Remove usage of the `VOLUME` instruction

[polarathene]

The VOLUME instruction should be removed from the image build.

• Containers already persist state internally until the container is destroyed (for example, an image upgraded to a new tag).
• Proper persistence externally should be explicit.

mariadb-docker/Dockerfile.template

Line 137 in 91ba0cc

VOLUME /var/lib/mysql

mariadb-docker/Dockerfile-ubi.template

Line 103 in 91ba0cc

VOLUME /var/lib/mysql

---

Anonymous volumes are created when an image has a VOLUME instruction. They will initialize by copying any of the existing content at the mount point (unlike a bind mount volume which typically replaces content at the mount point):

• With docker run --rm ..., each container instance started will create a new anonymous volume. Without the --rm, these will accumulate pointlessly while the user may not be aware of this implicit waste on their system.
• Docker Compose behaves differently, with additional logic to preserve the same anonymous volume across instances of the container for a given compose project.

---

The VOLUME instruction provides no value to an image. It only causes problems.

For detailed justification, please see below context for my previous write-up on this subject:

• fix: Dockerfile - VOLUME directive is an anti-pattern kanidm/kanidm#2948
• Dockerfile: Remove VOLUME instruction ory/hydra#3683
• Remove VOLUME instructions caddyserver/caddy-docker#118 (comment)
• Example of implicit 2GB disk usage per container instance (not applicable to images with empty VOLUME published, but clearly documents a VOLUME concern)

[polarathene]

Unable to reproduce previous failure

I am aware of a past issue for this request that cited a bug report for why VOLUME was necessary, but without sufficient information I am not sure how to reproduce it:

# Attempt to reproduce error logs from MDEV-28751:
# https://jira.mariadb.org/browse/MDEV-28751?focusedCommentId=231171&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-231171

services:
  db:
    image: mariadb:10.6.8
    environment:
      MARIADB_ROOT_PASSWORD: secret
    configs:
      - source: custom_datadir
        target: /etc/mysql/mariadb.conf.d/01_customapp.cnf

# Use a custom config to set DB storage to a container location that isn't `VOLUME` mounted:
configs:
  custom_datadir:
    content: |
      [mariadb]
      datadir=/srv

Another comment in that same bug report but from 2025, notes the issue appears to be fixed in newer versions of MariaDB. That's a bit misleading as I've used the exact version a past comment shared with logs, so something else in the environment is to blame.

---

Logs for comparison

$ docker compose up

db-1  | 2025-02-18 01:31:41+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.6.8+maria~focal started.
db-1  | 2025-02-18 01:31:42+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
db-1  | 2025-02-18 01:31:42+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.6.8+maria~focal started.
db-1  | 2025-02-18 01:31:42+00:00 [Note] [Entrypoint]: Initializing database files
db-1  |
db-1  |
db-1  | PLEASE REMEMBER TO SET A PASSWORD FOR THE MariaDB root USER !
db-1  | To do so, start the server, then issue the following command:
db-1  |
db-1  | '/usr/bin/mysql_secure_installation'
db-1  |
db-1  | which will also give you the option of removing the test
db-1  | databases and anonymous user created by default.  This is
db-1  | strongly recommended for production servers.
db-1  |
db-1  | See the MariaDB Knowledgebase at https://mariadb.com/kb
db-1  |
db-1  | Please report any problems at https://mariadb.org/jira
db-1  |
db-1  | The latest information about MariaDB is available at https://mariadb.org/.
db-1  |
db-1  | Consider joining MariaDB's strong and vibrant community:
db-1  | https://mariadb.org/get-involved/
db-1  |
db-1  | 2025-02-18 01:31:43+00:00 [Note] [Entrypoint]: Database files initialized
db-1  | 2025-02-18 01:31:43+00:00 [Note] [Entrypoint]: Starting temporary server
db-1  | 2025-02-18 01:31:43+00:00 [Note] [Entrypoint]: Waiting for server startup
db-1  | 2025-02-18  1:31:43 0 [Note] mariadbd (server 10.6.8-MariaDB-1:10.6.8+maria~focal) starting as process 127 ...
db-1  | 2025-02-18  1:31:43 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
db-1  | 2025-02-18  1:31:43 0 [Note] InnoDB: Number of pools: 1
db-1  | 2025-02-18  1:31:43 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
db-1  | 2025-02-18  1:31:43 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: Using Linux native AIO
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: Completed initialization of buffer pool
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: 128 rollback segments are active.
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: Creating shared tablespace for temporary tables
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
db-1  | 2025-02-18  1:31:44 0 [Note] InnoDB: 10.6.8 started; log sequence number 42173; transaction id 14
db-1  | 2025-02-18  1:31:44 0 [Note] Plugin 'FEEDBACK' is disabled.
db-1  | 2025-02-18  1:31:44 0 [Warning] 'user' entry 'root@13212ad74a63' ignored in --skip-name-resolve mode.
db-1  | 2025-02-18  1:31:44 0 [Warning] 'proxies_priv' entry '@% root@13212ad74a63' ignored in --skip-name-resolve mode.
db-1  | 2025-02-18  1:31:44 0 [Note] mariadbd: ready for connections.
db-1  | Version: '10.6.8-MariaDB-1:10.6.8+maria~focal'  socket: '/run/mysqld/mysqld.sock'  port: 0  mariadb.org binary distribution
db-1  | 2025-02-18 01:31:44+00:00 [Note] [Entrypoint]: Temporary server started.
db-1  | Warning: Unable to load '/usr/share/zoneinfo/leap-seconds.list' as time zone. Skipping it.
db-1  | Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
db-1  | Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
db-1  | 2025-02-18 01:31:47+00:00 [Note] [Entrypoint]: Securing system users (equivalent to running mysql_secure_installation)
db-1  |
db-1  | 2025-02-18 01:31:47+00:00 [Note] [Entrypoint]: Stopping temporary server
db-1  | 2025-02-18  1:31:47 0 [Note] mariadbd (initiated by: root[root] @ localhost []): Normal shutdown
db-1  | 2025-02-18  1:31:47 0 [Note] InnoDB: FTS optimize thread exiting.
db-1  | 2025-02-18  1:31:47 0 [Note] InnoDB: Starting shutdown...
db-1  | 2025-02-18  1:31:47 0 [Note] InnoDB: Dumping buffer pool(s) to /srv/ib_buffer_pool
db-1  | 2025-02-18  1:31:47 0 [Note] InnoDB: Buffer pool(s) dump completed at 250218  1:31:47
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Shutdown completed; log sequence number 42185; transaction id 15
db-1  | 2025-02-18  1:31:48 0 [Note] mariadbd: Shutdown complete
db-1  |
db-1  | 2025-02-18 01:31:48+00:00 [Note] [Entrypoint]: Temporary server stopped
db-1  |
db-1  | 2025-02-18 01:31:48+00:00 [Note] [Entrypoint]: MariaDB init process done. Ready for start up.
db-1  |

