From acbb3e02c39a5e53fc70b55b0cf5a4894f3ad4cb Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Fri, 19 Jan 2024 23:31:41 +0100 Subject: [PATCH] Replace supercronic with minit --- example/images/mariadb-backup/Dockerfile | 2 +- example/manage.nomad.hcl | 2 +- example/mariadb.nomad.hcl | 20 ++++--- mariadb.nomad.hcl | 74 +++++++++--------------- templates/backup.cron.tpl | 3 - templates/backup.minit.yml.tpl | 5 ++ variables.yml | 37 +++++++----- 7 files changed, 68 insertions(+), 75 deletions(-) delete mode 100644 templates/backup.cron.tpl create mode 100644 templates/backup.minit.yml.tpl diff --git a/example/images/mariadb-backup/Dockerfile b/example/images/mariadb-backup/Dockerfile index c33545a..89a4a6d 100644 --- a/example/images/mariadb-backup/Dockerfile +++ b/example/images/mariadb-backup/Dockerfile @@ -1,4 +1,4 @@ -FROM danielberteaud/mariadb-client:24.1-1 +FROM danielberteaud/mariadb-client:24.1-2 MAINTAINER Daniel Berteaud RUN set -eux &&\ diff --git a/example/manage.nomad.hcl b/example/manage.nomad.hcl index 75cad1c..87c4562 100644 --- a/example/manage.nomad.hcl +++ b/example/manage.nomad.hcl @@ -69,7 +69,7 @@ job "mariadb-manage" { driver = "docker" config { - image = "danielberteaud/mariadb-client:24.1-1" + image = "danielberteaud/mariadb-client:24.1-2" pids_limit = 50 readonly_rootfs = true command = "/local/manage.sh" diff --git a/example/mariadb.nomad.hcl b/example/mariadb.nomad.hcl index 91ee770..a500566 100644 --- a/example/mariadb.nomad.hcl +++ b/example/mariadb.nomad.hcl @@ -1,6 +1,4 @@ job "mariadb" { - - datacenters = ["dc1"] @@ -10,14 +8,16 @@ job "mariadb" { mode = "bridge" } - volume "mariadb" { - type = "csi" + + volume "data" { source = "mariadb-data" + type = "csi" access_mode = "single-node-writer" attachment_mode = "file-system" per_alloc = true } + service { name = "mariadb" port = 3306 @@ -58,17 +58,19 @@ job "mariadb" { } config { - image = "danielberteaud/mariadb:24.1-5" + image = "danielberteaud/mariadb:24.1-6" pids_limit = 100 command = "/local/mysql_upgrade.sh" } + vault { policies = ["mariadb"] env = false disable_file = true } + template { data = <<_EOT [client] @@ -109,7 +111,7 @@ _EOT } volume_mount { - volume = "mariadb" + volume = "data" destination = "/data" } @@ -127,7 +129,7 @@ _EOT kill_timeout = "5m" config { - image = "danielberteaud/mariadb:24.1-5" + image = "danielberteaud/mariadb:24.1-6" volumes = [ "secrets/:/etc/my.cnf.d", "secrets/my.conf:/var/lib/mysql/.my.cnf:ro", @@ -136,12 +138,14 @@ _EOT #readonly_rootfs = true } + vault { policies = ["mariadb"] env = false disable_file = true } + env { MYSQL_CONF_11_bind-address = "127.0.0.1" @@ -176,7 +180,7 @@ _EOT } volume_mount { - volume = "mariadb" + volume = "data" destination = "/data" } diff --git a/mariadb.nomad.hcl b/mariadb.nomad.hcl index dc81631..ac27a81 100644 --- a/mariadb.nomad.hcl +++ b/mariadb.nomad.hcl @@ -1,5 +1,6 @@ -[[- $c := merge .mariadb.server . -]] -job [[ .instance | toJSON ]] { +job "[[ .instance ]]" { + +[[- $c := merge .mariadb.server .mariadb . -]] [[ template "common/job_start" $c ]] @@ -9,13 +10,7 @@ job [[ .instance | toJSON ]] { mode = "bridge" } - volume "mariadb" { - type = [[ .mariadb.volumes.data.type | toJSON ]] - source = [[ .mariadb.volumes.data.source | toJSON ]] - access_mode = "single-node-writer" - attachment_mode = "file-system" - per_alloc = true - } +[[ template "common/volumes" $c ]] service { name = "[[ .instance ]][[ $c.consul.suffix ]]" @@ -47,23 +42,19 @@ job [[ .instance | toJSON ]] { # Run mysql_upgrade task "upgrade" { - driver = [[ $c.nomad.driver | toJSON ]] + driver = "[[ $c.nomad.driver ]]" lifecycle { hook = "poststart" } config { - image = [[ .mariadb.server.image | toJSON ]] + image = "[[ .mariadb.server.image ]]" pids_limit = 100 command = "/local/mysql_upgrade.sh" } - vault { - policies = ["[[ .instance ]][[ .consul.suffix ]]"] - env = false - disable_file = true - } +[[ template "common/vault.policies" $c ]] template { data = <<_EOT @@ -87,7 +78,7 @@ _EOT } volume_mount { - volume = "mariadb" + volume = "data" destination = "/data" } @@ -99,13 +90,13 @@ _EOT } task "mariadb" { - driver = [[ $c.nomad.driver | toJSON ]] + driver = "[[ $c.nomad.driver ]]" leader = true kill_timeout = "5m" config { - image = [[ .mariadb.server.image | toJSON ]] + image = "[[ .mariadb.server.image ]]" volumes = [ "secrets/:/etc/my.cnf.d", "secrets/my.conf:/var/lib/mysql/.my.cnf:ro", @@ -114,11 +105,7 @@ _EOT #readonly_rootfs = true } - vault { - policies = ["[[ .instance ]][[ .consul.suffix ]]"] - env = false - disable_file = true - } +[[ template "common/vault.policies" $c ]] env { MYSQL_CONF_11_bind-address = "127.0.0.1" @@ -151,29 +138,25 @@ _EOT } volume_mount { - volume = "mariadb" + volume = "data" destination = "/data" } -[[ template "common/resources" .mariadb.server.resources ]] +[[ template "common/resources" $c ]] } } [[- if .mariadb.backup.dumps.enabled ]] -[[- $c := merge .mariadb.backup . ]] +[[- $c := merge .mariadb.backup .mariadb . ]] group "backup" { + network { mode = "bridge" } - volume "backup" { - type = [[ .mariadb.volumes.backup.type | toJSON ]] - source = [[ .mariadb.volumes.backup.source | toJSON ]] - access_mode = "multi-node-multi-writer" - attachment_mode = "file-system" - } +[[ template "common/volumes" $c ]] service { name = "[[ .instance ]]-backup[[ $c.consul.suffix ]]" @@ -183,22 +166,19 @@ _EOT [[ template "common/task.wait_for" $c ]] task "backup" { - driver = [[ $c.nomad.driver | toJSON ]] + driver = "[[ $c.nomad.driver ]]" config { - image = [[ .mariadb.backup.image | toJSON ]] - pids_limit = 100 + image = "[[ .mariadb.backup.image ]]" + pids_limit = 100 readonly_rootfs = true - command = "supercronic" - args = [ - "/secrets/backup.cron" - ] + command = "minit" } - vault { - policies = ["[[ .instance ]][[ $c.consul.suffix ]]"] - env = false - disable_file = true +[[ template "common/vault.policies" $c ]] + + env { + MINIT_UNIT_DIR = "/local/minit.d" } template { @@ -224,9 +204,9 @@ _EOT template { data =<<_EOT -[[ template "mariadb/backup.cron.tpl" $c ]] +[[ template "mariadb/backup.minit.yml.tpl" $c ]] _EOT - destination = "secrets/backup.cron" + destination = "local/minit.d/backup.yml" } volume_mount { @@ -234,7 +214,7 @@ _EOT destination = "/backup" } -[[ template "common/resources" .mariadb.backup.resources ]] +[[ template "common/resources" $c ]] } } diff --git a/templates/backup.cron.tpl b/templates/backup.cron.tpl deleted file mode 100644 index fb4c784..0000000 --- a/templates/backup.cron.tpl +++ /dev/null @@ -1,3 +0,0 @@ -[[- if and .mariadb.backup.dumps.enabled (not (eq .mariadb.backup.dumps.cron "")) ]] -[[ .mariadb.backup.dumps.cron ]] /local/dump.sh -[[- end ]] diff --git a/templates/backup.minit.yml.tpl b/templates/backup.minit.yml.tpl new file mode 100644 index 0000000..65b627f --- /dev/null +++ b/templates/backup.minit.yml.tpl @@ -0,0 +1,5 @@ +--- +kind: cron +name: mariadb-dump +command: ["/local/dump.sh"] +cron: '[[ .mariadb.backup.dumps.cron ]]' diff --git a/variables.yml b/variables.yml index 404bf37..c98fd31 100644 --- a/variables.yml +++ b/variables.yml @@ -5,6 +5,10 @@ instance: mariadb mariadb: + vault: + policies: + - '[[ .instance ]][[ .consul.suffix ]]' + # MariaDB server settings server: @@ -39,6 +43,16 @@ mariadb: # We disable the default TCP check, as it adds log noise disable_default_tcp_check: true + volumes: + # The data volume is opened as single-node-writer + # recommended to be a block based volume (iSCSI for example) + # Also, this volume will connect per alloc, so the alloc ID will be appended. + # You need to create at least mariadb-data[0] + data: + type: csi + source: '[[ .instance ]]-data' + per_alloc: true + # The manager is a batch job which can # - create databases # - create users, and add grants @@ -85,7 +99,7 @@ mariadb: # Backup service, which can create regular dumps of the databases backup: - image: '[[ .docker.repo ]]mariadb-backup:24.1-1' + image: '[[ .docker.repo ]][[ .docker.base_images.mariadb_client.image ]]' # Resource allocation resources: @@ -110,18 +124,11 @@ mariadb: compression: 6 cron: 12 03 * * * - # Volumes used - volumes: - # The data volume is opened as single-node-writer - # recommended to be a block based volume (iSCSI for example) - # Also, this volume will connect per alloc, so the alloc ID will be appended. - # You need to create at least mariadb-data[0] - data: - type: csi - source: '[[ .instance ]]-data' + volumes: + # Volume which holds database dumps + # will be opened as multi-node-multi-writer (can be NFS for example) + backup: + type: csi + source: '[[ .instance ]]-backup' + access_mode: multi-node-multi-writer - # Volume which holds database dumps - # will be opened as multi-node-multi-writer (can be NFS for example) - backup: - type: csi - source: '[[ .instance ]]-backup'