Supporting continuity and open collaboration

Developer tip: test MariaDB install/upgrade quickly with Docker

Here is a quick tip for any developer who might want to test if the latest development version of MariaDB installs/upgrades. Traditionally, developers seem to have a bunch of virtual machines lying around which they use to test MariaDB installation and upgrade related things. Snapshotting virtual images, keeping them up-to-date, starting, stopping etc. takes a lot of time and does not feel very convenient.

A much faster option would be to use pristine Docker images for every test. Docker images however normally only run one process and thus do not simulate a complete operating system and lack vital things like systemd interactions.

For this scenario however, special Docker images exist thanks to ubuntu-systemd and centos-systemd images by Solita. Here is how to start an Ubuntu 18.04 image with systemd running inside:

1. Prepare cgroup permissions

docker run --rm --privileged -v /:/host solita/ubuntu-systemd:18.04 setup

2. Start container

docker run -d --name systemd --security-opt seccomp=unconfined --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro -t solita/ubuntu-systemd:18.04

3. Check logs that it started well

docker logs systemd
systemd 237 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid)
Detected virtualization docker.
Detected architecture x86-64.

Welcome to Ubuntu 18.04 LTS!

Set hostname to <8dcf4b869050>.
File /lib/systemd/system/systemd-journald.service:36 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling.
Proceeding WITHOUT firewalling in effect! (This warning is only shown for the first loaded unit using IP firewalling.)
[ OK ] Started Dispatch Password Requests to Console Directory Watch.
[ OK ] Reached target Swap.
[ OK ] Started Forward Password Requests to Wall Directory Watch.
[ OK ] Reached target Local Encrypted Volumes.
-.slice: Failed to reset devices.list: Operation not permitted
user.slice: Failed to reset devices.list: Operation not permitted
[ OK ] Created slice User and Session Slice.
system.slice: Failed to reset devices.list: Operation not permitted
[ OK ] Created slice System Slice.
[ OK ] Reached target Slices.
[ OK ] Listening on /dev/initctl Compatibility Named Pipe.
system-getty.slice: Failed to reset devices.list: Operation not permitted
[ OK ] Created slice system-getty.slice.
[ OK ] Listening on Journal Socket (/dev/log).
[ OK ] Reached target Remote File Systems.
[ OK ] Reached target Paths.
[ OK ] Listening on Journal Socket.
[ OK ] Reached target Local File Systems (Pre).
[ OK ] Reached target Local File Systems.
systemd-journald.service: Failed to reset devices.list: Operation not permitted
Starting Journal Service...
[ OK ] Started Journal Service.

4. Attach your session and run your tests!


docker exec -it systemd bash
root@8dcf4b869050:/#

If you want to, for example, use the PPA we have for test builds on Launchpad (which is updated only sporadically, not on every build) you can run these commands:

apt install software-properties-common
add-apt-repository ppa:mysql-ubuntu/mariadb-10.3
apt-get update
apt install mariadb-server

The benefit of this approach is that it is quick. Downsides include, for example, the inability to test how systemd scripts behave during restarts. Also, there do not seem to be that many pre-built images available to test any version of any Linux distribution.

If you have more related tips, please comment below!

1 Comment

  1. Faustin Faustin
    2018-06-05    

    Here is another tip that could be very useful for people with a slow internet
    connection (or to be nice with apt repos).

    Use apt-cacher-ng to speed up apt downloads.
    1/ install apt-cacher-ng
    $ sudo apt install apt-cacher-ng

    2/ configure apt-cacher-ng to listen to docker interface:
    Check docker interface IP:
    $ ip a show docker0
    6: docker0: mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:5f:b8:a1:32 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
    valid_lft forever preferred_lft forever
    inet6 fe80::42:5fff:feb8:a132/64 scope link
    valid_lft forever preferred_lft forever

    Add iptables rule if necessary:
    $ sudo iptables-save | grep docker
    -A INPUT -s 172.17.0.0/16 -i docker0 -p tcp -m tcp –dport 3142 -j ACCEPT

    Edit /etc/apt-cacher-ng/acng.conf
    BindAddress: 172.17.0.1

    Restart apt-cacher-ng:
    $ sudo systemctl restart apt-cacher-ng

    Check apt-cacher-ng is listening:
    $ sudo netstat -plantu | grep 3142
    tcp 0 0 172.17.0.1:3142 0.0.0.0:* LISTEN 29569/apt-cacher-ng

    3/ use apt-cacher-ng cache in your containers:

    Create the file ‘/etc/apt/apt.conf.d/00aptproxy’ with the following content:
    Acquire::http::Proxy “http://172.17.0.1:3142”;

    This can be done in a dockerfile with:
    ADD 00aptproxy /etc/apt/apt.conf.d

    This tip can also be used with VM (KVM/QEMU), just add the your virbr0 IP in ‘/etc/apt-cacher-ng/acng.conf’.
    Example:
    BindAddress: 172.17.0.1 192.168.122.1

Leave a Reply

Your email address will not be published. Required fields are marked *

Platinum Sponsors

MariaDB Foundation Platinum sponsors

Gold Sponsors

MariaDB Foundation Gold sponsors

Code statistics