Dockerizing TicketsCAD

Over the recent holiday, I decided to teach myself about Docker by using it to build a running TicketsCAD system. It turned out to be pretty slick. Here’s what I did.

TicketsCAD is a PHP application that requires an SQL backend. It does computer dispatching for public safety answering points (PSAPs). Yes, I have weird hobbies.

When I first started, I grabbed the official Docker PHP image, then tried to customize it by installing a MariaDB server. But that turned out to be a bad idea. (It’s certainly possible, but not the right thing to do.) After a little while, I did a search for “Docker philosophy”, which brought me to this page:
techblog.constantcontact.com/devops/a-tale-of-three-docker-anti-patterns
which set me straight. The right way to do what I wanted to do was to have two separate (but linked) Docker container instances – one with the web server and PHP (customized the way I wanted) and the other with the SQL database. So here’s what I came up with.

Grab TicketsCAD

I grabbed the files from the TicketsCAD download area: tickets_3.12A_082516.

Next I created a directory for everything. In that, I put a directory for the ticketscad server (I cleverly called it ticketscad) and another directory for the ticketscad SQL server (even more cleverly called ticketscadmariadb). Then I created var-www-html in ticketscad, and untarred the TicketsCAD files into it.

Dockerfile for TicketsCAD

Here’s the first Docker file (named Dockerfile in the ticketscad directory).

FROM php:7.0-apache
# Set the timezone
RUN echo Canada/Eastern > /etc/timezone && dpkg-reconfigure -f \
        noninteractive tzdata
# get PHP GD libraries
RUN apt-get update && apt-get install -y \
        libfreetype6-dev \
        libjpeg62-turbo-dev \
        libmcrypt-dev \
        libpng12-dev \
    && docker-php-ext-install -j$(nproc) iconv mcrypt \
    && docker-php-ext-configure gd \
       --with-freetype-dir=/usr/include/ \
       --with-jpeg-dir=/usr/include/ \
    && docker-php-ext-install -j$(nproc) gd

# Install Mariadb client
RUN apt-get install mariadb-client -y
RUN docker-php-ext-install mysqli pdo pdo_mysql

# Fix permissions for ticketscad
RUN chown -R www-data.www-data /var/www/html
RUN chmod -R u+w /var/www/html

From top to bottom, here’s the explanation.

  • I used the official PHP Docker build with Apache from hub.docker.com. There were some issues with TicketsCAD and PHP 7.1, so I went down to PHP 7.0. (Docker made this very easy to do.)
  • I set the timezone. This is a bit of Docker weirdness – there’s no standard way in Linux to set timezones, so you need to know how to do it in the distribution you’re using. This is how to do it in the PHP distribution. More details about timezones are at www.ivankrizsan.se/2015/10/31/time-in-docker-containers
  • I installed the PHP GD libraries. This is stolen from the PHP Core Extensions section of PHP on hubs.docker.com, and it installs a few other things I probably don’t need (mcrypt, etc.) I just copied and pasted.
  • I installed the MariaDB client and PHP SQL extensions.
  • TicketsCAD wants to write to /var/www/html and its subdirectories, so I made them rw. (I’m not sure how that makes me feel about security – I’d kind of prefer it not to do that and to store configuration somewhere not visible to the world. But that’s how it works.)

Now that I had that running, I needed a SQL backend. Luckily, there’s an official MariaDB Docker build as well. The Dockerfile for this is so simple that I almost don’t need it, but hey, I had a directory created already, so here it is:

Dockerfile for MariaDB

FROM mariadb:10.1
RUN echo Canada/Eastern > /etc/timezone && dpkg-reconfigure -f \
      noninteractive tzdata
RUN chown -R mysql.mysql /var/lib/mysql

Pretty self-explanatory. I don’t know for sure that I need that chown, but it doesn’t hurt.

docker-compose.yml

I built a docker-compose.yml in my parent directory. This is a way to start both instances at the same time.

version: '2'
services:
  ticketscadmariadb:
    build: ./ticketscadmariadb
    image: ticketscadmariadb:1.0
    volumes:
     - ./ticketscadmariadb/var-lib-mysql:/var/lib/mysql
    ports:
     - "3306:3306"
    environment:
     - MYSQL_ROOT_PASSWORD=secret
     - MYSQL_DATABASE=ticketscaddb
     - MYSQL_USER=ticketscaduser
     - MYSQL_PASSWORD=ticketscadpassword
  ticketscad:
    build: ./ticketscad
    image: ticketscad:1.0
    volumes:
     - ./ticketscad/var-www-html:/var/www/html
    ports:
     - "8080:80"
    links:
     - ticketscadmariadb

There’s a lot in there. I’ll break it down.