I'm not quite sure about the logs preceding, but here's the last part of the logs output that is relevant for comparison:

db-1  | 2025-02-18  1:31:48 0 [Note] mariadbd (server 10.6.8-MariaDB-1:10.6.8+maria~focal) starting as process 1 ...
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Number of pools: 1
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
db-1  | 2025-02-18  1:31:48 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Using Linux native AIO
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Completed initialization of buffer pool
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: 128 rollback segments are active.
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Creating shared tablespace for temporary tables
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: 10.6.8 started; log sequence number 42185; transaction id 14
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Loading buffer pool(s) from /srv/ib_buffer_pool
db-1  | 2025-02-18  1:31:48 0 [Note] Plugin 'FEEDBACK' is disabled.
db-1  | 2025-02-18  1:31:48 0 [Note] InnoDB: Buffer pool(s) load completed at 250218  1:31:48
db-1  | 2025-02-18  1:31:48 0 [Warning] You need to use --log-bin to make --expire-logs-days or --binlog-expire-logs-seconds work.
db-1  | 2025-02-18  1:31:48 0 [Note] Server socket created on IP: '0.0.0.0'.
db-1  | 2025-02-18  1:31:48 0 [Note] Server socket created on IP: '::'.
db-1  | 2025-02-18  1:31:48 0 [Note] mariadbd: ready for connections.
db-1  | Version: '10.6.8-MariaDB-1:10.6.8+maria~focal'  socket: '/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution

Compared to the reference log for this version of MariaDB that should fail?:

Aug 01 11:59:18 kali systemd[1]: Starting MariaDB 10.6.8 database server...
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] /usr/sbin/mariadbd (server 10.6.8-MariaDB-1) starting as process 3957 ...
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Number of pools: 1
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Using liburing
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Completed initialization of buffer pool

Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [ERROR] InnoDB: Plugin initialization aborted with error I/O error
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Starting shutdown...
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [ERROR] InnoDB: Operating system error number 22 in a file operation.
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [ERROR] InnoDB: Error number 22 means 'Invalid argument'
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [Note] InnoDB: Some operating system error numbers are described at https://mariadb.com/kb/en/library/operating-system-error-codes/
Aug 01 11:59:18 kali mariadbd[3957]: 2022-08-01 11:59:18 0 [ERROR] InnoDB: File (unknown): 'close' returned OS error 222. Cannot continue operation
Aug 01 11:59:18 kali mariadbd[3957]: 220801 11:59:18 [ERROR] mysqld got signal 6 ;

Reproduction environment

Reproduction was on an older system with 5.15 kernel and Ubuntu:

