Oracle Linux ASM docker recipe

General information

In this setup we are:
  • Installing docker
  • Creating Non-root user (ynixon) with sudo and docker privileges
  • ASM device: /dev/sdb1
  • Enabling sqlnet + ssh to the container
  • Default ASM port is 1521
  • ssh port 2222
  • Passwords for root + grid os users in the container are “ynixon”
  • Password for sys ASM user is “ynixon”
  • Grid software is 12.2 without any patches
  • Container Operating system is Oracle Linux 7.5
  • Within the container, there is no use of UDEV / ASMLIB or ASMFD – the asm_diskstring='/dev/asm*' ,'/dev/*'
  • All test done on regular Ubuntu 14.04
  • There is a crontab job to keep 15 days of trace files + remove audit files.

Prepare host for ASM device

Make sure the device has permissions of the same container ids by applying UDEV rules

$ vi /etc/udev/rules.d/100-asm.rules
KERNEL=="sdb1", NAME="ASM_DISK", OWNER="54421", GROUP="54421", MODE="0660"

udevadm trigger --sysname-match=sdb1 --verbose

Verify the device has ASM lables

DISK_GROUP=$( blkid | grep oracleasm | sed 's/.*LABEL=\"\([^\"]*\)\" TYPE=\"oracleasm\"/\1/')
if [ -z "$DISK_GROUP" ]
then
    echo "device /dev/sdb1 has not asm metadata"
else
    echo "device /dev/sdb1 has diskgroup $DISK_GROUP"
fi

Install Docker

As root
$ curl -fsSL https://get.docker.com/ | sh
Or
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
$ apt-get update
$ apt-cache policy docker-ce
$ apt-get install -y docker-ce

$ service docker status

Add users

As root
Equivalent user ids to the docker to follow (will be identified from outside)
$ groupadd -g 54422 asmadmin
$ useradd -u 54421 -g 54422 grid
A dedicated user to manage the docker
$ adduser ynixon -g 54422
$ echo "ynixon:ynixon" | chpasswd
$ usermod -aG docker ynixon
$ usermod -aG sudo ynixon
$ sed -i '/PasswordAuthentication/d' /etc/ssh/sshd_config ; echo "PasswordAuthentication no" >> /etc/ssh/sshd_config
sed -i '/PubkeyAuthentication/d' /etc/ssh/sshd_config ; echo "PubkeyAuthentication yes" >> /etc/ssh/sshd_config
sed -i '/ChallengeResponseAuthentication/d' /etc/ssh/sshd_config ; echo "ChallengeResponseAuthentication no" >> /etc/ssh/sshd_config
$ service ssh reload

Building a new image

If you already have an image file skip to Load image.
In this step we will create a new image from scratch, and pack it at the end.
You can run /depo/build.sh + /depo/export.sh or run the following manual steps:

Prepare the files

As root
$ mkdir /depo/
$ chown -R root:54422 /depo/
$ chmod 775 /depo
$ git clone https://github.com/ynixon/OracleASMdocker.git /depo/
Ensure you download the file linuxx64_12201_grid_home.zip and copy it to /depo/ folder

List of the files

Script

Description

adrci_script.sh

A script to that will run for crontab to delete trace files periodically
build.sh A script to build a docker image
clean.sh A script to clean all docker containers and an image
crontab.setup A cronjob script for grid user that will delete trace files periodically
disks.sql An SQL script for listing disks
docker_descendants.py A script to check docker images dependencies
docker_folder/Dockerfile Build instruction for docker image
export.sh Export a docker image and compress it
glogin.sql setting SQL*Plus prettier output
grants.sql grants for the build process
init+ASM.ora The initialization file for ASM instance
install_grid.sh Install script for grid
linuxx64_12201_grid_home.zip Oracle 12.2 Grid software (no patches) download it separately
listener.ora Listener file
oracle_asm Logrotate for oracle logfiles
rlwrap-0.42-1.el7.x86_64.rpm Handy tool to enable history in SQL*Plus, asmcmd
run.sh Start a container
status.sh Images and Container status

Run build image

As root/ynixon
$ cd /depo/docker_folder
$ docker build -t ynixon/docker_grid_asm .

Run image detached (at background)

$ docker run --rm --privileged --detach --name asm_grid_build -h gridserver -p 1521:1521 -p 2222:22 --shm-size 2048m -e TZ=UTC -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume /depo:/software --volume /boot:/boot --device=/dev/sdb1 ynixon/docker_grid_asm

Install grid software

$ docker exec -it asm_grid_build su - grid -c '/software/install_grid.sh'

Save the image with the grid

$ docker commit -m "oracle linux 7.5 standalone grid infrastructure with ASM" -a "Yossi Nixon" `docker ps -lq` ynixon/ynixon_asm_server

Remove intermediate image (without the grid)

$ docker rm -f asm_grid_build

Optional – check the the new image

Run the container at the background
$ docker run --privileged --detach --name asm_grid -h gridserver -p 1521:1521 -p 2222:22 --shm-size 2048m -e TZ=UTC -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume /depo:/software --volume /boot:/boot --device=/dev/sdb1 --restart always ynixon/ynixon_asm_server
Connect to the new container to verify the environment
$ docker exec -it --user grid asm_grid bash -l

Export the image and compress it

$ docker save -o /depo/export/docker_ynixon_asm_server.tar ynixon/ynixon_asm_server:latest
$ gzip docker_ynixon_asm_server.tar

Load image

Copy the file docker_ynixon_asm_server.tar.gz to /tmp

Uncompress the file

$ gunzip /tmp/docker_ynixon_asm_server.tar.gz

Load the file into the local container repository

$ docker load -i /depo/export/docker_ynixon_asm_server.tar

Run a container based on the loaded image

$ docker run --privileged --detach --name asm_grid -h gridserver -p 1521:1521 -p 2222:22 --shm-size 2048m -e TZ=UTC -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume /boot:/boot --device=/dev/sdb1 --restart always ynixon/ynixon_asm_server

Test Connection from remote machines:

$ ssh root@ -p 2222$ sqlplus sys/ynixon@:1521/+ASM as sysasm

Deploy Web Interface – Portainer

$ docker volume create portainer_data
$ docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
Open browser at: http://<docker server>:9000/

Yossi

Comments

Popular posts from this blog

Data Guard - Changing IP Addresses

Install Oracle Internet Directory (OID) in Standalone mode

Fixing & Registering ORACLE_HOMES in Central Inventory