mysql sshd_制作Docker镜像之mysqlkeepalivedsshd
制作Docker鏡像之mysql&keepalived&sshd
mysql docker keepalived ssh
注:該實驗采用的docker版本:Docker version 17.09.0-ce
概述
目的
制作包含mysqld、keepalvied和sshd服務的docker鏡像,用于搭建keepavlied+mysql主從復制的高可用環境。
制作docker鏡像
文件列表
├── docker-entrypoint.sh
├── Dockerfile
├── healthcheck.sh
├── mysqld.service
└── ssh
├── authorized_keys
└── id_rsa
Dockerfile文件說明(文件內容)
在oraclelinux:7-slim基礎鏡像的基礎上最小化安裝mysql5.7數據庫軟件,并安裝keepalived、net-tools、ipsvadm、openssh-server和openssh-clients等軟件。
#執行編譯
nohup docker build -t oracle/mysql:5.7 . &
#完成后生成如下鏡像:
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
oracle/mysql 5.7 82c10be870d1 23 hours ago 392MB
docker-entrypoint.sh文件說明(文件內容)
容器啟動的啟動腳本,在這里主要是起到初始化創建數據庫的作用,另外文件末尾處的"exec /usr/sbin/init"用于支持systemctl。
mysqld.service文件說明(文件內容)
用于創建mysqld服務的配置文件。
生成ssh文件的方法
#ssh-keygen -t rsa
#mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
注意:拷貝.ssh目錄的時候需要保證權限一致,ssh的互信配置對權限有較嚴格的要求
文件詳情
#!/bin/bash
#Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
#
#This program is free software; you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation; version 2 of the License.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program; if not, write to the Free Software
#Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
set -e
echo "[Entrypoint] MySQL Docker Image 5.7.27-1.1.12"
#Fetch value from server config
#We use mysqld --verbose --help instead of my_print_defaults because the
#latter only show values present in config files, and not server defaults
_get_config() {
local conf="$1"; shift
"$@" --verbose --help 2>/dev/null | grep "^$conf" | awk '$1 == "'"$conf"'" { print $2; exit }'
}
#If command starts with an option, prepend mysqld
#This allows users to add command-line options without
#needing to specify the "mysqld" command
if [ "${1:0:1}" = '-' ]; then
set -- mysqld "$@"
fi
if [ "$1" = 'mysqld' ]; then
#Test that the server can start. We redirect stdout to /dev/null so
#only the error messages are left.
result=0
output=$("$@" --verbose --help 2>%%VALIDATE_CONFIG%%1 > /dev/null) || result=$?
if [ ! "$result" = "0" ]; then
echo >&2 '[Entrypoint] ERROR: Unable to start MySQL. Please check your configuration.'
echo >&2 "[Entrypoint] $output"
exit 1
fi
#Get config
DATADIR="$(_get_config 'datadir' "$@")"
SOCKET="$(_get_config 'socket' "$@")"
if [ -n "$MYSQL_LOG_CONSOLE" ] || [ -n "" ]; then
# Don't touch bind-mounted config files
if ! cat /proc/1/mounts | grep "etc/my.cnf"; then
sed -i 's/^log-error=/#&/' /etc/my.cnf
fi
fi
if [ ! -d "$DATADIR/mysql" ]; then
# If the password variable is a filename we use the contents of the file. We
# read this first to make sure that a proper error is generated for empty files.
if [ -f "$MYSQL_ROOT_PASSWORD" ]; then
MYSQL_ROOT_PASSWORD="$(cat $MYSQL_ROOT_PASSWORD)"
if [ -z "$MYSQL_ROOT_PASSWORD" ]; then
echo >&2 '[Entrypoint] Empty MYSQL_ROOT_PASSWORD file specified.'
exit 1
fi
fi
if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
echo >&2 '[Entrypoint] No password option specified for new database.'
echo >&2 '[Entrypoint] A random onetime password will be generated.'
MYSQL_RANDOM_ROOT_PASSWORD=true
MYSQL_ONETIME_PASSWORD=true
fi
mkdir -p "$DATADIR"
chown -R mysql:mysql "$DATADIR"
echo '[Entrypoint] Initializing database'
"$@" --initialize-insecure
echo '[Entrypoint] Database initialized'
"$@" --daemonize --skip-networking --socket="$SOCKET"
# To avoid using password on commandline, put it in a temporary file.
# The file is only populated when and if the root password is set.
PASSFILE=$(mktemp -u /var/lib/mysql-files/XXXXXXXXXX)
install /dev/null -m0600 -omysql -gmysql "$PASSFILE"
# Define the client command used throughout the script
# "SET @@SESSION.SQL_LOG_BIN=0;" is required for products like group replication to work properly
mysql=( mysql --defaults-extra-file="$PASSFILE" --protocol=socket -uroot -hlocalhost --socket="$SOCKET" --init-command="SET @@SESSION.SQL_LOG_BIN=0;")
if [ ! -z "" ];
then
for i in {30..0}; do
if mysqladmin --socket="$SOCKET" ping &>/dev/null; then
break
fi
echo '[Entrypoint] Waiting for server...'
sleep 1
done
if [ "$i" = 0 ]; then
echo >&2 '[Entrypoint] Timeout during MySQL init.'
