[Docker] Add a new TimescaleDB + v15 based image

kmoppel-cognite · kmoppel-cognite · commit ebb4224faea5 · 2023-01-06T16:13:30.000+02:00
As Timescale offers best disk usage by far
diff --git a/docker-launcher-timescale.sh b/docker-launcher-timescale.sh
@@ -0,0 +1,100 @@
+#!/bin/bash
+
+mkdir /var/run/grafana && chown grafana /var/run/grafana
+
+if [ ! -f /pgwatch2/persistent-config/self-signed-ssl.key -o ! -f /pgwatch2/persistent-config/self-signed-ssl.pem ] ; then
+    openssl req -x509 -newkey rsa:4096 -keyout /pgwatch2/persistent-config/self-signed-ssl.key -out /pgwatch2/persistent-config/self-signed-ssl.pem -days 3650 -nodes -sha256 -subj '/CN=pw2'
+    cp /pgwatch2/persistent-config/self-signed-ssl.pem /etc/ssl/certs/ssl-cert-snakeoil.pem
+    cp /pgwatch2/persistent-config/self-signed-ssl.key /etc/ssl/private/ssl-cert-snakeoil.key
+    chown postgres /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key
+    chmod -R 0600 /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key
+    chmod -R o+rx /pgwatch2/persistent-config
+fi
+
+# enable password encryption by default from v1.8.0
+if [ ! -f /pgwatch2/persistent-config/default-password-encryption-key.txt ]; then
+  echo -n "${RANDOM}${RANDOM}${RANDOM}${RANDOM}" > /pgwatch2/persistent-config/default-password-encryption-key.txt
+  chmod 0600 /pgwatch2/persistent-config/default-password-encryption-key.txt
+fi
+
+GRAFANASSL="${PW2_GRAFANASSL,,}"    # to lowercase
+if [ "$GRAFANASSL" == "1" ] || [ "${GRAFANASSL:0:1}" == "t" ]; then
+    $(grep -q 'protocol = http$' /etc/grafana/grafana.ini)
+    if [ "$?" -eq 0 ] ; then
+        sed -i 's/protocol = http.*/protocol = https/' /etc/grafana/grafana.ini
+    fi
+fi
+
+if [ -n "$PW2_GRAFANAUSER" ] ; then
+    sed -i "s/admin_user =.*/admin_user = ${PW2_GRAFANAUSER}/" /etc/grafana/grafana.ini
+fi
+
+if [ -n "$PW2_GRAFANAPASSWORD" ] ; then
+    sed -i "s/admin_password =.*/admin_password = ${PW2_GRAFANAPASSWORD}/" /etc/grafana/grafana.ini
+fi
+
+if [ -n "$PW2_GRAFANANOANONYMOUS" ] ; then
+CFG=$(cat <<-'HERE'
+[auth.anonymous]
+enabled = false
+HERE
+)
+echo "$CFG" >> /etc/grafana/grafana.ini
+fi
+
+if [ ! -f /pgwatch2/persistent-config/db-bootstrap-done-marker ] ; then
+
+if [ ! -d /var/lib/postgresql/15 ]; then
+  mkdir /var/lib/postgresql/15 && chown -R postgres:postgres /var/lib/postgresql/15
+  pg_dropcluster 15 main
+  pg_createcluster --locale en_US.UTF-8 15 main
+  echo "include = 'pgwatch_postgresql.conf'" >> /etc/postgresql/15/main/postgresql.conf
+  cp /pgwatch2/postgresql_timescale.conf /etc/postgresql/15/main/pgwatch_postgresql.conf
+  cp /pgwatch2/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf
+fi
+
+pg_ctlcluster 15 main start -- --wait
+
+su -c "psql -d postgres -f /pgwatch2/bootstrap/change_pw.sql" postgres
+su -c "psql -d postgres -f /pgwatch2/bootstrap/grant_monitor_to_pgwatch2.sql" postgres
+su -c "psql -d postgres -f /pgwatch2/bootstrap/create_db_pgwatch.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/bootstrap/revoke_public_create.sql" postgres
+su -c "psql -d postgres -f /pgwatch2/bootstrap/create_db_grafana.sql" postgres
+su -c "psql -d postgres -f /pgwatch2/bootstrap/create_db_metric_store.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/sql/config_store/config_store.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/sql/config_store/metric_definitions.sql" postgres
+su -c "psql -d pgwatch2_metrics -f /pgwatch2/sql/metric_store/00_schema_base.sql" postgres
+su -c "psql -d pgwatch2_metrics -f /pgwatch2/sql/metric_store/01_old_metrics_cleanup_procedure.sql" postgres
+
+su -c "psql -d pgwatch2_metrics -f /pgwatch2/sql/metric_store/timescale/ensure_partition_timescale.sql" postgres
