Postgres in Docker persistent data - postgresql

I'm running postgres inside a docker container to limit the amount of system resources it has access to. I'm having some trouble understanding how to make the data persistent. I've read the following articles:
https://www.andreagrandi.it/2015/02/21/how-to-create-a-docker-image-for-postgresql-and-persist-data/
http://container42.com/2013/12/16/persistent-volumes-with-docker-container-as-volume-pattern/
Which suggest using a data only container, and then having my postgres container link to it. What I'm failing to understand is; what's the advantage to this? As far as I can tell, if for some reason the docker-machine shut down (for example; moving it to a different physical machine), the data only container stops running, and all of it's contents are lost? I've tried creating a volume in the postgres container, but it doesn't actually seem to save anything to the disk.
Here's my docker file. What am I doing wrong?
FROM ubuntu
MAINTAINER Andrew Broadbent <andrew.broadbent#manchester.ac.uk>
# Add the PostgreSQL PGP key to verify their Debian packages.
# It should be the same key as https://www.postgresql.org/media/keys/ACCC4CF8.asc
RUN apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
# Add PostgreSQL's repository. It contains the most recent stable release
# of PostgreSQL, ``9.3``.
RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main" > /etc/apt/sources.list.d/pgdg.list
# Install ``python-software-properties``, ``software-properties-common`` and PostgreSQL 9.3
# There are some warnings (in red) that show up during the build. You can hide
# them by prefixing each apt-get statement with DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y python-software-properties software-properties-common postgresql-9.3 postgresql-client-9.3 postgresql-contrib-9.3
# Note: The official Debian and Ubuntu images automatically ``apt-get clean``
# after each ``apt-get``
# Run the rest of the commands as the ``postgres`` user created by the ``postgres-9.3`` package when it was ``apt-get installed``
USER postgres
# Create a PostgreSQL role named ``docker`` with ``docker`` as the password and
# then create a database `docker` owned by the ``docker`` role.
# Note: here we use ``&&\`` to run commands one after the other - the ``\``
# allows the RUN command to span multiple lines.
RUN /etc/init.d/postgresql start &&\
psql --command "CREATE USER docker WITH SUPERUSER PASSWORD 'docker';" &&\
createdb -O docker docker
# Complete configuration
USER root
RUN echo "host all all 0.0.0.0/0 md5" >> /etc/postgresql/9.3/main/pg_hba.conf
RUN echo "listen_addresses='*'" >> /etc/postgresql/9.3/main/postgresql.conf
# Expose the PostgreSQL port
EXPOSE 5432
# Add VOLUMEs to allow backup of config, logs and databases
RUN mkdir -p /var/run/postgresql && chown -R postgres /var/run/postgresql
VOLUME ["/etc/postgresql", "/var/log/postgresql", "/var/lib/postgresql"]
# Set the default command to run when starting the container
USER postgres
CMD ["/usr/lib/postgresql/9.3/bin/postgres", "-D", "/var/lib/postgresql/9.3/main", "-c", "config_file=/etc/postgresql/9.3/main/postgresql.conf"]

This one answers your question about data container:
docker mounting volumes on host
Regarding to your dockerfile, I would suggest you either:
1) use data container pattern
2) mount the volume to host machine by specifying: docker run -v [host-path]:[container-path] ..., so that data will be kept at one place in your host and will not be lost after the container is removed.
Ref: https://docs.docker.com/engine/tutorials/dockervolumes/#/mount-a-host-directory-as-a-data-volume

Related

Postgres docker error: FATAL: password authentication failed for user

I created a Postgres container with docker
sudo docker run -d \
--name dev-postgres \
-e POSTGRES_PASSWORD=test \
-e POSTGRES_USER=test \
-v ${HOME}/someplace/:/var/lib/postgresql/data \
-p 666:5432 \
postgres
I give the Postgres instance test as a username and password as specified in the doc.
The Postgres port (5432) inside the container is linked to my 666 port on the host.
Now I want to try this out using psql
psql --host=localhost --port=666 --username=test
I'm prompted to enter the password for user test and after entering test, I get
psql: error: FATAL: password authentication failed for user "test"
There are different problems that can cause this
The version of Postgres on the host and the container might not be the same
If you have to change the docker version of Postgres used, make sure that the container with the new version is not crashing. Trying to change the version of Postgres while using the same directory for data might cause problem as the directory was initialized with the wrong version.
You can use docker logs [container name] to debug if it crashes
There might be a problem with the volumes used by docker (something with cached value preventing the creation of a new user when env variable change) if you changed the env parameters.
docker stop $(docker ps -qa) && docker system prune -af --volumes
If you have problem with some libraries that use Postgres, you might need to install some package to allow libraries to work with Postgres. Those two are the one Stack Overflow answers often reference.
sudo apt install libpq-dev postgresql-client
Other problems seem to relate to problems with docker configuration.

