Add a Postgres sandbox #13651
Add a Postgres sandbox #13651
Conversation
Signed-off-by: Fabrízio de Royes Mello <fabrizio@ongres.com>
Signed-off-by: Fabrízio de Royes Mello <fabrizio@ongres.com>
|
@fabriziomello ill check through more once docs are rendered, but at first pass it looks great |
Signed-off-by: Fabrízio de Royes Mello <fabrizio@ongres.com>
|
@fabriziomello you have a couple of format issues (which will block other CI) there are some shellcheck issues if you install shellcheck locally you can run it with the other issue is an annoying one ill comment inline... |
| Name Command State Ports | ||
| ------------------------------------------------------------------------------------------------------------------------ | ||
| postgres_postgres_1 docker-entrypoint.sh postgres Up 0.0.0.0:5432->5432/tcp | ||
| postgres_proxy_1 /docker-entrypoint.sh /usr ... Up 10000/tcp, 0.0.0.0:1999->1999/tcp, 0.0.0.0:8001->8001/tcp |
There was a problem hiding this comment.
the formatter needs a single space after ... see here 25d87ca
There was a problem hiding this comment.
Ah I fixed it already! Thanks!
Signed-off-by: Fabrízio de Royes Mello <fabrizio@ongres.com>
Thanks. Fixed!
Where exactly? |
|
Seems the CI didn't like my verify.sh. Will check it tmr. |
| proxy: | ||
| image: envoyproxy/envoy-dev:latest | ||
| volumes: | ||
| - ./envoy.yaml:/etc/envoy.yaml |
There was a problem hiding this comment.
you will need to mount this file into a docker image with a Dockerfile - like in the mysql example, and ensure its readable (the envoy proc runs as non-root in the container, CI checks to ensure this works where umask = 027)
this is why verify.sh is failing only on CI
There was a problem hiding this comment.
Oh now I understand the reason why the mysql example uses a separated Dockerfile. Fixed!
| networks: | ||
| envoymesh: | ||
| aliases: | ||
| - envoy |
There was a problem hiding this comment.
i dont think the alias is necessary
| networks: | ||
| envoymesh: | ||
| aliases: | ||
| - postgres |
There was a problem hiding this comment.
this alias definitely isnt necessary as its the same as the service name
| # See PostgreSQL documentation about "trust": | ||
| # https://www.postgresql.org/docs/current/auth-trust.html | ||
| POSTGRES_HOST_AUTH_METHOD: trust | ||
| expose: |
There was a problem hiding this comment.
i dont think either expose or ports are necessary as the containers communicate internally
There was a problem hiding this comment.
Totally agree. Fixed!
| envoymesh: | ||
| aliases: | ||
| - envoy | ||
| expose: |
There was a problem hiding this comment.
this expose isnt necessary as ports below will expose the ports
| @@ -34,6 +34,8 @@ def IsMissing(value): | |||
|
|
|||
|
|
|||
| def GetExtensionMetadata(target): | |||
| if not BUILDOZER_PATH: | |||
| raise ExtensionDbError('Buildozer not found!') | |||
There was a problem hiding this comment.
im curious was this a fix for an issue you hit building the docs ?
There was a problem hiding this comment.
Exactly.. I hit some errors because the buildozer not found but the message was not clear about it and to discover it I needed to debug the python script. So I added this small exception do make our live easier.
| Step 4: Issue commands using psql | ||
| ********************************* | ||
|
|
||
| Use ``psql`` to issue some commands and verify they are routed via Envoy. Note |
There was a problem hiding this comment.
s/Use psql/This example uses a psql client inside a container/
examples/postgres/verify.sh
Outdated
| } | ||
|
|
||
| run_log "Create a postgres database" | ||
| _psql -c 'CREATE DATABASE test;' |
There was a problem hiding this comment.
could we rename the db to maybe testdb - i was a bit confused at first by the name
There was a problem hiding this comment.
Make total sense... I also renamed the table name from test to tbl.
|
@fabriziomello i ran it/went through it locally and it runs nicely docs are rendered here and look good - i left some nits above https://storage.googleapis.com/envoy-pr/13651/docs/start/sandboxes/postgres.html |
|
|
||
| Check TCP stats were updated. | ||
|
|
||
| Terminal 1 |
There was a problem hiding this comment.
i think just remove this "Terminal 1"
Signed-off-by: Fabrízio de Royes Mello <fabrizio@ongres.com>
|
Seems now the CI is happy!! Finally!! |
Add an example of how to use Envoy's Postgres network filter. ref #13597