Building Multi-Container Applications: PHP, MariaDB and Nginx Reverse Proxy Architecture
Introduction to Docker Architecture
Before diving into our practical example, let’s understand Docker’s core components and how they work together in a production environment. Docker uses a client-server architecture where the Docker daemon processes container management requests from the Docker client. This architecture enables seamless deployment and scaling of applications.
Core Components
- Docker Daemon: Manages Docker objects like images, containers, networks
- Docker Client: The primary way to interact with Docker through commands
- Docker Registry: Stores Docker images (like Docker Hub)
- Docker Objects: Images, containers, networks, volumes, etc.
Real World Example: Marketplace Application
Let’s explore a real-world example of using Docker to build and deploy a marketplace application. This example demonstrates best practices for container orchestration and microservices architecture.
Project Overview
Our marketplace application consists of several interconnected services:
- Reverse Proxy: Handles incoming traffic and SSL termination
- Web Server: Serves static content and routes requests
- Application Server: Processes PHP code
- Database: Stores application data
- Search Engine: Powers search functionality
- Queue Worker: Handles background tasks
Infrastructure Setup
1. Docker Compose Configuration
services:
general-proxy:
container_name: general-proxy
build:
context: .
dockerfile: ./marketplace/config/nginx/Dockerfile
restart: always
ports:
- 80:80
- 443:443
volumes:
- ./config/proxy/nginx.conf:/etc/nginx/nginx.conf
- ./marketplace/config/nginx/ssl:/etc/ssl
networks:
- app_network
marketplace-nginx:
container_name: marketplace-nginx
build:
context: .
dockerfile: ./marketplace/config/nginx/Dockerfile
ports:
- 81:80
volumes:
- ./../www/marketplace:/var/www
networks:
- app_network
marketplace-php:
container_name: marketplace-php
build:
context: .
dockerfile: ./marketplace/config/php/Dockerfile
volumes:
- ./../www/marketplace:/var/www
- ./marketplace/config/php/php.ini:/usr/local/etc/php/php.ini
networks:
- app_network
marketplace-queue-worker:
container_name: marketplace-queue-worker
build:
context: .
dockerfile: ./marketplace/config/php/Dockerfile
command: ["/entrypoint.sh"]
volumes:
- ./../www/marketplace:/var/www
depends_on:
marketplace-db:
condition: service_healthy
networks:
- app_network
marketplace-db:
container_name: marketplace-db
build:
context: .
dockerfile: ./marketplace/config/mariadb/Dockerfile
environment:
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
MYSQL_DATABASE: ${DB_DATABASE}
MYSQL_USER: ${DB_USER}
MYSQL_PASSWORD: ${DB_PASSWORD}
ports:
- 3306:3306
volumes:
- ./marketplace/data/db_data:/var/lib/mysql
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect"]
interval: 10s
timeout: 5s
retries: 3
networks:
- app_network
marketplace-elasticsearch:
container_name: marketplace-elasticsearch
image: ${ELASTICSEARCH_IMAGE}
ports:
- 9200:9200
volumes:
- ./marketplace/data/elasticsearch:/usr/share/elasticsearch/data
environment:
- node.name=node_1
- ELASTIC_PASSWORD=${ELASTICSEARCH_PASSWORD}
deploy:
resources:
limits:
memory: 2g
networks:
- app_network
2. Nginx Configuration (Reverse Proxy)
http {
# HTTP Server
server {
listen 80;
server_name marketplace.local;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass "http://marketplace-nginx";
}
}
# HTTPS Server
server {
listen 443;
server_name marketplace.local;
ssl_certificate /etc/ssl/marketplace.crt;
ssl_certificate_key /etc/ssl/marketplace.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass "http://marketplace-nginx";
}
}
Advanced Features Implementation
1. Service Health Monitoring
Our setup includes health checks for critical services:
healthcheck:
test: ["CMD", "healthcheck.sh", "--connect"]
interval: 10s
timeout: 5s
retries: 3
2. Resource Management
We implement resource limits for memory-intensive services:
deploy:
resources:
limits:
memory: 2g
3. Data Persistence
Volumes are used for persistent data storage:
volumes:
- ./marketplace/data/db_data:/var/lib/mysql
- ./marketplace/data/elasticsearch:/usr/share/elasticsearch/data
Security Considerations
SSL/TLS Configuration
- Secure communication with TLS 1.2/1.3
- Strong cipher suite configuration
- Proper certificate management
Network Isolation
- Custom network for inter-container communication
- Limited port exposure
- Proxy-based access control
Environment Variables
- Sensitive data management through
.env
files - Secure credential handling
- Runtime configuration management
Operations Guide
1. Initial Setup
# Generate SSL certificates
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout marketplace/config/nginx/ssl/marketplace.key \
-out marketplace/config/nginx/ssl/marketplace.crt
2. Deployment Commands
# Build and start services
docker-compose up -d --build# View service status
docker-compose ps# Check logs
docker-compose logs -f marketplace-nginx# Scale services
docker-compose up -d --scale marketplace-php=3# Stop services
docker-compose down
3. Maintenance Tasks
# Backup database
docker exec marketplace-db mysqldump -u root -p database > backup.sql
# Update containers
docker-compose pull
docker-compose up -d
# View resource usage
docker stats
Monitoring and Logging
Log Management
- Centralized logging configuration
- Log rotation policies
- Error tracking and alerting
Performance Monitoring
- Container resource usage
- Application metrics
- Database performance
Scaling Strategies
1 . Horizontal Scaling
- Multiple PHP-FPM containers
- Load balancing configuration
- Session management
2 . Vertical Scaling
- Resource allocation adjustment
- Container limits management
- Performance optimization
Best Practices and Tips
- Container Organization
- Use meaningful container names
- Implement proper tagging
- Maintain service dependencies
2. Resource Management
- Set appropriate memory limits
- Monitor CPU usage
- Implement proper scaling policies
3. Security
- Regular security updates
- Proper access control
- Network security configuration
4. Backup and Recovery
- Regular data backups
- Disaster recovery planning
- Backup verification procedures
Advanced Topics
1. Container Orchestration
While our example uses Docker Compose, production environments might benefit from Kubernetes for:
- Advanced scaling
- Automatic failover
- Rolling updates
- Load balancing
2. Service Discovery
Implementation of service discovery for dynamic service scaling and management.
3. CI/CD Integration
Automated deployment pipelines with:
- Automated testing
- Image building
- Deployment automation
Conclusion
This Docker setup demonstrates a production-ready environment for a marketplace application. The configuration provides a balance of security, scalability, and maintainability while following Docker best practices.