diff options
| author | Suren A. Chilingaryan <csa@suren.me> | 2018-03-17 21:07:38 +0100 |
|---|---|---|
| committer | Suren A. Chilingaryan <csa@suren.me> | 2018-03-17 21:07:38 +0100 |
| commit | 14d10bc21087e3734d4e7ac15883c76d0cd19818 (patch) | |
| tree | 02600a93e7849e9f9e4ab9399c1258ec36cc2273 /root-galera/usr | |
| download | mysql-galera-14d10bc21087e3734d4e7ac15883c76d0cd19818.tar.gz mysql-galera-14d10bc21087e3734d4e7ac15883c76d0cd19818.tar.bz2 mysql-galera-14d10bc21087e3734d4e7ac15883c76d0cd19818.tar.xz mysql-galera-14d10bc21087e3734d4e7ac15883c76d0cd19818.zip | |
MySQL 5.7 with Galera (produced as combination of standard MySQL container and openshift-mariadb-galera by adfinis-sygroup)
Diffstat (limited to 'root-galera/usr')
13 files changed, 371 insertions, 0 deletions
diff --git a/root-galera/usr/bin/peer-finder b/root-galera/usr/bin/peer-finder Binary files differnew file mode 100755 index 0000000..7858f19 --- /dev/null +++ b/root-galera/usr/bin/peer-finder diff --git a/root-galera/usr/bin/run-mysqld-galera b/root-galera/usr/bin/run-mysqld-galera new file mode 100755 index 0000000..f1a0d76 --- /dev/null +++ b/root-galera/usr/bin/run-mysqld-galera @@ -0,0 +1,64 @@ +#!/bin/bash + +if [ -v POD_NAMESPACE ]; then + cp "${CONTAINER_SCRIPTS_PATH}/galera/cluster.cnf" /etc/my.cnf.d/ + + # Is running in Kubernetes/OpenShift, so find all other pods + # belonging to the namespace + echo "Galera: Finding peers" + [ -v MYSQL_GALERA_CLUSTER ] || MYSQL_GALERA_CLUSTER="$(hostname -f | cut -d'.' -f2)" + K8S_SVC_NAME=${MYSQL_GALERA_CLUSTER} + echo "Using service name: ${K8S_SVC_NAME}" + /usr/bin/peer-finder -on-start="${CONTAINER_SCRIPTS_PATH}/galera/configure-galera.sh" -service=${K8S_SVC_NAME} +else + echo "POD_NAMESPACE not set, spin up single node" +fi + + +export_vars=$(cgroup-limits); export $export_vars +source ${CONTAINER_SCRIPTS_PATH}/galera-common.sh +set -eu +if [[ -v DEBUG_IGNORE_SCRIPT_FAILURES ]]; then + set +e +fi + +export_setting_variables + +log_volume_info $MYSQL_DATADIR + +# pre-init files +process_extending_files ${APP_DATA}/mysql-pre-init/ ${CONTAINER_SCRIPTS_PATH}/pre-init/ + +mysql_extra_opts="" +if [ ! -d "$MYSQL_DATADIR/mysql" ]; then + initialize_galera_database "$@" + + # galera files + process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/ + + # init files + process_extending_files ${APP_DATA}/mysql-init/ ${CONTAINER_SCRIPTS_PATH}/init/ + + # Restart the MySQL server with public IP bindings + shutdown_local_mysql +else + no_cluster=$(grep -P "gcomm://$" $MYSQL_DEFAULTS_FILE/cluster.cnf | cat) + if [ -n "$no_cluster" ]; then + log_info "No cluster configured, recovering from failure..." + log_info "Allowing recovery in $MYSQL_DATADIR/grastate.dat" + sed -i'' -e 's/safe_to_bootstrap:.*/safe_to_bootstrap: 1/' $MYSQL_DATADIR/grastate.dat + mysql_extra_opts="--wsrep-new-cluster" + fi + + # galera files + process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/ + +# I guess we can't do that once cluster is existing... +# start_local_mysql --wsrep-on=OFF --wsrep-provider=none "$@" +fi + +unset_env_vars +log_volume_info $MYSQL_DATADIR +log_info "Running final exec - mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts $@" + +exec ${MYSQL_PREFIX}/libexec/mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts "$@" 2>&1 diff --git a/root-galera/usr/bin/run-mysqld-manager b/root-galera/usr/bin/run-mysqld-manager new file mode 100755 index 0000000..878338a --- /dev/null +++ b/root-galera/usr/bin/run-mysqld-manager @@ -0,0 +1,90 @@ +#!