This topic describes how to deploy OceanBase Admin Toolkit (OAT) in a Docker container.
Prerequisites
Before you deploy OAT, make sure that the following conditions are met:
Your operating system meets the conditions described in the following table:
Server type Operating system Supported version x86_64 or ARM aarch64 Red Hat Enterprise Linux (RHEL) and its compatible operating systems such as Rocky Linux and CentOS 7.2 and later x86_64 or ARM aarch64 Anolis and its compatible operating systems such as Alibaba Cloud Linux, Kylin V10, Unity Operating System (UOS), BC-Linux of China Mobile, Linx OS, and NFSChina 8.4 and later x86_64 or ARM AArch64 Debian and its compatible operating systems such as Ubuntu 11 and later x86_64 or ARM AArch64 openSUSE 12SP3 and later x86_64 or ARM AArch64 openSUSE 12SP3 and later x86_64 or ARM AArch64 Linx V6.0.99 and later If you use the OAT image package to install OAT, you must install and start Docker. Docker Community Edition 18.09.9 or later is recommended.
Note
If you use the oat-all-in-one installation package to deploy OAT, the
install.shscript in theoat-all-in-onepackage automatically installs Docker. You do not need to install Docker separately.The default port
7000of OAT is not occupied.
Use the oat-all-in-one installation package to install OAT
Note
We recommend that you use the oat-all-in-one installation package to install OAT.
You can obtain the oat-all-in-one installation package of OAT from OceanBase Download Center > Enterprise Edition > OceanBase Admin Tool. If you cannot find the required installation package, contact technical support.
Perform the following steps to install OAT:
Decompress the oat-all-in-one installation package.
Example:
tar -xf oat-all-in-one-arm-430.tarRun the installation script
install.sh.Example:
sh oat-all-in-one-arm/install.shThis command automatically installs Docker (if Docker is not installed in your environment), deploys OAT, and scans the images and tool packages contained in oat-all-in-one.
As prompted, confirm or specify the following information in sequence:
- Enter the root directory of Docker. We recommend that you specify a dedicated mount directory. The default directory is
/docker. You do not need to manually create this directory. You can customize this directory. If Docker is already installed, this step is skipped. - Enter the data directory of OAT. The default directory is
/oat_data. You do not need to manually create this directory. You can customize this directory. - Enter the HTTP listening port of OAT. The default port is
7000. You can customize this port. - Enter the database port of OAT. The default port is
3306. You can customize this port. - Enter the password of the OAT administrator account (the initial login password). You can customize this password.
- Use the returned URL to access OAT and verify the availability of OAT.
Example:
Note
In this example, Docker has been installed on the server. Therefore, Docker is not installed again during this installation.
Change the data directory of OAT to
/data/oat_data, and then press Enter.Input the OAT data dir: /data/oat_dataUse the default HTTP listening port of OAT and press Enter.
Input the OAT HTTP listen port: 7000Use the default database port of OAT and press Enter.
Input the OAT database port: 3306Change the password of the OAT administrator account
admin(the initial login password) and press Enter.
Input the OAT admin user password(login password): ******- Use the returned URL to access OAT and verify the availability of OAT.
The following output is returned:
Start prepare docker Docker is already exists, start check... Already installed docker check healthy, skip install docker Start prepare OAT Loaded image: xxx/oceanbase/oat:4.3.0_20241025_arm 45fd5a9b31b0af6aeb07b3e485503ad4c64629170b91d1d3c9e8128e8e532125 check OAT url http://127.0.0.1:7000/hc OAT API not ready, please wait, sleep 5s retry... OAT API not ready, please wait, sleep 5s retry... OAT API not ready, please wait, sleep 5s retry... OAT API not ready, please wait, sleep 5s retry... OAT API not ready, please wait, sleep 5s retry... OAT API not ready, please wait, sleep 5s retry... OAT API ready Copy images and binary_packages to OAT data dir Trigger OAT scan api to find images and binary_packages Trigger scan task success, please visit OAT web site and wait for scan task finished OAT is ready for visit url is: http://<current_ip>:7000 user/password is: admin/******- Enter the root directory of Docker. We recommend that you specify a dedicated mount directory. The default directory is
Note
- By default, the
install.shscript starts the OAT container in host network mode by using--net host. If you want to use another network mode, start the container manually by using the OAT image. - The
oat-all-in-oneinstallation package for the x86 (aarch64) architecture contains only the images and software packages for the x86_64 (aarch64) and noarch architectures. If you need images and software packages for the aarch64 (x86_64) architecture, download them and copy them to the directory mounted to the OAT container, and then initiate a scan task to add them.
Use the OAT Docker image to install OAT
Obtain the installation package of OAT.
Note
Contact OAT technical support to obtain the installation package.
Run the
scpcommand to upload the OAT installation package to the server.Here,
oat_serverspecifies the IP address of the server on which OAT is deployed.scp oat.tgz <oat_server_user>@<oat_server_ip>:~/Example:
scp oat_4.3.0_20241025_arm.tgz root@xxx.xxx.xxx.xxx:/home/admin/oat_rpmMount the OAT directory.
