Adding service definition for mariadb
Change-Id: I912222004584ce9cd5f60a45455ac287214a1d52
This commit is contained in:
parent
debb2ccb28
commit
aac31945ee
2
.gitignore
vendored
2
.gitignore
vendored
@ -64,3 +64,5 @@ vagrant/vagrantkey*
|
|||||||
|
|
||||||
# generated openrc
|
# generated openrc
|
||||||
openrc
|
openrc
|
||||||
|
|
||||||
|
tests/.cache*
|
||||||
|
@ -9,9 +9,6 @@ RUN apt-get install -y --no-install-recommends \
|
|||||||
&& apt-get clean \
|
&& apt-get clean \
|
||||||
&& rm -rf /var/lib/mysql/*
|
&& rm -rf /var/lib/mysql/*
|
||||||
|
|
||||||
# delme in future
|
|
||||||
COPY my.cnf /etc/mysql/my.cnf
|
|
||||||
|
|
||||||
COPY mariadb_sudoers /etc/sudoers.d/mariadb_sudoers
|
COPY mariadb_sudoers /etc/sudoers.d/mariadb_sudoers
|
||||||
COPY bootstrap.sh /usr/local/bin/bootstrap.sh
|
COPY bootstrap.sh /usr/local/bin/bootstrap.sh
|
||||||
COPY security_reset.expect /usr/local/bin/mysql_security_reset
|
COPY security_reset.expect /usr/local/bin/mysql_security_reset
|
||||||
@ -20,9 +17,3 @@ RUN chmod 755 /usr/local/bin/bootstrap.sh \
|
|||||||
&& chmod 750 /etc/sudoers.d \
|
&& chmod 750 /etc/sudoers.d \
|
||||||
&& chmod 440 /etc/sudoers.d/mariadb_sudoers \
|
&& chmod 440 /etc/sudoers.d/mariadb_sudoers \
|
||||||
&& usermod -a -G microservices mysql
|
&& usermod -a -G microservices mysql
|
||||||
|
|
||||||
### delme in future
|
|
||||||
ENV DB_ROOT_PASSWORD "password"
|
|
||||||
|
|
||||||
USER mysql
|
|
||||||
CMD ["bootstrap.sh"]
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash -e
|
||||||
|
|
||||||
function bootstrap_db {
|
function bootstrap_db {
|
||||||
mysqld_safe --wsrep-new-cluster &
|
mysqld_safe --wsrep-new-cluster &
|
||||||
@ -13,14 +13,16 @@ function bootstrap_db {
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
echo "mysql_security_reset"
|
echo "mysql_security_reset"
|
||||||
sudo -E mysql_security_reset
|
sudo -E mysql_security_reset ${DB_ROOT_PASSWORD}
|
||||||
echo "PASSWORD: $DB_ROOT_PASSWORD"
|
|
||||||
mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
|
mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
|
||||||
mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
|
mysql -u root --password="${DB_ROOT_PASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${DB_ROOT_PASSWORD}' WITH GRANT OPTION;"
|
||||||
echo "SHUTDOWN"
|
|
||||||
mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" shutdown
|
mysqladmin -uroot -p"${DB_ROOT_PASSWORD}" shutdown
|
||||||
|
wait $(jobs -p)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
DB_ROOT_PASSWORD="$1"
|
||||||
|
DB_MAX_TIMEOUT="$2"
|
||||||
|
|
||||||
# Only update permissions if permissions need to be updated
|
# Only update permissions if permissions need to be updated
|
||||||
if [[ $(stat -c %U:%G /var/lib/mysql) != "mysql:mysql" ]]; then
|
if [[ $(stat -c %U:%G /var/lib/mysql) != "mysql:mysql" ]]; then
|
||||||
sudo chown mysql: /var/lib/mysql
|
sudo chown mysql: /var/lib/mysql
|
||||||
@ -29,6 +31,4 @@ fi
|
|||||||
# Bootstrap
|
# Bootstrap
|
||||||
mysql_install_db
|
mysql_install_db
|
||||||
bootstrap_db
|
bootstrap_db
|
||||||
|
touch /tmp/mariadb_ok
|
||||||
# Run daemon
|
|
||||||
mysqld
|
|
||||||
|
@ -1,5 +1,7 @@
|
|||||||
#!/usr/bin/expect -f
|
#!/usr/bin/expect -f
|
||||||
|
|
||||||
|
set passwd [lindex $argv 0]
|
||||||
|
|
||||||
set timeout 10
|
set timeout 10
|
||||||
spawn mysql_secure_installation
|
spawn mysql_secure_installation
|
||||||
expect {
|
expect {
|
||||||
@ -19,14 +21,14 @@ expect {
|
|||||||
eof { send_user "\nFailed to get 'New password:' prompt\n"; exit 1 }
|
eof { send_user "\nFailed to get 'New password:' prompt\n"; exit 1 }
|
||||||
"New password:"
|
"New password:"
|
||||||
}
|
}
|
||||||
send "$env(DB_ROOT_PASSWORD)\r"
|
send "$passwd\r"
|
||||||
|
|
||||||
expect {
|
expect {
|
||||||
timeout { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
timeout { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
||||||
eof { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
