為了 wordpress 優化 php-fpm docker container image
雖然已經有 wordpress dockerhub offical image, 但就算用 alpine 版本, 差不多要 290MB, 真的覺得大了點
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
php 7.4-fpm-alpine-cytseng.ibb.tw-custom 82b6ca953c77 2 hours ago 108MB
php 7.4-fpm-alpine-origin-custom 292aff464569 2 hours ago 49.5MB
wordpress php7.4-fpm-alpine 5ecc056e48e2 2 days ago 290MB
alpine 3.15 0ac33e5f5afa 2 weeks ago 5.57MB
我自己做的只要 108MB, 少了超過 150MB, 覺得很有成就感, 有需要的就自己撿去用
花了一些時間, 大概 2,3 天吧, 為了 wordpress 優化 php74-fpm docker container
直接把結果貼上來
先利用 Dockerfile-php74-fpm-origin 產生一個 php74-fpm base image, 參考Dockerfile
FROM alpine:3.15
ENV PHPIZE_DEPS \
autoconf \
dpkg-dev dpkg \
file \
g++ \
gcc \
libc-dev \
make \
pkgconf \
re2c
RUN apk add --no-cache \
ca-certificates \
curl \
tar \
xz \
openssl
RUN set -eux; \
adduser -u 82 -D -S -G www-data www-data
ENV PHP_INI_DIR /usr/local/etc/php
RUN set -eux; \
mkdir -p "PHP_INI_DIR/conf.d"; \
[ ! -d /var/www/html ]; \
mkdir -p /var/www/html; \
chown www-data:www-data /var/www/html; \
chmod 777 /var/www/html
ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2 -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
ENV PHP_CPPFLAGS="PHP_CFLAGS"
ENV PHP_LDFLAGS="-Wl,-O1 -pie"
ENV GPG_KEYS 42670A7FE4D0441C8E4632349E4FDC074A4EF02D 5A52880781F755608BF815FC910DEB46F53EA312
ENV PHP_VERSION 7.4.29
ENV PHP_URL="https://www.php.net/distributions/php-7.4.29.tar.xz" PHP_ASC_URL="https://www.php.net/distributions/php-7.4.29.tar.xz.asc"
ENV PHP_SHA256="7d0f07869f33311ff3fe1138dc0d6c0d673c37fcb737eaed2c6c10a949f1aed6"
RUN set -eux; \
\
apk add --no-cache --virtual .fetch-deps gnupg; \
\
mkdir -p /usr/src; \
cd /usr/src; \
\
curl -fsSL -o php.tar.xz "PHP_URL"; \
\
if [ -n "PHP_SHA256" ]; then \
echo "PHP_SHA256 *php.tar.xz" | sha256sum -c -; \
fi; \
\
if [ -n "PHP_ASC_URL" ]; then \
curl -fsSL -o php.tar.xz.asc "PHP_ASC_URL"; \
export GNUPGHOME="(mktemp -d)"; \
for key in GPG_KEYS; do \
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "key"; \
done; \
gpg --batch --verify php.tar.xz.asc php.tar.xz; \
gpgconf --kill all; \
rm -rf "GNUPGHOME"; \
fi; \
\
apk del --no-network .fetch-deps
COPY docker-php-source /usr/local/bin/
RUN set -eux; \
apk add --no-cache --virtual .build-deps \PHPIZE_DEPS \
argon2-dev \
coreutils \
curl-dev \
gnu-libiconv-dev \
libsodium-dev \
libxml2-dev \
linux-headers \
oniguruma-dev \
openssl-dev \
readline-dev \
sqlite-dev \
; \
\
rm -vf /usr/include/iconv.h; \
ln -sv /usr/include/gnu-libiconv/*.h /usr/include/; \
\
export \
CFLAGS="PHP_CFLAGS" \
CPPFLAGS="PHP_CPPFLAGS" \
LDFLAGS="PHP_LDFLAGS" \
; \
docker-php-source extract; \
cd /usr/src/php; \
gnuArch="(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \
./configure \
--build="gnuArch" \
--with-config-file-path="PHP_INI_DIR" \
--with-config-file-scan-dir="PHP_INI_DIR/conf.d" \
\
--enable-option-checking=fatal \
\
--disable-all \
--with-password-argon2 \
--with-libxml \
--with-openssl \
--with-pear \
--enable-xml \
--enable-mysqlnd \
\
--disable-phpdbg \
\(test "gnuArch" = 's390x-linux-musl' && echo '--without-pcre-jit') \
\
--disable-cgi \
\
--enable-fpm \
--with-fpm-user=www-data \
--with-fpm-group=www-data \
; \
make -j "(nproc)"; \
find -type f -name '*.a' -delete; \
make install; \
find \
/usr/local \
-type f \
-perm '/0111' \
-exec sh -euxc ' \
strip --strip-all "@" || : \
' -- '{}' + \
; \
make clean; \
\
cp -v php.ini-* "PHP_INI_DIR/"; \
\
cd /; \
docker-php-source delete; \
\
runDeps="( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/"1 " ]") == 0 { next } { print "so:" 1 }' \
