Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Oracle Database on Docker

371 views

Published on

The presentation I did at UKOUG Tech18 about what I learned when trying to get a solution for the 'we want to run Oracle on Docker' requirement.

Published in: Technology
  • Be the first to comment

Oracle Database on Docker

  1. 1. Deploying Oracle Database on Docker: lessons learned 04.12.2018 Franck Pachot - Oracle on Docker 1
  2. 2. Who am I? Franck Pachot Data Engineer at CERN • Twitter @FranckPachot • Medium: https://medium.com/@FranckPachot • Blog Databases at CERN: db-blog.web.cern.ch/ 04.12.2018 Franck Pachot - Oracle on Docker 2
  3. 3. Oracle Database on Docker 04.12.2018 Franck Pachot - Oracle on Docker 3 lightweight ephemeral isolated containers to run applications persistent != ephemeral shared != isolated data != application 8GB Oracle Home != lightweight + 1GB for an empty database
  4. 4. Why running Oracle on Docker? Because: • “Docker is cool” • “We run everything on Docker” • “We do that with PostgreSQL, MySQL and we just want to do the same” • “We don’t want to waste time in installation” This has nothing to do with a solution to try to solve a problem 🤔 04.12.2018 Franck Pachot - Oracle on Docker 4
  5. 5. Build or run from existing? Docker Hub: • Oracle does not allow to distribute the software. • You pay for all CPU where the software is installed • So, except for Oracle XE, just forget it Docker Store: • Here you accept once and can pull the official image docker login • but look at the image… 04.12.2018 Franck Pachot - Oracle on Docker 5
  6. 6. Docker Store The image is just a tar of Oracle Home and tar of Database: # docker run -p 0.0.0.0:9001:1521 store/oracle/database-enterprise:12.2.0.1 … untar DB bits ...... log file is : /home/oracle/setup/log/untarDB.log untarDB.sh is done at 230 sec … Scripts in /home/oracle/setup Software in /tmp/dbsetup/dbtar [oracle@523de29307ed setup]$ du -ha /tmp/dbsetup/dbtar 2.1G /tmp/dbsetup/dbtar/db12.2.0.1.0.tar.gz 573M /tmp/dbsetup/dbtar/dbf_12201.tar.gz 2.6G /tmp/dbsetup/dbtar 04.12.2018 Franck Pachot - Oracle on Docker 6
  7. 7. Docker Store Oracle has its own repository: https://container-registry.oracle.com • You login with your Oracle account and accept the licence # docker login container-registry-frankfurt.oracle.com Username: my-oracle-sso@pachot.net Password: # docker pull container-registry-frankfurt.oracle.com /database/enterprise:12.2.0.1 04.12.2018 Franck Pachot - Oracle on Docker 7
  8. 8. racle build scripts Maintained by Oracle, multiple versions, even RAC https://github.com/oracle/docker-images/tree/master/OracleDatabase But you need to download the installation .zip, send it to the context (5GB), unzip… And at ‘docker run’ you will wait 15 minutes for the database creation. Good to test your config, but try to give that to your developers and you will understand that you need to be more creative… 04.12.2018 Franck Pachot - Oracle on Docker 8
  9. 9. Containers Docker container is process isolation Namespaces • Processes (PID) • Networking (port) • Filesystem (chroot) Resources • cgroups (control groups) Security • seccomp (security profiles) https://jvns.ca/blog/2016/10/10/what-even-is-a-container 04.12.2018 Franck Pachot - Oracle on Docker 9 1982: chroot 2000: Freebsd jails 2001: Linux vserver 2004: Solaris zones 2005: OpenVZ 2008: LXC 2010: Systemd-nspawn 2013: Docker
