diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml index ebf5051..e8aa15f 100644 --- a/.github/workflows/build-and-push.yml +++ b/.github/workflows/build-and-push.yml @@ -14,6 +14,18 @@ jobs: fail-fast: false matrix: include: + - dockerfile: "10.11/Dockerfile.c9s" + registry_namespace: "sclorg" + quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME" + quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" + tag: "c9s" + image_name: "mariadb-1011-c9s" + - dockerfile: "10.11/Dockerfile.c8s" + registry_namespace: "sclorg" + quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME" + quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" + tag: "c8s" + image_name: "mariadb-1011-c8s" - dockerfile: "10.5/Dockerfile.c9s" registry_namespace: "sclorg" quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME" @@ -38,6 +50,12 @@ jobs: quayio_token: "QUAY_IMAGE_FEDORA_BUILDER_TOKEN" tag: "fedora" image_name: "mariadb-105" + - dockerfile: "10.11/Dockerfile.fedora" + registry_namespace: "fedora" + quayio_username: "QUAY_IMAGE_FEDORA_BUILDER_USERNAME" + quayio_token: "QUAY_IMAGE_FEDORA_BUILDER_TOKEN" + tag: "fedora" + image_name: "mariadb-1011" steps: - name: Build and push to quay.io registry diff --git a/10.11/.exclude-fedora b/10.11/.exclude-fedora new file mode 100644 index 0000000..e69de29 diff --git a/10.11/Dockerfile.c8s b/10.11/Dockerfile.c8s new file mode 100644 index 0000000..e1324fb --- /dev/null +++ b/10.11/Dockerfile.c8s @@ -0,0 +1,71 @@ +FROM quay.io/sclorg/s2i-core-c8s:c8s + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.11 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.11 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.11" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb1011,mariadb-1011" \ + com.redhat.component="mariadb-1011-container" \ + name="sclorg/mariadb-1011-c8s" \ + version="1" \ + usage="podman run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 quay.io/sclorg/mariadb-1011-c8s" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum -y module enable mariadb:$MYSQL_VERSION && \ + INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION" && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/usr + +COPY 10.11/root-common / +COPY 10.11/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.11/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.11/Dockerfile.c9s b/10.11/Dockerfile.c9s new file mode 100644 index 0000000..82ed399 --- /dev/null +++ b/10.11/Dockerfile.c9s @@ -0,0 +1,71 @@ +FROM quay.io/sclorg/s2i-core-c9s:c9s + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.11 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.11 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.11" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb1011,mariadb-1011" \ + com.redhat.component="mariadb-1011-container" \ + name="sclorg/mariadb-1011-c9s" \ + version="1" \ + usage="podman run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 quay.io/sclorg/mariadb-1011-c9s" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum -y module enable mariadb:$MYSQL_VERSION && \ + INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION" && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/usr + +COPY 10.11/root-common / +COPY 10.11/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.11/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.11/Dockerfile.fedora b/10.11/Dockerfile.fedora new file mode 100644 index 0000000..56162e1 --- /dev/null +++ b/10.11/Dockerfile.fedora @@ -0,0 +1,73 @@ +FROM quay.io/fedora/s2i-core:40 + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.11 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + NAME=mariadb \ + VERSION=10.11 \ + ARCH=x86_64 \ + SUMMARY="MariaDB 10.11 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="MariaDB is a multi-user, multi-threaded SQL database server" \ + io.k8s.display-name="MariaDB 10.11" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb1011,galera" \ + com.redhat.component="$NAME" \ + name="fedora/$NAME-1011" \ + version="$VERSION" \ + usage="docker run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 quay.io/fedora/$NAME-1011" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ + dnf install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION" && \ + dnf clean all && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/usr + +COPY 10.11/root-common / +COPY 10.11/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.11/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.11/Dockerfile.rhel8 b/10.11/Dockerfile.rhel8 new file mode 100644 index 0000000..cac1949 --- /dev/null +++ b/10.11/Dockerfile.rhel8 @@ -0,0 +1,71 @@ +FROM ubi8/s2i-core + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.11 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.11 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.11" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb1011,mariadb-1011" \ + com.redhat.component="mariadb-1011-container" \ + name="rhel8/mariadb-1011" \ + version="1" \ + usage="podman run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 rhel8/mariadb-1011" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum -y module enable mariadb:$MYSQL_VERSION && \ + INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION" && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/usr + +COPY 10.11/root-common / +COPY 10.11/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.11/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.11/Dockerfile.rhel9 b/10.11/Dockerfile.rhel9 new file mode 100644 index 0000000..d21f584 --- /dev/null +++ b/10.11/Dockerfile.rhel9 @@ -0,0 +1,71 @@ +FROM ubi9/s2i-core + +# MariaDB image for OpenShift. +# +# Volumes: +# * /var/lib/mysql/data - Datastore for MariaDB +# Environment: +# * $MYSQL_USER - Database user name +# * $MYSQL_PASSWORD - User's password +# * $MYSQL_DATABASE - Name of the database to create +# * $MYSQL_ROOT_PASSWORD (Optional) - Password for the 'root' MySQL account + +ENV MYSQL_VERSION=10.11 \ + APP_DATA=/opt/app-root/src \ + HOME=/var/lib/mysql \ + SUMMARY="MariaDB 10.11 SQL database server" \ + DESCRIPTION="MariaDB is a multi-user, multi-threaded SQL database server. The container \ +image provides a containerized packaging of the MariaDB mysqld daemon and client application. \ +The mysqld server daemon accepts connections from clients and provides access to content from \ +MariaDB databases on behalf of the clients." + +LABEL summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" \ + io.k8s.display-name="MariaDB 10.11" \ + io.openshift.expose-services="3306:mysql" \ + io.openshift.tags="database,mysql,mariadb,mariadb1011,mariadb-1011" \ + com.redhat.component="mariadb-1011-container" \ + name="rhel9/mariadb-1011" \ + version="1" \ + usage="podman run -d -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 rhel9/mariadb-1011" \ + maintainer="SoftwareCollections.org " + +EXPOSE 3306 + +# This image must forever use UID 27 for mysql user so our volumes are +# safe in the future. This should *never* change, the last test is there +# to make sure of that. +RUN yum -y module enable mariadb:$MYSQL_VERSION && \ + INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ + yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ + rpm -V $INSTALL_PKGS && \ + /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION" && \ + yum -y clean all --enablerepo='*' && \ + mkdir -p /var/lib/mysql/data && chown -R mysql.0 /var/lib/mysql && \ + test "$(id mysql)" = "uid=27(mysql) gid=27(mysql) groups=27(mysql)" + +# Get prefix path and path to scripts rather than hard-code them in scripts +ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/mysql \ + MYSQL_PREFIX=/usr + +COPY 10.11/root-common / +COPY 10.11/s2i-common/bin/ $STI_SCRIPTS_PATH +COPY 10.11/root / + +# this is needed due to issues with squash +# when this directory gets rm'd by the container-setup +# script. +# Also reset permissions of filesystem to default values +RUN rm -rf /etc/my.cnf.d/* && \ + /usr/libexec/container-setup && \ + rpm-file-permissions + +# Not using VOLUME statement since it's not working in OpenShift Online: +# https://github.com/sclorg/httpd-container/issues/30 +# VOLUME ["/var/lib/mysql/data"] + +USER 27 + +ENTRYPOINT ["container-entrypoint"] +CMD ["run-mysqld"] diff --git a/10.11/README.md b/10.11/README.md