From a26dfec6faaffb77bb08ad0543d199f4cbab86d4 Mon Sep 17 00:00:00 2001 From: viktor Date: Tue, 12 May 2020 13:17:56 +0300 Subject: [PATCH 1/6] start tb-postgres with 'thingsboard' user --- msa/tb/docker-postgres/Dockerfile | 22 ++++++++++++++++++---- msa/tb/docker-postgres/start-db.sh | 9 ++++----- msa/tb/docker-postgres/stop-db.sh | 4 ++-- 3 files changed, 24 insertions(+), 11 deletions(-) diff --git a/msa/tb/docker-postgres/Dockerfile b/msa/tb/docker-postgres/Dockerfile index a2a24442e4..6050d0822b 100644 --- a/msa/tb/docker-postgres/Dockerfile +++ b/msa/tb/docker-postgres/Dockerfile @@ -20,13 +20,11 @@ RUN apt-get update RUN apt-get install -y curl RUN echo 'deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main' | tee --append /etc/apt/sources.list.d/pgdg.list > /dev/null RUN curl -L https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - +ENV PG_MAJOR 11 RUN apt-get update RUN apt-get install -y postgresql-11 RUN update-rc.d postgresql disable -RUN mkdir -p /var/log/postgres -RUN chown -R postgres:postgres /var/log/postgres - COPY logback.xml ${pkg.name}.conf start-db.sh stop-db.sh start-tb.sh upgrade-tb.sh install-tb.sh ${pkg.name}.deb /tmp/ RUN chmod a+x /tmp/*.sh \ @@ -50,13 +48,29 @@ ENV DATABASE_TS_TYPE=sql ENV DATABASE_ENTITIES_TYPE=sql ENV PGDATA=/data/db +ENV PATH=$PATH:/usr/lib/postgresql/$PG_MAJOR/bin ENV SPRING_JPA_DATABASE_PLATFORM=org.hibernate.dialect.PostgreSQLDialect ENV SPRING_DRIVER_CLASS_NAME=org.postgresql.Driver ENV SPRING_DATASOURCE_URL=jdbc:postgresql://localhost:5432/thingsboard -ENV SPRING_DATASOURCE_USERNAME=postgres +ENV SPRING_DATASOURCE_USERNAME=${pkg.user} ENV SPRING_DATASOURCE_PASSWORD=postgres + +ENV PGLOG=/var/log/postgres +RUN mkdir -p $PGLOG +RUN chown -R ${pkg.user}:${pkg.user} $PGLOG + +RUN chown -R ${pkg.user}:${pkg.user} /var/run/postgresql + +RUN mkdir -p /data +RUN chown -R ${pkg.user}:${pkg.user} /data + +RUN chown -R ${pkg.user}:${pkg.user} /var/log/${pkg.name} +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar + +USER ${pkg.user} + EXPOSE 9090 EXPOSE 1883 EXPOSE 5683/udp diff --git a/msa/tb/docker-postgres/start-db.sh b/msa/tb/docker-postgres/start-db.sh index dfbfc1dd68..6119daf2f9 100644 --- a/msa/tb/docker-postgres/start-db.sh +++ b/msa/tb/docker-postgres/start-db.sh @@ -17,16 +17,15 @@ firstlaunch=${DATA_FOLDER}/.firstlaunch -export PG_CTL=$(find /usr/lib/postgresql/ -name pg_ctl) +PG_CTL=$(find /usr/lib/postgresql/ -name pg_ctl) if [ ! -d ${PGDATA} ]; then mkdir -p ${PGDATA} - chown -R postgres:postgres ${PGDATA} - su postgres -c '${PG_CTL} initdb -U postgres' + ${PG_CTL} initdb fi -su postgres -c '${PG_CTL} -l /var/log/postgres/postgres.log -w start' +exec setsid nohup postgres >> ${PGLOG}/postgres.log 2>&1 & if [ ! -f ${firstlaunch} ]; then - su postgres -c 'psql -U postgres -d postgres -c "CREATE DATABASE thingsboard"' + psql -U ${pkg.user} -d postgres -c "CREATE DATABASE thingsboard" fi diff --git a/msa/tb/docker-postgres/stop-db.sh b/msa/tb/docker-postgres/stop-db.sh index 66596d13c8..b3d151dd16 100644 --- a/msa/tb/docker-postgres/stop-db.sh +++ b/msa/tb/docker-postgres/stop-db.sh @@ -15,6 +15,6 @@ # limitations under the