  10. 10. Namespaces – PID 1 in host [root@fpachot-docker ~]# pstree -p | more systemd(1)-+-NetworkManager(689)-+-dhclient(1054) |-dockerd(17964)-+-containerd(17981)-+-containerd-shim(22331)-+-bash(22348)-+-ora_aqpc_orclcd(22608) | | | | |-ora_cjq0_orclcd(22921) | | | | |-ora_ckpt_orclcd(22489) | | | | |-ora_clmn_orclcd(22449) | | | | |-ora_d000_orclcd(22515) | | | | |-ora_dbrm_orclcd(22474) | | | | |-ora_dbw0_orclcd(22485) | | | | |-ora_dia0_orclcd(22483) | | | | |-ora_diag_orclcd(22468) | | | | |-ora_gen0_orclcd(22458) [root@fpachot-docker ~]# ps –f -p 22348 UID PID PPID C STIME TTY TIME CMD ----- ----- ----- - ----- ----- -------- ------------------------------------------ 54321 22348 22331 0 23:00 pts/0 00:00:00 /bin/bash /home/oracle/setup/dockerInit.sh 04.12.2018 Franck Pachot - Oracle on Docker 10
  11. 11. Namespaces – PID 1 in container [root@fpachot-docker ~]# docker exec ora001 pstree -p | more bash(1)-+-ora_aqpc_orclcd(118) |-ora_cjq0_orclcd(349) |-ora_ckpt_orclcd(68) |-ora_clmn_orclcd(30) |-ora_d000_orclcd(94) |-ora_dbrm_orclcd(54) |-ora_dbw0_orclcd(64) |-ora_dia0_orclcd(62) |-ora_diag_orclcd(48) |-ora_gen0_orclcd(38) [root@fpachot-docker ~]# docker exec cc ps –f -p 1 UID PID PPID C STIME TTY TIME CMD ----- ----- ----- - ----- ----- -------- ------------------------------------------ oracle 1 0 0 22:00 pts/0 00:00:00 /bin/bash /home/oracle/setup/dockerInit.sh 04.12.2018 Franck Pachot - Oracle on Docker 11
  12. 12. Layers… Docker builds images as layers • you pull an existing image • you add layers for the build steps, components, options, updates… • very easy to maintain: any change starts from previous layer Once built, all image layers are read-only and can be shared A container (created by ‘docker run’) reads from the image and adds a read-write layer to run the application 04.12.2018 Franck Pachot - Oracle on Docker 12
  13. 13. Layers… 04.12.2018 Franck Pachot - Oracle on Docker 13 my runtime environment my updated libraries my additional option my configuration files my software libraries my OS prerequisites My base image Read-Write Read-Only
  14. 14. Oracle Software 04.12.2018 Franck Pachot - Oracle on Docker 14 The distribution .zip (or .rpm) The Oracle Home with many files used only for install, create, relink,…
  15. 15. Tips to build the image • send the context only once - next layers on a new Dockerfile, or use ADD from a NFS server container • long operations, access to internet,… in first steps - all yum updates on first step, rm /var/cache/yum at the end • use layers for better agility - filesystem with compression, maybe deduplication • shrink all that at the end (COPY --from= or docker commit) you can try experimental build --squash (I’m not convinced) • Goal: have a small image with fast docker run 04.12.2018 Franck Pachot - Oracle on Docker 15
  16. 16. Multiple stage build The Dockerfile to send the 3.6 GB context FROM oraclelinux:7-slim WORKDIR /var/tmp ADD oracle-database-xe-18c-1.0-1.x86_64.rpm . # docker image build -t franck/oraclexe18c:rpm . Another Dockerfile to update the packages FROM franck/oraclexe18c:rpm USER root WORKDIR /var/tmp RUN yum install -y oracle-database-preinstall-18c RUN ORACLE_DOCKER_INSTALL=true yum -y localinstall oracle-datab*.rpm . RUN rm oracle-database-xe-18c-1.0-1.x86_64.rpm 04.12.2018 Franck Pachot - Oracle on Docker 16
  17. 17. The storage driver People are lazy and take the default (overlay2) But what we do here is the opposite of the default Docker usage Overlay2 copies the whole file when one byte is changed or appended For big containers, you need copy-on-write at block level • zfs is a good choice for high-density workloads such as PaaS. • BTRFS does CoW at block level, as ZFS • compression? de-duplication? 04.12.2018 Franck Pachot - Oracle on Docker 17
  18. 18. 04.12.2018 Franck Pachot - Oracle on Docker 18 0 5 10 15 20 25 30 35 40 45 0 10 20 30 40 50 60 70 80 90 (blank) lzo (blank) dedup compress compressdedup (blank) dedup compress compressdedup (blank) dedup compress compressdedup (blank) dedup compress compressdedup (blank) dedup compress compressdedup btrfs zfs 128k zfs 32k zfs 16k zfs 8k zfs 2k Average of Gbytes Average of Build(min) Average of Run(min) Imagesize(Gbytes) build/runtime(minutes) ZFS vs. BTRFS
