I have two different docker containers, each of them runs a PHP application. The problem that I have to solve is copy a list of files (using the PHP copy command) from container 1 to container 2.
Eg:
copy('var/www/html/uploads/test.jpg', 'var/www/html/site/uploads/test.jpg');
Now, the container 1 doesn't have access to container 2 which is site.
What is the best way to fix this?
Use a shared volume to transfer data. So mount
-v filetransfer:/var/www/html/transfer
or
--mount type=volume,source=filetransfer,destination=/var/www/html/transfer
to both containers. If both containers running different non-root users you have to ensure file permissions are set accordingly.
If you want to avoid file corruption use :ro (read-only) for all but one containers or ensure that by code.
Other comments:
docker cp is used to copy files from host to container or vice versa.
Building a REST-API for copying a single file is in my opinion a little bit over-engineered, as long as you're using the same host.
Related
I've got a laravel application (based on laradock) that is amended to productionize it.
github
I'm trying to build a solution where:
files are copied from host to php app to a volume. As you can see in the docker file here, the files are copied into the image: image file copy and composer update is running as expected.
composer update
php app is built in docker (the composer update command needs to run on the volume)
when docker-compose up is called, multiple containers start and nginx and php-fpm share the same content. The Nginx container can therefore server php application.
When i run the code in the repo above, i am seeing a 404 in the browser. The reason is (i think) because in the docker-compose file, on line 97, the statement:
- app-data:/var/www/
(mounting the volume), has erased the files that have been added as it mounts. (These files are being correctly added to the image as part of the docker build php-fpm.).
So, the question is, how can i mount a volume at run time, and not erase the files that have been added as part of image build? The volume needs to be added to that path so that both containers can see the files (AFAIK).
The Docker volume will persist it data except the first time created it will use your container data to init the volume. I guess that you have wrongly created the volume before. So you just need to manually delete the app-data volume and re-deploy your docker-compose file.
Stop your docker compose
docker volume rm <project_name_or_stack_name>_app-data
Start yout docker compose again
Besides, you will need to make sure that your php-fpm which contains your source code data will be started first before any other services sharing app-data volume.
I have the following containers:
nginx:latest
myapp container (derived from php-fpm:alpine)
Currently I have a dummy project with CI pipeline in place which, build-time, compiles production variant of resources (images/js/css,...). Build files end up in (/public/build). At the very end of CI pipeline, I package everything into Docker images and upload it to Hub.
Both nginx and myapp do have volume (not bind mount) set up and pointing to /opt/ci-test/public/build.
This works, for the first time.
But let's say that I add a new file new.css - my new version of docker image will contain a build variant of new.css.
Running a new container with pre-existing volume does not reveal new files and I understand that it should not.. I can create a new volume my_app_v2.
At this point nginx does not see this new volume and it must be removed and re-run (with new volume) for it to take effect.
Is there an easy way to overcome this?
My intention is to use nginx container for multiple PHP apps and I need to refrain from killing it whenever I update one of the apps being served. Is this a bad decision?
EDIT:
One workaround I have managed to dig out is to remove all files from attached volume and start new myapp container. This mirrors all the latest files to the volume. But this feels dirty...
EDIT2:
Related issue (case 3): https://github.com/moby/moby/issues/18670#issuecomment-165059630
EDIT3:
Dockerfile
FROM php:7.2.30-fpm-alpine3.11
COPY . /opt/ci-test
WORKDIR /opt/ci-test
VOLUME /opt/ci-test/public/build
So far, I do not have docker-composer and I run the containers manually via commands:
docker run -it -d --name php71alp -v shr_test:/opt/ci-test/public/build -p 9000:9000 <myaccount>/citest
docker run -it -d --name nginx -v shr_test:/var/www/citest -p 80:80 nginx:latest
Simply do not use a volume for this.
You should treat docker images as "monolithic packages" that contain your dependencies (nginx) and your app's files (images, js, css...). There's no need to treat your app's files any differently than nginx itself, it's all part of the single docker image.
Without a volume, you run v1 of your image, nginx sees the v1 files. You run v2 of your image, nginx sees the v2 files.
Volumes are intended to be used when you actually want to keep files between container versions (such as databases, file uploads...). Not for your site's static assets.
My intention is to use nginx container for multiple PHP apps and I need to refrain from killing it whenever I update one of the apps being served. Is this a bad decision?
Yes, this is bad design. If you want to run multiple apps, you should run 1 Docker container per app. That way, when you release a new version of one app, you only need to restart that container. Containers aren't supposed to be treated like traditional virtual machines where you "SSH into" and manually configure things. Containers are "throw-away". New version of the app? just replace the container with a new one with a newer image.
