Difference between revisions of "Integration with UCS/Database"

From Univention Wiki

Jump to: navigation, search
(Link to new documentation)
 
Line 1: Line 1:
[[Category:App Center Developer Guide]]
+
#REDIRECT [[App Center Developer Guide]]
 
 
 
 
The App Center provides an integration into the Database Management Systems (DBMS) PostgreSQL and MySQL. This is particularly useful for [[Docker Apps]]. This is why the following text assumes a Docker App. [[Non-Docker Apps]] may just install the DBMS via apt through a dpkg dependency (although, except for variables clearly related to Docker, everything works for Non-Docker Apps, too).
 
 
 
A Docker App does not have to install its own database in the container. Instead, it may connect to the database on the Docker Host. For that, the following variables in the [[Meta_files/ini|ini file]] can be set:
 
 
 
;Database: One of "mysql" or "postgresql". If set, the database is installed and set up on the Host before installing the actual App.
 
;DatabaseName: Name of the database within the DBMS. Defaults to the App ID.
 
;DatabaseUser: Name of the database user within the DBMS with full access to the '''DatabaseName''' (and only to that!). Default to the App ID.
 
;DatabasePasswordFile: Path to the password file both on the Host and in the Container. The file will contain the password without a newline character. The default will be ''/etc/[postgresql|mysql]-$appid.secret''. The file will be readable only by ''root''.
 
;DockerEnvDatabaseHost: The Docker Container will be started with this variable's value as the environment variable containing the Host's name. Example: <tt>DockerEnvDatabaseHost=MYAPP_HOST</tt> will start with a Container with <tt>MYAPP_HOST=master.mydomain.intranet</tt> set in the environment. Defaults to DB_HOST.
 
;DockerEnvDatabasePort: Same as '''DockerEnvDatabaseHost''', but contains the port of the DBMS on the Host. Defaults to DB_PORT.
 
;DockerEnvDatabaseName: Same as '''DockerEnvDatabaseHost''', but contains the '''DatabaseName'''. Defaults to DB_NAME.
 
;DockerEnvDatabaseUser: Same as '''DockerEnvDatabaseHost''', but contains the '''DatabaseUser'''. Defaults to DB_USER.
 
;DockerEnvDatabasePassword: Same as '''DockerEnvDatabaseHost''', but contains the password to the database. Defaults to DB_PASSWORD.
 
;DockerEnvDatabasePasswordFile: Same as '''DockerEnvDatabaseHost''', but contains '''DatabasePasswordFile'''. If set, '''DockerEnvDatabasePassword''' is not used, i.e., the password will not show up in the environment. Instead, only the file contains information about the password.
 
 
 
;''Note'': The App Center takes care of the firewall settings between Docker Container and Docker Host.
 
 
 
;''Important'': For the [[App Appliance]] to work, it is necessary for Docker Apps to reconfigure their database connection in the [[Integration with UCS/Join|Join Script]]. If the initial configuration is written in some "postinst routine" and left untouched, the connection will most likely fail as the hostname of the Docker Host will change.
 
 
 
;''Important'': It is not possible to get "root" access to the database from within the App. The database connection is always configured to run as a dedicated user that has full access to "his" database, but none to other databases.
 
 
 
=== Example ===
 
<pre>
 
ID=myapp
 
Database=postgresql
 
</pre>
 
 
 
will install a PostgreSQL server on the Host, create a database user "myapp", create a database named "myapp" and make the user "myapp" its owner. The password is stored in /etc/postgresql-myapp.secret.
 
In the Docker Container, one can configure the App to connect to: $DB_USER:$DB_PASSWORD@$DB_HOST:$DB_PORT, which is something like: myapp:1234567890@master.mydomain.intranet:5432.
 
 
 
Alternatively,
 
 
 
<pre>
 
ID=myapp
 
Database=mysql
 
DatabasePasswordFile=/opt/myapp/conf/database.secret
 
DockerEnvDatabaseHost=MYAPP_MYSQL_HOST
 
DockerEnvDatabasePort=MYAPP_MYSQL_PORT
 
DockerEnvDatabaseName=MYAPP_MYSQL_NAME
 
DockerEnvDatabaseUser=MYAPP_MYSQL_USER
 
</pre>
 
 
 
installs MySQL, creates the database and the user and then sets
 
<pre>
 
MYAPP_MYSQL_HOST=master.mydomain.intranet
 
MYAPP_MYSQL_PORT=3306
 
MYAPP_MYSQL_NAME=myapp
 
MYAPP_MYSQL_USER=myapp
 
DB_PASSWORD=1234567890
 
</pre>
 
in the container.
 
 
 
Ideally, the password is already stored where the App expects it to be (otherwise setting DatabasePasswordFile does not make much sense). One could set <tt>DockerEnvDatabasePassword</tt> as well.
 

Latest revision as of 14:55, 27 August 2018

Personal tools