はじめに
minishift(openshift)環境においてPHPでコンテンツを作成するためのテンプレートを作成してみます。
RHCCやカタログにもPHPはありますが、composerを入れてパッケージをDLするのが物凄い遅くイライラしたのでcomposer抜きのテンプレートにしました。
利用シーンとしてはCMSや独自コンテンツなどをインストールして使うイメージです(^^♪
構成
ベースはすべてカタログにあるイメージを利用します。
PHPのポッドはフロントエンドなので2つ。s2iベースのカタログにあるPHPテンプレートを利用します。PV付きで両方のコンテナから同じコンテンツを参照できるようにします。
mariadbのポッドはバックエンドなので1つ。もちろんPV付きといった構成です。
Gitのディレクトリ構成
非常に単純な構成です。
唯一工夫したのが、ソースをまずはwebroot_src
に登録し、Deploy中にマウントされるPV(webroot
)にrun
スクリプトでcopyする点です。
├─ .s2i/bin
│ ├─ assemble
│ └─ run
├─ openshift/templates
│ └─ php-mariadb-persistent.json
├─ webroot
│ └─ .gitkeep
└─ webroot_src
└─ PHPソース
Git:
https://gitlab.com/imp555/php-mariadb-persistent.git
使い方
PHPのソースをwebroot_src
直下にPushします。
openshift/templates/php-mariadb-persistent.json
を使いプロジェクト内にPodsを作成します。
以上終了♪
ソースがPV領域に入ったことで、両方のポッドから見れるのは良いのですが、ソースをアップデートする際に問題となります。
そのため、runスクリプト内でFORCE_UPDATE_SOURCE
がある場合は上書きする設定としています。
※ただし...ソースを変更した際にReBuildをする必要があり、そのままにしておくとDeployが走り、
FORCE_UPDATE_SOURCE
を変更する際にもDeployが走るという無駄なDeployが増えます…。
この辺りの回避方法は検討の余地がありそうだと認識しています(;'∀')
openshift template
標準のPHPテンプレートからの変更点
- 削ったのはcomposer関連の部分
- 追加したのはPHP用PV
- 追加したのは環境変数FORCE_UPDATE_SOURCE
{
"kind": "Template",
"apiVersion": "v1",
"metadata": {
"name": "php-mariadb-persistent",
"annotations": {
"openshift.io/display-name": "PHP + MariaDB",
"description": "An example PHP application with a MariaDB. For more information about using this template, including OpenShift considerations, see https://gitlab.com/imp555/php-mariadb-persistent.git",
"tags": "quickstart,php,mariadb",
"iconClass": "icon-php",
"openshift.io/long-description": "This template defines resources needed to develop a PHP application, including a build configuration, application deployment configuration, and database deployment configuration.",
"openshift.io/documentation-url": "https://gitlab.com/imp555/php-mariadb-persistent.git",
"template.openshift.io/bindable": "false"
}
},
"message": "The following service(s) have been created in your project: ${NAME}, ${DATABASE_SERVICE_NAME}.\n\nFor more information about using this template, including OpenShift considerations, see https://gitlab.com/imp555/php-mariadb-persistent.git",
"labels": {
"template": "php-mariadb-persistent",
"app": "php-mariadb-persistent"
},
"objects": [
{
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}"
},
"stringData" : {
"database-user" : "${DATABASE_USER}",
"database-password" : "${DATABASE_PASSWORD}"
}
},
{
"kind": "PersistentVolumeClaim",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}"
},
"spec": {
"accessModes": [
"ReadWriteMany"
],
"resources": {
"requests": {
"storage": "${PHP_VOLUME_CAPACITY}"
}
}
}
},
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Exposes and load balances the application pods",
"service.alpha.openshift.io/dependencies": "[{\"name\": \"${DATABASE_SERVICE_NAME}\", \"kind\": \"Service\"}]"
}
},
"spec": {
"ports": [
{
"name": "web",
"port": 8080,
"targetPort": 8080
}
],
"selector": {
"name": "${NAME}"
}
}
},
{
"kind": "Route",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}"
},
"spec": {
"host": "${APPLICATION_DOMAIN}",
"to": {
"kind": "Service",
"name": "${NAME}"
}
}
},
{
"kind": "ImageStream",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Keeps track of changes in the application image"
}
}
},
{
