我尝试用ansible部署docker。我有一个docker数据库容器,而在其他容器中是我的web应用程序,我尝试链接这两个容器。问题是数据库容器没有时间自行配置,并且Web容器已经启动。我的ansible剧本看起来像:
...
- name: run mysql in docker container
docker:
image: "mysql:5.5"
name: database
env: "MYSQL_ROOT_PASSWORD=password"
state: running
- name: run application containers
docker:
name: "application"
image: "myapp"
ports:
- "8080:8080"
links:
- "database:db"
state: running
如何确定数据库是否启动?我尝试使用wait_for模块,但这不起作用。我不想设置超时,这对我来说不是一个好选择。
wait_for不适用于MySQL docker容器,因为它只检查端口是否可连接(对于Docker容器来说这是真的)。但是,wait_for不检查容器内的服务是否侦听端口并将响应发送到客户端。
这就是我在ansible playbook中等待MySQL服务在Docker容器内完全运行的方式:
- name: Start MySQL container
docker:
name: some-name
image: mysql:latest
state: started
ports:
- "8306:3306" # it's important to expose the port for waiting requests
env:
MYSQL_ROOT_PASSWORD: "{{ mysql_root_password }}"
- template: mode="a+rx,o=rwx" src=telnet.sh.j2 dest=/home/ubuntu/telnet.sh
# wait while MySQL is starting
- action: shell /home/ubuntu/telnet.sh
register: result
until: result.stdout.find("mysql_native_password") != -1
retries: 10
delay: 3
而telnet.sh.j2是
#!/bin/bash -e
telnet localhost 8306 || true
为了避免sh和我通常没有安装telnet ...
- name: Wait for database to be available
shell: docker run --rm --link mysql:mysql mysql sh -c 'mysql -h"$MYSQL_PORT_3306_TCP_ADDR" -P"$MYSQL_PORT_3306_TCP_PORT" -uroot -p{{mysql_password}} || true'
register: result
until: result.stderr.find("Can't connect to MySQL") == -1
retries: 10
delay: 3
使用wait_for
模块。我不是MySQL的专家,但我认为在某些日志文件等中会有一些端口或文件或消息的存在。您可以检查以确定数据库是否已启动。
以下是从上面的链接复制的wait_for
示例。
# wait 300 seconds for port 8000 to become open on the host, don't start checking for 10 seconds
- wait_for: port=8000 delay=10
# wait 300 seconds for port 8000 of any IP to close active connections, don't start checking for 10 seconds
- wait_for: host=0.0.0.0 port=8000 delay=10 state=drained
# wait 300 seconds for port 8000 of any IP to close active connections, ignoring connections for specified hosts
- wait_for: host=0.0.0.0 port=8000 state=drained exclude_hosts=10.2.1.2,10.2.1.3
# wait until the file /tmp/foo is present before continuing
- wait_for: path=/tmp/foo
# wait until the string "completed" is in the file /tmp/foo before continuing
- wait_for: path=/tmp/foo search_regex=completed
# wait until the lock file is removed
- wait_for: path=/var/lock/file.lock state=absent
# wait until the process is finished and pid was destroyed
- wait_for: path=/proc/3466/status state=absent
# wait 300 seconds for port 22 to become open and contain "OpenSSH", don't assume the inventory_hostname is resolvable
# and don't start checking for 10 seconds
- local_action: wait_for port=22 host="{{ ansible_ssh_host | default(inventory_hostname) }}" search_regex=OpenSSH delay=10
这对我很有用:
- name: get mariadb IP address
command: "docker inspect --format '{''{ .NetworkSettings.IPAddress }''}' mariadb-container"
register: mariadb_ip_address
- name: wait for mariadb to become ready
wait_for:
host: "{{ mariadb_ip_address.stdout }}"
port: 3306
state: started
delay: 5
connect_timeout: 15
timeout: 30
wait_for不适用于MySQL docker容器,因为它只检查端口是否可连接(对于Docker容器来说这是真的)。但是,wait_for不检查容器内的服务是否侦听端口并将响应发送到客户端。
使用Andy Shinn's suggestion of FreshPow's answer,您可以等待而无需shell脚本或telnet:
- name: Wait for mariadb
command: >
docker exec {{ container|quote }}
mysqladmin ping -u{{ superuser|quote }} -p{{ superuser_password|quote }}
register: result
until: not result.rc # or result.rc == 0 if you prefer
retries: 20
delay: 3
这会运行mysqladmin ping ...
直到成功(返回代码0)。通常超级用户是root
。我使用podman而不是docker进行了测试,但我相信命令是相同的。 |quote
做壳逃逸,使用according to the Ansible docs时也应该做command: