Open ngosang opened 3 years ago
Hi, I would also love to have a nginx alpine variant
@J0WI @tianon would that be accepted on the official repository?
There's not a way to create such a thing without adding some kind of process supervisor, right? That brings a lot of other problems with it, unfortunately. :disappointed:
See also https://github.com/docker-library/php/issues/54 (and linked issues) for more discussion around this.
There's not a way to create such a thing without adding some kind of process supervisor, right? That brings a lot of other problems with it, unfortunately.
I am not sure you need any supervisor, here is my working example: https://github.com/sudo-bot/gh-deployer-container/blob/main/docker/Dockerfile
For me, as I do in my Docker images: the fpm service runs in background and then nginx service runs in foreground as the last command run
See also docker-library/php#54 (and linked issues) for more discussion around this.
Thanks :) Will read this soon
In that example, /bin/sh is the (very poor 😬) supervisor.
Yes, you need a supervisor and I recommend s6. It's really lightweight, can spawn several processes (2 in this case), can restart failing tasks (it's configurable), can redirect stdout/stderr of all processes to the docker log, etc... Kanboard uses same technologies Php-fpm+Nginx (s6 supervisor and Mysql backend) and the image is just 20MB compressed: https://github.com/kanboard/kanboard/blob/master/Dockerfile s6 supervisor is really easy to configure. Just create one folder + sh script for each process (we don't need cron here): https://github.com/kanboard/kanboard/tree/master/docker/etc/services.d
Update: I can open a PR if you are willing to consider making it official.
In that example, /bin/sh is the (very poor 😬) supervisor.
Oh, I did not think it like that but now that you say that it's obvious
s6 looks very cool and does not depend on an orgy of python things
I just read the thread and am not sure about the conclusion If it is: no second process in an official container, then we can provide a nginx alpine only container to plug with the fpm alpine container
then we can provide a nginx alpine only container to plug with the fpm alpine container
There is already a nginx:alpine
image available.
then we can provide a nginx alpine only container to plug with the fpm alpine container
There is already a
nginx:alpine
image available.
That's true, best we can do is support back decompressing phpmyadmin into the www folder to make fpm/nginx setups work
Official-images should not be using a process supervisor. It should be "one process" per container; this keeps things consistent, composable, and (hopefully) scalable.
Similar, now closed issue of adding a Apache2 + php-fpm
image: https://github.com/docker-library/php/pull/785. Related: https://github.com/docker-library/official-images/tree/ff0ef95394f0dfe67ac66d5293c0f6b2afdce6f5#init.
Thank you for all your comments, it will be easier to reply to newer questions now
We should document and example with fpm and nginx like roundcube mail does: https://github.com/roundcube/roundcubemail-docker/blob/master/examples/docker-compose-fpm-alpine.yaml
I just built a tiny Docker image for phpPgAdmin. It should work for phpMyAdmin just changing the download URL in the Dockerfile and adding missing php extensions. Feel free to copy the code or whatever you want.
https://github.com/phppgadmin/phppgadmin/pull/144
Official-images should not be using a process supervisor. It should be "one process" per container; this keeps things consistent, composable, and (hopefully) scalable.
That is true, but, since this is an administrative tool and hence, it is not critical in a production environment we can make an exception in favor of convenience. I guarantee you that all the software packaged in that image is solid rock. It also manages stdout/stderr of all processes, clean restarts, clean shutdowns... all of it in 12 MB of disk and 10 MB of RAM, no external dependencies. phpmyadmin:5.1.1-apache
is 178 MB of disk, 60 MB of RAM and the performance is worse.
sounds fine. Current image is fat and has many unnecessary packages, don't know why intermediate php image is not using slim variant. I also prefer fully working alpine version, web-server don't matter (nginx, apache2 or lighttpd).
Current image is fat and has many unnecessary packages, don't know why intermediate php image is not using slim variant.
Can you point me to which Debian-based variant of PHP isn't using the slim
variant?
(I can't seem to find any -- all the ones I check are appropriately FROM debian:bullseye-slim
or FROM debian:buster-slim
)
ups sorry, you are right, slim images are in use, but adding all the packages later. I think after compilation all the make cpp gcc stuff is absolete (except for pecl, but we don't need this for pma).
