Raspberry PI has an ARM architecture. While newer boards has 64-bit ARM CPU, official Raspberry PI OS is still running at 32-bit and many Docker official images are unable to run directly in your PI. One of most common need for my projects regards using containerized MariaDB database.
MariaDB is a fork of MySQL. It can be used with same MySQL clients and applications and uses same sql sintax. MariaDB uses by default 3306 port.
In this article I’ll show you how to create your custom container with MariaDB in your Raspberry PI with Docker and docker-compose, starting from Debian base image.
What We Need
As usual, I suggest adding from now to your favourite e-commerce shopping cart all needed hardware, so that at the end you will be able to evaluate overall costs and decide if continuing with the project or removing them from the shopping cart. So, hardware will be only:
- Raspberry PI (including proper power supply or using a smartphone micro usb charger with at least 3A)
- micro SD card (at least 16 GB, at least class 10)
I’ll be using a Raspberry PI 3 model A+, but this guide applies also to newer Raspberry PI boards.
Check hardware prices with the following links:
Step-by-Step Procedure
We’ll use docker-compose to create MariaDB container. This way, you can just reuse my yaml file with additional services composing your custom stack. Or you can leave all as-is, creating a simple MariaDB instance.
docker-compose.yml calls a build command to create our MariaDB container from Debian base image. With this image, MariaDB is installed via apt and then it is setup for external access outside the container (add port mapping for external exposing or include containers on same docker network).
Prepare Operating System with Raspberry PI OS Lite
We need to start from an up to date operating system base (please refer to install Raspberry PI OS Lite guide), including Docker and docker-compose setup (please refer to install Docker in your Raspberry PI guide both for Docker and docker-compose).
From the terminal, update – if not still done – your OS:
sudo apt update -y && sudo apt upgrade -yCreate Configuration Files
Create a directory (docker uses by default your directory name for stack naming) and enter it:
mkdir myMariaDB
cd myMariaDBThis directory will include following files we are going to create:
- Dockerfile (used to build mariadb container)
- mySqlScript.sql (used for first boot sql statements)
- docker-compose.yml (used to create or remove mariadb stack)
Dockerfile:
nano DockerfileCopy and paste following content in your Dockerfile:
FROM debian
RUN apt update -y && apt install mariadb-server -y
RUN sed -i 's/bind-address/bind-address = 0.0.0.0 #/i' /etc/mysql/mariadb.conf.d/50-server.cnf
RUN mkdir /mysql_scripts
COPY mySqlScript.sql /mysql_scripts/
RUN /etc/init.d/mariadb start && mysql -uroot --password="" -e "source /mysql_scripts/mySqlScript.sql"
CMD /etc/init.d/mariadb start && tail -f /dev/nullThis dockerfile is used by the build command to create our custom image.
“FROM debian” indicates that we are going to start from Debian base image. “latest” tag will be added by default from docker and it will be downloaded from Docker repository if not still present in your docker installation.
“RUN apt update -y && apt install mariadb-server -y” will execute inside our container and update and install MariaDB from Debian repository.
“RUN sed -i ‘s/bind-address….” will enable external access to your container. It edits MariaDB bind-address in server configs from binding only localhost to binding external access. You can also restrict access by using a more precise network to allow. Please take care on using the correct number of spaces (12 between “bind-address” and “= 127.0.0.1”) because sed instruction executes an “exact match” find and replace operation.
“RUN mkdir /mysql_scripts” creates a folder where to store our SQL scripts, while “COPY mySqlScript.sql /mysql_scripts/” copies our custom SQL script (described later) from host to the container.
“RUN /etc/init.d/mariadb start && mysql -uroot –password=”” -e “source /mysql_scripts/mySqlScript.sql” “starts MariaDB service and executes copied script logging-in as root with default MariaDB root password (empty). It is a good security practice after our MariaDB container will be ready, to change root password.
Last row is “CMD /etc/init.d/mariadb start && tail -f /dev/null”. You could ask why repeating MariaDB start and why using a useless “tail -f /dev/null”. There is a very simple reason: containers are designed to be as ephemeral as possible. So, every docker container stays up if its internal main process is active and running. With docker build, the main process for custom container becomes the last CMD command. So you need to give something to do to your container to be kept alive from docker. Otherwise, you will experience a container going continuously down with exit code 0 (no error).
mySqlScript.sql
nano mySqlScript.sqlCopy and paste the following content:
create user myMariadbUser@'%' identified by 'myMariadbPassword';
grant all privileges on *.* to myMariadbUser@'%';
flush privileges;
quitChange myMariadbUser and myMariadbPassword with your favourite ones and reduce privileges according to your needs. You can include in this file other statements (like create database or create table) to customize and automate your database initialization.
Rows included in my example simply create a user with a password and gives it full remote control.
docker-compose.yml
nano docker-compose.ymlCopy and paste the following content:
#My MariaDB
version: '3'
services:
database:
build: .
restart: alwaysThis is the simplest yaml file that creates a service.
Customize it by adding more options like, for example, port mapping (to expose service externally), volumes mapping (to save persistent copies of your data/config folders) and links (to simplify containers connection).
Dot near build statement tells docker that it will find Dockerfile inside the same directory where it is launched.
