SlideShare a Scribd company logo

PostgreSQL and Linux Containers

Download as pptx, pdf
Jignesh Shah
Jignesh Shah

This document provides an overview of Linux containers and Docker containers. It begins with definitions of containers and their advantages over virtual machines. It describes early implementations of containers like chroot, Jails, and Zones. It explains the underlying kernel technologies like cgroups and namespaces that enable Linux containers. It provides instructions for using LXC and systemd-nspawn to deploy basic containers. It then focuses on Docker containers, covering installation, images, volumes, and best practices for running applications like PostgreSQL in Docker containers.

Software
1 of 30
Downloaded 144 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
PostgreSQL and Linux Containers Jignesh Shah Founding Team @appOrbit SF Bay Area PostgreSQL User Group – Jan 5th 2015
Disclaimer The views expressed in this presentation are my own and do not necessarily reflect the views of appOrbit.
About Jignesh (@jkshah) • appOrbit • My focus is on managing Application Data running in Containers • VMware • Lead and manage Postgres and Data Management teams at VMware for various products embedding PostgreSQL running in virtualized embedded instances • Sun Microsystems • Team Member of first published SpecJAppServer 2004 benchmark with PostgreSQL • Performance of PostgreSQL on Solaris/Sun Servers • Working with PostgreSQL community since 2005 • http://jkshah.blogspot.com/2005/04/profiling-postgresql-using-dtrace-on_22.html • Working with Container technologies (Solaris Zones) since 2004 • http://jkshah.blogspot.com/2004/08/db2-working-under-solaris-10-zones_30.html
Agenda • Containers • Definition • Early examples • Linux Containers • Underlying Technologies • LXC • Systemd-nspawn • Docker Containers • Installation • Images • Volumes • PostgreSQL in Docker Container • What it means • Best practices
What are Containers? • OS Level virtualization where kernel allows for multiple isolated user-space instances Operating System Bare Metal Server OS Bare Metal Server Hypervisor OS Operating System Bare Metal Server C C C C C OS Bare Metal Server Hypervisor OS C C C C
Advantages of Containers • Lower footprint • Very Quick Startup and Shutdown time • Density • Nesting
Disadvantages of Containers • Same Kernel version • Cannot run other OS natively • Security (to be improved)
Where to use container? • Recreate identical environment (cookie-cutter) • Resource Grouping of specific processes in heavily loaded server • Handling multiple versions of software applications • Ephemeral application instances (Dev/Test) • Many more
Implementations of Containers • Chroot circa 1982 • FreeBSD Jails circa 2000 • Solaris Zones circa 2004 • Meiosys – MetaClusters with Checkpoint/Restore 2004-05 • Linux OpenVZ circa 2005 (not in mainstream Linux) • AIX WPARs circa 2007 • LXC circa 2008 • Systemd-nspawn circa 2010-2013 • Docker circa 2013
What makes containers possible? • Process Group Isolation • Filesystem Isolation • Network Isolation • CPU Isolation • Memory Isolation • Example – Solaris Containers • Base implementation provided Process, Filesystem and Network Isolation • Resource pools consisting of CPU, memory was originally used • Branded Zones – Userland Library Isolation
What makes Linux containers possible ? • cgroups • Allows limitation and prioritization of resources (CPU, memory, block I/O, network, etc.) • Namespace isolation • Mount namespace • PID namespace • Network namespace • UTS (Allows changing hostname, domainname) • IPC Namespace • User namespace • LXC • Combines kernel’s cgroup and namespaces to provide an isolated environment
LXC • CentOS 7 + EPEL Repository set • Commands available • Quick Guide to use an LXC based container of busybox lxc-attach lxc-clone lxc-destroy lxc-ls lxc-stop lxc-usernsexec lxc-autostart lxc-config lxc-execute lxc-monitor lxc-top lxc-wait lxc-cgroup lxc-console lxc-freeze lxc-snapshot lxc-unfreeze lxc-checkconfig lxc-create lxc-info lxc-start lxc-unshare wget https://www.busybox.net/downloads/binaries/busybox-x86_64 -O busybox chmod a+x busybox PATH=$(pwd):$PATH lxc-create -t busybox -n mycontainer lxc-start -d -n mycontainer lxc-console –n mycontainer # (Use CTRL-A Q to exit console mode) lxc-stop -n mycontainer lxc-destroy -n mycontainer yum install epel-release yum install bridge-utils libvirt lxc lxc-templates
Systemd-nspawn • Systemd • Replacement of SysV init scripts • Systemd-nspawn • Used to run a command or OS in light weight namespace container • Installed on most newer distros by default • Commands available systemd-analyze systemd-delta systemd-nspawn systemd-ask-password systemd-detect-virt systemd-run systemd-cat systemd-cgls systemd-loginctl systemd-sysv-convert systemd-cgtop systemd-machine-id-setup systemd-coredumpctl systemd-notify systemd-tty-ask-password-agent systemd-inhibit systemd-stdio-bridge systemd-tmpfiles systemctl machinectl hostnamectl journalctl yum install systemd
Systemd-nspawn • Quick guide to a container deployment using systemd-nspawn • Useful tools machinectl status mycontainer systemd-cgls systemd-cgtop # Create an Image yum -y --releasever=7 --nogpg --installroot=/mycontainers/centos7 install systemd passwd yum fedora-release vim-minimal # Change the root password in the image systemd-nspawn -D /mycontainers/centos7 passwd exit # Start the container as if booting into the container image systemd-nspawn -D /mycontainers/centos7 –M mycontainer –b # Get into the container nsenter -m -u -i -n -p –t $PID machinectl login mycontainer
Trends of Container Technologies
Disruption of trends by Docker
Docker • Installation • Commands available with docker binary • Quick Guide to use a docker based container attach build commit cp create diff events exec export history images import info inspect kill load login logout logs pause port ps pull push rename restart rm rmi run save search start stats stop tag top unpause version wait docker run --name mycontainer -e POSTGRES_PASSWORD=mysecretpassword -d postgres docker exec -ti mycontainer psql -U postgres docker stop mycontainer docker rm mycontainer docker rmi postgres yum install docker systemctl start docker
Dockerfile – Custom Recipe • Container images are created using “Dockerfile” • Build an image using the recipe file • Push to a public or private registry (hub account login or private registry needed) FROM centos:centos7.0.1406 RUN yum install -y epel-release RUN yum install -y nginx EXPOSE 80 CMD ["bash", "-l", "-c", "/usr/sbin/nginx -g "daemon off;""] docker build –t jkshah/nginx –t . docker push jkshah/nginx:latest
Docker Images • Docker Images are layered templates used by containers instances • Container instance images are layered Copy on Write Images based on Docker images • You can mutate your local container images (unless you use --read-only flag) • Not good for fast and frequent changing data • Can select a different underlying type using --storage-driver docker push jkshah/nginx:latest Do you really want to push to public registry? [y/n]: y The push refers to a repository [docker.io/jkshah/nginx] (len: 1) d498b5680966: Pushed 4b1d16518ce1: Pushed 3185bef36db4: Pushed 2f7013eef4b8: Pushed 539eca37bade: Pushed f1b10cd84249: Pushed latest: digest: sha256:46208d1f0393946b33c2bdce498168de507b7186a897f332bab0cffc1ea601c7 size: 10608
