Home > Article > Operation and Maintenance > What to do if docker container mysql authorization fails
In recent years, Docker container technology has been more and more widely used in various application scenarios. It provides a lightweight, rapid deployment and management method, making application development and operation and maintenance more efficient. When using Docker container technology, we may encounter some problems, such as MySQL authorization failure in the container. This article explains how to resolve this issue.
MySQL authorization failure in the Docker container may lead to issues such as access denial. This situation is usually caused by user authorization not being set correctly in the container. In Docker containers, there are two main methods for MySQL user authorization: password-based authorization and authentication plug-in-based authorization.
Password-based authorization
In password-based authorization, MySQL users need to create an account password in the container and use these credentials for authorization when accessing the container from the outside. You can create a MySQL account through the following steps:
First, we need to enter the MySQL server in the container, which can be done with the following command Implementation:
docker exec -it mysql-container mysql -u root -p
This command will start an interactive terminal and connect to the MySQL server in the container.
In the MySQL terminal, you can use the following command to create a new user:
CREATE USER 'newuser'@'%' IDENTIFIED BY 'password';
Where, 'newuser' is the new user's Username, '%' means that the user can be accessed from any IP address, 'password' is the password of the new user.
Similarly, in the MySQL terminal, you can use the following command to authorize new users:
GRANT ALL PRIVILEGES ON *.* TO 'newuser'@'%';
This command will grant new users Access to all databases and tables.
Finally, in order for the changes to take effect, we need to refresh the permissions:
FLUSH PRIVILEGES;
Now, the new user has been successfully created and authorized, The MySQL container can be accessed externally using its username and password.
Authentication plug-in-based authorization
In authentication plug-in-based authorization, the MySQL server uses external authentication plug-ins for user authentication, such as using SSL certificates, Kerberos, etc., for more secure Authenticate the user. In a Docker container, the authentication plugin can be set up using the following steps:
In order to use the authentication plugin, we need to install the plugin into the MySQL server in the Docker container. This can be achieved by following these steps:
docker cp auth_plugin.so mysql-container:/usr/lib/mysql/plugin/
This command copies the plugin file auth_plugin.so to the /usr/lib/mysql/plugin/ directory in the container.
Then, we need to enable the plugin in the MySQL configuration file. The configuration file can be modified with the following command:
docker exec -it mysql-container bash vi /etc/mysql/my.cnf
In the section that enables the authentication plug-in, you need to add the following lines:
[mysqld] plugin-load = auth_plugin.so
In In the MySQL terminal, we need to create a user based on the plug-in. This can be achieved through the following command:
CREATE USER 'newuser'@'%' IDENTIFIED WITH auth_plugin AS 'cred';
Where, 'newuser' is the user name of the new user, and '%' means that the user can access from any IP address For access, 'cred' is a credential encrypted string used to authenticate the user when using the plugin.
Similarly, in the MySQL terminal, we need to use the following command to authorize the new user:
GRANT ALL PRIVILEGES ON *.* TO 'newuser'@'%';
This command will grant the new user User access to all databases and tables.
Finally, we need to refresh permissions:
FLUSH PRIVILEGES;
Now, the plug-in-based user has been successfully created and authorized, and can be used Its credentials are used to access the MySQL container from outside.
Summary
In a Docker container, MySQL authorization failure may cause problems such as access denial. This article introduces two MySQL user authorization methods: password-based authorization and authentication plug-in-based authorization. Regardless of which method is used, user authorization needs to be set up correctly to access the MySQL server in the container from the outside.
The above is the detailed content of What to do if docker container mysql authorization fails. For more information, please follow other related articles on the PHP Chinese website!