-8-centos www]# unzip master
Archive: master
86dbd720a25504b79037891fd27f83e26f99209c
creating: sqli_labs_sqli-version-master/
creating: sqli_labs_sqli-version-master/Less-1/
inflating: sqli_labs_sqli-version-master/Less-1/index.php
inflating: sqli_labs_sqli-version-master/Less-1/result.txt
creating: sqli_labs_sqli-version-master/Less-10/
inflating: sqli_labs_sqli-version-master/Less-10/in
...
...
# 查看目录
[root@VM-12-8-centos www]# ls
demok.php demo.php html master sqli_labs_sqli-version-master # 解压完成
2.修改数据库配置文件
[root@VM-12-8-centos www]# cd /home/lamp/www/sqli-labs-php7-master/sql-connections
[root@VM-12-8-centos sql-connections]# vim db-creds.inc
# 修改完成后保存退出
<?php
//give your mysql connection username n password
$dbuser ='root'; # 数据库登录用户
$dbpass ='gg445566'; # 数据库登录密码
$dbname ="security"; # 创建数据库的名称,不用修改
$host = '192.168.0.4'; # 修改数据库ip地址
$dbname1 = "challenges"; # 不用修改
?>
改完后尝试一键部署sqli数据库资源,结果页面显示如下
出现这个结果的原因,是我们的php-fpm默认情况没有mysqli扩展,需要进入容器内进行安装
3.进入php容器,安装mysqli扩展
# 进入php容器
[root@VM-12-8-centos sql-connections]# docker exec -it fpm /bin/sh
# 修改Alpine下载源为国内清华
/usr/local/etc/php/conf.d # sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
# 进入容器后,安装mysqli扩展
/usr/local/etc/php/conf.d # docker-php-ext-install mysqli pdo pdo_mysql
fetch http://dl-cdn.alpinelinux.org/alpine/v3.6/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.6/community/x86_64/APKINDEX.tar.gz
(1/28) Upgrading musl (1.1.16-r14 -> 1.1.16-r15)
(2/28) Installing m4 (1.4.18-r0)
(3/28) Installing libbz2 (1.0.6-r5)
(4/28) Installing perl (5.24.4-r2)
...
...
# 安装完成后,php容器内/usr/local/etc/php/conf.d/ 会多出两个.ini文件
# 默认使用官方的php镜像,是不含有*.ini配置文件的,一定要注意这点
# 按ctrl+p+q退出容器
4.重启php服务
[root@VM-12-8-centos lamp]# docker restart fpm
fpm
再次尝试一键部署sqli数据库资源,结果页面显示
数据库连接失败,原因是sqli-labs 7的版本,连接mysql8的时候使用的密码验证方式不一致,有三种解决办法,方法一是使用mysq5.6版本以下的数据库,方法二是执行本手册第四章第7步,方法三,是执行本手册第六章第5步
5.配置mysql数据库
[mysqld]
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
datadir = /var/lib/mysql
secure-file-priv= NULL
default_authentication_plugin=mysql_native_password # 添加这字段,修改默认密码加密方式
# 修改完后重启mysql容器
[root@VM-12-8-centos lamp]# docker restart mysql
mysql
紧接着进入mysql容器,创建新用户
# 添加用户,用户名为sqli,密码为gg445566
CREATE USER 'sqli'@'%' IDENTIFIED BY 'gg445566';
# 对新添加的用户进行授权,下列语句是mysql8使用的方式,其他版本自行百度
GRANT ALL PRIVILEGES ON *.* TO 'sqli'@'%' WITH GRANT OPTION;
# 验证是否添加成功,检查密码验证方式
select host,user,authentication_string,plugin from user;
紧接着重新修改/home/lamp/www/sqli-labs-php7-master/sql-connections/db-creds.inc
[root@VM-12-8-centos lamp]# vim /home/lamp/www/sqli-labs-php7-master/sql-connections/db-creds.inc
<?php
//give your mysql connection username n password
$dbuser ='sqli'; # 把用户名修改为刚创建的新用户
$dbpass ='gg445566';
$dbname ="security";
$host = '192.168.0.4';
$dbname1 = "challenges";
?>
改完后重新访问
sqli-labs7创建成功
6.最后,修改apache的httpd.conf文件,修改默认访问页面
<IfModule dir_module>
DirectoryIndex index.html index.php # 添加了index.php
</IfModule>
# 重启apache服务
[root@VM-12-8-centos lamp]# docker restart httpd
httpd
至此,sqli-labs7已经顺利部署成功!
笔者心得:能不用mysql8就别用,能用php5就别用php7!
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