Docker Volumes • Persists beyond the life of a Docker container • VOLUME command in Dockerfile or • Using –v using docker run command • Automatically created if not already present during docker run • Not part of docker push/pull operations • Can select a non-local directory using --volume-driver • Third party components required to get multi-host support (NFS, etc ) • On CentOS with SELinux enabled need to set security context • Different options using –v • -v /hostsrc/data:/opt/data:ro # for read only volumes (default rw) • -v /hostsrc/data:/opt/data:Z # Z – private volume, z – shared volume • -v /etc/nginx.conf:/etc/nginx.conf # for mounting a single file only • Volumes can be shared from another container using --volumes-from on same host • Docker 1.9 gives first class status to Docker Volumes chcon -Rt svirt_sandbox_file_t /hostpath/pgdata
PostgreSQL in Docker container • Quick Deployment: • Check Deployment: • Use inspect command to get more information about the container • To check PostgreSQL system logs docker run --name mycontainer -v /hostpath/pgdata:/var/lib/postgresql/data -e POSTGRES_PASSWORD=mysecretpassword -d postgres docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8d720b31c1fe postgres "/docker-entrypoint.s" 5 minutes ago Up 5 minutes 5432/tcp mycontainer docker logs mycontainer The files belonging to this database system will be owned by user "postgres". This user must also own the server process. … LOG: database system was shut down at 2016-01-04 22:58:40 UTC LOG: MultiXact member wraparound protections are now enabled LOG: database system is ready to accept connections LOG: autovacuum launcher started docker inspect mycontainer
PostgreSQL in docker container • Part of Postgres Dockerfile has • Impacts • Port is exposed only to other containers directly linking with this container • Data is persistent only for the life of container (docker rm) but not easily accessible outside the container • -v enables to access the data outside container • Linking to PostgreSQL Server container • Ports are exposed externally using –p option • Verify using docker run --name myapp --link mycontainer:ds2db -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=mysecretpassword -p 8080:80 -d jkshah/dvdstore2 EXPOSE 5432 VOLUME /var/lib/postgresql/data docker port myapp 80/tcp -> 0.0.0.0:8080
PostgreSQL in docker container • Check for statistics using • Check for top processes in a container docker stats mycontainer myapp CONTAINER CPU % MEM USAGE/LIMIT MEM % NET I/O myapp 0.01% 51.51 MB/1.924 GB 2.68% 54.42 kB/7.576 MB mycontainer 0.01% 133.3 MB/1.924 GB 6.93% 7.577 MB/54.42 kB docker top mycontainer UID PID PPID C STIME TTY TIME CMD polkitd 25313 10698 0 16:58 ? 00:00:00 postgres polkitd 25385 25313 0 16:58 ? 00:00:00 postgres: checkpointer process polkitd 25386 25313 0 16:58 ? 00:00:00 postgres: writer process polkitd 25387 25313 0 16:58 ? 00:00:00 postgres: wal writer process polkitd 25388 25313 0 16:58 ? 00:00:00 postgres: autovacuum launcher process polkitd 25389 25313 0 16:58 ? 00:00:00 postgres: stats collector process docker top myapp UID PID PPID C STIME TTY TIME CMD root 30747 10698 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30796 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30797 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30798 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30799 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30800 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND
PostgreSQL in docker container • Alternate way to see Process Tree using systemd-cgls tool systemd-cgls ├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 21 ├─user.slice │ └─user-0.slice │ └─session-34.scope │ ├─25129 sshd: root@pts/0 │ ├─25131 -bash │ └─31397 systemd-cgls └─system.slice ├─docker-9457652d7f6ec24ebd95305e788fe39030b049deb22f240ee2b7383488d0c215.scope │ ├─30747 httpd -D FOREGROUND │ ├─30796 httpd -D FOREGROUND │ ├─30797 httpd -D FOREGROUND │ ├─30798 httpd -D FOREGROUND │ ├─30799 httpd -D FOREGROUND │ └─30800 httpd -D FOREGROUND ├─docker-8d720b31c1fe0de77d3cd89942c1a72902b67d466f821ce63ee1271561a36451.scope │ ├─25313 postgres │ ├─25385 postgres: checkpointer process │ ├─25386 postgres: writer process │ ├─25387 postgres: wal writer process │ ├─25388 postgres: autovacuum launcher process │ └─25389 postgres: stats collector process ├─docker.service │ ├─10698 /usr/bin/docker daemon --selinux-enabled │ └─30739 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8080 -contain...
PostgreSQL in Docker container • Alternate way to see top containers using systemd-cgtop systemd-cgtop Path Tasks %CPU Memory Input/s Output/s / 100 0.9 1.5G - - /user.slice 3 0.9 70.7M - - /system.slice - 0.0 268.5M - - /system.slice/docker.service 2 0.0 31.9M - - /system.slice/nimbus.service 5 0.0 20.0K - - /system.slice/tuned.service 1 0.0 36.0K - - /system.slice/dock...49deb22f240ee2b7383488d0c215.scope 6 0.0 49.1M - - /system.slice/auditd.service 1 - 11.9M - - /system.slice/avahi-daemon.service 2 - 12.0K - - /system.slice/crond.service 1 - 92.0K - - /system.slice/dbus.service 1 - - - - /system.slice/dock...7d466f821ce63ee1271561a36451.scope 6 - 127.3M - - /system.slice/gssproxy.service 1 - - - - /system.slice/libvirtd.service 3 - - - - /system.slice/lvm2-lvmetad.service 1 - - - - /system.slice/polkit.service 1 - 16.0K - - /system.slice/postfix.service 3 - 3.5M - - /system.slice/rsyslog.service 1 - 2.1M - - /system.slice/sshd.service 1 - 3.0M - - /system.slice/system-getty.slice/getty@tty1.service 1 - - - - /system.slice/systemd-journald.service 1 - 16.0M - - /system.slice/systemd-logind.service 1 - 20.0K - - /system.slice/systemd-udevd.service 1 - 520.0K - - /system.slice/xe-linux-distribution.service 2 - 1.0M - - /user.slice/user-0.slice/session-34.scope 3 - - - -
PostgreSQL as a database server container • Maybe you want a database server standalone • Not all database clients will be on docker containers in the same host • Need to limit memory usage • Need different layout of how files are distributed (separage XLOG ) • Use the –p option to make the port available even to non containers clients • Use –m to limit memory usage by the DB server (by default it can see and use all) • Note this does not set shared buffers automatically with the library image docker run --name mycontainer -m 4g -e POSTGRES_PASSWORD=mysecretpassword -v /hostpath/pgdata:/var/lib/postgresql/data -p 5432:5432 -d postgres
PostgreSQL in an enterprise environment • However for a real production use case we would need • Bigger shared memory configurations • Need different layout of how files are distributed (separage XLOG ) • Ability to backup the database • Ability to setup replication • etc • In short we need a more custom image of PostgreSQL
Best Practices for custom image • For production install customize the docker image • Allocate proper memory limits - example 8GB • All pagecache usage shows up as docker container memory usage • Bump up shared buffers and other parameters as required • Hint: use PostgreSQL 9.3 or later otherwise have to privileged containers • http://jkshah.blogspot.com/2015/09/is-it-privilege-to-run-container-in.html • Support multiple volumes in your image • Pg_xlog • PITR archives • Tablespaces as required • Full Backup directory • PostgreSQL Extensions • Setup replication support • Out of box replication setup • Monitoring Tool • Your favorite monitoring agent
References • http://www.freedesktop.org/wiki/Software/systemd/ • https://linuxcontainers.org/ • http://www.haifux.org/lectures/299/netLec7.pdf • http://haifux.org/lectures/320/netLec8_final.pdf
Revolutionary platform to encapsulate and manage both legacy and new micro-services based applications with data and configurations running on containers and virtual machines in a private, public or hybrid cloud. Put your DevOps on hyper-drive! Efficiency and Velocity for Apps & Infrastructure We are HIRING !!!
Ad

