search

colinmollenhour / mariadb-galera-swarm

MariaDb Galera Cluster container based on official mariadb image which can auto-bootstrap and recover cluster state.
https://hub.docker.com/r/colinmollenhour/mariadb-galera-swarm
Apache License 2.0
217 stars 102 forks source link

accessing the cluster - access denied #55

Closed perler closed 5 years ago

perler commented 5 years ago

when trying to access the mariadb cluster we get:

access denied for user 'root'@'10.255.0.2'

we are quite certain that we use the password from .secrets/mysql_root_password but wonder if the user created in the mariadb instance is for @localhost only?

colinmollenhour commented 5 years ago

It is created for both @localhost and @127.0.0.1, but not for @%. I thought this was common with how other MySQL-based images do it, is it not?

perler commented 5 years ago

not sure about this, but I wonder how I am I supposed to access the cluster, if I can only access it from localhost? Or am I supposed to use an SQL-proxy and put it into the cluster network with an exposed port to the outside world?

colinmollenhour commented 5 years ago

There are several ways and I suppose the idea is to err on the side of security. You can easily add a less secure root account if you like either manually or via an init script, but there is nothing requiring it to even be named 'root' and not all users will want it to be '%', they may want it more restricted. But for starters:

docker exec -it <container_name> mysql

colinmollenhour commented 5 years ago

I just checked the latest Docker mariadb container and it looks like they added a $MYSQL_ROOT_HOST variable which can be used to specify a host other than localhost. Would need to port that change over to this image though as the docker-entrypoint.sh is replaced.

perler commented 5 years ago

this would be nice, please update this ticket..

On Tue, Sep 25, 2018 at 6:00 PM Colin Mollenhour notifications@github.com wrote:

I just checked the latest Docker mariadb container and it looks like they added a $MYSQL_ROOT_HOST variable which can be used to specify a host other than localhost. Would need to port that change over to this image though as the docker-entrypoint.sh is replaced.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/colinmollenhour/mariadb-galera-swarm/issues/55#issuecomment-424398786, or mute the thread https://github.com/notifications/unsubscribe-auth/AAmB9P6OlDR9qt_sihMk969PH7JYwaMgks5uelMygaJpZM4Wto19 .

--

colinmollenhour commented 5 years ago

Added MYSQL_ROOT_HOST and MYSQL_ROOT_SOCKET_AUTH variables.