cleanstart/mysql

Verified Publisher

By CleanStart

Updated about 1 hour ago

Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.

Image
Databases & storage
0

10K+

cleanstart/mysql repository overview

Container Documentation for Mysql Documentation

The CleanStart Mysql image provides a production-ready, security-hardened database server optimized for enterprise environments. Built on a minimal base OS with comprehensive security hardening, this image delivers reliable data storage with advanced security features.

📌 Base Foundation: Security-hardened, minimal base OS designed for enterprise containerized environments.

Image Path: cleanstart/mysql:latest

Registry: Docker Hub

Key Features

Core capabilities and strengths of this container

  • High-performance data storage and retrieval
  • ACID compliance and transaction support
  • Advanced indexing and query optimization
  • Enterprise-grade security and access control

Common Use Cases

Typical scenarios where this container excels

  • Primary database for web applications
  • Data warehousing and analytics workloads
  • High-availability database clusters
  • Development and testing environments

Pull Latest Image

Download the container image from the registry

docker pull cleanstart/mysql:latest
docker pull cleanstart/mysql:latest-dev

Basic Run

Run the container with basic configuration

docker run -it --name mysql -e MYSQL_ALLOW_EMPTY_PASSWORD=yes cleanstart/mysql:latest

Production Deployment

Deploy with production security settings

docker run -d --name mysql-prod \
  --security-opt=no-new-privileges \
  --restart unless-stopped \
  -e MYSQL_ROOT_PASSWORD=yourpassword \ 
  cleanstart/mysql:latest

Volume Mount

Mount local directory for persistent data

docker run -d \
  --name mysql-app \
  -p 3306:3306 \
  -v mysql-data:/var/lib/mysql \
  -e MYSQL_ALLOW_EMPTY_PASSWORD=yes \
  cleanstart/mysql:latest

Port Forwarding

Run with custom port mappings

docker run -p 8080:8080 -e MYSQL_ALLOW_EMPTY_PASSWORD=yes cleanstart/mysql:latest

Environment Variables

Configuration options available through environment variables

VariableDefaultDescription
PATH/var/lib/mysqlSystem PATH configuration
MYSQL_ROOT_PASSWORDPassword for the mysql superuser
MYSQL_ALLOW_EMPTY_PASSWORDno password
MYSQL_RANDOM_ROOT_PASSWORDyour password

Security Best Practices

Recommended security configurations and practices

  • Use specific image tags for production (avoid latest)
  • Configure resource limits: memory and CPU constraints
  • Enable read-only root filesystem when possible
  • Run containers with non-root user (--user 1000:1000)
  • Use --security-opt=no-new-privileges flag
  • Regularly update container images for security patches
  • Implement proper network segmentation
  • Monitor container metrics for anomalies

Kubernetes Security Context

Recommended security context for Kubernetes deployments

securityContext:
  runAsNonRoot: true
  runAsUser: 1000
  runAsGroup: 1000
  readOnlyRootFilesystem: true
  allowPrivilegeEscalation: false
  capabilities:
    drop:
      - ALL
## Documentation Resources Essential links and resources for further information

CleanStart Images: https://images.cleanstart.com/

Community Images:
Docker Hub: https://hub.docker.com/u/cleanstart
GitHub: https://github.com/cleanstart-containers
AWS ECR Public Gallery: https://gallery.ecr.aws/cleanstart/

Presence on Social Media:
Community: https://www.linkedin.com/groups/18324021/
YouTube: https://www.youtube.com/@CleanStartOfficial

Contribute to Container Use Cases: https://github.com/cleanstart-dev/cleanstart-use-cases/

Tag summary

Content type

Image

Digest

sha256:64e0ae478

Size

127.3 MB

Last updated

about 1 hour ago

docker pull cleanstart/mysql:9.7.1-arm64