I have a Laravel 9 application deployed on GKE. It has some background jobs which I have configured to run using supervisor (I will share snippets of config files below).
The Problem
The problem is when Jobs are run using scheduler or manually using the artisan command, there are cache files created in storage/framework/cache/data path with root user as owner. This causes the issues as errors keep logging with message Unable to create lockable file because all the other folders and files have user www-data which we set in Dockerfile. To fix it, I have to manually run chown -R www-data:www-data . in the above cache path.
Dockerfile
FROM php:8.0-fpm
# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/
# Set working directory
WORKDIR /var/www
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
libpng-dev \
libonig-dev \
libicu-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
locales \
libzip-dev \
libpq-dev \
ca-certificates \
zip \
jpegoptim optipng pngquant gifsicle \
nano \
unzip \
git \
curl \
supervisor \
cron \
nginx
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
RUN docker-php-ext-install pdo pdo_mysql mbstring zip exif bcmath
RUN docker-php-ext-configure gd --with-freetype --with-jpeg
RUN docker-php-ext-install gd
RUN docker-php-ext-configure intl
RUN docker-php-ext-install intl
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
COPY scripts/supervisor.conf /etc/supervisor/conf.d/supervisor.conf
COPY /scripts/nginx/nginx.conf /etc/nginx/sites-enabled/default
# Create the log file to be able to run tail
RUN touch /var/log/cron.log
# Setup cron job
COPY scripts/crontab /etc/cron.d/scheduler
RUN chmod 0644 /etc/cron.d/scheduler
RUN usermod -u 1000 www-data
RUN usermod -G staff www-data
COPY --chown=www-data:www-data . /var/www
RUN touch /var/www/storage/logs/laravel.log
RUN mkdir /var/www/storage/framework/cache/data
RUN chown -R www-data:www-data /var/www/storage
RUN chmod -R 777 /var/www/storage
RUN composer install --no-interaction
COPY /scripts/entrypoint.sh /etc/entrypoint.sh
RUN chmod +x /etc/entrypoint.sh
EXPOSE 80 443
ENTRYPOINT ["/etc/entrypoint.sh"]
crontab
* * * * * root echo "cron working..." >> /var/log/cron.log
* * * * * root /usr/local/bin/php /var/www/artisan schedule:run >> /var/log/cron.log
entrypoint.sh
#!/usr/bin/env bash
php artisan config:cache
service supervisor start
service nginx start
php-fpm
supervisor.conf
[program:cron]
process_name=%(program_name)s_%(process_num)02d
command=cron -f
autostart=true
autorestart=true
startretries=5
numprocs=1
stderr_logfile=/var/log/cron.log
stderr_logfile_maxbytes=10MB
stdout_logfile=/var/log/cron.log
stdout_logfile_maxbytes=10MB
Things I have tried so far
I have tried changing user group in crontab from root to www-data but that result in cron not working at all.
I have tried changing supervisor user to www-data so cron command is run by www-data instead of root.
Also setting user as www-data in Dockerfile, but all of the solutions either result in cron not running at all or the files created by jobs are still owned by root user.
After much investigation, I found that it is not a good practice to run laravel scheduler as root user because that can create files with root owner.
I updated my crontab file to following:
* * * * * root su -c "/usr/local/bin/php /var/www/artisan schedule:run >> /var/log/cron.log" -s /bin/bash www-data
This way the cache files created will be owned by www-data and no files from root owner are created.
Hope this helps someone who is facing the same issues.