"kind": "BuildConfig",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Defines how to build the application",
"template.alpha.openshift.io/wait-for-ready": "true"
}
},
"spec": {
"source": {
"type": "Git",
"git": {
"uri": "${SOURCE_REPOSITORY_URL}",
"ref": "${SOURCE_REPOSITORY_REF}"
},
"contextDir": "${CONTEXT_DIR}"
},
"strategy": {
"type": "Source",
"sourceStrategy": {
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
"name": "php:${PHP_VERSION}"
},
"env": [
{
"name": "FORCE_UPDATE_SOURCE",
"value": "${FORCE_UPDATE_SOURCE}"
}
]
}
},
"output": {
"to": {
"kind": "ImageStreamTag",
"name": "${NAME}:latest"
}
},
"triggers": [
{
"type": "ImageChange"
},
{
"type": "ConfigChange"
},
{
"type": "GitHub",
"github": {
"secret": "${GITHUB_WEBHOOK_SECRET}"
}
}
]
}
},
{
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
"name": "${NAME}",
"annotations": {
"description": "Defines how to deploy the application server",
"template.alpha.openshift.io/wait-for-ready": "true"
}
},
"spec": {
"strategy": {
"type": "Recreate",
},
"triggers": [
{
"type": "ImageChange",
"imageChangeParams": {
"automatic": true,
"containerNames": [
"php-mariadb-persistent"
],
"from": {
"kind": "ImageStreamTag",
"name": "${NAME}:latest"
}
}
},
{
"type": "ConfigChange"
}
],
"replicas": 2,
"selector": {
"name": "${NAME}"
},
"template": {
"metadata": {
"name": "${NAME}",
"labels": {
"name": "${NAME}"
}
},
"spec": {
"volumes": [
{
"name": "${NAME}-data",
"persistentVolumeClaim": {
"claimName": "${NAME}"
}
}
],
"containers": [
{
"name": "php-mariadb-persistent",
"image": " ",
"ports": [
{
"containerPort": 8080
}
],
"volumeMounts": [
{
"name": "${NAME}-data",
"mountPath": "/opt/app-root/src/webroot"
}
],
"readinessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 3,
"periodSeconds": 60,
"failureThreshold": 3,
"tcpSocket": {
"port": 8080
}
},
"livenessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 30,
"periodSeconds": 60,
"failureThreshold": 3,
"httpGet": {
"path": "/.health.html",
"port": 8080
}
},
"env": [
{
"name": "DATABASE_SERVICE_NAME",
"value": "${DATABASE_SERVICE_NAME}"
},
{
"name": "DATABASE_ENGINE",
"value": "${DATABASE_ENGINE}"
},
{
"name": "DATABASE_NAME",
"value": "${DATABASE_NAME}"
},
{
"name": "DATABASE_USER",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-user"
}
}
},
{
"name": "DATABASE_PASSWORD",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-password"
}
}
},
{
"name": "OPCACHE_REVALIDATE_FREQ",
"value": "${OPCACHE_REVALIDATE_FREQ}"
}
],
"resources": {
"limits": {
"memory": "${MEMORY_LIMIT}"
}
}
}
]
}
}
}
},
{
"kind": "PersistentVolumeClaim",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}"
},
"spec": {
"accessModes": [
"ReadWriteOnce"
],
"resources": {
"requests": {
"storage": "${DB_VOLUME_CAPACITY}"
}
}
}
},
{
"kind": "Service",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"annotations": {
"description": "Exposes the database server"
}
},
"spec": {
"ports": [
{
"name": "mariadb",
"port": 3306,
"targetPort": 3306
}
],
"selector": {
"name": "${DATABASE_SERVICE_NAME}"
}
}
},
{
"kind": "DeploymentConfig",
"apiVersion": "v1",
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"annotations": {
"description": "Defines how to deploy the database",
"template.alpha.openshift.io/wait-for-ready": "true"
}
},
"spec": {
"strategy": {
"type": "Recreate"
},
"triggers": [
{
