构建镜像不接触数据库

Hi everyone.

I have a pretty small Discourse instance running (for years actually, with pretty much zero issues): https://discuss.cubeisland.de/.
I’ve been using the standard lanucher-based deployment process on a dedicated VM (on my own hardware in a data center). The only thing I changed over the years was to migrate to an externally running shared postgresql database.

Recently I started migrating applications from dedicated VMs to a docker swarm as a preparation step to eventually migrate to a kubernetes cluster, mostly to save resources and make parts of the infrastructure more “elastic”.

Today was the day I looked into this small Discourse instance as one of the few remaining dedicated application VMs. “It’s already running on docker, how hard can it be to deploy that to a swarm” I thought. And from what I read it actually would be. I can just take the image from the currently running instance, push it to our internal registry and run it in the swarm and all would work just fine, which is great.

I looked at the launcher files, especially the templates and samples and figured it might probably be a good idea to have the redis separate in such a deployment and maybe I could setup a CI job to build new images when I add plugins or I want to update. So I checked out discourse_docker locally, copied my existing app.yml container definition to the clone and tried to run ./launcher bootstrap app to build an image that I could then push to my registry, without immediately deploying it.

To my surprise, the script tried to connect the “production” postgresql server trying to migrate the database, which it luckily did not have access to from my local workstation.

I looked around here and apparently that is how this works, which make me wonder:

1. How would build a container for a new instance, where I don’t have a database yet? Would I need to setup the production database before I can build the image?
2. I assume this is the only time db:migrate is run, so if I have several similar instances (e.g. prod and test), I would need upgrade one of the instances to build the new image and then cannot use the same image for the second instance, even though the image would be identical.
3. How would I go about building images for instances, where the database server is not accessible from the system building the image (which shouldn’t be that uncommon).

After reading a couple of posts (obviously including this one), I’m perfectly aware of the reasons for the build process as it is right now and I see the value of it for the mentioned 99% of people causally deploying Discourse on their standard full-fat VM. And I’m very used to “all in one” container models and I’m not opposed to that. After all, Docker’s key value comes from the fact, that the software vendor can pre-bake highly optimized configurations and bundle them into a reproducible runtime environment, removing the need for a lot of very application specific knowledge on the ops side of things. So I’m fully on board with using your provided tooling, why would I expect someone else to build better containers than the software vendor himself? Why would I want to split apart the nginx and the ruby application, when there is 0 benefit to be gained, just to make the deployment more “pure” (what ever that means…)?

However it is odd to see a container that is mutating runtime state while being nowhere near running. I already run quite a few applications in containers and I containerized quite a few myself, some of which were never intended to run in containers.

The prime example that comes to my mind, of an application that deals with similar requirements/issues in a similar way to Discourse, is Gitlab. While they do now provide a fancy Helm chart for a fully decomposed “how it should be” kubernetes deployment, I’m guessing (without looking at any numbers) that a similar 99% of its small-medium size deployments are using Gitlab’s omnibus docker image (or the OS package, which is practically the same). They have a similar bootstrapping process, but based on chef within the container, that’s all executed on every startup and does the usual things like db migrations and asset compilation.

Yes, Gitlab’s startup can take several minutes due to this, but never has that been an issue for the deployments I’ve seen (some in larger companies). Especially with modern orchestration systems like docker-swarm and kubernetes and whatever else, which can run rolling upgrades for you, where the old instance is turned off only if the new instance is running and successfully health- and ready-checked, a lengthy deployment process might not actually be an issue. But even without fancy rolling upgrades, which may or may not work, you can also get away with quite a bit of downtime in many situations.

So: Is it be possible to configure launcher to skip the database-dependent operations during image build and instead do these operations during container startup?

I’m definitely willing to invest some time here myself, but my time in the evening is limited, so any pointers would be very welcome.

I’m also open to completely different processes if you think this is stupid or not even possible or so.

Thanks for any feedback!

I wanted to do the same as you - we run discourse on Amazon ECS, so we needed to be able to build just the web image and push it to a registry. I didn’t fancy hacking the discourse build process because we want to stay as close as possible to the supported install.

Instead, we use the normal launcher script to build a two-container setup on a local machine, but ignore the data container and push the web container to the registry. At runtime we override the Postgres and Redis connection details via environment variables.

Deploying the new image is a 3-step process:

1. Run the safe pre-migrations. Get ECS to run this command (with the new image):

    SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
   

2. Deploy the new image. Update the ECS service.

3. Run the post-migrations. Get ECS to run this command:

    SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
   

Having a local data container run while we build the image is probably wasteful, but it means we can use the standard web.template.yml without having to worry about which parts try to talk to the database or redis.

Thanks for for that! I also figured I could just spin up a postgres during the image build and discard it once the build of the actual build is done.

I finally took the time to implement this!