Related
I have the following Dockerfile:
ARG ALPINE_VERSION=3.16
FROM alpine:${ALPINE_VERSION}
# Setup document root
WORKDIR /var/www/html
# Install packages and remove default server definition
RUN apk add --no-cache \
curl \
nginx \
php81 \
php81-ctype \
php81-curl \
php81-dom \
php81-fpm \
php81-gd \
php81-intl \
php81-mbstring \
php81-mysqli \
php81-opcache \
php81-openssl \
php81-phar \
php81-session \
php81-xml \
php81-xmlreader \
php81-sodium \
php81-xmlwriter \
supervisor \
php81-tokenizer \
php81-pdo \
php81-fileinfo
# Create symlink so programs depending on `php` still function
RUN ln -s /usr/bin/php81 /usr/bin/php
# Configure nginx
COPY docker/nginx.conf /etc/nginx/nginx.conf
# Configure PHP-FPM
COPY docker/fpm-pool.conf /etc/php81/php-fpm.d/www.conf
COPY docker/php.ini /etc/php81/php.ini
# Configure supervisord
COPY docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# Make sure files/folders needed by the processes are accessable when they run under the nobody user
RUN chown -R nobody.nobody /var/www/html /run /var/lib/nginx /var/log/nginx
# Switch to use a non-root user from here on
USER nobody
# Add application
COPY --chown=nobody . /var/www/html/
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
RUN cd /var/www/html && composer install --no-interaction --prefer-dist --optimize-autoloader --ignore-platform-reqs
# Expose the port nginx is reachable on
EXPOSE 8080
# Let supervisord start nginx & php-fpm
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
# Configure a healthcheck to validate that everything is up&running
HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping
My Laravel app is being served, however when I get the following error trying to access it: could not find driver (QueryException, select * from sessionswhereid = <id> limit 1)
Here is my php.ini: https://pastebin.com/gHZevdw3 (too long for here).
I'm not too sure what needs to be done to enable PDO, or if my ini file is incorrect, but I'd appreciate some feedback on what can be improved.
Any help appreciated!
Hi i am new to docker.
I have cloned my laravel code from
https://github.com/laravel/laravel/tree/8.x
and followed the steps provided in given below link.
https://www.digitalocean.com/community/tutorials/how-to-set-up-laravel-nginx-and-mysql-with-docker-compose
But still, mbstring is not installed in my project with php 8 version as my laravel project is compatible with a higher version than 7.2 but when i tried mbstring with 7.2 version it was easyly installed. i want to install mbstring with php 8 version.
Given below is my docker file. please have a look at it.
FROM php:8.0.3-fpm-buster
# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/
# Set working directory
WORKDIR /var/www
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
libpng-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
locales \
zip \
jpegoptim optipng pngquant gifsicle \
vim \
unzip \
git \
curl
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl
RUN docker-php-ext-configure gd --with-gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/
RUN docker-php-ext-install gd
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Add user for laravel application
RUN groupadd -g 1000 www
RUN useradd -u 1000 -ms /bin/bash -g www www
# Copy existing application directory contents
COPY . /var/www
# Copy existing application directory permissions
COPY --chown=www:www . /var/www
# Change current user to www
USER www
# Expose port 9000 and start php-fpm server
EXPOSE 9000
CMD ["php-fpm"]
FROM php:8-fpm
# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/
# Set working directory
WORKDIR /var/www
ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
RUN chmod +x /usr/local/bin/install-php-extensions && sync && \
install-php-extensions mbstring pdo_mysql zip exif pcntl gd
#previous code
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
libpng-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
locales \
zip \
jpegoptim optipng pngquant gifsicle \
vim \
unzip \
git \
curl
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
#RUN docker-php-ext-install
#RUN docker-php-ext-configure gd --with-gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Add user for laravel application
RUN groupadd -g 1000 www
RUN useradd -u 1000 -ms /bin/bash -g www www
RUN php artisan key:generate
# Copy existing application directory contents
COPY . /var/www
# Copy existing application directory permissions
COPY --chown=www:www . /var/www
# Change current user to www
USER www
# Expose port 9000 and start php-fpm server
EXPOSE 9000
CMD ["php-fpm"]
Try this..
What follows is more appropriate as a comment, but I have an insufficient reputation to comment.
Adarsh Hiwrale's excellent suggestion mostly worked for me, but I had to rearrange a few lines to avoid a race condition.
That is, the reordered lines are necessary for anyone starting from scratch who is building for the first time because they will not yet have a partial Docker build that can execute RUN php artisan key:generate.
My revision follows with comments indicating what was modified and why.
