openshiftで簡単なphpテンプレートを作成してみた


はじめに

minishift(openshift)環境においてPHPでコンテンツを作成するためのテンプレートを作成してみます。

RHCCやカタログにもPHPはありますが、composerを入れてパッケージをDLするのが物凄い遅くイライラしたのでcomposer抜きのテンプレートにしました。

利用シーンとしてはCMSや独自コンテンツなどをインストールして使うイメージです(^^♪


構成

ベースはすべてカタログにあるイメージを利用します。

PHPのポッドはフロントエンドなので2つ。s2iベースのカタログにあるPHPテンプレートを利用します。PV付きで両方のコンテナから同じコンテンツを参照できるようにします。

mariadbのポッドはバックエンドなので1つ。もちろんPV付きといった構成です。

図1.png


Gitのディレクトリ構成

非常に単純な構成です。

唯一工夫したのが、ソースをまずはwebroot_srcに登録し、Deploy中にマウントされるPV(webroot)にrunスクリプトでcopyする点です。

├─ .s2i/bin

│  ├─ assemble
│  └─ run
├─ openshift/templates
│  └─ php-mariadb-persistent.json
├─ webroot
│  └─ .gitkeep
└─ webroot_src
  └─ PHPソース

Git:

https://gitlab.com/imp555/php-mariadb-persistent.git


使い方

PHPのソースをwebroot_src直下にPushします。

openshift/templates/php-mariadb-persistent.jsonを使いプロジェクト内にPodsを作成します。

以上終了♪

ソースがPV領域に入ったことで、両方のポッドから見れるのは良いのですが、ソースをアップデートする際に問題となります。

そのため、runスクリプト内でFORCE_UPDATE_SOURCEがある場合は上書きする設定としています。

※ただし...ソースを変更した際にReBuildをする必要があり、そのままにしておくとDeployが走り、

 FORCE_UPDATE_SOURCEを変更する際にもDeployが走るという無駄なDeployが増えます…。

 この辺りの回避方法は検討の余地がありそうだと認識しています(;'∀')