First option: don't use a volume. If you want to have the files accessible from the image build, and don't need persistence, then the volume isn't helping with your workflow.
Second option: delete the previous volume between runs and use a named volume, which docker will initialize with the image contents.
Third option: modify the image build and container entrypoint to save the directory off to a different location during the build, and restore that location into the volume on container startup in the entrypoint. I've got an implementation of this in the save-volume and load-volume scripts in my base image. It gets more complicated when you want to merge the contents of the volume with the contents of the host, and you'll need to decide how to handle files getting deleted and what changes to save from the previous runs.
I need to somehow run my PHP application in Swarm (maybe we will consider kubernetes if it will be easier). We want to keep nginx and php containers separate, so we can scale them independently. But there is the problem, nginx must have access to those static files somehow.
How would you solve this situation?
Our first idea would be that in the CI, versioned compiled assets would be included to Nginx image. But what to do when i want to update my application containers? I would need old and also the new assets. Or should I use some kind of persisted volume and update it with CI? But I'm no sure how can I do that...
The persisted volume is probably the best way to accomplish this. Docker containers can mount NFS volumes. Create a container to act as an NFS server for the shared files. Here is one of the many containers available on Docker Hub: https://hub.docker.com/r/itsthenetwork/nfs-server-alpine/
Here is an example of how to set up NFS volumes for use with containers. https://gist.github.com/ruanbekker/4a9c0d250bce9f84482f2a788ce92131
Keep in mind that the server address will need to be that of the NFS container.
Imagine that i had created service for uploading kittens pictures and use Docker container on production.
To do it I created Docker image with PHP 5.5 service, mounted "upload" folder of my app from real OS and also mounted folder with source code.
After some time I decided to improve my app, changed source code and now it requires different env from existed in Docker.
For example, now I need PHP 5.6 instead of PHP 5.5
So when I want to change source code of my app, I can do it by switching mounted source code folder with symlinks (or cannot, because Docker will keep socket? If so, how to switch source code? Should I do it right in container without mounting?).
But how can I quickly switch Docker container after switching source code?
Fastest way would be to exec a shell session in the container, update the environment, restart the php service. As you have mounted the source code, no need to switch.
Best way would be to create a docker image with required environment and stop previous container then run the new image mounting appropriate directories.
I'm pretty new do Docker. I played a lot with Docker in my development environment but I tried to deploy real app only once.
I've read tons of documentations and watched dozes of videos but still have a lot of questions.
I do understand that Docker is just a tool that can be used in so many different ways, but now I'm trying to find the best way to develop and deploy web apps.
I'll use real PHP App case to make my question more concrete and practical.
To keep it simple let's assume I'm building a very simple PHP App so I'll need:
Web Server (nginx)
PHP Interpreter (php-fpm or hhvm)
Persistent storage for SESSIONs
The best example/tutorial I could find was this one year old post. Dylan proposes this kind of structure:
He use Data Only container for the whole PHP project files and logs and docker-compose to run all this images with proper links. In development env I'll mount a host directory as a data volume and for production I'll copy files directly to Data Only Images and deploy.
This is understandable. I do want to share data across nginx and php-fpm. nginx needs access to static files (.img, .css, .js...) and php-fpm need access to PHP files. And both services are separated so can be updated/changed independently.
Data only container shares a data volume that is linked to nginx and php-fpm by --volumes-from option.
But as I understand - there's a problem with Data Only containers and -v flag.
Official Docker Documentation says that data volume is specially-designated directory to persist data! It is said that
Data volumes persist even if the container itself is deleted.
So this solution is great for data I do not want to loose like Session files, DB storage, logs etc.. But not for my code files, right? I do want to change my code files. I want to deploy changes without rebuilding nginx and php-fpm images.
Another problem is when I tried this approach I could not deploy code changes until I stopped all running containers, removed them and their images and rebuild them entirely. Just rebuilding and deploying Data Only images did nothing!
I've seen some other implementations when data is stored directly in Interpreter container, but it's not an option because I need nginx to have access to these files also.
The question is what is the best practices on where to put my project code files and how to deploying changes for this kind of app?
Thanks.
Right, don't use a data volume for your code. docker-compose makes a point to re-use old volumes (so you don't lose data), so you'd always be stuck with old code.
Use a COPY directive to add the static resources in the nginx Dockerfile and a COPY in the application (phpfpm) Dockerfile to add the code. In dev you can use a host volume so that you don't have to restart containers to see your code changes (assuming the web server supports picking up changes).