We Keep Coding

docker-compose mysql 8.0.23 refuses to allow external access

I apologize if this is already answered, or is a poor/poorly worded question.
I recently restarted a mysql-server:8.0.23 container running on docker versoon 20.10.21 on an Ubuntu 20.04.5 LTS server, and the mysql container suddenly began to reject all connections with ERROR 1130 (HY000): Host '<ip address>' is not allowed to connect to this MySQL server. This happens for all attempts, localhost, and external.
Ive spent a few days trying to fix this by modifying the docker-compose and the docker entrypoint files, deleted the contents of the container's volume to start over, but it still continues to reject any attempt from any user to connect to it. I see no errors when starting up the container, and from file contents, databases and users seem to be created.
All attempts to connect with it continue to fail.
My current docker-compose looks like this:
version: '3'
services:
mysql-stuff:
image: mysql/mysql-server:8.0.23
#image: mysql/mysql-server
restart: unless-stopped
ports:
- "3306:3306"
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: "yes"
MYSQL_ROOT_PASSWORD: "rootpwd"
MYSQL_DATABASE: "thing_one"
MYSQL_USER: "thing_one"
MYSQL_PASSWORD: "thing_one_pwd"
volumes:
- mysql-stuff-volume:/var/lib/mysql
- ./mysql/conf/db_init:/docker-entrypoint-initdb.d
command:
--default-authentication-plugin=mysql_native_password
--bind-address=0.0.0.0
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
timeout: 10s
retries: 10
volumes:
mysql-stuff-volume:
external: true
And my 01.sql file in /docker-entrypoint-initdb.d looks like this:
/* CREATE USER 'thing_one'#'%' IDENTIFIED BY 'thing_one_pwd'; */
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'rootpwd';
FLUSH PRIVILEGES;
ALTER USER 'thing_one'#'%' IDENTIFIED WITH mysql_native_password BY 'thing_one_pwd';
CREATE DATABASE IF NOT EXISTS thing_one;
GRANT ALL PRIVILEGES ON thing_one.* TO 'thing_one'#'%';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost';
CREATE USER 'stuff'#'%' IDENTIFIED WITH mysql_native_password BY 'rootpwd';
GRANT ALL PRIVILEGES ON *.* TO 'stuff'#'%' WITH GRANT OPTION;
UPDATE mysql.user SET host='%' WHERE user='root';
UPDATE mysql.user SET host='%' WHERE user='thing_one';
UPDATE mysql.user SET host='%' WHERE user='stuff';
FLUSH PRIVILEGES;
Please what am I doing wrong?
Thanks in advance!

using environment variables in docker-compose mounted files for initializing mysql

I am having trouble initializing mysql via docker-compose with the use of /docker-entrypoint-initdb.d whenever my initializing scripts requires environment variables.
I have the following docker-compose.yml file.
version: '3'
services:
mysql:
image: mysql
container_name: mysql
restart: always
env_file: .env
environment:
- MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASS
- MYSQL_USER=$MYSQL_USER
- MYSQL_PASSWORD=$MYSQL_PASS
- MYSQL_DB=$MYSQL_DB
volumes:
- db-data:/var/lib/mysql
- ./init.sql:/docker-entrypoint-initdb.d/init.sql
ports:
- $MYSQL_PORT:3306
volumes:
db-data:
This is my ./init.sql
CREATE DATABASE IF NOT EXISTS ${MYSQL_DB};
GRANT ALL PRIVILEGES ON ${MYSQL_DB}.* TO '${MYSQL_USER}'#'%';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
When I run docker-compose up, I get an error with my ./init.sql and here's what it says:
mysql | 2021-07-16 14:53:17+00:00 [Note] [Entrypoint]: /usr/local/bin/docker-entrypoint.sh: running /docker-entrypoint-initdb.d/init.sql
mysql | ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '{MYSQL_DB}' at line 1
Everything works perfectly if I change my ~/init.sql to use hardcoded values like this :
CREATE DATABASE IF NOT EXISTS testingdb;
GRANT ALL PRIVILEGES ON testingdb.* TO 'testinguser'#'%';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
# where testingdb and testinguser is my .env.MYSQL_DB and .env.MYSQL_USER respectively
How do I use environment variables in docker's volume mounted files?

