Oracle Linux ASM docker recipe
General information
In this setup we are:- Installing docker
- Creating Non-root user (ynixon) with sudo and docker privileges
- ASM device: /dev/sdb1
- Enabling sqlnet + ssh to the container
- Default ASM port is 1521
- ssh port 2222
- Passwords for root + grid os users in the container are “ynixon”
- Password for sys ASM user is “ynixon”
- Grid software is 12.2 without any patches
- Container Operating system is Oracle Linux 7.5
- Within the container, there is no use of UDEV / ASMLIB or ASMFD – the asm_diskstring='/dev/asm*' ,'/dev/*'
- All test done on regular Ubuntu 14.04
- There is a crontab job to keep 15 days of trace files + remove audit files.
Prepare host for ASM device
Make sure the device has permissions of the same container ids by applying UDEV rules
$ vi /etc/udev/rules.d/100-asm.rules
KERNEL=="sdb1", NAME="ASM_DISK", OWNER="54421", GROUP="54421", MODE="0660"
udevadm trigger --sysname-match=sdb1 --verbose
Verify the device has ASM lables
DISK_GROUP=$( blkid | grep oracleasm | sed 's/.*LABEL=\"\([^\"]*\)\" TYPE=\"oracleasm\"/\1/')
if [ -z "$DISK_GROUP" ]
then
echo "device /dev/sdb1 has not asm metadata"
else
echo "device /dev/sdb1 has diskgroup $DISK_GROUP"
fi
Install Docker
As root$ curl -fsSL https://get.docker.com/ | shOr
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
$ apt-get update
$ apt-cache policy docker-ce
$ apt-get install -y docker-ce
$ service docker status
Add users
As rootEquivalent user ids to the docker to follow (will be identified from outside)
$ groupadd -g 54422 asmadminA dedicated user to manage the docker
$ useradd -u 54421 -g 54422 grid
$ adduser ynixon -g 54422
$ echo "ynixon:ynixon" | chpasswd
$ usermod -aG docker ynixon
$ usermod -aG sudo ynixon
$ sed -i '/PasswordAuthentication/d' /etc/ssh/sshd_config ; echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
sed -i '/PubkeyAuthentication/d' /etc/ssh/sshd_config ; echo "PubkeyAuthentication yes" >> /etc/ssh/sshd_config
sed -i '/ChallengeResponseAuthentication/d' /etc/ssh/sshd_config ; echo "ChallengeResponseAuthentication no" >> /etc/ssh/sshd_config
$ service ssh reload
Building a new image
If you already have an image file skip to Load image.In this step we will create a new image from scratch, and pack it at the end.
You can run /depo/build.sh + /depo/export.sh or run the following manual steps:
Prepare the files
As root$ mkdir /depo/Ensure you download the file linuxx64_12201_grid_home.zip and copy it to /depo/ folder
$ chown -R root:54422 /depo/
$ chmod 775 /depo
$ git clone https://github.com/ynixon/OracleASMdocker.git /depo/
Script | Description |
adrci_script.sh | A script to that will run for crontab to delete trace files periodically |
| build.sh | A script to build a docker image |
| clean.sh | A script to clean all docker containers and an image |
| crontab.setup | A cronjob script for grid user that will delete trace files periodically |
| disks.sql | An SQL script for listing disks |
| docker_descendants.py | A script to check docker images dependencies |
| docker_folder/Dockerfile | Build instruction for docker image |
| export.sh | Export a docker image and compress it |
| glogin.sql | setting SQL*Plus prettier output |
| grants.sql | grants for the build process |
| init+ASM.ora | The initialization file for ASM instance |
| install_grid.sh | Install script for grid |
| linuxx64_12201_grid_home.zip | Oracle 12.2 Grid software (no patches) download it separately |
| listener.ora | Listener file |
| oracle_asm | Logrotate for oracle logfiles |
| rlwrap-0.42-1.el7.x86_64.rpm | Handy tool to enable history in SQL*Plus, asmcmd |
| run.sh | Start a container |
| status.sh | Images and Container status |
Run build image
As root/ynixon$ cd /depo/docker_folder
$ docker build -t ynixon/docker_grid_asm .
Run image detached (at background)
$ docker run --rm --privileged --detach --name asm_grid_build -h gridserver -p 1521:1521 -p 2222:22 --shm-size 2048m -e TZ=UTC -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume /depo:/software --volume /boot:/boot --device=/dev/sdb1 ynixon/docker_grid_asm
Install grid software
$ docker exec -it asm_grid_build su - grid -c '/software/install_grid.sh'
Save the image with the grid
$ docker commit -m "oracle linux 7.5 standalone grid infrastructure with ASM" -a "Yossi Nixon" `docker ps -lq` ynixon/ynixon_asm_server
Remove intermediate image (without the grid)
$ docker rm -f asm_grid_build
Optional – check the the new image
Run the container at the background$ docker run --privileged --detach --name asm_grid -h gridserver -p 1521:1521 -p 2222:22 --shm-size 2048m -e TZ=UTC -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume /depo:/software --volume /boot:/boot --device=/dev/sdb1 --restart always ynixon/ynixon_asm_serverConnect to the new container to verify the environment
$ docker exec -it --user grid asm_grid bash -l
Export the image and compress it
$ docker save -o /depo/export/docker_ynixon_asm_server.tar ynixon/ynixon_asm_server:latest
$ gzip docker_ynixon_asm_server.tar
Load image
Copy the file docker_ynixon_asm_server.tar.gz to /tmpUncompress the file
$ gunzip /tmp/docker_ynixon_asm_server.tar.gz
Load the file into the local container repository
$ docker load -i /depo/export/docker_ynixon_asm_server.tar
Run a container based on the loaded image
$ docker run --privileged --detach --name asm_grid -h gridserver -p 1521:1521 -p 2222:22 --shm-size 2048m -e TZ=UTC -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume /boot:/boot --device=/dev/sdb1 --restart always ynixon/ynixon_asm_server
Test Connection from remote machines:
$ ssh root@-p 2222 $ sqlplus sys/ynixon@:1521/+ASM as sysasm
Deploy Web Interface – Portainer
$ docker volume create portainer_dataOpen browser at: http://<docker server>:9000/
$ docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
Yossi
Comments
Post a Comment