docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>" `
-p 1433:1433 --name sql1 --hostname sql1 `
mcr.microsoft.com/mssql/server:2017-latest
Your password should follow the SQL Server default password policy, otherwise the container can't set up SQL Server and will stop working. By default, the password must be at least eight characters long and contain characters from three of the following four sets: uppercase letters, lowercase letters, base-10 digits, and symbols. You can examine the error log by using the docker logs command.
By default, this quickstart creates a container with the Developer edition of SQL Server. The process for running production editions in containers is slightly different. For more information, see Run production container images.
The following table provides a description of the parameters in the previous docker run example:
Parameter
Description
-e "ACCEPT_EULA=Y"
Set the ACCEPT_EULA variable to any value to confirm your acceptance of the End-User Licensing Agreement. Required setting for the SQL Server image.
-e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>"
Specify your own strong password that is at least eight characters and meets the SQL Server password requirements. Required setting for the SQL Server image.
-e "MSSQL_COLLATION=<SQL_Server_collation>"
Specify a custom SQL Server collation, instead of the default SQL_Latin1_General_CP1_CI_AS.
-p 1433:1433
Map a TCP port on the host environment (first value) with a TCP port in the container (second value). In this example, SQL Server is listening on TCP 1433 in the container and this container port is then exposed to TCP port 1433 on the host.
--name sql1
Specify a custom name for the container rather than a randomly generated one. If you run more than one container, you can't reuse this same name.
--hostname sql1
Used to explicitly set the container hostname. If you don't specify the hostname, it defaults to the container ID, which is a randomly generated system GUID.
Run the container in the background (daemon).
mcr.microsoft.com/mssql/server:2017-latest
The SQL Server Linux container image.
You should see output similar to the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d4a1999ef83e mcr.microsoft.com/mssql/server:2017-latest "/opt/mssql/bin/perm..." 2 minutes ago Up 2 minutes 0.0.0.0:1433->1433/tcp, :::1433->1433/tcp sql1
If the STATUS column shows a status of Up, then SQL Server is running in the container and listening on the port specified in the PORTS column. If the STATUS column for your SQL Server container shows Exited, see the Troubleshooting section of the configuration guide. The server is ready for connections once the SQL Server error logs display the message: SQL Server is now ready for client connections. This is an informational message; no user action is required. You can review the SQL Server error log inside the container using the command:
docker exec -t sql1 cat /var/opt/mssql/log/errorlog | grep connection
The --hostname parameter, as discussed above, changes the internal name of the container to a custom value. This value is the name you'll see returned in the following Transact-SQL query:
SELECT @@SERVERNAME,
SERVERPROPERTY('ComputerNamePhysicalNetBIOS'),
SERVERPROPERTY('MachineName'),
SERVERPROPERTY('ServerName');
Setting --hostname and --name to the same value is a good way to easily identify the target container.
As a final step, change your SA password because the MSSQL_SA_PASSWORD is visible in ps -eax output and stored in the environment variable of the same name. See steps below.
Pull and run the SQL Server Linux container image
Before starting the following steps, make sure that you've selected your preferred shell (bash, PowerShell, or cmd) at the top of this article.
Pull the SQL Server 2019 (15.x) Linux container image from the Microsoft Container Registry.
sudo docker pull mcr.microsoft.com/mssql/server:2019-latest
docker pull mcr.microsoft.com/mssql/server:2019-latest
docker pull mcr.microsoft.com/mssql/server:2019-latest
This quickstart creates SQL Server 2019 (15.x) containers. If you prefer to create Linux containers for different versions of SQL Server, see the SQL Server 2017 (14.x) or SQL Server 2022 (16.x) versions of this article.
The previous command pulls the latest SQL Server 2019 (15.x) Linux container image. If you want to pull a specific image, you add a colon and the tag name, such as mcr.microsoft.com/mssql/server:2019-GA-ubuntu. To see all available images, see the mssql-server Docker hub page.
For the bash commands in this article, sudo is used. If you don't want to use sudo to run Docker, you can configure a docker group and add users to that group. For more information, see Post-installation steps for Linux.
To run the Linux container image with Docker, you can use the following command from a bash shell or elevated PowerShell command prompt.
Important
The SA_PASSWORD environment variable is deprecated. Use MSSQL_SA_PASSWORD instead.
sudo docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>" \
-p 1433:1433 --name sql1 --hostname sql1 \
mcr.microsoft.com/mssql/server:2019-latest
If you are using PowerShell Core, replace the double quotes with single quotes.
docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>" `
-p 1433:1433 --name sql1 --hostname sql1 `
mcr.microsoft.com/mssql/server:2019-latest
docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>" `
-p 1433:1433 --name sql1 --hostname sql1 `
mcr.microsoft.com/mssql/server:2019-latest
Your password should follow the SQL Server default password policy, otherwise the container can't set up SQL Server and will stop working. By default, the password must be at least eight characters long and contain characters from three of the following four sets: uppercase letters, lowercase letters, base-10 digits, and symbols. You can examine the error log by using the docker logs command.
