Access RethinkDB¶
MSR uses RethinkDB to persist and reproduce data across replicas. To review the internal state of MSR, you can connect directly to the RethinkDB instance that is running on an MSR replica, using either the RethinkCLI or the MSR API.
Warning
Mirantis does not support direct modifications to RethinkDB, and thus any unforeseen issues that result from doing so are solely the user’s responsibility.
Access RethinkDB with the RethinkCLI¶
For both Kubernetes and Swarm deployments, you can use RethinkCLI to directly access RethinkDB.
Note
If you are using a Helm chart to install and manage your MSR deployment, enable the RethinkDB admin console by including the flag in your helm install or helm upgrade command:
--set rethinkdb.admin.service.enabled=true
In the
cr-sample-manifest.yamlfile that you applied when installing MSR, enable the RethinkDB admin console:spec: rethinkdb: admin: enabled: true
Invoke the following command to run the webhook health check and apply the changes to the custom resource:
kubectl wait --for=condition=ready pod -l \ app.kubernetes.io/name="msr-operator" && kubectl apply -f cr-sample-manifest.yaml
Enable external access to the RethinkDB Admin Console:
kubectl port-forward service/msr-rethinkdb-admin 8080:8080
Access the interactive RethinkDB Admin Console by opening
http://localhost:8080in a browser.Navigate to the Tables page to verify the number of replicas serving each table.
Query the database contents:
List the cluster problems as detected by the current node:
r.db("rethinkdb").table("current_issues")
Example output:
[]List the databases that RethinkDB contains:
r.dbList()Example output:
[ 'dtr2', 'jobrunner', 'notaryserver', 'notarysigner', 'rethinkdb' ]
List the tables contained in the
dtr2database:r.db('dtr2').tableList()
Example output:
[ 'blob_links', 'blobs', 'client_tokens', 'content_caches', 'events', 'layer_vuln_overrides', 'manifests', 'metrics', 'namespace_team_access', 'poll_mirroring_policies', 'promotion_policies', 'properties', 'pruning_policies', 'push_mirroring_policies', 'repositories', 'repository_team_access', 'scanned_images', 'scanned_layers', 'tags', 'user_settings', 'webhooks' ]
List the entries contained in the repositories table:
r.db('dtr2').table('repositories')
Example output:
[ { enableManifestLists: false, id: 'ac9614a8-36f4-4933-91fa-3ffed2bd259b', immutableTags: false, name: 'test-repo-1', namespaceAccountID: 'fc3b4aec-74a3-4ba2-8e62-daed0d1f7481', namespaceName: 'admin', pk: '3a4a79476d76698255ab505fb77c043655c599d1f5b985f859958ab72a4099d6', pulls: 0, pushes: 0, scanOnPush: false, tagLimit: 0, visibility: 'public' }, { enableManifestLists: false, id: '9f43f029-9683-459f-97d9-665ab3ac1fda', immutableTags: false, longDescription: '', name: 'testing', namespaceAccountID: 'fc3b4aec-74a3-4ba2-8e62-daed0d1f7481', namespaceName: 'admin', pk: '6dd09ac485749619becaff1c17702ada23568ebe0a40bb74a330d058a757e0be', pulls: 0, pushes: 0, scanOnPush: false, shortDescription: '', tagLimit: 1, visibility: 'public' } ]
Note
Individual databases and tables are a private implementation detail that may
change in MSR from version to version. Instead, you can use dbList()
and tableList() to explore the contents and data structure.
Obtain
docker-compose.tpl:docker run -it --rm --entrypoint \ cat registry.mirantis.com/msr/msr-installer:3.1.0 \ /config/docker-compose.tpl > docker-compose.tpl
In the
docker-compose.tplfile, editservices->msr-rethinkdbsection as follows:Remove the
--no-http-adminline.Add a
portssection.
