Can not access mysql docker

I am using docker-compose to create mysql container. I get host IP 172.21.0.2. But when I connect mysql. I get error:

  1. My docker-compose.yml:

    version: '2'
    services:
    
    ### Mysql container
        mysql:
          image: mysql:latest
          ports:
           - "3306:3306"
          volumes:
           - /var/lib/mysql:/var/lib/mysql
         environment:
           MYSQL_ROOT_PASSWORD: root
           MYSQL_DATABASE: test_db
           MYSQL_USER: test
           MYSQL_PASSWORD: test_pass
    
  2. Get my host IP docker inspect db_mysql_1 | grep IPAddress

    "IPAddress": "172.21.0.2",

  3. Access mysql: mysql -h 172.21.0.2 -P 3306 -u root -proot.

    ERROR 1130 (HY000): Host '172.21.0.1' is not allowed to connect to this MySQL server

How can I connect to mysql container?

You can pass an extra environment variable when starting the MySQL container MYSQL_ROOT_HOST=<ip> this will create a root user with permission to login from given IP address. In case where you want to allow login from any IP you can specify MYSQL_ROOT_HOST=%.

This will work only for a newly created containers.

When spinning new container:

docker run --name some-mysql -e MYSQL_ROOT_HOST=% -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:latest

In compose file it would be:

version: '2'
services:

Mysql container

mysql:
image: mysql:latest
ports:
- “3306:3306”
volumes:
- /var/lib/mysql:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: test_db
MYSQL_USER: test
MYSQL_PASSWORD: test_pass
MYSQL_ROOT_HOST: ‘%’ # needs to be enclosed with quotes

In my case. I deleted the volumes configuration and it worked.

This way it worked for me:

MYSQL_ROOT_HOST: '%'

This is what worked for me:

docker exec -it mysql1 mysql -u root -p
update mysql.user set host='%' where user='root' and host = 'localhost';
flush privileges;

change mysql1 to your container name.

P.S: I'm not using docker-compose.

When you connect to a MySQL server, it checks it’s GRANT table (the "user" table in the "mysql| database on the MySQL server) against the IP address of the connecting MySQL client machine. If there are NO MATCHING ENTRIES in the "host" column in the "user" table in the "mysql" database, MySQL will IMMEDIATELY CLOSE THE CONNECTION with ERROR 1130.

Check if the client is able to get to port 3306 (the MySQL port) on the database server:

telnet 172.21.0.2 3306
Trying ::1...
Connected to 172.21.0.2.
Escape character is '^]'.

You should log in to the MySQL server, and run "mysql" to check the grants table:

# mysql mysql

mysql> SELECT host,user FROM user;
+-----------------+-----------+
| host            | user      |
+-----------------+-----------+
| 172.21.0.5      | root      |
| 172.21.0.4      | root      |
| 127.0.0.1       | root      |
| ::1             | root      |
| localhost       | root      |

"root" is authorized to connect from several IP addresses, but not from the client IP 172.21.0.1. So, just add GRANT access from that IP:

mysql> GRANT ALL PRIVILEGES ON root.* TO 'your_db'@'172.21.0.1' IDENTIFIED BY 'Password';
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

Then, check your connection.