new file mode 120000 index 0000000..cc942f0 --- /dev/null +++ b/10.11/README.md @@ -0,0 +1 @@ +root/usr/share/container-scripts/mysql/README.md \ No newline at end of file diff --git a/10.11/root-common b/10.11/root-common new file mode 120000 index 0000000..b5e373d --- /dev/null +++ b/10.11/root-common @@ -0,0 +1 @@ +../root-common \ No newline at end of file diff --git a/10.11/root/usr/share/container-scripts/mysql/README.md b/10.11/root/usr/share/container-scripts/mysql/README.md new file mode 100644 index 0000000..e5efa7f --- /dev/null +++ b/10.11/root/usr/share/container-scripts/mysql/README.md @@ -0,0 +1,367 @@ +MariaDB 10.11 SQL Database Server Container image +============================================= + +This container image includes MariaDB 10.11 SQL database server for OpenShift and general usage. +Users can choose between RHEL, CentOS and Fedora based images. +The RHEL images are available in the [Red Hat Container Catalog](https://access.redhat.com/containers/), +the CentOS Stream images are available on [Quay.io/sclorg](https://quay.io/organization/sclorg), +and the Fedora images are available in [Fedora Registry](https://quay.io/organization/fedora). +The resulting image can be run using [podman](https://github.com/containers/libpod). + +Note: while the examples in this README are calling `podman`, you can replace any such calls by `docker` with the same arguments + +Description +----------- + +This container image provides a containerized packaging of the MariaDB mysqld daemon +and client application. The mysqld server daemon accepts connections from clients +and provides access to content from MySQL databases on behalf of the clients. +You can find more information on the MariaDB project from the project Web site +(https://mariadb.org/). + + +Usage +----- + +For this, we will assume that you are using the MariaDB 1011 container image from the +Red Hat Container Catalog called `rhel8/mariadb-1011`. +If you want to set only the mandatory environment variables and not store +the database in a host directory, execute the following command: + +``` +$ podman run -d --name mariadb_database -e MYSQL_USER=user -e MYSQL_PASSWORD=pass -e MYSQL_DATABASE=db -p 3306:3306 rhel8/mariadb-1011 +``` + +This will create a container named `mariadb_database` running MySQL with database +`db` and user with credentials `user:pass`. Port 3306 will be exposed and mapped +to the host. If you want your database to be persistent across container executions, +also add a `-v /host/db/path:/var/lib/mysql/data` argument. This will be the MySQL +data directory. + +If the database directory is not initialized, the entrypoint script will first +run [`mysql_install_db`](https://dev.mysql.com/doc/refman/5.6/en/mysql-install-db.html) +and setup necessary database users and passwords. After the database is initialized, +or if it was already present, `mysqld` is executed and will run as PID 1. You can + stop the detached container by running `podman stop mariadb_database`. + + +Environment variables and volumes +--------------------------------- + +The image recognizes the following environment variables that you can set during +initialization by passing `-e VAR=VALUE` to the Docker run command. + +**`MYSQL_USER`** + User name for MySQL account to be created + +**`MYSQL_PASSWORD`** + Password for the user account + +**`MYSQL_DATABASE`** + Database name + +**`MYSQL_ROOT_PASSWORD`** + Password for the root user (optional) + +**`MYSQL_CHARSET`** + Default character set (optional) + +**`MYSQL_COLLATION`** + Default collation (optional) + + +The following environment variables influence the MySQL configuration file. They are all optional. + +**`MYSQL_LOWER_CASE_TABLE_NAMES (default: 0)`** + Sets how the table names are stored and compared + +**`MYSQL_MAX_CONNECTIONS (default: 151)`** + The maximum permitted number of simultaneous client connections + +**`MYSQL_MAX_ALLOWED_PACKET (default: 200M)`** + The maximum size of one packet or any generated/intermediate string + +**`MYSQL_FT_MIN_WORD_LEN (default: 4)`** + The minimum length of the word to be included in a FULLTEXT index + +**`MYSQL_FT_MAX_WORD_LEN (default: 20)`** + The maximum length of the word to be included in a FULLTEXT index + +**`MYSQL_AIO (default: 1)`** + Controls the `innodb_use_native_aio` setting value in case the native AIO is broken. See http://help.directadmin.com/item.php?id=529 + +**`MYSQL_TABLE_OPEN_CACHE (default: 400)`** + The number of open tables for all threads + +**`MYSQL_KEY_BUFFER_SIZE (default: 32M or 10% of available memory)`** + The size of the buffer used for index blocks + +**`MYSQL_SORT_BUFFER_SIZE (default: 256K)`** + The size of the buffer used for sorting + +**`MYSQL_READ_BUFFER_SIZE (default: 8M or 5% of available memory)`** + The size of the buffer used for a sequential scan + +**`MYSQL_INNODB_BUFFER_POOL_SIZE (default: 32M or 50% of available memory)`** + The size of the buffer pool where InnoDB caches table and index data + +**`MYSQL_INNODB_LOG_FILE_SIZE (default: 8M or 15% of available memory)`** + The size of each log file in a log group + +**`MYSQL_INNODB_LOG_BUFFER_SIZE (default: 8M or 15% of available memory)`** + The size of the buffer that InnoDB uses to write to the log files on disk + +**`MYSQL_DEFAULTS_FILE (default: /etc/my.cnf)`** + Point to an alternative configuration file + +**`MYSQL_BINLOG_FORMAT (default: statement)`** + Set sets the binlog format, supported values are `row` and `statement` + +**`MYSQL_LOG_QUERIES_ENABLED (default: 0)`** + To enable query logging set this to `1` + + +You can also set the following mount points by passing the `-v /host:/container` flag to Docker. + +**`/var/lib/mysql/data`** + MySQL data directory + + +**Notice: When mouting a directory from the host into the container, ensure that the mounted +directory has the appropriate permissions and that the owner and group of the directory +matches the user UID or name which is running inside the container.** + + +MariaDB auto-tuning +------------------- + +When the MySQL image is run with the `--memory` parameter set and you didn't +specify value for some parameters, their values will be automatically +calculated based on the available memory. + +**`MYSQL_KEY_BUFFER_SIZE (default: 10%)`** + `key_buffer_size` + +**`MYSQL_READ_BUFFER_SIZE (default: 5%)`** + `read_buffer_size` + +**`MYSQL_INNODB_BUFFER_POOL_SIZE (default: 50%)`** + `innodb_buffer_pool_size` + +**`MYSQL_INNODB_LOG_FILE_SIZE (default: 15%)`** + `innodb_log_file_size` + +**`MYSQL_INNODB_LOG_BUFFER_SIZE (default: 15%)`** + `innodb_log_buffer_size` + + + +MySQL root user +--------------------------------- +The root user has no password set by default, only allowing local connections. +You can set it by setting the `MYSQL_ROOT_PASSWORD` environment variable. This +will allow you to login to the root account remotely. Local connections will +still not require a password. + +To disable remote root access, simply unset `MYSQL_ROOT_PASSWORD` and restart +the container. + + +Changing passwords +------------------ + +Since passwords are part of the image configuration, the only supported method +to change passwords for the database user (`MYSQL_USER`) and root user is by +changing the environment variables `MYSQL_PASSWORD` and `MYSQL_ROOT_PASSWORD`, +respectively. + +Changing database passwords through SQL statements or any way other than through +the environment variables aforementioned will cause a mismatch between the +values stored in the variables and the actual passwords. Whenever a database +container starts it will reset the passwords to the values stored in the +environment variables. + + +Default my.cnf file +------------------- +With environment variables we are able to customize a lot of different parameters +or configurations for the mysql bootstrap configurations. If you'd prefer to use +your own configuration file, you can override the `MYSQL_DEFAULTS_FILE` env +variable with the full path of the file you wish to use. For example, the default +location is `/etc/my.cnf` but you can change it to `/etc/mysql/my.cnf` by setting + `MYSQL_DEFAULTS_FILE=/etc/mysql/my.cnf` + + +Extending image +--------------- +This image can be extended in Openshift using the `Source` build strategy or via the standalone +[source-to-image](https://github.com/openshift/source-to-image) application (where available). +For this, we will assume that you are using the `rhel8/mariadb-1011` image, +available via `mariadb:10.11` imagestream tag in Openshift. + + +For example, to build a customized MariaDB database image `my-mariadb-rhel8` +with a configuration from `https://github.com/sclorg/mariadb-container/tree/master/examples/extend-image` run: + +``` +$ oc new-app mariadb:10.11~https://github.com/sclorg/mariadb-container.git \ + --name my-mariadb-rhel8 \ + --context-dir=examples/extend-image \ + --env MYSQL_OPERATIONS_USER=opuser \ + --env MYSQL_OPERATIONS_PASSWORD=oppass \ + --env MYSQL_DATABASE=opdb \ + --env MYSQL_USER=user \ + --env MYSQL_PASSWORD=pass +``` + +or via s2i: + +``` +$ s2i build --context-dir=examples/extend-image https://github.com/sclorg/mariadb-container.git rhel8/mariadb-1011 my-mariadb-rhel8 +``` + +The directory passed to Openshift can contain these directories: + +`mysql-cfg/` + When starting the container, files from this directory will be used as + a configuration for the `mysqld` daemon. + `envsubst` command is run on this file to still allow customization of + the image using environmental variables + +`mysql-pre-init/` + Shell scripts (`*.sh`) available in this directory are sourced before + `mysqld` daemon is started. + +`mysql-init/` + Shell scripts (`*.sh`) available in this directory are sourced when + `mysqld` daemon is started locally. In this phase, use `${mysql_flags}` + to connect to the locally running daemon, for example `mysql $mysql_flags < dump.sql` + +Variables that can be used in the scripts provided to s2i: + +`$mysql_flags` + arguments for the `mysql` tool that will connect to the locally running `mysqld` during initialization + +`$MYSQL_RUNNING_AS_MASTER` + variable defined when the container is run with `run-mysqld-master` command + +`$MYSQL_RUNNING_AS_SLAVE` + variable defined when the container is run with `run-mysqld-slave` command + +`$MYSQL_DATADIR_FIRST_INIT` + variable defined when the container was initialized from the empty data dir + +During the s2i build all provided files are copied into `/opt/app-root/src` +directory into the resulting image. If some configuration files are present +in the destination directory, files with the same name are overwritten. +Also only one file with the same name can be used for customization and user +provided files are preferred over default files in +`/usr/share/container-scripts/mysql/`- so it is possible to overwrite them. + +Same configuration directory structure can be used to customize the image +every time the image is started using `podman run`. The directory has to be +mounted into `/opt/app-root/src/` in the image +(`-v ./image-configuration/:/opt/app-root/src/`). +This overwrites customization built into the image. + + +Securing the connection with SSL +-------------------------------- +In order to secure the connection with SSL, use the extending feature described +above. In particular, put the SSL certificates into a separate directory: + + sslapp/mysql-certs/server-cert-selfsigned.pem + sslapp/mysql-certs/server-key.pem + +And then put a separate configuration file into mysql-cfg: + + $> cat sslapp/mysql-cfg/ssl.cnf + [mysqld] + ssl-key=${APP_DATA}/mysql-certs/server-key.pem + ssl-cert=${APP_DATA}/mysql-certs/server-cert-selfsigned.pem + +Such a directory `sslapp` can then be mounted into the container with -v, +or a new container image can be built using s2i. + + +Upgrading and data directory version checking +--------------------------------------------- + +MySQL and MariaDB use versions that consist of three numbers X.Y.Z (e.g. 5.6.23). +For version changes in Z part, the server's binary data format stays compatible and thus no +special upgrade procedure is needed. For upgrades from X.Y to X.Y+1, consider doing manual +steps as described at +https://mariadb.com/kb/en/library/upgrading-from-mariadb-104-to-mariadb-1011/ + +Skipping versions like from X.Y to X.Y+2 or downgrading to lower version is not supported; +the only exception is ugrading from MariaDB 5.5 to MariaDB 10.0 and from MariaDB 10.3 to 10.11. + +**Important**: