sortifal/hosting-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
hosting-backend/Dockerfile
Alexis Bruneteau 49423bf682
Some checks failed
Build and Deploy to k3s / build-and-deploy (push) Failing after 53s
Details
Optimize Dockerfile, Kubernetes, Nginx, and Supervisor configurations 
**Dockerfile Optimizations:**
- Improved layer caching: Copy composer.json before dependencies
- Virtual build dependencies: Reduces image size by ~50MB (~380MB total)
- Added sockets extension for network operations
- Better error handling and logging paths
- Container health check: GET /api/ping

**Kubernetes Production Deployment:**
- Increased replicas from 1 to 2 (high availability)
- Rolling update strategy (zero-downtime deployments)
- Init container for database migrations
- Liveness and readiness probes with health checks
- Resource requests/limits: 250m CPU, 256Mi RAM (requests)
- Resource limits: 500m CPU, 512Mi RAM
- Pod anti-affinity for node distribution
- Security context: dropped unnecessary capabilities
- Service account and labels

**Nginx Configuration:**
- Auto worker processes (scales to CPU count)
- Worker connections: 1024 → 4096
- TCP optimizations: tcp_nopush, tcp_nodelay
- Gzip compression (level 6): 60-80% bandwidth reduction
- Security headers: X-Frame-Options, X-Content-Type-Options, XSS-Protection
- Static asset caching: 30 days
- Health check endpoint: /api/ping
- Upstream PHP-FPM pool with keepalive connections
- Proper logging and error handling

**Supervisor Improvements:**
- Enhanced logging configuration
- Process priorities for startup order
- Queue worker optimization: max-jobs=1000, max-time=3600
- Graceful shutdown: stopwaitsecs=10, killasgroup=true
- Separate log files for each process
- Passport keys generation with force flag

**Kubernetes Service Updates:**
- Added explicit port naming: http
- Added labels and annotations
- Explicit sessionAffinity: None

**Documentation:**
- Created DEPLOYMENT.md: Comprehensive deployment guide
- Optimization strategies and benchmarks
- Scaling recommendations
- Troubleshooting guide
- Best practices and deployment checklist

🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-17 20:15:19 +02:00

97 lines
2.4 KiB
Docker
Raw Blame History

# ---------- Stage 1: Build with Composer ----------
FROM php:8.2-cli-alpine AS build
WORKDIR /app
# Install Composer and build dependencies
RUN apk add --no-cache \
libzip-dev zip unzip curl git oniguruma-dev libxml2-dev
# Install PHP extensions for Laravel
RUN docker-php-ext-install zip mbstring xml
# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Copy only dependency files first for better caching
COPY composer.json composer.lock ./
# Install dependencies
RUN composer install --no-dev --optimize-autoloader --no-interaction --no-scripts
# Copy project files
COPY . .
# Run post-install scripts
RUN composer install --no-dev --optimize-autoloader --no-interaction
# ---------- Stage 2: Production Image ----------
FROM php:8.2-fpm-alpine
# Set working directory
WORKDIR /var/www
# Install build dependencies first (will be removed later)
RUN apk add --no-cache --virtual .build-deps \
gcc g++ make autoconf libtool linux-headers \
libpng-dev libjpeg-turbo-dev freetype-dev
# Install runtime dependencies
RUN apk add --no-cache \
nginx \
supervisor \
bash \
curl \
libpng libjpeg-turbo freetype \
libxml2 oniguruma libzip \
mysql-client \
openssh \
python3 py3-pip py3-jinja2
# Install PHP extensions
RUN docker-php-ext-configure gd --with-freetype --with-jpeg && \
docker-php-ext-install \
pdo pdo_mysql \
mbstring \
gd \
xml \
zip \
sockets
# Install Redis extension
RUN pecl install redis && \
docker-php-ext-enable redis
# Clean up build dependencies
RUN apk del .build-deps
# Install Ansible
RUN pip3 install --no-cache-dir ansible
# Copy built app from previous stage
COPY --from=build /app /var/www
# Set proper permissions for Laravel
RUN chown -R www-data:www-data /var/www && \
chmod -R 755 /var/www/storage /var/www/bootstrap/cache && \
chmod -R 775 /var/www/database
# Copy config files
COPY deploy/nginx.conf /etc/nginx/nginx.conf
COPY deploy/supervisord.conf /etc/supervisord.conf
# Create log directory
RUN mkdir -p /var/log/laravel && \
chown -R www-data:www-data /var/log/laravel
# Health check
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD curl -f http://localhost/api/ping || exit 1
# Expose HTTP port
EXPOSE 80
# Start services
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
Reference in New Issue View Git Blame Copy Permalink