Create a Custom MariaDB Container with Raspberry PI and Docker (32-bit)
Last Updated on 9th December 2022 by peppe8o
Raspberry PI has an ARM architecture. While newer boards have 64-bit ARM CPU, some users may need support for old official Raspberry PI OS versions still running at 32-bit and many Docker official images are unable to run directly in your PI. One of the most common needs for my projects regards using containerized MariaDB database.
MariaDB is a fork of MySQL. It can be used with the same MySQL clients and applications and uses the same SQL syntax. MariaDB uses by default 3306 port.
In this article I’ll show you how to create your custom container with MariaDB in your Raspberry PI with Docker and docker-compose, starting from the Debian base image. Please note that the 64-bit Raspberry PI OS can use directly the official MariaDB docker image.
What We Need
As usual, I suggest adding from now to your favourite e-commerce shopping cart all the needed hardware, so that at the end you will be able to evaluate overall costs and decide if to continue with the project or remove them from the shopping cart. So, hardware will be only:
- Raspberry PI Computer Board (including proper power supply or using a smartphone micro USB charger with at least 3A)
- high speed micro SD card (at least 16 GB, at least class 10)
I’ll be using a Raspberry PI 3 model A+, but this guide applies also to newer Raspberry PI boards.
Check hardware prices with the following links:
Step-by-Step Procedure
We’ll use docker-compose to create a MariaDB container. This way, you can just reuse my YAML file with additional services composing your custom stack. Or you can leave it all as-is, creating a simple MariaDB instance.
docker-compose.yml calls a build command to create our MariaDB container from the Debian base image. With this image, MariaDB is installed via apt and then it is setup for external access outside the container (add port mapping for external exposing or include containers on the same docker network).
Prepare Operating System with Raspberry PI OS Lite
We need to start from an up to date operating system base (please refer to install Raspberry PI OS Lite guide), including Docker and docker-compose setup (please refer to install Docker in your Raspberry PI guide both for Docker and docker-compose).
From the terminal, update – if not still done – your OS:
sudo apt update -y && sudo apt upgrade -y
Create Configuration Files
Create a directory (docker uses by default your directory name for stack naming) and enter it:
mkdir myMariaDB
cd myMariaDB
This directory will include the following files we are going to create:
- Dockerfile (used to build MariaDB container)
- mySqlScript.sql (used for first boot SQL statements)
- docker-compose.yml (used to create or remove MariaDB stack)
Dockerfile:
nano Dockerfile
Copy and paste the following content into your Dockerfile:
FROM debian
RUN apt update -y && apt install mariadb-server -y
RUN sed -i 's/bind-address/bind-address = 0.0.0.0 #/i' /etc/mysql/mariadb.conf.d/50-server.cnf
RUN mkdir /mysql_scripts
COPY mySqlScript.sql /mysql_scripts/
RUN /etc/init.d/mariadb start && mysql -uroot --password="" -e "source /mysql_scripts/mySqlScript.sql"
CMD /etc/init.d/mariadb start && tail -f /dev/null
This dockerfile is used by the build command to create our custom image.
“FROM debian” indicates that we are going to start from the Debian base image. “latest” tag will be added by default from docker and it will be downloaded from the Docker repository if not still present in your docker installation.
“RUN apt update -y && apt install mariadb-server -y” will execute inside our container and update and install MariaDB from the Debian repository.
“RUN sed -i ‘s/bind-address….” will enable external access to your container. It edits MariaDB bind-address in server configs from binding only localhost to binding external access. You can also restrict access by using a more precise network to allow. Please take care of using the correct number of spaces (12 between “bind-address” and “= 127.0.0.1”) because the sed instruction executes an “exact match” find and replace operation.
“RUN mkdir /mysql_scripts” creates a folder where to store our SQL scripts, while “COPY mySqlScript.sql /mysql_scripts/” copies our custom SQL script (described later) from the host to the container.