openshift template

標準のPHPテンプレートからの変更点

- 削ったのはcomposer関連の部分

- 追加したのはPHP用PV

- 追加したのは環境変数FORCE_UPDATE_SOURCE


openshift/templates/php-mariadb-persistent.json

{

"kind": "Template",
"apiVersion": "v1",
"metadata": {
"name": "php-mariadb-persistent",
"annotations": {
"openshift.io/display-name": "PHP + MariaDB",
"description": "An example PHP application with a MariaDB. For more information about using this template, including OpenShift considerations, see https://gitlab.com/imp555/php-mariadb-persistent.git",
"tags": "quickstart,php,mariadb",
"iconClass": "icon-php",
"openshift.io/long-description": "This template defines resources needed to develop a PHP application, including a build configuration, application deployment configuration, and database deployment configuration.",
"openshift.io/documentation-url": "https://gitlab.com/imp555/php-mariadb-persistent.git",
"template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://gitlab.com/imp555/php-mariadb-persistent.git",
"labels": {
"template": "php-mariadb-persistent",
"app": "php-mariadb-persistent"
},
"objects": [
{
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}"
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
"database-password" : "${DATABASE_PASSWORD}"
}
},
{
"kind": "PersistentVolumeClaim",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}"
},
"spec": {
"accessModes": [
"ReadWriteMany"
],
"resources": {
"requests": {
"storage": "${PHP_VOLUME_CAPACITY}"
}
}
}
},
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Exposes and load balances the application pods",
"service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
}
},
"spec": {
"ports": [
{
"name": "web",
"port": 8080,
"targetPort": 8080
}
],
"selector": {
"name": "${NAME}"
}
}
},
{
"kind": "Route",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
"to": {
"kind": "Service",
"name": "${NAME}"
}
}
},
{
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Keeps track of changes in the application image"
}
}
},
{
"kind": "BuildConfig",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Defines how to build the application",
"template.alpha.openshift.io/wait-for-ready": "true"
}
},
"spec": {
"source": {
"type": "Git",
"git": {
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
"contextDir": "${CONTEXT_DIR}"
},
"strategy": {
"type": "Source",
"sourceStrategy": {
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
"name": "php:${PHP_VERSION}"
},
"env": [
{
"name": "FORCE_UPDATE_SOURCE",
"value": "${FORCE_UPDATE_SOURCE}"
}
]
}
},
"output": {
"to": {
"kind": "ImageStreamTag",
"name": "${NAME}:latest"
}
},
"triggers": [
{
"type": "ImageChange"
},
{
"type": "ConfigChange"
},
{
"type": "GitHub",
"github": {
"secret": "${GITHUB_WEBHOOK_SECRET}"
}
}
]
}
},
{
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Defines how to deploy the application server",
"template.alpha.openshift.io/wait-for-ready": "true"
}
},
"spec": {
"strategy": {
"type": "Recreate",
},
"triggers": [
{
"type": "ImageChange",
"imageChangeParams": {
"automatic": true,
"containerNames": [
"php-mariadb-persistent"
],
"from": {
"kind": "ImageStreamTag",
"name": "${NAME}:latest"
}
}
},
{
"type": "ConfigChange"
}
],
"replicas": 2,
"selector": {
"name": "${NAME}"
},
"template": {
"metadata": {
"name": "${NAME}",
"labels": {
"name": "${NAME}"
}
},
"spec": {
"volumes": [
{
"name": "${NAME}-data",
"persistentVolumeClaim": {
"claimName": "${NAME}"
}
}
],
"containers": [
{
"name": "php-mariadb-persistent",
"image": " ",
"ports": [
{
"containerPort": 8080
}
],
"volumeMounts": [
{
"name": "${NAME}-data",
"mountPath": "/opt/app-root/src/webroot"
}
],
"readinessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 3,
"periodSeconds": 60,
"failureThreshold": 3,
"tcpSocket": {
"port": 8080
}
},
"livenessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 30,
"periodSeconds": 60,
"failureThreshold": 3,
"httpGet": {
"path": "/.health.html",
"port": 8080
}
},
"env": [
{
"name": "DATABASE_SERVICE_NAME",
"value": "${DATABASE_SERVICE_NAME}"
},
{
"name": "DATABASE_ENGINE",
"value": "${DATABASE_ENGINE}"
},
{
"name": "DATABASE_NAME",
"value": "${DATABASE_NAME}"
},
{
"name": "DATABASE_USER",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-user"
}
}
},
{
"name": "DATABASE_PASSWORD",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-password"
}
}
},
{
"name": "OPCACHE_REVALIDATE_FREQ",
"value": "${OPCACHE_REVALIDATE_FREQ}"
}
],
"resources": {
"limits": {
"memory": "${MEMORY_LIMIT}"
}
}
}
]
}
}
}
},
{
"kind": "PersistentVolumeClaim",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
"spec": {
"accessModes": [
"ReadWriteOnce"
],
"resources": {
"requests": {
"storage": "${DB_VOLUME_CAPACITY}"
}
}
}
},
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"annotations": {
"description": "Exposes the database server"
}
},
"spec": {
"ports": [
{
"name": "mariadb",
"port": 3306,
