diff options
author | Mike Crute <mike@crute.us> | 2017-11-25 20:11:55 +0000 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2017-11-25 20:11:55 +0000 |
commit | 9576d787bbbfe7d8ab5949c8357bcecc4ba11a9d (patch) | |
tree | 78d0bc61986ca3ea979fd9fdc8bbd6dbc6895ad7 /mariadb | |
parent | cc2c8cb817320b6b4b2cca33c9b22d4530f3764c (diff) | |
download | dockerfiles-9576d787bbbfe7d8ab5949c8357bcecc4ba11a9d.tar.bz2 dockerfiles-9576d787bbbfe7d8ab5949c8357bcecc4ba11a9d.tar.xz dockerfiles-9576d787bbbfe7d8ab5949c8357bcecc4ba11a9d.zip |
Add Mariadb
Diffstat (limited to 'mariadb')
-rw-r--r-- | mariadb/Dockerfile | 33 | ||||
-rw-r--r-- | mariadb/Makefile | 22 | ||||
-rwxr-xr-x | mariadb/docker-entrypoint.sh | 193 |
3 files changed, 248 insertions, 0 deletions
diff --git a/mariadb/Dockerfile b/mariadb/Dockerfile new file mode 100644 index 0000000..73b1d05 --- /dev/null +++ b/mariadb/Dockerfile | |||
@@ -0,0 +1,33 @@ | |||
1 | # vim:set ft=dockerfile: | ||
2 | FROM alpine:latest | ||
3 | |||
4 | RUN \ | ||
5 | addgroup -S mysql \ | ||
6 | && adduser -S -h /var/lib/mysql -H -D -G mysql mysql \ | ||
7 | && mkdir /docker-entrypoint-initdb.d \ | ||
8 | && apk --no-cache add \ | ||
9 | bash \ | ||
10 | mariadb \ | ||
11 | mariadb-client \ | ||
12 | pwgen \ | ||
13 | socat \ | ||
14 | su-exec \ | ||
15 | tzdata \ | ||
16 | # comment out any "user" entires in the MySQL config | ||
17 | # ("docker-entrypoint.sh" or "--user" will handle user switching) | ||
18 | && sed -ri 's/^user\s/#&/' /etc/mysql/my.cnf \ | ||
19 | # increase innodb buffer pool size | ||
20 | && sed -i 's/^#innodb_buffer_pool_size = 16M/innodb_buffer_pool_size = 30M/' /etc/mysql/my.cnf \ | ||
21 | # purge and re-create /var/lib/mysql with appropriate ownership | ||
22 | && rm -rf /var/lib/mysql && mkdir -p /var/lib/mysql /run/mysqld \ | ||
23 | && chown -R mysql:mysql /var/lib/mysql /run/mysqld \ | ||
24 | # ensure that /run/mysqld (used for socket and lock files) is writable | ||
25 | # regardless of the UID our mysqld instance ends up having at runtime | ||
26 | && chmod 777 /run/mysqld \ | ||
27 | # don't reverse lookup hostnames, they are usually another container | ||
28 | && sed -i 's/\[mysqld\]/[mysqld]\nskip-host-cache/' /etc/mysql/my.cnf | ||
29 | |||
30 | COPY docker-entrypoint.sh /usr/local/bin/ | ||
31 | ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] | ||
32 | CMD ["mysqld"] | ||
33 | |||
diff --git a/mariadb/Makefile b/mariadb/Makefile new file mode 100644 index 0000000..1e5ecfb --- /dev/null +++ b/mariadb/Makefile | |||
@@ -0,0 +1,22 @@ | |||
1 | IMAGE=mariadb:latest-alpine | ||
2 | VERSION=5.1.1 | ||
3 | REPO=575365190010.dkr.ecr.us-west-2.amazonaws.com | ||
4 | |||
5 | all: | ||
6 | docker build -t $(IMAGE) . | ||
7 | |||
8 | all-no-cache: | ||
9 | docker build --no-cache -t $(IMAGE) . | ||
10 | |||
11 | run: | ||
12 | docker run -d \ | ||
13 | -e MYSQL_RANDOM_ROOT_PASSWORD=yes \ | ||
14 | -e MYSQL_ROOT_HOST=% \ | ||
15 | -p 3306:3306 \ | ||
16 | -v /srv/mysql:/var/lib/mysql \ | ||
17 | $(IMAGE) | ||
18 | |||
19 | publish: | ||
20 | eval $$(aws ecr get-login --region us-west-2) | ||
21 | docker tag $(IMAGE) $(REPO)/$(IMAGE) | ||
22 | docker push $(REPO)/$(IMAGE) | ||
diff --git a/mariadb/docker-entrypoint.sh b/mariadb/docker-entrypoint.sh new file mode 100755 index 0000000..8242a6f --- /dev/null +++ b/mariadb/docker-entrypoint.sh | |||
@@ -0,0 +1,193 @@ | |||
1 | #!/bin/bash | ||
