'Docker Volumes in ECS -- how to connect nginx with php-fpm using unix socket
I tried to make the construction like figure1.
In the local environment, I can access http://127.0.0.1 after running docker-compose up -d --build
.
And I pushed these images to ECR and used for ECS tasks.
But the tasks doesn't run because Task failed ELB health checks in (target-group arn:aws:elasticloadbalancing:ap-northeast-1:xxxxxxxxxxxx:targetgroup/test-http/xxxxxxxxxxxxxxxx)
.
So I deleted
health_check {
interval = 30
port = 80
timeout = 10
healthy_threshold = 3
unhealthy_threshold = 3
}
from aws_lb_target_group.tf
.
And now, task runs but browser shows File not found.
when I access ALB DNS name.
Do you have any idea to construct nginx and php-fpm with unix socket in ECS?
In the local environment, I checked volumes.
It shows like this.
% docker-compose exec php-fpm ls -al /var/run/php-fpm
total 8
drwxr-xr-x 2 root root 4096 Nov 21 01:45 .
drwxr-xr-x 1 root root 4096 Nov 21 01:41 ..
srw-rw-rw- 1 www-data www-data 0 Nov 21 01:45 php-fpm.sock
% docker-compose exec nginx ls -al /var/run/php-fpm
total 8
drwxr-xr-x 2 root root 4096 Nov 21 01:45 .
drwxr-xr-x 1 root root 4096 Nov 21 01:45 ..
srw-rw-rw- 1 xfs xfs 0 Nov 21 01:45 php-fpm.sock
% docker volume ls
DRIVER VOLUME NAME
local test_db-store
local sock
I wonder if Docker volumes settings are correct or not.
I'll show show some files below.
Thank you for any help you can provide.
Files
docker-compose.yml
version: "3.8"
volumes:
php-fpm-socket:
name: sock
db-store:
services:
nginx:
container_name: ${APP_NAME}-nginx
build:
context: .
dockerfile: ./docker/nginx/Dockerfile
ports:
- "${WEB_PORT:-80}:80"
- "3000:3000"
- "3001:3001"
volumes:
- php-fpm-socket:/var/run/php-fpm
- ./src/:/app
php-fpm:
container_name: ${APP_NAME}-php-fpm
build:
context: .
dockerfile: ./docker/php-fpm/Dockerfile
volumes:
- php-fpm-socket:/var/run/php-fpm
- ./src/:/app
environment:
- DB_CONNECTION=mysql
- DB_HOST=${DB_HOST:-mysql}
- DB_PORT=3306
- DB_DATABASE=${DB_NAME:-test}
- DB_USERNAME=$DB_USER
- DB_PASSWORD=$DB_PASSWORD
mysql:
container_name: ${APP_NAME}-mysql
build:
context: .
dockerfile: ./docker/mysql/Dockerfile
volumes:
- db-store:/var/lib/mysql
environment:
- MYSQL_DATABASE=$DB_NAME
- MYSQL_USER=$DB_USER
- MYSQL_PASSWORD=$DB_PASSWORD
- MYSQL_ROOT_PASSWORD=$DB_ROOT_PASSWORD
- TZ=$TZ
docker/nginx/Dockerfile
FROM node:14.15-alpine as node
FROM nginx:1.19-alpine
SHELL [ "/bin/ash", "-oeux", "pipefail", "-c" ]
ENV TZ=UTC
RUN apk update && \
apk add --update --no-cache --virtual=.build-dependencies g++
COPY --from=node /usr/local/bin /usr/local/bin
COPY --from=node /usr/local/lib /usr/local/lib
COPY --from=node /opt /opt
COPY ./docker/nginx/default.conf /etc/nginx/conf.d/default.conf
WORKDIR /app
docker/nginx/default.conf
access_log /dev/stdout main;
error_log /dev/stderr warn;
server {
listen 80;
root /app/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
docker/php-fpm/Dockerfile
FROM php:7.4-fpm-buster
SHELL ["/bin/bash", "-oeux", "pipefail", "-c"]
ENV TZ=UTC \
LANG=en_US:UTF-8 \
LANGUAGE=en_US:en \
LC_ALL=en_US.UTF-8 \
COMPOSER_ALLOW_SUPERUSER=1 \
COMPOSER_HOME=/composer
COPY --from=composer:2.0 /usr/bin/composer /usr/bin/composer
RUN apt-get update && \
apt-get -y install git libicu-dev libonig-dev libzip-dev unzip locales && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \
locale-gen en_US.UTF-8 && \
localedef -f UTF-8 -i en_US en_US.UTF-8 && \
mkdir /var/run/php-fpm && \
docker-php-ext-install intl pdo_mysql zip bcmath && \
composer config -g process-timeout 3600 && \
composer config -g repos.packagist composer https://packagist.org
COPY ./docker/php-fpm/php-fpm.d/zzz-www.conf /usr/local/etc/php-fpm.d/zzz-www.conf
