Since 2 hours I've got the problem that my MySQL container doesnt' allow connections from my laravel application (order). Every time I try to connect I get the following message (from laravel logs):
[2019-08-08 15:20:18] production.ERROR: SQLSTATE[HY000] [1045] Access
denied for user 'root'#'172.21.0.3' (using password: YES)
{"exception":"[object] (Doctrine\DBAL\Driver\PDOException(code:
1045): SQLSTATE[HY000] [1045] Access denied for user
'root'#'172.21.0.3' (using password: YES) at
/var/www/laravel/vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDOConnection.php:31,
PDOException(code: 1045): SQLSTATE[HY000] [1045] Access denied for
user 'root'#'172.21.0.3' (using password: YES) at
/var/www/laravel/vendor/doctrine/dbal/lib/Doctrine/DBAL/Driver/PDOConnection.php:27)
I've changed nothing in the configs or the DB. I just restarted all container with 'docker-compose restart'.
Here's my docker-compose file:
version: "2"
services:
nginx-proxy:
image: jwilder/nginx-proxy
container_name: nginx-proxy
restart: always
networks:
- webgateway
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- conf:/etc/nginx/conf.d
- vhost:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- dhparam:/etc/nginx/dhparam
- certs:/etc/nginx/certs
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: nginx-proxy_le
volumes_from:
- nginx-proxy
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- webgateway
order:
container_name: order
image: e-order:latest
restart: always
volumes:
- /var/e-order/storage:/var/www/laravel/storage/app
- /var/e-order/logs:/var/www/laravel/storage/logs
networks:
- webgateway
- order_net
environment:
- VIRTUAL_HOST={URL}
- LETSENCRYPT_HOST={URL}
- LETSENCRYPT_EMAIL={MAIL}
- DB_HOST=order-db
- DB_USERNAME=root
- DB_PASSWORD={ROOT_PW}
- DB_DATABASE=e-order
- PHP_MEM_LIMIT=2048
env_file:
- /var/e-order/config/production.env
order-db:
image: mysql
container_name: order-db
restart: always
volumes:
- /var/e-order/database:/var/lib/mysql
networks:
- order_net
environment:
- MYSQL_DATABASE=e-order
- MYSQL_USER={USER}
- MYSQL_PASSWORD={PW}
- MYSQL_ROOT_PASSWORD={ROOT_PW}
networks:
webgateway:
order_net:
volumes:
conf:
vhost:
html:
dhparam:
certs:
An my production config file (linked with 'env_file'):
APP_NAME=e-order
APP_ENV=production
APP_DEBUG=false
APP_URL={URL}
MIX_ENV_MODE=production
DB_CONNECTION=mysql
BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=database
SESSION_DRIVER=database
SESSION_LIFETIME=120
TELESCOPE_HARDCORE=true
I've checked the configuration in the application the password which will be used to create the connection is correct and exactly as in the docker-compose file stated.
I'm able to connect directly on the mysql container when I connect to it with 'docker container exec -it order-db bash' and use the comment 'mysql -u root -p' and enter the root password as in the docker-compose file stated.
The host for the root user is set correctly. This is the way I've already checked that:
mysql> select user, host from mysql.user;
+------------------+-----------+
| user | host |
+------------------+-----------+
| root | % |
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+------------------+-----------+
7 rows in set (0.00 sec)
Privileges are also correct (I mean its the root use).
I've also checked the ip addresses. The appliaction was '172.21.0.3' and the db was '172.21.0.2' so they are in the same subnet the connection should be possible in my opinion.
Is there something locked in the mysql config? Or why isn't it working after just a quick restart.
I've downgraded the mysql version from 8.0 to 5.7 and now it's working like a charm. Not sure why but I'm in contact with the guy's from mysql to find a reason/solution.
Edit 18.05.2020:
A little edit after some time. I'm using the Maria DB Image since then and never had such problems.
Related
newbies for airflow and mysql settings here. I am trying to set up airflow in docker-compose with MySQL as backend.
I have my mySQL connection string as sql_alchemy_conn_cmd=mysql://localuser:localpassword#mock_mysql/metastore in airflow.cfg
I have my docker-compose.yml as
version: "3.9"
networks:
airflow:
services:
redis_local:
image: redis:latest
container_name: redis_server
ports:
- 6379:6379
command: redis-server
restart: on-failure
networks:
- airflow
mysql_local:
image: mysql:5.7
container_name: mysql_local
environment:
- MYSQL_ROOT_HOST=%
- MYSQL_USER=localuser
- MYSQL_PASSWORD=localpassword
- MYSQL_ROOT_PASSWORD=localpassword
- MYSQL_DATABASE=metastore
volumes:
- ./script/init.sql:/data/application/init.sql
- ./dbdata:/var/lib/mysql
ports:
- 3306:3306
restart: on-failure
healthcheck:
test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"]
timeout: 1s
retries: 10
command:
--init-file /data/application/init.sql
--explicit_defaults_for_timestamp=1
networks:
- airflow
airflow_init_db:
depends_on:
- redis_local
- mysql_local
container_name: airflow_init_db
image: apache/airflow:2.0.0-python3.8
command: airflow initdb
since it's connecting to the metastore database, it will required to set up the database in mysql when the database is starting. i have my init.sql as
CREATE DATABASE IF NOT EXISTS metastore;
CREATE USER 'localuser'#'localhost' IDENTIFIED BY 'localpassword';
GRANT ALL PRIVILEGES ON metastore . * TO 'localuser'#'localhost';
FLUSH PRIVILEGES;
However from the healthcheck, mysql itself was failing with
mysql_local | 2021-07-06T04:29:04.011037Z 3 [Note] Access denied for user 'root'#'localhost' (using password: NO)
init db and scheduler both failed with
sqlalchemy.exc.OperationalError: (MySQLdb._exceptions.OperationalError) (2005, "Unknown MySQL server host 'mock_mysql' (-2)")
I wasn't really sure what are missing at this point.
