Site Tools


New release available: 2022-07-31 "Igor". upgrade now! [52.2] (what's this?)
walkthrough_docker

detailed procedure to install Docker on gxfsadm servers

Prerequirment for these steps is a successful configured DRBD.

configure the VIPs for the Docker services

mount the filesystems to the configured location (either manually or via pcs commands if aleady configured)

mkdir /drbd
mkdir /drbd/mariadb
mkdir /drbd/icinga2
mkdir /drbd/icingaweb2
mkdir /drbd/xcat
chmod -R 777 /drbd

mount /dev/drbd100 /drbd/mariadb/
mount /dev/drbd101 /drbd/icingaweb2/
mount /dev/drbd102 /drbd/icinga2/
mount /dev/drbd103 /drbd/xcat/
chmod 777 /drbd/*
create IP adresses

The IP adresses will be handled by corosync/pacemaker later on. For a standalone test they can be configured manually using ifconfig. The according pcs resource commandline can be found below.

ifconfig enp1s0f0:0 192.168.2.150/24
ifconfig enp1s0f0:1 192.168.2.151/24
ifconfig enp1s0f0:2 192.168.2.152/24
ifconfig enp1s0f0:3 192.168.2.153/24
ifconfig enp1s0f0:4 192.168.2.154/24

pcs resource create VIP_mariadb IPaddr2 ip=192.168.2.150 cidr_netmask=24 op monitor interval=5s --group mariadb
pcs resource create VIP_icinga2 IPaddr2 ip=192.168.2.151 cidr_netmask=24 op monitor interval=5s --group icinga2
pcs resource create VIP_icingaweb2 IPaddr2 ip=192.168.2.152 cidr_netmask=24 op monitor interval=5s --group icingaweb2
pcs resource create VIP_xcat IPaddr2 ip=192.168.2.153 cidr_netmask=24 op monitor interval=5s --group xcat
pcs resource create VIP_home IPaddr2 ip=192.168.2.154 cidr_netmask=24 op monitor interval=5s --group home
transfer docker images

The docker images are taken from a working docker installation. The images to be transported are exported using the 'docker save' command.

[root@gxfsadm0-0 ~]# docker container ls
CONTAINER ID        IMAGE                                                COMMAND                  CREATED             STATUS                  PORTS                          NAMES
da928a6720de        psitrax/icingaweb2                                   "/init/run.sh"           3 days ago          Up 16 hours (healthy)   192.168.2.142:80->80/tcp       icingaweb2
e5c7c03ae597        psitrax/icinga2                                      "/init/run.sh"           3 days ago          Up 16 hours (healthy)   192.168.2.141:5665->5665/tcp   icinga2
f9bec68a69c2        registry.access.redhat.com/rhscl/mariadb-102-rhel7   "container-entrypoin…"   3 days ago          Up 16 hours             192.168.2.140:3306->3306/tcp   mariadb
[root@gxfsadm0-0 ~]# docker save adbf76b5cec6 > mariadb_docker_save_20180504.tar
[root@gxfsadm0-0 ~]#

This created docker transport image will be used as base for further docker images and will be copied to the repository server. On the destination host that image needs to be imported and will be the base for the docker container. Finally set the name for the image to identify versions.

[root@gxfsadm1-1 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
[root@gxfsadm1-1 ~]# docker load --input mariadb_docker_save_20180504.tar
b1e3561f65d6: Loading layer [==================================================>]  210.7MB/210.7MB
b1933d7f1c6d: Loading layer [==================================================>]  10.24kB/10.24kB
7570c9bb6eb0: Loading layer [==================================================>]   24.7MB/24.7MB
1516100687bb: Loading layer [==================================================>]  212.8MB/212.8MB
Loaded image ID: sha256:adbf76b5cec6dc9651bb323982a70938988a2f1fdc2331ef8023972ac03b50ea
[root@gxfsadm1-1 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED                  SIZE
<none>              <none>              adbf76b5cec6        Less than a second ago   434MB
[root@gxfsadm1-1 ~]# docker tag adbf76b5cec6 necgxfs/mariadb_v1.2:latest
[root@gxfsadm1-1 ~]# docker images
REPOSITORY             TAG                 IMAGE ID            CREATED                  SIZE
necgxfs/mariadb_v1.2   latest              adbf76b5cec6        Less than a second ago   434MB
[root@gxfsadm1-1 ~]#
copy over the docker-compose config files to the host and adapt them accordingly

The docker compose file are defining the outline of the container to be created from the image. This docker-compose file shall be created in the drbd share associated with that container. This file needs to be adapted in regard of the IP adresses to match the final configuration.

