Implements: blueprint Implement a database container set
Previously, the database container was configured for use with Kubernetes. This patch removed any k8s dependencies, adds a script to manage mysql server.cnf settings and splits data and app containers. Splitting the containers provides additional portability and operational efficiencies compared to host mounts. Change-Id: I80656450c02dda5f2959d187eec20d5877dc54a2
This commit is contained in:
parent
fb425db56d
commit
5547b5fe78
14
compose/mariadb.yml
Normal file
14
compose/mariadb.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
mariadbdata:
|
||||||
|
image: kollaglue/centos-rdo-mariadb-data
|
||||||
|
volumes:
|
||||||
|
- /var/lib/mysql:/var/lib/mysql
|
||||||
|
net: "host"
|
||||||
|
privileged: true
|
||||||
|
mariadbapp:
|
||||||
|
image: kollaglue/centos-rdo-mariadb-app
|
||||||
|
env_file:
|
||||||
|
- openstack.env
|
||||||
|
volumes_from:
|
||||||
|
- mariadbdata
|
||||||
|
net: "host"
|
||||||
|
privileged: true
|
18
docker/mariadb-app/Dockerfile
Normal file
18
docker/mariadb-app/Dockerfile
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%base
|
||||||
|
MAINTAINER Kolla Project (https://launchpad.net/kolla)
|
||||||
|
|
||||||
|
# Install packages
|
||||||
|
# TODO check if hostname pkg is needed.
|
||||||
|
RUN yum -y install mariadb \
|
||||||
|
mariadb-server \
|
||||||
|
MySQL-python \
|
||||||
|
hostname \
|
||||||
|
&& yum clean all
|
||||||
|
|
||||||
|
# Add mysql configuration scripts
|
||||||
|
ADD config-mysql.sh /opt/kolla/config-mysql.sh
|
||||||
|
ADD mysql-entrypoint.sh /opt/kolla/mysql-entrypoint.sh
|
||||||
|
|
||||||
|
# start mysql
|
||||||
|
ENTRYPOINT ["/opt/kolla/mysql-entrypoint.sh"]
|
||||||
|
CMD ["mysqld_safe"]
|
24
docker/mariadb-app/config-mysql.sh
Executable file
24
docker/mariadb-app/config-mysql.sh
Executable file
@ -0,0 +1,24 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
. /opt/kolla/kolla-common.sh
|
||||||
|
|
||||||
|
: ${BIND_ADDRESS:=$PUBLIC_IP}
|
||||||
|
: ${DB_ROOT_PASSWORD:=$DB_ROOT_PASSWORD}
|
||||||
|
: ${DEFAULT_STORAGE_ENGINE:=innodb}
|
||||||
|
: ${COLLATION_SERVER:=utf8_general_ci}
|
||||||
|
: ${INIT_CONNECT:=SET NAMES utf8}
|
||||||
|
: ${CHAR_SET_SERVER:=utf8}
|
||||||
|
: ${INNODB_FILE_PER_TABLE:=true}
|
||||||
|
: ${DATADIR:=/var/lib/mysql}
|
||||||
|
: ${TEMP_FILE:='/tmp/mysql-first-time.sql'}
|
||||||
|
|
||||||
|
server_cnf=/etc/my.cnf.d/server.cnf
|
||||||
|
|
||||||
|
crudini --set $server_cnf mysqld bind-address $BIND_ADDRESS
|
||||||
|
crudini --set $server_cnf mysqld default-storage-engine $DEFAULT_STORAGE_ENGINE
|
||||||
|
crudini --set $server_cnf mysqld collation-server $COLLATION_SERVER
|
||||||
|
crudini --set $server_cnf mysqld init-connect "'${INIT_CONNECT}'"
|
||||||
|
crudini --set $server_cnf mysqld character-set-server $CHAR_SET_SERVER
|
||||||
|
if [ "${INNODB_FILE_PER_TABLE}" == "true" ] || ["${INNODB_FILE_PER_TABLE}" == "True" ] ; then
|
||||||
|
crudini --set $server_cnf mysqld innodb_file_per_table 1
|
||||||
|
fi
|
49
docker/mariadb-app/mysql-entrypoint.sh
Executable file
49
docker/mariadb-app/mysql-entrypoint.sh
Executable file
@ -0,0 +1,49 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Configure MySQL settings
|
||||||
|
. /opt/kolla/config-mysql.sh
|
||||||
|
|
||||||
|
if [ -z "$(ls -A /var/lib/mysql)" -a "${1%_safe}" = 'mysqld' ]; then
|
||||||
|
PATH=/usr/libexec:$PATH
|
||||||
|
export PATH
|
||||||
|
|
||||||
|
if [ -z "$MARIADB_ROOT_PASSWORD" ]; then
|
||||||
|
echo >&2 'error: database is uninitialized and MARIADB_ROOT_PASSWORD not set'
|
||||||
|
echo >&2 ' Did you forget to add -e MARIADB_ROOT_PASSWORD=... ?'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
mysql_install_db --user=mysql --datadir="$DATADIR"