$ uname -a
Linux my-system 5.15.123.1-microsoft-standard-WSL2 #1 SMP Mon Aug 7 19:01:48 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

However this is via Docker Desktop with WSL2, that may run the container from a separate WSL2 distro instance and thus be a newer kernel. docker info reports the Ubuntu kernel, not sure if that's designed to report the kernel of the docker CLI client or the daemon itself 🤷‍♂

$ docker info

Client:
 Version:    26.1.1
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.14.0-desktop.1
    Path:     /usr/local/lib/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.27.0-desktop.2
    Path:     /usr/local/lib/docker/cli-plugins/docker-compose

The other cited issue in the past VOLUME remove request noted 6.7 kernel (Jan 2024) as fixing the issue reported (which mentions uring for I/O, a notable difference in my logs vs the reference logs). I considered the kernel for backport of that fix as it's an LTS kernel but you can see from the date (Aug 2023) the kernel was before the patch in Dec 2023, so unlikely.

[grooverdan]

This is quite a campaign against VOLUME. Quite a few kernel attributed bugs are referenced here, some are overlayfs related which gets used more when there is no VOLUME. [MDEV-34577](https://jira.mariadb.org/browse/MDEV-34577] is also an example discovered recently with /tmp, not a VOLUME and hence being overlayfs causing issues.

I saw somewhere you recently discovered the -v flag with docker-compose down to remove anon volumes.

I totally get that VOLUME, persistence and permissions is a bit of a interleaved mess, once we get past kernel bugs, so getting to the bottom of this won't be quick.

[polarathene]

I do appreciate the valuable references for where VOLUME can avoid some bugs when no explicit volume is mounted.

I suppose like with other images I've raised this issue with, I'm just confused why so many users of the image would be relying on implicit anonymous volumes to persist data that is valuable to them? Seems like an anti-pattern?

---

This is quite a campaign against VOLUME

Yes, because it often doesn't make any pragmatic sense to endorse that?

Persist data explicitly (and avoid other pitfalls you've noted at the same time?).. Choosing to use VOLUME to silence any issues by default without the user thinking about it is to benefit what use-case where explicit volumes aren't warranted?

I'm only familiar with the kernel specific issues through these MariaDB issues citing them (although I could not reproduce on my system with the earlier one).

I know of a bug that's long existed with Docker that had LimitNOFILE=infinity to set ulimit -Sn / ulimit -Hn to 2^20 or 2^30 depending on the system. That default was breaking quite a bit of software not prepared for file descriptor ranges that large, including databases like MySQL IIRC. The report you link to was with kubernetes, which may still be prone to such (last I heard k8s provides no equivalent feature to override per container, Docker has a half-fix since v25 and once it upgrades to containerd 2.0 it'll be the much more sane default of 1024:524288). This caused regressions such as commands going from 1s to 10 minutes or even over an hour to complete depending on overhead induced, other software triggered OOM from allocating quite a bit more memory (MySQL was known for this, but they've since fixed it on their end as have various other software adding guards or newer syscalls when available).

No clue if that contributes to the various VOLUME related issues you discover in some way indirectly, but it's definitely been a notable difference from a host environment.

---

I saw somewhere you recently discovered the -v flag with docker-compose down to remove anon volumes.

Yes, I'm aware of three different flags for different compose commands that can be used as a workaround.

That doesn't help less experienced users who are more likely to implicitly get hit by various caveats that VOLUME causes when the container entrypoint could alternatively enforce a check on the existence of a directory (via explicit mount or opt-out of check via ENV). That paired with some mention on the DockerHub/registry README would suffice? (some images also don't document the VOLUME paths at all, nor what non-root UID/GID they default or switch to).

---

One of my main gripes is (kernel related concerns you've cited aside) the primary motivation for using VOLUME elsewhere is to pair it with compose.yaml, so anyone without an explicit mount to persist their data doesn't lose it when upgrading the image by changing the image tag.

Sounds helpful... except the anonymous volume is tied to the service name. If you don't know to destroy that volume first, you might assume as the user that changing from MariaDB to MySQL would use a new anonymous volume implicitly... but since they share the same VOLUME path the existing volume data will be used. Should that existing DB have any incompatibility then that won't go smoothly (the mysql image may get a bug report that their image doesn't work, and the maintainers perhaps cannot reproduce).

It's a bit worse with images that have a more generic VOLUME like Redis/Valkey/MongoDB all sharing /data. For other services with generic names, that concern is at wider risk of leaking sensitive data unintentionally as well. Should the image opt to change the VOLUME path for some reason, they now also have that friction of the impact on users that for whatever reason relied on such to persist data of value 🤦‍♂ (why would that be something to encourage?)

It does not help that Docker's own docs from Sep 2014 remain unchanged and endorse / encourage using VOLUME and that many official images continue to do so, thus new image authors may think it's the right thing to do, completely unaware of these caveats.