feat: Create hive metastore docker image

SergeAlexandre · idirze · commit d360d1db4bc4 · 2024-07-12T10:24:35.000+02:00
diff --git a/docker/Dockerfile-build b/docker/Dockerfile-build
@@ -0,0 +1,63 @@
+# Need these versions of maven and jdk
+FROM maven:3.8-jdk-8 as builder
+
+ARG ARG_METASTORE_VERSION
+
+WORKDIR /workspace
+
+RUN git clone https://github.com/apache/hive.git
+RUN cd hive && git checkout rel/release-${ARG_METASTORE_VERSION}
+RUN cd hive && mvn -pl standalone-metastore package -Pdist -DskipTests -Dmaven.javadoc.skip=true
+
+# Take reference From:
+#   https://github.com/apache/spark-docker
+#   3.5.0/scala2.12-java11-ubuntu/Dockerfile
+#
+#  https://hub.docker.com/_/eclipse-temurin/tags?page=1&name=11-jre-focal
+#
+#  NB: Got jdbc issue with FROM eclipse-temurin:8u402-b06-jre-alpine
+#
+FROM eclipse-temurin:11-jre-focal
+
+ARG ARG_HADOOP_VERSION
+ARG ARG_METASTORE_VERSION
+ARG ARG_JDBC_VERSION
+
+ENV HADOOP_VERSION=$ARG_HADOOP_VERSION
+ENV METASTORE_VERSION=$ARG_METASTORE_VERSION
+ENV JDBC_VERSION=$ARG_JDBC_VERSION
+
+ENV HADOOP_HOME=/opt/hadoop-${HADOOP_VERSION}
+ENV HIVE_HOME=/opt/apache-hive-metastore-${METASTORE_VERSION}-bin
+
+RUN apt-get update && apt-get install -y postgresql-client sudo && apt-get clean
+
+WORKDIR /opt
+
+COPY --from=builder /workspace/hive/standalone-metastore/target/apache-hive-metastore-*-bin.tar.gz /tmp/
+
+RUN tar zxf /tmp/apache-hive-metastore-*-bin.tar.gz && rm /tmp/apache-hive-metastore-*-bin.tar.gz
+
+# dlcdn.apache.org is faster, but does not provide 3.2.0 version. So fallback on archive.apache.org
+#RUN curl -L https://dlcdn.apache.org/hadoop/common/hadoop-${HADOOP_VERSION}/hadoop-${HADOOP_VERSION}.tar.gz | tar zxf - && \
+#    rm -f hadoop-${HADOOP_VERSION}/share/hadoop/common/lib/slf4j-log4j12-*.jar
+
+RUN curl -L https://archive.apache.org/dist/hadoop/common/hadoop-${HADOOP_VERSION}/hadoop-${HADOOP_VERSION}.tar.gz | tar zxf - && \
+    rm -f hadoop-${HADOOP_VERSION}/share/hadoop/common/lib/slf4j-log4j12-*.jar
+
+RUN curl -L https://jdbc.postgresql.org/download/postgresql-${JDBC_VERSION}.jar -o /opt/apache-hive-metastore-${METASTORE_VERSION}-bin/lib/postgresql-${JDBC_VERSION}.jar
+
+COPY docker/metastore.sh /metastore.sh
+
+RUN groupadd -r hive --gid=1000 && \
+    useradd -r -g hive --uid=1000 -d ${HIVE_HOME} hive && \
+    chown hive:hive -R ${HIVE_HOME} && \
+    chown hive:hive /metastore.sh && chmod +x /metastore.sh
+
+# Security breach, but must be in a namespace with relaxed psp to be able to sudo
+COPY docker/hive.sudoer /etc/sudoers.d/hive
+
+USER 1000
+EXPOSE 9083
+
+ENTRYPOINT ["sh", "-c", "/metastore.sh"]
diff --git a/docker/Dockerfile-download b/docker/Dockerfile-download
@@ -0,0 +1,52 @@
+
+
+# Take reference From:
+#   https://github.com/apache/spark-docker
+#   3.5.0/scala2.12-java11-ubuntu/Dockerfile
+#
+#  https://hub.docker.com/_/eclipse-temurin/tags?page=1&name=11-jre-focal
+#
+#  NB: Got jdbc issue with FROM eclipse-temurin:8u402-b06-jre-alpine
+#
+FROM eclipse-temurin:11-jre-focal
+
+ARG ARG_HADOOP_VERSION
+ARG ARG_METASTORE_VERSION
+ARG ARG_JDBC_VERSION
+
+ENV HADOOP_VERSION=$ARG_HADOOP_VERSION
+ENV METASTORE_VERSION=$ARG_METASTORE_VERSION
+ENV JDBC_VERSION=$ARG_JDBC_VERSION
+
+ENV HADOOP_HOME=/opt/hadoop-${HADOOP_VERSION}