“RUN /etc/init.d/mariadb start && mysql -uroot –password=”” -e “source /mysql_scripts/mySqlScript.sql” “starts MariaDB service and executes copied script logging-in as root with default MariaDB root password (empty). It is a good security practice after our MariaDB container will be ready, to change the root password.
Last row is “CMD /etc/init.d/mariadb start && tail -f /dev/null”. You could ask why repeating MariaDB starts and why using a useless “tail -f /dev/null”. There is a very simple reason: containers are designed to be as ephemeral as possible. So, every docker container stays up if its internal main process is active and running. With the docker build, the main process for the custom container becomes the last CMD command. So you need to give something to do to your container to be kept alive from docker. Otherwise, you will experience a container going continuously down with exit code 0 (no error).
mySqlScript.sql
nano mySqlScript.sql
Copy and paste the following content:
create user myMariadbUser@'%' identified by 'myMariadbPassword';
grant all privileges on *.* to myMariadbUser@'%';
flush privileges;
quit
Change myMariadbUser and myMariadbPassword with your favourite ones and reduce privileges according to your needs. You can include in this file other statements (like create a database or create table) to customize and automate your database initialization.
Rows included in my example simply create a user with a password and give it full remote control.
docker-compose.yml
nano docker-compose.yml
Copy and paste the following content:
#My MariaDB
version: '3'
services:
database:
build: .
restart: always
This is the simplest YAML file that creates a service.
Customize it by adding more options like, for example, port mapping (to expose service externally), volumes mapping (to save persistent copies of your data/config folders) and links (to simplify containers connection).
Dot near build statement tells docker that it will find Dockerfile inside the same directory where it is launched.
Execute Docker-Compose
With all the work prepared in previous files, container creation becomes as simple as launching from the same directory where files are stored following command:
docker-compose up -d
You will see docker downloading the Debian image (if not available locally), updating aptitude repositories, and installing and configuring your MariaDB container.
Note for “At least one invalid signature was encountered.” error
After some release upgrades, a few people encountered an error on “docker-compose up -d” command. This error reports something similar to the following output:
Step 2/7 : RUN apt-get update -y && apt-get install mariadb-server -y
—> Running in 432c6c634d35
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [113 kB]
Err:1 http://security.debian.org/debian-security bullseye-security InRelease
At least one invalid signature was encountered.
Err:2 http://deb.debian.org/debian bullseye InRelease
At least one invalid signature was encountered.
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [36.8 kB]
Err:3 http://deb.debian.org/debian bullseye-updates InRelease
At least one invalid signature was encountered.
With the container not running at all.
The root cause of the problem seems to be in libseccomp version installed by default on Raspberry PI OS. The newer version of libseccomp fixes the problem, but it is not yet available in Debian’s stable repository (from apt) and you need to install it manually. From the terminal, download the deb package:
wget http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.4-1+b2_armhf.deb
Then install the package:
sudo dpkg -i libseccomp2_2.5.4-1+b2_armhf.deb
This will solve the “At least one invalid signature was encountered” error. Then you can go on as for this tutorial with:
docker-compose up -d
Check the MariaDB Container Is Running
At the process end, you will find your service running with the simple docker ps command:
pi@raspberrypi:~/myMariaDB $ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
be53f72f5974 mymariadb_database "/bin/sh -c '/etc/in…" 29 seconds ago Up 26 seconds mymariadb_database_1
You will also find your image ready to use (with a previously downloaded Debian one):
pi@raspberrypi:~/myMariaDB $ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mymariadb_database latest 34302c7bc147 About a minute ago 535MB
debian latest 808b13323d0b 3 weeks ago 92.8MB
What’s Next
If you want to discover many other projects for your Raspberry PI, you can take a look at peppe8o Raspberry PI tutorials.
Enjoy!
If you are looking for a job, check -> Jooble
Hi
Thank you for your guidance…..
Nice work !
But your solution are missing the last step for been useful to “ordinary” people.