  • I’m using version 2 of the docker-compose.yml file format. Gotta say so.
  • First I specified the way to build ticketscadmariadb. I pointed to the subdirectory that holds the Dockerfile and gave it an image name.
  • I exposed the directory on my local machine that will hold the MariaDB database. (It’s /var/lib/mysql on the Docker instance; I called it var-lib-mysql in the ticketscadmariadb directory on my local machine.) Why did I do this? So the SQL database would persist across Docker rebuilds. Needless to say, I created an empty var-lib-mysql under ticketscadmariadb on my local system.
  • I exposed the MariaDB SQL port (3306) and mapped it to 3306 on my local machine. If you have SQL running on your local machine already, you’ll need a different local port.
  • I specified a bunch of environment variables for MariaDB. The MariaDB Docker image is smart enough to know that if it sees those variables, it creates a database with the specified name / user / password / root user. Thanks, MariaDB Docker image! (You’ll probably want different passwords than I used.)
  • Now it’s time for the TicketsCAD image (PHP/Apache server). I pointed to the ticketscad subdirectory (which holds the Dockerfile) and gave it an image name.
  • I mapped the /var/www/html directory on my Docker image to ./ticketscad/var-www-html on my local machine. Why not just COPY? Because TicketsCAD writes to /var/www/html and /var/www/html/incs, and I want that to persist across builds.
  • I exposed port 80 on the Docker image as port 8080 on my local machine.
  • Finally, I told Docker that I want to be able to have the ticketscad image talk to the ticketscadmariadb image using the links: command. (If I didn’t do this, the two images wouldn’t be able to communicate.)

Building and running

So now everything’s set up. At this point, I can go to the parent directory and type:

docker-compose up

That reads docker-compose.yml by default, downloads the files that are needed and creates my images. And voilà, a working TicketsCAD install is ready to go.

Well, almost ready to go. Because Docker assigns IP addresses for each build, I had to interrogate the running images in order to figure out what they were. First I used docker ps to find out that the container ID of the ticketscadmariadb instance was 2e13d01384ac, then I used docker inspect to discover its IP address. I needed to know the IP address for the TicketsCAD configuration screen.

docker ps
docker inspect 2e13d01384ac | grep IPAddress

For me it was 172.17.0.2.

Because I have the TicketsCAD port 80 exposed on my local machine as 8080, I can now go to localhost:8080 to run TicketsCAD.

What next?

This is enough to get TicketsCAD up and running in a “play” environment. In a real environment, you’d want to harden things. In particular, remove the install.php script and save the Docker image after installation, and make sure that random yahoos on the Internet can’t write to /var/www/html. Give the machines real hostnames. Set up real certificates and put them on the network. Run something to prevent DDOS attacks. All them devops things.

Hey TicketsCAD guys!

You’ve got some cool software. If possible, it would be nice for TicketsCAD to have a check box to delete install.php for you after running it – then it would be more compatible with Docker.

A few more more useful things

1. If you want to look into a running Docker instance, this is nice to know:

docker exec -it containerID bash

It brings you to a root shell running bash on the instance.

2. I ran into problems after I removed some images with docker -rmi. stackoverflow.com/questions/37454548/docker-compose-no-such-image solved my problem (in short: docker-compose down).

3. Sometimes you’ll need to rebuild.

docker-compose up --build

is a handy way to do that.

My directory structure

docker-ticketscad/
docker-compose.yml
  ticketscad/
    Dockerfile
    var-www-html/
      (all the TicketsCAD files go here)
  ticketscadmariadb/
    Dockerfile
    var-lib-mysql/
Advertisements

One Response to Dockerizing TicketsCAD

  1. The Earl says:

    Andrew,
    You can use the linked container name from your docker-compose file for the database hostname. Docker automatically adds a hosts entry for that name when starting the containers. This will get rid of the need to find the IP of the db server to enter into the tickets config.
    For your docker-compose.yml, you should use ‘ticketscadmariadb’ in the place of the ip address.
    Thanks for doing the hard work of getting everything installed.
    The Earl

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: