​
DirectorySecurity Advisories
Sign In
Directory
mysql logo

mysql

Last changed

Sign In for Updates

Get notified of upcoming product changes, critical vulnerability notifications and patches and more.

Sign In
Versions
Overview
Provenance
Specifications
SBOM
Vulnerabilities
Advisories

MySQL is a widely used open-source relational database management system.

Download this Image

The image is available on cgr.dev:

docker pull cgr.dev/chainguard/mysql:latest

Testing the MySQL Server Image

The default MySQL port is 3306. To run a quick test MySQL server container with an empty root password, use the following command:

docker run -p 3306:3306 --rm -e MYSQL_ALLOW_EMPTY_PASSWORD=1 cgr.dev/{YOUR-PRIVATE-REPO}/mysql

Don't forget to replace {YOUR-PRIVATE-REPO} with your organization's designated private repository.

Thu Sep 12 13:42:59 UTC 2024 [Note] [Entrypoint]: Entrypoint script for MySQL Server  started.
Thu Sep 12 13:42:59 UTC 2024 [Note] [Entrypoint]: Initializing database files
2024-09-12T13:42:59.828911Z 0 [System] [MY-015017] [Server] MySQL Server Initialization - start.
2024-09-12T13:42:59.829672Z 0 [System] [MY-013169] [Server] /usr/bin/mysqld (mysqld 8.4.2) initializing of server in progress as process 41
2024-09-12T13:42:59.837924Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2024-09-12T13:43:00.401495Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2024-09-12T13:43:02.507476Z 6 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
2024-09-12T13:43:05.547743Z 0 [System] [MY-015018] [Server] MySQL Server Initialization - end.
Thu Sep 12 13:43:05 UTC 2024 [Note] [Entrypoint]: Database files initialized
Thu Sep 12 13:43:05 UTC 2024 [Note] [Entrypoint]: Starting temporary server

(...)

2024-09-12T13:43:09.669017Z 0 [System] [MY-015015] [Server] MySQL Server - start.
2024-09-12T13:43:09.876146Z 0 [System] [MY-010116] [Server] /usr/bin/mysqld (mysqld 8.4.2) starting as process 1
2024-09-12T13:43:09.889947Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2024-09-12T13:43:10.365620Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2024-09-12T13:43:10.656614Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2024-09-12T13:43:10.656633Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
2024-09-12T13:43:10.665823Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/lib/mysql' in the path is accessible to all OS users. Consider choosing a different directory.
2024-09-12T13:43:10.696239Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Bind-address: '::' port: 33060, socket: /run/mysqld/mysqlx.sock
2024-09-12T13:43:10.696283Z 0 [System] [MY-010931] [Server] /usr/bin/mysqld: ready for connections. Version: '8.4.2'  socket: '/run/mysqld/mysqld.sock'  port: 3306  Source distribution.

After the server is up and running, you can connect to it using the mysql client. This is available for most Linux-based systems in a package called mysql-client, in case you don't have it installed yet. To connect to the server as root and without a password, use the following command:

mysql -h 127.0.0.1 -uroot

Please note this only works because the server was initialized with the option MYSQL_ALLOW_EMPTY_PASSWORD, which should never be used on production environments.

Following that, you should now see the MySQL prompt:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.4.2 Source distribution

Copyright (c) 2000, 2024, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

You can now create databases, users, and tables as you would with a regular MySQL server. To exit the client, run the exit command on the MySQL prompt. To stop the server, press Ctrl+C in the terminal where Docker is running. The container will stop and be removed automatically.

Database Initialization Via Environment Variables

You can use environment variables to set up your database upon initialization. The following variables are available for this purpose:

  • MYSQL_ROOT_HOST: This variable allows you to specify the host from which the root user can connect. The default value is localhost.
  • MYSQL_ROOT_PASSWORD: Sets the password for MySQL's root superuser account.
  • MYSQL_RANDOM_ROOT_PASSWORD: When this variable is set, a random password is generated for the root superuser account. This password is printed to stdout at the end of the container initialization process.
  • MYSQL_ALLOW_EMPTY_PASSWORD: This variable allows you to run the MySQL container with an empty root password. This is insecure and should only be used for tests and local development.
  • MYSQL_DATABASE: Creates a new database upon initialization.
  • MYSQL_USER: Together with MYSQL_PASSWORD, this environment variable can be used to create a new database user and grant them full access to the database defined by MYSQL_DATABASE.
  • MYSQL_PASSWORD: This should be used in conjunction with the MYSQL_USER environment variable to set up the database user's password.

Importing Data From an SQL File Upon Initialization

Another feature from the MySQL initialization script allows you to import an SQL file via a volume mounted to /docker-entrypoint-initdb.d. For example, if you have a my-data.sql file in your current folder, you can run the following command to have this data automatically imported to your database:

docker run -v ${PWD}/my-data.sql:/docker-entrypoint-initdb.d/my-data.sql cgr.dev/{YOUR-PRIVATE-REPO}/mysql

Docker Compose Example

To facilitate testing the various environment variables and options when initializing your MySQL server, you can use a Docker Compose setup like the following. Again, remember to replace {YOUR-PRIVATE-REPO} with your organization's designated private repository.

version: "3.7"
services:
  mysql:
    image: cgr.dev/{YOUR-PRIVATE-REPO}/mysql
    restart: unless-stopped
    environment:
      MYSQL_ALLOW_EMPTY_PASSWORD: 1
      MYSQL_USER: user
      MYSQL_PASSWORD: password
      MYSQL_DATABASE: test
    ports:
      - 3306:3306

Save this file as docker-compose.yaml and run docker-compose up in the same directory. Once the server is up and running, you can connect via the mysql client with the following command:

mysql -h 127.0.0.1 -uuser -ppassword

This docker-compose.yaml sets up a MySQL database with a default database and user. Other services can be added to create a local multi-node environment for development and tests. You can iterate on this setup to test different configurations and scenarios.

Licenses

Chainguard Images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" version of this image:

  • Apache-2.0

  • Artistic-1.0-Perl

  • BSD-3-Clause

  • CC-PDDC

  • GCC-exception-3.1

  • GPL-1.0-or-later

  • GPL-2.0-only

For a complete list of licenses, please refer to this Image's SBOM.

Software license agreement

Category
application
databases

Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images