Use bridge network for db container

- Changed the network mode of database container to "bridge" and exposed the service ports. - Use socket file to connect with the database. - Upgrade the backup container image for postgressql. Change-Id: Id5b119f8a474befc3a2cd6e061bbffc4ae5f7bb6
author: Lingxian Kong <anlin.kong@gmail.com> 2021-06-18 11:30:03 +1200
committer: Lingxian Kong <anlin.kong@gmail.com> 2021-06-22 19:10:14 +1200
commit: b050996b9f6df738a0f68ac36a5b5f17f8bb2bc2 (patch)
tree: 13a5124d6ea4b9d13e892601034bc5ac004284dc /trove/guestagent
parent: 6d2ab68a8aa0406ee6320e778b8e290827c9e730 (diff)
download: trove-b050996b9f6df738a0f68ac36a5b5f17f8bb2bc2.tar.gz
6 files changed, 43 insertions, 7 deletions
diff --git a/trove/guestagent/datastore/mysql_common/manager.py b/trove/guestagent/datastore/mysql_common/manager.py
index a81431a1..e27b47ff 100644
--- a/trove/guestagent/datastore/mysql_common/manager.py
+++ b/trove/guestagent/datastore/mysql_common/manager.py
@@ -112,8 +112,10 @@ class MySqlManager(manager.Manager):
         """
         LOG.info(f"Creating backup {backup_info['id']}")
         with EndNotification(context):
+            # Set /var/run/mysqld to allow localhost access.
             volumes_mapping = {
                 '/var/lib/mysql': {'bind': '/var/lib/mysql', 'mode': 'rw'},
+                "/var/run/mysqld": {"bind": "/var/run/mysqld", "mode": "ro"},
                 '/tmp': {'bind': '/tmp', 'mode': 'rw'}
             }
             self.app.create_backup(context, backup_info,
diff --git a/trove/guestagent/datastore/mysql_common/service.py b/trove/guestagent/datastore/mysql_common/service.py
index 1ab1d5fc..64abe542 100644
--- a/trove/guestagent/datastore/mysql_common/service.py
+++ b/trove/guestagent/datastore/mysql_common/service.py
@@ -586,13 +586,20 @@ class BaseMySqlApp(service.BaseDbApp):
         if extra_volumes:
             volumes.update(extra_volumes)
 
+        # Expose ports
+        ports = {}
+        tcp_ports = cfg.get_configuration_property('tcp_ports')
+        for port_range in tcp_ports:
+            for port in port_range:
+                ports[f'{port}/tcp'] = port
+
         try:
-            LOG.info("Starting docker container, image: %s", image)
             docker_util.start_container(
                 self.docker_client,
                 image,
                 volumes=volumes,
-                network_mode="host",
+                network_mode="bridge",
+                ports=ports,
                 user=user,
                 environment={
                     "MYSQL_ROOT_PASSWORD": root_pass,
diff --git a/trove/guestagent/datastore/postgres/service.py b/trove/guestagent/datastore/postgres/service.py
index 404db303..4c2435f0 100644
--- a/trove/guestagent/datastore/postgres/service.py
+++ b/trove/guestagent/datastore/postgres/service.py
@@ -190,13 +190,20 @@ class PgSqlApp(service.BaseDbApp):
         if extra_volumes:
             volumes.update(extra_volumes)
 