Upgrading to a new version is always risky and users are expected to make a full +back-up of all data before. + +A safer solution to upgrade is to dump all data using `mysqldump` or `mysqldbexport` and then +load the data using `mysql` or `mysqldbimport` into an empty (freshly initialized) database. + +Another way of proceeding with the upgrade is starting the new version of the `mysqld` daemon +and run `mysql_upgrade` right after the start. This so called in-place upgrade is generally +faster for large data directory, but only possible if upgrading from the very previous version, +so skipping versions is not supported. + +This container detects whether the data needs to be upgraded using `mysql_upgrade` and +we can control it by setting `MYSQL_DATADIR_ACTION` variable, which can have one or more of the following values: + + * `upgrade-warn` -- If the data version can be determined and the data come from a different version + of the daemon, a warning is printed but the container starts. This is the default value. + Since historically the version file `mysql_upgrade_info` was not created, when using this option, + the version file is created if not exist, but no `mysql_upgrade` will be called. + However, this automatic creation will be removed after few months, since the version should be + created on most deployments at that point. + * `upgrade-auto` -- `mysql_upgrade` is run at the beginning of the container start, when the local + daemon is running, but only if the data version can be determined and the data come + with the very previous version. A warning is printed if the data come from even older + or newer version. This value effectively enables automatic upgrades, + but it is always risky and users should still back-up all the data before starting the newer container. + Set this option only if you have very good back-ups at any moment and you are fine to fail-over + from the back-up. + * `upgrade-force` -- `mysql_upgrade --force` is run at the beginning of the container start, when the local + daemon is running, no matter what version of the daemon the data come from. + This is also the way to create the missing version file `mysql_upgrade_info` if not present + in the root of the data directory; this file holds information about the version of the data. + +There are also some other actions that you may want to run at the beginning of the container start, +when the local daemon is running, no matter what version of the data is detected: + + * `optimize` -- runs `mysqlcheck --optimize`. It optimizes all the tables. + * `analyze` -- runs `mysqlcheck --analyze`. It analyzes all the tables. + * `disable` -- nothing is done regarding data directory version. + +Multiple values are separated by comma and run in-order, e.g. `MYSQL_DATADIR_ACTION="optimize,analyze"`. + + +Changing the replication binlog_format +-------------------------------------- +Some applications may wish to use `row` binlog_formats (for example, those built + with change-data-capture in mind). The default replication/binlog format is + `statement` but to change it you can set the `MYSQL_BINLOG_FORMAT` environment + variable. For example `MYSQL_BINLOG_FORMAT=row`. Now when you run the database + with `master` replication turned on (ie, set the Docker/container `cmd` to be +`run-mysqld-master`) the binlog will emit the actual data for the rows that change +as opposed to the statements (ie, DML like insert...) that caused the change. + + +Troubleshooting +--------------- +The mysqld deamon in the container logs to the standard output, so the log is available in the container log. The log can be examined by running: + + podman logs + + +See also +-------- +Dockerfile and other sources for this container image are available on +https://github.com/sclorg/mariadb-container. +In that repository, the Dockerfile for CentOS is called Dockerfile, the Dockerfile for RHEL8 is called Dockerfile.rhel8, +the Dockerfile for RHEL9 is called Dockerfile.rhel9, +the Dockerfile for CentOS Stream 8 is called Dockerfile.c8s, +the Dockerfile for CentOS Stream 9 is called Dockerfile.c9s, +and the Dockerfile for Fedora is called