Your solution provides a UNIX socket.
But “ordinary” people are using TCP port 3306 and PhpMyadmin.
Can you tell the changes ? Especially WHERE to correct…
**
I am working on a larger site in order to create documentation on a 16 cores RaspBerry Pi hardware, software, Docker and WordPress.. -> Supercomputing
Inside docker environment, this MariaDB container exposes its service with the build command:
RUN sed -i ‘s/bind-address/bind-address = 0.0.0.0 #/i’ /etc/mysql/mariadb.conf.d/50-server.cnf
(This build command adds the binding to external connections with “bind-address = 0.0.0.0” config)
And sql script command:
grant all privileges on *.* to myMariadbUser@’%’;
(this grants remote access to “myMariadbUser”)
If you want to connect database container from outside docker environment, you need to add “EXPOSE 3306/tcp” to Dockerfile and run container with “-p 3306:3306” option in docker run command to map ports
Hi peppe8o
unfortunately, I can’t respond to your answer for libseccomp2, so I will do it here.
This solution helped me SOO f*** much. I spend too much time on this problem and your solution FINALLY helped me.
THANK YOU SO MUCH
I wish you all the best!
I’m very happy that this solved the issue. Thank you for your feedback and remember to share my blog with your friends 😉
Hi, I’m trying to create an image with MariaDb using your steps but it threw an error:
Step 2/7 : RUN apt-get update -y && apt-get install mariadb-server -y
---> Running in 432c6c634d35
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [113 kB]
Err:1 http://security.debian.org/debian-security bullseye-security InRelease
At least one invalid signature was encountered.
Err:2 http://deb.debian.org/debian bullseye InRelease
At least one invalid signature was encountered.
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [36.8 kB]
Err:3 http://deb.debian.org/debian bullseye-updates InRelease
At least one invalid signature was encountered.
I added apt-get because even apt isn’t working. Do you know something about this error?
It’s either a problem or Docker or that Debian version.
Try to use another version of Debian while it hopefully will be fixed soon.
E.g.
FROM debian:buster
Thanks Rob
Yep Rob, It works, thanks a lot using buster version I was able to create my mariadb container.
How did you get it to work?
Hi,
The root cause of the problem seems to be in libseccomp version installed by default on Raspberry PI OS. The newer version of libseccomp fixes the problem, but it is not yet available in Debian’s stable repos (from apt) and you need to install it manually. From terminal, download the deb package:
wget http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.1-1_armhf.deb
Then install it:
sudo dpkg -i libseccomp2_2.5.1-1_armhf.deb
This will solve the “At least one invalid signature was encountered” error.
Please also note that I had to edit also the Dockerfile according to latest MariaDB changes. So copy the one in this updated page instead of older.
Then you can go on as for this tutorial with:
docker-compose up -d
Hi,
wget http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.1-1_armhf.deb
leads to a 404 error
Too bad!
Hi Gerhard,
Please try the following link instead, it seems that the order version has been removed and the new one is now available:
http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.3-2_armhf.deb
Also remember to correct the dpkg command with correct filename
Cannot find a more uptodate file…
pi@raspberrypi:~/myMariaDB $ wget http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.3-2_armhf.deb
--2022-10-03 21:01:50-- http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.3-2_armhf.deb
Resolving ftp.de.debian.org (ftp.de.debian.org)... 141.76.2.4
Connecting to ftp.de.debian.org (ftp.de.debian.org)|141.76.2.4|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2022-10-03 21:01:50 ERROR 404: Not Found.
Could you point me in the right direction?
Hi Matt. Did you starte from a fresh Raspberry PI OS installation?
Hi Matt,
the libseccomp2 changed to a newer version… (again).
The new link should be found with this command:
wget http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.4-1+b2_armhf.deb
and then:
sudo dpkg -i libseccomp2_2.5.4-1+b2_armhf.deb
Hope this fiexs your error and sorry for the late solution…