'docker mysql - mis-matched host uid/gid

I have a mysql docker container that has its data and logs dirs separately mapped to host folders for performance reasons.

I'm using docker-compose to start the container with a group of other related services.

  --datadir=/var/lib/mysql/innodb-data 
  --innodb_log_group_home_dir=/var/lib/mysql/innodb-logs

The container dirs are mapped to the host files system via:

 volumes:
      - /db/mysql-innodb-data:/var/lib/mysql/innodb-data 
      - /db/mysql-innodb-logs:/var/lib/mysql/innodb-logs

My problem is that the MySQL container is setting the owner uid to 999. On the host system this maps to the user 'systemd-coredump'.

Instead I want the container to apply the uid for the hosts 'mysql' user.

I've looked at the MySQL docker container and it has the following logic:

docker_create_db_directories() {
    local user; user="$(id -u)"

    # TODO other directories that are used by default? like /var/lib/mysql-files
    # see https://github.com/docker-library/mysql/issues/562
    mkdir -p "$DATADIR"

    if [ "$user" = "0" ]; then
        # this will cause less disk access than `chown -R`
        find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
    fi
}

We can see that the above script applies the uid user the container runs under to the data directory. By default the container runs as root.

Given that root is uid 0 I don't actually see how this code is change the data-dirs directory to 999 and as such I suspect this code isn't actually the problem.

So I tried changing the user the container runs as to 'mysql'

 mysql:
    container_name: mysql
    image: mysql:8.0
    user: mysql

This changes the container user as expected but then MySQL couldn't start up as there are a number of config files that it can no longer read as it's not running as root.

Here is the full service section from my docker-compose:

mysql:
    container_name: mysql
    image: mysql:8.0
    restart: on-failure
    environment: 
      MYSQL_ROOT_PASSWORD: ${MYSQL_ADMIN_PASSWORD}
      MYSQL_DATABASE: ${MYSQL_SCHEMA}
    command: >
                 --user=mysql
                 --lower-case-table-names=1 
                 --datadir=/var/lib/mysql/innodb-data 
                 --innodb_log_group_home_dir=/var/lib/mysql/innodb-logs
                 --default-authentication-plugin=mysql_native_password
                 --max-allowed-packet=512M
                 --innodb_buffer_pool_instances=${MYSQL_INNODB_BUFFER_POOL_INSTANCES-32}
                 --innodb_buffer_pool_chunk_size=${MYSQL_INNODB_BUFFER_POOL_CHUNK_SIZE-8M}
                 --innodb_buffer_pool_size=${MYSQL_INNODB_BUFFER_POOL_SIZE-512M}
                 --table_open_cache=${MYSQL_TABLE_OPEN_CACHE-512}
                 --max_connections=${MYSQL_MAX_CONNECTIONS-98}
                 --innodb_flush_neighbors=0
                 --innodb_fast_shutdown=2
                 --innodb_flush_log_at_trx_commit=1
                 --innodb_flush_method=fsync
                 --innodb_doublewrite=0 
                 --innodb_use_native_aio=0
                 --innodb_read_io_threads=10
                 --innodb_write_io_threads=10
                 --slow_query_log_file=/tmp/mysql-slow.log --long-query-time=1
                 --slow_query_log

#    mem_limit: ${MYSQL_MEMORY}
    volumes:
      - /db/mysql-innodb-data:/var/lib/mysql/innodb-data 
      - /db/mysql-innodb-logs:/var/lib/mysql/innodb-logs
    network_mode: "host"
    logging:
      driver: "journald"


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source