This is so someone that wants debug info packages just
needs to apt-get install mariadb-server-core{-10.X}-dbgsym to
get the right packages after and apt-get update.
The 50-mariadb_safe.cnf file exposed a syslog configuration
that got picked up by Galera SST scripts. These would push
output to /dev/log which doesn't exist in containers.
healthcheck@{127.0.0.1,::1,localhost} users are granted USAGE by default, which
is enough for the non-replication healthchecks in healtcheck.sh.
The env variable MARIADB_HEALTHCHECK_GRANTS can replace USAGE with any
comma separated set of grants.
On initialization a generated password is created and saved in
$DATADIR/.my-healthcheck.cnf along with the server port and socket. If the
command args or default configuration file changes this may become out
of date. Because the password is generated in configuration file the
'#', comment, and '=' characters cannot be part of this password.
The healthcheck.cnf configuration file also sets protocol=tcp to
enforce indirectly that --connect being a standard part of the test. This is
required as starts of the service under --skip-networking should
never be considered healthy.
The healthcheck script also has the --defaults-extra-file set to this
.my-healthcheck.cnf file, if it exists (backwards compatible on
previously created datadirs), so that all new healthcheck invokations
use the authentication here by default.
The compatibility with old instances, without the .my-healthcheck.cnf is
preserved by non setting --defaults-extra-file.
The healthcheck --connect will increment the server status variable Aborted_connects
for each check, however now connection_error* counts are changed.
This also prevents any invalid password errors showing up in the
container log.
Closes#430
'versions.json' contains information about the versions available in this repo. It is managed by `./update.sh`; there's no need to edit this file manually, just run `./update.sh`.
'versions.json' contains information about the versions available in this repo. It is managed by `./update.sh`; there's no need to edit this file manually, just run `./update.sh`.
needed for podman-4.2.0 (or maybe just
something on the bb-rhel8-docker builder).
(which also needed: sudo systemctl start podman.socket) to
support networks.
These are controled by:
* MARIADB_MASTER_HOST - if specified, the master, and the container is a replica
* MARIADB_REPLICATION_PORT - port number
* MARIADB_REPLICATION_USER - create or use this user
* MARIADB_REPLICATION_PASSWORD - create or use this password
* MARIADB_REPLICATION_PASSWORD_HASH (on master only)
If MARIADB_MASTER_HOST isn't specified, the container is a master. In
this case, the MARIADB_REPLICATION_USER is created, with password{,hash},
and given the REPLICATION REPLICA grant, or REPLICATION SLAVE (for
10.3, 10.4).
If the MARIADB_MASTER_HOST is specified, CHANGE MASTER TO is used to
connect to the MARIADB_MASTER_HOST:MARIADB_MASTER_PORT(default 3306)
using the MARIADB_REPLICATION_USER. As the password is needed
MARIADB_REPLICATION_PASSWORD_HASH cannot be used on a replica.
CHANGE MASTER TO is executed with MASTER_CONNECT_RETRY=10 and the
replica is started by default.
The creation of the replication user is replicated along with the
master's /docker-entrypoint-initdb.d/ contents and MARIADB_DATABASE
/MARIADB_USER. The MARIADB_MYSQL_LOCALHOST_USER isn't replicated and
neither is the timezone data.
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Reviewed-by: Daniel Black <daniel@mariadb.org>