+ENV HIVE_HOME=/opt/apache-hive-metastore-${METASTORE_VERSION}-bin
+
+RUN apt-get update && apt-get install -y postgresql-client sudo && apt-get clean
+
+WORKDIR /opt
+
+RUN curl -L https://repo1.maven.org/maven2/org/apache/hive/hive-standalone-metastore/${METASTORE_VERSION}/hive-standalone-metastore-${METASTORE_VERSION}-bin.tar.gz | tar xvzf -
+
+# dlcdn.apache.org is faster, but does not provide 3.2.0 version. So fallback on archive.apache.org
+#RUN curl -L https://dlcdn.apache.org/hadoop/common/hadoop-${HADOOP_VERSION}/hadoop-${HADOOP_VERSION}.tar.gz | tar zxf - && \
+#    rm -f hadoop-${HADOOP_VERSION}/share/hadoop/common/lib/slf4j-log4j12-*.jar
+
+RUN curl -L https://archive.apache.org/dist/hadoop/common/hadoop-${HADOOP_VERSION}/hadoop-${HADOOP_VERSION}.tar.gz | tar zxf - && \
+    rm -f hadoop-${HADOOP_VERSION}/share/hadoop/common/lib/slf4j-log4j12-*.jar
+
+RUN curl -L https://jdbc.postgresql.org/download/postgresql-${JDBC_VERSION}.jar -o /opt/apache-hive-metastore-${METASTORE_VERSION}-bin/lib/postgresql-${JDBC_VERSION}.jar
+
+COPY docker/metastore.sh /metastore.sh
+
+RUN groupadd -r hive --gid=1000 && \
+    useradd -r -g hive --uid=1000 -d ${HIVE_HOME} hive && \
+    chown hive:hive -R ${HIVE_HOME} && \
+    chown hive:hive /metastore.sh && chmod +x /metastore.sh
+
+# Security breach, but must be in a namespace with relaxed psp to be able to sudo
+COPY docker/hive.sudoer /etc/sudoers.d/hive
+
+USER 1000
+EXPOSE 9083
+
+ENTRYPOINT ["sh", "-c", "/metastore.sh"]
diff --git a/docker/hive.sudoer b/docker/hive.sudoer
@@ -0,0 +1 @@
+hive  ALL=(ALL) NOPASSWD:ALL
diff --git a/docker/metastore.sh b/docker/metastore.sh
@@ -0,0 +1,227 @@
+#!/bin/sh
+
+
+MODE=$1
+
+if [ "$MODE" = "hms" ]; then
+  echo "Will run metastore"
+elif [ "$MODE" = "init" ]; then
+  echo "Will initialize DB if not yet done"
+else
+  echo "First parameter must be 'hms' or 'init'"
+  exit 20
+fi
+
+if [ -z "${HIVEMS_DB}" ]; then echo "HIVEMS_DB env variable must be defined!"; exit 1; fi
+if [ -z "${HIVEMS_USER}" ]; then echo "HIVEMS_USER env variable must be defined!"; exit 1; fi
+if [ -z "${HIVEMS_PASSWORD}" ]; then echo "HIVEMS_PASSWORD env variable must be defined!"; exit 1; fi
+if [ -z "${DB_HOST}" ]; then echo "DB_HOST env variable must be defined!"; exit 1; fi
+if [ -z "${DB_PORT}" ]; then echo "DB_PORT env variable must be defined!"; exit 1; fi
+if [ -z "${METASTORE_VERSION}" ]; then echo "METASTORE_VERSION env variable must be defined!"; exit 1; fi
+if [ -z "${HADOOP_VERSION}" ]; then echo "HADOOP_VERSION env variable must be defined!"; exit 1; fi
+
+# May be null in case of usage of AWS instance roles
+#if [ -z "${S3_ENDPOINT}" ]; then echo "S3_ENDPOINT env variable must be defined!"; exit 1; fi
+#if [ -z "${S3_ACCESS_KEY}" ]; then echo "S3_ACCESS_KEY env variable must be defined!"; exit 1; fi
+#if [ -z "${S3_SECRET_KEY}" ]; then echo "S3_SECRET_KEY env variable must be defined!"; exit 1; fi
+
+if [ -z "${JAVA_HOME}" ]; then export JAVA_HOME=/usr/local/openjdk-8; fi
+if [ -z "${BASEDIR}" ]; then export BASEDIR=/opt; fi
+if [ -z "${LOG_LEVEL}" ]; then export LOG_LEVEL=INFO; fi
+if [ -z "${THRIFT_LISTENING_PORT}" ]; then export THRIFT_LISTENING_PORT=9083; fi
+if [ -z "${S3_REQUEST_TIMEOUT}" ]; then export S3_REQUEST_TIMEOUT=0; fi
+
+export HADOOP_HOME=${BASEDIR}/hadoop-${HADOOP_VERSION}
