Hi, I wrote a Dockerfile for easily run ISPConfig on Docker because i didn't found it until now. A Docker image ready to use is available here : https://registry.hub.docker.com/u/jerob/docker-ispconfig/ The source code can be found here : https://github.com/jerob/docker-ispconfig I will continue to improve it if this is usefull for the community. If someone wanna help, test or report bugs would be appreciated !
How do you deal with config persistance in your docker image? E.g. ispconfig has to create new shell users in /etc/passwd, or did you set /var/vmail, /var/www, /var/lib/mysql and /etc as external persistant storage?
The image is persistent that's true. It's like an ISO. And that's perfect for the usage. When you run an image, it's a container. Even if you reboot, your data are still in this container . You can export the container for your backup or commit for create a new image. But I think you have a good idea to improve the image with the addition of the volume feature.
I can see the benefits of wrapping ISPC3 in a docker for portability and such, curious if anyone can do some comparison for memory usage or if there are benefits if it is used in a VPS / DO or EC2 environment. This would be nice for backup/portability by easily backing up persistent image like you said ie. ISO to Glacier or S3. We were playing around and testing similar way with Docker Compose all in one file/directory.
Do you know if there is quota support inside of a virtual machine available now in docker? Thats what was holding me back from working with docker and ISPConfig in the past as you cant limit a webspace without it.
I'm sure you can, using low level cgroups settings on the fly, I know you can limit memory, cpu, i/o or even change them without recreating container. Using some add-ons, Docker Spotter, or writing some GO code. I haven't played much with it, but on DO you can spin a droplet for so cheap and play with Docker, that's only if time lets you.
If I correctly understand the philosophy of Docker, they want to automates the deployment of applications inside software container. They didn't want to replace a complete VM. We don't want that apache or another app has a quota feature for disk space limit. I guess this is the way of thinking of Docker. This may explain why it is not trivial with docker to limit disk space. After research (never tested personnaly) : dm.basesize "Specifies the size to use when creating the base device, which limits the size of images and containers. The default value is 10G. Note, thin devices are inherently "sparse", so a 10G device which is mostly empty doesn't use 10 GB of space on the pool. However, the filesystem will use more space for the empty case the larger the device is. Warning: This value affects the system-wide "base" empty filesystem that may already be initialized and inherited by pulled images. Typically, a change to this value will require additional steps to take effect: 1) stop docker -d, 2) rm -rf /var/lib/docker, 3) start docker -d." Example use: docker -d --storage-opt dm.basesize=20G Source : https://github.com/docker/docker/blob/master/daemon/graphdriver/devmapper/README.md By the way, for the ISPConfig Dockerfile, I fixed some bugs and I added Supervisor for easily monitoring all the process (apache, mariadb, fail2ban, dovecot...). I thought to add the docker VOLUME feature to the Dockerfile in the near futur. I added the environment variables for customize the container during the first run : Code: docker run -e MAILMAN_EMAIL_HOST=test.com -e [email protected] -e MAILMAN_PASS=pass -d -p 21:21 -p 80:80 -p 443:443 -p 8080:8080 -p 53:53 -p 2222:22 jerob/docker-ispconfig /start.sh A new image is pushed here : https://registry.hub.docker.com/u/jerob/docker-ispconfig/ I think Docker is particularly suitable for ISPConfig 3. The three tutorial pages are made in a single command line. Everything is ready in less than 5 minutes. Cherry on the cake, it work on all major linux distribution.
Hello, When you run ispconfig with docker, you can specify all the port you need, like : Code: docker run -name ispconfig -e MAILMAN_EMAIL_HOST=test.com -e [email protected] -e MAILMAN_PASS=pass -d -p 20:20 -p 21:21 -p 30000:30000 -p 30001:30001 -p 30002:30002 -p 30003:30003 -p 30004:30004 -p 30005:30005 -p 30006:30006 -p 30007:30007 -p 30008:30008 -p 30009:30009 -p 80:80 -p 443:443 -p 8080:8080 -p 53:53 -p 2222:22 jerob/docker-ispconfig /start.sh For more security, you can remove all the unnecessary port.
i run ispconfig last stable under virtualbox and just try docker with your image, 3 think : - Take a look at https labs.ctl.io/optimizing-docker-images/ less layer you do, small sise u will have. - cron work ? http phusion.github.io/baseimage-docker/ - last doker advise me that there will be some option deprecated on your command line
I think the most intersting idea using dockers is not use it for the ISP installation, but use dockers to deploy new servers or new websites inside ISP it could be interesting. Because you have a template on a docker image and you can deploy copies.