Recommended

High-speed Database Throughput Using Apache Arrow Flight SQL
High-speed Database Throughput Using Apache Arrow Flight SQL
ScyllaDB
 
What’s the Best PostgreSQL High Availability Framework? PAF vs. repmgr vs. Pa...
What’s the Best PostgreSQL High Availability Framework? PAF vs. repmgr vs. Pa...
ScaleGrid.io
 
Qlik Replicateでのタスク設定の詳細
Qlik Replicateでのタスク設定の詳細
QlikPresalesJapan
 
Apache Airflow
Apache Airflow
Sumit Maheshwari
 
SAN デザイン講座
SAN デザイン講座
Brocade
 
Schema replication using oracle golden gate 12c
Schema replication using oracle golden gate 12c
uzzal basak
 
Oracle GoldenGate アーキテクチャと基本機能
Oracle GoldenGate アーキテクチャと基本機能
オラクルエンジニア通信
 
Linux LVM Logical Volume Management
Linux LVM Logical Volume Management
Manolis Kartsonakis
 
MySQL Administrator 2021 - 네오클로바
MySQL Administrator 2021 - 네오클로바
NeoClova
 
iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方
歩 柴田
 
Real-time Data Ingestion from Kafka to ClickHouse with Deterministic Re-tries...
Real-time Data Ingestion from Kafka to ClickHouse with Deterministic Re-tries...
HostedbyConfluent
 
[Aurora事例祭り]Amazon Aurora を使いこなすためのベストプラクティス
[Aurora事例祭り]Amazon Aurora を使いこなすためのベストプラクティス
Amazon Web Services Japan
 
Parquet performance tuning: the missing guide
Parquet performance tuning: the missing guide
Ryan Blue
 
Getting started with postgresql
Getting started with postgresql
botsplash.com
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
GetInData
 
Intro to Airflow: Goodbye Cron, Welcome scheduled workflow management
Intro to Airflow: Goodbye Cron, Welcome scheduled workflow management
Burasakorn Sabyeying
 
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Glen Hawkins
 
[오픈소스컨설팅]Tomcat6&7 How To
[오픈소스컨설팅]Tomcat6&7 How To
Ji-Woong Choi
 
Shell Scripting in Linux
Shell Scripting in Linux
Anu Chaudhry
 
Data Warehouse on Kubernetes: lessons from Clickhouse Operator
Data Warehouse on Kubernetes: lessons from Clickhouse Operator
Altinity Ltd
 
My first 90 days with ClickHouse.pdf
My first 90 days with ClickHouse.pdf
Alkin Tezuysal
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
SeungYong Oh
 
Apache Arrow Flight: A New Gold Standard for Data Transport
Apache Arrow Flight: A New Gold Standard for Data Transport
Wes McKinney
 
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark Summit
 
[2018] MySQL 이중화 진화기
[2018] MySQL 이중화 진화기
NHN FORWARD
 
Advanced backup methods (Postgres@CERN)
Advanced backup methods (Postgres@CERN)
Anastasia Lubennikova
 
The Oracle RAC Family of Solutions - Presentation
The Oracle RAC Family of Solutions - Presentation
Markus Michalewicz
 
Data Guard Architecture & Setup
Data Guard Architecture & Setup
Satishbabu Gunukula
 
PostgreSQL High Availability in a Containerized World
PostgreSQL High Availability in a Containerized World
Jignesh Shah
 
My experience with embedding PostgreSQL
My experience with embedding PostgreSQL
Jignesh Shah
 

More Related Content

What's hot (20)

MySQL Administrator 2021 - 네오클로바
MySQL Administrator 2021 - 네오클로바
NeoClova
 
iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方
歩 柴田
 
Real-time Data Ingestion from Kafka to ClickHouse with Deterministic Re-tries...
Real-time Data Ingestion from Kafka to ClickHouse with Deterministic Re-tries...
HostedbyConfluent
 
[Aurora事例祭り]Amazon Aurora を使いこなすためのベストプラクティス
[Aurora事例祭り]Amazon Aurora を使いこなすためのベストプラクティス
Amazon Web Services Japan
 
Parquet performance tuning: the missing guide
Parquet performance tuning: the missing guide
Ryan Blue
 
Getting started with postgresql
Getting started with postgresql
botsplash.com
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
GetInData
 
