SQL Server 2019 on Docker no longer runs as root by default

In my home lab I have an Ubuntu virtual machine that runs both SQL Server 2017 and SQL Server 2019 in Docker containers.

After SQL Server 2019 Release Candidate 1 was released, when I performed my usual migration to get the latest version, I noticed that the command line for the SQL Server instance was different.

I used sudo docker ps -a --no-trunc to see the full command, which is emulated below (note: this output is heavily abbreviated).

For reference, SQL Server 2017 on Docker ran as the root user (similar to Local Administrator on Windows Server). With SQL Server 2019, it no longer runs as root by default, but if you have performed an upgrade to 2019, your data files may have been created as the root user, so SQL Server has to run elevated to start correctly; this is performed by a script called permission_check.sh.

My friend Anthony Nocentino [ blog | Twitter ] reminded me of the command to view the full logs when a container starts up.

sudo docker logs SQL150 | head

Note how it says this container is running as root because the underlying master database file is owned by root.

That “learn more” link will redirect us to https://docs.microsoft.com/sql/linux/quickstart-install-connect-docker.

You can view the contents of the permission_check.sh file below, or share your thoughts in the comments.

Photo by Sergi Kabrera on Unsplash.
[…]

What is a container anyway?

Recently there was a thread on Twitter which established that a lot of IT people didn’t know the difference between virtual machines and containers. | ̄ ̄ ̄ ̄ ̄ ̄ ̄|| CONTAINERS || ARE NOT | | VIRTUAL || MACHINES || _________| (__/) || (•ㅅ•) || /   づ — Ian Coldwater ⎈ (@IanColdwater) June 9, 2019 I felt like this
-> Continue reading What is a container anyway?

Containers and data: you gotta keep ’em separated

There was an interesting conversation on Twitter recently, between Grant Fritchey (blog | twitter), Kenneth Fisher (blog | twitter), Anthony E. Nocentino (blog | twitter), Vicky Harp (twitter), and me about containers and SQL Server. Here’s the summary tweet: Already mentioned, you can use a persisted storage volume to keep your databases around (thanks @_randolph_west
-> Continue reading Containers and data: you gotta keep ’em separated

Ship Containers

SQL Server containers no longer being updated in the Docker registry

In October 2018, Microsoft announced a change to the source of their Docker containers. You should be using the new Microsoft Container Registry (MCR) as the source for official Docker container images for Microsoft products. While existing container images in the Docker Hub are not affected, you may not get updated images unless you switch.
-> Continue reading SQL Server containers no longer being updated in the Docker registry

It’s a UNIX system. I know this.

Jurassic Park was a great film. Steven Spielberg brought technology into the film era in a major way with computer generated dinosaurs and some now-classic film lines, many of which came from Jeff “Dreamboat” Goldblum. One other line that seems to be making a comeback is the title of this post, uttered by the character
-> Continue reading It’s a UNIX system. I know this.