我如何完成从本地开发docker到暂存数据库的SSH隧道 [英] How do I complete this SSH tunnel from local development docker to staging database

问题描述

我可以创建一个包含我的项目代码的泊坞窗.由于没有数据库连接，因此单元测试失败.我可以使用SSH密钥和凭据使用包含测试数据的中央数据库登录服务器.我无法使Docker和DB通信.

I can create a docker containing my project code. It has unit tests that fail because there is no database connection. I can log in to a server with a central database that contains our test data using SSH key and credentials. I cannot get the docker and DB communicating.

我尝试了几种不同的建议，在过去两天中抓取并重新启动了Dockerfile的这一部分.我在YouTube上搜索了教程，在Stackexchange上搜索了答案，并在docker论坛上搜索了.

I've tried several different suggestions, scratching and restarting this portion of the Dockerfile over the past two days. I've searched Youtube for tutorials, Stackexchange for answers and the docker forums for reference.

如果有循序渐进的教程，那将被藏起来，我也很乐意看到它！

If there's a step by step tutorial, that is tucked away I would love to see that too!

docker-compose具有以下内容:

The docker-compose has the following:

services:
  app:
    build:
      context: .
      dockerfile: .docker/Dockerfile
      args:
        APP_PATH: ${APP_PATH}
    image: laravel-docker
    env_file: .env
    ports:
      - 8080:80
      # We need to expose 443 port for SSL certification.
      - "443:443"
    volumes:
      - .:/var/www/jumbledown

在容器内，我可以通过以下方式联系远程数据库的主机:ssh -4 -R 8888:localhost:8888 [devname] @ NN.NN.NN.NN -i〜/ident -p [端口号]在哪里:-devname是我的登录名.-NN.NN.NN.NN是数据库主机的IP地址.-ident是一个包含SSH密钥的文件，该文件是通过Dockerfile中包含的复制命令复制的.

Inside the container, I can contact the host of the remote DB with the following: ssh -4 -R 8888:localhost:8888 [devname]@NN.NN.NN.NN -i ~/ident -p [portnumber] where: - devname is my log in. - NN.NN.NN.NN is the IP address of the host of the DB. - ident is a file containing the SSH key that is copied in by a copy command contained in the Dockerfile.

Docker文件是基于 FROM php:7.1.8-apache 构建的，并且现在安装了很多额外的东西，包括Xdebug.仅复制和粘贴太长了，我不确定哪些部分相关.我可以应要求公开.

The Docker file is built off FROM php:7.1.8-apache and installs a LOT of extra stuff now, including Xdebug. It's too long to just copy and paste and I'm not sure what parts are relevant; I can expose at request.

理想情况下，我希望能够使用Dockerfile来建立SSH隧道，以将数据库提供给docker容器.现在，我决定能够在容器内部手动建立连接.

Ideally, I'd like to be able to use Dockerfile to set up an SSH tunnel serving the DB to the docker container. Right now, I'd settle for being able to manually set up the connection inside the container.

更新根据答案中的问题，我需要创建的最终结果是让几个开发人员拥有本地docker，并且每个人都有通往包含测试数据的中央数据库的隧道，供我们使用而我们全天都在编码.

Update As per questions in the answer, the end result I need to create is for several developers to have local dockers and each have a tunnel to a central database that contains testing data, for our use while we code throughout the day.

推荐答案

如果您希望PHP容器具有通往远程数据库的永久SSH隧道，则可以更改Dockerfile的 COMMAND 语句(假设 ENTRYPOINT 是一个shell)，以使用一个脚本在后台创建SSH隧道，类似于您手动执行的操作，等待SSH隧道，然后继续运行您要运行的任何内容.

If you want the PHP container to have a permanent SSH tunnel to your remote DB, you can change you Dockerfile's COMMAND statement (assuming the ENTRYPOINT is a shell) to use a script that creates the SSH tunnel in the background, similar to what you manually, wait for the SSH tunnel and then proceed to run whatever it is you want to run.

您的问题缺少您要实现的目标的详细信息(永久隧道?仅在测试期间?等)

Your question lacks the details of what you're trying to achieve (permanent tunnel? only while testing? etc.)

此类脚本的示例:

# run ssh in background (notice the "&" at the end)
ssh -4 -R 8888:localhost:8888 $DB_USERNAME@$DB_HOST -i ~/ident -p $DB_PORT &

# wait for the ssh tunnel if needed
# ...

# run the main command here
# ...

我建议考虑不同的路径-
在专门用于打开隧道的docker-compose文件中创建一个新服务，然后从您的PHP服务连接到该服务.

I'd suggest to consider a different path -
Create a new service in the docker-compose file that is dedicated to open a tunnel, and then connect to that service from your PHP service.

这篇关于我如何完成从本地开发docker到暂存数据库的SSH隧道的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！