Mariadb service does not start with trident volume while dockerhost have public IP

mariadb container does not start mariabdb service while dockerhost have a public ip, everything else looks good. The volume is visible the netapp trident volume is mapped into the container to /var/lib/mysql. Data is accessible. Rights are correct. Volume is read write.
the container is running only the mariadb service doenst come up. Changing the dokerhost IP back to internal ip
the mariadb service starts without any issues.

We tried to create the volume while dockerhost has its Internet IP but in this case unix permissions are wrong

bash-5.1# ls -ld /var/lib/mysql
drwxrwxrwt 2 mysql mysql 4096 Sep 20 13:39 /var/lib/mysql

we are not using kubernetes only docker, docker-compose with netapp trident plugin

  • Trident version: latest from this month
  • Container runtime: 20.10.24+dfsg1, build 297e128
  • docker-compose version: version 1.29.2, build unknown
  • OS: Debian12
  • NetApp backend types: Netapp AFF A400

To Reproduce
changing dockerhost to public ip

trident config

{
"version": 1,
"storageDriverName": "ontap-nas-economy",
"storagePrefix": "trident_eco_prod_labs_",
"managementLIF": "172.16.21.100",
"dataLIF": "172.16.21.31",
"svm": "corp_trident",
"username": "USER",
"password": "PASSWORD",
"aggregate": "n01_aggr1",
"limitVolumeSize": "300g",
"log-level": "debug",
"debug": true
}

docker-compose.yml

---
services:
guacd:
image: guacamole/guacd
networks:
- local

guac-serve:
image: guacamole/guacamole
links:
- guacd:guacd
- mariadb:mysql
ports:
- 8080:8080
environment:
- MYSQL_LOG_CONSOLE=true
- MYSQL_HOSTNAME=mariadb
- MYSQL_DATABASE=guacamole
- MYSQL_USER=guacamole
- MYSQL_PASSWORD=PASSWORD
- GUACD_HOSTNAME=guacd
- GUACD_PORT=4822
networks:
- local

mariadb:
image: mariadb:11.5
environment:
- TZ=Europe/Berlin
- MYSQL_ROOT_PASSWORD=PASSWORD
- MYSQL_DATABASE=guacamole
- MYSQL_USER=guacamole
- MYSQL_PASSWORD=PASSWORD
volumes:
- debian12_guacamole:/var/lib/mysql
networks:
- local

volumes:
debian12_guacamole:
driver: trident_eco:latest # Ensure this matches your plugin name
# driver_opts:
# size: "30G"

networks:

local:
driver: bridge

First of all, please, indent your compose yaml properly in the code block. If you share an invalid yaml you make it harder to everyone to understand it.

The issue you descrive doesn’t make sense to me. An IP address of the host has nothing to do with file permissions and how a container starts. You also use an outdated docker compose (switch to compose v2) and an old Docker engine. At least I guess it is the docker engine version you shared.

How exactly did you install Docker?

Please share the output of following commands:

docker version
docker info
dpkg -l | grep docker
root@debian12test:~/guacamole# docker version
Client:
 Version:           20.10.24+dfsg1
 API version:       1.41
 Go version:        go1.19.8
 Git commit:        297e128
 Built:             Thu May 18 08:38:34 2023
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server:
 Engine:
  Version:          20.10.24+dfsg1
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.19.8
  Git commit:       5d6db84
  Built:            Thu May 18 08:38:34 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.20~ds1
  GitCommit:        1.6.20~ds1-1+b1
 runc:
  Version:          1.1.5+ds1
  GitCommit:        1.1.5+ds1-1+deb12u1
 docker-init:
  Version:          0.19.0
  GitCommit:
root@debian12test:~/guacamole# docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  compose: Docker Compose (Docker Inc., v2.29.7)

Server:
 Containers: 3
  Running: 3
  Paused: 0
  Stopped: 0
 Images: 5
 Server Version: 20.10.24+dfsg1
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc io.containerd.runc.v2 io.containerd.runtime.v1.linux
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 1.6.20~ds1-1+b1
 runc version: 1.1.5+ds1-1+deb12u1
 init version:
 Security Options:
  apparmor
  seccomp
   Profile: default
  cgroupns
 Kernel Version: 6.1.0-25-amd64
 Operating System: Debian GNU/Linux 12 (bookworm)
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 1.921GiB
 Name: debian12test
 ID: 2DC5:U2GD:BOD4:GEOC:7345:7LCN:QNDH:KJH2:VCL5:WQ3N:E5CI:PPZM
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8

Please, format your post according to the following guide: How to format your forum posts
In short: please, use </> button to share codes, terminal outputs, error messages or anything that can contain special characters which would be interpreted by the MarkDown filter. Use the preview feature to make sure your text is formatted as you would expect it and check your post after you have sent it so you can still fix it.

Example code block:

```
echo "I am a code."
echo "An athletic one, and I wanna run."
```

After fixing your post, please send a new comment so people are notified about the fixed content.


sorry about the single posts. The Application said new user can only post 2 links. Thats why

root@debian12test:~/guacamole# dpkg -l | grep docker
ii  docker-compose                  1.29.2-3                       all          define and run multi-container Docker applications with YAML
ii  docker-compose-plugin           2.29.7-1~debian.12~bookworm    amd64        Docker Compose (V2) plugin for the Docker CLI.
ii  docker.io                       20.10.24+dfsg1-1+b3            amd64        Linux container runtime
ii  python3-docker                  5.0.3-1                        all          Python 3 wrapper to access docker.io's control socket
ii  python3-dockerpty               0.4.1-4                        all          Pseudo-tty handler for docker Python client (Python 3.x)
---
services:
  guacd:
    image: guacamole/guacd
    networks:
      - local

  guac-serve:
    image: guacamole/guacamole
    links:
      - guacd:guacd
      - mariadb:mysql
    ports:
      - 8080:8080
    environment:
      - MYSQL_LOG_CONSOLE=true
      - MYSQL_HOSTNAME=mariadb
      - MYSQL_DATABASE=guacamole
      - MYSQL_USER=guacamole
      - MYSQL_PASSWORD=QSlabs2024!#
      - GUACD_HOSTNAME=guacd
      - GUACD_PORT=4822
    networks:
      - local

  mariadb:
    image: mariadb:11.5
    environment:
      - TZ=Europe/Berlin
      - MYSQL_ROOT_PASSWORD=QSlabs2024!#
      - MYSQL_DATABASE=guacamole
      - MYSQL_USER=guacamole
      - MYSQL_PASSWORD=QSlabs2024!#
    volumes:
#      - ./resolv.conf:/etc/resolv.conf
      - debian12_guacamole:/var/lib/mysql
#      - ./50-server.cnf:/etc/mysql/mariadb.conf.d/50-server.cnf
    networks:
      - local

volumes:
  debian12_guacamole:
    driver: qskills:latest  # Ensure this matches your plugin name
#    driver_opts:
#      size: "30G"

networks:
  db:
    driver: bridge
  local:
    driver: bridge
root@debian12test:~/guacamole# docker compose version
Docker Compose version v2.29.7

I don’t know this volume plugin, but have you tried if it works, if you use it with vanilla docker-ce from docker’s repositories?
You can install it following these instruction: https://docs.docker.com/engine/install/debian/

The packages of os maintainers may or may not be modified to align with the philosophy of the distribution.

If it does not work with vanilla docker-ce, I would suggest asking the maintainer of the volume plugin about the behavior you experience. If a volume plugin is used, docker delegates the management to the plugin itself.

And I didn’t even notice there was a volume plugin

So you have v2 as well. Good, make sure you alwys use that.