really appreciate any help!
Thanks
Two problems.
you should use mysql_local as hostname in your connection string not mock_mysql as this is the name of your MySQL container (and this.is the name defined in DNS by docker-compose)
the healthecheck you use assumes password-less authentication, and likely in default db image of MySQL it is.disabled for security. You should pass user/password as.parameters to your healthecheck command or enable root password-less authentication
I'm sorry to open one more of those 'can't connect to my database' questions, but after searching for hours I just don't get it.
I want a dockerized database to be used by the (non dockerized) invoicePlane app.
So I'm using the following docker-compose.yml
version: '2'
services:
db:
image: mariadb:latest
#also tried mysql:latest
restart: always
environment:
MYSQL_DATABASE: 'invoiceplane_db'
MYSQL_USER: 'invoiceplane'
MYSQL_PASSWORD: 'pass1'
MYSQL_ROOT_PASSWORD: 'pass0'
expose:
- '3306'
volumes:
myserver/path:/var/lib/mysql
volumes:
invoiceplane-db:
It starts with sudo docker-compose -f docker-compose.yml up
From inside the container, everything works fine. I can connect, e.g. via mysql -uroot -ppass0, and see
+--------------+-----------+
| User | Host |
+--------------+-----------+
| invoiceplane | % |
| root | % |
| root | localhost |
+--------------+-----------+
3 rows in set (0.004 sec)
Now I want to access the db from the host, trying
mysql invoiceplane_db_1:3306 -uroot -ppass0
where invoiceplane_db_1 is the container's name.
but I'm always getting:
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES)
Through my websearch I gained the impression that this may have to do with the bind-address in the /etc/mysql/my.cnf of the container, which was stated here, for example. But I was not able to get it right. Initially, the parameter was commented out. I set it to bind-address = 127.0.0.1 and restarted the container. It did not help.
Am I missing something here?
This is my working docker-composer for mariadb:
db:
image: mariadb:10.4
ports:
- "3306:3306"
volumes:
- db-storage:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: root-pass
MYSQL_USER: my-user
MYSQL_PASSWORD: my-user-pass
MYSQL_DATABASE: my-database
From the looks of it, seems like you are missing the port mapping: 3306:3306
I have two docker instances, one for the API and one for the DB of a project. I was able to run both without issues, but today I wasn't able to. The DB instance builds without issue, but the API is unable to communicate with it, due to the following error:
django.db.utils.OperationalError: (1130, "Host '172.x.x.x' is not allowed to connect to this MySQL server")
Some googling led me to check the host for the root user, which gives me:
SELECT host from mysql.user where User='root';
+-----------+
| host |
+-----------+
| localhost |
+-----------+
1 row in set (0.00 sec)
Below is docker-compose.yml:
version: "3"
services:
db:
container_name: db
image: mysql:5.7
ports:
- "3336:3306"
environment:
MYSQL_ROOT_PASSWORD: ***
MYSQL_USER: ***
MYSQL_PASSWORD: ***
MYSQL_DATABASE: ***
restart: always
command:
[
"mysqld",
"--character-set-server=utf8mb4",
"--collation-server=utf8mb4_unicode_ci",
]
api:
container_name: api
build:
context: ../../
dockerfile: ./etc/docker/Dockerfile
ports:
- "8000:8000"
depends_on:
- db
restart: always
So, I have a few questions:
Any idea why the API instance's IP changed? I'm assuming it changed, since it was able to connect without issues since yesterday.
Is there a way to solve this issue via docker-compose/Makefile? I was able to ssh into the DB instance and change the host manually, but this is obviously not sustainable.
Is there any way to change the IP of the API instance to localhost?
Thanks in advance.
It is possible that the IP of your IP container has changed and that is why you cannot connect, verify that first.
You can add a user that can connect from any ip to your databases.
I'm honestly tired of this. I've tried every possible solution but it still refuses to connect.