)"; \
apk add --no-cacherunDeps; \
\
apk del --no-network .build-deps; \
\
php --version
COPY docker-php-ext-* docker-php-entrypoint /usr/local/bin/
ENTRYPOINT ["docker-php-entrypoint"]
WORKDIR /var/www/html
RUN set -eux; \
cd /usr/local/etc; \
if [ -d php-fpm.d ]; then \
sed 's!=NONE/!=!g' php-fpm.conf.default | tee php-fpm.conf > /dev/null; \
cp php-fpm.d/www.conf.default php-fpm.d/www.conf; \
else \
mkdir php-fpm.d; \
cp php-fpm.conf.default php-fpm.d/www.conf; \
{ \
echo '[global]'; \
echo 'include=etc/php-fpm.d/*.conf'; \
} | tee php-fpm.conf; \
fi; \
{ \
echo '[global]'; \
echo 'error_log = /proc/self/fd/2'; \
echo; echo '; https://github.com/docker-library/php/pull/725#issuecomment-443540114'; echo 'log_limit = 8192'; \
echo; \
echo '[www]'; \
echo '; if we send this to /proc/self/fd/1, it never appears'; \
echo 'access.log = /proc/self/fd/2'; \
echo; \
echo 'clear_env = no'; \
echo; \
echo '; Ensure worker stdout and stderr are sent to the main error log.'; \
echo 'catch_workers_output = yes'; \
echo 'decorate_workers_output = no'; \
} | tee php-fpm.d/docker.conf; \
{ \
echo '[global]'; \
echo 'daemonize = no'; \
echo; \
echo '[www]'; \
echo 'listen = 9000'; \
} | tee php-fpm.d/zz-docker.conf
STOPSIGNAL SIGQUIT
EXPOSE 9000
CMD ["php-fpm"]
另一個重要的 Dockerfile
FROM php:7.4-fpm-alpine-origin-custom as builder
ADD https://raw.githubusercontent.com/mlocati/docker-php-extension-installer/master/install-php-extensions /usr/local/bin/
RUN apk update && \
apk upgrade && \
apk add icu-dev libzip-dev curl-dev libxml2-dev oniguruma-dev expat-dev && \
docker-php-ext-install pdo mysqli pdo_mysql opcache exif intl zip ctype curl dom fileinfo filter json mbstring session && \
chmod uga+x /usr/local/bin/install-php-extensions && sync && \
install-php-extensions imagick
FROM php:7.4-fpm-alpine-origin-custom
RUN deluser www-data && \
adduser -D -u 8888 -s /usr/sbin/nologin -h /var/www www-data && \
apk add icu-libs libzip libcurl libxml2 oniguruma expat libgomp imagemagick-libs && \
echo 'extension=imagick.so' > /usr/local/etc/php/conf.d/docker-php-ext-imagick.ini
COPY --from=builder /usr/local/lib/php/extensions/no-debug-non-zts-20190902/*.so /usr/local/lib/php/extensions/no-debug-non-zts-20190902/
COPY --from=builder /usr/local/etc/php/conf.d/* /usr/local/etc/php/conf.d/
客製的 nginx Dockerfile
FROM nginx:1.18-alpine
RUN deluser nginx && adduser -D -u 8888 -s /sbin/nologin -h /var/cache/nginx nginx
build docker image
– docker build -t php:7.4-fpm-alpine-origin-custom -f ./Dockerfile-php74-fpm-origin .
– docker build -t php:7.4-fpm-alpine-cytseng.ibb.tw-custom -f ./Dockerfile-php74-fpm .
– docker build -t nginx:1.18-alpine-custom -f ./Dockerfile-php74-fpm .
亂改的 docker-compose.yaml
version: '3.7'
services:
cytseng.ibb.tw-php-fpm:
image: php:7.4-fpm-alpine-cytseng.ibb.tw-custom
hostname: cytseng.ibb.tw-php-fpm
container_name: cytseng.ibb.tw-php-fpm
volumes:
- /etc/localtime:/etc/localtime:ro
- /srv/web/docker/cytseng.ibb.tw:/usr/share/nginx/html
- ./www.conf:/usr/local/etc/php-fpm.d/www.conf
restart: always
networks:
- cytseng.ibb.tw-network
cytseng.ibb.tw-nginx:
image: nginx:1.18-alpine-custom
hostname: cytseng.ibb.tw-nginx
container_name: cytseng.ibb.tw-nginx
volumes:
- /etc/localtime:/etc/localtime:ro
- /srv/web/docker/cytseng.ibb.tw:/usr/share/nginx/html
- ./default.conf:/etc/nginx/conf.d/default.conf
- ./nginx.conf:/etc/nginx/nginx.conf:ro
ports:
- "8003:80"
restart: always
networks:
- cytseng.ibb.tw-network
networks:
cytseng.ibb.tw-network:
name: cytseng.ibb.tw-network
執行方法
– docker-compose up -d