msr-rethinkdb: image: "{{ .RethinkDB.Image.Registry }}{{ .RethinkDB.Image.Namespace }}/{{ .RethinkDB.Image.Name }}:{{ .RethinkDB.Image.Tag }}" hostname: "{{ `{{.Node.ID}}` }}.msr-rethinkdb" entrypoint: - /bin/sh - -c - i=1; maxretry=10; retrycount=0; while [ $$i -le $${REPLICA_COUNT} ]; do retrycount=$$(( $retrycount + 1)); if [ $$retrycount -ge $$maxretry ]; then exit 1; fi; i=1; for nodeId in $${NODE_LIST//,/ }; do if ! nslookup "$$nodeId.$${RETHINK_SERVICE_NAME}" >/dev/null 2>&1; then echo "node $$nodeId.$${RETHINK_SERVICE_NAME} not found"; else echo "found $$nodeId.$${RETHINK_SERVICE_NAME}";i=$$(( $$i + 1 )); fi done; sleep 1s; done; /usr/local/bin/rethinkdb $$(for nodeId in $${NODE_LIST//,/ }; do if [ $${NODE_ID} != $$nodeId ]; then echo "--join $$nodeId.$${RETHINK_SERVICE_NAME}:29015"; fi done;) --directory /data/db --bind all --driver-port 28015 --cluster-port 29015 --driver-tls-ca /var/run/secrets/msr-rethinkdb-ca --driver-tls-cert /var/run/secrets/msr-rethinkdb-cert --driver-tls-key /var/run/secrets/msr-rethinkdb-key --cluster-tls-key /var/run/secrets/msr-rethinkdb-key --cluster-tls-cert /var/run/secrets/msr-rethinkdb-cert --cluster-tls-ca /var/run/secrets/msr-rethinkdb-ca environment: - RETHINK_SERVICE_NAME=msr-rethinkdb - REPLICA_COUNT={{ len (.Swarm.NodeList) }} - NODE_ID={{ "{{.Node.ID}}" }} - NODE_LIST={{range $i, $v := .Swarm.NodeList}}{{if $i}},{{end}}{{$v}}{{end}} restart: unless-stopped volumes: - "msr-rethink:/data" secrets: - msr-rethinkdb-key - msr-rethinkdb-ca - msr-rethinkdb-cert networks: - msr-ol deploy: replicas: {{ len (.Swarm.NodeList) }} update_config: parallelism: 1 delay: {{ .RestartDelay }}s order: stop-first placement: max_replicas_per_node: 1 constraints: - node.labels.msr==msr ports: - published: 8080 target: 8080 protocol: tcp mode: host
Install MSR on Swarm or upgrade the existing installation:
Install MSR:
docker run -it --rm -v $(pwd)/docker-compose.tpl:/config/docker-compose.tpl -v /var/run/docker.sock:/var/run/docker.sock registry.mirantis.com/msr/msr-installer:3.1.0 install
Upgrade MSR:
docker run -it --rm -v $(pwd)/docker-compose.tpl:/config/docker-compose.tpl -v /var/run/docker.sock:/var/run/docker.sock registry.mirantis.com/msr/msr-installer:3.1.0 upgrade
Open
http://<msr-url>:8080in a browser to access the interactive RethinkDB Admin Console.Navigate to the Tables page and verify the number of replicas that serve each table.
Query the database contents:
List the cluster problems as detected by the current node:
r.db("rethinkdb").table("current_issues")
Example output:
[]List the databases contained by RethinkDB:
r.dbList()Example output:
[ 'dtr2', 'jobrunner', 'notaryserver', 'notarysigner', 'rethinkdb' ]
List the tables contained in the
dtr2database:r.db('dtr2').tableList()
Example output:
[ 'blob_links', 'blobs', 'client_tokens', 'content_caches', 'events', 'layer_vuln_overrides', 'manifests', 'metrics', 'namespace_team_access', 'poll_mirroring_policies', 'promotion_policies', 'properties', 'pruning_policies', 'push_mirroring_policies', 'repositories', 'repository_team_access', 'scanned_images', 'scanned_layers', 'tags', 'user_settings', 'webhooks' ]
List the entries contained in the repositories table:
r..db('dtr2').table('repositories')
Example output:
[ { enableManifestLists: false, id: 'ac9614a8-36f4-4933-91fa-3ffed2bd259b', immutableTags: false, name: 'test-repo-1', namespaceAccountID: 'fc3b4aec-74a3-4ba2-8e62-daed0d1f7481', namespaceName: 'admin', pk: '3a4a79476d76698255ab505fb77c043655c599d1f5b985f859958ab72a4099d6', pulls: 0, pushes: 0, scanOnPush: false, tagLimit: 0, visibility: 'public' }, { enableManifestLists: false, id: '9f43f029-9683-459f-97d9-665ab3ac1fda', immutableTags: false, longDescription: '', name: 'testing', namespaceAccountID: 'fc3b4aec-74a3-4ba2-8e62-daed0d1f7481', namespaceName: 'admin', pk: '6dd09ac485749619becaff1c17702ada23568ebe0a40bb74a330d058a757e0be', pulls: 0, pushes: 0, scanOnPush: false, shortDescription: '', tagLimit: 1, visibility: 'public' } ]
Note
Individual databases and tables are a private implementation detail that may
change in MSR from version to version. Therefore, you can use dbList()
and tableList() to explore the contents and data structure.