License. # -export PG_CTL=$(find /usr/lib/postgresql/ -name pg_ctl) +PG_CTL=$(find /usr/lib/postgresql/ -name pg_ctl) -su postgres -c '${PG_CTL} stop' +${PG_CTL} stop From 3dacb296fc00c012a06ad75a2c64ceac04d170d3 Mon Sep 17 00:00:00 2001 From: viktor Date: Tue, 12 May 2020 16:18:30 +0300 Subject: [PATCH 2/6] start tb-cassandra with 'cassandra' user --- msa/tb/docker-cassandra/Dockerfile | 15 +++++++++++++++ msa/tb/docker-cassandra/start-db.sh | 4 ---- msa/tb/docker-cassandra/stop-db.sh | 12 +++++++++++- 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/msa/tb/docker-cassandra/Dockerfile b/msa/tb/docker-cassandra/Dockerfile index 3a761398fd..7a2b86b831 100644 --- a/msa/tb/docker-cassandra/Dockerfile +++ b/msa/tb/docker-cassandra/Dockerfile @@ -49,6 +49,21 @@ ENV DATABASE_ENTITIES_TYPE=cassandra ENV CASSANDRA_HOST=localhost ENV CASSANDRA_PORT=9042 +ENV CASSANDRA_HOME=/opt/cassandra +ENV PATH $CASSANDRA_HOME/bin:$PATH + +RUN rm -rf /var/lib/cassandra + +RUN chmod a+w /var/lib + +RUN mkdir -p $DATA_FOLDER +RUN chown -R cassandra:cassandra /data + +RUN chown -R cassandra:cassandra /var/log/${pkg.name} +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar + + +USER cassandra EXPOSE 9090 EXPOSE 1883 diff --git a/msa/tb/docker-cassandra/start-db.sh b/msa/tb/docker-cassandra/start-db.sh index d65edf71b1..5197fb02d3 100644 --- a/msa/tb/docker-cassandra/start-db.sh +++ b/msa/tb/docker-cassandra/start-db.sh @@ -19,12 +19,8 @@ cassandra_data_dir=${DATA_FOLDER}/db cassandra_data_link=/var/lib/cassandra if [ ! -L ${cassandra_data_link} ]; then - if [ -d ${cassandra_data_link} ]; then - rm -rf ${cassandra_data_link} - fi if [ ! -d ${cassandra_data_dir} ]; then mkdir -p ${cassandra_data_dir} - chown -R cassandra:cassandra ${cassandra_data_dir} fi ln -s ${cassandra_data_dir} ${cassandra_data_link} fi diff --git a/msa/tb/docker-cassandra/stop-db.sh b/msa/tb/docker-cassandra/stop-db.sh index 24cf570999..bca71375fc 100644 --- a/msa/tb/docker-cassandra/stop-db.sh +++ b/msa/tb/docker-cassandra/stop-db.sh @@ -15,4 +15,14 @@ # limitations under the License. # -service cassandra stop +CASSANDRA_PID=$(ps aux | grep '[c]assandra' | awk '{print $2}') + +echo "Stopping cassandra (pid ${CASSANDRA_PID})." +kill -SIGTERM ${CASSANDRA_PID} + +while [ -e /proc/${CASSANDRA_PID} ] +do + echo "Waiting for cassandra to stop." + sleep 2 +done +echo "Cassandra was stopped." \ No newline at end of file From f129e9549ec2e65ebb2fa76d94a68509d99c724c Mon Sep 17 00:00:00 2001 From: viktor Date: Wed, 13 May 2020 11:05:50 +0300 Subject: [PATCH 3/6] start tb with 'thingsboard' user --- msa/tb/docker-tb/Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/msa/tb/docker-tb/Dockerfile b/msa/tb/docker-tb/Dockerfile index 3f9b26bec4..d7b9383852 100644 --- a/msa/tb/docker-tb/Dockerfile +++ b/msa/tb/docker-tb/Dockerfile @@ -44,6 +44,13 @@ ENV SPRING_DATASOURCE_URL=jdbc:hsqldb:file:/data/db/thingsboardDb;sql.enforce_si ENV SPRING_DATASOURCE_USERNAME=sa ENV SPRING_DATASOURCE_PASSWORD= +RUN mkdir -p /data +RUN chown -R ${pkg.user}:${pkg.user} /data + +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar + +USER ${pkg.user} + EXPOSE 9090 EXPOSE 1883 