I'm trying to get a docker container to work with mariadb and node.js images. The container will use an existing database in /home/mysql
. However, when the container is launched, I'm getting this "failed to connect" error in node.js:
Error: ER_HOST_NOT_PRIVILEGED:
Host '172.18.0.5' is not allowed to connect to this MariaDB server
Here's my docker-compose.yml:
version: '3'
services:
mariadb:
image: mariadb
restart: always
volumes:
- /home/mysql:/var/lib/mysql
user: "mysql"
ports:
- "3306:3306"
watch:
build: .
restart: always
links:
- mariadb:mysql
environment:
- DOCKER_IP=172.18.0.2
depends_on: ['mariadb']
ports:
- "3000:3000"
After reading this thread , I found that mysql is actually running, but it fails to let other services connect:
These are some of the steps I have checked. As you can see, I can log in to the mysql instance:
$ docker exec -it 552aae9ea09c bash
mysql@552aae9ea09c:/$ mysql -u root -p
Enter password: *******
MariaDB [(none)]> SELECT host, user FROM mysql.user;
+-------------+------------------+
| host | user |
+-------------+------------------+
| 127.0.0.1 | root |
| ::1 | root |
| someusername| |
| someusername| root |
| localhost | |
| localhost | dbusername |
| localhost | databasename |
| localhost | root |
+-------------+------------------+
8 rows in set (0.00 sec)
mysql@552aae9ea09c:/$ mysqld --verbose --help | grep bind-address
2017-11-13 17:35:40 139825857279872 [Note] Plugin 'FEEDBACK' is disabled.
--bind-address=name IP address to bind to.
bind-address (No default value)
One thing to note is that even though I've explicitly set the user to mysql
in the yml file, these three files in /home/mysql: ib_logfile0
, ib_logfile1
, ib_buffer_pool
are still under the group of systemd-journal-remote
, which I suspect has something to do with the connection failure.( reference )
The error you are receiving is caused by the fact that MariaDB thinks you are not authorized to connect to the server. This means that you haven't created a database user for the Node.js app or the grants for that user are incorrect.
A fool-proof way to solve this is to create a separate user for the Node.js application. You can automate this by writing the following SQL into a file and mounting the volume into /docker-entrypoint-initdb.d
.
CREATE USER 'my-app-user'@'%' IDENTIFIED BY 'my-app-password';
GRANT ALL ON *.* TO 'my-app-user'@'%';
Change the username and password accordingly and reduce the given privileges from the ALL
privilege. You can also change the wildcard hostname %
to a specific IP address or hostname.
Simply run this sql query:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password'
(assuming that you are connecting as the root user)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.