Env variables can be used in .sh file, so you can achieve what you want like this:
Create an init_db.sh file (instead of init_db.sql)
Then in the init_db.sh file:
echo "** Creating default DB and users"
mysql -u root -p$MYSQL_ROOT_PASSWORD --execute \
"CREATE DATABASE IF NOT EXISTS $MYSQL_DB;
GRANT ALL PRIVILEGES ON $MYSQL_DB.* TO '$MYSQL_USER'#'%';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
echo "** Finished creating default DB and users"

mysql docker image how to create databases with their own username and password

I have a docker image as follows:
version: '3.6'
services:
# MySQL
db:
image: mysql
command: --default-authentication-plugin=mysql_native_password
restart: always
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: mydb
MYSQL_USER: user
MYSQL_PASSWORD: user
ports:
# <Port exposed> : < MySQL Port running inside container>
- '3306:3306'
expose:
# Opens port 3306 on the container
- '3306'
volumes:
- ./init:/docker-entrypoint-initdb.d
The init folder directory is as follows:
init
01.sql
The 01.sql is defined as follows:
CREATE DATABASE IF NOT EXISTS `test`;
GRANT ALL ON `test`.* TO 'user'#'%';
When I execute docker-compose up the two databases are created successfully, but both mydb and test are using same username and password. Is it possible to create a different user and password for test database?
update:
I have updated the script 01.sql to:
CREATE DATABASE IF NOT EXISTS `test`;
CREATE USER 'newuser'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON test.* TO 'newuser'#'localhost' WITH GRANT OPTION;
But when I try to connect using DBeaver(username:newuser,password:password) get the error access denied.
However when I connect using username:root, password:root i can see the table created:
Thanks in advance
Any idea what i am doing wrong please?

Not able to connect MYSQL from docker

I have downloaded a MYSQL docker image and am trying to connect to MYSQL using the host given in the IPaddress section of Docker inspect (say 172.17.0.2), port 3306 , username :root , and database: MYSQL.
I am trying to run an R script with the following Database connection:
con <- dbConnect(RMySQL::MySQL(),
dbname = “mysql”,
host=“172.17.0.2”,
port=3306,
username = “root”,
password = )
But I am getting an error stating the host does not exist. I even tried using various options of host like “localhost”. But am still failing to connect, with the error message:
Error in .local(drv, …) :
Failed to connect to database: Error: Can’t connect to MySQL server on ‘172.17.0.2’ (0)
Calls: dbConnect -> dbConnect -> .local -> .Call
Please help on this.

Trying to connect using localhost, meaning the localhost of R container, not the DB.
You can connect with the container IP directly but in case of Docker the IP changing frequently if you restart the DB the container the IP will be changed.
Better to use Docker-compose, which will keep both containers in the same network and R container will be able to connect using the name of the container.
Also, verify the logs of MySQL container is it up or you able to connect from MySQL client?
You can try something like
version: '3.3'
services:
db:
image: mysql:5.7
restart: always
environment:
MYSQL_ROOT_PASSWORD: root_password
MYSQL_DATABASE: my_db
MYSQL_USER: my_user
MYSQL_PASSWORD: my_pass
web:
depends_on:
- db
image: r-base:latest
ports:
- "8000:80"
restart: always
volumes:
db_data: {}
So, in this case, your MySQL connection string will be
dbname = “mydb”, host=“db”, port=3306, username = “root”, password =root_password
Or the other option is to pass host IP to the R container instead of using container IP.
docker run -it --add-host=db:192.168.x.x r_base_image
So now the host will be
dbname = “mydb”, host=“db”

You need to go to Mysql configuration file (my.cnf) and bind the IP address.
something like :
[mysqld]
bind-address = xx.xx.xx.xx
if you dont know the ip , use 0.0.0.0
it means your host mysql can be gloabaly use for all ip addresses.

Connecting a NodeJS container to a MySQL database

Before marking this post as a duplicate note that I've already looked at the other related posts here and pretty much everywhere I could without finding a solution to my precise case. I just keep getting confused between docker-compose.yml versions and linking the ports to each other.
Here's the issue:
I've created two containers with Docker, one hosting a NodeJS server, one hosting a MySQL database.
My docker-compose.yml looks like this:
version: '3'
services:
server:
build: ./server/
ports:
- "8080:8080"
depends_on:
- db
db:
build: ./db
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_ALLOW_EMPTY_PASSWORD: 1
MYSQL_DATABASE: dashboard_nodejs
MYSQL_USER: root
MYSQL_PASSWORD: password
client:
image: angular_app
build: ./front/
ports:
- "4242:80"
depends_on:
- server
When running docker-compose up, all of my apps are built and run without an issue until the server tries to connect to MySQL, exiting with :
Error: connect ECONNREFUSED 172.20.0.2:3306 at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1191:14)
The dockerfile for my database only contains
FROM mysql
COPY init_db.sql /docker-entrypoint-initdb.d/
and init_db.sql currently is
CREATE DATABASE IF NOT EXISTS dashboard_nodejs;
GRANT ALL PRIVILEGES ON dashboard_nodejs.*
TO 'root'#'%' IDENTIFIED BY 'password'
WITH GRANT OPTION;
Finally, my server attemps to establish the connection with the following parameters:
var con = mySql.createConnection({
host: "db",
user: "root",
password: "password",
database: "dashboard_nodejs"
});
I have no clue why the connection is refused by mysql even with (what looks to me like) the right credentials.
I apologize in advance if this particular case has already been discussed.

Add ports: "3306:3306" to the db service.