  19. 19. Which OS to run on? Doc ID 2216342.1 • Oracle Linux 7 with UEK4 (and later) • Red Hat Enterprise Linux 7 But actually, do you have the choice? • Your container environment is not dedicated to Oracle database - OpenShift cluster - Developer Laptop • You will have hard time to get the best OS and FS for Oracle Database 04.12.2018 Franck Pachot - Oracle on Docker 19
  20. 20. Oh… and about where to run… Licensing in processor metric • you pay Oracle for all processors (cores in EE, Socket in SE2) in the physical servers your containers may run Licensing in NUP+ metric • You still count the processors for the minimum NUP - 25 NUP per processor (0.5 Intel Core) in EE - 10 NUP per server in SE2 Do you still want to run Oracle on Docker? 04.12.2018 Franck Pachot - Oracle on Docker 20
  21. 21. Install Docker on Centos 7.5 yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo yum install docker-ce ========================================================================== Package Arch Version Repository Size ========================================================================== Installing: docker-ce x86_64 3:18.09.0-3.el7 docker-ce-stable 19 M Installing for dependencies: container-selinux noarch 2:2.68-1.el7 extras 36 k containerd.io x86_64 1.2.0-3.el7 docker-ce-stable 22 M docker-ce-cli x86_64 1:18.09.0-3.el7 docker-ce-stable 14 M libtool-ltdl x86_64 2.4.2-22.el7_3 base 49 k systemctl enable docker ; systemctl start docker 04.12.2018 Franck Pachot - Oracle on Docker 21
  22. 22. Install BTRFS on Centos 7.5 yum install btfrs-progs mkfs.btrfs -f /dev/sdc mkdir /mnt/docker-root-btrfs mount -t btrfs –o compress=lzo /dev/sdc /mnt/docker-root-btrfs # set this filesystem as docker root (default is /var/lib/docker) systemctl stop docker sed -ie '/ExecStart/s?dockerd.*?dockerd --data-root=/mnt/docker-root-btrfs?' /lib/systemd/system/docker.service systemctl start docker docker info | grep Root 04.12.2018 Franck Pachot - Oracle on Docker 22
  23. 23. Image is built, but … 04.12.2018 Franck Pachot - Oracle on Docker 23 Happy to give a 8GB to the developers… which takes 5 minutes to run? # docker run container-registry…/enterprise:12.2.0.1 2>&1 | ts Nov 17 22:40:00 Setup Oracle Database … Nov 17 22:45:18 Completed: alter pluggable database ORCLPDB1 open And each container takes a few GB non shareable 🤔 # docker container ps -as CONTAINER ID IMAGE SIZE 6265a4c28128 …/enterprise:12.2.0.1 4.81GB (virtual 8.24GB)
  24. 24. .dbf in image or external volume? If we create the database in the image, at build - it is not persistent (containers should be ephemeral) - but docker run is fast (instance startup only) - ok for CI Unit Testing, not for Development database If the database is in external volume (docker volume or dNFS) - can be shared in the cluster, is backed-up - but takes several minutes to start and is very large The problem: not easy split of software between image and container 04.12.2018 Franck Pachot - Oracle on Docker 24
  25. 25. Where is the oracle software? 04.12.2018 Franck Pachot - Oracle on Docker 25 Docker should be software as container layers, data in external volume ORACLE_HOME host directory • the binaries (bin/oracle, lib/libserver18.so) • some other files • exclusively software in 18c Read-Only Oracle Home shipped: as 8GB useful: 300MB SYSTEM/SYSAUX tablespaces • the dbms packages, the dictionary views • there is also non-software in those datafiles shipped: as 600GB