"targetPort": 3306
}
],
"selector": {
"name": "${DATABASE_SERVICE_NAME}"
}
}
},
{
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"annotations": {
"description": "Defines how to deploy the database",
"template.alpha.openshift.io/wait-for-ready": "true"
}
},
"spec": {
"strategy": {
"type": "Recreate"
},
"triggers": [
{
"type": "ImageChange",
"imageChangeParams": {
"automatic": true,
"containerNames": [
"mariadb"
],
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
"name": "mariadb:${MARIADB_VERSION}"
}
}
},
{
"type": "ConfigChange"
}
],
"replicas": 1,
"selector": {
"name": "${DATABASE_SERVICE_NAME}"
},
"template": {
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"labels": {
"name": "${DATABASE_SERVICE_NAME}"
}
},
"spec": {
"volumes": [
{
"name": "${DATABASE_SERVICE_NAME}-data",
"persistentVolumeClaim": {
"claimName": "${DATABASE_SERVICE_NAME}"
}
}
],
"containers": [
{
"name": "mariadb",
"image": " ",
"ports": [
{
"containerPort": 3306
}
],
"volumeMounts": [
{
"name": "${DATABASE_SERVICE_NAME}-data",
"mountPath": "/var/lib/mysql/data"
}
],
"readinessProbe": {
"timeoutSeconds": 1,
"initialDelaySeconds": 5,
"exec": {
"command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
}
},
"livenessProbe": {
"timeoutSeconds": 1,
"initialDelaySeconds": 30,
"tcpSocket": {
"port": 3306
}
},
"env": [
{
"name": "MYSQL_USER",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-user"
}
}
},
{
"name": "MYSQL_PASSWORD",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-password"
}
}
},
{
"name": "MYSQL_DATABASE",
"value": "${DATABASE_NAME}"
}
],
"resources": {
"limits": {
"memory": "${MEMORY_MYSQL_LIMIT}"
}
}
}
]
}
}
}
}
],
"parameters": [
{
"name": "NAME",
"displayName": "Name",
"description": "The name assigned to all of the frontend objects defined in this template.",
"required": true,
"value": "php-mariadb-persistent"
},
{
"name": "NAMESPACE",
"displayName": "Namespace",
"description": "The OpenShift Namespace where the ImageStream resides.",
"required": true,
"value": "openshift"
},
{
"name": "PHP_VERSION",
"displayName": "PHP Version",
"description": "Version of PHP image to be used (7.1 or latest).",
"required": true,
"value": "7.1"
},
{
"name": "MARIADB_VERSION",
"displayName": "MariaDB Version",
"description": "Version of MariaDB image to be used (10.2 or latest).",
"required": true,
"value": "10.2"
},
{
"name": "MEMORY_LIMIT",
"displayName": "Memory Limit",
"description": "Maximum amount of memory the PHP container can use.",
"required": true,
"value": "512Mi"
},
{
"name": "MEMORY_MYSQL_LIMIT",
"displayName": "Memory Limit (MariaDB)",
"description": "Maximum amount of memory the MariaDB container can use.",
"required": true,
"value": "512Mi"
},
{
"name": "PHP_VOLUME_CAPACITY",
"displayName": "PHP Volume Capacity",
"description": "PHP volume space available for data, e.g. 512Mi, 2Gi",
"value": "1Gi",
"required": true
},
{
"name": "DB_VOLUME_CAPACITY",
"displayName": "Database Volume Capacity",
"description": "Database volume space available for data, e.g. 512Mi, 2Gi",
"value": "1Gi",
"required": true
},
{
"name": "SOURCE_REPOSITORY_URL",
"displayName": "Git Repository URL",
"description": "The URL of the repository with your application source code.",
"required": true,
"value": "https://gitlab.com/imp555/php-mariadb-persistent.git"
},
{
"name": "SOURCE_REPOSITORY_REF",
"displayName": "Git Reference",
"description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
},
{
"name": "CONTEXT_DIR",
"displayName": "Context Directory",
"description": "Set this to the relative path to your project if it is not in the root of your repository."
},
{
"name": "APPLICATION_DOMAIN",
"displayName": "Application Hostname",
"description": "The exposed hostname that will route to the PHP service, if left blank a value will be defaulted.",
"value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
"description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
{
"name": "DATABASE_SERVICE_NAME",
"displayName": "Database Service Name",
"required": true,
"value": "mariadb"
},
{
"name": "DATABASE_ENGINE",
"displayName": "Database Engine",
"description": "Database engine: postgresql, mysql or sqlite (default).",
"required": true,
"value": "mysql"
},
{
"name": "DATABASE_NAME",
"displayName": "Database Name",
"required": true,
"value": "default"
},
{
"name": "DATABASE_USER",
"displayName": "Database User",
"required": true,
"value": "dbuser"
},
{
"name": "DATABASE_PASSWORD",
"displayName": "Database Password",
"generate": "expression",
"from": "[a-zA-Z0-9]{16}"
},
{
"name": "OPCACHE_REVALIDATE_FREQ",
"displayName": "OPcache Revalidation Frequency",
"description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.",
"value": "2"
},
{
"name": "FORCE_UPDATE_SOURCE",
"displayName": "Force Update Source Files",
"description": "If you need update source, set true.",
"value": ""
}
]
}


