mysql icon indicating copy to clipboard operation
mysql copied to clipboard

Published 20 hours ago verified publisher icon docker-library

Plugin load failed in mysql container

Open zyz9740 opened this issue 1 year ago • 2 comments

How to reproduce:

docker run -d --name=my-mysql --env="MYSQL_ROOT_PASSWORD=123456" --publish 13306:3306 --volume=./mysql/my.cnf:/etc/my.cnf mysql/mysql-server:8.0.32

my.cnf:

[mysqld]
skip-host-cache
skip-name-resolve
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
secure-file-priv=/var/lib/mysql-files
user=mysql
pid-file=/var/run/mysqld/mysqld.pid

plugin-load=validate_password.so
validate-password=FORCE_PLUS_PERMANENT
validate_password_length=14
validate_password_mixed_case_count=1
validate_password_number_count=1
validate_password_special_char_count=1
validate_password_policy=MEDIUM

I want to load plugin validate_password.so. But when I run this container, an error is thrown.

[Entrypoint] MySQL Docker Image 8.0.32-1.2.11-server
[Entrypoint] Initializing database
2023-06-26T06:32:06.714619Z 0 [Warning] [MY-011068] [Server] The syntax '--skip-host-cache' is deprecated and will be removed in a future release. Please use SET GLOBAL host_cache_size=0 instead.
2023-06-26T06:32:06.714784Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.0.32) initializing of server in progress as process 17
2023-06-26T06:32:06.723393Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2023-06-26T06:32:07.160560Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2023-06-26T06:32:07.632283Z 0 [Warning] [MY-013501] [Server] Ignoring --plugin-load[_add] list as the server is running with --initialize(-insecure).
2023-06-26T06:32:08.786765Z 0 [ERROR] [MY-000067] [Server] unknown variable 'validate-password=FORCE_PLUS_PERMANENT'.
2023-06-26T06:32:08.786799Z 0 [ERROR] [MY-013236] [Server] The designated data directory /var/lib/mysql/ is unusable. You can remove all files that the server added to it.
2023-06-26T06:32:08.786805Z 0 [ERROR] [MY-010119] [Server] Aborting
2023-06-26T06:32:11.167569Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 8.0.32)  MySQL Community Server - GPL.

I think this error is caused by this line https://github.com/docker-library/mysql/blob/master/8.0/docker-entrypoint.sh#L238C1-L238C1, container use mysql use option "-initialize-insecure" to initialize datadir. Option "-initialize-insecure" will ignore plugin-load, causing the option "validate-password" not recognized.

My question is how to load plugin in mysql container? Is it designed to have no capability to load plugin ?

zyz9740 avatar Jun 24 '23 06:06 zyz9740

Finally, I find a workaround to bypass the check in option "-initialize-insecure". The way is separating the initialization and real container starting.

At first, you should create a MySQL container to initialize the data directory used by real MySQL container. An example is as below. DATADIR="/opt/ledgepark/prvaas_db"

docker run --name=mysql-initializer -d -e MYSQL_ROOT_PASSWORD=123456 -v $DATADIR:/var/lib/mysql -v ./my-initialize.cnf:/etc/my.cnf -v ./paas.sql:/docker-entrypoint-initdb.d/init.sql mysql/mysql-server:8.0.32
echo "Wait 10s to initialize mysql data directory"
sleep 10
docker logs mysql-initializer
docker stop mysql-initializer
docker rm mysql-initializer
sudo rm $DATADIR/mysql.sock.lock

There are many tips

  1. You should map the data directory used by real MySQL container to the initializer to init it
  2. You should put other initialization options in the "mysql-initializer" as well, including root password environment variable, init sql script etc.
  3. Prepare a new my.cnf without any plugin (just like the my-initialize.cnf above)
  4. Sometimes this problem occurs. That is the reason for the last cmd.

Then you can start mysql container smoothly without error because the docker-entrypoint.sh will skip the initialization.

But I think MySQL container should have a better method to load plugin instead of this weird approach. So I do not close this issue.

zyz9740 avatar Jul 26 '23 06:07 zyz9740

Nice workaround @zyz9740. This helped me get around errors I was struggling with trying to set up a cluster of MySQL containers running MySQL group replication. To be able to do that, I needed to be able to load the group_replication.so plugin.

I agree that there should be some mechanism built into the MySQL image that allows for the loading of plugins.

robwhess avatar May 03 '24 16:05 robwhess