I am trying to set up a Keycloak server inside a Docker container, and I wish
it to utilize a MySQL database stored on the host machine, but I want this
database to be managed by a MySQL instance that is also running inside a
Docker container. I cannot get this to work, however.
Thus far I have tried the following:
# Create network for keycloak
docker network create edci-network
# First start up MySQL server…
docker run \
--name edci-keycloak-mysql \
-d \
--net edci-network \
-e MYSQL_DATABASE=edci-keycloak \
-e MYSQL_USER=edci-keycloak \
-e MYSQL_PASSWORD=password \
-v /path/to/local/database:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=root_password \
mysql
# … then run Keycloak with token exchange enabled.
docker run \
--name edci-keycloak \
-d \
-p 9000:8080 \
--net edci-network \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin \
-e DB_ADDR=edci-keycloak-mysql \
-e DB_PASSWORD=password \
-e JAVA_OPTS_APPEND="
-Dkeycloak.profile.feature.token_exchange=enabled
-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
" \
quay.io/keycloak/keycloak:15.0.2
However, the Keycloak logs proclaim
Using H2 database
as the server starts up. What am I doing wrong here? The MySQL Example
on the Keycloak Docker Hub page does not work as is either.
Note that using Docker Compose is not an option, so answers relying on it
are not considered. Thanks for any assistance.
Keycloak container logs: https://pastebin.com/b56cmxBJ.
You are not using predefined values (e.g. Keycloak container expect DB name keycloak), so you need to configure all DB details (env variables DB_*) explicitly:
# Create network for keycloak
docker network create edci-network
# First start up MySQL server…
docker run \
--name edci-keycloak-mysql \
-d \
--net edci-network \
-e MYSQL_DATABASE=edci-keycloak \
-e MYSQL_USER=edci-keycloak \
-e MYSQL_PASSWORD=password \
-v /path/to/local/database:/var/lib/mysql \
-e MYSQL_ROOT_PASSWORD=root_password \
mysql
# … then run Keycloak with token exchange enabled.
docker run \
--name edci-keycloak \
-d \
-p 9000:8080 \
--net edci-network \
-e KEYCLOAK_USER=admin \
-e KEYCLOAK_PASSWORD=admin \
-e DB_VENDOR=mysql \
-e DB_ADDR=edci-keycloak-mysql \
-e DB_DATABASE=edci-keycloak \
-e DB_USER=edci-keycloak \
-e DB_PASSWORD=password \
-e JAVA_OPTS_APPEND="
-Dkeycloak.profile.feature.token_exchange=enabled
-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled
" \
quay.io/keycloak/keycloak:15.0.2
I am busy with creating mysql + joomla in docker. But everytime I delete the old container and create a new Joomla container with the same parameters, I have to do the installation of joomla again. How can I make the Joomla website persistent so that everytime I create a new joomla container I don't have to redo the installation in the webbrowser.
I tried creating an image of the already installed Joomla container but that didn't give me any success.
Also I mounted the /var/www/html folder of the joomla container, but still the same problem.
This is the commands I use to create both containers:
mysql:
docker run \
--name JoomlaDB \
-d \
-p 3306:3306 \
-e MYSQL_USER=JoomlaUser \
-e MYSQL_PASSWORD=password \
-e MYSQL_ROOT_PASSWORD=password \
-e MYSQL_DATABASE=joomla \
-v db_volume:/var/lib/mysql \
mysql:5.7
Joomla:
docker run \
-d \
-p 8080:80 \
-e JOOMLA_DB_HOST=JoomlaDB:3306 \
-e JOOMLA_DB_USER=JoomlaUser \
-e JOOMLA_DB_PASSWORD=password \
-e JOOMLA_DB_NAME=joomla \
--link JoomlaDB:mysql \
-v joomla_volume:/var/www/html \
joomla
Thanks in advance for the answers!
