当前位置: 文江博客话题详情

如何配置 2 个 docker compose 文件,以便它们使用现有的服务(如果它已经被拉取)?

发布于 2025-01-20 13:50:35 字数 203 浏览 2 评论 0原文

我经常在使用Docker的不同应用程序之间进行交换,其中一些是两个都需要运行的微服务,因此我不能简单地杀死所有的容器。如果他们共享MSSQL或REDIS之类的服务,我会遇到端口保留的问题。当然,我可以将它们设置为使用自己的端口。但是,如果已经存在,我想重复使用该服务的相同实例,因为我的开发机器并不那么强大。 Docker文件应每个文件都创建自己的数据库,因此所有内容已经与我想要的一样孤立。

原文

I frequently swap between different apps which use Docker, some of which are microservices that need to both be operational so I can't simply kill all of my containers. If they share a service like mssql or redis, I run into issues with port reservation. I could set them up to use their own ports, sure. But I'd like to reuse the same instance of the service if it already exists as my dev machine is not all that powerful. The docker files should each create their own databases, so everything is already as isolated as I'd like it to be.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

时光无声 2025-01-27 13:50:35

用例看起来可行,但并不是真正的标准(因为一见一见钟情,不同应用程序的数据库被纠缠在一起!),但假设DEV(DEV(≠prod)环境是可以的。

TL;DR:

It appears you will only need to create (at least) three docker-compose.yml files:

  • That of the common database, say mysql/docker-compose.yml
  • That of the 1st webapp, say app1/docker-compose.yml
  • That of the 2nd webapp, and so on…

The crux of the approach is that:

  • We rely on the so-called docker- compose feature of external networks,
  • and we < strong>DON'T expose more ports than required… (see below for details: §)

Minimal working example

File mysql/docker-compose.yml:

services:

  db:
    image: mysql:8
    command: --default-authentication-plugin=mysql_native_password
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: root_password
    volumes:
      - mysql-data:/var/lib/mysql
    # don't include ports:
    networks:
      - mysql-network

volumes:
  mysql-data:
    driver: local

networks:
  mysql-network:
    driver: bridge
    # override the name
    name: mysql-network

File app1/docker- compose.yml:

services:

  app1:
    image: phpmyadmin
    restart: unless-stopped
    environment:
      PMA_HOST: db
    networks:
      - mysql-network
    ports:
      - '8080:80'
    
networks:
  mysql-network:
    external:
      name: mysql-network

Side notes

  1. Of course, as the backends and the common database are in separated docker-compose.yml specifications, you won't be able to benefit from some诸如,即,您需要在mysql/文件夹中手动运行docker -compose -d


  2. (§)即使这种用例仅针对开发环境,就像往常一样,应该避免在db服务中公开端口,即,不要写:

      db:
    图像:MySQL:8
    端口:
       - '3306:3306'
    ...

    as (i)这对于撰写服务进行交流不是必需的:他们只需要属于一个共同的撰写网络并使用Compose Service HostName,(ii)(ii)< /em>直接在主机上曝光一个这样的端口将不必要地增加攻击表面……


The use case looks feasible, but not really standard (as there's some risk at first sight, that the databases of the different apps get entangled!) but let's say it's OK for a dev (≠ prod) environment.

TL;DR:

It appears you will only need to create (at least) three docker-compose.yml files:

  • That of the common database, say mysql/docker-compose.yml
  • That of the 1st webapp, say app1/docker-compose.yml
  • That of the 2nd webapp, and so on…

The crux of the approach is that:

  • We rely on the so-called docker-compose feature of external networks,
  • and we DON'T expose more ports than required… (see below for details: §)

Minimal working example

File mysql/docker-compose.yml:

services:

  db:
    image: mysql:8
    command: --default-authentication-plugin=mysql_native_password
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: root_password
    volumes:
      - mysql-data:/var/lib/mysql
    # don't include ports:
    networks:
      - mysql-network

volumes:
  mysql-data:
    driver: local

networks:
  mysql-network:
    driver: bridge
    # override the name
    name: mysql-network

File app1/docker-compose.yml:

services:

  app1:
    image: phpmyadmin
    restart: unless-stopped
    environment:
      PMA_HOST: db
    networks:
      - mysql-network
    ports:
      - '8080:80'
    
networks:
  mysql-network:
    external:
      name: mysql-network

Side notes

  1. Of course, as the backends and the common database are in separated docker-compose.yml specifications, you won't be able to benefit from some fields such as depends_on:, i.e., you'll need to manually run docker-compose up -d in the mysql/ folder beforehand.

  2. (§) even if this use case only targets a dev environment, as usual, one should avoid to expose ports in the db services, i.e., DON'T write:

      db:
    image: mysql:8
    ports:
      - '3306:3306'
    ...

    as (i) this is not necessary for the Compose services to communicate: they just need to belong to a common Compose network and use the Compose service hostname, and (ii) exposing one such port directly on the host would needlessly increase the attack surface…

回复 原文
~没有更多了~

关于作者

弃爱

暂无简介

文章
评论
28 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

著墨染雨君画夕

文章 0 评论 0

屋檐

文章 0 评论 0

最后的乘客

文章 0 评论 0

眼前雾蒙蒙

文章 0 评论 0

kidking

文章 0 评论 0

kill136

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文