By default, this quickstart creates a container with the Developer edition of SQL Server. The process for running production editions in containers is slightly different. For more information, see Run production container images.
The following table provides a description of the parameters in the previous docker run example:
Parameter
Description
-e "ACCEPT_EULA=Y"
Set the ACCEPT_EULA variable to any value to confirm your acceptance of the End-User Licensing Agreement. Required setting for the SQL Server image.
-e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>"
Specify your own strong password that is at least eight characters and meets the SQL Server password requirements. Required setting for the SQL Server image.
-e "MSSQL_COLLATION=<SQL_Server_collation>"
Specify a custom SQL Server collation, instead of the default SQL_Latin1_General_CP1_CI_AS.
-p 1433:1433
Map a TCP port on the host environment (first value) with a TCP port in the container (second value). In this example, SQL Server is listening on TCP 1433 in the container and this container port is then exposed to TCP port 1433 on the host.
--name sql1
Specify a custom name for the container rather than a randomly generated one. If you run more than one container, you can't reuse this same name.
--hostname sql1
Used to explicitly set the container hostname. If you don't specify the hostname, it defaults to the container ID, which is a randomly generated system GUID.
Run the container in the background (daemon).
mcr.microsoft.com/mssql/server:2019-latest
The SQL Server Linux container image.
You should see output similar to the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d4a1999ef83e mcr.microsoft.com/mssql/server:2019-latest "/opt/mssql/bin/perm..." 2 minutes ago Up 2 minutes 0.0.0.0:1433->1433/tcp, :::1433->1433/tcp sql1
If the STATUS column shows a status of Up, then SQL Server is running in the container and listening on the port specified in the PORTS column. If the STATUS column for your SQL Server container shows Exited, see the Troubleshooting section of the configuration guide. The server is ready for connections once the SQL Server error logs display the message: SQL Server is now ready for client connections. This is an informational message; no user action is required. You can review the SQL Server error log inside the container using the command:
docker exec -t sql1 cat /var/opt/mssql/log/errorlog | grep connection
The --hostname parameter, as discussed above, changes the internal name of the container to a custom value. This value is the name you'll see returned in the following Transact-SQL query:
SELECT @@SERVERNAME,
SERVERPROPERTY('ComputerNamePhysicalNetBIOS'),
SERVERPROPERTY('MachineName'),
SERVERPROPERTY('ServerName');
Setting --hostname and --name to the same value is a good way to easily identify the target container.
As a final step, change your SA password because the MSSQL_SA_PASSWORD is visible in ps -eax output and stored in the environment variable of the same name. See steps below.
Pull and run the SQL Server Linux container image
Before starting the following steps, make sure that you've selected your preferred shell (bash, PowerShell, or cmd) at the top of this article.
Pull the SQL Server 2022 (16.x) Linux container image from the Microsoft Container Registry.
sudo docker pull mcr.microsoft.com/mssql/server:2022-latest
docker pull mcr.microsoft.com/mssql/server:2022-latest
docker pull mcr.microsoft.com/mssql/server:2022-latest
This quickstart creates SQL Server 2022 (16.x) containers. If you prefer to create Linux containers for different versions of SQL Server, see the SQL Server 2017 (14.x) or SQL Server 2019 (15.x) versions of this article.
The previous command pulls the latest SQL Server 2022 (16.x) Linux container image. If you want to pull a specific image, you add a colon and the tag name, such as mcr.microsoft.com/mssql/server:2022-GA-ubuntu. To see all available images, see the mssql-server Docker hub page.
For the bash commands in this article, sudo is used. If you don't want to use sudo to run Docker, you can configure a docker group and add users to that group. For more information, see Post-installation steps for Linux.
To run the Linux container image with Docker, you can use the following command from a bash shell or elevated PowerShell command prompt.
Important
The SA_PASSWORD environment variable is deprecated. Use MSSQL_SA_PASSWORD instead.
sudo docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>" \
-p 1433:1433 --name sql1 --hostname sql1 \
mcr.microsoft.com/mssql/server:2022-latest
If you are using PowerShell Core, replace the double quotes with single quotes.
docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>" `
-p 1433:1433 --name sql1 --hostname sql1 `
mcr.microsoft.com/mssql/server:2022-latest
docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>" `
-p 1433:1433 --name sql1 --hostname sql1 `
mcr.microsoft.com/mssql/server:2022-latest
Your password should follow the SQL Server default password policy, otherwise the container can't set up SQL Server and will stop working. By default, the password must be at least eight characters long and contain characters from three of the following four sets: uppercase letters, lowercase letters, base-10 digits, and symbols. You can examine the error log by using the docker logs command.
