Docker Library – Official MariaDB Image Maintenance

The Docker Library official MariaDB image is now maintained by the MariaDB Foundation, and has been for the last six months. If you didn’t notice, we’ll take that as a compliment, as the previous maintainers of Docker Library from Infosiftr were doing a good job already. Infosiftr still provide valuable quality assurance on the releases before they get to you.

What’s Changed?

What we have done, with assistance from you, our community, is:

Timezones

• Continued the parting contribution by Infosiftr MARIADB_* environment names and added MARIADB_INITDB_SKIP_TZINFO for consistency.
• Allowed the timezone to be changed.

Passwords

• The environment MYSQL_ALLOW_EMPTY_PASSWORD was only ever for the root user. It did confuse some users expecting this to apply to non-root users. MARIADB_ALLOW_EMPTY_ROOT_PASSWORD is a small deviation of the naming change, however it is more clear.
• MARIADB_RANDOM_ROOT_PASSWORD/MYSQL_RANDOM_ROOT_PASSWORD is significantly more complex, meaning enabling strict_password_validation is possible, as the passwords satisfy the complexity requirements.
• MARIADB_ROOT_PASSWORD and MARIADB_PASSWORD are properly shell and SQL escaped such that you can use any password, in any SQL MODE, right down to trailing new lines, and it will set accurately. I challenge you to find a valid password that now isn’t accepted by the container.

MariaDB Configurations

• A shared volume of a unix socket now has its permissions set correctly.
• Corrected a long standing issue with MariaDB configuration files having different locations on different versions.

Security, Quality and Testing

• A large and maintained test suite for the container entrypoint that is run on pull requests and commits using GitHub actions.
• Integrated the test suite into the MariaDB development CI, so they will continue to work on release.
• Used https://archive.mariadb.org for repository URLs to preserve long term compatibility as mentioned in a previous blog entry.
• Building the container now pulls packages using https.

Documentation and Naming

• Updated the documentation on https://hub.docker.com/_/mariadb.
• Container log messages now reference MariaDB.

New Features

• Zstd compressed SQL files are now supported in the docker-entrypoint-initdb.d directory.
• Libjemalloc is installed and can be used with the environment LD_PRELOAD=/usr/lib/$debarch-linux-gnu/libjemalloc.so.2 (.1 on MariaDB-10.2 images), where $debarch is architecture name like x86_64, aarch64, powerpc64le or s390x. Using this will have the server perform non mmaped memory allocations with jemalloc.
• Added IBM Linux on Z, s390x, support into the 10.5 and 10.6 images thanks to the use of hardware by IBM.

What’s next?

Next up is:

• MDEV-25670 Apply mariadb_upgrade in containers
• MDEV-25434 Include a healthcheck script in the container. It won’t be enabled by default however.
• MDEV-25855 Added support for Galera replication with cluster auto bootstrapping
• Anything else you request that can be delivered with stability

If you have any improvement suggestions please let us know.