Supported tags and respective
Where to file issues:
the Docker Community
Supported Docker versions:
the latest release (down to 1.6 on a best-effort basis)
What is MariaDB?
MariaDB is a community-developed fork of the MySQL relational database management system intended to remain free under the GNU GPL. Being a fork of a leading open source software system, it is notable for being led by the original developers of MySQL, who forked it due to concerns over its acquisition by Oracle. Contributors are required to share their copyright with the MariaDB Foundation.
The intent is also to maintain high compatibility with MySQL, ensuring a "drop-in" replacement capability with library binary equivalency and exact matching with MySQL APIs and commands. It includes the XtraDB storage engine for replacing InnoDB, as well as a new storage engine, Aria, that intends to be both a transactional and non-transactional engine perhaps even included in future versions of MySQL.
How to use this image
mariadb server instance
Starting a MariaDB instance is simple:
$ docker run --name some-mariadb -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mariadb:tag
some-mariadb is the name you want to assign to your container,
my-secret-pw is the password to be set for the MySQL root user and
tag is the tag specifying the MySQL version you want. See the list above for relevant tags.
Connect to MySQL from an application in another Docker container
Since MariaDB is intended as a drop-in replacement for MySQL, it can be used with many applications.
This image exposes the standard MySQL port (3306), so container linking makes the MySQL instance available to other application containers. Start your application container like this in order to link it to the MySQL container:
$ docker run --name some-app --link some-mariadb:mysql -d application-that-uses-mysql
Connect to MariaDB from the MySQL command line client
The following command starts another
mariadb container instance and runs the
mysql command line client against your original
mariadb container, allowing you to execute SQL statements against your database instance:
$ docker run -it --link some-mariadb:mysql --rm mariadb sh -c 'exec mysql -h"$MYSQL_PORT_3306_TCP_ADDR" -P"$MYSQL_PORT_3306_TCP_PORT" -uroot -p"$MYSQL_ENV_MYSQL_ROOT_PASSWORD"'
some-mariadb is the name of your original
This image can also be used as a client for non-Docker or remote MariaDB instances:
$ docker run -it --rm mariadb mysql -hsome.mysql.host -usome-mysql-user -p
More information about the MySQL command line client can be found in the MySQL documentation
docker stack deploy or
# Use root/example as user/password credentials version: '3.1' services: db: image: mariadb restart: always environment: MYSQL_ROOT_PASSWORD: example adminer: image: adminer restart: always ports: - 8080:8080
docker stack deploy -c stack.yml mariadb (or
docker-compose -f stack.yml up), wait for it to initialize completely, and visit
http://host-ip:8080 (as appropriate).
Container shell access and viewing MySQL logs
docker exec command allows you to run commands inside a Docker container. The following command line will give you a bash shell inside your
$ docker exec -it some-mariadb bash
The MariaDB Server log is available through Docker's container log:
$ docker logs some-mariadb
Using a custom MySQL configuration file
The MariaDB startup configuration is specified in the file
/etc/mysql/my.cnf, and that file in turn includes any files found in the
/etc/mysql/conf.d directory that end with
.cnf. Settings in files in this directory will augment and/or override settings in
/etc/mysql/my.cnf. If you want to use a customized MySQL configuration, you can create your alternative configuration file in a directory on the host machine and then mount that directory location as
/etc/mysql/conf.d inside the
/my/custom/config-file.cnf is the path and name of your custom configuration file, you can start your
mariadb container like this (note that only the directory path of the custom config file is used in this command):
$ docker run --name some-mariadb -v /my/custom:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mariadb:tag
This will start a new container
some-mariadb where the MariaDB instance uses the combined startup settings from
/etc/mysql/conf.d/config-file.cnf, with settings from the latter taking precedence.
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to your new config file so that the container will be allowed to mount it:
$ chcon -Rt svirt_sandbox_file_t /my/custom
Configuration without a
Many configuration options can be passed as flags to
mysqld. This will give you the flexibility to customize the container without needing a
cnf file. For example, if you want to change the default encoding and collation for all tables to use UTF-8 (
utf8mb4) just run the following:
$ docker run --name some-mariadb -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mariadb:tag --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
If you would like to see a complete list of available options, just run:
$ docker run -it --rm mariadb:tag --verbose --help
When you start the
mariadb image, you can adjust the configuration of the MariaDB instance by passing one or more environment variables on the
docker run command line. Do note that none of the variables below will have any effect if you start the container with a data directory that already contains a database: any pre-existing database will always be left untouched on container startup.
