mariadb的docker安装使用方式
Tags: docker环境mariadbMySQL数据库Docker镜像
镜像
https://hub.docker.com/_/mariadb
https://github.com/MariaDB/mariadb-docker
使用
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | docker pull dockerproxy.com/library/mariadb:10.11.4 docker rm -f mariadb10 docker run -itd --name mariadb10 -h mariadb10 \ -p 3406:3306 \ -e MARIADB_USER=lhr -e MARIADB_PASSWORD=lhr \ -e MARIADB_ROOT_PASSWORD=lhr -e TZ=Asia/Shanghai \ mariadb:10.11.4 mysql -uroot -plhr -P3406 -h 127.0.0.1 CREATE USER IF NOT EXISTS root@localhost IDENTIFIED BY 'thisismyrootpassword'; SET PASSWORD FOR root@localhost = PASSWORD('thisismyrootpassword'); GRANT ALL ON *.* TO root@localhost WITH GRANT OPTION; CREATE USER IF NOT EXISTS root@'%' IDENTIFIED BY 'thisismyrootpassword'; SET PASSWORD FOR root@'%' = PASSWORD('thisismyrootpassword'); GRANT ALL ON *.* TO root@'%' WITH GRANT OPTION; CREATE USER IF NOT EXISTS myuser@'%' IDENTIFIED BY 'thisismyuserpassword'; SET PASSWORD FOR myuser@'%' = PASSWORD('thisismyuserpassword'); CREATE DATABASE IF NOT EXISTS mydatabasename; GRANT ALL ON mydatabasename.* TO myuser@'%'; |
官方说明
Note: the description for this image is longer than the Hub length limit of 25000, so has been trimmed. The full description can be found at https://github.com/docker-library/docs/tree/master/mariadb/README.md. See also docker/hub-feedback#238 and docker/roadmap#475.
Quick reference
- Maintained by:
MariaDB developer community - Where to get help:
Database Adminstrators (Stack Exchange), MariaDB Knowledge Base (Ask a Question here available).
Also see the "Getting Help with MariaDB" article on the MariaDB Knowledge Base.
11.1.1-rc-jammy,11.1-rc-jammy,11.1.1-rc,11.1-rc11.0.2-jammy,11.0-jammy,11-jammy,jammy,11.0.2,11.0,11,latest10.11.4-jammy,10.11-jammy,10-jammy,lts-jammy,10.11.4,10.11,10,lts10.10.5-jammy,10.10-jammy,10.10.5,10.1010.9.7-jammy,10.9-jammy,10.9.7,10.910.6.14-focal,10.6-focal,10.6.14,10.610.5.21-focal,10.5-focal,10.5.21,10.510.4.30-focal,10.4-focal,10.4.30,10.4
Quick reference (cont.)
- Where to file issues:
Issues can be filed on https://jira.mariadb.org/ under the "MDEV" Project and "Docker" Component, or on GitHub - Supported architectures: (more info)
amd64,arm64v8,ppc64le,s390x - Published image artifact details:
repo-info repo'srepos/mariadb/directory (history)
(image metadata, transfer size, etc) - Image updates:
official-images repo'slibrary/mariadblabel
official-images repo'slibrary/mariadbfile (history) - Source of this description:
docs repo'smariadb/directory (history)
What is MariaDB?
MariaDB Server is one of the most popular database servers in the world. It's made by the original developers of MySQL and guaranteed to stay open source. Notable users include Wikipedia, DBS Bank, and ServiceNow.
The intent is also to maintain high compatibility with MySQL, ensuring a library binary equivalency and exact matching with MySQL APIs and commands. MariaDB developers continue to develop new features and improve performance to better serve its users.
How to use this image
Start a mariadb server instance
Starting a MariaDB instance with the latest version is simple:
1 | $ docker run --detach --name some-mariadb --env MARIADB_USER=example-user --env MARIADB_PASSWORD=my_cool_secret --env MARIADB_ROOT_PASSWORD=my-secret-pw mariadb:latest |
or:
1 2 | $ docker network create some-network $ docker run --detach --network some-network --name some-mariadb --env MARIADB_USER=example-user --env MARIADB_PASSWORD=my_cool_secret --env MARIADB_ROOT_PASSWORD=my-secret-pw mariadb:latest |
... where some-network is a newly created network (other than bridge as the default network), some-mariadb is the name you want to assign to your container, my-secret-pw is the password to be set for the MariaDB root user. See the list above for relevant tags to match your needs and environment.