|
||||||
|
|
||||||
|
# These statements _must_ be on individual lines, and _must_ end with
|
||||||
|
# semicolons (no line breaks or comments are permitted).
|
||||||
|
# TODO proper SQL escaping on ALL the things D:
|
||||||
|
TEMP_FILE='/tmp/mysql-first-time.sql'
|
||||||
|
cat > "$TEMP_FILE" <<-EOSQL
|
||||||
|
DELETE FROM mysql.user ;
|
||||||
|
CREATE USER 'root'@'%' IDENTIFIED BY '${MARIADB_ROOT_PASSWORD}' ;
|
||||||
|
GRANT ALL ON *.* TO 'root'@'%' WITH GRANT OPTION ;
|
||||||
|
DROP DATABASE IF EXISTS test ;
|
||||||
|
EOSQL
|
||||||
|
|
||||||
|
if [ "$MARIADB_DATABASE" ]; then
|
||||||
|
echo "CREATE DATABASE IF NOT EXISTS $MARIADB_DATABASE ;" >> "$TEMP_FILE"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$MARIADB_USER" -a "$MARIADB_PASSWORD" ]; then
|
||||||
|
echo "CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY '$MARIADB_PASSWORD' ;" >> "$TEMP_FILE"
|
||||||
|
|
||||||
|
if [ "$MARIADB_DATABASE" ]; then
|
||||||
|
echo "GRANT ALL ON $MARIADB_DATABASE.* TO '$MARIADB_USER'@'%' ;" >> "$TEMP_FILE"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo 'FLUSH PRIVILEGES ;' >> "$TEMP_FILE"
|
||||||
|
|
||||||
|
set -- "$@" --init-file="$TEMP_FILE"
|
||||||
|
fi
|
||||||
|
|
||||||
|
chown -R mysql:mysql "$DATADIR"
|
||||||
|
|
||||||
|
exec "$@"
|
6
docker/mariadb-data/Dockerfile
Normal file
6
docker/mariadb-data/Dockerfile
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%base
|
||||||
|
MAINTAINER Kolla Project (https://launchpad.net/kolla)
|
||||||
|
|
||||||
|
# Command needed to start the data container.
|
||||||
|
# Note: data containers do not need to be persistent.
|
||||||
|
CMD ["/bin/sh"]
|
1
docker/mariadb-data/build
Symbolic link
1
docker/mariadb-data/build
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../../tools/build-docker-image
|
@ -1,13 +0,0 @@
|
|||||||
FROM %%KOLLA_NAMESPACE%%/%%KOLLA_PREFIX%%base
|
|
||||||
MAINTAINER Kolla Project (https://launchpad.net/kolla)
|
|
||||||
|
|
||||||
RUN yum -y install mariadb-galera-server hostname; yum clean all
|
|
||||||
ADD /entrypoint.sh /entrypoint.sh
|
|
||||||
|
|
||||||
VOLUME /var/lib/mysql
|
|
||||||
VOLUME /var/log/mariadb
|
|
||||||
|
|
||||||
EXPOSE 3306
|
|
||||||
|
|
||||||
ENTRYPOINT ["/entrypoint.sh"]
|
|
||||||
CMD ["mysqld_safe"]
|
|
@ -1,47 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
set -e
|
|
||||||
|
|
||||||
: ${MYSQL_ROOT_PASSWORD:=$DB_ROOT_PASSWORD}
|
|
||||||
|
|
||||||
if [ -z "$(ls -A /var/lib/mysql)" -a "${1%_safe}" = 'mysqld' ]; then
|
|
||||||
PATH=/usr/libexec:$PATH
|
|
||||||
export PATH
|
|
||||||
|
|
||||||
if [ -z "$MYSQL_ROOT_PASSWORD" ]; then
|
|
||||||
echo >&2 'error: database is uninitialized and MYSQL_ROOT_PASSWORD not set'
|
|
||||||
echo >&2 ' Did you forget to add -e MYSQL_ROOT_PASSWORD=... ?'