+        # Expose ports
+        ports = {}
+        tcp_ports = cfg.get_configuration_property('tcp_ports')
+        for port_range in tcp_ports:
+            for port in port_range:
+                ports[f'{port}/tcp'] = port
+
         try:
-            LOG.info("Starting docker container, image: %s", image)
             docker_util.start_container(
                 self.docker_client,
                 image,
                 volumes=volumes,
-                network_mode="host",
+                network_mode="bridge",
+                ports=ports,
                 user=user,
                 environment={
                     "POSTGRES_PASSWORD": postgres_pass,
@@ -727,7 +734,17 @@ class PgSqlAdmin(object):
 
 
 class PostgresConnection(object):
-    def __init__(self, user, password=None, host='localhost', port=5432):
+    def __init__(self, user, password=None, host='/var/run/postgresql',
+                 port=5432):
+        """Utility class to communicate with PostgreSQL.
+
+        Connect with socket rather than IP or localhost address to avoid
+        manipulation of pg_hba.conf when the database is running inside
+        container with bridge network.
+
+        This class is consistent with PostgresConnection in
+        backup/utils/postgresql.py
+        """
         self.user = user
         self.password = password
         self.host = host
diff --git a/trove/guestagent/datastore/service.py b/trove/guestagent/datastore/service.py
index d016ab5d..fe30652d 100644
--- a/trove/guestagent/datastore/service.py
+++ b/trove/guestagent/datastore/service.py
@@ -395,6 +395,9 @@ class BaseDbApp(object):
         ):
             raise exception.TroveError("Failed to stop database")
 
+    def start_db(self, *args, **kwargs):
+        pass
+
     def start_db_with_conf_changes(self, config_contents, ds_version):
         LOG.info(f"Starting database service with new configuration and "
                  f"datastore version {ds_version}.")
@@ -435,7 +438,8 @@ class BaseDbApp(object):
         db_userinfo = ''
         if need_dbuser:
             admin_pass = self.get_auth_password()
-            db_userinfo = (f"--db-host=127.0.0.1 --db-user=os_admin "
+            # Use localhost to avoid host access verification.
+            db_userinfo = (f"--db-host=localhost --db-user=os_admin "
                            f"--db-password={admin_pass}")
 
         swift_metadata = (
diff --git a/trove/guestagent/strategies/replication/mysql_base.py b/trove/guestagent/strategies/replication/mysql_base.py
index e6dfc3cc..744aec6b 100644
--- a/trove/guestagent/strategies/replication/mysql_base.py
+++ b/trove/guestagent/strategies/replication/mysql_base.py
@@ -82,6 +82,7 @@ class MysqlReplicationBase(base.Replication):
 
         volumes_mapping = {
             '/var/lib/mysql': {'bind': '/var/lib/mysql', 'mode': 'rw'},
+            "/var/run/mysqld": {"bind": "/var/run/mysqld", "mode": "ro"},
             '/tmp': {'bind': '/tmp', 'mode': 'rw'}
         }
         service.create_backup(context, snapshot_info,
diff --git a/trove/guestagent/utils/docker.py b/trove/guestagent/utils/docker.py
index 0f254aa6..beff4f1c 100644
--- a/trove/guestagent/utils/docker.py
+++ b/trove/guestagent/utils/docker.py
@@ -56,9 +56,14 @@ def start_container(client, image, name="database",
     """
     try:
         container = client.containers.get(name)
+        LOG.info(f'Starting existing container {name}')
         container.start()
     except docker.errors.NotFound:
-        LOG.warning("Failed to get container %s", name)
+        LOG.info(
+            f"Creating docker container, image: {image}, "
+            f"volumes: {volumes}, ports: {ports}, user: {user}, "
+            f"network_mode: {network_mode}, environment: {environment}, "
+            f"command: {command}")
         container = client.containers.run(
             image,
             name=name,
author	Lingxian Kong <anlin.kong@gmail.com>	2021-06-18 11:30:03 +1200
committer	Lingxian Kong <anlin.kong@gmail.com>	2021-06-22 19:10:14 +1200
commit	b050996b9f6df738a0f68ac36a5b5f17f8bb2bc2 (patch)
tree	13a5124d6ea4b9d13e892601034bc5ac004284dc /trove/guestagent
parent	6d2ab68a8aa0406ee6320e778b8e290827c9e730 (diff)
download	trove-b050996b9f6df738a0f68ac36a5b5f17f8bb2bc2.tar.gz