/bin/bash + +export TERM=xterm +function display_container_header { + echo "+=====================================================" + echo "| Container : $HOSTNAME" + echo "| OS : $(</etc/redhat-release)" + echo "| kubernetes : $KUBERNETES_SERVICE_HOST" + echo "| user : $(whoami)" + echo "| home : $HOME" + echo "+=====================================================" +} + +function start_service { + echo "+=====================================================" + echo "| Container $HOSTNAME is now RUNNING" + echo "+=====================================================" + while true + do + echo /usr/bin/peer-finder -on-start="${CONTAINER_SCRIPTS_PATH}/galera/configure-galera.sh" -service=${K8S_SVC_NAME} + echo ${MYSQL_PREFIX}/libexec/mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts "$@" + echo "live... (next try in 1 hour)" & sleep 3600 + done +} + + +if [ -v POD_NAMESPACE ]; then + cp "${CONTAINER_SCRIPTS_PATH}/galera/cluster.cnf" /etc/my.cnf.d/ + + # Is running in Kubernetes/OpenShift, so find all other pods + # belonging to the namespace + echo "Galera: Skip finding peers to prevent failures due to failed cluster" + [ -v MYSQL_GALERA_CLUSTER ] || MYSQL_GALERA_CLUSTER="$(hostname -f | cut -d'.' -f2)" + K8S_SVC_NAME=${MYSQL_GALERA_CLUSTER} + echo "Using service name: ${K8S_SVC_NAME}" + echo /usr/bin/peer-finder -on-start="${CONTAINER_SCRIPTS_PATH}/galera/configure-galera.sh" -service=${K8S_SVC_NAME} +else + echo "POD_NAMESPACE not set, spin up single node" +fi + + +export_vars=$(cgroup-limits); export $export_vars +source ${CONTAINER_SCRIPTS_PATH}/galera-common.sh +set -eu +if [[ -v DEBUG_IGNORE_SCRIPT_FAILURES ]]; then + set +e +fi + +export_setting_variables + +log_volume_info $MYSQL_DATADIR + +# pre-init files +process_extending_files ${APP_DATA}/mysql-pre-init/ ${CONTAINER_SCRIPTS_PATH}/pre-init/ + +mysql_extra_opts="" +if [ ! -d "$MYSQL_DATADIR/mysql" ]; then + initialize_galera_database "$@" + + # galera files + process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/ + + # init files + process_extending_files ${APP_DATA}/mysql-init/ ${CONTAINER_SCRIPTS_PATH}/init/ + + # Restart the MySQL server with public IP bindings + shutdown_local_mysql +else + no_cluster=$(grep -P "gcomm://$" | cat) + if [ -n "$no_cluster" ]; then + echo "No cluster configured, recovering from failure..." + sed -i'' -e 's/safe_to_bootstrap:.*/safe_to_bootstrap: 1/' $MYSQL_DATADIR/grastate.dat + mysql_extra_opts="--wsrep-new-cluster" + fi + + # galera files + process_extending_files ${APP_DATA}/mysql-galera-init/ ${CONTAINER_SCRIPTS_PATH}/galera-init/ + +# I guess we can't do that once cluster is existing... +# start_local_mysql --wsrep-on=OFF --wsrep-provider=none "$@" +fi + +unset_env_vars +log_volume_info $MYSQL_DATADIR +log_info 'Running final exec -- Only MySQL server logs after this point' + + +echo ${MYSQL_PREFIX}/libexec/mysqld --defaults-file=$MYSQL_DEFAULTS_FILE $mysql_extra_opts "$@" +display_container_header +start_service diff --git a/root-galera/usr/share/container-scripts/mysql/galera-common.sh b/root-galera/usr/share/container-scripts/mysql/galera-common.sh new file mode 100644 index 0000000..b4d90e5 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/galera-common.sh @@ -0,0 +1,61 @@ +#!/bin/bash + +source ${CONTAINER_SCRIPTS_PATH}/common.sh + +# Initialize the MySQL database (create user accounts and the initial database) +function initialize_galera_database() { + log_info 'Initializing database ...' + if [[ "$MYSQL_VERSION" < "5.7" ]] ; then + # Using --rpm since we need mysql_install_db behaves as in RPM + log_info 'Running mysql_install_db ...' + mysql_install_db --rpm --datadir=$MYSQL_DATADIR + else + log_info "Running mysqld --initialize-insecure ..." + ${MYSQL_PREFIX}/libexec/mysqld --wsrep-on=OFF --wsrep-provider=none --initialize-insecure --datadir=$MYSQL_DATADIR --ignore-db-dir=lost+found "$@" + fi + + start_local_mysql --wsrep-on=OFF --wsrep-provider=none "$@" + + if [ -v MYSQL_RUNNING_AS_SLAVE ]; then + log_info 'Initialization finished' + return 0 + fi + + # Do not care what option is compulsory here, just create what is specified + if [ -v MYSQL_USER ]; then + log_info "Creating user specified by MYSQL_USER (${MYSQL_USER}) ..." +mysql $mysql_flags <<EOSQL + CREATE USER '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}'; +EOSQL + fi + + if [ -v MYSQL_DATABASE ]; then + log_info "Creating database ${MYSQL_DATABASE} ..." + mysqladmin $admin_flags create "${MYSQL_DATABASE}" + if [ -v MYSQL_USER ]; then + log_info "Granting privileges to user ${MYSQL_USER} for ${MYSQL_DATABASE} ..." +mysql $mysql_flags <<EOSQL + GRANT ALL ON \`${MYSQL_DATABASE}\`.