Popular posts

You need to get familiar with the docker concepts first. It's mandatory since you want to build a rather complicated production stack.

Get familiar with Dockerfile first. Learn how to build images. Docker images are immutable, which means you build them once (via Dockerfile) and use them "as is". However, you can persist data via bind mounts and volumes. Get used to them. Learn differences.

Once you familiarized with the docker images and containers concepts you can dive in to orchestration of docker images. Learn docker-compose. You can have launch configurations in docker-compose for your stacks. After all of this, you can learn kubernetes for managing containers.

You can find prebuilt images for each application like php, mysql, redis, rabbitmq. I usually use prebuild images for services that aren't exposed to public IP, like mysql and redis. However, i avoid using prebuilt nginx and php images on production stack, as they expose to public IP directly and their defaults (configurations, installation paths) are open sourced.

One of my laravel project's Dockerfile:

FROM debian:9.5

MAINTAINER Tuncay Uner <mail@address>

ARG LOCAL_USER_ID=1000
ARG LOCAL_GROUP_ID=1000

# UPGRADE PACKAGES
RUN apt-get update && \
    apt-get -y upgrade

# INSTALL PREREQUISITES
RUN apt-get install -y aptitude
RUN aptitude install -y sudo
RUN aptitude install -y libssl-dev
RUN aptitude install -y wget
RUN aptitude install -y curl
RUN aptitude install -y unzip
RUN aptitude install -y locales
RUN aptitude install -y cron
RUN aptitude install -y rsyslog

# PHP REPOSITORY
RUN apt-get -y install apt-transport-https lsb-release ca-certificates && \
    wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg && \
    sh -c 'echo "deb packages.sury.org/php $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list'

# NODEJS REPOSITORY
RUN curl -sL https://deb.nodesource.com/setup_10.x -o nodesource_setup.sh && \
    sh nodesource_setup.sh && \
    rm nodesource_setup.sh

# UPDATE PACKAGE INDEX
RUN apt-get update

# INSTALL PHP
RUN aptitude install -y php7.2-fpm
RUN aptitude install -y php7.2-gd
RUN aptitude install -y php7.2-zip
RUN aptitude install -y php7.2-xml
RUN aptitude install -y php7.2-intl
RUN aptitude install -y php7.2-mbstring
RUN aptitude install -y php7.2-pdo-mysql

# INSTALL NODE
RUN aptitude install -y nodejs

# INSTALL NGINX
RUN aptitude install -y nginx

# CREATE USER & GROUP "user"
RUN groupdel dialout && \
    groupadd --gid $LOCAL_GROUP_ID --non-unique --force user && \
    useradd --uid $LOCAL_USER_ID --gid $LOCAL_GROUP_ID --shell /bin/bash --create-home --non-unique user

# CREATE FOLDERS
RUN runuser -l user -c 'mkdir webroot' && \
    runuser -l user -c 'mkdir log'

# REMOVE DEFAULT SITES
RUN rm /etc/nginx/sites-enabled/default
RUN rm /etc/nginx/sites-available/default

# INSTALL COMPOSER
COPY ./script/install-composer.sh /root/install-composer.sh
RUN sh /root/install-composer.sh

# ALLOW "user" MANAGE SERVICES
COPY ./config/sudoers.d_service /etc/sudoers.d/service

# ENTRYPOINT
COPY ./script/entrypoint.sh /home/user/entrypoint.sh

And docker-compose.yml:

version: '3.5'

services:
  app:
    user: user
    container_name: project_app
    build:
      context: .docker
      dockerfile: Dockerfile
    volumes:
      - ./.docker/config/development/php-fpm-pool.conf:/etc/php/7.2/fpm/pool.d/project.conf
      - ./.docker/config/development/nginx.conf:/etc/nginx/sites-available/project
      - ./:/home/user/webroot:delegated
    working_dir: /home/user/webroot
    ports:
      - 8000:80
    entrypoint: sh /home/user/entrypoint.sh
    networks:
      - development
    environment:
      TZ: Europe/Istanbul

  db:
    container_name: project_db
    image: mysql:5.7.23
    command: --default-authentication-plugin=mysql_native_password
    restart: always
    volumes:
      - project_data:/var/lib/mysql
      - ./.docker/config/mysql_max_allowed_packet.cnf:/etc/mysql/mysql.conf.d/mysql_max_allowed_packet.cnf
      - ./.docker/config/mysql_sql_mode.cnf:/etc/mysql/mysql.conf.d/mysql_sql_mode.cnf
    ports:
      - 3306:3306
    networks:
      - development
    environment:
      MYSQL_ROOT_PASSWORD: root
      MYSQL_DATABASE: user
      MYSQL_USER: user
      MYSQL_PASSWORD: user
      TZ: Europe/Istanbul

  cache:
    container_name: project_cache
    image: redis:4.0.10
    volumes:
      - project_cache:/data
    entrypoint: redis-server --appendonly yes
    networks:
      - development

volumes:
  project_data:
  project_cache:

networks:
  development:
    name: development