cd /drbd/mariadb_vol1
cat << EOF > docker-compose_mariadb.yml
mariadb_database:
  container_name: mariadb
  hostname: mariadb
  image: necgxfs/mariadb_v1.2
  ports:
    - "192.168.2.150:3306:3306"
  environment:
    TZ: "Europe/Berlin"
    MYSQL_USER: "dbuser"
    MYSQL_PASSWORD: "necINST."
    MYSQL_DATABASE: "icinga2"
    MYSQL_ROOT_PASSWORD: "necINST."
  extra_hosts:
    - "mariadb:192.168.2.150"
    - "icinga2:192.168.2.151"
    - "icingaweb2:192.168.2.152"
  volume_driver: drbdmanage
  volumes:
    - /drbd/mariadb_vol1:/var/lib/mysql/data
EOF

Now the container needs to be initially initialized to embedd all needed information like network- and storage and environment information. This is done using docker-compose, which creates the container with information in the docker-compose.yml file. After the container creation the next startup will be done using pcs resource.

[root@gxfsadm1-1 ~]# docker-compose -f /drbd/mariadb_vol1/docker-compose_mariadb.yml up --no-start
Creating mariadb ... done
[root@gxfsadm1-1 ~]# docker container ls -a
CONTAINER ID        IMAGE                  COMMAND                  CREATED             STATUS              PORTS               NAMES
d4abd74dfab6        necgxfs/mariadb_v1.2   "container-entrypoin…"   12 seconds ago      Created                                 mariadb
[root@gxfsadm1-1 ~]#

As next step the pcs reosurces need to be created. pcs resource for the docker container:

[root@gxfsadm1-1 ~]# pcs resource create DCK_mariadb ocf:heartbeat:docker image="necgxfs/mariadb_v1.2" op monitor timeout="30s" interval="30s"
[root@gxfsadm1-1 ~]# pcs resource update DCK_mariadb reuse=1 name=mariadb
[root@gxfsadm1-1 ~]# pcs resource group add mariadb docker_mariadb
[root@gxfsadm1-0 ~]# pcs status
Cluster name: gxfsadm-cl1
WARNING: corosync and pacemaker node names do not match (IPs used in setup?)
Stack: corosync
Current DC: gxfsadm1-0 (version 1.1.16-12.el7-94ff4df) - partition with quorum
Last updated: Fri May  4 12:00:49 2018
Last change: Fri May  4 11:59:27 2018 by root via crm_resource on gxfsadm1-0

2 nodes configured
7 resources configured

Online: [ gxfsadm1-0 gxfsadm1-1 ]

Full list of resources:

 fence_gxfsadm1-0	(stonith:fence_ipmilan):	Started gxfsadm1-0
 fence_gxfsadm1-1	(stonith:fence_ipmilan):	Started gxfsadm1-1
 Master/Slave Set: drbd-mariadb_vol1Clone [drbd-mariadb_vol1]
     Masters: [ gxfsadm1-0 ]
     Slaves: [ gxfsadm1-1 ]
 Resource Group: mariadb
     mariadb_vol1-fs	(ocf::heartbeat:Filesystem):	Started gxfsadm1-0
     VIP_mariadb	(ocf::heartbeat:IPaddr2):	Started gxfsadm1-0
     docker_mariadb	(ocf::heartbeat:docker):	Started gxfsadm1-0

Daemon Status:
  corosync: active/enabled
  pacemaker: active/enabled
  pcsd: active/enabled
[root@gxfsadm1-0 ~]#

These steps need to be repeated with the other container. For icinga2 we need three instances, which are implemented independantly. The reference docker-compose files are shown below:

docker-compose_icinga2.yml

cat << EOF > docker-compose_icinga2.yml
icinga2:
  container_name: icinga2
  hostname: icinga2
  image: necgxfs/icinga2_v1.1
  ports:
    - "192.168.2.151:5665:5665"
  environment:
    TZ: "Europe/Berlin"
    MYSQL_AUTOCONF: "true"
    MYSQL_HOST: "192.168.2.150"
    MYSQL_PORT: "3306"
    MYSQL_DB: "icinga2"
    MYSQL_USER: "dbuser"
    MYSQL_PASS: "necINST."
    SMTP_SERVER: "192.168.2.10"
    ICINGA_API_PASS: "necINST."
  extra_hosts:
    - "mariadb:192.168.2.150"
    - "icinga2:192.168.2.151"
    - "icingaweb2:192.168.2.152"
    - "mail:192.168.2.10"
  volume_driver: drbdmanage
  volumes:
    - /drbd/icinga2_vol1:/icinga2
EOF

As next step the PCS resource for the icinga2 docker container needs to be created. The resource needs to be started after the according VIP resource. This can be configured using the '–after' parameter.

