DM在Docker环境部署安装

TiDB Data Migration 是由 PingCAP 开发的一体化数据同步任务管理平台,支持从 MySQL 或 MariaDB 到 TiDB 的全量数据迁移和增量数据同步,在 TiDB DevCon 2019 正式开源。作为一款连接 MySQL/MariaDB 生态和 TiDB 生态的中台类型产品,DM 获得了广泛的关注,很多公司、开发者和社区的伙伴已经在使用 DM 来进行数据迁移和管理。

接下来会介绍下如何在Docker中搭建DM的方法,仅供参考。

DM在Docker环境部署安装

1 准备工作

机器名 Second Header
中控机 172.17.0.2
DM 172.17.0.6
# centos7.3.1611
yum install wget vim net-tools sudo -y

2 部署

2.1 中控机安装依赖
yum -y install epel-release git curl sshpass
yum -y install python-pip
2.2 创建tidb用户,生成ssh密钥
# pwd: 12345678
useradd -m -d /home/tidb tidb
passwd tidb
# visudo
tidb ALL=(ALL) NOPASSWD: ALL
# 切换到tidb
su - tidb
# 生成密钥
ssh-keygen -t rsa
2.3 下载DM-Ansible至中控机
# 确保使用tidb账户登陆中控机
# {version} 为期望下载的 DM 版本,如 v1.0.0-alpha、latest 等
wget http://download.pingcap.org/dm-ansible-latest.tar.gz
2.4 安装DM-Ansible及依赖至中控机
# 安装dm-ansible依赖
tar -xzvf dm-ansible-latest.tar.gz
mv dm-ansible-latest dm-ansible
cd /home/tidb/dm-ansible
# 此步公司网络报错,手机WI-FI顺利
sudo pip install -r ./requirements.txt
# Ansible 和相关依赖包含于 dm-ansible/requirements.txt 文件中
# 查看ansible版本
ansible 2.7.5
2.5 在中控机配置ssh互信
# 确保使用tidb账户登陆至中控机
cd /home/tidb/dm-ansible
vi hosts.ini
[servers]
172.17.0.3

# 执行脚本,输入交互式密码
ansible-playbook -i hosts.ini create_users.yml -u root -k

互信需要额外的对docker容器进行配置,参考该文,大致如下:

# cat Dockerfile
FROM centos:7.3.1611
ENV container docker
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); 
rm -f /lib/systemd/system/multi-user.target.wants/*;
rm -f /etc/systemd/system/*.wants/*;
rm -f /lib/systemd/system/local-fs.target.wants/*; 
rm -f /lib/systemd/system/sockets.target.wants/*udev*; 
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; 
rm -f /lib/systemd/system/basic.target.wants/*;
rm -f /lib/systemd/system/anaconda.target.wants/*;
VOLUME [ "/sys/fs/cgroup" ]
CMD ["/usr/sbin/init"]

# 使用镜像生成容器,进入容器
docker build --rm -t local/c7-systemd .
# 安装sshd
yum -y install openssh-server
yum -y install openssh-clients
# 启动sshd服务
/usr/sbin/sshd -D &

# 报错
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Could not load host key: /etc/ssh/ssh_host_ed25519_key

# 需要执行以下命令: 
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ""
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""

# 生成新的景象
docker commit idxxxxx new-images:01

# 生成新的容器
docker run -d -p 10022:22

# 设置root密码
passwd
2.6 下载DM及监控组建安装包至中控机
ansible-playbook local_prepare.yml
2.7 编辑inventory.ini配置文件
# 以单节点单个DM为例
dm_worker1 ansible_host=172.17.0.6 server_id=101 source_id="mysql-replica-01" mysql_host=172.17.0.7 mysql_user=ght mysql_password='KhAvY2NidLitKi3EtSo/ykBimnGhrn8nAAABBBCCC==' mysql_port=3306
# 加密密码
cd /home/tidb/dm-ansible/resources/bin
./dmctl -encrypt Zxcvbnm,lp-232
2.8 编译inventory.ini文件中的变量
# 主要是配置路径/binlog位置
2.9 部署DM集群
# 判断互信是否成功
ansible -i inventory.ini all -m shell -a 'whoami'
# 判断免密是否成功
ansible -i inventory.ini all -m shell -a 'whoami' -b
# 修改内核参数,并部署DM集群组件和监控组件
ansible-playbook deploy.yml
# 启动DM
ansible-playbook start.yml

这个时候会报错,因此需要重新创建容器

# 报错
TASK [start prometheus by systemd] ***************************************************************************************************************
failed: [prometheus] (item=prometheus-9090.service) => {"changed": false, "cmd": "/bin/systemctl", "item": "prometheus-9090.service", "msg": "Failed to get D-Bus connection: Operation not permitted", "rc": 1, "stderr": "Failed to get D-Bus connection: Operation not permitted
", "stderr_lines": ["Failed to get D-Bus connection: Operation not permitted"], "stdout": "", "stdout_lines": []}
	to retry, use: --limit @/home/tidb/dm-ansible/retry_files/start.retry

PLAY RECAP ***************************************************************************************************************************************
localhost                  : ok=1    changed=0    unreachable=0    failed=0
prometheus                 : ok=0    changed=0    unreachable=0    failed=1
# 重新部署DM容器
docker run -d -e "container=docker" -p 10022:22 --privileged=true -v /sys/fs/cgroup:/sys/fs/cgroup --name ssh3 ssh:01 /usr/sbin/init

可能还会报错

# 报错
grafana | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: System is booting up. See pam_nologin(8)
Authentication failed.",
    "unreachable": true
}
dm_worker1 | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: System is booting up. See pam_nologin(8)
Authentication failed.",
    "unreachable": true
}
alertmanager | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: System is booting up. See pam_nologin(8)
Authentication failed.",
    "unreachable": true
}
dm_master | UNREACHABLE! => {
    "changed": false,
    "msg": "Failed to connect to the host via ssh: System is booting up. See pam_nologin(8)
Authentication failed.",
    "unreachable": true
}
# 登陆待ssh的机器,将/etc/pam.d/sshd的一行注释掉
account    required     pam_nologin.so

3 更新DM-Ansible版本

3.1 备份dm-ansible
cd /home/tidb
mv dm-ansible dm-ansible-bak
3.2 下载对应版本的dm
cd /home/tidb
wget http://download.pingcap.org/dm-ansible-{version}.tar.gz
tar -xzvf dm-ansible-latest.tar.gz
mv dm-ansible-latest dm-ansible
3.3 迁移inventory.ini
cd /home/tidb
cp dm-ansible-bak/inventory.ini dm-ansible/inventory.ini
3.4 迁移dmctl配置
cd /home/tidb/dm-ansible-bak/dmctl
cp * /home/tidb/dm-ansible/dmctl/
3.5 更新DM文件
ansible-playbook local_prepare.yml

参考