diff --git a/.env.example b/.env.example index 1f0ad78..6a83c08 100644 --- a/.env.example +++ b/.env.example @@ -1,4 +1,4 @@ -CLOUDBEAVER_VERSION_TAG=25.3.0 +CLOUDBEAVER_VERSION_TAG=26.0.0 IMAGE_SOURCE=dbeaver PODMAN_IMAGE_SOURCE=docker.io/dbeaver COMPOSE_PROJECT_NAME=dbeaver @@ -7,13 +7,22 @@ CLOUDBEAVER_WEB_SERVER_PORT=8978 # Type of web server. Supported values: nginx, haproxy PROXY_TYPE=nginx +# Supported db drivers: +# - for postgresql use 'postgres-jdbc' driver. +# - for mysql or mariadb use 'mariaDB' driver. +# - for oracle use 'oracle_thin' driver. +# - for sql server use 'microsoft' driver. + CLOUDBEAVER_DB_DRIVER=postgres-jdbc CLOUDBEAVER_DB_URL=jdbc:postgresql://postgres:5432/cloudbeaver CLOUDBEAVER_DB_USER=postgres -CLOUDBEAVER_DB_PASSWORD=StR0NgP@sSw0rd +CLOUDBEAVER_DB_PASSWORD= CLOUDBEAVER_DB_SCHEMA=cb CLOUDBEAVER_QM_DB_DRIVER=${CLOUDBEAVER_DB_DRIVER} CLOUDBEAVER_QM_DB_URL=${CLOUDBEAVER_DB_URL} CLOUDBEAVER_QM_DB_USER=${CLOUDBEAVER_DB_USER} CLOUDBEAVER_QM_DB_PASSWORD=${CLOUDBEAVER_DB_PASSWORD} CLOUDBEAVER_QM_DB_SCHEMA=qm + +# Java tool options for JVM configuration +JAVA_TOOL_OPTIONS= diff --git a/AWS/ecs-fargate/README.md b/AWS/ecs-fargate/README.md index f1e1da5..e9f8931 100644 --- a/AWS/ecs-fargate/README.md +++ b/AWS/ecs-fargate/README.md @@ -22,8 +22,7 @@ - Copy `variables.tf.example` to `variables.tf` - Open `variables.tf` file. - Specify `rds_db_version`, the default is `postgres:16.1`. Only PostgreSQL version can be specified. - - Set the credentials for database in `cloudbeaver-db-env`. By default it is `postgres`. - + - You must set the database password in `cloudbeaver-db-env`. The password is empty by default and the service will not start without it. 5. Configure the deployment in `variables.tf` file as follows: - Set your `aws_account_id`, you can get it by logging into your AWS console: @@ -33,8 +32,8 @@ ![alt text](images/image-1.png) - - Ensure that the `alb_certificate_Identifier` variable contains the ID from [AWS Certificate Manager](#importing-an-ssl-certificate-in-aws) corresponding to the domain name specified in the `CLOUDBEAVER_PUBLIC_URL` variable within variables.tf. The domain name in `CLOUDBEAVER_PUBLIC_URL` must match the domain for which the certificates have been issued. - - You can customize the deployment version by updating the `cloudbeaver_version` environment variable. The default version is `25.2.0`. + - Ensure that the `alb_certificate_Identifier` variable contains the ID from [AWS Certificate Manager](#importing-an-ssl-certificate-in-aws) corresponding to your domain name. The domain name must match the domain for which the certificates have been issued. + - You can customize the deployment version by updating the `cloudbeaver_version` environment variable. 6. Run `terraform init` and then `terraform apply` in `ecs-fargate` directory to create the ECS cluster and complete the deployment. diff --git a/AWS/ecs-fargate/variables.tf.example b/AWS/ecs-fargate/variables.tf.example index 6b2810a..dea7c15 100644 --- a/AWS/ecs-fargate/variables.tf.example +++ b/AWS/ecs-fargate/variables.tf.example @@ -25,7 +25,7 @@ variable "cloudbeaver_image_name" { variable "cloudbeaver_version" { description = "The version of the cluster you want to deploy" type = string - default = "25.3.0" + default = "26.0.0" } variable "alb_certificate_Identifier" { @@ -87,7 +87,7 @@ variable "cloudbeaver-env" { }, { "name": "CLOUDBEAVER_DB_PASSWORD", - "value": "StR0NgP2s" + "value": "" }, { "name": "CLOUDBEAVER_DB_SCHEMA", @@ -107,15 +107,11 @@ variable "cloudbeaver-env" { }, { "name": "CLOUDBEAVER_QM_DB_PASSWORD", - "value": "StR0NgP2s" + "value": "" }, { "name": "CLOUDBEAVER_QM_DB_SCHEMA", "value": "qm" - }, - { - "name": "CLOUDBEAVER_PUBLIC_URL", - "value": "test-domain-name.databases.team" }] } @@ -136,7 +132,7 @@ variable "cloudbeaver-db-env" { # type = map(string) default = [ { "name": "POSTGRES_PASSWORD", - "value": "postgres"}, + "value": ""}, { "name": "POSTGRES_USER", "value": "postgres"}, { "name": "POSTGRES_DB", diff --git a/README.md