Intro to Airflow: Goodbye Cron, Welcome scheduled workflow management
Intro to Airflow: Goodbye Cron, Welcome scheduled workflow management
Burasakorn Sabyeying
 
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Glen Hawkins
 
[오픈소스컨설팅]Tomcat6&7 How To
[오픈소스컨설팅]Tomcat6&7 How To
Ji-Woong Choi
 
Shell Scripting in Linux
Shell Scripting in Linux
Anu Chaudhry
 
Data Warehouse on Kubernetes: lessons from Clickhouse Operator
Data Warehouse on Kubernetes: lessons from Clickhouse Operator
Altinity Ltd
 
My first 90 days with ClickHouse.pdf
My first 90 days with ClickHouse.pdf
Alkin Tezuysal
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
SeungYong Oh
 
Apache Arrow Flight: A New Gold Standard for Data Transport
Apache Arrow Flight: A New Gold Standard for Data Transport
Wes McKinney
 
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark Summit
 
[2018] MySQL 이중화 진화기
[2018] MySQL 이중화 진화기
NHN FORWARD
 
Advanced backup methods (Postgres@CERN)
Advanced backup methods (Postgres@CERN)
Anastasia Lubennikova
 
The Oracle RAC Family of Solutions - Presentation
The Oracle RAC Family of Solutions - Presentation
Markus Michalewicz
 
Data Guard Architecture & Setup
Data Guard Architecture & Setup
Satishbabu Gunukula
 
MySQL Administrator 2021 - 네오클로바
MySQL Administrator 2021 - 네오클로바
NeoClova
 
iostat await svctm の 見かた、考え方
iostat await svctm の 見かた、考え方
歩 柴田
 
Real-time Data Ingestion from Kafka to ClickHouse with Deterministic Re-tries...
Real-time Data Ingestion from Kafka to ClickHouse with Deterministic Re-tries...
HostedbyConfluent
 
[Aurora事例祭り]Amazon Aurora を使いこなすためのベストプラクティス
[Aurora事例祭り]Amazon Aurora を使いこなすためのベストプラクティス
Amazon Web Services Japan
 
Parquet performance tuning: the missing guide
Parquet performance tuning: the missing guide
Ryan Blue
 
Getting started with postgresql
Getting started with postgresql
botsplash.com
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
GetInData
 
Intro to Airflow: Goodbye Cron, Welcome scheduled workflow management
Intro to Airflow: Goodbye Cron, Welcome scheduled workflow management
Burasakorn Sabyeying
 
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Oracle Active Data Guard: Best Practices and New Features Deep Dive
Glen Hawkins
 
[오픈소스컨설팅]Tomcat6&7 How To
[오픈소스컨설팅]Tomcat6&7 How To
Ji-Woong Choi
 
Shell Scripting in Linux
Shell Scripting in Linux
Anu Chaudhry
 
Data Warehouse on Kubernetes: lessons from Clickhouse Operator
Data Warehouse on Kubernetes: lessons from Clickhouse Operator
Altinity Ltd
 
My first 90 days with ClickHouse.pdf
My first 90 days with ClickHouse.pdf
Alkin Tezuysal
 
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
[NDC17] Kubernetes로 개발서버 간단히 찍어내기
SeungYong Oh
 
Apache Arrow Flight: A New Gold Standard for Data Transport
Apache Arrow Flight: A New Gold Standard for Data Transport
Wes McKinney
 
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark + Parquet In Depth: Spark Summit East Talk by Emily Curtin and Robbie S...
Spark Summit
 
[2018] MySQL 이중화 진화기
[2018] MySQL 이중화 진화기
NHN FORWARD
 
Advanced backup methods (Postgres@CERN)
Advanced backup methods (Postgres@CERN)
Anastasia Lubennikova
 
The Oracle RAC Family of Solutions - Presentation
The Oracle RAC Family of Solutions - Presentation
Markus Michalewicz
 
Data Guard Architecture & Setup
Data Guard Architecture & Setup
Satishbabu Gunukula
 

Viewers also liked (20)

PostgreSQL High Availability in a Containerized World
PostgreSQL High Availability in a Containerized World
Jignesh Shah
 
My experience with embedding PostgreSQL
My experience with embedding PostgreSQL
Jignesh Shah
 
PostgreSQL High Availability in a Containerized World
PostgreSQL High Availability in a Containerized World
Jignesh Shah
 
Best Practices of HA and Replication of PostgreSQL in Virtualized Environments
Best Practices of HA and Replication of PostgreSQL in Virtualized Environments
Jignesh Shah
 
EDB Postgres with Containers
EDB Postgres with Containers
EDB
 
Best Practices of running PostgreSQL in Virtual Environments
Best Practices of running PostgreSQL in Virtual Environments
Jignesh Shah
 
PostgreSQL and Benchmarks
PostgreSQL and Benchmarks
Jignesh Shah
 
Expanding with EDB Postgres Advanced Server 9.5
Expanding with EDB Postgres Advanced Server 9.5
EDB
 
High Availability PostgreSQL with Zalando Patroni
High Availability PostgreSQL with Zalando Patroni
Zalando Technology
 
Avoid the Oracle SE2 Trap with EnterpriseDB & Palisade Compliance
Avoid the Oracle SE2 Trap with EnterpriseDB & Palisade Compliance
EDB
 
Tuning DB2 in a Solaris Environment
Tuning DB2 in a Solaris Environment
Jignesh Shah
 
Best Practices with PostgreSQL on Solaris
Best Practices with PostgreSQL on Solaris
Jignesh Shah
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
Jérôme Petazzoni
 
SFPUG - DVDStore Performance Benchmark and PostgreSQL
SFPUG - DVDStore Performance Benchmark and PostgreSQL
Jignesh Shah
 
OLTP Performance Benchmark Review
OLTP Performance Benchmark Review
Jignesh Shah
 
Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW Locks
Jignesh Shah
 
Introduction to PostgreSQL for System Administrators
Introduction to PostgreSQL for System Administrators
Jignesh Shah
 
Reducing Database Pain & Costs with Postgres
Reducing Database Pain & Costs with Postgres
EDB
 
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Jérôme Petazzoni
 
"Отказоустойчивый standby PostgreSQL (HAProxy + PgBouncer)" Виктор Ягофаров (...
"Отказоустойчивый standby PostgreSQL (HAProxy + PgBouncer)" Виктор Ягофаров (...
AvitoTech
 
PostgreSQL High Availability in a Containerized World
PostgreSQL High Availability in a Containerized World
Jignesh Shah
 