This variable is mandatory and specifies the password that will be set for the MariaDB
root superuser account. In the above example, it was set to
This variable is optional and allows you to specify the name of a database to be created on image startup. If a user/password was supplied (see below) then that user will be granted superuser access (corresponding to
GRANT ALL) to this database.
These variables are optional, used in conjunction to create a new user and to set that user's password. This user will be granted superuser permissions (see above) for the database specified by the
MYSQL_DATABASE variable. Both variables are required for a user to be created.
Do note that there is no need to use this mechanism to create the root superuser, that user gets created by default with the password specified by the
This is an optional variable. Set to
yes to allow the container to be started with a blank password for the root user. NOTE: Setting this variable to
yes is not recommended unless you really know what you are doing, since this will leave your MariaDB instance completely unprotected, allowing anyone to gain complete superuser access.
This is an optional variable. Set to
yes to generate a random initial password for the root user (using
pwgen). The generated root password will be printed to stdout (
GENERATED ROOT PASSWORD: .....).
As an alternative to passing sensitive information via environment variables,
_FILE may be appended to the previously listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in
/run/secrets/<secret_name> files. For example:
$ docker run --name some-mysql -e MYSQL_ROOT_PASSWORD_FILE=/run/secrets/mysql-root -d mariadb:tag
Currently, this is only supported for
Initializing a fresh instance
When a container is started for the first time, a new database with the specified name will be created and initialized with the provided configuration variables. Furthermore, it will execute files with extensions
.sql.gz that are found in
/docker-entrypoint-initdb.d. Files will be executed in alphabetical order. You can easily populate your
mariadb services by mounting a SQL dump into that directory and provide custom images with contributed data. SQL files will be imported by default to the database specified by the
Where to Store Data
Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the
mariadb images to familiarize themselves with the options available, including:
- Let Docker manage the storage of your database data by writing the database files to disk on the host system using its own internal volume management. This is the default and is easy and fairly transparent to the user. The downside is that the files may be hard to locate for tools and applications that run directly on the host system, i.e. outside containers.
- Create a data directory on the host system (outside the container) and mount this to a directory visible from inside the container. This places the database files in a known location on the host system, and makes it easy for tools and applications on the host system to access the files. The downside is that the user needs to make sure that the directory exists, and that e.g. directory permissions and other security mechanisms on the host system are set up correctly.
The Docker documentation is a good starting point for understanding the different storage options and variations, and there are multiple blogs and forum postings that discuss and give advice in this area. We will simply show the basic procedure here for the latter option above:
- Create a data directory on a suitable volume on your host system, e.g.
mariadbcontainer like this:
$ docker run --name some-mariadb -v /my/own/datadir:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mariadb:tag
-v /my/own/datadir:/var/lib/mysql part of the command mounts the
/my/own/datadir directory from the underlying host system as
/var/lib/mysql inside the container, where MySQL by default will write its data files.
Note that users on host systems with SELinux enabled may see issues with this. The current workaround is to assign the relevant SELinux policy type to the new data directory so that the container will be allowed to access it:
$ chcon -Rt svirt_sandbox_file_t /my/own/datadir
No connections until MySQL init completes
If there is no database initialized when the container starts, then a default database will be created. While this is the expected behavior, this means that it will not accept incoming connections until such initialization completes. This may cause issues when using automation tools, such as
docker-compose, which start several containers simultaneously.
Usage against an existing database
If you start your
mariadb container instance with a data directory that already contains a database (specifically, a
mysql subdirectory), the
$MYSQL_ROOT_PASSWORD variable should be omitted from the run command line; it will in any case be ignored, and the pre-existing database will not be changed in any way.
Creating database dumps
Most of the normal tools will work, although their usage might be a little convoluted in some cases to ensure they have access to the
mysqld server. A simple way to ensure this is to use
docker exec and run the tool from the same container, similar to the following:
$ docker exec some-mariadb sh -c 'exec mysqldump --all-databases -uroot -p"$MYSQL_ROOT_PASSWORD"' > /some/path/on/your/host/all-databases.sql
View license information for the software contained in this image.
As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
Some additional license information which was able to be auto-detected might be found in the
As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.