[root@gxfsadm1 ~]# pcs resource create DCK_icinga2 ocf:heartbeat:docker image="necgxfs/icinga2_v1.1" op monitor timeout="30s" interval="30s" --after VIP_icnga2-fdr --group monitoring
[root@gxfsadm1 ~]# pcs resource update DCK_icinga2 reuse=1 name=icinga2

docker-compose_icingaweb2.yml

cat << EOF > docker-compose_icingaweb2.yml
icingaweb2:
  container_name: icingaweb2
  hostname: icingaweb2
  image: psitrax/icingaweb2
  ports:
    - "192.168.2.152:80:80"
  environment:
    TZ: "Europe/Berlin"
    ICINGA_API_PASS: "necINST."
    WEB_DB_HOST: "192.168.2.150"
    WEB_DB_PORT: "3306"
    WEB_DB_USER: "dbuser"
    WEB_DB_PASS: "necINST."
    WEB_DB: "icingaweb"
    IDO_DB_HOST: "192.168.2.150"
    IDO_DB_PORT: "3306"
    IDO_DB_USER: "dbuser"
    IDO_DB_PASS: "necINST."
    IDO_DB: "icinga2"
  extra_hosts:
    - "mariadb:192.168.2.150"
    - "icinga2:192.168.2.151"
    - "icingaweb2:192.168.2.152"
  volume_driver: drbdmanage
  volumes:
    - /drbd/icingaweb2_vol1:/etc/icingaweb2
EOF
create DOCKER container from scratch

The procedure shown above shows the container creation from a docker image archive, In case the target system has internet access the images can be downloaded as well directly. This is only for reference as it is treated as to be prefered to use the predefined docker image archive, The configuration files will be created and adapted on the hosts with the Docker filesystems mounted. The file below is a template, which needs to be adapted accordingly.

cat << EOF > prep_docker.sh
#!/bin/bash
DOCKER_HOST=gxfsadm1-0
DB_HOST=192.168.2.150
DB_USER=root
DB_PW=necINST.
DB_FS=/drbd/mariadb
ICINGA2_FS=/drbd/icinga2
ICINGAWEB2_FS=/drbd/icingaweb2
#
# delete all DRBD volumes
#
#rm -rf \$DB_FS/*
#rm -rf \$ICINGA2_FS/*
#rm -rf \$ICINGAWEB2_FS/*
#
# ssh to the dockerhost and create the docker containers
#
echo === creating mariadb container ===
scp docker-compose_mariadb.yml \$DOCKER_HOST:\$DB_FS
docker-compose -f \$DB_FS/docker-compose_mariadb.yml up --no-start
docker-compose -f \$DB_FS/docker-compose_mariadb.yml start
echo sleep 20 now
sleep 20

echo show current installed databases on host \$DB_HOST
echo "show databases" | mysql -h \$DB_HOST -u \$DB_USER -p\$DB_PW
echo ===
echo create database icingaweb and grant access for dbuser
echo "create database icingaweb" | mysql -h \$DB_HOST -u \$DB_USER -p\$DB_PW
echo "GRANT ALL PRIVILEGES ON icingaweb.* to dbuser" | mysql -h \$DB_HOST -u \$DB_USER -p\$DB_PW

echo create database director and grant access for dbuser
echo "create database director CHARACTER SET 'utf8'" | mysql -h \$DB_HOST -u \$DB_USER -p\$DB_PW
echo "GRANT ALL PRIVILEGES ON director.* to dbuser" | mysql -h \$DB_HOST -u \$DB_USER -p\$DB_PW

echo show current installed databases on host \$DB_HOST
echo "show databases" | mysql -h \$DB_HOST -u \$DB_USER -p\$DB_PW

echo === creating icinga2 container ===
cp docker-compose_icinga2.yml \$ICINGA2_FS
docker-compose -f \$ICINGA2_FS/docker-compose_icinga2.yml up --no-start
docker-compose -f \$ICINGA2_FS/docker-compose_icinga2.yml start

echo === creating icingaweb2 container ===
cp docker-compose_icingaweb2.yml \$ICINGAWEB2_FS
docker-compose -f \$ICINGAWEB2_FS/docker-compose_icingaweb2.yml up --no-start
docker-compose -f \$ICINGAWEB2_FS/docker-compose_icingaweb2.yml start

exit 0
EOF
walkthrough_docker.txt · Last modified: 2022/07/10 09:34 by 127.0.0.1