diff --git a/10.3/Dockerfile.tmp b/10.3/Dockerfile.tmp new file mode 100644 index 00000000..5b953fd7 --- /dev/null +++ b/10.3/Dockerfile.tmp @@ -0,0 +1,81 @@ +FROM rhscl/s2i-core-rhel7 +ADD http://git.app.eng.bos.redhat.com/git/RH_Software_Collections.git/plain/Containers/osbs-repos-signed-pkgs/rolling-rhscl-devel.repo /etc/yum.repos.d/rolling-rhscl-devel.repo + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.3 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.3 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.3" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb103,rh-mariadb103" \ + com.redhat.component="rh-mariadb103-container" \ + name="rhscl/mariadb-103-rhel7" \ + version="1" \ + com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ + usage="docker run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 rhscl/mariadb-103-rhel7" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum install -y yum-utils && \ + prepare-yum-repositories rhel-server-rhscl-7-rpms && \ + INSTALL_PKGS="rsync tar gettext hostname bind-utils groff-base rh-mariadb103 rh-mariadb103-mariadb-server-utils rh-mariadb103-mariadb-syspaths" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/opt/rh/rh-mariadb103/root/usr \ + ENABLED_COLLECTIONS=rh-mariadb103 + +# When bash is started non-interactively, to run a shell script, for example it +# looks for this variable and source the content of this file. This will enable +# the SCL for all scripts without need to do 'scl enable'. +ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \ + ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \ + PROMPT_COMMAND=". ${CONTAINER_SCRIPTS_PATH}/scl_enable" + +COPY 10.3/root-common / +COPY 10.3/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.3/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.5/.devel-repo-rhel7 b/10.5/.devel-repo-rhel7 new file mode 100644 index 00000000..e69de29b diff --git a/10.5/.devel-repo-rhel8 b/10.5/.devel-repo-rhel8 new file mode 100644 index 00000000..e69de29b diff --git a/10.5/.exclude-centos7 b/10.5/.exclude-centos7 new file mode 100644 index 00000000..e69de29b diff --git a/10.5/Dockerfile b/10.5/Dockerfile new file mode 100644 index 00000000..0587102b --- /dev/null +++ b/10.5/Dockerfile @@ -0,0 +1,79 @@ +FROM quay.io/centos7/s2i-core-centos7 + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account +# * $MYSQL_CHARSET (Optional) - Default character set +# * $MYSQL_COLLATION (Optional) - Default collation + +ENV MYSQL_VERSION=10.5 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.5 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.5" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb105,rh-mariadb105,galera" \ + com.redhat.component="rh-mariadb105-container" \ + name="centos7/mariadb-105-centos7" \ + usage="docker run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 quay.io/centos7/mariadb-105-centos7" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum install -y centos-release-scl-rh && \ + INSTALL_PKGS="rsync tar gettext hostname bind-utils groff-base rh-mariadb105 rh-mariadb105-mariadb-server-utils rh-mariadb105-mariadb-syspaths" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/opt/rh/rh-mariadb105/root/usr \ + ENABLED_COLLECTIONS=rh-mariadb105 + +# When bash is started non-interactively, to run a shell script, for example it +# looks for this variable and source the content of this file. This will enable +# the SCL for all scripts without need to do 'scl enable'. +ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \ + ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \ + PROMPT_COMMAND=". ${CONTAINER_SCRIPTS_PATH}/scl_enable" + +COPY 10.5/root-common / +COPY 10.5/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.5/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.5/Dockerfile.fedora b/10.5/Dockerfile.fedora new file mode 100644 index 00000000..d6fc1048 --- /dev/null +++ b/10.5/Dockerfile.fedora @@ -0,0 +1,73 @@ +FROM registry.fedoraproject.org/f33/s2i-core:latest + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.5 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + NAME=mariadb \ + VERSION=10.5 \ + ARCH=x86_64 \ + SUMMARY="MariaDB 10.5 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="MariaDB is a multi-user, multi-threaded SQL database server" \ + io.k8s.display-name="MariaDB 10.5" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb105,galera" \ + com.redhat.component="$NAME" \ + name="$FGC/$NAME" \ + version="$VERSION" \ + usage="docker run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 $FGC/$NAME" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum -y module enable mariadb:$MYSQL_VERSION && \ + INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ + dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + dnf clean all && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/usr + +COPY 10.5/root-common / +COPY 10.5/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.5/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.5/Dockerfile.rhel7 b/10.5/Dockerfile.rhel7 new file mode 100644 index 00000000..e97eb8d2 --- /dev/null +++ b/10.5/Dockerfile.rhel7 @@ -0,0 +1,80 @@ +FROM rhscl/s2i-core-rhel7 + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.5 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.5 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.5" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb105,rh-mariadb105" \ + com.redhat.component="rh-mariadb105-container" \ + name="rhscl/mariadb-105-rhel7" \ + version="1" \ + com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ + usage="docker run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 rhscl/mariadb-105-rhel7" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum install -y yum-utils && \ + prepare-yum-repositories rhel-server-rhscl-7-rpms && \ + INSTALL_PKGS="rsync tar gettext hostname bind-utils groff-base rh-mariadb105 rh-mariadb105-mariadb-server-utils rh-mariadb105-mariadb-syspaths" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/opt/rh/rh-mariadb105/root/usr \ + ENABLED_COLLECTIONS=rh-mariadb105 + +# When bash is started non-interactively, to run a shell script, for example it +# looks for this variable and source the content of this file. This will enable +# the SCL for all scripts without need to do 'scl enable'. +ENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \ + ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \ + PROMPT_COMMAND=". ${CONTAINER_SCRIPTS_PATH}/scl_enable" + +COPY 10.5/root-common / +COPY 10.5/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.5/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.5/Dockerfile.rhel8 b/10.5/Dockerfile.rhel8 new file mode 100644 index 00000000..eba32259 --- /dev/null +++ b/10.5/Dockerfile.rhel8 @@ -0,0 +1,70 @@ +FROM ubi8/s2i-core + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.5 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.5 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.5" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb105,mariadb-105" \ + com.redhat.component="mariadb-105-container" \ + name="rhel8/mariadb-105" \ + version="1" \ + usage="podman run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 rhel8/mariadb-105" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum -y module enable mariadb:$MYSQL_VERSION && \ + INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/usr + +COPY 10.5/root-common / +COPY 10.5/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.5/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.5/README.md b/10.5/README.md new file mode 120000 index 00000000..cc942f07 --- /dev/null +++ b/10.5/README.md @@ -0,0 +1 @@ +root/usr/share/container-scripts/mysql/README.md \ No newline at end of file diff --git a/10.5/cccp.yml b/10.5/cccp.yml new file mode 100644 index 00000000..4a959577 --- /dev/null +++ b/10.5/cccp.yml @@ -0,0 +1 @@ +job-id: mariadb-105-centos7 diff --git a/10.5/root-common b/10.5/root-common new file mode 120000 index 00000000..b5e373d6 --- /dev/null +++ b/10.5/root-common @@ -0,0 +1 @@ +../root-common \ No newline at end of file diff --git a/10.5/root/usr/share/container-scripts/mysql/README.md b/10.5/root/usr/share/container-scripts/mysql/README.md new file mode 100644 index 00000000..fb8e6540 --- /dev/null +++ b/10.5/root/usr/share/container-scripts/mysql/README.md @@ -0,0 +1,365 @@ +MariaDB 10.5 SQL Database Server Docker image +============================================= + +This container image includes MariaDB 10.5 SQL database server for OpenShift and general usage. +Users can choose between RHEL, CentOS and Fedora based images. +The RHEL images are available in the [Red Hat Container Catalog](https://access.redhat.com/containers/), +the CentOS images are available on [Quay.io](https://quay.io/organization/centos7), +and the Fedora images are available in [Fedora Registry](https://registry.fedoraproject.org/). +The resulting image can be run using [podman](https://github.com/containers/libpod). + +Note: while the examples in this README are calling `podman`, you can replace any such calls by `docker` with the same arguments + +Description +----------- + +This container image provides a containerized packaging of the MariaDB mysqld daemon +and client application. The mysqld server daemon accepts connections from clients +and provides access to content from MySQL databases on behalf of the clients. +You can find more information on the MariaDB project from the project Web site +(https://mariadb.org/). + + +Usage +----- + +For this, we will assume that you are using the MariaDB 10.5 container image from the +Red Hat Container Catalog called `rhel8/mariadb-105`. +If you want to set only the mandatory environment variables and not store +the database in a host directory, execute the following command: + +``` +$ podman run -d --name mariadb_database -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 rhel8/mariadb-105 +``` + +This will create a container named `mariadb_database` running MySQL with database +`db` and user with credentials `user:pass`. Port 3306 will be exposed and mapped +to the host. If you want your database to be persistent across container executions, +also add a `-v /host/db/path:/var/lib/mysql/data` argument. This will be the MySQL +data directory. + +If the database directory is not initialized, the entrypoint script will first +run [`mysql_install_db`](https://dev.mysql.com/doc/refman/5.6/en/mysql-install-db.html) +and setup necessary database users and passwords. After the database is initialized, +or if it was already present, `mysqld` is executed and will run as PID 1. You can + stop the detached container by running `podman stop mariadb_database`. + + +Environment variables and volumes +--------------------------------- + +The image recognizes the following environment variables that you can set during +initialization by passing `-e VAR=VALUE` to the Docker run command. + +**`MYSQL_USER`** + User name for MySQL account to be created + +**`MYSQL_PASSWORD`** + Password for the user account + +**`MYSQL_DATABASE`** + Database name + +**`MYSQL_ROOT_PASSWORD`** + Password for the root user (optional) + +**`MYSQL_CHARSET`** + Default character set (optional) + +**`MYSQL_COLLATION`** + Default collation (optional) + + +The following environment variables influence the MySQL configuration file. They are all optional. + +**`MYSQL_LOWER_CASE_TABLE_NAMES (default: 0)`** + Sets how the table names are stored and compared + +**`MYSQL_MAX_CONNECTIONS (default: 151)`** + The maximum permitted number of simultaneous client connections + +**`MYSQL_MAX_ALLOWED_PACKET (default: 200M)`** + The maximum size of one packet or any generated/intermediate string + +**`MYSQL_FT_MIN_WORD_LEN (default: 4)`** + The minimum length of the word to be included in a FULLTEXT index + +**`MYSQL_FT_MAX_WORD_LEN (default: 20)`** + The maximum length of the word to be included in a FULLTEXT index + +**`MYSQL_AIO (default: 1)`** + Controls the `innodb_use_native_aio` setting value in case the native AIO is broken. See http://help.directadmin.com/item.php?id=529 + +**`MYSQL_TABLE_OPEN_CACHE (default: 400)`** + The number of open tables for all threads + +**`MYSQL_KEY_BUFFER_SIZE (default: 32M or 10% of available memory)`** + The size of the buffer used for index blocks + +**`MYSQL_SORT_BUFFER_SIZE (default: 256K)`** + The size of the buffer used for sorting + +**`MYSQL_READ_BUFFER_SIZE (default: 8M or 5% of available memory)`** + The size of the buffer used for a sequential scan + +**`MYSQL_INNODB_BUFFER_POOL_SIZE (default: 32M or 50% of available memory)`** + The size of the buffer pool where InnoDB caches table and index data + +**`MYSQL_INNODB_LOG_FILE_SIZE (default: 8M or 15% of available memory)`** + The size of each log file in a log group + +**`MYSQL_INNODB_LOG_BUFFER_SIZE (default: 8M or 15% of available memory)`** + The size of the buffer that InnoDB uses to write to the log files on disk + +**`MYSQL_DEFAULTS_FILE (default: /etc/my.cnf)`** + Point to an alternative configuration file + +**`MYSQL_BINLOG_FORMAT (default: statement)`** + Set sets the binlog format, supported values are `row` and `statement` + +**`MYSQL_LOG_QUERIES_ENABLED (default: 0)`** + To enable query logging set this to `1` + + +You can also set the following mount points by passing the `-v /host:/container` flag to Docker. + +**`/var/lib/mysql/data`** + MySQL data directory + + +**Notice: When mouting a directory from the host into the container, ensure that the mounted +directory has the appropriate permissions and that the owner and group of the directory +matches the user UID or name which is running inside the container.** + + +MariaDB auto-tuning +------------------- + +When the MySQL image is run with the `--memory` parameter set and you didn't +specify value for some parameters, their values will be automatically +calculated based on the available memory. + +**`MYSQL_KEY_BUFFER_SIZE (default: 10%)`** + `key_buffer_size` + +**`MYSQL_READ_BUFFER_SIZE (default: 5%)`** + `read_buffer_size` + +**`MYSQL_INNODB_BUFFER_POOL_SIZE (default: 50%)`** + `innodb_buffer_pool_size` + +**`MYSQL_INNODB_LOG_FILE_SIZE (default: 15%)`** + `innodb_log_file_size` + +**`MYSQL_INNODB_LOG_BUFFER_SIZE (default: 15%)`** + `innodb_log_buffer_size` + + + +MySQL root user +--------------------------------- +The root user has no password set by default, only allowing local connections. +You can set it by setting the `MYSQL_ROOT_PASSWORD` environment variable. This +will allow you to login to the root account remotely. Local connections will +still not require a password. + +To disable remote root access, simply unset `MYSQL_ROOT_PASSWORD` and restart +the container. + + +Changing passwords +------------------ + +Since passwords are part of the image configuration, the only supported method +to change passwords for the database user (`MYSQL_USER`) and root user is by +changing the environment variables `MYSQL_PASSWORD` and `MYSQL_ROOT_PASSWORD`, +respectively. + +Changing database passwords through SQL statements or any way other than through +the environment variables aforementioned will cause a mismatch between the +values stored in the variables and the actual passwords. Whenever a database +container starts it will reset the passwords to the values stored in the +environment variables. + + +Default my.cnf file +------------------- +With environment variables we are able to customize a lot of different parameters +or configurations for the mysql bootstrap configurations. If you'd prefer to use +your own configuration file, you can override the `MYSQL_DEFAULTS_FILE` env +variable with the full path of the file you wish to use. For example, the default +location is `/etc/my.cnf` but you can change it to `/etc/mysql/my.cnf` by setting + `MYSQL_DEFAULTS_FILE=/etc/mysql/my.cnf` + + +Extending image +--------------- +This image can be extended in Openshift using the `Source` build strategy or via the standalone +[source-to-image](https://github.com/openshift/source-to-image) application (where available). +For this, we will assume that you are using the `rhscl/mariadb-105-rhel7` image, +available via `mariadb:10.5` imagestream tag in Openshift. + + +For example, to build a customized MariaDB database image `my-mariadb-rhel7` +with a configuration from `https://github.com/sclorg/mariadb-container/tree/master/examples/extend-image` run: + +``` +$ oc new-app mariadb:10.5~https://github.com/sclorg/mariadb-container.git \ + --name my-mariadb-rhel7 \ + --context-dir=examples/extend-image \ + --env MYSQL_OPERATIONS_USER=opuser \ + --env MYSQL_OPERATIONS_PASSWORD=oppass \ + --env MYSQL_DATABASE=opdb \ + --env MYSQL_USER=user \ + --env MYSQL_PASSWORD=pass +``` + +or via s2i: + +``` +$ s2i build --context-dir=examples/extend-image https://github.com/sclorg/mariadb-container.git rhscl/mariadb-105-rhel7 my-mariadb-rhel7 +``` + +The directory passed to Openshift can contain these directories: + +`mysql-cfg/` + When starting the container, files from this directory will be used as + a configuration for the `mysqld` daemon. + `envsubst` command is run on this file to still allow customization of + the image using environmental variables + +`mysql-pre-init/` + Shell scripts (`*.sh`) available in this directory are sourced before + `mysqld` daemon is started. + +`mysql-init/` + Shell scripts (`*.sh`) available in this directory are sourced when + `mysqld` daemon is started locally. In this phase, use `${mysql_flags}` + to connect to the locally running daemon, for example `mysql $mysql_flags < dump.sql` + +Variables that can be used in the scripts provided to s2i: + +`$mysql_flags` + arguments for the `mysql` tool that will connect to the locally running `mysqld` during initialization + +`$MYSQL_RUNNING_AS_MASTER` + variable defined when the container is run with `run-mysqld-master` command + +`$MYSQL_RUNNING_AS_SLAVE` + variable defined when the container is run with `run-mysqld-slave` command + +`$MYSQL_DATADIR_FIRST_INIT` + variable defined when the container was initialized from the empty data dir + +During the s2i build all provided files are copied into `/opt/app-root/src` +directory into the resulting image. If some configuration files are present +in the destination directory, files with the same name are overwritten. +Also only one file with the same name can be used for customization and user +provided files are preferred over default files in +`/usr/share/container-scripts/mysql/`- so it is possible to overwrite them. + +Same configuration directory structure can be used to customize the image +every time the image is started using `podman run`. The directory has to be +mounted into `/opt/app-root/src/` in the image +(`-v ./image-configuration/:/opt/app-root/src/`). +This overwrites customization built into the image. + + +Securing the connection with SSL +-------------------------------- +In order to secure the connection with SSL, use the extending feature described +above. In particular, put the SSL certificates into a separate directory: + + sslapp/mysql-certs/server-cert-selfsigned.pem + sslapp/mysql-certs/server-key.pem + +And then put a separate configuration file into mysql-cfg: + + $> cat sslapp/mysql-cfg/ssl.cnf + [mysqld] + ssl-key=${APP_DATA}/mysql-certs/server-key.pem + ssl-cert=${APP_DATA}/mysql-certs/server-cert-selfsigned.pem + +Such a directory `sslapp` can then be mounted into the container with -v, +or a new container image can be built using s2i. + + +Upgrading and data directory version checking +--------------------------------------------- + +MySQL and MariaDB use versions that consist of three numbers X.Y.Z (e.g. 5.6.23). +For version changes in Z part, the server's binary data format stays compatible and thus no +special upgrade procedure is needed. For upgrades from X.Y to X.Y+1, consider doing manual +steps as described at +https://mariadb.com/kb/en/library/upgrading-from-mariadb-104-to-mariadb-105/ + +Skipping versions like from X.Y to X.Y+2 or downgrading to lower version is not supported; +the only exception is ugrading from MariaDB 5.5 to MariaDB 10.0 and from MariaDB 10.3 to 10.5. + +**Important**: Upgrading to a new version is always risky and users are expected to make a full +back-up of all data before. + +A safer solution to upgrade is to dump all data using `mysqldump` or `mysqldbexport` and then +load the data using `mysql` or `mysqldbimport` into an empty (freshly initialized) database. + +Another way of proceeding with the upgrade is starting the new version of the `mysqld` daemon +and run `mysql_upgrade` right after the start. This so called in-place upgrade is generally +faster for large data directory, but only possible if upgrading from the very previous version, +so skipping versions is not supported. + +This container detects whether the data needs to be upgraded using `mysql_upgrade` and +we can control it by setting `MYSQL_DATADIR_ACTION` variable, which can have one or more of the following values: + + * `upgrade-warn` -- If the data version can be determined and the data come from a different version + of the daemon, a warning is printed but the container starts. This is the default value. + Since historically the version file `mysql_upgrade_info` was not created, when using this option, + the version file is created if not exist, but no `mysql_upgrade` will be called. + However, this automatic creation will be removed after few months, since the version should be + created on most deployments at that point. + * `upgrade-auto` -- `mysql_upgrade` is run at the beginning of the container start, when the local + daemon is running, but only if the data version can be determined and the data come + with the very previous version. A warning is printed if the data come from even older + or newer version. This value effectively enables automatic upgrades, + but it is always risky and users should still back-up all the data before starting the newer container. + Set this option only if you have very good back-ups at any moment and you are fine to fail-over + from the back-up. + * `upgrade-force` -- `mysql_upgrade --force` is run at the beginning of the container start, when the local + daemon is running, no matter what version of the daemon the data come from. + This is also the way to create the missing version file `mysql_upgrade_info` if not present + in the root of the data directory; this file holds information about the version of the data. + +There are also some other actions that you may want to run at the beginning of the container start, +when the local daemon is running, no matter what version of the data is detected: + + * `optimize` -- runs `mysqlcheck --optimize`. It optimizes all the tables. + * `analyze` -- runs `mysqlcheck --analyze`. It analyzes all the tables. + * `disable` -- nothing is done regarding data directory version. + +Multiple values are separated by comma and run in-order, e.g. `MYSQL_DATADIR_ACTION="optimize,analyze"`. + + +Changing the replication binlog_format +-------------------------------------- +Some applications may wish to use `row` binlog_formats (for example, those built + with change-data-capture in mind). The default replication/binlog format is + `statement` but to change it you can set the `MYSQL_BINLOG_FORMAT` environment + variable. For example `MYSQL_BINLOG_FORMAT=row`. Now when you run the database + with `master` replication turned on (ie, set the Docker/container `cmd` to be +`run-mysqld-master`) the binlog will emit the actual data for the rows that change +as opposed to the statements (ie, DML like insert...) that caused the change. + + +Troubleshooting +--------------- +The mysqld deamon in the container logs to the standard output, so the log is available in the container log. The log can be examined by running: + + podman logs + + +See also +-------- +Dockerfile and other sources for this container image are available on +https://github.com/sclorg/mariadb-container. +In that repository, the Dockerfile for CentOS is called Dockerfile, the Dockerfile +for RHEL7 is called Dockerfile.rhel7, the Dockerfile for RHEL8 is called Dockerfile.rhel8, +and the Dockerfile for Fedora is called Dockerfile.fedora. diff --git a/10.5/s2i-common b/10.5/s2i-common new file mode 120000 index 00000000..51722ec3 --- /dev/null +++ b/10.5/s2i-common @@ -0,0 +1 @@ +../s2i-common \ No newline at end of file diff --git a/10.5/test b/10.5/test new file mode 120000 index 00000000..419df4f9 --- /dev/null +++ b/10.5/test @@ -0,0 +1 @@ +../test \ No newline at end of file diff --git a/Makefile b/Makefile index e2408b4c..bddd2e77 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # Variables are documented in hack/build.sh. BASE_IMAGE_NAME = mariadb -VERSIONS = 10.3 +VERSIONS = 10.3 10.5 OPENSHIFT_NAMESPACES = DOCKER_BUILD_CONTEXT = .. diff --git a/README.md b/README.md index bc2ff22d..ac36cf99 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@ MariaDB SQL Database Server Docker Image ======================================== MariaDB 10.3 Quay.io status: [![Docker Repository on Quay](https://quay.io/repository/centos7/mariadb-103-centos7/status "Docker Repository on Quay")](https://quay.io/repository/centos7/mariadb-103-centos7) +MariaDB 10.5 Quay.io status: [![Docker Repository on Quay](https://quay.io/repository/centos7/mariadb-105-centos7/status "Docker Repository on Quay")](https://quay.io/repository/centos7/mariadb-105-centos7) This repository contains Dockerfiles for MariaDB images for OpenShift and general usage. Users can choose between RHEL, Fedora and CentOS based images. @@ -22,6 +23,7 @@ Versions --------------- MariaDB versions currently provided are: * [MariaDB 10.3](10.3) +* [MariaDB 10.5](10.5) RHEL versions currently supported are: * RHEL7 diff --git a/common b/common index e3cc7ceb..f20bf178 160000 --- a/common +++ b/common @@ -1 +1 @@ -Subproject commit e3cc7ceb75d1351f5e1152e4016b1c0bbc77c823 +Subproject commit f20bf1787d5c3c63da281118e3822c5ff20b0053 diff --git a/root-common/usr/share/container-scripts/mysql/common.sh b/root-common/usr/share/container-scripts/mysql/common.sh index 071f886e..70bdbf03 100644 --- a/root-common/usr/share/container-scripts/mysql/common.sh +++ b/root-common/usr/share/container-scripts/mysql/common.sh @@ -96,7 +96,8 @@ function initialize_database() { log_info 'Initializing database ...' log_info 'Running mysql_install_db ...' # Using --rpm since we need mysql_install_db behaves as in RPM - mysql_install_db --rpm --datadir=$MYSQL_DATADIR + # Using --auth-root-authentication-method=normal because we are not root in the container + mysql_install_db --rpm --datadir=$MYSQL_DATADIR --auth-root-authentication-method=normal start_local_mysql "$@" # Running mysql_upgrade creates the mysql_upgrade_info file in the data dir, diff --git a/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh b/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh index 6198367e..210644ff 100644 --- a/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh +++ b/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh @@ -5,6 +5,8 @@ upstream_upgrade_info() { 10.1) echo "https://mariadb.com/kb/en/library/upgrading-from-mariadb-100-to-mariadb-101/" ;; 10.2) echo "https://mariadb.com/kb/en/library/upgrading-from-mariadb-101-to-mariadb-102/" ;; 10.3) echo "https://mariadb.com/kb/en/library/upgrading-from-mariadb-102-to-mariadb-103/" ;; + 10.5) echo "https://mariadb.com/kb/en/upgrading-from-mariadb-103-to-mariadb-104/" + echo "https://mariadb.com/kb/en/upgrading-from-mariadb-104-to-mariadb-105/" ;; 5.6) echo "https://dev.mysql.com/doc/refman/5.6/en/upgrading-from-previous-series.html" ;; 5.7) echo "https://dev.mysql.com/doc/refman/5.7/en/upgrading-from-previous-series.html" ;; *) echo "Non expected version '${MYSQL_VERSION}'" ; return 1 ;; @@ -57,7 +59,9 @@ check_datadir_version() { continue fi - if [ $(( ${datadir_version} + 1 )) -eq "${mysqld_version}" -o "${datadir_version}" -eq 505 -a "${mysqld_version}" -eq 1000 ] ; then + if [ $(( ${datadir_version} + 1 )) -eq "${mysqld_version}" ] || [ "${datadir_version}" -eq 505 -a "${mysqld_version}" -eq 1000 ] || \ + [ "${datadir_version}" -eq 1003 -a "${mysqld_version}" -eq 1005 ] ; then + log_warn "MySQL server is version ${mysqld_version_dot} and datadir is version"\ "${datadir_version_dot}, which is a compatible combination." if [ "${MYSQL_DATADIR_ACTION}" == 'upgrade-auto' ] ; then diff --git a/root-common/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template b/root-common/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template index f434885f..0dbed208 100644 --- a/root-common/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template +++ b/root-common/usr/share/container-scripts/mysql/pre-init/my-master.cnf.template @@ -2,6 +2,8 @@ server-id = ${MYSQL_SERVER_ID} log_bin = ${MYSQL_DATADIR}/mysql-bin.log -binlog_do_db = mysql -binlog_do_db = ${MYSQL_DATABASE} +# Not using