Here is my docker-compose file:
version: '3'
services:
# Database
db:
image: mysql:5.7
container_name: db
restart: always
env_file: .env
environment:
- MYSQL_ROOT_HOST=%
- MYSQL_ROOT_PASSWORD=root
- MYSQL_DATABASE=$MYSQL_DATABASE
- MYSQL_USER=$MYSQL_USER
- MYSQL_PASSWORD=$MYSQL_PASSWORD
networks:
- backend
# Wordpress
wp:
depends_on:
- db
image: wordpress:php7.3-fpm
container_name: wordpress
restart: always
env_file: .env
environment:
- WORDPRESS_DB_HOST=db:3306
- WORDPRESS_DB_USER=$MYSQL_USER
- WORDPRESS_DB_PASSWORD=$MYSQL_PASSWORD
- WORDPRESS_DB_NAME=$MYSQL_DATABASE
volumes:
- ./wordpress:/var/www/html
networks:
- backend
# Nginx
nginx:
depends_on:
- wp
image: nginx
restart: always
ports:
- "80:80"
volumes:
- ./wordpress:/var/www/html
- ./nginx-conf:/etc/nginx/conf.d
networks:
- backend
networks:
backend:
driver: bridge
I've tried 127.0.0.1, 0.0.0.0, db, docker inspect db to get ip address of the container. All of them fail to connect. I've used Sequel Pro, MySQL Workbench and DataGrip.
The setup works completely fine. Its just that I cant connect to the database outside the container.
I even checked the mysql host privileges in the container and got:
% root
% wordpress (name of the user I created)
...
Am I missing something?
In order to reach your database from the host machine with an sql client you need to map the MYSQL database port to the host machine.
In your Compose file add the port mapping to your db service.
db:
...
ports:
- "3306:3306"
I believe you are using the default port based on your Wordpress service.
Then configure your SQL client to 127.0.0.1 and port 3306.
MYSQL Changes
MY.ini changes in c:\programdata\mysql\mysql server 8.0
Add Bind_address=0.0.0.0
Save as Admin - Check timestam
Create one App user - Dont user mysql Root user for app
drop user 'username'#localhost;
FLUSH PRIVILEGES;
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'localhost' WITH GRANT OPTION;
CREATE USER 'username'#'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
Restart the MYSQL Server
Restart Docker for Windows
Check Hosts files in C:\Windows\System32\drivers\etc if host.docker.internal variable is updated correctly
# Added by Docker Desktop
10.0.0.6 host.docker.internal
10.0.0.6 gateway.docker.internal
Application Changes:
User host.docker.internal in JDBC URL in app.properties
spring.datasource.url=jdbc:mysql://host.docker.internal:3306/test
spring.datasource.username=username
spring.datasource.password=password
maven install should work
docker run <repo/repo>:image should work fine. now
I'm trying to dockerize monitoring of mysql using prom/mysqld-exporter and prom/prometheus. I have configured the docker-compose.yml file like the following:
version: '3'
services:
mysql:
image: mysql
container_name: mysql
restart: always
volumes:
- mysql:/var/lib/mysql
# command:
# - CREATE USER 'root'#'localhost' IDENTIFIED BY 'password' WITH MAX_USER_CONNECTIONS 3;
# - GRANT PROCESS, REPLICATION CLIENT, SELECT ON *.* TO 'root'#'localhost';
environment:
- MYSQL_ROOT_PASSWORD= password
- MYSQL_DATABASE= db #Defining a new Database
- MYSQL_USER= mostafa
- MYSQL_PASSWORD= ghadimi
ports:
- 3306:3306
- 33060:33060
prometheus:
image: prom/prometheus
container_name: prometheus
ports:
- 9090:9090
volumes:
- prometheus:/prometheus
- ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml
command:
- --config.file=/etc/prometheus/prometheus.yml
mysql-exporter:
image: prom/mysqld-exporter
container_name: mysql-exporter
ports:
- 9104:9104
volumes:
- ./mysql-exporter/.my.cnf:/root/.my.cnf
depends_on:
- mysql
volumes:
mysql:
prometheus:
and here is my ./mysql-exporter/.my.cnf file:
[client]
user=mostafa
password=ghadimi
After running docker-compose up command, everything works properly except the following error!:
mysqld: dial tcp 127.0.0.1:3306: connect: connection refused
I don't know how can I fix it!
PS: I have also tried to connect to mysql through its container and docker exec -it <container-id> bash command and I have attempted all the possible passwords (like empty string and the password I have set in docker-compose file), but I face with another error:
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES)
Mysql-d exporter is looking for mysql instance on localhost, but it is not running on the localhost inside mysqld container. You will have to pass external connection string with the host of mysql because this is the name of mysql service in docker-compose. From mysqld-exporter docs - you will have to pass environment variable to mysqld-exporter container with this datasource connection string :
mysql-exporter:
image: prom/mysqld-exporter
container_name: mysql-exporter
ports:
- 9104:9104
volumes:
- ./mysql-exporter/.my.cnf:/root/.my.cnf
environment:
- DATA_SOURCE_NAME="user:password#mysql:3306/database"
depends_on:
- mysql
And change user, password and database name to your desired ones.