FROM php:8-fpm
# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/
# Set working directory
WORKDIR /var/www
ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/
RUN chmod +x /usr/local/bin/install-php-extensions && sync && \
install-php-extensions mbstring pdo_mysql zip exif pcntl gd
#previous code
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
libpng-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
locales \
zip \
jpegoptim optipng pngquant gifsicle \
vim \
unzip \
git \
curl
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
#RUN docker-php-ext-install
#RUN docker-php-ext-configure gd --with-gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Add user for laravel application
RUN groupadd -g 1000 www
RUN useradd -u 1000 -ms /bin/bash -g www www
# BEGIN MODIFICATIONS to Adarsh Hiwrate's suggested code
# Copy existing application directory contents
# The following line is redundant (predundant?) because of the line which copies the required items with the correct permissions.
# COPY . /var/www
# Copy existing application directory permissions
COPY --chown=www:www . /var/www
# This has to come after the above copy, otherwise the code will not yet be available in the container.
RUN php artisan key:generate
# END MODIFICATIONS to Adarsh Hiwrate's suggested code
# Change current user to www
USER www
# Expose port 9000 and start php-fpm server
EXPOSE 9000
CMD ["php-fpm"]
I am using the php:7.4-fpm Docker image and I'm trying to set up cron to run but it's not running.
Here is my Dockerfile:
FROM php:7.4-fpm
# Set working directory
WORKDIR /var/www
# Install dependencies
RUN apt-get update && apt-get install -y \
cron \
build-essential \
libpng-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
locales \
libzip-dev \
libmcrypt-dev \
libonig-dev \
zlib1g-dev \
zip \
jpegoptim optipng pngquant gifsicle \
vim \
unzip \
git \
graphviz \
curl \
supervisor
# Install Imagick
RUN apt-get update && \
apt-get install -y libmagickwand-dev --no-install-recommends && \
pecl install imagick && \
docker-php-ext-enable imagick
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
RUN docker-php-ext-install pdo_mysql zip exif pcntl
# Permissions for Laravel
RUN chown -R www-data:www-data /var/www
RUN chmod -R 777 /var/www
# Copy crontab file to the cron.d directory
COPY ./docker/php-server/crontab /etc/cron.d/crontab
# Give execution rights on the cron job
RUN chmod 0644 /etc/cron.d/crontab
# Apply cron job
RUN crontab /etc/cron.d/crontab
# Create the log file to be able to run tail
RUN touch /var/log/cron.log
EXPOSE 9000
CMD bash -c "cron && php-fpm"
When I enter the container and check the contents of /etc/cron.d/crontab it is correct
* * * * * php /var/www/artisan schedule:run >> /var/log/cron.log 2>&1
# An empty line
But it's not being run. I'm not sure what's going on here..
When I run service cron status it says [ ok ] cron is running. But nothing is happening.
So I finally managed to solve it. I have no idea why COPYing the cron file wasn't working. I still don't know why. (maybe someone smarter than me can explain it). But I solved it very simply by appending my commands to the /etc/crontab file and now it works.
P.S. crontab file requires a new line character at the end so using echo adds it automatically.
Here is my updated Dockerfile (I deleted all the other lines where I copied the crontab):
RUN echo "* * * * * root php /var/www/artisan schedule:run >> /var/log/cron.log 2>&1" >> /etc/crontab
# Create the log file to be able to run tail
RUN touch /var/log/cron.log
I had the same bug, fixed by setting up the cron on the machine hosting the docker container instead of the container itself.
So the cron entry translates to something like :
* * * * * docker exec web php artisan schedule:run >> storage/logs/cron.log 2>&1
If you face an issue with tty allocation, try with docker exec -it
I can't understand why this is happening. I am trying to create a symlink but it fails. It only works if I ssh into the container after it has been created. When I build my project using Docker I get this error message:
Step 11/14 : RUN php artisan storage:link
---> Running in bbfd87dcdbf6
Could not open input file: artisan
ERROR: Service 'php-container' failed to build: The command '/bin/sh -c php artisan storage:link' returned a non-zero code: 1
But if I try to ssh into my container and run the same command then it works.
$ docker exec -it php-container /bin/bash
root#053d9cbd22eb:/var/www# php artisan storage:link
The [/var/www/public/storage] link has been connected to [/var/www/storage/app/public].
The links have been created.