+su -c "psql -d pgwatch2_metrics -f /pgwatch2/sql/metric_store/timescale/change_compression_interval.sql" postgres
+su -c "psql -d pgwatch2_metrics -f /pgwatch2/sql/metric_store/timescale/metric_store_timescale.sql" postgres
+su -c "psql -d pgwatch2_metrics -f /pgwatch2/sql/metric_store/timescale/change_chunk_interval.sql" postgres
+su -c "psql -d pgwatch2_metrics -f /pgwatch2/sql/metric_store/metric-time/ensure_partition_metric_time.sql" postgres
+
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_load_average/9.1/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_stat_statements/9.4/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_stat_activity/9.2/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_stat_replication/9.2/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_table_bloat_approx/9.5/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_table_bloat_approx_sql/12/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_wal_size/10/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_psutil_cpu/9.1/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_psutil_mem/9.1/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_psutil_disk/9.1/metric.sql" postgres
+su -c "psql -d pgwatch2 -f /pgwatch2/metrics/00_helpers/get_psutil_disk_io_total/9.1/metric.sql" postgres
+su -c "psql -d pgwatch2 -c 'create extension pg_qualstats'" postgres
+
+if [ -n "$PW2_TESTDB" ] ; then
+  su -c "psql -d pgwatch2 -f /pgwatch2/bootstrap/insert_test_monitored_db.sql" postgres
+fi
+
+touch /pgwatch2/persistent-config/db-bootstrap-done-marker
+
+pg_ctlcluster 15 main stop -- --wait
+
+fi
+
+sleep 1
+
+exec /usr/local/bin/supervisord --configuration=/etc/supervisor/supervisord.conf --nodaemon
diff --git a/docker/Dockerfile-timescale b/docker/Dockerfile-timescale
@@ -0,0 +1,87 @@
+FROM golang:1.19
+
+# For showing Git version via 'pgwatch2 --version'
+ARG GIT_HASH
+ARG GIT_TIME
+ENV GIT_HASH=${GIT_HASH}
+ENV GIT_TIME=${GIT_TIME}
+
+ADD pgwatch2 /pgwatch2
+RUN cd /pgwatch2 && bash build_gatherer.sh
+
+
+FROM ubuntu:22.04
+
+RUN apt-get -q update \
+    && DEBIAN_FRONTEND=noninteractive apt-get install -qy curl wget apt-transport-https vim git postgresql-common gnupg2 python3-pip \
+    && sh /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y \
+    && DEBIAN_FRONTEND=noninteractive apt-get install -qy postgresql-15 postgresql-plpython3-15 python3-psutil \
+    && echo "deb https://packagecloud.io/timescale/timescaledb/ubuntu/ jammy main" | tee /etc/apt/sources.list.d/timescaledb.list \
+    && wget --quiet -O - https://packagecloud.io/timescale/timescaledb/gpgkey | apt-key add - \
+    && apt update \
+    && DEBIAN_FRONTEND=noninteractive apt-get install -qy timescaledb-2-postgresql-15 postgresql-15-pg-qualstats \
+    && echo "include = 'pgwatch_postgresql.conf'" >> /etc/postgresql/15/main/postgresql.conf
+
+RUN arch=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) \
+    && DEBIAN_FRONTEND=noninteractive apt-get install -qy libfontconfig1 \
+    && wget -q -O grafana.deb "https://dl.grafana.com/oss/release/grafana_8.5.15_${arch}.deb" \
+    && dpkg -i grafana.deb && rm grafana.deb
+
+
+# Add pgwatch2 sources
+ADD pgwatch2 /pgwatch2
+# Copy over the compiled gatherer
+COPY --from=0 /pgwatch2/pgwatch2 /pgwatch2
+ADD webpy /pgwatch2/webpy
+
+# For showing Git versions via :8080/versions or 'pgwatch2 --version'
+ARG GIT_HASH
+ARG GIT_TIME
+ENV GIT_HASH=${GIT_HASH}
+ENV GIT_TIME=${GIT_TIME}
+RUN echo "${GIT_HASH} ${GIT_TIME}" > /pgwatch2/build_git_version.txt
+
+# Grafana config customizations, Web UI requirements, compilation of the Go gatherer
+RUN cp /pgwatch2/bootstrap/grafana_custom_config.ini /etc/grafana/grafana.ini \
+    && pip3 install -r /pgwatch2/webpy/requirements_pg_metrics.txt \