"type": "ImageChange",
"imageChangeParams": {
"automatic": true,
"containerNames": [
"mariadb"
],
"from": {
"kind": "ImageStreamTag",
"namespace": "${NAMESPACE}",
"name": "mariadb:${MARIADB_VERSION}"
}
}
},
{
"type": "ConfigChange"
}
],
"replicas": 1,
"selector": {
"name": "${DATABASE_SERVICE_NAME}"
},
"template": {
"metadata": {
"name": "${DATABASE_SERVICE_NAME}",
"labels": {
"name": "${DATABASE_SERVICE_NAME}"
}
},
"spec": {
"volumes": [
{
"name": "${DATABASE_SERVICE_NAME}-data",
"persistentVolumeClaim": {
"claimName": "${DATABASE_SERVICE_NAME}"
}
}
],
"containers": [
{
"name": "mariadb",
"image": " ",
"ports": [
{
"containerPort": 3306
}
],
"volumeMounts": [
{
"name": "${DATABASE_SERVICE_NAME}-data",
"mountPath": "/var/lib/mysql/data"
}
],
"readinessProbe": {
"timeoutSeconds": 1,
"initialDelaySeconds": 5,
"exec": {
"command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ]
}
},
"livenessProbe": {
"timeoutSeconds": 1,
"initialDelaySeconds": 30,
"tcpSocket": {
"port": 3306
}
},
"env": [
{
"name": "MYSQL_USER",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-user"
}
}
},
{
"name": "MYSQL_PASSWORD",
"valueFrom": {
"secretKeyRef" : {
"name" : "${NAME}",
"key" : "database-password"
}
}
},
{
"name": "MYSQL_DATABASE",
"value": "${DATABASE_NAME}"
}
],
"resources": {
"limits": {
"memory": "${MEMORY_MYSQL_LIMIT}"
}
}
}
]
}
}
}
}
],
"parameters": [
{
"name": "NAME",
"displayName": "Name",
"description": "The name assigned to all of the frontend objects defined in this template.",
"required": true,
"value": "php-mariadb-persistent"
},
{
"name": "NAMESPACE",
"displayName": "Namespace",
"description": "The OpenShift Namespace where the ImageStream resides.",
"required": true,
"value": "openshift"
},
{
"name": "PHP_VERSION",
"displayName": "PHP Version",
"description": "Version of PHP image to be used (7.1 or latest).",
"required": true,
"value": "7.1"
},
{
"name": "MARIADB_VERSION",
"displayName": "MariaDB Version",
"description": "Version of MariaDB image to be used (10.2 or latest).",
"required": true,
"value": "10.2"
},
{
"name": "MEMORY_LIMIT",
"displayName": "Memory Limit",
"description": "Maximum amount of memory the PHP container can use.",
"required": true,
"value": "512Mi"
},
{
"name": "MEMORY_MYSQL_LIMIT",
"displayName": "Memory Limit (MariaDB)",
"description": "Maximum amount of memory the MariaDB container can use.",
"required": true,
"value": "512Mi"
},
{
"name": "PHP_VOLUME_CAPACITY",
"displayName": "PHP Volume Capacity",
"description": "PHP volume space available for data, e.g. 512Mi, 2Gi",
"value": "1Gi",
"required": true
},
{
"name": "DB_VOLUME_CAPACITY",
"displayName": "Database Volume Capacity",
"description": "Database volume space available for data, e.g. 512Mi, 2Gi",
"value": "1Gi",
"required": true
},
{
"name": "SOURCE_REPOSITORY_URL",
"displayName": "Git Repository URL",
"description": "The URL of the repository with your application source code.",
"required": true,
"value": "https://gitlab.com/imp555/php-mariadb-persistent.git"
},
{
"name": "SOURCE_REPOSITORY_REF",
"displayName": "Git Reference",
"description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch."
},
{
"name": "CONTEXT_DIR",
"displayName": "Context Directory",
"description": "Set this to the relative path to your project if it is not in the root of your repository."