Connect to MariaDB from the MySQL/MariaDB command line client
The following command starts another mariadb container instance and runs the mariadb command line client against your original mariadb container, allowing you to execute SQL statements against your database instance:
1 | $ docker run -it --network some-network --rm mariadb mariadb -hsome-mariadb -uexample-user -p |
... where some-mariadb is the name of your original mariadb container (connected to the some-network Docker network).
This image can also be used as a client for non-Docker or remote instances:
1 | $ docker run -it --rm mariadb mariadb -h <server container IP> -u example-user -p |
That will give you a standard MariaDB prompt. You can test it with:
1 | MariaDB [(none)]> SELECT VERSION(); |
... which should give you the version. You can then use exit to leave the MariaDB command line client and the client container.
More information about the MariaDB command-line client can be found in the MariaDB Knowledge Base
... via docker-compose or docker stack deploy
Example docker-compose.yml for mariadb:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | ### Use root/example as user/password credentials version: '3.1' services: db: image: mariadb restart: always environment: MARIADB_ROOT_PASSWORD: example adminer: image: adminer restart: always ports: - 8080:8080 |
Run docker stack deploy -c stack.yml mariadb (or docker-compose -f stack.yml up), wait for it to initialize completely, and visit http://swarm-ip:8080, http://localhost:8080, or http://host-ip:8080 (as appropriate).
Container shell access and viewing MariaDB logs
The docker exec command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your mariadb container:
1 | $ docker exec -it some-mariadb bash |
The log is available through Docker's container log:
1 | $ docker logs some-mariadb |
Using a custom MariaDB configuration file
Custom configuration files should end in .cnf and be mounted at the directory /etc/mysql/conf.d. These files should contain the minimal changes from the MariaDB workload required for your application/environment. A MariaDB configuration file will have a [mariadb] group followed by variable = value settings per Setting Server System Variables or option-prefix-variable.
The mariadb image configuration contains the Ubuntu MariaDB variables with two custom changes for the container:
1 2 | [host-cache-size=0](https://mariadb.com/kb/en/server-system-variables/#host_cache_size) [skip-name-resolve](https://mariadb.com/kb/en/server-system-variables/#skip_name_resolve) |
These disable the authentication of user@hostname users. To re-enable the skip-name-resolve use disable-skip-name-resolve as variable or arguement. When enabled, the host-cache-size should be sufficient for the number of containers connecting to the mariadb.
To view the resulting configuration of your mariadb container:
1 | $ docker run --name some-mariadb -v /my/custom:/etc/mysql/conf.d --rm mariadb:latest my_print_defaults --mysqld |
Configuration without a cnf file
Many configuration options can be passed as flags to mariadbd. This will give you the flexibility to customize the container without needing a cnf file. For example, if you want to run on port 3808 just run the following:
1 | $ docker run --name some-mariadb -e MARIADB_ROOT_PASSWORD=my-secret-pw -d mariadb:latest --port 3808 |
If you would like to see a complete list of available options, just run:
1 | $ docker run -it --rm mariadb:latest --verbose --help |
Environment Variables
When you start the mariadb image, you can adjust the initialization of the MariaDB instance by passing one or more environment variables on the docker run command line. Do note that none of the variables below will have any effect if you start the container with a data directory that already contains a database: any pre-existing database will always be left untouched on container startup.
From tag 10.2.38, 10.3.29, 10.4.19, 10.5.10 onwards, and all 10.6 and later tags, the MARIADB_* equivalent variables are provided. MARIADB_* variants will always be used in preference to MYSQL_* variants.
One of MARIADB_RANDOM_ROOT_PASSWORD, MARIADB_ROOT_PASSWORD_HASH, MARIADB_ROOT_PASSWORD or MARIADB_ALLOW_EMPTY_ROOT_PASSWORD (or equivalents, including *_FILE), is required. The other environment variables are optional.
MARIADB_ROOT_PASSWORD / MYSQL_ROOT_PASSWORD, MARIADB_ROOT_PASSWORD_HASH
This specifies the password that will be set for the MariaDB root superuser account. In the above example, it was set to my-secret-pw.
In order to have no plaintext secret in the deployment, MARIADB_ROOT_PASSWORD_HASH can be used as it is just the hash of the password. The hash can be generated with SELECT PASSWORD('thepassword') as a SQL query.
MARIADB_ALLOW_EMPTY_ROOT_PASSWORD / MYSQL_ALLOW_EMPTY_PASSWORD
Set to a non-empty value, like yes, to allow the container to be started with a blank password for the root user. NOTE: Setting this variable to yes is not recommended unless you really know what you are doing, since this will leave your MariaDB instance completely unprotected, allowing anyone to gain complete superuser access.
