From d6730ac473c6bba7ed2874baa5b4505db842c85e Mon Sep 17 00:00:00 2001 From: lihongda Date: Tue, 11 Aug 2020 15:05:52 +0800 Subject: [PATCH] update docker feature --- .../SingleInstance/dockerfiles/1.0.0/Checksum | 1 - .../1.0.0/{Dockerfile => dockerfile_amd} | 21 ++++---- .../dockerfiles/1.0.0/dockerfile_arm | 48 +++++++++++++++++ .../dockerfiles/1.0.0/entrypoint.sh | 54 ++++++++++++++----- .../dockerfiles/1.0.0/md5_file_amd64 | 1 + .../dockerfiles/1.0.0/md5_file_arm64 | 1 + .../dockerfiles/buildDockerImage.sh | 18 +++++-- 7 files changed, 115 insertions(+), 29 deletions(-) delete mode 100644 docker/SingleInstance/dockerfiles/1.0.0/Checksum rename docker/SingleInstance/dockerfiles/1.0.0/{Dockerfile => dockerfile_amd} (58%) create mode 100755 docker/SingleInstance/dockerfiles/1.0.0/dockerfile_arm create mode 100644 docker/SingleInstance/dockerfiles/1.0.0/md5_file_amd64 create mode 100644 docker/SingleInstance/dockerfiles/1.0.0/md5_file_arm64 diff --git a/docker/SingleInstance/dockerfiles/1.0.0/Checksum b/docker/SingleInstance/dockerfiles/1.0.0/Checksum deleted file mode 100644 index 2365208b3..000000000 --- a/docker/SingleInstance/dockerfiles/1.0.0/Checksum +++ /dev/null @@ -1 +0,0 @@ -369bbc8229d0526b8df454f76d244397 openGauss-1.0.0-CentOS-64bit.tar.bz2 diff --git a/docker/SingleInstance/dockerfiles/1.0.0/Dockerfile b/docker/SingleInstance/dockerfiles/1.0.0/dockerfile_amd similarity index 58% rename from docker/SingleInstance/dockerfiles/1.0.0/Dockerfile rename to docker/SingleInstance/dockerfiles/1.0.0/dockerfile_amd index ecb2729df..607cae31b 100755 --- a/docker/SingleInstance/dockerfiles/1.0.0/Dockerfile +++ b/docker/SingleInstance/dockerfiles/1.0.0/dockerfile_amd @@ -1,6 +1,7 @@ FROM centos:7.6.1810 COPY openGauss-1.0.0-CentOS-64bit.tar.bz2 . +COPY gosu-amd64 /usr/local/bin/gosu ENV LANG en_US.utf8 #RUN yum install -y epel-release @@ -12,7 +13,7 @@ RUN set -eux; \ mkdir -p /var/lib/opengauss && \ mkdir -p /usr/local/opengauss && \ tar -jxvf openGauss-1.0.0-CentOS-64bit.tar.bz2 -C /usr/local/opengauss && \ - mkdir -p /var/run/opengauss && chown -R omm:omm /var/run/opengauss && chmod 2777 /var/run/opengauss && \ + mkdir -p /var/run/opengauss && chown -R omm:omm /var/run/opengauss && chown -R omm:omm /usr/local/opengauss && chmod 2777 /var/run/opengauss && \ rm -rf openGauss-1.0.0-CentOS-64bit.tar.bz2 && yum clean all RUN set -eux; \ @@ -22,14 +23,14 @@ RUN set -eux; \ ENV GOSU_VERSION 1.12 RUN set -eux; \ - dpkgArch=`case $(uname -m) in i386) echo "386" ;; i686) echo "386" ;; x86_64) echo "amd64";; aarch64)echo "arm64";; esac`; \ - gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ - && curl -o /usr/local/bin/gosu -SL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ - && curl -o /usr/local/bin/gosu.asc -SL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \ - && gpg --verify /usr/local/bin/gosu.asc \ - && rm /usr/local/bin/gosu.asc \ - && rm -r /root/.gnupg/ \ - && chmod +x /usr/local/bin/gosu +# dpkgArch=`case $(uname -m) in i386) echo "386" ;; i686) echo "386" ;; x86_64) echo "amd64";; aarch64)echo "arm64";; esac`; \ +# gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ +# && curl -o /usr/local/bin/gosu -SL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ +# && curl -o /usr/local/bin/gosu.asc -SL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \ +# && gpg --verify /usr/local/bin/gosu.asc \ +# && rm /usr/local/bin/gosu.asc \ +# && rm -r /root/.gnupg/ \ + chmod +x /usr/local/bin/gosu RUN mkdir /docker-entrypoint-initdb.d @@ -40,5 +41,5 @@ RUN chmod +x /usr/local/bin/entrypoint.sh;ln -s /usr/local/bin/entrypoint.sh / # ENTRYPOINT ["entrypoint.sh"] -EXPOSE 5432 +EXPOSE 5432 CMD ["gaussdb"] diff --git a/docker/SingleInstance/dockerfiles/1.0.0/dockerfile_arm b/docker/SingleInstance/dockerfiles/1.0.0/dockerfile_arm new file mode 100755 index 000000000..ffda9332f --- /dev/null +++ b/docker/SingleInstance/dockerfiles/1.0.0/dockerfile_arm @@ -0,0 +1,48 @@ +FROM openeuler-20.03-lts:latest + +COPY openGauss-1.0.0-openEuler-64bit.tar.bz2 . +COPY gosu-arm64 /usr/local/bin/gosu +COPY openEuler_aarch64.repo /etc/yum.repos.d/openEuler_aarch64.repo +ENV LANG en_US.utf8 + +#RUN yum install -y epel-release + +RUN set -eux; \ + yum install -y bzip2 curl libaio shadow tar&& \ + groupadd -g 70 omm; \ + useradd -u 70 -g omm -d /home/omm omm; \ + mkdir -p /var/lib/opengauss && \ + mkdir -p /usr/local/opengauss && \ + mkdir -p /var/run/opengauss && \ + mkdir /docker-entrypoint-initdb.d && \ + tar -jxvf openGauss-1.0.0-openEuler-64bit.tar.bz2 -C /usr/local/opengauss && \ + chown -R omm:omm /var/run/opengauss && chown -R omm:omm /usr/local/opengauss && chown -R omm:omm /var/lib/opengauss && chown -R omm:omm /docker-entrypoint-initdb.d && \ + chmod 2777 /var/run/opengauss && \ + rm -rf openGauss-1.0.0-openEuler-64bit.tar.bz2 && yum clean all + +RUN set -eux; \ + echo "export GAUSSHOME=/usr/local/opengauss" >> /home/omm/.bashrc && \ + echo "export PATH=\$GAUSSHOME/bin:\$PATH " >> /home/omm/.bashrc && \ + echo "export LD_LIBRARY_PATH=\$GAUSSHOME/lib:\$LD_LIBRARY_PATH" >> /home/omm/.bashrc + +ENV GOSU_VERSION 1.12 +RUN set -eux; \ +# dpkgArch=`case $(uname -m) in i386) echo "386" ;; i686) echo "386" ;; x86_64) echo "amd64";; aarch64)echo "arm64";; esac`; \ +# gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ +# && curl -o /usr/local/bin/gosu -SL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ +# && curl -o /usr/local/bin/gosu.asc -SL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \ +# && gpg --verify /usr/local/bin/gosu.asc \ +# && rm /usr/local/bin/gosu.asc \ +# && rm -r /root/.gnupg/ \ + chmod +x /usr/local/bin/gosu + + +ENV PGDATA /var/lib/opengauss/data + +COPY entrypoint.sh /usr/local/bin/ +RUN chmod 755 /usr/local/bin/entrypoint.sh;ln -s /usr/local/bin/entrypoint.sh / # backwards compat + +ENTRYPOINT ["entrypoint.sh"] + +EXPOSE 5432 +CMD ["gaussdb"] diff --git a/docker/SingleInstance/dockerfiles/1.0.0/entrypoint.sh b/docker/SingleInstance/dockerfiles/1.0.0/entrypoint.sh index df2bacbd9..8985b6873 100755 --- a/docker/SingleInstance/dockerfiles/1.0.0/entrypoint.sh +++ b/docker/SingleInstance/dockerfiles/1.0.0/entrypoint.sh @@ -10,7 +10,6 @@ export GAUSSHOME=/usr/local/opengauss export PATH=$GAUSSHOME/bin:$PATH export LD_LIBRARY_PATH=$GAUSSHOME/lib:$LD_LIBRARY_PATH - file_env() { local var="$1" local fileVar="${var}_FILE" @@ -81,8 +80,11 @@ docker_init_database_dir() { set -- --xlogdir "$POSTGRES_INITDB_XLOGDIR" "$@" fi - eval 'gs_initdb --pwfile=<(echo "$GS_PASSWORD") --nodename=`hostname` '"$POSTGRES_INITDB_ARGS"' "$@"' - + if [ -n "$GS_NODENAME" ]; then + eval 'gs_initdb --pwfile=<(echo "$GS_PASSWORD") --nodename=$GS_NODENAME '"$POSTGRES_INITDB_ARGS"' "$@"' + else + eval 'gs_initdb --pwfile=<(echo "$GS_PASSWORD") --nodename=gaussdb '"$POSTGRES_INITDB_ARGS"' "$@"' + fi # unset/cleanup "nss_wrapper" bits if [ "${LD_PRELOAD:-}" = '/usr/lib/libnss_wrapper.so' ]; then rm -f "$NSS_WRAPPER_PASSWD" "$NSS_WRAPPER_GROUP" @@ -99,8 +101,10 @@ docker_verify_minimum_env() { # messes it up if [ "${#GS_PASSWORD}" -ge 100 ]; then cat >&2 <<-'EOWARN' + WARNING: The supplied GS_PASSWORD is 100+ characters. - EOWARN + +EOWARN fi if [ -z "$GS_PASSWORD" ] && [ 'trust' != "$GS_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) @@ -108,22 +112,24 @@ docker_verify_minimum_env() { Error: Database is uninitialized and superuser password is not specified. You must specify GS_PASSWORD to a non-empty value for the superuser. For example, "-e GS_PASSWORD=password" on "docker run". + You may also use "GS_HOST_AUTH_METHOD=trust" to allow all connections without a password. This is *not* recommended. - EOE + +EOE exit 1 fi if [ 'trust' = "$GS_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' ******************************************************************************** WARNING: GS_HOST_AUTH_METHOD has been set to "trust". This will allow - anyone with access to the Postgres port to access your database without + anyone with access to the opengauss port to access your database without a password, even if GS_PASSWORD is set. It is not recommended to use GS_HOST_AUTH_METHOD=trust. Replace it with "-e GS_PASSWORD=password" instead to set a password in "docker run". ******************************************************************************** - EOWARN +EOWARN fi } @@ -174,14 +180,26 @@ docker_process_sql() { # uses environment variables for input: GS_DB docker_setup_db() { if [ "$GS_DB" != 'postgres' ]; then - GS_DB= docker_process_sql --dbname postgres --set db="$GS_DB" --set passwd="$GS_PASSWORD" <<-'EOSQL' + GS_DB= docker_process_sql --dbname postgres --set db="$GS_DB" --set passwd="$GS_PASSWORD" --set passwd="$GS_PASSWORD" <<-'EOSQL' CREATE DATABASE :"db" ; create user gaussdb with login password :"passwd" ; - EOSQL + +EOSQL echo fi } +docker_setup_user() { + if [ -n "$GS_USERNAME" ]; then + GS_DB= docker_process_sql --dbname postgres --set db="$GS_DB" --set passwd="$GS_PASSWORD" --set user="$GS_USERNAME" <<-'EOSQL' + create user :"user" with login password :"passwd" ; +EOSQL + else + echo " default user is gaussdb" + fi +} + + # Loads various settings that are used elsewhere in the script # This should be called before any other functions docker_setup_env() { @@ -216,15 +234,21 @@ opengauss_setup_hba_conf() { opengauss_setup_postgresql_conf() { { echo - if [ 'trust' = "$GS_HOST_AUTH_METHOD" ]; then - echo '# warning trust is enabled for all connections' + if [ -n "$GS_PORT" ]; then + echo "password_encryption_type = 0" + echo "listen_addresses = '*'" + echo "port = $GS_PORT" + else + echo '# use default port 5432' + echo "password_encryption_type = 0" + echo "listen_addresses = '*'" fi - echo "password_encryption_type = 0" - echo "listen_addresses = '*'" } >> "$PGDATA/postgresql.conf" } - +opengauss_setup_mot_conf() { + echo "enable_numa = false" >> "$PGDATA/mot.conf" +} # start socket-only postgresql server for setting up or running scripts # all arguments will be passed along as arguments to `postgres` (via pg_ctl) @@ -291,6 +315,7 @@ _main() { docker_init_database_dir opengauss_setup_hba_conf opengauss_setup_postgresql_conf + opengauss_setup_mot_conf # PGPASSWORD is required for gsql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless # e.g. when '--auth=md5' or '--auth-local=md5' is used in POSTGRES_INITDB_ARGS @@ -298,6 +323,7 @@ _main() { docker_temp_server_start "$@" docker_setup_db + docker_setup_user docker_process_init_files /docker-entrypoint-initdb.d/* docker_temp_server_stop diff --git a/docker/SingleInstance/dockerfiles/1.0.0/md5_file_amd64 b/docker/SingleInstance/dockerfiles/1.0.0/md5_file_amd64 new file mode 100644 index 000000000..9730c3f58 --- /dev/null +++ b/docker/SingleInstance/dockerfiles/1.0.0/md5_file_amd64 @@ -0,0 +1 @@ +8fad749031cb79b6de6d0b861ffd453c openGauss-1.0.0-CentOS-64bit.tar.bz2 diff --git a/docker/SingleInstance/dockerfiles/1.0.0/md5_file_arm64 b/docker/SingleInstance/dockerfiles/1.0.0/md5_file_arm64 new file mode 100644 index 000000000..5b8052141 --- /dev/null +++ b/docker/SingleInstance/dockerfiles/1.0.0/md5_file_arm64 @@ -0,0 +1 @@ +241a8f1c8499138e16105e6947f64355 openGauss-1.0.0-openEuler-64bit.tar.bz2 diff --git a/docker/SingleInstance/dockerfiles/buildDockerImage.sh b/docker/SingleInstance/dockerfiles/buildDockerImage.sh index e86df3fe4..3b2704568 100755 --- a/docker/SingleInstance/dockerfiles/buildDockerImage.sh +++ b/docker/SingleInstance/dockerfiles/buildDockerImage.sh @@ -20,9 +20,14 @@ EOF # Validate packages checksumPackages() { +if [ $arch = "amd64" ]; then + md5_file="md5_file_amd64" + else + md5_file="md5_file_arm64" +fi if hash md5sum 2>/dev/null; then echo "Checking if required packages are present and valid..." - if ! md5sum -c "Checksum"; then + if ! md5sum -c "$md5_file"; then echo "MD5 for required packages to build this image did not match!" echo "Make sure to download missing files in folder $VERSION." exit 1; @@ -60,7 +65,12 @@ VERSION="1.0.0" SKIPMD5=0 DOCKEROPS="" MIN_DOCKER_VERSION="17.09" -DOCKERFILE="Dockerfile" +arch=`case $(uname -m) in i386) echo "386" ;; i686) echo "386" ;; x86_64) echo "amd64";; aarch64)echo "arm64";; esac` +if [ $arch = "amd64" ]; then + DOCKERFILE="dockerfile_amd" + else + DOCKERFILE="dockerfile_arm" +fi if [ "$#" -eq 0 ]; then usage; @@ -102,7 +112,7 @@ if [ "$VERSION" == "12.1.0.2" ] || [ "$VERSION" == "11.2.0.2" ] || [ "$VERSION" DOCKERFILE="$DOCKERFILE" fi; -# Oracle Database Image Name +# openGauss Database Image Name IMAGE_NAME="opengauss:$VERSION" # Go into version folder @@ -154,7 +164,7 @@ docker build --force-rm=true --no-cache=true \ $DOCKEROPS $PROXY_SETTINGS \ -t $IMAGE_NAME -f $DOCKERFILE . || { echo "" - echo "ERROR: Oracle Database Docker Image was NOT successfully created." + echo "ERROR: openGauss Database Docker Image was NOT successfully created." echo "ERROR: Check the output and correct any reported problems with the docker build operation." exit 1 }