MySQLd Docker Container

This project creates a container from the latest, official, MySQL image using Docker Compose.

It demonstrates:

• Using the pre-built image from the official, public repository.
• Protecting sensitive data (MYSQL_ROOT_PASSWORD, MYSQL_USER, and MYSQL_PASSWORD) using Docker secrets.
  • Sensitive data are stored in respective files in an env folder that is not committed to the repo. These data are passed to the build process using the Docker secrets pattern. Each of these files contain precisely 1 secret.
• Initialization of a custom database from a separately created MySQL dump and persisted using a Docker volume.
• Custom MySQL configuration using a Docker bind mount to a conf.d folder in the project home. This facilitates effecting configuration changes through a container (or mysql server) restart without the need for rebuilding the container.
• Mapping MySQL default port 3306 to the host for use of tools like dBeaver or MySQL Workbench in dev environments.

Docker Secrets

As an alternative to passing sensitive information via environment variables to the container, the string "_FILE" is appended to environment variable references in the Docker Compose YAML, causing the initialization script to load the values for those variables from files present in the container.

In particular, this is used to load passwords from Docker secrets stored in /run/secrets/<secret_name> files inside the container.

To enable this, create an env folder and the following three files with the listed content:

1. MYSQL_ROOT_PASSWORD - password that will be set for the MySQL 'root' superuser account
2. MYSQL_USER - custom user that will be granted superuser permissions Both variables are required for a user to be created.
3. MYSQL_PASSWORD - password for the custom user

These files are NOT committed to the repo.

"docker-compose up -d"

"docker -it mysqld mysql -u <MYSQL_USER -p"

"mysql -h localhost -P 3306 --protocol=tcp -u localadmin -p"