explicit DB filtering, from some unknown reason this makes the user +# permissions not being replicated on 10.5 and further +# binlog_do_db = mysql +# binlog_do_db = ${MYSQL_DATABASE} binlog_format = ${MYSQL_BINLOG_FORMAT} diff --git a/root-common/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template b/root-common/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template index 5bdf1095..7ad14687 100644 --- a/root-common/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template +++ b/root-common/usr/share/container-scripts/mysql/pre-init/my-slave.cnf.template @@ -3,5 +3,7 @@ server-id = ${MYSQL_SERVER_ID} log_bin = ${MYSQL_DATADIR}/mysql-bin.log relay-log = ${MYSQL_DATADIR}/mysql-relay-bin.log -binlog_do_db = mysql -binlog_do_db = ${MYSQL_DATABASE} +# Not using explicit DB filtering, from some unknown reason this makes the user +# permissions not being replicated on 10.5 and further +# binlog_do_db = mysql +# binlog_do_db = ${MYSQL_DATABASE} diff --git a/test/run b/test/run index 76bf9fe1..2d693e28 100755 --- a/test/run +++ b/test/run @@ -191,10 +191,11 @@ function run_replication_test() { result="$(mysql_cmd "$master_ip" root root -e 'SHOW SLAVE HOSTS;' | grep "$slave_ip" || true)" if [[ -n "${result}" ]]; then echo "${slave_ip} successfully registered as SLAVE for ${master_ip}" + echo "${result}" break fi if [[ "${i}" == "${max_attempts}" ]]; then - echo "The ${slave_ip} failed to register in MASTER" + echo "ERROR: The ${slave_ip} failed to register in MASTER" echo "Dumping logs for $(ct_get_cid slave.cid)" docker logs $(ct_get_cid slave.cid) return 1 @@ -202,26 +203,55 @@ function run_replication_test() { sleep 1 done + local i + for i in $(seq $max_attempts); do + result="$(docker exec $(ct_get_cid slave.cid) bash -c 'mysql -uroot <<< "show slave status\G;"' || true)" + if echo "$result" | grep -e '\s*Slave_IO_Running:\s*Yes' && \ + echo "$result" | grep -e '\s*Slave_SQL_Running:\s*Yes' ; then + echo "Slave ${slave_ip} in running state." + break + fi + if [[ "${i}" == "${max_attempts}" ]]; then + echo "ERROR: Slave ${slave_ip} not in correct state." + return 1 + fi + sleep 1 + done + # do some real work to test replication in practice - mysql_cmd "$master_ip" root root -e "CREATE TABLE t1 (a INT); INSERT INTO t1 VALUES (24);" + mysql_cmd "$master_ip" user foo -e "CREATE TABLE t1 (a INT); INSERT INTO t1 VALUES (24);" # read value from slave and check whether it is expectd for i in $(seq $max_attempts); do - set +e - result="$(mysql_cmd "${slave_ip}" root root -e "select * from t1 \G" | grep -e ^a | grep 24)" - set -e - if [[ ! -z "${result}" ]]; then + if docker exec $(ct_get_cid slave.cid) bash -c 'mysql -uroot <<< "select * from db.t1 \G"' | grep -e ^a | grep 24; then echo "${slave_ip} successfully got value from MASTER ${master_ip}" break fi if [[ "${i}" == "${max_attempts}" ]]; then - echo "The ${slave_ip} failed to see value added on MASTER" + echo "ERROR: The ${slave_ip} failed to see value added on MASTER" echo "Dumping logs for $(ct_get_cid slave.cid)" docker logs $(ct_get_cid slave.cid) return 1 fi sleep 1 done + + # read value from slave using root and user account and check whether it is expectd + if mysql_cmd "${slave_ip}" root root -e "select * from t1 \G" | grep -e ^a | grep 24 ; then + echo "Successfully got value from MASTER ${master_ip} using root access on SLAVE ${slave_ip}" + else + echo "The ${slave_ip} failed to see value added on MASTER using root access on SLAVE ${slave_ip}" + docker logs $(ct_get_cid slave.cid) + return 1 + fi + + if mysql_cmd "${slave_ip}" user foo -e "select * from t1 \G" | grep -e ^a | grep 24 ; then + echo "Successfully got value from MASTER ${master_ip} using root access on SLAVE ${slave_ip}" + else + echo "The ${slave_ip} failed to see value added on MASTER using non-root user access on SLAVE ${slave_ip}" + docker logs $(ct_get_cid slave.cid) + return 1 + fi } function assert_login_access() { @@ -550,6 +580,7 @@ function get_previous_major_version() { 10.1) echo "10.0" ;; 10.2) echo "10.1" ;; 10.3) echo "10.2" ;; + 10.5) echo "10.3" ;; *) echo "Non expected version '${1}'" ; return 1 ;; esac }