My experience with embedding PostgreSQL
My experience with embedding PostgreSQL
Jignesh Shah
 
PostgreSQL High Availability in a Containerized World
PostgreSQL High Availability in a Containerized World
Jignesh Shah
 
Best Practices of HA and Replication of PostgreSQL in Virtualized Environments
Best Practices of HA and Replication of PostgreSQL in Virtualized Environments
Jignesh Shah
 
EDB Postgres with Containers
EDB Postgres with Containers
EDB
 
Best Practices of running PostgreSQL in Virtual Environments
Best Practices of running PostgreSQL in Virtual Environments
Jignesh Shah
 
PostgreSQL and Benchmarks
PostgreSQL and Benchmarks
Jignesh Shah
 
Expanding with EDB Postgres Advanced Server 9.5
Expanding with EDB Postgres Advanced Server 9.5
EDB
 
High Availability PostgreSQL with Zalando Patroni
High Availability PostgreSQL with Zalando Patroni
Zalando Technology
 
Avoid the Oracle SE2 Trap with EnterpriseDB & Palisade Compliance
Avoid the Oracle SE2 Trap with EnterpriseDB & Palisade Compliance
EDB
 
Tuning DB2 in a Solaris Environment
Tuning DB2 in a Solaris Environment
Jignesh Shah
 
Best Practices with PostgreSQL on Solaris
Best Practices with PostgreSQL on Solaris
Jignesh Shah
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
Jérôme Petazzoni
 
SFPUG - DVDStore Performance Benchmark and PostgreSQL
SFPUG - DVDStore Performance Benchmark and PostgreSQL
Jignesh Shah
 
OLTP Performance Benchmark Review
OLTP Performance Benchmark Review
Jignesh Shah
 
Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW Locks
Jignesh Shah
 
Introduction to PostgreSQL for System Administrators
Introduction to PostgreSQL for System Administrators
Jignesh Shah
 
Reducing Database Pain & Costs with Postgres
Reducing Database Pain & Costs with Postgres
EDB
 
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Making DevOps Secure with Docker on Solaris (Oracle Open World, with Jesse Bu...
Jérôme Petazzoni
 
"Отказоустойчивый standby PostgreSQL (HAProxy + PgBouncer)" Виктор Ягофаров (...
"Отказоустойчивый standby PostgreSQL (HAProxy + PgBouncer)" Виктор Ягофаров (...
AvitoTech
 
Ad

Similar to PostgreSQL and Linux Containers (20)

Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Patrick Chanezon
 
Docker 1.11 Presentation
Docker 1.11 Presentation
Sreenivas Makam
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo
Nuxeo
 
Docker Container Security
Docker Container Security
Suraj Khetani
 
Docker Security Overview
Docker Security Overview
Sreenivas Makam
 
Docking postgres
Docking postgres
rycamor
 
Docker introduction
Docker introduction
Walter Liu
 
Docker - From Walking To Running
Docker - From Walking To Running
Giacomo Vacca
 
Continuous delivery workflow with Docker
Continuous delivery workflow with Docker
Igor Moochnick
 
Docker introduction
Docker introduction
Marcelo Ochoa
 
Docker and friends at Linux Days 2014 in Prague
Docker and friends at Linux Days 2014 in Prague
tomasbart
 
containerD
containerD
strikr .
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ElasTest Project
 
Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Nova
clayton_oneill
 
Detailed Introduction To Docker
Detailed Introduction To Docker
nklmish
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Phil Estes
 
Unraveling Docker Security: Lessons From a Production Cloud
Unraveling Docker Security: Lessons From a Production Cloud
Salman Baset
 
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Docker San Francisco Meetup April 2015 - The Docker Orchestration Ecosystem o...
Patrick Chanezon
 
Docker 1.11 Presentation
Docker 1.11 Presentation
Sreenivas Makam
 
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Docker Seattle Meetup April 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Docker New York Meetup May 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Devoxx France 2015 - The Docker Orchestration Ecosystem on Azure
Patrick Chanezon
 
[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo
Nuxeo
 
Docker Container Security
Docker Container Security
Suraj Khetani
 
Docker Security Overview
Docker Security Overview
Sreenivas Makam
 
Docking postgres
Docking postgres
rycamor
 
Docker introduction
Docker introduction
Walter Liu
 
Docker - From Walking To Running
Docker - From Walking To Running
Giacomo Vacca
 
Continuous delivery workflow with Docker
Continuous delivery workflow with Docker
Igor Moochnick
 
Docker introduction
Docker introduction
Marcelo Ochoa
 
Docker and friends at Linux Days 2014 in Prague
Docker and friends at Linux Days 2014 in Prague
tomasbart
 
containerD
containerD
strikr .
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ElasTest Project
 
Dockerizing the Hard Services: Neutron and Nova
Dockerizing the Hard Services: Neutron and Nova
clayton_oneill
 
Detailed Introduction To Docker
Detailed Introduction To Docker
nklmish
 
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Phil Estes
 
Unraveling Docker Security: Lessons From a Production Cloud
Unraveling Docker Security: Lessons From a Production Cloud
Salman Baset
 
Ad

Recently uploaded (20)

AI for PV: Development and Governance for a Regulated Industry
AI for PV: Development and Governance for a Regulated Industry
Biologit
 
Heat Treatment Process Automation in India
Heat Treatment Process Automation in India
Reckers Mechatronics
 
A Guide to Telemedicine Software Development.pdf
A Guide to Telemedicine Software Development.pdf
Olivero Bozzelli
 
Foundations of Marketo Engage - Programs, Campaigns & Beyond - June 2025
Foundations of Marketo Engage - Programs, Campaigns & Beyond - June 2025
BradBedford3
 
Why Every Growing Business Needs a Staff Augmentation Company IN USA.pdf
Why Every Growing Business Needs a Staff Augmentation Company IN USA.pdf
mary rojas
 
On-Device AI: Is It Time to Go All-In, or Do We Still Need the Cloud?
On-Device AI: Is It Time to Go All-In, or Do We Still Need the Cloud?
Hassan Abid
 
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
Maharshi Mallela
 
Introduction to Agile Frameworks for Product Managers.pdf
Introduction to Agile Frameworks for Product Managers.pdf
Ali Vahed
 
Simplify Task, Team, and Project Management with Orangescrum Work
Simplify Task, Team, and Project Management with Orangescrum Work
Orangescrum
 