Somewhat a year ago, I came up with the idea of extending my Docker knowledge to begin with creating a sort of multi-platform server image for development purposes, since then, I figured out how to get Nginx and PHP-fpm running in a stable environment. This all is based on a Debian image. Now since a couple one week ago, I wanted to add MySQL functionality to the image. At first, I tried the normal MySQL(-server) image and after trying to fix errors about why it couldn't run in my image, I switched to using MariaDB - I even had changed the Docker image of MySQL to fit to my needs (Replaced CMD ["mysqld"] for a supervisord.conf executable since my project is using several services of course). Now, I'm trying to figure it out for days but it is still not running. At the moment, I've chosen to use https://hub.docker.com/_/mariadb (second: 10.4.12-bionic, 10.4-bionic, 10-bionic, bionic, 10.4.12, 10.4, 10, latest) with my image.
I've just created a mariadb copy on time of writing, but replaced directly executing mysqld (working). When this topic is created, it didn't worked with a supervisord and that works as supposed to be now.
I have a docker-compose.yml where it will be started, here the code:
version: "3"
services:
db:
container_name: mariadb
image: mariadb
build: .
restart: on-failure
ports:
- 3306:3306
environment:
- MYSQL_ROOT_PASSWORD=test123
networks:
- local-network
networks:
local-network:
driver: bridge
Then, I will execute docker-compose up -d or with the (--build) parameter.
The Dockerfile behind that is:
FROM debian:buster-slim
ENV DEBIAN_FRONTEND noninteractive
ENV GOSU_VERSION 1.12
ENV MARIADB_VERSION 10.4
ENV GPG_KEYS \
199369E5404BD5FC7D2FE43BCBCB082A1BB943DB \
177F4010FE56CA3336300305F1656F24C74CD1D8
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mysql && useradd -r -g mysql mysql
RUN apt-get update && apt-get install --no-install-recommends --no-install-suggests -q -y \
wget \
ca-certificates \
gnupg \
gnupg1 \
gnupg2 \
dirmngr \
pwgen \
tzdata \
xz-utils
# Get Gosu for easy stepdown from root (to avoid sudo/su miscommunications)
# https://github.com/tianon/gosu/releases
RUN set -eux; \
savedAptMark="$(apt-mark showmanual)"; \
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
export GNUPGHOME="$(mktemp -d)"; \
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
gpgconf --kill all; \
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
apt-mark auto '.*' > /dev/null; \
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
chmod +x /usr/local/bin/gosu; \
gosu --version; \
gosu nobody true
RUN mkdir /docker-entrypoint-initdb.d
RUN set -ex; \
export GNUPGHOME="$(mktemp -d)"; \
for key in $GPG_KEYS; do \
gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key"; \
done; \
gpg --batch --export $GPG_KEYS > /etc/apt/trusted.gpg.d/mariadb.gpg; \
command -v gpgconf > /dev/null && gpgconf --kill all || :; \
rm -r "$GNUPGHOME"; \
apt-key list
# Add MariaDB repo
RUN set -e;\
echo "deb http://downloads.mariadb.com/MariaDB/mariadb-$MARIADB_VERSION/repo/debian buster main" > /etc/apt/sources.list.d/mariadb.list; \
{ \
echo 'Package: *'; \
echo 'Pin: release o=MariaDB'; \
echo 'Pin-Priority: 999'; \
} > /etc/apt/preferences.d/mariadb
# Install MariaDB and set custom requirements
RUN set -ex; \
{ \
echo "mariadb-server" mysql-server/root_password password 'unused'; \
echo "mariadb-server" mysql-server/root_password_again password 'unused'; \
} | debconf-set-selections; \
apt-get update && apt-get install --no-install-recommends --no-install-suggests -y -q \
mariadb-server \
mariadb-backup \
socat; \
# comment out any "user" entires in the MySQL config ("docker-entrypoint.sh" or "--user" will handle user switching)
sed -ri 's/^user\s/#&/' /etc/mysql/my.cnf /etc/mysql/conf.d/*; \
# making sure that the correct permissions are set
mkdir -p /var/lib/mysql /var/run/mysqld; \
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld; \
# comment out a few problematic configuration values
find /etc/mysql/ -name '*.cnf' -print0 \
| xargs -0 grep -lZE '^(bind-address|log)' \
| xargs -rt -0 sed -Ei 's/^(bind-address|log)/#&/'; \