EXPOSE 5683/udp From 7c3eee66dbbf2b4d7f579b88a8d4e8b3e58087c0 Mon Sep 17 00:00:00 2001 From: viktor Date: Wed, 13 May 2020 13:54:10 +0300 Subject: [PATCH 4/6] start tb-cassandra with 'thingsboard' user (with postgresql server) --- msa/tb/docker-cassandra/Dockerfile | 30 +++++++++++++++++++---------- msa/tb/docker-cassandra/start-db.sh | 11 +++++------ msa/tb/docker-cassandra/stop-db.sh | 4 ++++ 3 files changed, 29 insertions(+), 16 deletions(-) diff --git a/msa/tb/docker-cassandra/Dockerfile b/msa/tb/docker-cassandra/Dockerfile index 25cc65740b..6e32af945a 100644 --- a/msa/tb/docker-cassandra/Dockerfile +++ b/msa/tb/docker-cassandra/Dockerfile @@ -22,15 +22,13 @@ RUN echo 'deb http://apt.postgresql.org/pub/repos/apt/ stretch-pgdg main' | tee RUN curl -L https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - RUN echo 'deb http://www.apache.org/dist/cassandra/debian 311x main' | tee --append /etc/apt/sources.list.d/cassandra.list > /dev/null RUN curl -L https://www.apache.org/dist/cassandra/KEYS | apt-key add - +ENV PG_MAJOR=11 RUN apt-get update RUN apt-get install -y cassandra cassandra-tools postgresql-11 RUN update-rc.d cassandra disable RUN update-rc.d postgresql disable RUN sed -i.old '/ulimit/d' /etc/init.d/cassandra -RUN mkdir -p /var/log/postgres -RUN chown -R postgres:postgres /var/log/postgres - COPY logback.xml ${pkg.name}.conf start-db.sh stop-db.sh start-tb.sh upgrade-tb.sh install-tb.sh ${pkg.name}.deb /tmp/ RUN chmod a+x /tmp/*.sh \ @@ -58,26 +56,38 @@ ENV CASSANDRA_DATA=/data/cassandra ENV SPRING_JPA_DATABASE_PLATFORM=org.hibernate.dialect.PostgreSQLDialect ENV SPRING_DRIVER_CLASS_NAME=org.postgresql.Driver ENV SPRING_DATASOURCE_URL=jdbc:postgresql://localhost:5432/thingsboard -ENV SPRING_DATASOURCE_USERNAME=postgres +ENV SPRING_DATASOURCE_USERNAME=${pkg.user} ENV SPRING_DATASOURCE_PASSWORD=postgres ENV CASSANDRA_HOST=localhost ENV CASSANDRA_PORT=9042 ENV CASSANDRA_HOME=/opt/cassandra -ENV PATH $CASSANDRA_HOME/bin:$PATH +ENV PATH=$CASSANDRA_HOME/bin:$PATH +ENV PATH=$PATH:/usr/lib/postgresql/$PG_MAJOR/bin + +ENV PGLOG=/var/log/postgres +ENV CASSANDRA_LOG=/var/log/cassandra + +# postgres config +RUN mkdir -p $PGLOG +RUN chown -R ${pkg.user}:${pkg.user} $PGLOG +RUN chown -R ${pkg.user}:${pkg.user} /var/log/postgresql +RUN chown -R ${pkg.user}:${pkg.user} /var/run/postgresql + +# cassandra config RUN rm -rf /var/lib/cassandra - RUN chmod a+w /var/lib +RUN chown -R ${pkg.user}:${pkg.user} $CASSANDRA_LOG + RUN mkdir -p $DATA_FOLDER -RUN chown -R cassandra:cassandra /data +RUN chown -R ${pkg.user}:${pkg.user} $DATA_FOLDER +RUN chown -R ${pkg.user}:${pkg.user} /var/log/${pkg.name} -RUN chown -R cassandra:cassandra /var/log/${pkg.name} RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar - -USER cassandra +USER ${pkg.user} EXPOSE 9090 EXPOSE 1883 diff --git a/msa/tb/docker-cassandra/start-db.sh b/msa/tb/docker-cassandra/start-db.sh index 49c766c738..fa80f6db57 100644 --- a/msa/tb/docker-cassandra/start-db.sh +++ b/msa/tb/docker-cassandra/start-db.sh @@ -17,18 +17,17 @@ firstlaunch=${DATA_FOLDER}/.firstlaunch -export PG_CTL=$(find /usr/lib/postgresql/ -name pg_ctl) +PG_CTL=$(find /usr/lib/postgresql/ -name pg_ctl) if [ ! -d ${PGDATA} ]; then mkdir -p ${PGDATA} - chown -R postgres:postgres ${PGDATA} - su postgres -c '${PG_CTL} initdb -U postgres' + ${PG_CTL} initdb fi -su postgres -c '${PG_CTL} -l /var/log/postgres/postgres.log -w start' +exec setsid nohup postgres >> ${PGLOG}/postgres.log 2>&1 & if [ ! -f ${firstlaunch} ]; then - su postgres -c 'psql -U postgres -d postgres -c "CREATE DATABASE thingsboard"' + psql -U ${pkg.user} -d postgres -c "CREATE DATABASE thingsboard" fi cassandra_data_dir=${CASSANDRA_DATA} @@ -41,7 +40,7 @@ if [ ! -L ${cassandra_data_link} ]; then ln -s ${cassandra_data_dir} ${cassandra_data_link} fi -service cassandra start +exec setsid nohup cassandra >> ${CASSANDRA_LOG}/cassandra.log 2>&1 & until nmap $CASSANDRA_HOST -p $CASSANDRA_PORT | grep "$CASSANDRA_PORT/tcp open" do diff --git a/msa/tb/docker-cassandra/stop-db.sh b/msa/tb/docker-cassandra/stop-db.sh index a1e8f7cd3a..43630fc1d3 100644 --- a/msa/tb/docker-cassandra/stop-db.sh +++ b/msa/tb/docker-cassandra/stop-db.sh @@ -20,6 +20,10 @@ CASSANDRA_PID=$(ps aux | grep '[c]assandra' | awk '{print $2}') echo "Stopping cassandra (pid ${CASSANDRA_PID})." kill -SIGTERM ${CASSANDRA_PID} +PG_CTL=$(find /usr/lib/postgresql/ -name pg_ctl) +echo "Stopping postgres." +${PG_CTL} stop + while [ -e /proc/${CASSANDRA_PID} ] do echo "Waiting for cassandra to stop." From 4a8f5f0052862b6b8c7b834b468769360778d4da Mon Sep 17 00:00:00 2001 From: vzikratyi Date: Mon, 15 Jun 2020 18:09:31 +0300 Subject: [PATCH 5/6] Added instruction for running single Docker containers without root access --- msa/tb/README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/msa/tb/README.md b/msa/tb/README.md index 14b93fcd28..d9389b1276 100644 --- a/msa/tb/README.md +++ b/msa/tb/README.md @@ -8,6 +8,15 @@ This project provides the build for the ThingsBoard single docker images. ## Running +Before starting Docker container run following command to create a directory for storing data and change its owner to docker container user. +To be able to change user, **chown** command is used, which requires sudo permissions (command will request password for a sudo access): + +` +$ mkdir -p ~/.mytb-data && sudo chown -R 799:799 ~/.mytb-data +` + +**NOTE**: replace directory `~/.mytb-data` with directory you're planning to use on container creation. + In this example `thingsboard/tb` image will be used. You can choose any other images with different databases (see above). Execute the following command to run this docker directly: From 4a798ceaf41e1219bda0a42d4691cf2abb25f9c9 Mon Sep 17 00:00:00 2001 From: vzikratyi Date: Mon, 15 Jun 2020 18:53:52 +0300 Subject: [PATCH 6/6] Dummy commit to rerun TeamCity --- msa/tb/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/msa/tb/README.md b/msa/tb/README.md index d9389b1276..cffca5ceb7 100644 --- a/msa/tb/README.md +++ b/msa/tb/README.md @@ -13,7 +13,7 @@ To be able to change user, **chown** command is used, which requires sudo permis ` $ mkdir -p ~/.mytb-data && sudo chown -R 799:799 ~/.mytb-data -` +` **NOTE**: replace directory `~/.mytb-data` with directory you're planning to use on container creation.