Execute Docker-Compose
With all the work prepared in previous files, container creation becomes as simple as launching from the same directory where files are stored following command:
docker-compose up -dYou will see docker downloading Debian image (if not available locally), updating aptitude repositories, installing and configuring your MariaDB container.
Note for “At least one invalid signature was encountered.” error
After some release upgrades, a few people encountered an error on “docker-compose up -d” command. This error reports something similar to the following output:
Step 2/7 : RUN apt-get update -y && apt-get install mariadb-server -y
—> Running in 432c6c634d35
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [113 kB]
Err:1 http://security.debian.org/debian-security bullseye-security InRelease
At least one invalid signature was encountered.
Err:2 http://deb.debian.org/debian bullseye InRelease
At least one invalid signature was encountered.
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [36.8 kB]
Err:3 http://deb.debian.org/debian bullseye-updates InRelease
At least one invalid signature was encountered.With container not running at all.
The root cause of the problem seems to be in libseccomp version installed by default on Raspberry PI OS. The newer version of libseccomp fixes the problem, but it is not yet available in Debian’s stable repos (from apt) and you need to install it manually. From terminal, download the deb package:
wget http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.1-1_armhf.debThen install the package:
sudo dpkg -i libseccomp2_2.5.1-1_armhf.debThis will solve the “At least one invalid signature was encountered” error. Then you can go on as for this tutorial with:
docker-compose up -dCheck the MariaDB Container Is Running
At the process end, you will find your service running with the simple docker ps command:
pi@raspberrypi:~/myMariaDB $ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
be53f72f5974 mymariadb_database "/bin/sh -c '/etc/in…" 29 seconds ago Up 26 seconds mymariadb_database_1You will also find your image ready to use (with previously downloaded Debian one):
pi@raspberrypi:~/myMariaDB $ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mymariadb_database latest 34302c7bc147 About a minute ago 535MB
debian latest 808b13323d0b 3 weeks ago 92.8MBEnjoy!
Hi
Thank you for your guidance…..
Nice work !
But your solution are missing the last step for been useful to “ordinary” people.
Your solution provides a UNIX socket.
But “ordinary” people are using TCP port 3306 and PhpMyadmin.
Can you tell the changes ? Especially WHERE to correct…
**
I am working on a larger site in order to create documentation on a 16 cores RaspBerry Pi hardware, software, Docker and WordPress.. -> Supercomputing
Inside docker environment, this MariaDB container exposes its service with the build command:
RUN sed -i ‘s/bind-address/bind-address = 0.0.0.0 #/i’ /etc/mysql/mariadb.conf.d/50-server.cnf
(This build command adds the binding to external connections with “bind-address = 0.0.0.0” config)
And sql script command:
grant all privileges on *.* to myMariadbUser@’%’;
(this grants remote access to “myMariadbUser”)
If you want to connect database container from outside docker environment, you need to add “EXPOSE 3306/tcp” to Dockerfile and run container with “-p 3306:3306” option in docker run command to map ports
Hi peppe8o
unfortunately, I can’t respond to your answer for libseccomp2, so I will do it here.
This solution helped me SOO f*** much. I spend too much time on this problem and your solution FINALLY helped me.
THANK YOU SO MUCH
I wish you all the best!
I’m very happy that this solved the issue. Thank you for your feedback and remember to share my blog with your friends 😉
Hi, I’m trying to create an image with MariaDb using your steps but it threw an error:
Step 2/7 : RUN apt-get update -y && apt-get install mariadb-server -y
—> Running in 432c6c634d35
Get:1 http://security.debian.org/debian-security bullseye-security InRelease [44.1 kB]
Get:2 http://deb.debian.org/debian bullseye InRelease [113 kB]
Err:1 http://security.debian.org/debian-security bullseye-security InRelease
At least one invalid signature was encountered.
Err:2 http://deb.debian.org/debian bullseye InRelease
At least one invalid signature was encountered.
Get:3 http://deb.debian.org/debian bullseye-updates InRelease [36.8 kB]
Err:3 http://deb.debian.org/debian bullseye-updates InRelease
At least one invalid signature was encountered.
I added apt-get because even apt isn’t working. Do you know something about this error?
It’s either a problem or Docker or that Debian version.
Try to use another version of Debian while it hopefully will be fixed soon.
E.g.
FROM debian:buster
Thanks Rob
Yep Rob, It works, thanks a lot using buster version I was able to create my mariadb container.
How did you get it to work?
Hi,
The root cause of the problem seems to be in libseccomp version installed by default on Raspberry PI OS. The newer version of libseccomp fixes the problem, but it is not yet available in Debian’s stable repos (from apt) and you need to install it manually. From terminal, download the deb package:
wget http://ftp.de.debian.org/debian/pool/main/libs/libseccomp/libseccomp2_2.5.1-1_armhf.debThen install it:
sudo dpkg -i libseccomp2_2.5.1-1_armhf.debThis will solve the “At least one invalid signature was encountered” error.
Please also note that I had to edit also the Dockerfile according to latest MariaDB changes. So copy the one in this updated page instead of older.
Then you can go on as for this tutorial with:
docker-compose up -d