HYBRIDIZATION OF ALKANES AND ALKENES ...
HYBRIDIZATION OF ALKANES AND ALKENES ...
karishmaduhijod1
 
Humans vs AI Call Agents - Qcall.ai's Special Report
Humans vs AI Call Agents - Qcall.ai's Special Report
Udit Goenka
 
Best MLM Compensation Plans for Network Marketing Success in 2025
Best MLM Compensation Plans for Network Marketing Success in 2025
LETSCMS Pvt. Ltd.
 
declaration of Variables and constants.pptx
declaration of Variables and constants.pptx
meemee7378
 
Test Case Design Techniques – Practical Examples & Best Practices in Software...
Test Case Design Techniques – Practical Examples & Best Practices in Software...
Muhammad Fahad Bashir
 
CodeCleaner: Mitigating Data Contamination for LLM Benchmarking
CodeCleaner: Mitigating Data Contamination for LLM Benchmarking
arabelatso
 
University Campus Navigation for All - Peak of Data & AI
University Campus Navigation for All - Peak of Data & AI
Safe Software
 
ElectraSuite_Prsentation(online voting system).pptx
ElectraSuite_Prsentation(online voting system).pptx
mrsinankhan01
 
Streamlining CI/CD with FME Flow: A Practical Guide
Streamlining CI/CD with FME Flow: A Practical Guide
Safe Software
 
Which Hiring Management Tools Offer the Best ROI?
Which Hiring Management Tools Offer the Best ROI?
HireME
 
Best Practice for LLM Serving in the Cloud
Best Practice for LLM Serving in the Cloud
Alluxio, Inc.
 
AI for PV: Development and Governance for a Regulated Industry
AI for PV: Development and Governance for a Regulated Industry
Biologit
 
Heat Treatment Process Automation in India
Heat Treatment Process Automation in India
Reckers Mechatronics
 
A Guide to Telemedicine Software Development.pdf
A Guide to Telemedicine Software Development.pdf
Olivero Bozzelli
 
Foundations of Marketo Engage - Programs, Campaigns & Beyond - June 2025
Foundations of Marketo Engage - Programs, Campaigns & Beyond - June 2025
BradBedford3
 
Why Every Growing Business Needs a Staff Augmentation Company IN USA.pdf
Why Every Growing Business Needs a Staff Augmentation Company IN USA.pdf
mary rojas
 
On-Device AI: Is It Time to Go All-In, or Do We Still Need the Cloud?
On-Device AI: Is It Time to Go All-In, or Do We Still Need the Cloud?
Hassan Abid
 
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
MOVIE RECOMMENDATION SYSTEM, UDUMULA GOPI REDDY, Y24MC13085.pptx
Maharshi Mallela
 
Introduction to Agile Frameworks for Product Managers.pdf
Introduction to Agile Frameworks for Product Managers.pdf
Ali Vahed
 
Simplify Task, Team, and Project Management with Orangescrum Work
Simplify Task, Team, and Project Management with Orangescrum Work
Orangescrum
 
HYBRIDIZATION OF ALKANES AND ALKENES ...
HYBRIDIZATION OF ALKANES AND ALKENES ...
karishmaduhijod1
 
Humans vs AI Call Agents - Qcall.ai's Special Report
Humans vs AI Call Agents - Qcall.ai's Special Report
Udit Goenka
 
Best MLM Compensation Plans for Network Marketing Success in 2025
Best MLM Compensation Plans for Network Marketing Success in 2025
LETSCMS Pvt. Ltd.
 
declaration of Variables and constants.pptx
declaration of Variables and constants.pptx
meemee7378
 
Test Case Design Techniques – Practical Examples & Best Practices in Software...
Test Case Design Techniques – Practical Examples & Best Practices in Software...
Muhammad Fahad Bashir
 
CodeCleaner: Mitigating Data Contamination for LLM Benchmarking
CodeCleaner: Mitigating Data Contamination for LLM Benchmarking
arabelatso
 
University Campus Navigation for All - Peak of Data & AI
University Campus Navigation for All - Peak of Data & AI
Safe Software
 
ElectraSuite_Prsentation(online voting system).pptx
ElectraSuite_Prsentation(online voting system).pptx
mrsinankhan01
 
Streamlining CI/CD with FME Flow: A Practical Guide
Streamlining CI/CD with FME Flow: A Practical Guide
Safe Software
 
Which Hiring Management Tools Offer the Best ROI?
Which Hiring Management Tools Offer the Best ROI?
HireME
 
Best Practice for LLM Serving in the Cloud
Best Practice for LLM Serving in the Cloud
Alluxio, Inc.
 