2 | # From https://github.com/docker-library/mariadb/blob/1037a0b7ab09343e011826078fbdffb0bf465fc3/10.3/docker-entrypoint.sh | ||
3 | # Modified to use su-exec instead of gosu, otherwise unmodified | ||
4 | set -eo pipefail | ||
5 | shopt -s nullglob | ||
6 | |||
7 | # if command starts with an option, prepend mysqld | ||
8 | if [ "${1:0:1}" = '-' ]; then | ||
9 | set -- mysqld "$@" | ||
10 | fi | ||
11 | |||
12 | # skip setup if they want an option that stops mysqld | ||
13 | wantHelp= | ||
14 | for arg; do | ||
15 | case "$arg" in | ||
16 | -'?'|--help|--print-defaults|-V|--version) | ||
17 | wantHelp=1 | ||
18 | break | ||
19 | ;; | ||
20 | esac | ||
21 | done | ||
22 | |||
23 | # usage: file_env VAR [DEFAULT] | ||
24 | # ie: file_env 'XYZ_DB_PASSWORD' 'example' | ||
25 | # (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of | ||
26 | # "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) | ||
27 | file_env() { | ||
28 | local var="$1" | ||
29 | local fileVar="${var}_FILE" | ||
30 | local def="${2:-}" | ||
31 | if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then | ||
32 | echo >&2 "error: both $var and $fileVar are set (but are exclusive)" | ||
33 | exit 1 | ||
34 | fi | ||
35 | local val="$def" | ||
36 | if [ "${!var:-}" ]; then | ||
37 | val="${!var}" | ||
38 | elif [ "${!fileVar:-}" ]; then | ||
39 | val="$(< "${!fileVar}")" | ||
40 | fi | ||
41 | export "$var"="$val" | ||
42 | unset "$fileVar" | ||
43 | } | ||
44 | |||
45 | _check_config() { | ||
46 | toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) | ||
47 | if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then | ||
48 | cat >&2 <<-EOM | ||
49 | |||
50 | ERROR: mysqld failed while attempting to check config | ||
51 | command was: "${toRun[*]}" | ||
52 | |||
53 | $errors | ||
54 | EOM | ||
55 | exit 1 | ||
56 | fi | ||
57 | } | ||
58 | |||
59 | # Fetch value from server config | ||
60 | # We use mysqld --verbose --help instead of my_print_defaults because the | ||
61 | # latter only show values present in config files, and not server defaults | ||
62 | _get_config() { | ||
63 | local conf="$1"; shift | ||
64 | "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null | awk '$1 == "'"$conf"'" { print $2; exit }' | ||
65 | } | ||
66 | |||
67 | # allow the container to be started with `--user` | ||
68 | if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then | ||
69 | _check_config "$@" | ||
70 | DATADIR="$(_get_config 'datadir' "$@")" | ||
71 | mkdir -p "$DATADIR" | ||
72 | chown -R mysql:mysql "$DATADIR" | ||
73 | exec su-exec mysql "$BASH_SOURCE" "$@" | ||
74 | fi | ||
75 | |||
76 | if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then | ||
77 | # still need to check config, container may have started with --user | ||
78 | _check_config "$@" | ||
79 | # Get config | ||
80 | DATADIR="$(_get_config 'datadir' "$@")" | ||
81 | |||
82 | if [ ! -d "$DATADIR/mysql" ]; then | ||
83 | file_env 'MYSQL_ROOT_PASSWORD' | ||
84 | if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then | ||
85 | echo >&2 'error: database is uninitialized and password option is not specified ' | ||
86 | echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD' | ||
87 | exit 1 | ||
88 | fi | ||
89 | |||
90 | mkdir -p "$DATADIR" | ||
91 | |||
92 | echo 'Initializing database' | ||
93 | mysql_install_db --datadir="$DATADIR" --rpm | ||
94 | echo 'Database initialized' | ||
95 | |||
96 | SOCKET="$(_get_config 'socket' "$@")" | ||
97 | "$@" --skip-networking --socket="${SOCKET}" & | ||
98 | pid="$!" | ||
99 | |||