Right, which is why gcc
and friends get removed after use (in the same image layer, so they don't take up extra space): https://github.com/docker-library/php/blob/b4b4093acd612a1b489c6442585379275e9e4df6/8.1/bullseye/apache/Dockerfile#L263
Oops, sorry, got myself confused with Alpine where re-installing them is fast, they do get kept on Debian builds for phpize
: https://github.com/docker-library/php/blob/b4b4093acd612a1b489c6442585379275e9e4df6/8.1/bullseye/apache/Dockerfile#L18-L29
@tianon is providing an alpine version going to be accepted in the official repository? I am willing to port the work I did on https://github.com/sudo-bot/gh-deployer-container
Unfortunately, https://github.com/sudo-bot/gh-deployer-container/blob/7f72d26f3a971cde2a5b3ee046b13c2980e97493/docker/docker-entrypoint.sh#L99-L101 is going to a be no-go. :see_no_evil:
Unfortunately, https://github.com/sudo-bot/gh-deployer-container/blob/7f72d26f3a971cde2a5b3ee046b13c2980e97493/docker/docker-entrypoint.sh#L99-L101 is going to a be no-go. see_no_evil
Yeah 😄, there is probably an apache way for this ;)
I struggle to use use the image proposed by @ngosang with the PR #144, as I'm running the container with nobody user and read-only. I end up to use an intermediate image with NGINX + PHP. He is the Dockerfile I use :
FROM trafex/alpine-nginx-php7:1.10.0
EXPOSE 8080
USER root
RUN apk --no-cache --update add php7-mbstring php7-pgsql
ENV ARTIFACT_VERSION=REL_7-13-0/phpPgAdmin-7.13.0.tar.gz
RUN curl -L -o /phpPgAdmin.tar.gz https://github.com/phppgadmin/phppgadmin/releases/download/${ARTIFACT_VERSION} \
&& tar -xvzf /phpPgAdmin.tar.gz -C / \
&& rm /phpPgAdmin.tar.gz \
&& mv /phpPgAdmin-*/* /var/www/html
COPY config.inc.php /var/www/html/conf/
RUN chmod 0444 /var/www/html/conf/config.inc.php \
&& chmod 0777 /run /var/lib/nginx/logs/ \
&& chmod 0755 /var/lib/nginx
USER nobody
The config.inc.php changes are :
....
// Display name for the server on the login screen
// Use DB_NAME if defined, or DB_HOST otherwise
if (getenv("DB_NAME")) {
$conf['servers'][0]['desc'] = getenv("DB_NAME");
} else {
$conf['servers'][0]['desc'] = getenv("DB_HOST");
}
// Hostname or IP address for server. Use '' for UNIX domain socket.
// use 'localhost' for TCP/IP connection on this computer
$conf['servers'][0]['host'] = getenv("DB_HOST");
// Database port on server (5432 is the PostgreSQL default)
$conf['servers'][0]['port'] = getenv("DB_PORT");
....
// Default database
$conf['servers'][0]['defaultdb'] = 'postgres';
....
I think s6 is too hard to use with nobody user, whereas supervisord is running fine. If you want to use my Dockerfile, remove all chmod as you may not launch the container with nobody user.
Here is custom solution: https://hub.docker.com/r/beeyev/phpmyadmin-lightweight
This project is built on top of the official phpMyAdmin fpm-alpine image, it includes Caddy webserver (instead of nginx) and extra dark themes. The image is automatically updated, so the latest phpMyAdmin version is always supported.
Compressed size is just 61.56 MB
Here is custom solution: https://hub.docker.com/r/beeyev/phpmyadmin-lightweight
This project is built on top of the official phpMyAdmin fpm-alpine image, it includes Caddy webserver (instead of nginx) and extra dark themes. The image is automatically updated, so the latest phpMyAdmin version is always supported.
Compressed size is just 61.56 MB
Thanks for this, some notes about your project
i just replaced the fat image with this and runs out of the box with 1/3 of the size and even faster. only downside is that is is amd64 only (arm64 would be great).
We should probably try to do an apache2 alpine variant It would suit users Sad for nginx.. but anyway
Here's my version (nginx + php-fpm) : https://framagit.org/colibris-xyz/phpmyadmin-docker
Very simple, built on top of the official image, automatically updated. Currently there is only linux/amd64 support but I can add other platforms if needed.
I would perfer that users do not use different images that are not officially supported by phpmyadmin itself
I am glad to see images created by users, but there is quite a lot of ways to make an image that is not perfect or insecure Maybe someone can contribute an alpine apache2 variant that we can officially support on the official docker registry?
I can do that. But why apache2 and not nginx or caddy? (Just curious)
I can do that. But why apache2 and not nginx or caddy? (Just curious)
Because of this comment: https://github.com/phpmyadmin/docker/issues/346#issuecomment-912147461
Docker Official registry images can only have one process running 🤷
PS: I also prefer nginx
I would perfer that users do not use different images that are not officially supported by phpmyadmin itself
You are not giving the users what they want...
Docker Official registry images can only have one process running shrug
I think you have to be pragmatic here. The advantages of having an image with Alpine + S6 + PHP-FPM + Nginx are huge even if you are breaking that rule.
Hi all,
I did have an idea to avoid the current multi process policy issue, maybe we can use https://frankenphp.dev/ It claims to be a single process to handle everything. I have not tested this, if anyone wants to build an alpine container to see if it would workout then let us know
I don't understand how Apache can be included in the image with FPM, but Nginx cannot. Isn't Apache also a separate process?
I don't understand how Apache can be included in the image with FPM, but Nginx cannot. Isn't Apache also a separate process?
because Apache2 is the one and single process the container is running. And FPM+Nginx requires some 3rd tool to watch over them and start them. So they are not a single process.
First of all, thank you for providing Docker images. Currently I'm using the "apache" flavor because I don't have an external web server. My only complain is the image is heavy. I think it will be easy to extend the "fpm-alpine" image to include a Nginx server. The total size will be similar to "fpm-alpine", about 1 / 3 of the size of "apache" image.