exit 1
fi
fi
mysql_tzinfo_to_sql /usr/share/zoneinfo | "${mysql[@]}" mysql
if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
MYSQL_ROOT_PASSWORD="$(pwmake 128)"
echo "[Entrypoint] GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
fi
if [ -z "$MYSQL_ROOT_HOST" ]; then
ROOTCREATE="ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}';"
else
ROOTCREATE="ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}'; \
CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}'; \
GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ; \
GRANT PROXY ON ''@'' TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;"
fi
"${mysql[@]}" <
DELETE FROM mysql.user WHERE user NOT IN ('mysql.infoschema', 'mysql.session', 'mysql.sys', 'root') OR host NOT IN ('localhost');
CREATE USER 'healthchecker'@'localhost' IDENTIFIED BY 'healthcheckpass';
${ROOTCREATE}
FLUSH PRIVILEGES ;
EOSQL
if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then
# Put the password into the temporary config file
cat >"$PASSFILE" <
[client]
password="${MYSQL_ROOT_PASSWORD}"
EOF
#mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
fi
if [ "$MYSQL_DATABASE" ]; then
echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}"
mysql+=( "$MYSQL_DATABASE" )
fi
if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
echo "CREATE USER '"$MYSQL_USER"'@'%' IDENTIFIED BY '"$MYSQL_PASSWORD"' ;" | "${mysql[@]}"
if [ "$MYSQL_DATABASE" ]; then
echo "GRANT ALL ON \`"$MYSQL_DATABASE"\`.* TO '"$MYSQL_USER"'@'%' ;" | "${mysql[@]}"
fi
elif [ "$MYSQL_USER" -a ! "$MYSQL_PASSWORD" -o ! "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
echo '[Entrypoint] Not creating mysql user. MYSQL_USER and MYSQL_PASSWORD must be specified to create a mysql user.'
fi
echo
for f in /docker-entrypoint-initdb.d/*; do
case "$f" in
*.sh) echo "[Entrypoint] running $f"; . "$f" ;;
*.sql) echo "[Entrypoint] running $f"; "${mysql[@]}" < "$f" && echo ;;
*) echo "[Entrypoint] ignoring $f" ;;
esac
echo
done
# When using a local socket, mysqladmin shutdown will only complete when the server is actually down
mysqladmin --defaults-extra-file="$PASSFILE" shutdown -uroot --socket="$SOCKET"
rm -f "$PASSFILE"
unset PASSFILE
echo "[Entrypoint] Server shut down"
# This needs to be done outside the normal init, since mysqladmin shutdown will not work after
if [ ! -z "$MYSQL_ONETIME_PASSWORD" ]; then
if [ -z "yes" ]; then
echo "[Entrypoint] User expiration is only supported in MySQL 5.6+"
else
echo "[Entrypoint] Setting root user as expired. Password will need to be changed before database can be used."
SQL=$(mktemp -u /var/lib/mysql-files/XXXXXXXXXX)
install /dev/null -m0600 -omysql -gmysql "$SQL"
if [ ! -z "$MYSQL_ROOT_HOST" ]; then
cat << EOF > "$SQL"
ALTER USER 'root'@'${MYSQL_ROOT_HOST}' PASSWORD EXPIRE;
ALTER USER 'root'@'localhost' PASSWORD EXPIRE;
EOF
else
cat << EOF > "$SQL"
ALTER USER 'root'@'localhost' PASSWORD EXPIRE;
EOF
fi
set -- "$@" --init-file="$SQL"
unset SQL
fi
fi
echo
echo '[Entrypoint] MySQL init process done. Ready for start up.'
echo
fi
#Used by healthcheck to make sure it doesn't mistakenly report container
#healthy during startup
#Put the password into the temporary config file
touch /healthcheck.cnf
cat >"/healthcheck.cnf" <
[client]
user=healthchecker
socket=${SOCKET}
password=healthcheckpass
EOF
touch /mysql-init-complete
chown -R mysql:mysql "$DATADIR"
echo "[Entrypoint] Starting MySQL 5.7.27-1.1.12"
fi
exec /usr/sbin/init
Dockerfile
#Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
#
#This program is free software; you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation; version 2 of the License.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program; if not, write to the Free Software
#Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
FROM oraclelinux:7-slim
ARG MYSQL_SERVER_PACKAGE=mysql-community-server-minimal-5.7.27
ARG MYSQL_SHELL_PACKAGE=mysql-shell-8.0.17
#Install server
RUN yum install -y https://repo.mysql.com/mysql-community-minimal-release-el7.rpm \
https://repo.mysql.com/mysql-community-release-el7.rpm \
&& yum-config-manager --enable mysql57-server-minimal \
&& yum install -y \
$MYSQL_SERVER_PACKAGE \
$MYSQL_SHELL_PACKAGE \
libpwquality \
keepalived \
net-tools \
ipsvadm \
iproute \
openssh-server \
openssh-clients \
passwd \
&& yum clean all \
&& mkdir /docker-entrypoint-initdb.d
VOLUME /var/lib/mysql
COPY docker-entrypoint.sh /entrypoint.sh
COPY healthcheck.sh /healthcheck.sh
COPY ssh /root/.ssh
COPY mysqld.service /usr/lib/systemd/system/mysqld.service
RUN rm -f /etc/keepalived/keepalived.conf
RUN systemctl enable mysqld && systemctl enable keepalived
ENTRYPOINT ["/entrypoint.sh"]
HEALTHCHECK CMD /healthcheck.sh
EXPOSE 3306 33060
CMD ["mysqld"]
#!/bin/bash
#Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
#
#This program is free software; you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation; version 2 of the License.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program; if not, write to the Free Software
#Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#The mysql-init-complete file is touched by the entrypoint file before the
#main server process is started
if [ -f /mysql-init-complete ]; # The entrypoint script touches this file
then # Ping server to see if it is ready
mysqladmin --defaults-extra-file=/healthcheck.cnf ping
else # Initialization still in progress
exit 1
fi
mysqld
mysqld.service
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/sbin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000
總結
以上是生活随笔為你收集整理的mysql sshd_制作Docker镜像之mysqlkeepalivedsshd的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: mysql80配置环境变量_MySQL:
- 下一篇: ssm mysql动态分页_SSM项目手