Tokaido Containers

Memcache

A memcache container runs memcache, and by default Tokaido will add a Memcache config to the sites/default/settings.tok.php file for Drupal 8 sites.

If you need to manually configure Memcache, here is the code required.

if (\Drupal::hasService('cache.backend.memcache')) {
    $settings['cache']['default'] = 'cache.backend.memcache';
    $settings['memcache_storage']['key_prefix'] = '';
    $settings['memcache_storage']['memcached_servers'] = ['memcache:11211' => 'default'];
}

MySQL

Tokaido inclues a MySQL container. This isn’t anything special we’ve created, but rather the official MySQL Docker image

The MySQL container uses a special Docker volume to persist your database across rebuilds of your Tokaido environment. This is a new feature released in Tokaido 1.2.0.

The MySQL credentials are as follows:

Username: tokaido
Password: tokaido
Hostname: mysql
Database Name: tokaido

You can access the database from inside Tokaido by using either drush sql-cli or mysql -u tokaido mysql -p.

If you want to access the MySQL database from your local system, you need to identify the MySQL Port:

tok ports mysql

You can log in as root by using the same password (tokaido). For example:

mysql -u root -h 127.0.0.1 -P 32779 -p

If you’re connecting via the command line, note that you have to use the IP address 127.0.0.1 not the hostname ‘localhost’.

PHP/FPM

The Tokaido PHP FPM container ships with some sane defaults that are generally reasonable for both local development and production environments.

The container is open source, and you can find it here.

The README for the container lists both the default values, and variable names that you can apply to override them.

If you want to override any of these settings, you can add the new values to your .tok/compose.tok.yml file.

For example, to increase the PHP memory limit and max input time variables:

services:
  fpm:
    environment:
      PHP_MEMORY_LIMIT: 1024M
      PHP_MAX_INPUT_TIME: 300

Solr

Tokaido ships with a Solr 6.6 container that extends the official Docker Solr 6.6 Slim image, however this container is not enabled by default.

To enable Solr, you can run tok config-set services solr enabled true or add the following YAML to your .tok/config.yml file your site’s Git repository.

services:
  solr: 
    enabled: true

This container currently launches by default and creates a core called drupal.

You can access the Solr web interface using the exposed Solr port. You can look this up with this command:

tok ports solr

This default core includes the Solr conf directory from search_api_solr release 8.x-2.0

Inside your Drupal site, you can reach the Solr container using the hostname solr on the defautl port 8983. This should work with only the minimal, default config.

SSH

The SSH/Admin container provides an SSH server and many, many friendly tools for managing PHP and Drupal sites. This includes Composer, Vim, the Mysql client, and of course PHP itself.

You can think of this container as the portal to managing your site using the command line. If you’ve used tools like DrupalVM, the idea of running vagrant ssh is probably already familiar.

To access the Admin container:

ssh {{your-project-name}}.tok

In this example, {{your-project-name}} is generally the name of the directory that your site lives in. For instance, if your site is in /Users/joe/code/my-drupal-site then your project name is my-drupal-site.

The Drush container is also your easy access point to all of your site logs, which you’ll find in the /tokaido/logs folder, or you can run show-logs when you’re inside the container.

Varnish

The Varnish container provides optional caching for content served by Drupal. It receives traffic from the HAProxy container and passses requests for uncached content down to Nginx.

The Varnish container will simply honour whatever cache headers are supplied by your Drupal site, so you can bypass Varnish by simply turning caching off in Drupal. The only real exception to this rule is for logged in users, where the path is /user, /admin, /ajax and a few others, or the Authorization header is present.

Varnish also does some basic security enforcement by adding headers to outgoing responses to improve browser security. These include:

X-XSS-Protection = 1; mode=block stops pages loading when the browser detects cross-site scripting attacks
Referrer-Policy = same-origin stops cross-origin requests from sending “Referer” information for strict GDPR compliance
Strict-Transport-Security = max-age=31536000 forces SSL for 1 year. This isn’t needed in Tokaido, but it matches best practices in production so we add it in.

There are a few other tips and tricks that our Varnish image applies. You can review the Varnish config for full details here.

Adminer

Adminer is an optional container that can be enabled for your project. You can do this by running tok config-set services adminer enabled true or adding the following YAML to your .tok/config.yml file inside your site’s repository:

services:
  adminer:
    enabled: true

After adding this configuration you need to run tok up again to have Adminer initialised. You can then access Adminer using your browser by running tok open adminer.

You can connect to Adminer using these details:

Server: mysql
Username: tokaido
Password: tokaido
Database: tokaido

Although you’re accessing Adminer from your local host, it’s important to remember that it is running inside Tokaido, so the database hostname is always the local representation of ‘mysql’.

Mailhog

Mailhog is an optional container that can be enabled for your project. You can do this by running tok config-set services mailhog enabled true or adding the following YAML to your .tok/config.yml file inside your site’s repository:

services:
  mailhog:
    enabled: true

After adding this configuration you need to run tok up again to have Mailhog initialised. You can then access Mailhog using your browser by running tok open mailhog.

The mailhog service is now available to your Drupal site on address: mailhog:1025. You can use Mailhog to send SMTP messages and test that they were recieved by the server, but without actually sending the email to the receipients.

Redis

If you prefer, Redis can be enabled as an alternative to Memcache, but this is an optional container that can be enabled for your project. You can do this by running tok config-set services redis enabled true or adding the following YAML to your .tok/config.yml file inside your site’s repository:

services:
  redis:
    enabled: true

The redis service is now available to your Drupal site on address: redis:6379. The Redis CLI is also installed inside the SSH/Admin container.

For example:

$ ssh umami.tok
< snip - ssh welcome message >
$ redis-cli -h redis
redis:6379>