PostgreSQL and Linux Containers

  • 1. PostgreSQL and Linux Containers Jignesh Shah Founding Team @appOrbit SF Bay Area PostgreSQL User Group – Jan 5th 2015
  • 2. Disclaimer The views expressed in this presentation are my own and do not necessarily reflect the views of appOrbit.
  • 3. About Jignesh (@jkshah) • appOrbit • My focus is on managing Application Data running in Containers • VMware • Lead and manage Postgres and Data Management teams at VMware for various products embedding PostgreSQL running in virtualized embedded instances • Sun Microsystems • Team Member of first published SpecJAppServer 2004 benchmark with PostgreSQL • Performance of PostgreSQL on Solaris/Sun Servers • Working with PostgreSQL community since 2005 • http://jkshah.blogspot.com/2005/04/profiling-postgresql-using-dtrace-on_22.html • Working with Container technologies (Solaris Zones) since 2004 • http://jkshah.blogspot.com/2004/08/db2-working-under-solaris-10-zones_30.html
  • 4. Agenda • Containers • Definition • Early examples • Linux Containers • Underlying Technologies • LXC • Systemd-nspawn • Docker Containers • Installation • Images • Volumes • PostgreSQL in Docker Container • What it means • Best practices
  • 5. What are Containers? • OS Level virtualization where kernel allows for multiple isolated user-space instances Operating System Bare Metal Server OS Bare Metal Server Hypervisor OS Operating System Bare Metal Server C C C C C OS Bare Metal Server Hypervisor OS C C C C
  • 6. Advantages of Containers • Lower footprint • Very Quick Startup and Shutdown time • Density • Nesting
  • 7. Disadvantages of Containers • Same Kernel version • Cannot run other OS natively • Security (to be improved)
  • 8. Where to use container? • Recreate identical environment (cookie-cutter) • Resource Grouping of specific processes in heavily loaded server • Handling multiple versions of software applications • Ephemeral application instances (Dev/Test) • Many more
  • 9. Implementations of Containers • Chroot circa 1982 • FreeBSD Jails circa 2000 • Solaris Zones circa 2004 • Meiosys – MetaClusters with Checkpoint/Restore 2004-05 • Linux OpenVZ circa 2005 (not in mainstream Linux) • AIX WPARs circa 2007 • LXC circa 2008 • Systemd-nspawn circa 2010-2013 • Docker circa 2013
  • 10. What makes containers possible? • Process Group Isolation • Filesystem Isolation • Network Isolation • CPU Isolation • Memory Isolation • Example – Solaris Containers • Base implementation provided Process, Filesystem and Network Isolation • Resource pools consisting of CPU, memory was originally used • Branded Zones – Userland Library Isolation
  • 11. What makes Linux containers possible ? • cgroups • Allows limitation and prioritization of resources (CPU, memory, block I/O, network, etc.) • Namespace isolation • Mount namespace • PID namespace • Network namespace • UTS (Allows changing hostname, domainname) • IPC Namespace • User namespace • LXC • Combines kernel’s cgroup and namespaces to provide an isolated environment
  • 12. LXC • CentOS 7 + EPEL Repository set • Commands available • Quick Guide to use an LXC based container of busybox lxc-attach lxc-clone lxc-destroy lxc-ls lxc-stop lxc-usernsexec lxc-autostart lxc-config lxc-execute lxc-monitor lxc-top lxc-wait lxc-cgroup lxc-console lxc-freeze lxc-snapshot lxc-unfreeze lxc-checkconfig lxc-create lxc-info lxc-start lxc-unshare wget https://www.busybox.net/downloads/binaries/busybox-x86_64 -O busybox chmod a+x busybox PATH=$(pwd):$PATH lxc-create -t busybox -n mycontainer lxc-start -d -n mycontainer lxc-console –n mycontainer # (Use CTRL-A Q to exit console mode) lxc-stop -n mycontainer lxc-destroy -n mycontainer yum install epel-release yum install bridge-utils libvirt lxc lxc-templates
  • 13. Systemd-nspawn • Systemd • Replacement of SysV init scripts • Systemd-nspawn • Used to run a command or OS in light weight namespace container • Installed on most newer distros by default • Commands available systemd-analyze systemd-delta systemd-nspawn systemd-ask-password systemd-detect-virt systemd-run systemd-cat systemd-cgls systemd-loginctl systemd-sysv-convert systemd-cgtop systemd-machine-id-setup systemd-coredumpctl systemd-notify systemd-tty-ask-password-agent systemd-inhibit systemd-stdio-bridge systemd-tmpfiles systemctl machinectl hostnamectl journalctl yum install systemd
  • 14. Systemd-nspawn • Quick guide to a container deployment using systemd-nspawn • Useful tools machinectl status mycontainer systemd-cgls systemd-cgtop # Create an Image yum -y --releasever=7 --nogpg --installroot=/mycontainers/centos7 install systemd passwd yum fedora-release vim-minimal # Change the root password in the image systemd-nspawn -D /mycontainers/centos7 passwd exit # Start the container as if booting into the container image systemd-nspawn -D /mycontainers/centos7 –M mycontainer –b # Get into the container nsenter -m -u -i -n -p –t $PID machinectl login mycontainer
  • 15. Trends of Container Technologies
  • 16. Disruption of trends by Docker
  • 17. Docker • Installation • Commands available with docker binary • Quick Guide to use a docker based container attach build commit cp create diff events exec export history images import info inspect kill load login logout logs pause port ps pull push rename restart rm rmi run save search start stats stop tag top unpause version wait docker run --name mycontainer -e POSTGRES_PASSWORD=mysecretpassword -d postgres docker exec -ti mycontainer psql -U postgres docker stop mycontainer docker rm mycontainer docker rmi postgres yum install docker systemctl start docker
  • 18. Dockerfile – Custom Recipe • Container images are created using “Dockerfile” • Build an image using the recipe file • Push to a public or private registry (hub account login or private registry needed) FROM centos:centos7.0.1406 RUN yum install -y epel-release RUN yum install -y nginx EXPOSE 80 CMD ["bash", "-l", "-c", "/usr/sbin/nginx -g "daemon off;""] docker build –t jkshah/nginx –t . docker push jkshah/nginx:latest
  • 19. Docker Images • Docker Images are layered templates used by containers instances • Container instance images are layered Copy on Write Images based on Docker images • You can mutate your local container images (unless you use --read-only flag) • Not good for fast and frequent changing data • Can select a different underlying type using --storage-driver docker push jkshah/nginx:latest Do you really want to push to public registry? [y/n]: y The push refers to a repository [docker.io/jkshah/nginx] (len: 1) d498b5680966: Pushed 4b1d16518ce1: Pushed 3185bef36db4: Pushed 2f7013eef4b8: Pushed 539eca37bade: Pushed f1b10cd84249: Pushed latest: digest: sha256:46208d1f0393946b33c2bdce498168de507b7186a897f332bab0cffc1ea601c7 size: 10608
  • 20. Docker Volumes • Persists beyond the life of a Docker container • VOLUME command in Dockerfile or • Using –v using docker run command • Automatically created if not already present during docker run • Not part of docker push/pull operations • Can select a non-local directory using --volume-driver • Third party components required to get multi-host support (NFS, etc ) • On CentOS with SELinux enabled need to set security context • Different options using –v • -v /hostsrc/data:/opt/data:ro # for read only volumes (default rw) • -v /hostsrc/data:/opt/data:Z # Z – private volume, z – shared volume • -v /etc/nginx.conf:/etc/nginx.conf # for mounting a single file only • Volumes can be shared from another container using --volumes-from on same host • Docker 1.9 gives first class status to Docker Volumes chcon -Rt svirt_sandbox_file_t /hostpath/pgdata