Here is my Dockerfile
FROM php:7.4-fpm
# Set working directory
WORKDIR /var/www
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
libpng-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
locales \
libzip-dev \
libmcrypt-dev \
libonig-dev \
zlib1g-dev \
zip \
jpegoptim optipng pngquant gifsicle \
vim \
unzip \
git \
graphviz \
curl
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
RUN docker-php-ext-install pdo_mysql zip exif pcntl
RUN docker-php-ext-configure gd --with-freetype --with-jpeg
RUN docker-php-ext-install gd
RUN docker-php-ext-install bcmath
# Permissions for Laravel
RUN chown -R www-data:www-data /var/www
RUN chmod -R 777 /var/www
# (!) This is not working.......
RUN php artisan storage:link
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Expose port 9000 and start php-fpm server
EXPOSE 9000
CMD bash -c "composer install && chmod -R 777 /var/www && php artisan migrate --seed && php-fpm"
You must run composer install before php artisan command.
This is really important. you have error because artisan package not exist and actually vendor folder not created.
Finally you must change docker file to this :
CMD bash -c "composer install && chmod -R 777 /var/www && php artisan migrate --seed && php artisan storage:link
I installed powershell in the php debian docker image and now I am installing PowerCLI module in the docker image to access the vsphere info and display using laravel. The issue is with the PowerCLI installation. Powershell doesn't seem to persist the modules installed and imported. When I import module and use RUN pwsh -c connect-viserver, it seems working in the docker-image. But when I call the cmdlet in laravel container as $process = new Process(['pwsh', '-c','Connect-VIServer', 'SERVERNAME']); it fails. I check to see if it is imported iin the powershell by accessing container docker exec -it app bash But the module is not installed. I am manually keeping the modules in a folder powershell/Modules and adding it to $env:$PSModulePath
I do not understand what I'm missing.
Here's is my docker file.
FROM php:7.4-fpm
# Copy composer.lock and composer.json
COPY composer.lock composer.json /var/www/
RUN pwd
# Set working directory
WORKDIR /var/www
RUN pwd
# Install dependencies
RUN apt-get update && apt-get install -y \
build-essential \
libpng-dev \
libjpeg62-turbo-dev \
libfreetype6-dev \
libonig-dev \
locales \
libzip-dev \
zip \
jpegoptim optipng pngquant gifsicle \
vim \
unzip \
git \
curl \
wget \
apt-utils
# Clear cache
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Install extensions
RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl mysqli
RUN docker-php-ext-configure gd --enable-gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/
RUN docker-php-ext-install gd
RUN docker-php-ext-enable mysqli
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
#########################
RUN pwd
# Download the Microsoft repository GPG keys
RUN wget https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb
# Register the Microsoft repository GPG keys
RUN dpkg -i packages-microsoft-prod.deb
# Update the list of products
RUN apt-get update
# Install PowerShell
RUN apt-get install -y powershell
# Start PowerShell
#RUN pwsh
# Allow installation from PSGallery
SHELL ["pwsh", "-command"]
RUN Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
#RUN Install-Module VMware.VimAutomation.Core -Confirm:$false
#RUN Import-Module VMware.VimAutomation.Core; Get-Module
#RUN Set-PowerCLIConfiguration -ParticipateInCEIP $false -Confirm:$false
#RUN Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false
##RUN connect-viserver 10.21.24.9
RUN Get-Module -ListAvailable VMware.VimAutomation.Core | Import-Module
RUN $env:PSModulePath = $env:PSModulePath + ":/var/www/powershell/Modules"
RUN mkdir -p /root/.config/powershell
RUN touch /root/.config/powershell/Microsoft.PowerShell_profile.ps1
RUN echo "Get-Module -ListAvailable PowerCLI* | Import-Module" >> /root/.config/powershell/Microsoft.PowerShell_profile.ps1
RUN $PSHome
RUN Get-Module
SHELL ["/bin/sh", "-c"]
# Add user for laravel application
RUN groupadd -g 1000 www
RUN useradd -u 1000 -ms /bin/bash -g www www
# Copy existing application directory contents
COPY . /var/www
# Copy existing application directory permissions
COPY --chown=www:www . /var/www
# Change current user to www
USER www
# Expose port 9000 and start php-fpm server
EXPOSE 9000
CMD ["php-fpm"]
RUN pwd
RUN ls -la && ls -la /var/www/powershell/Modules/