},
{
"name": "APPLICATION_DOMAIN",
"displayName": "Application Hostname",
"description": "The exposed hostname that will route to the PHP service, if left blank a value will be defaulted.",
"value": ""
},
{
"name": "GITHUB_WEBHOOK_SECRET",
"displayName": "GitHub Webhook Secret",
"description": "Github trigger secret. A difficult to guess string encoded as part of the webhook URL. Not encrypted.",
"generate": "expression",
"from": "[a-zA-Z0-9]{40}"
},
{
"name": "DATABASE_SERVICE_NAME",
"displayName": "Database Service Name",
"required": true,
"value": "mariadb"
},
{
"name": "DATABASE_ENGINE",
"displayName": "Database Engine",
"description": "Database engine: postgresql, mysql or sqlite (default).",
"required": true,
"value": "mysql"
},
{
"name": "DATABASE_NAME",
"displayName": "Database Name",
"required": true,
"value": "default"
},
{
"name": "DATABASE_USER",
"displayName": "Database User",
"required": true,
"value": "dbuser"
},
{
"name": "DATABASE_PASSWORD",
"displayName": "Database Password",
"generate": "expression",
"from": "[a-zA-Z0-9]{16}"
},
{
"name": "OPCACHE_REVALIDATE_FREQ",
"displayName": "OPcache Revalidation Frequency",
"description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.",
"value": "2"
},
{
"name": "FORCE_UPDATE_SOURCE",
"displayName": "Force Update Source Files",
"description": "If you need update source, set true.",
"value": ""
}
]
}
assemble
スクリプト
assemble
スクリプトでは、標準のassemble
をCallした後にapacheの設定変更、php.ini
の設定変更を行っています。
httpd.con
の設定変更は
- メインのconfは、${HTTPD_MAIN_CONF_PATH}/httpd.conf
- インクルードされるconfは、${HTTPD_MAIN_CONF_D_PATH}
php.ini
の設定変更は
- ${APP_ROOT}/etc/php.ini.template
に対して行います。
#!/bin/bash -e
echo "*--------------------------------------------------------------------------[ENV]"
set
echo "*---------------------------------------------------------[exec assemble script]"
source ${STI_SCRIPTS_PATH}/assemble
[[ -d ./tmp ]] && chmod -R go+rw ./tmp
echo "*--------------------------------------------------------------[apache settings]"
sed -i '1iHeader unset X-Powered-By' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '1iTraceEnable Off' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '1iServerSignature Off' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '1iServerTokens Prod' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i 's/\/opt\/app-root\/src/\/opt\/app-root\/src\/webroot/g' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i '/^<Directory \"\/opt\/app-root\/src\/webroot\">/a Require method GET POST' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
sed -i 's/Options Indexes FollowSymLinks/Options FollowSymLinks/g' ${HTTPD_MAIN_CONF_PATH}/httpd.conf
rm -f ${HTTPD_MAIN_CONF_D_PATH}/autoindex.conf
rm -f ${HTTPD_MAIN_CONF_D_PATH}/welcome.conf
echo "*-----------------------------------------------------------------[php settings]"
sed -i 's/date.timezone = GMT/date.timezone = \"Asia\/Tokyo\"/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.language = Japanese/mbstring.language = Japanese/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.internal_encoding =/mbstring.internal_encoding = UTF-8/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.http_input =/mbstring.http_input = UTF-8/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.http_output =/mbstring.http_output = pass/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.encoding_translation = Off/mbstring.encoding_translation = On/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.detect_order = auto/mbstring.detect_order = auto/' ${APP_ROOT}/etc/php.ini.template
sed -i 's/;mbstring.substitute_character = none/mbstring.substitute_character = none/' ${APP_ROOT}/etc/php.ini.template
run
スクリプト
run
スクリプトでは、最初にソースをコピーする必要がある場合はPV領域にコピーし、最後に標準のrun
をCallします。
#!/bin/bash -e
echo "*--------------------------------------------------------------------------[ENV]"
set
echo "*-----------------------------------------------------------[install php source]"
if [ -n "${FORCE_UPDATE_SOURCE}" ] || [ -z "$(ls ~/webroot/)" ]; then
echo "-> Install source code..."
cp -Rf ~/webroot_src/* ~/webroot/
if [ -z "$(ls ~/webroot/.h*)" ]; then
cp -Rf ~/webroot_src/.h* ~/webroot/
fi
fi
echo "*--------------------------------------------------------------[exec run script]"
export DOCUMENTROOT=/webroot/
source ${STI_SCRIPTS_PATH}/run
さいごに
今回のテンプレート
readinessProbeは8080
ポートをTCPで突っついて
livenessProbeは/.health.html
を参照するように設計されています。
インストールするCMS等によっては.htaccessでURLが制御され/.health.html
にアクセスできない可能性もあります。
DeployでCrask Loop Back Offとなる場合は、一度livenessProbeを削除して試してみてください。
そして、相応しいURLに替えて設定してください。
"readinessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 3,
"periodSeconds": 60,
"failureThreshold": 3,
"tcpSocket": {
"port": 8080
}
},
"livenessProbe": {
"timeoutSeconds": 3,
"initialDelaySeconds": 30,
"periodSeconds": 60,
"failureThreshold": 3,
"httpGet": {
"path": "/.health.html",
"port": 8080
}
},