b/README.md index c1052c4..233326d 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # CloudBeaver Enterprise deployment -### Version 25.3 +### Version 26.0 CloudBeaver Enterprise is a client-server application. It requires server deployment. You can deploy it in several ways: @@ -53,6 +53,15 @@ environment: ``` This step is only required for Nginx, as HAProxy resolves service names via Docker DNS automatically. +#### Java tool options + +Java does not read system environment variables. To pass Java parameters to the Java process, use the `JAVA_TOOL_OPTIONS` variable in your `.env` file. + +Example for proxy configuration: +``` +JAVA_TOOL_OPTIONS="-Dhttp.proxy.host= -Dhttps.proxy.host= -Dhttp.proxy.port= -Dhttps.proxy.port=" +``` + ### Configuring and starting the CloudBeaver cluster 1. Clone repository ```sh @@ -62,7 +71,7 @@ This step is only required for Nginx, as HAProxy resolves service names via Dock - Navigate to `cloudbeaver-deploy` - Copy `.env.example` to `.env` - Edit the `.env` file to set configuration properties - - It is highly recommended to change the default database password in `CLOUDBEAVER_DB_PASSWORD` variable + - You must set the `CLOUDBEAVER_DB_PASSWORD` variable before starting the cluster. The database password is empty by default and the service will not start without it. 3. Start the cluster - `docker-compose up -d` or `docker compose up -d` 4. Ensure the following TCP ports are available in your network stack @@ -73,6 +82,61 @@ This step is only required for Nginx, as HAProxy resolves service names via Dock ### Stopping the cluster `docker-compose down` +### Using external database + +By default, CloudBeaver stores all data in an internal PostgreSQL database. If you want to use it, skip this step. + +If you want to use another database, you can configure it by editing the `.env` file: + +1. Change `CLOUDBEAVER_DB_DRIVER` to driver for a database you want to use, for example: `postgres-jdbc`/`mariaDB`/`oracle_thin`/`microsoft` +2. Change `CLOUDBEAVER_DB_URL` to the JDBC connection URL for your database. +3. Set `CLOUDBEAVER_DB_USER` and `CLOUDBEAVER_DB_PASSWORD` with your database credentials. + +#### Configure PostgreSQL database + +Connect to your Postgres database and run: +``` +CREATE SCHEMA IF NOT EXISTS cb; +``` + +#### Configure MySQL/MariaDB database + +**Note:** The MySQL driver is not included by default. To use MySQL as an internal database, connect using the MariaDB driver. + +Connect to your MariaDB or MySQL database and run: +``` +CREATE SCHEMA IF NOT EXISTS cb; +``` + +You might need to add additional parameters to the `CLOUDBEAVER_DB_URL`: + +- `allowPublicKeyRetrieval=true` — to allow the client to automatically request the public key from the server. +- `autoReconnect=true` — to prevent the connection from closing after 8 hours of inactivity. + +##### Example: + +`CLOUDBEAVER_DB_URL=jdbc:mariadb://127.0.0.1:3306/cloudbeaver?autoReconnect=true&allowPublicKeyRetrieval=true` + +#### Configure Oracle database + +Connect to your Oracle database and run: +``` +CREATE USER CB; +GRANT UNLIMITED TABLESPACE TO CB; +``` + +#### Configure SQL Server database + +Connect to your SQL Server database and run: +``` +CREATE DATABASE cloudbeaver; +``` + +##### Example: + +`CLOUDBEAVER_DB_DRIVER=microsoft` +`CLOUDBEAVER_DB_URL=jdbc:sqlserver://127.0.0.1:1433;databaseName=cloudbeaver` + ### Configuring SSL (HTTPS) There are two ways to configure SSL: @@ -156,6 +220,7 @@ Previously, the volumes were owned by the ‘root’ user, but now they’re own ## Older versions ### Older versions: +- [25.3.0](https://github.com/dbeaver/cloudbeaver-deploy/tree/25.3.0) - [25.2.0](https://github.com/dbeaver/cloudbeaver-deploy/tree/25.2.0) - [25.1.0](https://github.com/dbeaver/cloudbeaver-deploy/tree/25.1.0) - [25.0.0](https://github.com/dbeaver/cloudbeaver-deploy/tree/25.0.0) diff --git a/docker-compose-host.yml b/docker-compose-host.yml index cf3e6a6..c1e5652 100644 --- a/docker-compose-host.yml +++ b/docker-compose-host.yml @@ -45,6 +45,8 @@ services: - CLOUDBEAVER_QM_DB_PASSWORD=${CLOUDBEAVER_QM_DB_PASSWORD} - CLOUDBEAVER_QM_DB_SCHEMA=${CLOUDBEAVER_QM_DB_SCHEMA} - CLOUDBEAVER_DMSVC_URL=http://127.0.0.1:11000 + - NETWORK_MODE=host + - JAVA_TOOL_OPTIONS=${JAVA_TOOL_OPTIONS:-} depends_on: - postgres @@ -55,8 +57,8 @@ services: image: ${IMAGE_SOURCE:-dbeaver}/cloudbeaver-postgres:16 volumes: - postgres_data:/var/lib/postgresql/data - - ./cloudbeaver-db-init.sql:/docker-entrypoint-initdb.d/cb-init.sql environment: - POSTGRES_DB=cloudbeaver - POSTGRES_USER=${CLOUDBEAVER_DB_USER} - POSTGRES_PASSWORD=${CLOUDBEAVER_DB_PASSWORD} + - NETWORK_MODE=host \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 375bfcc..1a8b8a0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -49,6 +49,7 @@ services: - CLOUDBEAVER_QM_DB_USER=${CLOUDBEAVER_QM_DB_USER} - CLOUDBEAVER_QM_DB_PASSWORD=${CLOUDBEAVER_QM_DB_PASSWORD} - CLOUDBEAVER_QM_DB_SCHEMA=${CLOUDBEAVER_QM_DB_SCHEMA} + - JAVA_TOOL_OPTIONS=${JAVA_TOOL_OPTIONS:-} expose: - ${CLOUDBEAVER_WEB_SERVER_PORT:-8978} depends_on: diff --git a/k8s/Chart.yaml b/k8s/Chart.yaml index 07f2e25..7bb90e8 100644 --- a/k8s/Chart.yaml +++ b/k8s/Chart.yaml @@ -3,4 +3,4 @@ name: cb description: A Helm chart for CloudBeaver application type: application version: 0.0.1 -appVersion: 25.3.0 +appVersion: 26.0.0 diff --git a/k8s/README.md b/k8s/README.md index e5364a7..d5bedf1 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -30,6 +30,7 @@ Previously, the volumes were owned by the ‘root’ user, but now they are owne - `cd cloudbeaver-deploy/k8s` - `cp ./values.yaml.example ./values.yaml` - Edit chart values in `values.yaml` (use any text editor) +- You must set the `cloudbeaver_db_password` variable before deploying the cluster. The database password is empty by default and the deployment will fail without it. - Configure domain and SSL certificate (optional) - Add an A record in your DNS hosting for a value of `cloudbeaverBaseDomain` variable with load balancer IP address. - If you set the *HTTPS* endpoint scheme, then create a valid TLS certificate for the domain endpoint `cloudbeaverBaseDomain` and place it into `k8s/ingressSsl`: diff --git a/k8s/templates/secrets/db-passwords.yaml b/k8s/templates/secrets/db-passwords.yaml index 3408e47..f02f0b3 100644 --- a/k8s/templates/secrets/db-passwords.yaml +++ b/k8s/templates/secrets/db-passwords.yaml @@ -2,10 +2,6 @@ {{- fail "Error: backend.cloudbeaver_db_password is missing or empty" }} {{- end }} -{{- if eq .Values.backend.cloudbeaver_db_password "StR0NgP2sSw0rD" }} - {{- fail "Error: Default password 'StR0NgP2sSw0rD' is insecure! Please change it before deployment." }} -{{- end }} - apiVersion: v1 kind: Secret metadata: diff --git a/k8s/values.yaml.example b/k8s/values.yaml.example index dc8ec47..c45b148 100644 --- a/k8s/values.yaml.example +++ b/k8s/values.yaml.example @@ -6,7 +6,7 @@ cloudbeaver: replicaCount: 1 image: dbeaver/cloudbeaver-ee - imageTag: "25.3.0" + imageTag: "26.0.0" pullPolicy: Always # pullCredsName - name of a secret config map that contains docker repo auths # pullCredsName: regcred @@ -51,4 +51,4 @@ backend: cloudbeaver_db_driver: postgres-jdbc cloudbeaver_db_url: jdbc:postgresql://postgres:5432/cloudbeaver cloudbeaver_db_user: postgres - cloudbeaver_db_password: StR0NgP2sSw0rD + cloudbeaver_db_password: "" diff --git a/podman-compose.yml b/podman-compose.yml index f4cc597..639fb95 100644 --- a/podman-compose.yml +++ b/podman-compose.yml @@ -53,6 +53,7 @@ services: - CLOUDBEAVER_QM_DB_USER=${CLOUDBEAVER_QM_DB_USER} - CLOUDBEAVER_QM_DB_PASSWORD=${CLOUDBEAVER_QM_DB_PASSWORD} - CLOUDBEAVER_QM_DB_SCHEMA=${CLOUDBEAVER_QM_DB_SCHEMA} + - JAVA_TOOL_OPTIONS=${JAVA_TOOL_OPTIONS:-} expose: - ${CLOUDBEAVER_WEB_SERVER_PORT:-8978} depends_on: @@ -65,7 +66,6 @@ services: image: ${PODMAN_IMAGE_SOURCE:-docker.io/dbeaver}/cloudbeaver-postgres:16 volumes: - postgres_data:/var/lib/postgresql/data:z - - ./cloudbeaver-db-init.sql:/docker-entrypoint-initdb.d/cb-init.sql:z environment: - POSTGRES_DB=cloudbeaver - POSTGRES_USER=${CLOUDBEAVER_DB_USER}