Описание:
Один из членов моей команды перенес docker рабочий стол на версию 2.2.
Поскольку служба php не запускается из-за команды setfacl из точки входа. sh.
Контекст:
Мы работаем над проектом платформы API в версии 2.4.7.
Php Dockerfile:
# the different stages of this Dockerfile are meant to be built into separate images
# https://docs.docker.com/develop/develop-images/multistage-build/#stop-at-a-specific-build-stage
# https://docs.docker.com/compose/compose-file/#target
# https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact
ARG PHP_VERSION=7.3
ARG NGINX_VERSION=1.15
ARG VARNISH_VERSION=6.0
# "php" stage
FROM php:${PHP_VERSION}-fpm-alpine AS api_platform_php
RUN apk add --no-cache --virtual .build-deps $PHPIZE_DEPS icu-dev openldap-dev && \
docker-php-ext-install ldap && \
docker-php-ext-enable ldap && \
apk del .build-deps
# persistent / runtime deps
RUN apk add --no-cache \
acl \
file \
gettext \
git \
;
ARG APCU_VERSION=5.1.17
RUN set -eux; \
apk add --no-cache --virtual .build-deps \
$PHPIZE_DEPS \
icu-dev \
libzip-dev \
zlib-dev \
; \
\
docker-php-ext-configure zip --with-libzip; \
docker-php-ext-install -j$(nproc) \
intl \
pdo_mysql \
zip \
; \
pecl install \
apcu-${APCU_VERSION} \
; \
pecl clear-cache; \
docker-php-ext-enable \
apcu \
opcache \
; \
\
runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
apk add --no-cache --virtual .api-phpexts-rundeps $runDeps; \
\
apk del .build-deps
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
RUN ln -s $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
COPY docker/php/conf.d/api-platform.ini $PHP_INI_DIR/conf.d/api-platform.ini
# https://getcomposer.org/doc/03-cli.md#composer-allow-superuser
ENV COMPOSER_ALLOW_SUPERUSER=1
# install Symfony Flex globally to speed up download of Composer packages (parallelized prefetching)
RUN set -eux; \
composer global require "symfony/flex" --prefer-dist --no-progress --no-suggest --classmap-authoritative; \
composer clear-cache
ENV PATH="${PATH}:/root/.composer/vendor/bin"
WORKDIR /srv/api
# build for production
ARG APP_ENV=prod
ARG TRUSTED_HOSTS=localhost
ARG SENTRY_DSN=<SENTRY_DSN>
ARG BLACKFIRE_PROFILE_ON=false
# prevent the reinstallation of vendors at every changes in the source code
COPY composer.json composer.lock symfony.lock ./
# do not use .env files in production
RUN echo '<?php return [];' > .env.local.php
RUN set -eux; \
composer install --prefer-dist --no-dev --no-autoloader --no-scripts --no-progress --no-suggest; \
composer clear-cache
# copy only specifically what we need
COPY bin bin/
COPY config config/
COPY public public/
COPY src src/
RUN set -eux; \
mkdir -p var/cache var/log; \
composer dump-autoload --classmap-authoritative --no-dev; \
composer run-script --no-dev post-install-cmd; \
chmod +x bin/console; sync
VOLUME /srv/api/var
COPY docker/php/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
RUN chmod +x /usr/local/bin/docker-entrypoint
# Blackfire php probe
RUN version=$(php -r "echo PHP_MAJOR_VERSION.PHP_MINOR_VERSION;") \
&& curl -A "Docker" -o /tmp/blackfire-probe.tar.gz -D - -L -s https://blackfire.io/api/v1/releases/probe/php/alpine/amd64/$version \
&& mkdir -p /tmp/blackfire \
&& tar zxpf /tmp/blackfire-probe.tar.gz -C /tmp/blackfire \
&& mv /tmp/blackfire/blackfire-*.so $(php -r "echo ini_get('extension_dir');")/blackfire.so \
&& printf "extension=blackfire.so\nblackfire.agent_socket=tcp://blackfire:8707\n" > $PHP_INI_DIR/conf.d/blackfire.ini
ENTRYPOINT ["docker-entrypoint"]
CMD ["php-fpm"]
# "nginx" stage
# depends on the "php" stage above
FROM nginx:${NGINX_VERSION}-alpine AS api_platform_nginx
COPY docker/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf
WORKDIR /srv/api
COPY --from=api_platform_php /srv/api/public public/
# "varnish" stage
# does not depend on any of the above stages, but placed here to keep everything in one Dockerfile
FROM cooptilleuls/varnish:${VARNISH_VERSION}-alpine AS api_platform_varnish
COPY docker/varnish/conf/default.vcl /usr/local/etc/varnish/default.vcl
docker -входная точка:
#!/bin/sh
set -e
# first arg is `-f` or `--some-option`
if [ "${1#-}" != "$1" ]; then
set -- php-fpm "$@"
fi
if [ "$1" = 'php-fpm' ] || [ "$1" = 'php' ] || [ "$1" = 'bin/console' ]; then
PHP_INI_RECOMMENDED="$PHP_INI_DIR/php.ini-production"
if [ "$APP_ENV" != 'prod' ]; then
PHP_INI_RECOMMENDED="$PHP_INI_DIR/php.ini-development"
fi
ln -sf "$PHP_INI_RECOMMENDED" "$PHP_INI_DIR/php.ini"
mkdir -p var/cache var/log
setfacl -R -m u:www-data:rwX -m u:"$(whoami)":rwX var
setfacl -dR -m u:www-data:rwX -m u:"$(whoami)":rwX var
if [ "$APP_ENV" != 'prod' ]; then
composer install --prefer-dist --no-progress --no-suggest --no-interaction
fi
echo "Waiting for db to be ready..."
until bin/console doctrine:query:sql "SELECT 1" > /dev/null 2>&1; do
sleep 1
done
# if [ "$APP_ENV" != 'prod' ]; then
# bin/console doctrine:schema:update --force --no-interaction
# fi
fi
crond -L /srv/api/logs/crond.log -b
exec docker-php-entrypoint "$@"
Команды в действии (в docker -входная точка. sh) :
mkdir -p var/cache var/log
setfacl -R -m u:www-data:rwX -m u:"$(whoami)":rwX var
setfacl -dR -m u:www-data:rwX -m u:"$(whoami)":rwX var
Ошибки (во время php обслуживания вверх):
setfacl: var/log: Not supported
setfacl: var/log/dev.log: Not supported
Строка поиска:
Новая функция docker -desktop - это " Новая реализация общего доступа к файлам ", которая заменяет (разновидность системы общего доступа к файлам) Samba на FUSE. Это сделано для таких разработчиков, как мы, для улучшения производительности при запуске symfony или реакции приложения через docker.
- docker -desktop 2.2 примечание к выпуску здесь
- a docker сообщение в блоге о FUSE здесь
У кого-нибудь есть такая же проблема и, возможно, решение?