mysql
mysql copied to clipboard
Published
20 hours ago •
docker-library
docker-library
Unable to upgrade to 8.0.30+
Currently I'm using mysql:8.0.29 we want to use latest image for mysql. However when image tag was changed in docker-compose file and brought up it tries to change ownership of ./sys dir and exits as it is read-only. This is a airgapped environment hence docker image is pushed by saving and loading the images as follows
- docker pull mysql:8.0.30
- docker save mysql:8.0.30 -o mysql-8.0.30.tar.gz
- mysql-8.0.30.tar.gz is downloaded in client server
- docker load -i mysql-8.0.30.tar.gz
Docker images were updated from 8.0.23 to 8.0.29 following same methid and we didn't face any. From 8.0.30 this issue pops up and looks like it is spread till latest tag. Log attached for reference.
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:98/power/autosuspend_delay_ms': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:98/power/runtime_status': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:98/power/runtime_usage': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:98/power/runtime_suspended_time': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:98/subsystem': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:98/status': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:98/uevent': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/adr': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/path': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/device:8b': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/device:8b/adr': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/device:8b/sun': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/device:8b/path': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/device:8b/eject': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/device:8b/power': Read-only file system
chown: changing ownership of './sys/devices/LNXSYSTM:00/device:00/PNP0A03:00/device:8a/device:8b/power/control': Read-only file system
---- truncated for ease of readablity ---
chown: changing ownership of './sys/module/nf_conntrack_ipv4/sections/.note.gnu.build-id': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/sections/__kcrctab_gpl': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/sections/__ksymtab_gpl': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/sections/.exit.text': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/sections/__ksymtab_strings': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/sections/.data..read_mostly': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/parameters': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/parameters/hashsize': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/refcnt': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/uevent': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/holders': Read-only file system
chown: changing ownership of './sys/module/nf_conntrack_ipv4/initsize': Read-only file system
chown: changing ownership of './sys/hypervisor': Read-only file system
Issue observed across:
mysql:8.0.30 mysql:8.0.31
Expected Behaviour:
Mysql docker container should start and run normally.
docker-compose file:
version: '3.6'
services:
mysql8:
image: mysql:8.0.29
environment:
- MYSQL_LOG_CONSOLE=true
- MYSQL_PORT=3306
container_name: MySQL
logging:
driver: "json-file"
options:
max-size: "5m"
max-file: "1"
restart: always
volumes:
- /drive1/MySQL/data:/var/lib/mysql
- /drive1/MySQL/config/my.cnf:/etc/mysql/conf.d/my.cnf:ro
- /usr/share/zoneinfo/Asia/Kolkata:/etc/localtime:ro
- /usr/share/zoneinfo/Asia/Kolkata:/etc/timezone:ro
ports:
- 3360:3306
network_mode: bridge
security_opt:
- seccomp:unconfined
my.cnf
[mysqld]
default_authentication_plugin=mysql_native_password
sql_mode = "STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION"
lower_case_table_names=1
max_connections = 10000
max_allowed_packet = 512M
connect_timeout = 60
net_read_timeout = 120
port = 3306
bind-address= 0.0.0.0
transaction-isolation = READ-COMMITTED
innodb_buffer_pool_size = 5G # (adjust value here, 50%-70% of total RAM)
innodb_log_file_size = 5G
innodb_flush_log_at_trx_commit = 1 # may change to 2 or 0
innodb_flush_method = O_DIRECT
innodb_autoinc_lock_mode =2
log-bin=bin.log
log-bin-index=bin-log.index
max_binlog_size=1G
binlog_format=row
expire-logs-days = 14
server_id = 0
Same here. Upgraded docker image from 8.0.28 > 8.0.31. Getting a ton of
# docker logs -f --tail 100 mysql
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/update_annotation_details.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/dataset_format_details.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/annotation_analytics_aggregation.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/generic_entity.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/initial_record_generation_configuration.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/image_dataset_format_details.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/image_metadata.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/annotation_collection.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/image_object_selection_entity.py': Read-only file system
chown: changing ownership of './usr/lib/mysqlsh/lib/python3.9/site-packages/oci/data_labeling_service_dataplane/models/record_aggregation_dimensions.py': Read-only file system
...
Like on every single file in the container.
Of course, running container with read_only: True and mounting only required volumes with rw
Figured out.
Unlike any previous 8.0.x image it was never required to set user: mysql as a docker container option. Now it is required.
@roman-vynar thanks a lot! I had the same issue, making mysql run the container fixed it.
as i understand correctly the fix is to add "user: mysql" under the mysql8 service
services:
mysql8:
image: mysql:8.0.35
user: mysql
the "user: mysql" option is specified under the mysql8 service. This option ensures that the MySQL process inside the Docker container runs with the mysql user instead of the default root user. This is a recommended security practice to limit potential vulnerabilities.