# don't reverse lookup hostnames, they are usually another container
echo '[mysqld]\nskip-host-cache\nskip-name-resolve' > /etc/mysql/conf.d/docker.cnf
# Setup the Supervisor
RUN apt-get update && apt-get install supervisor -y \
&& mkdir -p /var/log/supervisor
COPY /supervisord.conf /etc/supervisor/conf.d/supervisord.conf
RUN chmod +x /etc/supervisor/conf.d/supervisord.conf
VOLUME /var/lib/mysql
COPY /docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh \
&& ln -s /usr/local/bin/docker-entrypoint.sh /
ENTRYPOINT ["docker-entrypoint.sh"]
EXPOSE 3306 33060
# call and execute the supervisor after build
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
After a couple days of working on fixing the image I thought that the supervisord was the issue, it couldn't run because of that or something. Well, here is the supervisord:
[supervisord]
logfile=/var/log/supervisord.log
nodaemon=true
user=root
[program:mysql]
command=/usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql
process_name=mysqld
priority=1
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stdout_events_enabled=true
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
stderr_events_enabled=true
autorestart=true
user=mysql
What happens next when the image has been build is that mysql will be executed by the supervisor. But, the problem is that I wanted to use the entrypoint from https://github.com/mariadb-corporation/mariadb-server-docker/tree/master/10.4 - I'm not very well known in Bash, so it will take some time to practice things there. Anyway, the docker-entrypoint has not been executed the first time, the database will not be initialized. What I can do, is creating an own shell script to initialize it. Tested that and it worked, but why can't I just use the default entrypoint as the first choise?
Is it going wrong at some point between Supervisord commands - docker-entrypoint with mysql connection points or something?
I really hope that someone can help me out.
Edit [04/26/2020]: Described the latest situation from now on, database not initializing, no message, notes or warnings from the entrypoint script.
Regards,
Colin
The MySQL service should run as root user, but later that's the mysql user whiche tries to access to the "socket". So, the socket directory should be accessible by mysql user but Superviser runs the mysql service as root user.
I fixed this issue by creating and gave right permission to the MySQL socket directory in my Dockerfile:
ARG MARIADB_MYSQL_SOCKET_DIRECTORY='/var/run/mysqld'
RUN mkdir -p $MARIADB_MYSQL_SOCKET_DIRECTORY && \
chown root:mysql $MARIADB_MYSQL_SOCKET_DIRECTORY && \
chmod 774 $MARIADB_MYSQL_SOCKET_DIRECTORY
then configured the Supervisor like this:
[program:mariadb]
command=/usr/sbin/mysqld
autorestart=true
user=root
I am very new in using Docker and I wonder if there is a way to allow multiple MySQL instances/containers to run at the same time? I have tried the following:
For the master:
docker run -d -v /var/projects/test/db_master:/var/lib/mysql --name
db_master -p 2222:22 -e ROOT_PASS="mypass" tutum/ubuntu:trusty
For the slaves:
docker run -d -v /var/projects/test/db_slave:/var/lib/mysql --name db_slave -p 2322:22 -e ROOT_PASS="mypass" tutum/ubuntu:trusty
docker run -d -v /var/projects/test/db_slave_5_hours:/var/lib/mysql --name db_slave_5_hours -p 2522:22 -e ROOT_PASS="mypass" tutum/ubuntu:trusty
Run MySQL Master and Slave containers:
docker run \
-d \
--volumes-from db_master \
-p 3706:3306 \
-e MYSQL_PASS=admin \
-e REPLICATION_MASTER=true -e REPLICATION_USER=admin -e REPLICATION_PASS=admin \
--name mysql \
tutum/mysql
docker run -d \
--volumes-from db_slave \
-e REPLICATION_SLAVE=true \
-e MYSQL_PASS=admin \
-p 3806:3306 \
--link mysql:mysql \
--name mysql_slave \
tutum/mysql
docker run -d \
--volumes-from db_slave_5_hours \
-e REPLICATION_SLAVE=true \
-e MYSQL_PASS=admin \
-e REPLICATION_DELAY=18000 \
-p 4006:3306 \
--link mysql:mysql \
--name mysql_slave_5_hours \
tutum/mysql
The second slave just times out and exits after 13 attempts of starting MySQL as specified in run.sh and it does not matter which slave I start first.