  • 21. PostgreSQL in Docker container • Quick Deployment: • Check Deployment: • Use inspect command to get more information about the container • To check PostgreSQL system logs docker run --name mycontainer -v /hostpath/pgdata:/var/lib/postgresql/data -e POSTGRES_PASSWORD=mysecretpassword -d postgres docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8d720b31c1fe postgres "/docker-entrypoint.s" 5 minutes ago Up 5 minutes 5432/tcp mycontainer docker logs mycontainer The files belonging to this database system will be owned by user "postgres". This user must also own the server process. … LOG: database system was shut down at 2016-01-04 22:58:40 UTC LOG: MultiXact member wraparound protections are now enabled LOG: database system is ready to accept connections LOG: autovacuum launcher started docker inspect mycontainer
  • 22. PostgreSQL in docker container • Part of Postgres Dockerfile has • Impacts • Port is exposed only to other containers directly linking with this container • Data is persistent only for the life of container (docker rm) but not easily accessible outside the container • -v enables to access the data outside container • Linking to PostgreSQL Server container • Ports are exposed externally using –p option • Verify using docker run --name myapp --link mycontainer:ds2db -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=mysecretpassword -p 8080:80 -d jkshah/dvdstore2 EXPOSE 5432 VOLUME /var/lib/postgresql/data docker port myapp 80/tcp -> 0.0.0.0:8080
  • 23. PostgreSQL in docker container • Check for statistics using • Check for top processes in a container docker stats mycontainer myapp CONTAINER CPU % MEM USAGE/LIMIT MEM % NET I/O myapp 0.01% 51.51 MB/1.924 GB 2.68% 54.42 kB/7.576 MB mycontainer 0.01% 133.3 MB/1.924 GB 6.93% 7.577 MB/54.42 kB docker top mycontainer UID PID PPID C STIME TTY TIME CMD polkitd 25313 10698 0 16:58 ? 00:00:00 postgres polkitd 25385 25313 0 16:58 ? 00:00:00 postgres: checkpointer process polkitd 25386 25313 0 16:58 ? 00:00:00 postgres: writer process polkitd 25387 25313 0 16:58 ? 00:00:00 postgres: wal writer process polkitd 25388 25313 0 16:58 ? 00:00:00 postgres: autovacuum launcher process polkitd 25389 25313 0 16:58 ? 00:00:00 postgres: stats collector process docker top myapp UID PID PPID C STIME TTY TIME CMD root 30747 10698 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30796 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30797 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30798 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30799 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND 48 30800 30747 0 18:56 ? 00:00:00 httpd -D FOREGROUND
  • 24. PostgreSQL in docker container • Alternate way to see Process Tree using systemd-cgls tool systemd-cgls ├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 21 ├─user.slice │ └─user-0.slice │ └─session-34.scope │ ├─25129 sshd: root@pts/0 │ ├─25131 -bash │ └─31397 systemd-cgls └─system.slice ├─docker-9457652d7f6ec24ebd95305e788fe39030b049deb22f240ee2b7383488d0c215.scope │ ├─30747 httpd -D FOREGROUND │ ├─30796 httpd -D FOREGROUND │ ├─30797 httpd -D FOREGROUND │ ├─30798 httpd -D FOREGROUND │ ├─30799 httpd -D FOREGROUND │ └─30800 httpd -D FOREGROUND ├─docker-8d720b31c1fe0de77d3cd89942c1a72902b67d466f821ce63ee1271561a36451.scope │ ├─25313 postgres │ ├─25385 postgres: checkpointer process │ ├─25386 postgres: writer process │ ├─25387 postgres: wal writer process │ ├─25388 postgres: autovacuum launcher process │ └─25389 postgres: stats collector process ├─docker.service │ ├─10698 /usr/bin/docker daemon --selinux-enabled │ └─30739 docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8080 -contain...
  • 25. PostgreSQL in Docker container • Alternate way to see top containers using systemd-cgtop systemd-cgtop Path Tasks %CPU Memory Input/s Output/s / 100 0.9 1.5G - - /user.slice 3 0.9 70.7M - - /system.slice - 0.0 268.5M - - /system.slice/docker.service 2 0.0 31.9M - - /system.slice/nimbus.service 5 0.0 20.0K - - /system.slice/tuned.service 1 0.0 36.0K - - /system.slice/dock...49deb22f240ee2b7383488d0c215.scope 6 0.0 49.1M - - /system.slice/auditd.service 1 - 11.9M - - /system.slice/avahi-daemon.service 2 - 12.0K - - /system.slice/crond.service 1 - 92.0K - - /system.slice/dbus.service 1 - - - - /system.slice/dock...7d466f821ce63ee1271561a36451.scope 6 - 127.3M - - /system.slice/gssproxy.service 1 - - - - /system.slice/libvirtd.service 3 - - - - /system.slice/lvm2-lvmetad.service 1 - - - - /system.slice/polkit.service 1 - 16.0K - - /system.slice/postfix.service 3 - 3.5M - - /system.slice/rsyslog.service 1 - 2.1M - - /system.slice/sshd.service 1 - 3.0M - - /system.slice/system-getty.slice/[email protected] 1 - - - - /system.slice/systemd-journald.service 1 - 16.0M - - /system.slice/systemd-logind.service 1 - 20.0K - - /system.slice/systemd-udevd.service 1 - 520.0K - - /system.slice/xe-linux-distribution.service 2 - 1.0M - - /user.slice/user-0.slice/session-34.scope 3 - - - -
  • 26. PostgreSQL as a database server container • Maybe you want a database server standalone • Not all database clients will be on docker containers in the same host • Need to limit memory usage • Need different layout of how files are distributed (separage XLOG ) • Use the –p option to make the port available even to non containers clients • Use –m to limit memory usage by the DB server (by default it can see and use all) • Note this does not set shared buffers automatically with the library image docker run --name mycontainer -m 4g -e POSTGRES_PASSWORD=mysecretpassword -v /hostpath/pgdata:/var/lib/postgresql/data -p 5432:5432 -d postgres
  • 27. PostgreSQL in an enterprise environment • However for a real production use case we would need • Bigger shared memory configurations • Need different layout of how files are distributed (separage XLOG ) • Ability to backup the database • Ability to setup replication • etc • In short we need a more custom image of PostgreSQL
  • 28. Best Practices for custom image • For production install customize the docker image • Allocate proper memory limits - example 8GB • All pagecache usage shows up as docker container memory usage • Bump up shared buffers and other parameters as required • Hint: use PostgreSQL 9.3 or later otherwise have to privileged containers • http://jkshah.blogspot.com/2015/09/is-it-privilege-to-run-container-in.html • Support multiple volumes in your image • Pg_xlog • PITR archives • Tablespaces as required • Full Backup directory • PostgreSQL Extensions • Setup replication support • Out of box replication setup • Monitoring Tool • Your favorite monitoring agent
  • 29. References • http://www.freedesktop.org/wiki/Software/systemd/ • https://linuxcontainers.org/ • http://www.haifux.org/lectures/299/netLec7.pdf • http://haifux.org/lectures/320/netLec8_final.pdf
  • 30. Revolutionary platform to encapsulate and manage both legacy and new micro-services based applications with data and configurations running on containers and virtual machines in a private, public or hybrid cloud. Put your DevOps on hyper-drive! Efficiency and Velocity for Apps & Infrastructure We are HIRING !!!