Docker postgres doesn't start at build

I want do use a docker container to simulate my production environment, so I installed the db and the server in the same container, and not each in his own.
This is my dockerfile:
FROM debian
RUN apt update
RUN apt install postgresql-9.6 tomcat8 tomcat8-admin -y
RUN service postgresql start
RUN service postgresql status # says postgres is down
RUN su - postgres ;
RUN createdb db_example # fails !!!
RUN psql -c "CREATE USER springuser WITH PASSWORD 'test123';"
RUN exit
RUN service tomcat8 start
COPY target/App-1.0.war /var/lib/tomcat8/webapps/
CMD ["/bin/bash"]
The problem is that the database is down so I am uable to create the user and the database.
If I start the a debian docker container and do this steps per hand everything works fine.
Thanks for your help
All the recommendations in the comments are correct, it's better to keep services in different containers.
Nevertheless and just to let you know, the problem in the Dockerfile is that starting services in RUN statements is useless. For every line in the Dockerfile, docker creates a new image. For example RUN service postgresql start, it may start postgresql during docker build, but it doesn't persist in the final image. Only the filesystem persist from one step to another, not the processes.
Every process need to be started in the entrypoint, this is the only command that's called when you exec docker run:
FROM debian
RUN apt update
RUN apt install postgresql-9.6 tomcat8 tomcat8-admin -y
COPY target/App-1.0.war /var/lib/tomcat8/webapps/
ENTRYPOINT["/bin/bash", "-c", "service postgresql start && service postgresql status && createdb db_example && psql -c \"CREATE USER springuser WITH PASSWORD 'test123';\" && service tomcat8 start && sleep infinity"]
(It may have problems with quotes on psql command)
I have the problem hat in the war file the localhost for the database war hard coded.
Thanks to Light.G, he suggested me to use --net=host for the container, so now there is one container with the database and one with the tomcat server.
This are the steps I followed.
Build the docker image
docker build -t $USER/App .
Start a postgres database
We are using the host namespace it is not possible to run another programm on the post 5432.
Start the postgres container like this:
docker run -it --rm --net=host -e POSTGRES_USER='springuser' -e POSTGRES_DB='db_example' -e POSTGRES_PASSWORD='test123' postgres
Start the tomcat
Start the App container, with this command:
docker run -it --net=host --rm $USER/App

docker - addressing environment variables used in parent image

I need to create plpythonu extension on the postgres:10.3 image. For this, I extended the image with an installation command:
FROM postgres:10.3
RUN apt update && apt install -y postgresql-plpython-10
Now I need to run a psql command create extension plpythonu;. But at this point the postgres server is not running yet, so when running docker build . I get an error:
Step 3/3 : RUN psql -c "create extension plpythonu;";
---> Running in 037066c120ea
psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
How do I fit this command in? And is there a way to do this without copypasting the entire docker-entrypoint.sh from the original postgres image? Maybe there's a way to specify this in docker-compose?
When step-2 is over you Postgres database down, that is why in Step-3 database is not running.
You can combine step-2 and step-3 together.
RUN apt update && \
apt install -y postgresql-plpython-10 && \
psql -c "create extension plpythonu;"
It means && (logical and) if previous commands successfully over then only execute next one.

How to use repmgr with dockerized Postgresql?