Thank you in advance.
Here's my code:
cd ~ && mkdir src && cd src
groupadd mysql
useradd -g mysql -s /sbin/nologin mysql
wget http://www.percona.com/downloads/Percona-Server-5.6/Percona-Server-5.6.22-71.0/source/tarball/percona-server-5.6.22-71.0.tar.gz
tar zxf percona-server-5.6.22-71.0.tar.gz
cd percona-server-5.6.22-71.0
sh BUILD/autorun.sh
cmake \
-DCMAKE_INSTALL_PREFIX=/opt/percona-server-5.6.22-71.0 \
-DSYSCONFDIR=/opt/percona-server-5.6.22-71.0 \
-DOPTIMIZER_TRACE=OFF \
-DWITH_DEBUG=OFF \
-DWITH_EXTRA_CHARSETS=none \
-DWITH_UNIT_TESTS=OFF \
-DWITH_ZLIB=bundled \
-DWITH_ARCHIVE_STORAGE_ENGINE=OFF \
-DWITH_BLACKHOLE_STORAGE_ENGINE=OFF \
-DWITH_CSV_STORAGE_ENGINE=OFF \
-DWITH_FEDERATED_STORAGE_ENGINE=OFF \
-DWITH_INNOBASE_STORAGE_ENGINE=ON \
-DWITH_MYISAM_STORAGE_ENGINE=ON \
-DWITH_PARTITION_STORAGE_ENGINE=ON \
-DWITH_HEAP_STORAGE_ENGINE=OFF && make -j `cat /proc/cpuinfo | grep processor | wc -l` && make install && make clean && cd ..
ln -s /opt/percona-server-5.6.22-71.0/ /opt/mysql
sed -i 's/executing mysqld_safe/executing mysqld_safe\n\n# gperftools\nexport LD_PRELOAD=\/usr\/lib64\/libtcmalloc.so\n/g' /opt/mysql/bin/mysqld_safe
mkdir -p /data/mysql/bin
mkdir -p /data/mysql/data
mkdir -p /data/mysql/group
mkdir -p /data/mysql/log
mkdir -p /data/mysql/slow
chown -R mysql:mysql /data/mysql
nano /opt/mysql/my.cnf
After I config my.cnf file, then
chmod 755 /opt/mysql/scripts/mysql_install_db
/opt/mysql/scripts/mysql_install_db --user=mysql --basedir=/opt/mysql --datadir=/data/mysql/data
It says
[root#var4 src]# /opt/percona-server-5.6.21-70.1/scripts/mysql_install_db --user=mysql --basedi/ --datadir=/data/mysql/data/70.1/
Installing MySQL system tables...[root#var4 src]#
I tried percona-server-5.6.21-70.1 & percona-server-5.6.22-71.0, both failed.
Then I clean up the my.cnf content, failed again.
Maybe I will reinstall the CentOS 6.5. But does anyone has met this issue before?
Is there a specific reason for install it manually?
You can install Percona 5.6 using percona yum repository easily:
yum install http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm
Then:
yum install Percona-Server-server-56 Percona-Server-client-56