I apologize if this is already answered, or is a poor/poorly worded question.
I recently restarted a mysql-server:8.0.23 container running on docker versoon 20.10.21 on an Ubuntu 20.04.5 LTS server, and the mysql container suddenly began to reject all connections with ERROR 1130 (HY000): Host '<ip address>' is not allowed to connect to this MySQL server. This happens for all attempts, localhost, and external.
Ive spent a few days trying to fix this by modifying the docker-compose and the docker entrypoint files, deleted the contents of the container's volume to start over, but it still continues to reject any attempt from any user to connect to it. I see no errors when starting up the container, and from file contents, databases and users seem to be created.
All attempts to connect with it continue to fail.
My current docker-compose looks like this:
version: '3'
services:
mysql-stuff:
image: mysql/mysql-server:8.0.23
#image: mysql/mysql-server
restart: unless-stopped
ports:
- "3306:3306"
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
MYSQL_ROOT_PASSWORD: "rootpwd"
MYSQL_DATABASE: "thing_one"
MYSQL_USER: "thing_one"
MYSQL_PASSWORD: "thing_one_pwd"
volumes:
- mysql-stuff-volume:/var/lib/mysql
- ./mysql/conf/db_init:/docker-entrypoint-initdb.d
command:
--default-authentication-plugin=mysql_native_password
--bind-address=0.0.0.0
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
timeout: 10s
retries: 10
volumes:
mysql-stuff-volume:
external: true
And my 01.sql file in /docker-entrypoint-initdb.d looks like this:
/* CREATE USER 'thing_one'#'%' IDENTIFIED BY 'thing_one_pwd'; */
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'rootpwd';
FLUSH PRIVILEGES;
ALTER USER 'thing_one'#'%' IDENTIFIED WITH mysql_native_password BY 'thing_one_pwd';
CREATE DATABASE IF NOT EXISTS thing_one;
GRANT ALL PRIVILEGES ON thing_one.* TO 'thing_one'#'%';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost';
CREATE USER 'stuff'#'%' IDENTIFIED WITH mysql_native_password BY 'rootpwd';
GRANT ALL PRIVILEGES ON *.* TO 'stuff'#'%' WITH GRANT OPTION;
UPDATE mysql.user SET host='%' WHERE user='root';
UPDATE mysql.user SET host='%' WHERE user='thing_one';
UPDATE mysql.user SET host='%' WHERE user='stuff';
FLUSH PRIVILEGES;
Please what am I doing wrong?
Thanks in advance!
Related
I have a problem about running some services regarding Spring Cloud including in mysql in docker.
I have init.sql file to create databases and give permission to user.
Here is init.sql file shown below.
CREATE DATABASE IF NOT EXISTS `springbootadvertisement`;
CREATE DATABASE IF NOT EXISTS `springbootreport`;
CREATE DATABASE IF NOT EXISTS `springbootuser`;
GRANT ALL PRIVILEGES ON `springbootadvertisement`.* TO 'springmicroserviceuser'#'%' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON `springbootreport`.* TO 'springmicroserviceuser'#'%' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON `springbootuser`.* TO 'springmicroserviceuser'#'%' WITH GRANT OPTION;
Here is my mysql code snippets of docker-compose.yml
database:
container_name: mysql-database
image: 'mysql:latest'
ports:
- "3366:3306"
restart: always
environment:
#MYSQL_DATABASE: "springbootuser"
MYSQL_USER: "springmicroserviceuser"
MYSQL_PASSWORD: "111111"
MYSQL_ROOT_PASSWORD: "111111"
volumes:
- db-data:/var/lib/mysql
- ./init/init.sql:/docker-entrypoint-initdb.d/init.sql
networks:
- backend
healthcheck:
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
timeout: 20s
retries: 10
When I try to run related service, I get this issue shown below.
User Service
java.sql.SQLSyntaxErrorException: Access denied for user 'springmicroserviceuser'#'%' to database 'springbootuser'
Advertisement Service
java.sql.SQLSyntaxErrorException: Access denied for user 'springmicroserviceuser'#'%' to database 'springbootadvertisement'
Report Service
java.sql.SQLSyntaxErrorException: Access denied for user 'springmicroserviceuser'#'%' to database 'springbootreport'
How can I fix it?
Here is my project file : Link
I see other question like this here on S.O. but no one solved my problem.
I'm running MySQL using Docker, and on the first boot, I'm running some SQL queries to prepopolate the DB. One of those is the following:
CREATE USER 'user'#'%' IDENTIFIED BY 'user';
Grant All Privileges ON *.* to 'user'#'%';
FLUSH PRIVILEGES;
However, when I try to connect to the DB from another container, I get:
SQLSTATE[HY000] [2002] Connection refused (SQL: ...)
What am I doing wrong?
This happens both if I use the name of the container, and 127.0.0.1 as host
my docker-compose looks like this:
#MySQL Service
db:
image: mysql
container_name: db
restart: unless-stopped
tty: true
ports:
- "3307:3306"
- "8001:3306"
environment:
....
volumes:
- ./database/dbdata:/var/lib/mysql/:rw
- ./config/mysql/my.cnf:/etc/mysql/my.cnf
the strangest part of all of this, is that if I connect to the DB with a MySQL client installed on my PC, the connection works fine...
my.cnf is the following:
[mysqld]
general_log = 1
general_log_file = /var/lib/mysql/general.log
secure-file-priv = NULL
bind-address = 0.0.0.0
I have a docker image as follows:
version: '3.6'
services:
# MySQL
db:
image: mysql
command: --default-authentication-plugin=mysql_native_password
restart: always
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: mydb
MYSQL_USER: user
MYSQL_PASSWORD: user
ports:
# <Port exposed> : < MySQL Port running inside container>
- '3306:3306'
expose:
# Opens port 3306 on the container
- '3306'
volumes:
- ./init:/docker-entrypoint-initdb.d
The init folder directory is as follows:
init
01.sql
The 01.sql is defined as follows:
CREATE DATABASE IF NOT EXISTS `test`;
GRANT ALL ON `test`.* TO 'user'#'%';
When I execute docker-compose up the two databases are created successfully, but both mydb and test are using same username and password. Is it possible to create a different user and password for test database?
update:
I have updated the script 01.sql to:
CREATE DATABASE IF NOT EXISTS `test`;
CREATE USER 'newuser'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON test.* TO 'newuser'#'localhost' WITH GRANT OPTION;
But when I try to connect using DBeaver(username:newuser,password:password) get the error access denied.
However when I connect using username:root, password:root i can see the table created:
Thanks in advance
Any idea what i am doing wrong please?
I'm trying to set up an application which has 1 node.js server and 1 mysql database. I'm trying to integrate this with docker. I'm having trouble trying to login to mysql from my node.js app.
in short - here's my docker-compose.yml file
version: '2.1'
services:
db:
build: ./db
restart: always
environment:
# - MYSQL_ALLOW_EMPTY_PASSWORD=yes
- MYSQL_DATABASE=subscriptions
- MYSQL_PASSWORD=supersecretpassword
- MYSQL_ROOT_PASSWORD=supersecretpassword
- MYSQL_USER=root
healthcheck:
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
interval: 30s
timeout: 1s
retries: 1
subscription_api:
build: ./subscription_api_server
restart: always
depends_on:
db:
condition: service_healthy
ports:
- "5000:5000"
My Dockerfile for mySQL
CREATE DATABASE IF NOT EXISTS subscriptions;
grant all privileges on *.* to root#localhost identified by 'supersecretpassword' with grant option;
FLUSH PRIVILEGES;
My node.js application uses sequelize as the ORM and the connection string is specified here config.js
"development": {
"username": "root",
"password": "supersecretpassword",
"database": "subscriptions",
"host": "db",
"dialect": "mysql"
},
When i run docker-compose up - i get the below error from my node.js application
subscription_api_1 | Sequelize CLI [Node: 10.12.0, CLI: 5.1.0, ORM: 4.39.0]
subscription_api_1 |
subscription_api_1 | Loaded configuration file "config/config.json".
subscription_api_1 | Using environment "development".
subscription_api_1 | Sun, 14 Oct 2018 17:50:17 GMT sequelize deprecated String based operators are now deprecated. Please use Symbol based operators for better security, read more at http://docs.sequelizejs.com/manual/tutorial/querying.html#operators at node_modules/sequelize/lib/sequelize.js:242:13
subscription_api_1 |
subscription_api_1 | ERROR: Client does not support authentication protocol requested by server; consider upgrading MySQL client
But the username/password work when i try to directly ssh into my docker container
sudo docker exec -it fullstack-dev-assignment_db_1 bash
root#d36f499b706e:/# mysql -u root -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES)
root#d36f499b706e:/# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Am i doing something wrong with the way sequelize is setup?
I guess you are eventually pulling the mysql:latest docker image, which in this case would be from the 8.0 series. The problem is that MySQL 8.0 is now using a default authentication plugin that is incompatible with the community Node.js driver used by sequelize.
You should follow the steps described here to overcome that limitation.
In your case, besides granting the privileges, you would have to first switch the user authentication plugin as well.
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'supersecretpassword';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
I have a docker-compose file setup like this:
version: '3'
services:
database:
image: mysql:5.6
volumes:
- dbdata:/var/lib/mysql
environment:
- "MYSQL_DATABASE=my_database_name"
- "MYSQL_USER=my_database_user"
- "MYSQL_PASSWORD=my_database_password"
- "MYSQL_ROOT_PASSWORD=my_root_password"
ports:
- "33061:3306"
volumes:
dbdata:
I'm trying to login to the mysql cli client with root user & password (by first going into the container itself):
mysql -uroot -pmy_root_password
But I keep getting this error:
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES)
I didn't set the mysql root password env var from the very beginning. I had to remove the created volume "dbdata" and run docker-compose up again. That fixed it. Thanks for the help!