MARIADB_RANDOM_ROOT_PASSWORD / MYSQL_RANDOM_ROOT_PASSWORD
Set to a non-empty value, like yes, to generate a random initial password for the root user. The generated root password will be printed to stdout (GENERATED ROOT PASSWORD: .....).
MARIADB_ROOT_HOST / MYSQL_ROOT_HOST
This is the hostname part of the root user created. By default this is %, however it can be set to any default MariaDB allowed hostname component. Setting this to localhost will prevent any root user being accessible except via the unix socket.
MARIADB_MYSQL_LOCALHOST_USER / MARIADB_MYSQL_LOCALHOST_GRANTS
Set MARIADB_MYSQL_LOCALHOST_USER to a non-empty value to create the mysql@locahost database user. This user is especially useful for a variety of health checks and backup scripts.
The mysql@localhost user gets USAGE privileges by default. If more access is required, additional global privileges in the form of a comma separated list can be provided. If you are sharing a volume containing MariaDB's unix socket (/var/run/mysqld by default), privileges beyond USAGE can result in confidentiality, integrity and availability risks, so use a minimal set. See the example below on using Mariabackup. The healthcheck.sh script also documents the required privileges for each health check test.
MARIADB_DATABASE / MYSQL_DATABASE
This variable allows you to specify the name of a database to be created on image startup.
MARIADB_USER / MYSQL_USER, MARIADB_PASSWORD / MYSQL_PASSWORD, MARIADB_PASSWORD_HASH
These are used in conjunction to create a new user and to set that user's password. Both user and password variables are required for a user to be created. This user will be granted all access (corresponding to GRANT ALL) to the MARIADB_DATABASE database.
See MARIADB_ROOT_PASSWORD_HASH above for how to get a password hash for MARIADB_PASSWORD_HASH.
Do note that there is no need to use this mechanism to create the root superuser, that user gets created by default with the password specified by the MARIADB_ROOT_PASSWORD* variable.
MARIADB_INITDB_SKIP_TZINFO / MYSQL_INITDB_SKIP_TZINFO
By default, the entrypoint script automatically loads the timezone data needed for the CONVERT_TZ() function. If it is not needed, any non-empty value disables timezone loading.
MARIADB_AUTO_UPGRADE / MARIADB_DISABLE_UPGRADE_BACKUP
Set MARIADB_AUTO_UPGRADE to a non-empty value to have the entrypoint check whether mysql_upgrade/mariadb-upgrade needs to run, and if so, run the upgrade before starting the MariaDB server.
Before the upgrade, a backup of the system database is created in the top of the datadir with the name system_mysql_backup_*.sql.zst. This backup process can be disabled with by setting MARIADB_DISABLE_UPGRADE_BACKUP to a non-empty value.
Docker Secrets
As an alternative to passing sensitive information via environment variables, _FILE may be appended to the previously listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in /run/secrets/<secret_name> files. For example:
1 | $ docker run --name some-mysql -e MARIADB_ROOT_PASSWORD_FILE=/run/secrets/mysql-root -d mariadb:latest |
Currently, this is only supported for MARIADB_ROOT_PASSWORD, MARIADB_ROOT_PASSWORD_HASH, MARIADB_ROOT_HOST, MARIADB_DATABASE, MARIADB_USER, MARIADB_PASSWORD and MARIADB_PASSWORD_HASH (and MYSQL_* equivalents of these).
Initializing a fresh instance
When a container is started for the first time, a new database with the specified name will be created and initialized with the provided configuration variables. Furthermore, it will execute files with extensions .sh, .sql, .sql.gz, .sql.xz and .sql.zst that are found in /docker-entrypoint-initdb.d. Files will be executed in alphabetical order. .sh files without file execute permission are sourced rather than executed. You can easily populate your mariadb services by mounting a SQL dump into that directory and provide custom images with contributed data. SQL files will be imported by default to the database specified by the MARIADB_DATABASE / MYSQL_DATABASE variable.
Caveats
Where to Store Data
Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the mariadb images to familiarize themselves with the options available, including:
- Let Docker manage the storage of your database data by writing the database files to disk on the host system using its own internal volume management. This is the default and is easy and fairly transparent to the user. The downside is that the files may be hard to locate for tools and applications that run directly on the host system, i.e. outside containers.
- Create a data directory on the host system (outside the container) and mount this to a directory visible from inside the container. This places the database files in a known location on the host system, and makes it easy for tools and applications on the host system to access the files. The downside is that the user needs to make sure that the directory exists, and that e.g. directory permissions and other security mechanisms on the host system are set up correctly.
The Docker documentation is a good starting point for understanding the different storage options and variations, and there are multiple blogs and forum postings that discuss and give advice in this area. We will simply show the basic procedure here for the latter option above:
Create a data directory on a suitable volume on your host system, e.g.