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
mysql_install_db --user=mysql --datadir=/var/lib/mysql
|
|
||||||
|
|
||||||
# These statements _must_ be on individual lines, and _must_ end with
|
|
||||||
# semicolons (no line breaks or comments are permitted).
|
|
||||||
# TODO proper SQL escaping on ALL the things D:
|
|
||||||
TEMP_FILE='/tmp/mysql-first-time.sql'
|
|
||||||
cat > "$TEMP_FILE" <<-EOSQL
|
|
||||||
DELETE FROM mysql.user ;
|
|
||||||
CREATE USER 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
|
|
||||||
GRANT ALL ON *.* TO 'root'@'%' WITH GRANT OPTION ;
|
|
||||||
DROP DATABASE IF EXISTS test ;
|
|
||||||
EOSQL
|
|
||||||
|
|
||||||
if [ "$MYSQL_DATABASE" ]; then
|
|
||||||
echo "CREATE DATABASE IF NOT EXISTS $MYSQL_DATABASE ;" >> "$TEMP_FILE"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
|
|
||||||
echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" >> "$TEMP_FILE"
|
|
||||||
|
|
||||||
if [ "$MYSQL_DATABASE" ]; then
|
|
||||||
echo "GRANT ALL ON $MYSQL_DATABASE.* TO '$MYSQL_USER'@'%' ;" >> "$TEMP_FILE"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo 'FLUSH PRIVILEGES ;' >> "$TEMP_FILE"
|
|
||||||
|
|
||||||
set -- "$@" --init-file="$TEMP_FILE"
|
|
||||||
fi
|
|
||||||
|
|
||||||
chown -R mysql:mysql /var/lib/mysql
|
|
||||||
exec "$@"
|
|
50
docs/database-container-set.md
Normal file
50
docs/database-container-set.md
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
MariaDB Container Set
|
||||||
|
=====================
|
||||||
|
|
||||||
|
The MariaDB database application has been organized into two containers,
|
||||||
|
known as a [container-set][] within the Kolla project. One container runs
|
||||||
|
the MariaDB application and the other stores the actual data.
|
||||||
|
|
||||||
|
Operational efficiencies and service stability is provided by
|
||||||
|
separating the application from the stored data. For example, stored data
|
||||||
|
can be backed-up or restored without touching the MariaDB application
|
||||||
|
component.
|
||||||
|
|
||||||
|
The containers work in a cooperative fashion by using [docker-compose][]
|
||||||
|
(aka Fig) to ensure the containers are co-located on the same host.
|
||||||
|
With docker-compose, you can manage the containers collectively
|
||||||
|
as a single unit.
|
||||||
|
|
||||||
|
Here is a sample docker-compose yaml file for using both MariaDB containers:
|
||||||
|
|
||||||
|
```
|
||||||
|
mariadbdata:
|
||||||
|
image: kollaglue/centos-rdo-mariadb-data
|
||||||
|
volumes:
|
||||||
|
- /var/lib/mysql:/var/lib/mysql
|
||||||
|
- /var/log/mariadb:/var/log/mariadb
|
||||||
|
net: "host"
|
||||||
|
privileged: true
|
||||||
|
mariadbapp:
|
||||||
|
image: kollaglue/centos-rdo-mariadb-app
|
||||||
|
env_file:
|
||||||
|
- openstack.env
|
||||||
|
volumes_from:
|
||||||
|
- mariadbdata
|
||||||
|
net: "host"
|
||||||
|
ports:
|
||||||
|
- "3306:3306"
|
||||||
|
privileged: true
|
||||||
|
```
|
||||||
|
|
||||||
|
In addition to the MariaDB application being organized across two containers, the data
|
||||||
|
container follows the [data-only container][] design pattern. In this design pattern,
|
||||||
|
a dedicated container is used to perform a host mount and separate application
|
||||||
|
container(s) mount volumes from the data-only container instead of performing the host
|
||||||
|
mount directly. In the example above, the MariaDbApp container mounts the /var/lib/mysql
|
||||||
|
and /var/log/mariadb volumes through the MariaDbData container instead of mounting
|
||||||
|
these directly to the Docker host.