Access RethinkDB with the MSR API¶
For both Kubernetes and Swarm deployments, you can use the MSR CLI to directly access RethinkDB.
Enable external access to the MSR API:
kubectl port-forward service/msr 8443:443
Review the status of your MSR cluster:
curl -u admin:$TOKEN -X GET "https://<msr-url>/api/v0/meta/cluster_status" -H "accept: application/json"
Example API response:
{ "rethink_system_tables": { "cluster_config": [ { "heartbeat_timeout_secs": 10, "id": "heartbeat" } ], "current_issues": [], "db_config": [ { "id": "339de11f-b0c2-4112-83ac-520cab68d89c", "name": "notaryserver" }, { "id": "aa2e893f-a69a-463d-88c1-8102aafebebc", "name": "dtr2" }, { "id": "bdf14a41-9c31-4526-8436-ab0fed00c2fd", "name": "jobrunner" }, { "id": "f94f0e35-b7b1-4a2f-82be-1bdacca75039", "name": "notarysigner" } ], "server_status": [ { "id": "9c41fbc6-bcf2-4fad-8960-d117f2fdb06a", "name": "dtr_rethinkdb_5eb9459a7832", "network": { "canonical_addresses": [ { "host": "dtr-rethinkdb-5eb9459a7832.dtr-ol", "port": 29015 } ], "cluster_port": 29015, "connected_to": { "dtr_rethinkdb_56b65e8c1404": true }, "hostname": "9e83e4fee173", "http_admin_port": "<no http admin>", "reql_port": 28015, "time_connected": "2019-02-15T00:19:22.035Z" }, } ... ] } }
Obtain
docker-compose.tpl:docker run -it --rm --entrypoint \ cat registry.mirantis.com/msr/msr-installer:3.1.0 \ /config/docker-compose.tpl > docker-compose.tpl
In the
docker-compose.tplfile, verify that:MSR on Swarm Nginx service is exposed.
docker run -it --rm --entrypoint \ cat registry.mirantis.com/msr/msr-installer:3.1.0 \ /config/docker-compose.tpl > docker-compose.tpl
services->msr-nginx->portssection is mapped to 443.
Review the status of your MSR cluster:
curl -u admin:$TOKEN -X GET "https://<msr-url>/api/v0/meta/cluster_status" -H "accept: application/json"
Example API response:
{ "rethink_system_tables": { "cluster_config": [ { "heartbeat_timeout_secs": 10, "id": "heartbeat" } ], "current_issues": [], "db_config": [ { "id": "946aae01-7eb5-4c83-a0e4-f1a62f082c44", "name": "notarysigner" }, { "id": "b5f9c9e0-862b-4eb4-9423-2000f6c1c9da", "name": "enzi" }, { "id": "cb21d39b-ded8-45a7-90a1-19486a174694", "name": "test" }, { "id": "d653f9fd-aebf-4541-9169-17bbc4d59722", "name": "dtr2" }, { "id": "ed200dd8-8773-4fe4-937a-15a94b1d1c55", "name": "jobrunner" }, { "id": "f001081c-763e-4ba8-8882-2b60db781591", "name": "notaryserver" } ], "server_status": [ { "id": "4b0e4ca8-4a00-43ea-9b4d-f60ff7e91586", "name": "ji2udmo09yvlkhlpai8h6lse8_msr_rethinkdb_jn7", "network": { "canonical_addresses": [ { "host": "10.0.1.24", "port": 29015 }, { "host": "127.0.0.1", "port": 29015 }, { "host": "172.18.0.8", "port": 29015 } ], "cluster_port": 29015, "connected_to": {}, "hostname": "ji2udmo09yvlkhlpai8h6lse8.msr-rethinkdb", "http_admin_port": "\u003cno http admin\u003e", "reql_port": 28015, "time_connected": "2024-02-27T16:05:42.924Z" }, ... }
See also
The RethinkDB documentation on RethinkDB queries