+    && grafana-cli plugins install savantly-heatmap-panel \
+    && pip3 install supervisor pyyaml && mkdir /var/log/supervisor \
+    && apt autoremove -y
+
+
+ADD grafana_dashboards /pgwatch2/grafana_dashboards
+
+
+# Set up supervisord [https://docs.docker.com/engine/admin/using_supervisord/]
+COPY supervisord-timescale.conf /etc/supervisor/supervisord.conf
+
+# NB! When security is a concern one should definitely alter "pgwatch2" password in change_pw.sql and maybe modify pg_hba.conf accordingly
+COPY postgresql_timescale.conf /etc/postgresql/15/main/pgwatch_postgresql.conf
+COPY pg_hba.conf /etc/postgresql/15/main/pg_hba.conf
+COPY docker-launcher-timescale.sh pg_hba.conf /pgwatch2/
+
+ENV PW2_DATASTORE postgres
+ENV PW2_PG_METRIC_STORE_CONN_STR postgresql://pgwatch2:pgwatch2admin@localhost:5432/pgwatch2_metrics
+ENV PW2_PG_SCHEMA_TYPE timescale
+ENV PW2_AES_GCM_KEYPHRASE_FILE /pgwatch2/persistent-config/default-password-encryption-key.txt
+
+# Admin UI for configuring servers to be monitored
+EXPOSE 8080
+# Gatherer healthcheck port / metric statistics (JSON)
+EXPOSE 8081
+# Postgres DB holding the pgwatch2 config DB / metrics
+EXPOSE 5432
+# Grafana UI
+EXPOSE 3000
+# Prometheus scraping port
+EXPOSE 9187
+
+### Volumes for easier updating to newer to newer pgwatch2 containers
+### NB! Backwards compatibility is not 100% guaranteed so a backup
+### using traditional means is still recommended before updating - see "Updating to a newer Docker version" from README
+
+VOLUME /pgwatch2/persistent-config
+VOLUME /var/lib/postgresql
+VOLUME /var/lib/grafana
+
+CMD ["/pgwatch2/docker-launcher-timescale.sh"]
diff --git a/postgresql_timescale.conf b/postgresql_timescale.conf
@@ -0,0 +1,19 @@
+listen_addresses='*'
+shared_buffers='64MB'
+work_mem='16MB'
+checkpoint_timeout='1h'
+ssl=true
+track_io_timing=on
+shared_preload_libraries = 'pg_stat_statements,timescaledb,pg_qualstats'
+track_functions='pl'
+wal_compression=zstd
+log_destination=csvlog
+logging_collector=on
+log_directory='/var/log/postgresql'
+log_filename='postgresql-%a.log'
+log_truncate_on_rotation=on
+wal_level=archive
+archive_mode=on
+archive_command='/bin/true'
+max_worker_processes=16
+max_locks_per_transaction=128
diff --git a/supervisord-timescale.conf b/supervisord-timescale.conf
@@ -0,0 +1,55 @@
+[supervisord]
+nodaemon=true
+user=root
+pidfile=/var/run/supervisord.pid
+logfile=/var/log/supervisor/supervisord.log
+childlogdir=/var/log/supervisor
+
+[unix_http_server]
+file=/var/run/supervisor.sock
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///var/run/supervisor.sock
+
+[program:supervisord_bootstrap]
+command=/pgwatch2/bootstrap/supervisord_bootstrap_pg.sh
+autorestart=false
+startsecs=0
+autostart=true
+redirect_stderr=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+
+[program:postgres]
+command=/usr/lib/postgresql/15/bin/postgres -D /var/lib/postgresql/15/main -c config_file=/etc/postgresql/15/main/postgresql.conf
+user=postgres
+startsecs=0
+priority=1
+autostart=false
+
+[program:pgwatch2]
+command=/pgwatch2/pgwatch2
+priority=300
+autostart=false
+
+[program:webpy]
+command=python3 /pgwatch2/webpy/web.py
+priority=400
+autostart=false
+
+[program:grafana]
+command=/usr/sbin/grafana-server --homepath=/usr/share/grafana --pidfile=/var/run/grafana/grafana-server.pid --config=/etc/grafana/grafana.ini --packaging=deb cfg:default.paths.provisioning=/etc/grafana/provisioning cfg:default.paths.data=/var/lib/grafana cfg:default.paths.logs=/var/log/grafana cfg:default.paths.plugins=/var/lib/grafana/plugins
+user=grafana
+startsecs=0
+priority=500
+autostart=false
+
+[program:grafana_dashboard_setup]
+command=/pgwatch2/bootstrap/set_up_grafana_dashboards_pg.sh
+priority=600
+autorestart=false
+startsecs=0
+autostart=false