I'm trying to create Postgresql setup with replication and automatic failover. I wanted it to be reusable, scalable and portable, so I tried to use docker to run Postgres. I also didnt want to reinvent the wheel, so I tried to use repmgr as it is recommended tool when setting up postgres replication.
On first machine, I started master node using docker-compose and simple Dockerfile. Then I added bash script to run after start of container. It looks like master was setup properly.
Then on second machine I tried to run standby. I started postgres in docker and experimented. As we can read on repmgr github repo, to run standby I need to clone master with repmgr command, which uses pg_basebackup internally. Pg_basebackup wont let me clone db into not-empty directory (pgdata), so I need to remove pgdata created by dockerized postgres before cloning. When I do that, container dies, because of course the only service, postgres, dies without its files. So I can not run repmgr command afterwards, because there is no container to run it inside :)
So I tried creating another Dockerfile for standbies only. Inside pgdata is removed, then repmgr clones master, then postgres is started properly. There are no errors. But when I log into master machine and verify if replication is running - it is not.
Is it possible to run repmgr for dockerized postgres?
If so, how? What am I doing wrong?
If not, how can I create postgres cluster replication without manually configuring each server? You know, not treating servers as pets but as cattle etc :)
Files I used and created:
docker-compose.yml (both master and standby node):
version: '3'
services:
db:
build:
context: .
volumes:
- ${DATABASE_STORAGE_PATH}:/var/lib/postgresql/data
env_file:
- .env
environment:
- PGDATA=/var/lib/postgresql/data/pgdata
ports:
- ${DB_PORT}:5432
Master Dockerfile:
FROM postgres:9.6.4
# install repmgr
RUN apt-get update \
&& apt-get install -y repmgr
# COPY conf files
COPY repmgr.conf .
COPY postgres.replication.conf /var/lib/postgresql/data/pgdata/
RUN echo "include '/var/lib/postgresql/data/pgdata/postgres.replication.conf'" >> /var/lib/postgresql/data/pgdata/postgresql.conf
CMD ["postgres"]
Bash script to run when postgres container (master) is alive:
#!/bin/bash
CONTAINER_ID="replicatest2_db_1"
docker exec -d $CONTAINER_ID createuser -s repmgr -U postgres
docker exec -d $CONTAINER_ID createdb repmgr -O repmgr -U postgres
docker exec -d $CONTAINER_ID su postgres -c 'repmgr -f repmgr.conf master register'
Standby docker-compose is the same. Standby Dockerfile:
FROM postgres:9.6.4
# install repmgr
RUN apt-get update \
&& apt-get install -y repmgr
# COPY repmgr conf
COPY repmgr.conf .
RUN rm -rf /var/lib/postgresql/data/pgdata
RUN su postgres -c "repmgr -h {master-host} -p {master-port} -U repmgr -d repmgr -D /var/lib/postgresql/data/pgdata -f repmgr.conf standby clone"
CMD ["postgres"]
You can use pg-dock, with pg-dock you can run dockerized postgres cluster with repmgr, otherwise you can explore the project and get understand how the things are work.
Good Luck.

Postgresql raises 'data directory has wrong ownership' when trying to use volume

I'm trying to run postgresql in docker container, but of course I need to have my database data to be persistent, so I'm trying to use data only container which expose volume to store database at this place.
So, my data container has such Dockerfile:
FROM ubuntu
# Create data directory
RUN mkdir -p /data/postgresql
# Create /data volume
VOLUME /data/postgresql
Which I run:
docker run --name postgresql_data lyapun/postgresql_data true
In my postgresql.conf I set:
data_directory = '/data/postgresql'
Then I run my postgresql container in such way:
docker run -d --name postgre --volumes-from postgresql_data lyapun/postgresql
And I got:
2014-07-04 07:45:57 GMT FATAL: data directory "/data/postgresql" has wrong ownership
2014-07-04 07:45:57 GMT HINT: The server must be started by the user that owns the data directory.
How to deal with this issue? I googled a lot to find some information about using postgresql with docker volumes, but I didn't found anything.
Thanks!
Ok, seems like I found workaround for this issue.
Instead of running postgres in such way:
CMD ["/usr/lib/postgresql/9.1/bin/postgres", "-D", "/var/lib/postgresql/9.1/main", "-c", "config_file=/etc/postgresql/9.1/main/postgresql.conf"]
I wrote bash script:
chown -Rf postgres:postgres /data/postgresql
chmod -R 700 /data/postgresql
sudo -u postgres /usr/lib/postgresql/9.1/bin/postgres -D /var/lib/postgresql/9.1/main -c config_file=/etc/postgresql/9.1/main/postgresql.conf
And replaced CMD in postgresql image to:
CMD ["bash", "/run.sh"]
It works!
You have to set ownership of directory /data/postgresql to the same user, under which you are running your postgresql binary. For example, in Ubuntu it is usually postgres user.
Then you have to use this command:
chown postgres.postgres /data/postgresql
A better way to solve that issue, assuming your postgres images is named "postgres" and that your backup is ./backup.tar:
First, add this to your postgres Dockerfile:
VOLUME ["/etc/postgresql", "/var/log/postgresql", "/var/lib/postgresql"]
Then run:
docker run -it --name postgres -v $(pwd):/db postgres sh -c "tar xvf /db/backup.tar --no-overwrite-dir" && \
docker run -it --name data --volumes-from postgres busybox true && \
docker rm postgres && \
docker run -it --name postgres --volumes-from=data postgres
You don't have permission issues since the archive is extracted by the postgres user of your postgres image, so it is the owner of the extracted files.
You can then backup your data using the data container. The advantage of this solution is that you don't chmod/chown every time you run the image.
This type of errors is quite common when you link a NTFS directory into your docker container. NTFS directories don't support ext3 file & directory access control.
The only way to make it work is to link directory from a ext3 drive into your container.
I got a bit desperate when I played around Apache / PHP containers with linking the www folder. After I linked files reside on a ext3 filesystem the problem disappear.
I published a short Docker tutorial on youtube, may it helps to understand this problem: https://www.youtube.com/watch?v=eS9O05TTFjM