Docker for PHP developers - Tips, Tricks & Lessons learned

Transcript

1. Docker for PHP developers Tips, Tricks & Lessons learned PhpPrague

   2018 Vladimír Kriška @ujovlado

2. whoami Programmer (mostly PHP, but also JS) Developer at Keboola

   building ETL platform Keboola Connection writing about it at 500.keboola.com technologies: // TODO insert cool words here twitter.com/ujovlado ujovlado.com medium.com/@ujovlado 2

3. How I started with Docker? I was in a mood

   to get rid of "host installations" I was playing with Vagrant and default setup was too slow for me 3

4. Proof 4

5. Now I want everyone to use Docker 5

6. Past 6

7. Past New computer Install Apache/Nginx, MySQL/PostgreSQL, PHP, MongoDB, etc. Start

   services, start coding After few weeks: OMG, this project needs different version of MySQL and PHP ... Problems (vedle pasti) 7

8. Future New computer Prepare Docker le, build services Run them,

   start coding After few weeks: OMG, this project needs different version of MySQL and PHP ... Never mind, I'll add or update services and rebuild images 8

9. Tips & tricks 9

10. Docker Compose Must have for development docker-compose up my-app docker-compose

    run --rm my-app bash Very good for testing docker-compose run --rm my-app ./vendor/bin/phpunit 1. docker-compose up -d 2. run tests 3. docker-compose down 10

11. Example (development) services: my-app: build: . volumes: - ./:/code working_dir:

    /code ports: - "4321:80" command: bash tty: true 11

12. Example (testing, CI) services: - docker script: - ... -

    docker-compose up -d udp-listener - php tests/run.php - docker-compose logs udp-listener | grep 'Some text' 12

13. Images with option to run sh/bash instantly Very handy for

    debugging Easier than overriding entrypoint Just append what you need to run This is very easy: docker run -i -t --rm debian bash Shouldn't we prepare every service like this? 13

14. Example docker-compose run --rm my-app composer install docker-compose run --rm

    my-app ./cli.php migrations:migrate or just: docker-compose run --rm my-app bash to enter container and play inside 14

15. Run common CLI commands in Docker Don't install php locally,

    you have containers Don't install tools like travis CLI localy Prepare images and run commands in container to keep your host system clean If you need something, then mount volume Remember that your PC is only a resource 15

16. Example (part 1) FROM ruby:2 RUN gem install travis -v

    1.8.2 --no-rdoc --no-ri ARG USER_NAME ARG USER_UID ARG USER_GID RUN groupadd --gid $USER_GID $USER_NAME RUN useradd --uid $USER_UID --gid $USER_GID $USER_NAME ENTRYPOINT ["travis"] $ docker build -t travis \ --build-arg USER_UID=`id -u` \ --build-arg USER_GID=`id -g` \ --build-arg USER_NAME=`id -un` \ . 16

17. Example (part 2) #!/bin/bash docker run -i -t --rm \

    -v "/home/vlado/workspace/travis-cli/.travis :/home/`id -un`/.travis" \ -v "$PWD:$PWD" \ -w $PWD \ -u `id -u` \ travis "$@" Magic here is volumes section and $@ which will proxy all passed args to container 17

18. Everything is le and can be mounted as volume You

    want to log something using syslog Hey, but there's no syslog running in my container Let's create new service to provide syslog for me 18

19. Example (part 1) services: syslog: build: docker/syslog volumes: - ./docker/.syslog-datadir/socket:/syslog-socket

    - ./docker/.syslog-datadir/log:/var/log syslog-watcher: image: debian:8 volumes_from: - syslog command: tail -f /var/log/syslog 19

20. Example (part 2) services: my-app: image: debian volumes: - ./docker/.syslog-datadir/socket/log:/dev/log

    links: - syslog command: bash now you can log to syslog and will see logs using "watcher" service 20

21. Docker in Docker (almost) Very similar to syslog part, but

    we mount Docker socket With mounted socket, container has access to Docker on host machine So you can have application running in container and executing commands like docker run in container 21

22. Example docker run -i -t docker sh -c 'docker ps

    -q' Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? docker run -i -t \ -v /var/run/docker.sock:/var/run/docker.sock \ docker \ sh -c 'docker ps -q' 5a11cca86782 22

23. Lessons learned 23

24. It's easier to start with Apache than with Nginx Apache

    only needs vhost con guration and php.ini -> 1 service Nginx needs the same plus php-fpm -> 2 services So if you don't care, use Apache. 24

25. Do not run database in containers Databases are critical to

    your businness You probably won't get it right (me neither) How would you solve: backups? replication? Probably the best is: buy database as a service (AWS RDS, etc.) have databases server (managed by someone) 25

26. Same image for development and production environment Only difference should

    be the code and environment variables composer install should be run during image build On localhost, it'll load all dependencies from cache Code should be copied in image On localhost override code with volume Test should run in container 26

27. One Docker image to rule them all If more programs

    need your PHP code, it's better to add all these programs to one image. And than only change program to run. Apache: FROM php:7-apache (this can be default service) Cron: RUN apt-get instal cron (to run, override command to cron -f ) PHP CLI: already in Apache image (to run, override command to php some-script.php ) 27

28. Custom PHP builds Try to avoid building PHP (use FROM

    php:7 , not apt-get install php7-cli and similar) For extensions use docker-php-ext-install Do not reinvent a wheel - there's a big community behind of cial images Of cial images are based on Debian - very common and stable distribution Alpine is smaller, but can cause problems (we had one - with memory) 28

29. Do not try to enter the container It looks real

    but with bigger amount of containers starting/stopping it's almost impossible You probably only need logs, so send them to stdout If you need some les from container, use volume or send them to S3 Run another service with mounted Docker socket to collect these logs Use logspout to forward logs to 3rd party service like Papertrail 29

30. How to enter the container To running container with your

    service (not recommended): docker exec -i -t 5a11cca86782 - it's very dangerous, because executing "wrong" commands can kill whole container If you really need to chcek what's going on - e.g. to be in same environment, just start one container with long running process - e.g. tail -f /xyz . Then docker exec to this container and play. 30

31. Live coding? 31

32. 32

33. Questions? 33

34. Thank you!