+export HADOOP_CLASSPATH=${HADOOP_HOME}/share/hadoop/tools/lib/aws-java-sdk-bundle-*.jar:${HADOOP_HOME}/share/hadoop/tools/lib/hadoop-aws-${HADOOP_VERSION}.jar
+
+echo ""
+echo "METASTORE_VERSION=$METASTORE_VERSION"
+echo "HADOOP_VERSION=$HADOOP_VERSION"
+echo ""
+
+cat >${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/conf/metastore-log4j2.properties <<-EOF
+status = INFO
+name = MetastoreLog4j2
+packages = org.apache.hadoop.hive.metastore
+# list of all appenders
+appenders = console
+# console appender
+appender.console.type = Console
+appender.console.name = console
+appender.console.target = SYSTEM_ERR
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = %d{ISO8601} %5p [%t] %c{2}: %m%n
+# list of all loggers
+loggers = DataNucleus, Datastore, JPOX, PerfLogger
+logger.DataNucleus.name = DataNucleus
+logger.DataNucleus.level = ERROR
+logger.Datastore.name = Datastore
+logger.Datastore.level = ERROR
+logger.JPOX.name = JPOX
+logger.JPOX.level = ERROR
+logger.PerfLogger.name = org.apache.hadoop.hive.ql.log.PerfLogger
+logger.PerfLogger.level = INFO
+# root logger
+rootLogger.level = ${LOG_LEVEL}
+rootLogger.appenderRefs = root
+rootLogger.appenderRef.root.ref = console
+EOF
+
+cat >${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/conf/metastore-site.xml <<-EOF
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<configuration>
+  <property>
+    <name>metastore.thrift.uris</name>
+    <value>thrift://localhost:9083</value>
+    <description>Thrift URI for the remote metastore. Used by metastore client to connect to remote metastore.</description>
+  </property>
+  <property>
+    <name>metastore.task.threads.always</name>
+    <value>org.apache.hadoop.hive.metastore.events.EventCleanerTask,org.apache.hadoop.hive.metastore.MaterializationsRebuildLockCleanerTask</value>
+  </property>
+  <property>
+    <name>metastore.expression.proxy</name>
+    <value>org.apache.hadoop.hive.metastore.DefaultPartitionExpressionProxy</value>
+  </property>
+  <property>
+    <name>metastore.server.min.threads</name>
+    <value>5</value>
+  </property>
+  <property>
+    <name>metastore.server.max.threads</name>
+    <value>20</value>
+  </property>
+  <property>
+    <name>javax.jdo.option.Multithreaded</name>
+    <value>true</value>
+    <description>Set this to true if multiple threads access metastore through JDO concurrently.</description>
+  </property>
+  <property>
+    <name>javax.jdo.PersistenceManagerFactoryClass</name>
+    <value>org.datanucleus.api.jdo.JDOPersistenceManagerFactory</value>
+    <description>class implementing the jdo persistence</description>
+  </property>
+  <property>
+    <name>javax.jdo.option.ConnectionDriverName</name>
+    <value>org.postgresql.Driver</value>
+  </property>
+  <property>
+    <name>javax.jdo.option.ConnectionURL</name>
+    <value>jdbc:postgresql://${DB_HOST}:${DB_PORT}/${HIVEMS_DB}</value>
+  </property>
+  <property>
+    <name>javax.jdo.option.ConnectionUserName</name>
+    <value>${HIVEMS_USER}</value>
+  </property>
+  <property>
+    <name>javax.jdo.option.ConnectionPassword</name>
+    <value>${HIVEMS_PASSWORD}</value>
+  </property>
+  <property>
+    <name>fs.s3a.path.style.access</name>
+    <value>true</value>
+  </property>
+  <property>
