You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Chris Bradford <ch...@outlook.com> on 2016/12/09 17:51:50 UTC
Docker Deployemnt Issues :: mysql grant fails due to
skip-name-resolve mode
I've been working my way through deploying guacamole via docker and have hit a snag. My deployment process is as below:
# Obtain docker images
sudo docker pull glyptodon/guacd
sudo docker pull glyptodon/guacamole
sudo docker pull mysql
# Create script to prepare MySQL Database
sudo docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
# Make a scripts folder to pass-through to container
sudo mkdir /tmp/scripts
sudo cp initdb.sql /tmp/scripts
# Create mysql container
sudo docker run --name guac-mysql -v /tmp/scripts:/tmp/scripts -e MYSQL_ROOT_PASSWORD='<password>' -d mysql:latest
# Start guacd
sudo docker run --name some-guacd -d glyptodon/guacd
# Configure database
sudo docker exec -it guac-mysql /bin/bash
mysql -u root -p'<password>'
CREATE DATABASE guacamole;
CREATE USER 'guacamole'@'localhost' IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO 'guacamole'@'localhost';
At this point the GRANT statement returns a warning. When I execute "SHOW WARNINGS;" I get: "MySQL is started in --skip-name-resolve mode; you must restart it without this switch for this grant to work"
It turns out that by default the mysql docker image has "skip-name-resolve" enabled by default, which stops the grant from working. There is an open request to change this here: https://github.com/docker-library/mysql/issues/154
For now my workaround is as below (it's not pretty and I would welcome any other suggestions!) - I simply map a blank docker.cnf file through to the container, effectively overwriting the configuration causing this problem.
# Obtain docker images
sudo docker pull glyptodon/guacd
sudo docker pull glyptodon/guacamole
sudo docker pull mysql
# Create script to prepare MySQL Database
sudo docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
# Make a scripts folder to pass-through to container : modified
sudo mkdir /tmp/scripts
sudo cp initdb.sql /tmp/scripts
sudo touch /tmp/scripts/docker.cnf
# Create mysql container : modified
sudo docker run --name guac-mysql -v /tmp/scripts:/tmp/scripts -e MYSQL_ROOT_PASSWORD='<password>' -d mysql:latest
sudo docker run --name guac-mysql -v /tmp/scripts:/tmp/scripts -v /tmp/scripts/docker.cnf:/etc/mysql/conf.d/docker.cnf -e MYSQL_ROOT_PASSWORD='<password>' -d mysql:latest
# Start guacd
sudo docker run --name some-guacd -d glyptodon/guacd
# Configure database
sudo docker exec -it guac-mysql /bin/bash
mysql -u root -p'<password>'
CREATE DATABASE guacamole;
CREATE USER 'guacamole'@'localhost' IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO 'guacamole'@'localhost';
FLUSH PRIVILEGES;
quit
# Execute DB Script
cat /tmp/scripts/initdb.sql | mysql -u root -p'<password>' guacamole
history -c
# Exit docker container shell
# Start guacamole client
sudo docker run --name some-guacamole --link some-guacd:guacd \
--link guac-mysql:mysql \
-e MYSQL_DATABASE='guacamole' \
-e MYSQL_USER='guacamole' \
-e MYSQL_PASSWORD='<password>' \
-d -p 8080:8080 glyptodon/guacamole
Re: Docker Deployemnt Issues :: mysql grant fails due to
skip-name-resolve mode
Posted by Chris Bradford <ch...@outlook.com>.
Never mind - fixed using the deployment steps below / avoiding workaround/ hack. Removed user@localhost definition:
# Configure database
docker exec -it guac-mysql /bin/bash
mysql -u root -p'<password>'
CREATE DATABASE guacamole;
CREATE USER 'guacamole' IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO 'guacamole';
FLUSH PRIVILEGES;
quit
# Execute DB Script
cat /tmp/scripts/initdb.sql | mysql -u root -p'<password>' guacamole
history -c
[...]
________________________________
From: Chris Bradford <ch...@outlook.com>
Sent: 09 December 2016 17:51:50
To: user@guacamole.incubator.apache.org
Subject: Docker Deployemnt Issues :: mysql grant fails due to skip-name-resolve mode
I've been working my way through deploying guacamole via docker and have hit a snag. My deployment process is as below:
# Obtain docker images
sudo docker pull glyptodon/guacd
sudo docker pull glyptodon/guacamole
sudo docker pull mysql
# Create script to prepare MySQL Database
sudo docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
# Make a scripts folder to pass-through to container
sudo mkdir /tmp/scripts
sudo cp initdb.sql /tmp/scripts
# Create mysql container
sudo docker run --name guac-mysql -v /tmp/scripts:/tmp/scripts -e MYSQL_ROOT_PASSWORD='<password>' -d mysql:latest
# Start guacd
sudo docker run --name some-guacd -d glyptodon/guacd
# Configure database
sudo docker exec -it guac-mysql /bin/bash
mysql -u root -p'<password>'
CREATE DATABASE guacamole;
CREATE USER 'guacamole'@'localhost' IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO 'guacamole'@'localhost';
At this point the GRANT statement returns a warning. When I execute "SHOW WARNINGS;" I get: "MySQL is started in --skip-name-resolve mode; you must restart it without this switch for this grant to work"
It turns out that by default the mysql docker image has "skip-name-resolve" enabled by default, which stops the grant from working. There is an open request to change this here: https://github.com/docker-library/mysql/issues/154
For now my workaround is as below (it's not pretty and I would welcome any other suggestions!) - I simply map a blank docker.cnf file through to the container, effectively overwriting the configuration causing this problem.
# Obtain docker images
sudo docker pull glyptodon/guacd
sudo docker pull glyptodon/guacamole
sudo docker pull mysql
# Create script to prepare MySQL Database
sudo docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
# Make a scripts folder to pass-through to container : modified
sudo mkdir /tmp/scripts
sudo cp initdb.sql /tmp/scripts
sudo touch /tmp/scripts/docker.cnf
# Create mysql container : modified
sudo docker run --name guac-mysql -v /tmp/scripts:/tmp/scripts -e MYSQL_ROOT_PASSWORD='<password>' -d mysql:latest
sudo docker run --name guac-mysql -v /tmp/scripts:/tmp/scripts -v /tmp/scripts/docker.cnf:/etc/mysql/conf.d/docker.cnf -e MYSQL_ROOT_PASSWORD='<password>' -d mysql:latest
# Start guacd
sudo docker run --name some-guacd -d glyptodon/guacd
# Configure database
sudo docker exec -it guac-mysql /bin/bash
mysql -u root -p'<password>'
CREATE DATABASE guacamole;
CREATE USER 'guacamole'@'localhost' IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole.* TO 'guacamole'@'localhost';
FLUSH PRIVILEGES;
quit
# Execute DB Script
cat /tmp/scripts/initdb.sql | mysql -u root -p'<password>' guacamole
history -c
# Exit docker container shell
# Start guacamole client
sudo docker run --name some-guacamole --link some-guacd:guacd \
--link guac-mysql:mysql \
-e MYSQL_DATABASE='guacamole' \
-e MYSQL_USER='guacamole' \
-e MYSQL_PASSWORD='<password>' \
-d -p 8080:8080 glyptodon/guacamole