Create a directory named
/data_diron the server (you can customize the path;/data_diris used as an example in this topic) to store persistent data of OAT.After
/data_diris mounted to the OAT container, OAT automatically creates the/data_dir/logs,/data_dir/images, and/data_dir/dbdirectories for storing OAT system logs, Docker images of components and products, and database files of OAT.mkdir -p /data_dirLoad the OAT installation package as an image.
docker load -i oat_xxx_xxxxxxxx_xxx.tgzHere,
oat_xxx_xxxxxxxx_xxx.tgzis the name of the installation package.Example:
docker load -i oat_4.3.0_20241025_arm.tgzThe following result is returned:
Loaded image: xxx/oceanbase/oat:4.3.0_20241025_armRun the
docker imagescommand to obtain the tag of the OAT image.Note
If only one OAT installation package is loaded, you can run the sample command. If multiple installation packages are loaded, run the
docker imagescommand to view the displayed content and connect the first two columns with a colon (:).oat_image=`docker images | grep oat | awk '{printf $1":"$2"\n"}'`Run the
docker runcommand to start OAT.Here,
$oat_imagespecifies the tag of the OAT image.docker run -d --net host --name oat -v /data_dir:/data -e OAT_INITIAL_ADMIN_PASSWORD=xxx --restart on-failure:5 $oat_imageNote
The default HTTP listening port of OAT is 7000. You can specify the
-e HTTP_PORT=7001parameter to modify the port.You can specify the
-e OAT_INITIAL_ADMIN_PASSWORD=xxxparameter to change the password of OAT.By default, the built-in MariaDB of OAT listens on port 3306. You can specify the
-e DB_PORT=3307parameter to modify the port.We recommend that you start OAT by specifying the
--net hostparameter because a container started in bridge mode can be affected bydocker0bridge failures or theip_forwardparameter of the operating system.
Example:
docker run -d --net host --name oat -v /data_dir:/data -e OAT_INITIAL_ADMIN_PASSWORD=****** --restart on-failure:5 $oat_imageThe following result is returned:
490344724bfcb2801da271196ebc38b5c15547b796178dc7660553ae62b668c2You can enable HTTPS when you install OAT by using the OAT Docker image. The command is as follows:
docker run -itd --name oat --net host -e ENABLE_HTTPS=true -e HTTP_PORT=7000 -e OAT_INITIAL_ADMIN_PASSWORD=****** -v /data_dir:/data -v <replace with the path of the .crt file of the host certificate>:/data/cert/oat.crt -v <replace with the path of the .key file of the host certificate>:/data/cert/oat.key --restart on-failure:5 $oat_imageParameter description:
Note
OAT internally uses MariaDB as the data storage. It listens on port 3306 by default. You can specify the
-e DB_PORT=3307parameter to change the port.Parameter Description -itd Specifies to create a container that runs in the background but retains interactive terminal capabilities. This is a combination of three parameters, as follows: -i(interactive): Keeps the standard input open, allowing interaction with the container.-t(tty): Allocates a pseudo-terminal, making the interaction more user-friendly.-d(detach): Runs the container in the background (daemon mode).
--name oat Specifies the container name as oat, making it easier to manage the container by name rather than by its random ID.--net host Specifies to use the Host network mode. The container will directly use the host's network stack, sharing the host's IP address and ports. This means that services listening on port 7000inside the container can be accessed directly viaHost IP:7000on the host without additional port mapping.Note
We recommend using the
--net hostparameter, as containers started in bridge network mode may be affected bydocker0bridge issues or the operating system parameterip_forward.-e ENABLE_HTTPS=true Specifies to enable the HTTPS protocol for the OAT application. The ENABLE_HTTPSparameter controls whether to enable HTTPS, with a default value offalse.Notice
When you use the
ENABLE_HTTPSparameter to enable HTTPS, you must also mount the TLS certificate.-e HTTP_PORT=7000 Specifies the listening port for the HTTPS/HTTP service. The HTTP_PORTparameter sets the listening port for the HTTPS/HTTP service, with a default value of7000.-e OAT_INITIAL_ADMIN_PASSWORD=****** Specifies the initial administrator password for the OAT system. The OAT_INITIAL_ADMIN_PASSWORDparameter sets the initial password for OAT.-v /data_dir:/data Mounts a data volume, mapping the host's /data_dirdirectory to the container's/datadirectory. Data generated by OAT inside the container, such as configuration files and database files, will be persisted on the host to avoid data loss when the container is deleted.-v <Path to the .crt file of the TLS certificate on the host>:/data/cert/oat.crt Mounts a data volume, mapping the host's .crt(public key) file of the TLS certificate to the specified path inside the container (/data/cert/oat.crtis the path for using the certificate in the OAT container).-v <Path to the .key file of the TLS certificate on the host>:/data/cert/oat.key Mounts a data volume, mapping the host's .key(private key) file of the TLS certificate to the specified path inside the container (/data/cert/oat.keyis the path for using the certificate in the OAT container).--restart on-failure:5 Specifies the container's restart policy. on-failuremeans the container will automatically restart only if it exits abnormally (i.e., with a non-zero exit code).:5specifies that Docker will attempt to restart the container a maximum of 5 times. This is a common strategy to ensure service availability while avoiding infinite restart loops.$oat_image Specifies the tag of the OAT image (assigned in step 5 above). After OAT is started, enter
http://<oat_server_ip>:7000in the address bar of the browser.Here,
<oat_server_ip>specifies the IP address of the server on which OAT is deployed.If the login page appears, OAT is installed and started.