ER_HOST_NOT_PRIVILEGED - docker container fails to connect to mariadb
Solution 1
The error you are receiving is caused by the fact that MariaDB thinks you are not authorized to connect to the server. This means that you haven't created a database user for the Node.js app or the grants for that user are incorrect.
A fool-proof way to solve this is to create a separate user for the Node.js application. You can automate this by writing the following SQL into a file and mounting the volume into /docker-entrypoint-initdb.d
.
CREATE USER 'my-app-user'@'%' IDENTIFIED BY 'my-app-password';
GRANT ALL ON *.* TO 'my-app-user'@'%';
Change the username and password accordingly and reduce the given privileges from the ALL
privilege. You can also change the wildcard hostname %
to a specific IP address or hostname.
Solution 2
Simply run this sql query:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password'
(assuming that you are connecting as the root user)
RedGiant
Updated on September 07, 2022Comments
-
RedGiant over 1 year
I'm trying to get a docker container to work with mariadb and node.js images. The container will use an existing database in
/home/mysql
. However, when the container is launched, I'm getting this "failed to connect" error in node.js:Error: ER_HOST_NOT_PRIVILEGED: Host '172.18.0.5' is not allowed to connect to this MariaDB server
Here's my docker-compose.yml:
version: '3' services: mariadb: image: mariadb restart: always volumes: - /home/mysql:/var/lib/mysql user: "mysql" ports: - "3306:3306" watch: build: . restart: always links: - mariadb:mysql environment: - DOCKER_IP=172.18.0.2 depends_on: ['mariadb'] ports: - "3000:3000"
After reading this thread, I found that mysql is actually running, but it fails to let other services connect:
These are some of the steps I have checked. As you can see, I can log in to the mysql instance:
$ docker exec -it 552aae9ea09c bash mysql@552aae9ea09c:/$ mysql -u root -p Enter password: ******* MariaDB [(none)]> SELECT host, user FROM mysql.user; +-------------+------------------+ | host | user | +-------------+------------------+ | 127.0.0.1 | root | | ::1 | root | | someusername| | | someusername| root | | localhost | | | localhost | dbusername | | localhost | databasename | | localhost | root | +-------------+------------------+ 8 rows in set (0.00 sec) mysql@552aae9ea09c:/$ mysqld --verbose --help | grep bind-address 2017-11-13 17:35:40 139825857279872 [Note] Plugin 'FEEDBACK' is disabled. --bind-address=name IP address to bind to. bind-address (No default value)
One thing to note is that even though I've explicitly set the user to
mysql
in the yml file, these three files in /home/mysql:ib_logfile0
,ib_logfile1
,ib_buffer_pool
are still under the group ofsystemd-journal-remote
, which I suspect has something to do with the connection failure.(reference)