* TO '${MYSQL_USER}'@'%' ; + FLUSH PRIVILEGES ; +EOSQL + fi + fi + + if [ -v MYSQL_ROOT_PASSWORD ]; then + log_info "Setting password for MySQL root user ..." + # for 5.6 and lower we use the trick that GRANT creates a user if not exists + # because IF NOT EXISTS clause does not exist in that versions yet + if [[ "$MYSQL_VERSION" > "5.6" ]] ; then + mysql $mysql_flags <<EOSQL + CREATE USER IF NOT EXISTS 'root'@'%'; +EOSQL + fi +mysql $mysql_flags <<EOSQL + GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' WITH GRANT OPTION; +EOSQL + fi + log_info 'Initialization finished' + + # remember that the database was just initialized, it may be needed on other places + export MYSQL_DATADIR_FIRST_INIT=true +} diff --git a/root-galera/usr/share/container-scripts/mysql/galera-init/60-galera-config.sh b/root-galera/usr/share/container-scripts/mysql/galera-init/60-galera-config.sh new file mode 100644 index 0000000..3b9fa31 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/galera-init/60-galera-config.sh @@ -0,0 +1,6 @@ +if [ -v POD_NAMESPACE ]; then + export MYSQL_GALERA_CLUSTER="$(hostname -f | cut -d'.' -f2)" + + log_info 'Processing basic Galera configuration files ...' + envsubst < ${CONTAINER_SCRIPTS_PATH}/galera-init/galera.cnf.template > /etc/my.cnf.d/galera.cnf +fi diff --git a/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template b/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template new file mode 100644 index 0000000..e1013d7 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template @@ -0,0 +1,15 @@ +[mysqld] +wsrep_on = ON +wsrep_provider = /usr/lib64/galera-3/libgalera_smm.so +wsrep_sst_auth=${MYSQL_GALERA_USER}:${MYSQL_GALERA_PASSWORD} +wsrep_cluster_name=${MYSQL_GALERA_CLUSTER} +#wsrep_provider_options="gcache.size=300M; gcache.page_size=300M" +wsrep_sst_method = xtrabackup-v2 +default_storage_engine = innodb +binlog_format = row + +# Performance settings +innodb_autoinc_lock_mode = 2 +innodb_flush_log_at_trx_commit = 0 +query_cache_size = 0 +query_cache_type = 0 diff --git a/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template.maria b/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template.maria new file mode 100644 index 0000000..3adbf58 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/galera-init/galera.cnf.template.maria @@ -0,0 +1,17 @@ +[galera] +wsrep_on = ON +wsrep_provider = /usr/lib64/galera/libgalera_smm.so +wsrep_sst_method = xtrabackup-v2 +default_storage_engine = innodb +binlog_format = row +innodb_autoinc_lock_mode = 2 +innodb_flush_log_at_trx_commit = 0 +query_cache_size = 0 +query_cache_type = 0 + +wsrep_sst_auth=${MYSQL_GALERA_USER}:${MYSQL_GALERA_PASSWORD} +wsrep_cluster_name=${MYSQL_GALERA_CLUSTER} + +# By default every node is standalone +wsrep_cluster_address=gcomm:// +wsrep_node_address=127.0.0.1 diff --git a/root-galera/usr/share/container-scripts/mysql/galera/cluster.cnf b/root-galera/usr/share/container-scripts/mysql/galera/cluster.cnf new file mode 100644 index 0000000..5e9d444 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/galera/cluster.cnf @@ -0,0 +1,4 @@ +[mysqld] +# By default every node is standalone +wsrep_cluster_address=gcomm:// +wsrep_node_address=127.0.0.1 diff --git a/root-galera/usr/share/container-scripts/mysql/galera/configure-galera.sh b/root-galera/usr/share/container-scripts/mysql/galera/configure-galera.sh new file mode 100755 index 0000000..05829a4 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/galera/configure-galera.sh @@ -0,0 +1,48 @@ +#! /bin/bash + +# Copyright 2016 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script writes out a mysql galera config using a list of newline seperated +# peer DNS names it accepts through stdin. + +# /etc/mysql