Dockerfile.fedora. diff --git a/10.11/s2i-common b/10.11/s2i-common new file mode 120000 index 0000000..51722ec --- /dev/null +++ b/10.11/s2i-common @@ -0,0 +1 @@ +../s2i-common \ No newline at end of file diff --git a/10.11/test b/10.11/test new file mode 120000 index 0000000..419df4f --- /dev/null +++ b/10.11/test @@ -0,0 +1 @@ +../test \ No newline at end of file diff --git a/10.5/Dockerfile.c9s b/10.5/Dockerfile.c9s index dc7710e..27323a6 100644 --- a/10.5/Dockerfile.c9s +++ b/10.5/Dockerfile.c9s @@ -36,7 +36,8 @@ EXPOSE 3306 # This image must forever use UID 27 for mysql user so our volumes are # safe in the future. This should *never* change, the last test is there # to make sure of that. -RUN INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ +RUN yum -y module disable mariadb && \ + INSTALL_PKGS="policycoreutils rsync tar gettext hostname bind-utils groff-base mariadb-server" && \ yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ rpm -V $INSTALL_PKGS && \ /usr/libexec/mysqld -V | grep -qe "$MYSQL_VERSION\." && echo "Found VERSION $MYSQL_VERSION" && \ diff --git a/Makefile b/Makefile index bddd2e7..a807234 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # Variables are documented in hack/build.sh. BASE_IMAGE_NAME = mariadb -VERSIONS = 10.3 10.5 +VERSIONS = 10.3 10.5 10.11 OPENSHIFT_NAMESPACES = DOCKER_BUILD_CONTEXT = .. diff --git a/README.md b/README.md index c56c212..bacd142 100644 --- a/README.md +++ b/README.md @@ -9,8 +9,11 @@ Images available on Quay are: * CentOS Stream 8 [mariadb-103](https://quay.io/repository/sclorg/mariadb-103-c8s) * CentOS Stream 8 [mariadb-105](https://quay.io/repository/sclorg/mariadb-105-c8s) * CentOS Stream 9 [mariadb-105](https://quay.io/repository/sclorg/mariadb-105-c9s) +* CentOS Stream 8 [mariadb-1011](https://quay.io/repository/sclorg/mariadb-1011-c8s) +* CentOS Stream 9 [mariadb-1011](https://quay.io/repository/sclorg/mariadb-1011-c9s) * Fedora [mariadb-103](https://quay.io/repository/fedora/mariadb-103) * Fedora [mariadb-105](https://quay.io/repository/fedora/mariadb-105) +* Fedora [mariadb-1011](https://quay.io/repository/fedora/mariadb-1011) This repository contains Dockerfiles for MariaDB images for OpenShift and general usage. Users can choose between RHEL, Fedora and CentOS based images. @@ -32,6 +35,7 @@ Versions MariaDB versions currently provided are: * [MariaDB 10.3](10.3) * [MariaDB 10.5](10.5) +* [MariaDB 10.11](10.11) RHEL versions currently supported are: * RHEL7 @@ -103,6 +107,9 @@ see [usage documentation](10.3). For information about usage of Dockerfile for MariaDB 10.5, see [usage documentation](10.5). +For information about usage of Dockerfile for MariaDB 10.11, +see [usage documentation](10.11). + Test --------------------------------- diff --git a/imagestreams/mariadb-centos.json b/imagestreams/mariadb-centos.json index 93c0ad2..a4cef2b 100644 --- a/imagestreams/mariadb-centos.json +++ b/imagestreams/mariadb-centos.json @@ -45,7 +45,43 @@ } }, { - "name": "10.5-c9s", + "name": "10.11-el9", + "annotations": { + "openshift.io/display-name": "MariaDB 10.11 (CentOS 9 Stream)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "Provides a MariaDB 10.11 database on CentOS 9 Stream. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.11/README.md.", + "iconClass": "icon-mariadb", + "tags": "database,mariadb", + "version": "10.11" + }, + "from": { + "kind": "DockerImage", + "name": "quay.io/sclorg/mariadb-1011-c9s:latest" + }, + "referencePolicy": { + "type": "Local" + } + }, + { + "name": "10.11-el8", + "annotations": { + "openshift.io/display-name": "MariaDB 10.11 (CentOS 8 Stream)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "Provides a MariaDB 10.11 database on CentOS 8 Stream. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.11/README.md.", + "iconClass": "icon-mariadb", + "tags": "database,mariadb", + "version": "10.11" + }, + "from": { + "kind": "DockerImage", + "name": "quay.io/sclorg/mariadb-1011-c8s:latest" + }, + "referencePolicy": { + "type": "Local" + } + }, + { + "name": "10.5-el9", "annotations": { "openshift.io/display-name": "MariaDB 10.5 (CentOS 9 Stream)", "openshift.io/provider-display-name": "Red Hat, Inc.", @@ -63,7 +99,7 @@ } }, { - "name": "10.5-c8s", + "name": "10.5-el8", "annotations": { "openshift.io/display-name": "MariaDB 10.5 (CentOS 8 Stream)", "openshift.io/provider-display-name": "Red Hat, Inc.", @@ -135,7 +171,7 @@ } }, { - "name": "10.3-c8s", + "name": "10.3-el8", "annotations": { "openshift.io/display-name": "MariaDB 10.3 (CentOS 8 Stream)", "openshift.io/provider-display-name": "Red Hat, Inc.", diff --git a/imagestreams/mariadb-rhel-aarch64.json b/imagestreams/mariadb-rhel-aarch64.json index dd413dc..ccdbac3 100644 --- a/imagestreams/mariadb-rhel-aarch64.json +++ b/imagestreams/mariadb-rhel-aarch64.json @@ -79,6 +79,42 @@ "referencePolicy": { "type": "Local" } + }, + { + "name": "10.11-el8", + "annotations": { + "openshift.io/display-name": "MariaDB 10.11 (RHEL 8)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "Provides a MariaDB 10.11 database on RHEL 8. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.11/README.md.", + "iconClass": "icon-mariadb", + "tags": "database,mariadb", + "version": "10.11" + }, + "from": { + "kind": "DockerImage", + "name": "registry.redhat.io/rhel8/mariadb-1011:latest" + }, + "referencePolicy": { + "type": "Local" + } + }, + { + "name": "10.11-el9", + "annotations": { + "openshift.io/display-name": "MariaDB 10.11 (RHEL 9)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "Provides a MariaDB 10.11 database on RHEL 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.11/README.md.", + "iconClass": "icon-mariadb", + "tags": "database,mariadb", + "version": "10.11" + }, + "from": { + "kind": "DockerImage", + "name": "registry.redhat.io/rhel9/mariadb-1011:latest" + }, + "referencePolicy": { + "type": "Local" + } } ] } diff --git a/imagestreams/mariadb-rhel.json b/imagestreams/mariadb-rhel.json index e541c7e..234a886 100644 --- a/imagestreams/mariadb-rhel.json +++ b/imagestreams/mariadb-rhel.json @@ -133,6 +133,42 @@ "referencePolicy": { "type": "Local" } + }, + { + "name": "10.11-el8", + "annotations": { + "openshift.io/display-name": "MariaDB 10.11 (RHEL 8)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "Provides a MariaDB 10.11 database on RHEL 8. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.11/README.md.", + "iconClass": "icon-mariadb", + "tags": "database,mariadb", + "version": "10.11" + }, + "from": { + "kind": "DockerImage", + "name": "registry.redhat.io/rhel8/mariadb-1011:latest" + }, + "referencePolicy": { + "type": "Local" + } + }, + { + "name": "10.11-el9", + "annotations": { + "openshift.io/display-name": "MariaDB 10.11 (RHEL 9)", + "openshift.io/provider-display-name": "Red Hat, Inc.", + "description": "Provides a MariaDB 10.11 database on RHEL 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/mariadb-container/tree/master/10.11/README.md.", + "iconClass": "icon-mariadb", + "tags": "database,mariadb", + "version": "10.11" + }, + "from": { + "kind": "DockerImage", + "name": "registry.redhat.io/rhel9/mariadb-1011:latest" + }, + "referencePolicy": { + "type": "Local" + } } ] } diff --git a/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh b/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh index 210644f..cec2632 100644 --- a/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh +++ b/root-common/usr/share/container-scripts/mysql/init/40-datadir-action.sh @@ -60,7 +60,7 @@ check_datadir_version() { fi if [ $(( ${datadir_version} + 1 )) -eq "${mysqld_version}" ] || [ "${datadir_version}" -eq 505 -a "${mysqld_version}" -eq 1000 ] || \ - [ "${datadir_version}" -eq 1003 -a "${mysqld_version}" -eq 1005 ] ; then + [ "${datadir_version}" -eq 1003 -a "${mysqld_version}" -eq 1005 ] || [ "${datadir_version}" -eq 1005 -a "${mysqld_version}" -eq 1011 ] ; then log_warn "MySQL server is version ${mysqld_version_dot} and datadir is version"\ "${datadir_version_dot}, which is a compatible combination." diff --git a/test/run b/test/run index aef39e3..c3ea544 100755 --- a/test/run +++ b/test/run @@ -586,6 +586,7 @@ function get_previous_major_version() { 10.2) echo "10.1" ;; 10.3) echo "10.2" ;; 10.5) echo "10.3" ;; + 10.11) echo "10.5" ;; *) echo "Non expected version '${1}'" ; return 1 ;; esac }