Skip to content

Commit

Permalink
Add MySQL server example
Browse files Browse the repository at this point in the history
Signed-off-by: jkr0103 <[email protected]>
  • Loading branch information
jkr0103 authored and rbhowmix committed Jan 5, 2024
1 parent da07254 commit 4c0ee5a
Show file tree
Hide file tree
Showing 3 changed files with 140 additions and 0 deletions.
43 changes: 43 additions & 0 deletions mysql/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
ARCH_LIBDIR ?= /lib/$(shell $(CC) -dumpmachine)
UID ?= $(shell id -u)
GID ?= $(shell id -g)

ifeq ($(DEBUG),1)
GRAMINE_LOG_LEVEL = debug
else
GRAMINE_LOG_LEVEL = error
endif

.PHONY: all
all: mysqld.manifest
ifeq ($(SGX),1)
all: mysqld.manifest.sgx mysqld.sig
endif

mysqld.manifest: mysqld.manifest.template
gramine-manifest \
-Dlog_level=$(GRAMINE_LOG_LEVEL) \
-Darch_libdir=$(ARCH_LIBDIR) \
-Duid=$(UID) \
-Dgid=$(GID) \
-Dentrypoint=$(realpath $(shell sh -c "command -v mysqld")) \
$< >$@

# Make on Ubuntu <= 20.04 doesn't support "Rules with Grouped Targets" (`&:`),
# for details on this workaround see
# https://github.com/gramineproject/gramine/blob/e8735ea06c/CI-Examples/helloworld/Makefile
mysqld.manifest.sgx mysqld.sig: sgx_sign
@:

.INTERMEDIATE: sgx_sign
sgx_sign: mysqld.manifest
gramine-sgx-sign \
--manifest $< \
--output $<.sgx

.PHONY: clean
clean:
$(RM) *.sig *.manifest.sgx *.manifest

.PHONY: distclean
distclean: clean
54 changes: 54 additions & 0 deletions mysql/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
# MySQL example

This example was tested with MySQL version 8.0.35 and Ubuntu 20.04.

This directory contains an example for running MySQL server in Gramine,
including the Makefile and a template for generating the manifest.

## Pre-requisites

- `sudo apt-get install mysql-server` to install MySQL server.
- `sudo sed -i "s|^\(log_error.*\)|#\1|g" /etc/mysql/mysql.conf.d/mysqld.cnf`
to see the MySQL logs on console instead of log file.
- `sudo systemctl stop mysql.service` to stop the default MySQL service. We
will manually run MySQL process.
- `sudo mkdir /var/run/mysqld && sudo chown -R $USER:$USER /var/run/mysqld`
to allow MySQL server to create socket file `mysqld.sock`.
- `sudo chown -R $USER:$USER /var/lib/mysql-files` to allow running MySQL
server under the current non-root user.
- `mysqld --initialize-insecure --datadir=/tmp/mysql-data` to initialize data
directory. For details on '--initialize-insecure', please see the
https://dev.mysql.com/doc/mysql-linuxunix-excerpt/5.7/en/data-directory-initialization.html
page.

## Build

Run `make` to build the non-SGX version and `make SGX=1` to build the SGX
version.

## Run

Execute any one of the following commands to run the workload:

- Natively: `mysqld --datadir /tmp/mysql-data`.
- Gramine w/o SGX: `gramine-direct mysqld --datadir /tmp/mysql-data`.
- Gramine with SGX: `gramine-sgx mysqld --datadir /tmp/mysql-data`.

## Testing client connection and running Sysbench

Run below commands from new terminal:

- `mysql -P 3306 --protocol=tcp -u root` to connect a client to MySQL server.
- `mysql> exit` to disconnect the client.

Run Sysbench:

- `sudo apt install -y sysbench` to install Sysbench.
- `sudo mysqladmin -h 127.0.0.1 -P 3306 create sbtest` to create test database.

- `sysbench --db-driver=mysql --mysql-host=127.0.0.1 --mysql-port=3306 --mysql-user=root --mysql-db=sbtest --time=20 --report-interval=5 oltp_read_write --tables=2 --table_size=100000 --threads=32 prepare`
to create records in test database.
- `sysbench --db-driver=mysql --mysql-host=127.0.0.1 --mysql-port=3306 --mysql-user=root --mysql-db=sbtest --time=20 --report-interval=5 oltp_read_write --tables=2 --table_size=100000 --threads=32 run`
to run the Sysbench benchmarks.
- `sysbench --db-driver=mysql --mysql-host=127.0.0.1 --mysql-port=3306 --mysql-user=root --mysql-db=sbtest --time=20 --report-interval=5 oltp_read_write --tables=2 --table_size=100000 --threads=32 cleanup`
to delete the records from test database.
43 changes: 43 additions & 0 deletions mysql/mysqld.manifest.template
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
# MySQL manifest example

loader.entrypoint = "file:{{ gramine.libos }}"
libos.entrypoint = "{{ entrypoint }}"

loader.log_level = "{{ log_level }}"

loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}:/usr/lib:/usr/{{ arch_libdir }}"

loader.insecure__use_cmdline_argv = true
sys.enable_sigterm_injection = true

sgx.nonpie_binary = true
sgx.enclave_size = "8G"
sgx.max_threads = {{ '1' if env.get('EDMM', '0') == '1' else '128' }}

loader.uid = {{ uid }}
loader.gid = {{ gid }}

fs.mounts = [
{ path = "/lib", uri = "file:{{ gramine.runtimedir() }}" },
{ path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}" },
{ path = "/usr/{{ arch_libdir }}", uri = "file:/usr/{{ arch_libdir }}" },
{ path = "{{ entrypoint }}", uri = "file:{{ entrypoint }}" },
{ path = "/usr/lib/mysql", uri = "file:/usr/lib/mysql" },
{ path = "/var/lib/mysql-files", uri = "file:/var/lib/mysql-files" },
{ path = "/var/run/mysqld", uri = "file:/var/run/mysqld" },
{ path = "/tmp", uri = "file:/tmp" },
]

sgx.trusted_files = [
"file:{{ gramine.libos }}",
"file:{{ entrypoint }}",
"file:{{ gramine.runtimedir() }}/",
"file:{{ arch_libdir }}/",
"file:/usr/{{ arch_libdir }}/",
"file:/usr/lib/mysql/",
]

sgx.allowed_files = [
"file:/var/run/mysqld/",
"file:/tmp/", # MySQL data will be stored in plaintext; this is insecure!
]

0 comments on commit 4c0ee5a

Please sign in to comment.