我正在尝试编写我自己的mariadb docker映像。我想在容器启动后(exec mysqld之后)执行一些sql语句。然而,我发现mysqld --init-file选项对我的案例很有用。所以我的入口点脚本如下。
Dockerfile
FROM alpine:edge
RUN set -ex
&& apk add mariadb mariadb-client
&& mkdir -p /run/mysqld
&& chown -R mysql:mysql /run/mysqld
&& ln -snf /usr/lib/mariadb /usr/lib/mysql
&& mysql_install_db --user=mysql --skip-name-resolve --auth-root-authentication-method=socket --auth-root-socket-user=root --force --rpm --skip-test-db
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
EXPOSE 3306
CMD ["mysqld"]
入口点.sh
#!/bin/sh
set -ex
{
echo "CREATE USER IF NOT EXISTS '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';"
echo "CREATE DATABASE IF NOT EXISTS ${MYSQL_DATABASE};"
echo "GRANT ALL ON ${MYSQL_DATABASE}.* TO '${MYSQL_USER}'@'%';"
} > /tmp/mysqld-init.sql
exec $@ --init-file="/tmp/mysqld-init.sql"
正如您所看到的,临时init文件包含一些敏感信息。我想在执行exec $@ --init-file="/tmp/mysqld-init.sql"之后清理它。
现在我想到了两个主意。一种是为临时sql命令或使用trap命令创建一个命名管道(FIFO)文件。
理想-1
但这里的问题是,一个不必要的子后台进程一直在容器上运行,因为我使用了进程控制运算符&。但我是徒劳的,我怎么能退出这个过程。
if [ ! -p "/tmp/mysqld.init" ]; then
mkfifo /tmp/mysqld.init
fi
{
echo "CREATE USER IF NOT EXISTS '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';"
echo "CREATE DATABASE IF NOT EXISTS ${MYSQL_DATABASE};"
echo "GRANT ALL ON ${MYSQL_DATABASE}.* TO '${MYSQL_USER}'@'%';"
} > /tmp/mysqld.init &
exec $@ --init-file="/tmp/mysqld.init"
理想-2
使用trap命令并在执行exec命令时清除临时文件。但我不知道如何捕捉高管的信号。
trap cleanup "the exec signal"
cleanup()
{
echo "Caught Signal ... cleaning up."
rm -rf /tmp/mysqld-init.sql
echo "Done cleanup ... quitting."
exit 1
}
set -ex
{
echo "CREATE USER IF NOT EXISTS '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';"
echo "CREATE DATABASE IF NOT EXISTS ${MYSQL_DATABASE};"
echo "GRANT ALL ON ${MYSQL_DATABASE}.* TO '${MYSQL_USER}'@'%';"
} > /tmp/mysqld-init.sql
exec $@ --init-file="/tmp/mysqld.init"
使用tini来解决此信号和僵尸进程问题。
FROM alpine:edge
RUN set -ex
&& apk add --no-cache mariadb mariadb-client tini
&& mkdir -p /run/mysqld
&& chown -R mysql:mysql /run/mysqld
&& ln -snf /usr/lib/mariadb /usr/lib/mysql
&& mysql_install_db --user=mysql --skip-name-resolve --auth-root-authentication-method=socket --auth-root-socket-user=root --force --rpm --skip-test-db
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
EXPOSE 3306
CMD ["mysqld"]
入口点.sh
if [ ! -p "/tmp/mysqld.init" ]; then
mkfifo /tmp/mysqld.init
fi
{
echo "CREATE USER IF NOT EXISTS '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';"
echo "CREATE DATABASE IF NOT EXISTS ${MYSQL_DATABASE};"
echo "GRANT ALL ON ${MYSQL_DATABASE}.* TO '${MYSQL_USER}'@'%';"
} > /tmp/mysqld.init &
exec tini -g -- "$@" --init-file="/tmp/mysqld.init"
我认为trap是这个的最佳解决方案
function interrupt(){
local dir=$1
[ -e ${dir} ] && rm -rf ${dir}
exit 128
}
TMP_DIR=$(mktemp -d /tmp/entrypoint.XXXX)
trap "interrupt ${TMP_DIR}" SIGINT SIGTERM
trap "rm -rf ${TMP_DIR}" EXIT
set -ex
{
echo "CREATE USER IF NOT EXISTS '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';"
echo "CREATE DATABASE IF NOT EXISTS ${MYSQL_DATABASE};"
echo "GRANT ALL ON ${MYSQL_DATABASE}.* TO '${MYSQL_USER}'@'%';"
} > ${TMP_DIR}/mysqld-init.sql
exec $@ --init-file="${TMP_DIR}/mysqld-init.sql"