is assumed to be a shared volume so we can modify my.cnf as required +# to keep the config up to date, without wrapping mysqld in a custom pid1. +# The config location is intentionally not /etc/mysql/my.cnf because the +# standard base image clobbers that location. +CFG=/etc/my.cnf.d/cluster.cnf + +function join { + local IFS="$1"; shift; echo "$*"; +} + +HOSTNAME=$(hostname) +while read -ra LINE; do + if [[ "${LINE}" == *"${HOSTNAME}"* ]]; then + MY_NAME=$LINE + fi + PEERS=("${PEERS[@]}" $LINE) +done + +if [ "${#PEERS[@]}" = 1 ]; then + WSREP_CLUSTER_ADDRESS="" +else + WSREP_CLUSTER_ADDRESS=$(join , "${PEERS[@]}") +fi + +sed -i -e "s|^wsrep_node_address=.*$|wsrep_node_address=${MY_NAME}|" ${CFG} +sed -i -e "s|^wsrep_cluster_address=.*$|wsrep_cluster_address=gcomm://${WSREP_CLUSTER_ADDRESS}|" ${CFG} + +# don't need a restart, we're just writing the conf in case there's an +# unexpected restart on the node. diff --git a/root-galera/usr/share/container-scripts/mysql/init/50-galera-passwd-change.sh b/root-galera/usr/share/container-scripts/mysql/init/50-galera-passwd-change.sh new file mode 100644 index 0000000..2844d5f --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/init/50-galera-passwd-change.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +password_change() { +mysql $mysql_flags <<EOSQL + CREATE USER IF NOT EXISTS '${MYSQL_GALERA_USER}'@'localhost'; + SET PASSWORD FOR '${MYSQL_GALERA_USER}'@'localhost' = PASSWORD('${MYSQL_GALERA_PASSWORD}'); + GRANT RELOAD, LOCK TABLES, REPLICATION CLIENT ON *.* TO '${MYSQL_GALERA_USER}'@'localhost'; + UPDATE mysql.user SET Super_Priv='Y', Process_priv='Y' WHERE user='${MYSQL_GALERA_USER}' AND host='localhost'; + FLUSH PRIVILEGES; +EOSQL +} + +password_change +unset -f password_change diff --git a/root-galera/usr/share/container-scripts/mysql/init/51-extradb.sh b/root-galera/usr/share/container-scripts/mysql/init/51-extradb.sh new file mode 100644 index 0000000..c047265 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/init/51-extradb.sh @@ -0,0 +1,14 @@ +extradb() { +for db in "$MYSQL_EXTRADB"; do +mysql $mysql_flags <<EOSQL + GRANT ALL ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ; + FLUSH PRIVILEGES ; +EOSQL +done; +} + +if [ -v MYSQL_EXTRADB ]; then + extradb +fi + +unset -f extradb diff --git a/root-galera/usr/share/container-scripts/mysql/init/52-super.sh b/root-galera/usr/share/container-scripts/mysql/init/52-super.sh new file mode 100644 index 0000000..9e49151 --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/init/52-super.sh @@ -0,0 +1,12 @@ +set_super() { +mysql $mysql_flags <<EOSQL + UPDATE mysql.user SET Super_Priv='Y' WHERE user='${MYSQL_USER}' AND host='%'; + FLUSH PRIVILEGES; +EOSQL +} + +if [ -v MYSQL_USER_PRIV_SUPER ]; then + set_super +fi + +unset -f set_super diff --git a/root-galera/usr/share/container-scripts/mysql/init/53-pma.sh b/root-galera/usr/share/container-scripts/mysql/init/53-pma.sh new file mode 100644 index 0000000..5644b8f --- /dev/null +++ b/root-galera/usr/share/container-scripts/mysql/init/53-pma.sh @@ -0,0 +1,26 @@ +set_pma() { +mysql $mysql_flags <<EOSQL + CREATE USER IF NOT EXISTS 'pma'@'%' IDENTIFIED BY '${MYSQL_PMA_PASSWORD}'; + ALTER USER 'pma'@'%' IDENTIFIED BY '${MYSQL_PMA_PASSWORD}'; + + GRANT USAGE ON mysql.* TO 'pma'@'%'; + GRANT SELECT ( + Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, + Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, + File_priv, Grant_priv, References_priv, Index_priv, Alter_priv, + Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv, + Execute_priv, Repl_slave_priv, Repl_client_priv + ) ON mysql.user TO 'pma'@'%'; + + GRANT SELECT ON mysql.db TO 'pma'@'%'; + #GRANT SELECT ON mysql.host TO 'pma'@'%'; + GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv) ON mysql.tables_priv TO 'pma'@'%'; + GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'pma'@'%'; +EOSQL +} + +if [ -v MYSQL_PMA_PASSWORD ]; then + set_pma +fi + +unset -f set_pma |