100 | mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" ) | ||
101 | |||
102 | for i in {60..0}; do | ||
103 | if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then | ||
104 | break | ||
105 | fi | ||
106 | echo 'MySQL init process in progress...' | ||
107 | sleep 1 | ||
108 | done | ||
109 | if [ "$i" = 0 ]; then | ||
110 | echo >&2 'MySQL init process failed.' | ||
111 | exit 1 | ||
112 | fi | ||
113 | |||
114 | if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then | ||
115 | # sed is for https://bugs.mysql.com/bug.php?id=20545 | ||
116 | mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql | ||
117 | fi | ||
118 | |||
119 | if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then | ||
120 | export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)" | ||
121 | echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD" | ||
122 | fi | ||
123 | |||
124 | rootCreate= | ||
125 | # default root to listen for connections from anywhere | ||
126 | file_env 'MYSQL_ROOT_HOST' '%' | ||
127 | if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then | ||
128 | # no, we don't care if read finds a terminating character in this heredoc | ||
129 | # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151 | ||
130 | read -r -d '' rootCreate <<-EOSQL || true | ||
131 | CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ; | ||
132 | GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ; | ||
133 | EOSQL | ||
134 | fi | ||
135 | |||
136 | "${mysql[@]}" <<-EOSQL | ||
137 | -- What's done in this file shouldn't be replicated | ||
138 | -- or products like mysql-fabric won't work | ||
139 | SET @@SESSION.SQL_LOG_BIN=0; | ||
140 | |||
141 | DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ; | ||
142 | SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; | ||
143 | GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ; | ||
144 | ${rootCreate} | ||
145 | DROP DATABASE IF EXISTS test ; | ||
146 | FLUSH PRIVILEGES ; | ||
147 | EOSQL | ||
148 | |||
149 | if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then | ||
150 | mysql+=( -p"${MYSQL_ROOT_PASSWORD}" ) | ||
151 | fi | ||
152 | |||
153 | file_env 'MYSQL_DATABASE' | ||
154 | if [ "$MYSQL_DATABASE" ]; then | ||
155 | echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}" | ||
156 | mysql+=( "$MYSQL_DATABASE" ) | ||
157 | fi | ||
158 | |||
159 | file_env 'MYSQL_USER' | ||
160 | file_env 'MYSQL_PASSWORD' | ||
161 | if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then | ||
162 | echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}" | ||
163 | |||
164 | if [ "$MYSQL_DATABASE" ]; then | ||
165 | echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}" | ||
166 | fi | ||
167 | |||
168 | echo 'FLUSH PRIVILEGES ;' | "${mysql[@]}" | ||
169 | fi | ||
170 | |||
171 | echo | ||
172 | for f in /docker-entrypoint-initdb.d/*; do | ||
173 | case "$f" in | ||
174 | *.sh) echo "$0: running $f"; . "$f" ;; | ||
175 | *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;; | ||
176 | *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;; | ||
177 | *) echo "$0: ignoring $f" ;; | ||
178 | esac | ||
179 | echo | ||
180 | done | ||
181 | |||
182 | if ! kill -s TERM "$pid" || ! wait "$pid"; then | ||
183 | echo >&2 'MySQL init process failed.' | ||
184 | exit 1 | ||
185 | fi | ||
186 | |||
187 | echo | ||
188 | echo 'MySQL init process done. Ready for start up.' | ||
189 | echo | ||
190 | fi | ||
191 | fi | ||
192 | |||
193 | exec "$@" | ||