  26. 26. Where is the database? 04.12.2018 Franck Pachot - Oracle on Docker 26 The mix of software (binaries) with data/metadata (configuration files, log, audit, statistics,…) has evolved slowly: • Read-Only Oracle Home in 18c • Multitenant in 12c But CDB$ROOT SYSTEM/SYSAUX tablespace does not only contain software. We need a Read-Only SYSTEM tablespace! 3 ideas depending on the context…
  27. 27. 1. CloneDB to write in sparse files 04.12.2018 Franck Pachot - Oracle on Docker 27 CDB CDB$ ROOT PDB$ SEED PDB PDB_APP1:USER_DATA1 PDB_APP1:SYSAUX PDB$SEED:SYSAUX PDB$SEED:SYSTEM CDB$ROOT:UNDO CDB$ROOT:SYSAUX CDB$ROOT:SYSTEM PDB_APP1:SYSTEM control file online redo logs datafile sparse files clonedb=true clonedb_dir=… Dockerimage Externalvolume
  28. 28. 1. CloneDB to write in sparse files 04.12.2018 Franck Pachot - Oracle on Docker 28 My 1st idea was to create the database in the container, set it read-only, and have copy-on-write sparse files in external volume • controlfile and redologs in volume as well • works in multitenant 12c but not in 18c: SQL> exec for i in (select name from v$datafile) loop dbms_dnfs.clonedb_renamefile(i.name,i.name||'.cow'); end loop; * ERROR at line 1: ORA-17644: clonedb_renamefile interface is not supported in a multitenant container database. ORA-06512: at "SYS.X$DBMS_DNFS", line 10
  29. 29. 2. Multitenant: CDB in the image 04.12.2018 Franck Pachot - Oracle on Docker 29 CDB CDB$ ROOT PDB$ SEED PDB PDB_APP1:USER_DATA1 PDB_APP1:SYSAUX PDB$SEED:SYSAUX PDB$SEED:SYSTEM CDB$ROOT:UNDO CDB$ROOT:SYSAUX CDB$ROOT:SYSTEM PDB_APP1:SYSTEM control file online redo logs Dockerimage Externalvolume
  30. 30. 2. Multitenant: CDB in the image 04.12.2018 Franck Pachot - Oracle on Docker 30 In multitenant, pluggable databases is what contains only user data • this belongs to external volume Can we create CDB$ROOT in the image? • docker run will only CREATE PLUGGABLE DATABASE (fast & small) - or plug and datapatch if the volume contains an unplugged PDB (.xml) • docker stop will unplug the PDB, docker start will plug it • docker kill will try to unplug the PDB. • but a crash will need to start with the same container to recover it - because consistency requires the CDB with redo log
  31. 31. 3. Client containers + Multitenant 04.12.2018 Franck Pachot - Oracle on Docker 31 CDB CDB$ ROOT PDB$ SEED PDB PDB_APP1:USER_DATA1 PDB_APP1:SYSAUX PDB$SEED:SYSAUX PDB$SEED:SYSTEM CDB$ROOT:UNDO CDB$ROOT:SYSAUX CDB$ROOT:SYSTEM PDB_APP1:SYSTEM control file online redo logsDockerimage ExternalCDB SQL*Net clientonly
  32. 32. 3.Docker container + Multitenant 04.12.2018 Franck Pachot - Oracle on Docker 32 If the goal of the developer is to have a small fast container • you can host the databases as PDBs in a CDB (can be Cloud) - see it as an external volume • you provide a small container to create/start /stop/kill - which will do the CREATE/OPEN/CLOSE/DROP pluggable database calls • The container may provide a connection proxy (ssh tunnel? CMAN?) • The PDB can also be a Cloud service
  33. 33. Core Message • Docker is not intended for Oracle Database Oracle Database is not intended for Docker - mismatch in all areas: install, deploy, store, run, operate, license… • Some (unsupported) solutions may exist: - first define a clear goal, and adapt to it, “we want to run on Oracle on Docker” is not a requirement • Multitenant: Pluggable Databases are the containers for databases 04.12.2018 Franck Pachot - Oracle on Docker 33
  34. 34. • Tim Hall (oracle-base.com) - https://oracle-base.com/articles/linux/docker-oracle-database-on-docker • Frits Hoogland (Dockerfile using Maris Elsins getMOSPatch.sh) - https://fritshoogland.wordpress.com/2015/08/11/installing-the-oracle-database-in-docker/ • Gerald Venzl - https://www.slideshare.net/gvenzl/dockerizing-oracle-database • Tech18: 04.12.2018 Franck Pachot - Oracle on Docker 34 #PASSTHEKNOWLEDGE

×