eof { send_user "\nFailed to get 'Re-enter new password:' prompt\n"; exit 1 }
|
||||||
"Re-enter new password:"
|
"Re-enter new password:"
|
||||||
}
|
}
|
||||||
send "$env(DB_ROOT_PASSWORD)\r"
|
send "$passwd\r"
|
||||||
|
|
||||||
expect {
|
expect {
|
||||||
timeout { send_user "\nFailed to get 'Remove anonymous users?' prompt\n"; exit 1 }
|
timeout { send_user "\nFailed to get 'Remove anonymous users?' prompt\n"; exit 1 }
|
||||||
|
5
service/files/defaults.yaml
Normal file
5
service/files/defaults.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
configs:
|
||||||
|
db_max_timeout: 60
|
||||||
|
db_root_password: password
|
||||||
|
mariadb_addr: 0.0.0.0
|
||||||
|
mariadb_port: 3306
|
@ -1,6 +1,6 @@
|
|||||||
[mysqld]
|
[mysqld]
|
||||||
#bind-address={{ mariadb_addr }}
|
bind-address = {{ mariadb_addr }}
|
||||||
#port={{ mariadb_port }}
|
port = {{ mariadb_port }}
|
||||||
|
|
||||||
datadir=/var/lib/mysql/
|
datadir=/var/lib/mysql/
|
||||||
log-error=/var/log/mysql.log
|
log-error=/var/log/mysql.log
|
3
service/files/readiness.sh.j2
Normal file
3
service/files/readiness.sh.j2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
test -f /tmp/mariadb_ok && nc -z localhost {{ mariadb_port }}
|
26
service/mariadb.yaml
Normal file
26
service/mariadb.yaml
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
service:
|
||||||
|
name: mariadb
|
||||||
|
ports:
|
||||||
|
- mariadb_port
|
||||||
|
probes:
|
||||||
|
readiness: mariadb-readiness.sh
|
||||||
|
liveness: "true"
|
||||||
|
pre:
|
||||||
|
- name: mariadb-bootstrap
|
||||||
|
command: bootstrap.sh {{ db_root_password }} {{ db_max_timeout }}
|
||||||
|
user: mysql
|
||||||
|
daemon:
|
||||||
|
command: mysqld
|
||||||
|
files:
|
||||||
|
- mariadb-my-cnf
|
||||||
|
- mariadb-readiness
|
||||||
|
user: mysql
|
||||||
|
|
||||||
|
files:
|
||||||
|
mariadb-my-cnf:
|
||||||
|
path: /etc/mysql/my.cnf
|
||||||
|
content: my.cnf.j2
|
||||||
|
mariadb-readiness:
|
||||||
|
path: /usr/local/bin/mariadb-readiness.sh
|
||||||
|
content: readiness.sh.j2
|
||||||
|
perm: "755"
|
@ -1,17 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Pod
|
|
||||||
metadata:
|
|
||||||
name: mariadb
|
|
||||||
labels:
|
|
||||||
app: mariadb
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: mariadb
|
|
||||||
image: {{ namespace }}/mariadb:{{ tag }}
|
|
||||||
env:
|
|
||||||
- name: DB_ROOT_PASSWORD
|
|
||||||
value: password
|
|
||||||
imagePullPolicy: Always
|
|
||||||
ports:
|
|
||||||
- containerPort: 3306
|
|
||||||
hostPort: 3306
|
|
@ -1,12 +0,0 @@
|
|||||||
kind: "Service"
|
|
||||||
apiVersion: "v1"
|
|
||||||
metadata:
|
|
||||||
name: "openstack-mysql"
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
app: "mariadb"
|
|
||||||
ports:
|
|
||||||
-
|
|
||||||
protocol: "TCP"
|
|
||||||
port: 3306
|
|
||||||
targetPort: 3306
|
|
4
test-requirements.txt
Normal file
4
test-requirements.txt
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
docker-py
|
||||||
|
docker-compose
|
||||||
|
requests==2.7.0 # dirty hack for CI
|
||||||
|
pytest
|
@ -1,6 +1,5 @@
|
|||||||
mariadb:
|
mariadb:
|
||||||
image: mcp/mariadb
|
image: mariadbbuild/mariadb:latest
|
||||||
environment:
|
|
||||||
DB_ROOT_PASSWORD: r00tme
|
|
||||||
ports:
|
ports:
|
||||||
- 33306:3306
|
- 33306:3306
|
||||||
|
command: "bootstrap.sh r00tme 60 && mysqld"
|
||||||
|
@ -36,8 +36,7 @@ def test_mysql_is_running():
|
|||||||
|
|
||||||
|
|
||||||
def test_mysql_is_accessible(cli, container):
|
def test_mysql_is_accessible(cli, container):
|
||||||
cmd = ("bash -c 'mysql -Ns -h127.0.0.1 -uroot -p$DB_ROOT_PASSWORD"
|
cmd = ("bash -c 'mysql -Ns -h127.0.0.1 -uroot -e \"SHOW DATABASES\"'")
|
||||||
" -e \"SHOW DATABASES\"'")
|
|
||||||
res = cli.exec_create(container['Id'], cmd)
|
res = cli.exec_create(container['Id'], cmd)
|
||||||
out = cli.exec_start(res)
|
out = cli.exec_start(res)
|
||||||
assert cli.exec_inspect(res)['ExitCode'] == 0
|
assert cli.exec_inspect(res)['ExitCode'] == 0
|
||||||
|
Loading…
Reference in New Issue
Block a user