assembleスクリプト

assembleスクリプトでは、標準のassembleをCallした後にapacheの設定変更、php.iniの設定変更を行っています。

httpd.conの設定変更は

- メインのconfは、${HTTPD_MAIN_CONF_PATH}/httpd.conf

- インクルードされるconfは、${HTTPD_MAIN_CONF_D_PATH}

php.iniの設定変更は

- ${APP_ROOT}/etc/php.ini.templateに対して行います。


.s2i/bin/assemble

#!/bin/bash -e

echo "*--------------------------------------------------------------------------[ENV]"
set

echo "*---------------------------------------------------------[exec assemble script]"
source ${STI_SCRIPTS_PATH}/assemble

[[ -d ./tmp ]] && chmod -R go+rw ./tmp

echo "*--------------------------------------------------------------[apache settings]"
sed -i '1iHeader unset X-Powered-By' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '1iTraceEnable Off' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '1iServerSignature Off' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '1iServerTokens Prod' ${HTTPD_MAIN_CONF_PATH}/httpd.conf

sed -i 's/\/opt\/app-root\/src/\/opt\/app-root\/src\/webroot/g' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '/^<Directory \"\/opt\/app-root\/src\/webroot\">/a Require method GET POST' ${HTTPD_MAIN_CONF_PATH}/httpd.conf

sed -i 's/Options Indexes FollowSymLinks/Options FollowSymLinks/g' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
rm -f ${HTTPD_MAIN_CONF_D_PATH}/autoindex.conf
rm -f ${HTTPD_MAIN_CONF_D_PATH}/welcome.conf

echo "*-----------------------------------------------------------------[php settings]"

sed -i 's/date.timezone = GMT/date.timezone = \"Asia\/Tokyo\"/' ${APP_ROOT}/etc/php.ini.template

sed -i 's/;mbstring.language = Japanese/mbstring.language = Japanese/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.internal_encoding =/mbstring.internal_encoding = UTF-8/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.http_input =/mbstring.http_input = UTF-8/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.http_output =/mbstring.http_output = pass/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.encoding_translation = Off/mbstring.encoding_translation = On/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.detect_order = auto/mbstring.detect_order = auto/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.substitute_character = none/mbstring.substitute_character = none/' ${APP_ROOT}/etc/php.ini.template



runスクリプト

runスクリプトでは、最初にソースをコピーする必要がある場合はPV領域にコピーし、最後に標準のrunをCallします。


.s2i/bin/run

#!/bin/bash -e

echo "*--------------------------------------------------------------------------[ENV]"
set

echo "*-----------------------------------------------------------[install php source]"
if [ -n "${FORCE_UPDATE_SOURCE}" ] || [ -z "$(ls ~/webroot/)" ]; then
echo "-> Install source code..."
cp -R ~/webroot_src/* ~/webroot/
if [ -z "$(ls ~/webroot/.h*)" ]; then
cp -R ~/webroot_src/.h* ~/webroot/
fi
fi

echo "*--------------------------------------------------------------[exec run script]"
export DOCUMENTROOT=/webroot/
source ${STI_SCRIPTS_PATH}/run



さいごに

今回のテンプレート

readinessProbe8080ポートをTCPで突っついて

livenessProbe/.health.htmlを参照するように設計されています。

インストールするCMS等によっては.htaccessでURLが制御され/.health.htmlにアクセスできない可能性もあります。

DeployでCrask Loop Back Offとなる場合は、一度livenessProbeを削除して試してみてください。

そして、相応しいURLに替えて設定してください。


openshift/templates/php-mariadb-persistent.json

                "readinessProbe": {

"timeoutSeconds": 3,
"initialDelaySeconds": 3,
"periodSeconds": 60,
"failureThreshold": 3,
"tcpSocket": {
"port": 8080
}
},
"livenessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 30,
"periodSeconds": 60,
"failureThreshold": 3,
"httpGet": {
"path": "/.health.html",
"port": 8080
}
},