I implemented the image build using a gitlab-ci pipeline that runs postgres and redis as services during the build and discards them afterwards:

https://gist.github.com/pschichtel/2ca35ea87a0ad28a6caf4504660c4921

Now I only have to automated the deployment with the DB migrations

这个东西已经运行了一年多了，从来没有动过它，甚至连 2.8 版本都没有动过。

我已将镜像构建移至 GitHub：https://github.com/pschichtel/discourse-docker。

该镜像已发布到 pschichtel/discourse:stable-web_only。

看起来这最终还是出错了。从 3.0.6 升级到 3.1.0 时，没有执行任何数据库迁移。然而，在容器运行后执行最后的 bundle exec rake db:migrate 命令确实有效，但那是在又一次重启容器之后。

当新映像在未设置该环境变量的情况下启动时，您必须再次迁移。有一个 Rake 任务可以执行此操作，但我无法从手机上记住或找到它。有点像 ensure_post_migrations。

就我而言，我没有注意到任何中断。我主要遵循 beta 发布分支，据我所知，migrations 在 3.1.0.beta… 系列的每一步都已正确运行。

我通过 rake -AT 找到了 db:ensure_post_migrations。

db:migrate 配合 SKIP_POST_DEPLOYMENT_MIGRATIONS=0 和 db:ensure_post_migrations 有什么区别？

好的，在查看了代码之后，我明白了 db:ensure_post_migrations 的作用。它应该在 db:migrate 的同一个 rake 执行中使用，以确保 SKIP_POST_DEPLOYMENT_MIGRATIONS 被设置为 0。我的脚本已经确保了这一点：

.gitlab-ci.yml：

./migrate.sh pre || echo "Redis not running during pre migrations, skipping..."
docker stack deploy --prune --resolve-image always -c "$STACK.yml" "$STACK"
./docker-stack-wait.sh -t 180 "$STACK"
./migrate.sh post

migrate.sh：

#!/usr/bin/env sh

if [ "$(docker ps -q --filter "label=com.docker.stack.namespace=${STACK}" --filter "label=com.docker.swarm.service.name=${STACK}_${DISCOURSE_REDIS_HOST}" | wc -l)" = "0" ]
then
    echo "No redis container found, unable to run migrations!"
    exit 1
fi

if [ "$1" = "pre" ]
then
    skip_post=1
else
    skip_post=0
fi


docker run \
    --rm \
    --name "discourse-migration-${DISCOURSE_DB_HOST}-${DISCOURSE_DB_NAME}" \
    --network "${STACK}_discourse" \
    --workdir /var/www/discourse \
    -u discourse \
    -e SKIP_POST_DEPLOYMENT_MIGRATIONS="$skip_post" \
    -e LANG="${LANG}" \
    -e DISCOURSE_DEFAULT_LOCALE="${DISCOURSE_DEFAULT_LOCALE}" \
    -e DISCOURSE_HOSTNAME="${DISCOURSE_HOSTNAME}" \
    -e DISCOURSE_DEVELOPER_EMAILS="${DISCOURSE_DEVELOPER_EMAILS}" \
    -e DISCOURSE_SMTP_ADDRESS="${DISCOURSE_SMTP_ADDRESS}" \
    -e DISCOURSE_SMTP_PORT="${DISCOURSE_SMTP_PORT}" \
    -e DISCOURSE_DB_USERNAME="${DISCOURSE_DB_USERNAME}" \
    -e DISCOURSE_DB_PASSWORD="${DISCOURSE_DB_PASSWORD}" \
    -e DISCOURSE_DB_HOST="${DISCOURSE_DB_HOST}" \
    -e DISCOURSE_DB_NAME="${DISCOURSE_DB_NAME}" \
    -e DISCOURSE_REDIS_HOST="${DISCOURSE_REDIS_HOST}" \
    "$DISCOURSE_IMAGE" \
    bundle exec rake db:migrate

它在 docker swarm 中使用新镜像以 SKIP_POST_DEPLOYMENT_MIGRATIONS=1 运行 db:migrate，此时 discourse 仍在运行旧版本。然后它将新镜像部署到 swarm 并等待其收敛。最后，它再次运行 db:migrate，但这次使用 SKIP_POST_DEPLOYMENT_MIGRATIONS=0。

这在过去两年多的时间里对每个版本都一直可靠地工作。鉴于它对您 @simonk 也有效，您是否做了与我的脚本根本不同的事情？

不，我仍然遵循我之前概述的相同流程（Building the image without touching the database - #2 by simonk rake db:migrate 而不是 bundle exec rake db:migrate，但我无法想象这会有多大区别。

我从未使用过 docker stack 或 swarm。你的脚本中是否存在可能导致 migrate.sh 脚本使用旧镜像而不是新镜像的 bug？

我还没有明确检查过，我会去看看。Swarm肯定会使用最新的镜像，但也许CI脚本因为某些原因没有使用最新的。

我已针对 3.1.1 更新进行了查看。确实，CI 脚本使用了旧版本的容器。