Docker
Good Monday morning! Over the weekend, there was a comment to my previous post coveringusing Ansible to build Docker imagesfromMichael DeHaan, CTO and creator ofAnsible(thank you!) reminding me of his work discussed in his blog postInstalling and Building Docker with Ansiblethat is definitely worth sharing and the method I first used to build Docker images and wrotemy first rolethat will be shared in this post.
For the reader just joining, the previous posts in this series "Docker: Containers for the Masses" are:
Michael's articledetails how to install Ansible, how to usePaul Durivage'sangstwad.dcoker_ubuntu Ansible role, also features an important-to-know way of building Docker images whereby an image is build using a Dockerfile that specifies the installation ofAnsible, checks out your playbook repository which it then runs with Ansible resulting in a built image with everything you would want on that image. This is different than in the previous post that details using Ansible to run theDockerimage-building process and is yet another example on how usingAnsibleandDockertogether is flexible and the approach to both interchangeable and each method equally valid depending on what the user requires.
Additionally, I used this methodology when I first started usingAnsibleandDockerand forked Michael's repository, adding aGalera role.
In addition to showing yet another way to buildDockerimages, this post will also give the reader more insight into usingAnsiblein general and show another example of what one can do with aDockerfile.
This post will detail a playbook I wrote when I forked thedocker_dna repo. In my role with the HP ATG Group, I was tasked with researching Ansible and Docker and wanted to accomplish several things: Learn Docker and Ansible as well as see if my experience -- and a [Salt][saltstack] template and methodology for setting up a Galera cluster could be easily ported toAnsible.
The repo, when cloned, there are thebase
,rabbitmq
,zookeeper
, andgalera
subdirectories. The last one was added by myself when I used this repo to get familiar with this methodology for buildingDockerimages. In that subdirectory
1 |
|
Thedna.yml
playbook sets some variables and includesdocker-dns_galera.yml
:
1 |
|
The tasks that then are used for this role which are broken up into specific operations:
1 |
|
docker-dna_galera
roledocker-dna_galera.yml
in turn uses the rolescommon
anddocker-dns_galera
1 |
|
By using thedocker-dns_galera
role, the role's variables are set in the fileroles/docker-dna_galera/vars/main.yml
which contains variables used by the the templatesroles/docker-dna_galera/templates/etc/mysql/my.cnf.j2
androles/docker-dna_galera/templates/usr/bin/clustercheck.j2
, as well as some of the role's tasks.
1 |
|
main.yml
includes each task in the order it needs to be run:
1 |
|
The first taskmisc.yml
installs vim or any other package other than thePerconapackages:
1 |
|
Therepo.yml
task simply sets up apt to use thePerconaapt repo:
1 |
|
Theinstall_galera.yml
task installsPercona XtraDB Clusteras well as copying a startup script into /usr/local/bin. This is somewhat historic as upstart didn't work with older versions ofDocker
1 |
|
Thegrants.yml
task sets the grants for the database that are needed to run a successful Galera cluster
1 |
|
configure_galera.yml
generates/etc/mysql/my.cnf
and shuts down themysqld
process. Why shut it down? Because the container this is running on is only for building the image and just as when creating a snapshot, it makes more sense to not have a running database with open file-handles that an image is created from.
1 |
|
The last task,clustercheck.yml
, sets up the python script used byHAProxyto determine which master to use. Why not the original xinetd-based clustercheck script? The author was never able to get the xinetd-based clustercheck script working with Docker.
1 |
|
The templates for thedocker-dna_percona
role are themy.cnf.j2
jinja template which is generated as/etc/mysql/my.cnf
and transliterates the variables set in the previously-mentioned variables file. This snippet shows the Galera-specific mysql options. The cluster address is set to bootstrap. Remember that this is an image that is being built. One would need to useAnsibleto configure this value to reflect node membership state of the cluster when the containers are run that use this image as well as set different passwords.
1 |
|
Finally, theDockerfile! This is where all the work happens.
1 |
|
The aboveDockerfilespecifies using thecapttofu/docker-dna_base
image as a base. This image already has ansible and it's prerequisite libraries pre-installed and ready to use. The first event that is run in the Dockerfile is to update the apt system. Next, everything in the current repository is copied to aDockerDNA
directory in the root directory of the temporary container.
Next, by runningdocker build .
in the same directory, the image will be built, using the pre-installed ansible, run with a l;ocal connection, in this case.
1 |
|
When this has completed, the image,capttofu/docker-dna_base
, will be ready to use, in this case a container runningPercona XtraDB Clusterthat will need to be managed by Ansible in order to set up the galera cluster.
1 |
|
This blog post showed the reader yet another way to useDockerandAnsibletogether to build Docker images by using aDockerfileto run Ansible to install packages and configure the temporary container that is being used to build the image. This provides yet another example of the flexibility of these two great applications and gives the user yet another method in their toolbox of solutions. Another side-benefit of this article was also learning how to installPercona XtraDB ClusterwithAnsible.