COPY ./docker/php-fpm/php.ini /usr/local/etc/php/php.ini
WORKDIR /app
docker/php-fpm/php-fpm.d/zzz-www.conf
[www]
listen = /var/run/php-fpm/php-fpm.sock
listen.owner = www-data
listen.group = www-data
listen.mode = 0666
task definition
{
"ipcMode": null,
"executionRoleArn": null,
"containerDefinitions": [
{
"dnsSearchDomains": null,
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": {
"awslogs-group": "test",
"awslogs-region": "ap-northeast-1",
"awslogs-stream-prefix": "php-fpm"
}
},
"entryPoint": null,
"portMappings": [],
"command": null,
"linuxParameters": null,
"cpu": 300,
"environment": [],
"resourceRequirements": null,
"ulimits": null,
"dnsServers": null,
"mountPoints": [
{
"readOnly": null,
"containerPath": "/var/run/php-fpm",
"sourceVolume": "sock"
}
],
"workingDirectory": null,
"secrets": null,
"dockerSecurityOptions": null,
"memory": null,
"memoryReservation": 600,
"volumesFrom": [],
"stopTimeout": null,
"image": "xxxxxxxxxxxx.dkr.ecr.ap-northeast-1.amazonaws.com/php-fpm:latest",
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": null,
"hostname": null,
"extraHosts": null,
"pseudoTerminal": null,
"user": null,
"readonlyRootFilesystem": null,
"dockerLabels": null,
"systemControls": null,
"privileged": null,
"name": "php-fpm"
},
{
"dnsSearchDomains": null,
"environmentFiles": null,
"logConfiguration": {
"logDriver": "awslogs",
"secretOptions": null,
"options": {
"awslogs-group": "test",
"awslogs-region": "ap-northeast-1",
"awslogs-stream-prefix": "nginx"
}
},
"entryPoint": null,
"portMappings": [
{
"hostPort": 80,
"protocol": "tcp",
"containerPort": 80
}
],
"command": null,
"linuxParameters": null,
"cpu": 200,
"environment": [],
"resourceRequirements": null,
"ulimits": null,
"dnsServers": null,
"mountPoints": [
{
"readOnly": null,
"containerPath": "/var/run/php-fpm",
"sourceVolume": "sock"
}
],
"workingDirectory": null,
"secrets": null,
"dockerSecurityOptions": null,
"memory": null,
"memoryReservation": 128,
"volumesFrom": [],
"stopTimeout": null,
"image": "xxxxxxxxxxxx.dkr.ecr.ap-northeast-1.amazonaws.com/nginx:latest",
"startTimeout": null,
"firelensConfiguration": null,
"dependsOn": null,
"disableNetworking": null,
"interactive": null,
"healthCheck": null,
"essential": true,
"links": null,
"hostname": null,
"extraHosts": null,
"pseudoTerminal": null,
"user": null,
"readonlyRootFilesystem": null,
"dockerLabels": null,
"systemControls": null,
"privileged": null,
"name": "nginx"
}
],
"placementConstraints": [],
"memory": null,
"taskRoleArn": "arn:aws:iam::xxxxxxxxxxxx:role/test-ecs-task-role",
"compatibilities": [
"EC2"
],
"taskDefinitionArn": "arn:aws:ecs:ap-northeast-1:xxxxxxxxxxxx:task-definition/test:52",
"family": "test",
"requiresAttributes": [
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.logging-driver.awslogs"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.ecr-auth"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.19"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.21"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "ecs.capability.docker-plugin.local"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.task-iam-role"
},
{
"targetId": null,
"targetType": null,
"value": null,
"name": "com.amazonaws.ecs.capability.docker-remote-api.1.25"
}
],
"pidMode": null,
"requiresCompatibilities": [],
"networkMode": "bridge",
"cpu": null,
"revision": 52,
"status": "ACTIVE",
"inferenceAccelerators": null,
"proxyConfiguration": null,
"volumes": [
{
"fsxWindowsFileServerVolumeConfiguration": null,
"efsVolumeConfiguration": null,
"name": "sock",
"host": null,
"dockerVolumeConfiguration": {
"autoprovision": null,
"labels": null,
"scope": "task",
"driver": "local",
"driverOpts": null
}
}
]
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|