+    <name>fs.s3a.connection.request.timeout</name>
+    <value>${S3_REQUEST_TIMEOUT}</value>
+  </property>
+EOF
+
+if [ ! -z "${S3_ENDPOINT}" ]
+then
+cat >>${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/conf/metastore-site.xml <<-EOF
+  <property>
+    <name>fs.s3a.endpoint</name>
+    <value>${S3_ENDPOINT}</value>
+  </property>
+EOF
+fi
+
+if [ ! -z "${S3_ACCESS_KEY}" ]
+then
+cat >>${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/conf/metastore-site.xml <<-EOF
+  <property>
+    <name>fs.s3a.access.key</name>
+    <value>${S3_ACCESS_KEY}</value>
+  </property>
+  <property>
+    <name>fs.s3a.secret.key</name>
+    <value>${S3_SECRET_KEY}</value>
+  </property>
+EOF
+fi
+
+if [ ! -z "${ASSUME_ROLE_ARN}" ]
+then
+cat >>${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/conf/metastore-site.xml <<-EOF
+  <property>
+    <name>fs.s3a.aws.credentials.provider</name>
+    <value>org.apache.hadoop.fs.s3a.auth.AssumedRoleCredentialProvider</value>
+  </property>
+  <property>
+    <name>fs.s3a.assumed.role.credentials.provider</name>
+    <value>com.amazonaws.auth.InstanceProfileCredentialsProvider</value>
+  </property>
+  <property>
+    <name>fs.s3a.assumed.role.arn</name>
+    <value>${ASSUME_ROLE_ARN}</value>
+  </property>
+EOF
+fi
+
+cat >>${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/conf/metastore-site.xml <<-EOF
+</configuration>
+EOF
+
+# set +x
+
+export PGPASSWORD=${HIVEMS_PASSWORD}
+
+echo "Will wait for postgresql server to be ready"
+while ! pg_isready --host ${DB_HOST} --port ${DB_PORT}; do echo "Waiting for postgresql to be ready..."; sleep 2; done;
+
+echo "Will wait for \"${HIVEMS_DB}\" to exists"
+while ! psql --host ${DB_HOST} --port ${DB_PORT} -U ${HIVEMS_USER} -d ${HIVEMS_DB} -c "\c ${HIVEMS_DB}" >/dev/null 2>&1; do echo "Waiting for ${HIVEMS_DB} database to be ready..."; sleep 2; done;
+
+
+if [ "$MODE" = "init" ]; then
+  echo "Initialize schema if DBS table does not exists"
+  psql --host ${DB_HOST} --port ${DB_PORT} -U ${HIVEMS_USER} -d ${HIVEMS_DB}  -c 'SELECT "DB_ID" FROM "DBS"' >/dev/null 2>&1;
+  if [ $? -ne 0 ]
+  then
+    echo "Will initialize  the DB"
+    ${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/bin/schematool -initSchema -dbType postgres
+  fi
+  echo "DATABASE SCHEMA SHOULD BE OK NOW!!"
+  exit 0
+fi
+
+# MODE = "hms" here
+
+echo "Will wait for database schema to be ready...."
+while ! psql --host ${DB_HOST} --port ${DB_PORT} -U ${HIVEMS_USER} -d ${HIVEMS_DB} -c 'SELECT "SCHEMA_VERSION" FROM "VERSION"' >/dev/null 2>&1; do echo "Waiting for ${HIVEMS_DB} schema to be ready..."; sleep 2; done;
+echo "DATABASE SCHEMA IS OK. CAN LAUNCH!!"
+echo ""
+
+unset PGPASSWORD
+
+export HADOOP_CLIENT_OPTS="$HADOOP_CLIENT_OPTS -Dcom.amazonaws.sdk.disableCertChecking=true"
+
+# WARNING: This variable is set by Kubernetes in a form: tcp://XX.XX.XX.XX:9083.
+# For the metastore, this is an entry variable hosting only the listening port, as a single number. So failure.
+unset METASTORE_PORT
+
+${BASEDIR}/apache-hive-metastore-${METASTORE_VERSION}-bin/bin/start-metastore -p $THRIFT_LISTENING_PORT
+err=$?
+
+if [ -n "$WAIT_ON_ERROR" ]; then
+  if [ $err -ne 0 ]; then
+    echo "ERROR: rc=$err. Will wait $WAIT_ON_ERROR sec...."
+    sleep $WAIT_ON_ERROR
+  fi
+fi
+
+return $err
+
+