|
||||||
|
|
||||||
|
[docker-compose]: http://www.fig.sh/
|
||||||
|
[container-set]: https://review.openstack.org/#/c/153798/
|
||||||
|
[data-only container]: http://www.tech-d.net/2013/12/16/persistent-volumes-with-docker-container-as-volume-pattern/
|
@ -42,7 +42,6 @@ all containers. This allows a simple method of ensuring every type of node
|
|||||||
### Environment Variable KEY/VALUE pairs
|
### Environment Variable KEY/VALUE pairs
|
||||||
|
|
||||||
ADMIN_TENANT_NAME=<admin> - tenant name
|
ADMIN_TENANT_NAME=<admin> - tenant name
|
||||||
DB_ROOT_PASSWORD=<mysql root password> - defines the MYSQL root password
|
|
||||||
FLAT_INTERFACE=<nova or neutron networking flat interface device name>
|
FLAT_INTERFACE=<nova or neutron networking flat interface device name>
|
||||||
GLANCE_API_SERVICE_HOST=<IP> - address where glance API is running>
|
GLANCE_API_SERVICE_HOST=<IP> - address where glance API is running>
|
||||||
GLANCE_DB_NAME=<glance> - DB name of glance service
|
GLANCE_DB_NAME=<glance> - DB name of glance service
|
||||||
@ -58,8 +57,8 @@ all containers. This allows a simple method of ensuring every type of node
|
|||||||
KEYSTONE_AUTH_PROTOCOL=<http> - The keystone authentication protocol
|
KEYSTONE_AUTH_PROTOCOL=<http> - The keystone authentication protocol
|
||||||
KEYSTONE_DB_PASSWORD=<password> - The password used to access Keystone in the DB
|
KEYSTONE_DB_PASSWORD=<password> - The password used to access Keystone in the DB
|
||||||
KEYSTONE_PUBLIC_SERVICE_HOST=<IP> - The IP address where Keystone is running
|
KEYSTONE_PUBLIC_SERVICE_HOST=<IP> - The IP address where Keystone is running
|
||||||
MARIADB_SERVICE_HOST=<IP> - The IP Address where mariadb is running
|
MARIADB_ROOT_PASSWORD=<mariadb root password> - defines the MariaDB root password
|
||||||
MYSQL_ROOT_PASSWORD=<password> - The MYSQL password
|
MARIADB_SERVICE_HOST=<IP> - The IP Address where Mariadb is running
|
||||||
NETWORK_MANAGER=<nova|neutron> - Use Nova or Neutron networking
|
NETWORK_MANAGER=<nova|neutron> - Use Nova or Neutron networking
|
||||||
NOVA_API_SERVICE_HOST=<IP> - The IP Address where the Nova API Service is hosted
|
NOVA_API_SERVICE_HOST=<IP> - The IP Address where the Nova API Service is hosted
|
||||||
NOVA_DB_NAME=<nova> - The name of the nova entry in the database
|
NOVA_DB_NAME=<nova> - The name of the nova entry in the database
|
||||||
|
@ -21,7 +21,7 @@ echo MY_DEV=$MY_DEV
|
|||||||
|
|
||||||
# Database
|
# Database
|
||||||
HOST_IP=$MY_IP
|
HOST_IP=$MY_IP
|
||||||
MYSQL_ROOT_PASSWORD=kolla
|
MARIADB_ROOT_PASSWORD=kolla
|
||||||
PASSWORD=12345
|
PASSWORD=12345
|
||||||
|
|
||||||
# Host
|
# Host
|
||||||
@ -72,7 +72,7 @@ EOF
|
|||||||
cat > ./compose/openstack.env <<EOF
|
cat > ./compose/openstack.env <<EOF
|
||||||
ADMIN_TENANT_NAME=$ADMIN_TENANT_NAME
|
ADMIN_TENANT_NAME=$ADMIN_TENANT_NAME
|
||||||
CONFIG_NETWORK=$CONFIG_NETWORK
|
CONFIG_NETWORK=$CONFIG_NETWORK
|
||||||
DB_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
|
DB_ROOT_PASSWORD=$MARIADB_ROOT_PASSWORD
|
||||||
FLAT_INTERFACE=$NOVA_FLAT_INTERFACE
|
FLAT_INTERFACE=$NOVA_FLAT_INTERFACE
|
||||||
GLANCE_API_SERVICE_HOST=$GLANCE_API_SERVICE_HOST
|
GLANCE_API_SERVICE_HOST=$GLANCE_API_SERVICE_HOST
|
||||||
GLANCE_DB_NAME=$GLANCE_DB_NAME
|
GLANCE_DB_NAME=$GLANCE_DB_NAME
|
||||||
@ -89,7 +89,7 @@ KEYSTONE_AUTH_PROTOCOL=$KEYSTONE_AUTH_PROTOCOL
|
|||||||
KEYSTONE_DB_PASSWORD=$KEYSTONE_DB_PASSWORD
|
KEYSTONE_DB_PASSWORD=$KEYSTONE_DB_PASSWORD
|
||||||
KEYSTONE_PUBLIC_SERVICE_HOST=$KEYSTONE_PUBLIC_SERVICE_HOST
|
KEYSTONE_PUBLIC_SERVICE_HOST=$KEYSTONE_PUBLIC_SERVICE_HOST
|
||||||
MARIADB_SERVICE_HOST=$HOST_IP
|
MARIADB_SERVICE_HOST=$HOST_IP
|
||||||
MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD
|
MARIADB_ROOT_PASSWORD=$MARIADB_ROOT_PASSWORD
|
||||||
NETWORK_MANAGER=nova
|
NETWORK_MANAGER=nova
|
||||||
NOVA_API_SERVICE_HOST=$NOVA_API_SERVICE_HOST
|
NOVA_API_SERVICE_HOST=$NOVA_API_SERVICE_HOST
|
||||||
NOVA_DB_NAME=$NOVA_DB_NAME
|
NOVA_DB_NAME=$NOVA_DB_NAME
|
||||||
|
Loading…
Reference in New Issue
Block a user