/my/own/datadir.Start your
mariadbcontainer like this:1$ docker run --name some-mariadb -v /my/own/datadir:/var/lib/mysql -e MARIADB_ROOT_PASSWORD=my-secret-pw -d mariadb:latest
The -v /my/own/datadir:/var/lib/mysql part of the command mounts the /my/own/datadir directory from the underlying host system as /var/lib/mysql inside the container, where MariaDB by default will write its data files.
No connections until MariaDB init completes
If there is no database initialized when the container starts, then a default database will be created. While this is the expected behavior, this means that it will not accept incoming connections until such initialization completes. This may cause issues when using automation tools, such as docker-compose, which start several containers simultaneously.
Health/Liveness/Readiness Checking
See the "Official Images" FAQ for why there is no default HEALTHCHECK directive. However, you can use the /usr/local/bin/healthcheck.sh script to choose from a (non-exhaustive) list of tests to check for whatever you consider health/liveness/readiness. Refer to the script's sources to learn about how to use it and which exact tests are provided.
Usage against an existing database
If you start your mariadb container instance with a data directory that already contains a database (specifically, a mysql subdirectory), no environment variables that control initialization will be needed or examined, and no pre-existing databases will be changed. The only exception is the non-default MARIADB_AUTO_UPGRADE environment variable, that might cause mysql_upgrade/mariadb-upgrade to run, which might change the system tables.
Creating database dumps
Most of the normal tools will work, although their usage might be a little convoluted in some cases to ensure they have access to the mysqld server. A simple way to ensure this is to use docker exec and run the tool from the same container, similar to the following:
1 | $ docker exec some-mariadb sh -c 'exec mariadb-dump --all-databases -uroot -p"$MARIADB_ROOT_PASSWORD"' > /some/path/on/your/host/all-databases.sql |
Restoring data from dump files
For restoring data. You can use the docker exec command with the -i flag, similar to the following:
1 | $ docker exec -i some-mariadb sh -c 'exec mariadb -uroot -p"$MARIADB_ROOT_PASSWORD"' < /some/path/on/your/host/all-databases.sql |
If one or more databases, but neither --all-databases nor the mysql database, were dumped, these databases can be restored by placing the resulting sql file in the /docker-entrypoint-initdb.d directory.
Creating backups with Mariabackup
To perform a backup using Mariabackup, a second container is started that shares the original container's data directory. An additional volume for the backup needs to be included in the second backup instance. Authentication against the MariaDB database instance is required to successfully complete the backup. In the example below a mysql@localhost user is used with the MariaDB server's unix socket shared with the backup container.
1 2 | $ docker volume create some-mariadb-socket $ docker run --name some-mariadb -v /my/own/datadir:/var/lib/mysql -v some-mariadb-socket:/var/run/mysqld -e MARIADB_MYSQL_LOCALHOST_USER=1 -e MARIADB_MYSQL_LOCALHOST_GRANTS="RELOAD, PROCESS, LOCK TABLES, BINLOG MONITOR" -e MARIADB_ROOT_PASSWORD=my-secret-pw -d mariadb:latest |
Note: Privileges listed here are for 10.5+. For an exact list, see the Knowledge Base documentation for Mariabackup: Authentication and Privileges.
Mariabackup will run as the mysql user in the container, so the permissions on /backup will need to ensure that it can be written to by this user:
1 2 | $ docker volume create some-mariadb-backup $ docker run --rm some-mariadb-backup -v some-mariadb-backup:/backup mariadb:latest chown mysql: /backup |
To perform the backup:
1 | $ docker run --user mysql -v some-mariadb-socket:/var/run/mysqld -v some-mariadb-backup:/backup -v /my/own/datadir:/var/lib/mysql --rm mariadb:latest mariabackup --backup --target-dir=/backup |
Restore backups with Mariabackup
These steps restore the backup made with Mariabackup.
At some point before doing the restore, the backup needs to be prepared. Perform the prepare like this:
1 | $ docker run --user mysql --rm -v some-mariadb-backup:/backup mariadb:latest mariabackup --prepare --target-dir=/backup |
Now that the image is prepared, start the container with both the data and the backup volumes and restore the backup:
1 | $ docker run --user mysql --rm -v /my/new/datadir:/var/lib/mysql -v some-mariadb-backup:/backup mariadb:latest mariabackup --copy-back --target-dir=/backup |
With /my/new/datadir containing the restored backup, start normally as this is an initialized data directory:
1 | $ docker run --name some-mariadb -v /my/new/datadir:/var/lib/mysql -d mariadb:latest |
For further information on Mariabackup, see the Mariabackup Knowledge Base.
