Combined CouchDB / Clouseau dockerfile

[willholley]

Overview

This adds a Dockerfile which contains both CouchDB and Clouseau
in a single container. This is useful because in most containerized
environments, EPMD runs in the CouchDB container; restarting the
CouchDB container can therefore lead to Clouseau becoming orphaned
because EPMD is also killed.

The container is based on the Red Hat UBI and uses runit to supervise
both CouchDB and Clouseau. UBI is used mostly for familiarity (this
is how we build a combined container at IBM), but it serves as a
reference for anybody looking to port to other base images.

The dockerfile entrypoint is modified to configure CouchDB and Clouseau
in an Erlang cluster. It's equally possible to run the container in
e.g. Kubernetes or Docker Compose without the dockerfile entrypoint;
the user would then need to write out the configuration files via their
configuration management system and call /sbin/runsvdir-start directly.

Both CouchDB and Clouseau will, by default, run under the UID 5984
(CouchDB) and GID 0. If the container is started as a non-root user,
that ambient UID/GID is used instead.

Testing recommendations

You can build the image using e.g.:

cd 3.1.0-ubi-clouseau
docker build . -t couchdb3-clouseau 

Then to run:

docker run -d -e COUCHDB_USER=admin -e COUCHDB_PASSWORD=password --name couchdb -p 5984:5984 couchdb3-clouseau

If you then curl/access CouchDB you should see that search is enabled:

curl localhost:5984/                                                                                                                                                        ─╯
{"couchdb":"Welcome","version":"3.1.0","git_sha":"ff0feea20","uuid":"0b56e44a12e2c1ae9840924b3b351065","features":["search","access-ready","partitioned","pluggable-storage-engines","reshard","scheduler"],"vendor":{"name":"The Apache Software Foundation"}}

If you need to inspect the couchdb or search service, you can use runit:

docker exec -it couchdb /bin/bash

sv status /etc/service/couchdb-search
sv status /etc/service/couchdb

GitHub issue number

#8

Related Pull Requests

Checklist

• Code is written and works correctly;
• Changes are covered by tests;
• Documentation reflects the changes;

[wohali]

As we're not pushing these downstream at the moment, +1.

If we decide to do that we'll have to talk with the Docker folks who will want to go over this with a fine toothed comb....not a pleasant process ;)

[rileyai-dev]

@wohali Thanks for the merge! I requested this from @willholley who kindly shared the Docker repo they use at IBM. I might be able to test (as much as possible) since we will be using this image for our prod environment. If you decide not to push this image, please let me know so I can create an image for our use exclusively.

Please note that using CouchDB with Clouseau in the current docker setting (when using helm, it creates two containers in one node) leads to unexpected behavior and should be avoided at all cost! Having this image (coming from IBM) solves the problem we encounter with the available images.

[wohali]

Can you provide more detail on the helm issue?

[rileyai-dev]

Sure... it happens that the CouchDB container restarts due to cluster instability (network issue, unresponsive container or dead process). When CouchDB restarts, at the same time it restarts EPMD. The Clouseau container doesn't detect this problem and stays on the old EPMD. Resulting in an unresponsive Clouseau that never gets restarted.

Having both processes in the same container solves this issue by restarting both processes (EPMD and Clouseau) at the same time whenever CouchDB restarts.

[rileyai-dev]

@wohali Do you need more details?

[wohali]

@GrapevineAI nope, thanks, got all we need

[rileyai-dev]

@wohali Where can I find the published image? Should I publish it myself?

[wohali]

We haven't had the time to review any licensing and operational considerations to publish this image. Previously, licensing considerations around Java and the runtime were the main reason we didn't ship this in our binary downloads. Docker is a little different in that we're only putting together a recipe, and a 3rd party builds the binaries, but it deserves discussion.

Given that Cloudant haven't donated the Clouseau code to Apache, and it's my understanding that this code isn't likely to be maintained going forward beyond bare-minimum effort to keep it running, I'm reluctant to slap the Apache name on it and mark this a supported image from our perspective - though it's been stable for a while. Perhaps @rnewson can comment further here, as the main progenitor of the code in question. I will bring this up on our development mailing list, where the decision needs to be made.

Of course, nothing's stopping you from building and publishing the image yourself for your own needs today. Keep in mind you may not label it as "Apache CouchDB" or advertise it as such, as this is trademarked by the Foundation and under our control.

[rileyai-dev]

Thanks for the explanation!

Keep in mind that there is currently no easy solution to have a stable kubernetes environment using the tools Apache provides. I truly think that the helm chart should not even offer the possibility to add the Clouseau container since at some point it will lose contact with CouchDb without throwing an error.

I understand the problem here and the solution might not be this one...but I believe that Apache should at least suggest a viable solution for production and not mislead the user with an unstable system.

[wohali]

Good observation, thanks.

We're stuck between a rock and a hard place with the search functionality, which is why we've never promoted it in our documentation or website. I don't follow the helm work, but it'd be good to get @kocolosk 's opinion on that, as he's been the primary driver of that solution.