Yes quotas and awstats mappings(or inthis case lack thereof) might be an issue. It seems like anything that will require modification to the FSTAB for the container will fail. I tried it and ended up reverting back to a VM to get proper access to FSTAB mappings. So on my PROXMOX server, I have containers for the two nameservers, Mail Server and Database server, but the Web Server has to run as a VM. Otherwise, you might find yourself getting locked out of your container and having it fail load when you make a simple settings change like turning quotas on; and turning it off won't fix it, so you'll be doing an emergency migration to another server. It was a really nasty experience, one I vow not to repeat.
Hello Frank, I will be use Proxmox in my new server configuration, what is your recomendation about what filesystem to use for ISPConfig VM in Proxmox? Thanks! Hola Frank, en español que así si me entiendo , Voy a usar un nuevo servidor y viene de base con Proxmox. Ya vi que para la instalación de ISPConfig es mejor una VM. Que configuración me recomiendas para el filesystem/disco duro, porque he leído que según lo que selecciones varía el performance. Gracias!
If you have a RAID-5 controller with multiple drives. And you happy with the possibilities of corruption, then fine. I personnally have put all of my servers with built in raid arrays into JBOD mode and used a ZFS pool spanning across all the drives for maximum redundancy and protection against bit-rot. THen purchase a small 120 SSD as the OS boot. Mount your ZFS POOL to the mount point for your images, and you are done. DO NOT USE ZFS on RAID-5 ENABLED controllers. That is a recipe for disaster. Use a VM for your webserver and containers(LXC) for the rest of the servers. This is the most optimal configuration after alot of testing and heartaches. The VM will allow you to use quota and do all the necessary mounts in fstab for awstats and the rest. I am slowly migrating to ZFS enabled FreeNAS boxes with multiple drives with multiple nics bonded(nic teaming) for speed and redundancy and using NFS shares of those units as the data partition and using a small 120gb ssd for the boot os drive on the servers attached to the nas, this will save you money on having to purchase raid controllers and hardware for each server. Latency is an issue even with the nic bonding. If I could afford fibre channel cards and network hub, I sure would make a hell of a storage network. For me it's more of a hobby, so I'm really not going to invest much in the hardware area until my business grows and there is a demand for it. A fibre channel hub and nics are on my wish list. For the benefit and out of respect for others, I'd like to keep my communication in English. I hate alienating people who might otherwise have something great to contribute to the conversation.
Will there ever be one with Nginx? Once it's loaded into docker does it function like any other VM? Can I assign it a hostname just any other virtualized server? Do I get an ssh shell or something of the like? Are quotas working? UPDATE: I think I've figured most of this out already. I would think I would have to manually remove apache and install nginx if I wanted it. I used 'docker exec -i -t ispconfig bash' to take control of the instance. so far so good.
I updated ispconfig within the container and PUREFTP stopped working. Code: root@97702af5059d:/var# /etc/init.d/pure-ftpd-mysql restart Restarting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -A -H -D -J HIGH -E -b -8 UTF-8 -O clf:/var/log/pure-ftpd/transfer.log -Y 1 -u 1000 -B 421 Unable to switch capabilities : Operation not permitted update: found this guide and it fixed the problem. https://www.faqforge.com/linux/cont...irtual-machines-without-capabilities-enabled/ Wow it unbelieveable how the environment behaves just like a normal VM I can compile too. I wonder if the PHP-FPM guides will work too.
Hi There , is there any future work done on this one ? , is there anyway having PHP versions already installed and set in ispconfig with support for composer and artisan in jailkit ? seems everyone i asked saying impossible !!! surely there must be a way
docker would be great instead of jailkit as well. cypriot: add this to your /etc/jailkit/jk_init.ini: after this, you just add this to ispconfig in the jailkit settings. to add these to exinsting ones ex: jk_init -f -j /var/www/clients/client23/web139 phputils mysqlutils extendedshell2 php72utils I think you also need to bind mount mysql, and maybe /proc, /sys, /dev/pts like this: mount --bind /var/run/mysqld /var/www/clients/client23/web139/var/run/mysqld/