By default, this quickstart creates a container with the Developer edition of SQL Server. The process for running production editions in containers is slightly different. For more information, see Run production container images.
The following table provides a description of the parameters in the previous docker run example:
Parameter
Description
-e "ACCEPT_EULA=Y"
Set the ACCEPT_EULA variable to any value to confirm your acceptance of the End-User Licensing Agreement. Required setting for the SQL Server image.
-e "MSSQL_SA_PASSWORD=<YourStrong@Passw0rd>"
Specify your own strong password that is at least eight characters and meets the SQL Server password requirements. Required setting for the SQL Server image.
-e "MSSQL_COLLATION=<SQL_Server_collation>"
Specify a custom SQL Server collation, instead of the default SQL_Latin1_General_CP1_CI_AS.
-p 1433:1433
Map a TCP port on the host environment (first value) with a TCP port in the container (second value). In this example, SQL Server is listening on TCP 1433 in the container and this container port is then exposed to TCP port 1433 on the host.
--name sql1
Specify a custom name for the container rather than a randomly generated one. If you run more than one container, you can't reuse this same name.
--hostname sql1
Used to explicitly set the container hostname. If you don't specify the hostname, it defaults to the container ID, which is a randomly generated system GUID.
Run the container in the background (daemon).
mcr.microsoft.com/mssql/server:2022-latest
The SQL Server Linux container image.
You should see output similar to the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d4a1999ef83e mcr.microsoft.com/mssql/server:2022-latest "/opt/mssql/bin/perm..." 2 minutes ago Up 2 minutes 0.0.0.0:1433->1433/tcp, :::1433->1433/tcp sql1
If the STATUS column shows a status of Up, then SQL Server is running in the container and listening on the port specified in the PORTS column. If the STATUS column for your SQL Server container shows Exited, see the Troubleshooting section of the configuration guide. The server is ready for connections once the SQL Server error logs display the message: SQL Server is now ready for client connections. This is an informational message; no user action is required. You can review the SQL Server error log inside the container using the command:
docker exec -t sql1 cat /var/opt/mssql/log/errorlog | grep connection
The --hostname parameter, as discussed above, changes the internal name of the container to a custom value. This value is the name you'll see returned in the following Transact-SQL query:
SELECT @@SERVERNAME,
SERVERPROPERTY('ComputerNamePhysicalNetBIOS'),
SERVERPROPERTY('MachineName'),
SERVERPROPERTY('ServerName');
Setting --hostname and --name to the same value is a good way to easily identify the target container.
As a final step, change your SA password because the MSSQL_SA_PASSWORD is visible in ps -eax output and stored in the environment variable of the same name. See steps below.
Change the system administrator password
The SA account is a system administrator on the SQL Server instance that gets created during setup. After you create your SQL Server container, the MSSQL_SA_PASSWORD environment variable you specified is discoverable by running echo $MSSQL_SA_PASSWORD in the container. For security purposes, change your SA password.
Choose a strong password to use for the SA user.
Use docker exec to run sqlcmd to change the password using Transact-SQL. In the following example, the old and new passwords are read from user input.
sudo docker exec -it sql1 /opt/mssql-tools/bin/sqlcmd \
-S localhost -U SA \
-P "$(read -sp "Enter current SA password: "; echo "${REPLY}")" \
-Q "ALTER LOGIN SA WITH PASSWORD=\"$(read -sp "Enter new SA password: "; echo "${REPLY}")\""
Newer versions of sqlcmd are secure by default. For more information about connection encryption, see sqlcmd utility for Windows, and Connecting with sqlcmd for Linux and macOS. If the connection doesn't succeed, you can add the -No option to sqlcmd to specify that encryption is optional, not mandatory.
Choose a strong password to use for the SA user.
In the following example, replace the old password, <YourStrong@Passw0rd>, and the new password, <YourNewStrong@Passw0rd>, with your own password values.
docker exec -it sql1 /opt/mssql-tools/bin/sqlcmd `
-S localhost -U SA -P "<YourStrong@Passw0rd>" `
-Q "ALTER LOGIN SA WITH PASSWORD='<YourNewStrong@Passw0rd>'"
Newer versions of sqlcmd are secure by default. For more information about connection encryption, see sqlcmd utility for Windows, and Connecting with sqlcmd for Linux and macOS. If the connection doesn't succeed, you can add the -No option to sqlcmd to specify that encryption is optional, not mandatory.
Choose a strong password to use for the SA user.
In the following example, replace the old password, <YourStrong@Passw0rd>, and the new password, <YourNewStrong@Passw0rd>, with your own password values.
docker exec -it sql1 /opt/mssql-tools/bin/sqlcmd `
-S localhost -U SA -P "<YourStrong@Passw0rd>" `
-Q "ALTER LOGIN SA WITH PASSWORD='<YourNewStrong@Passw0rd>'"
Newer versions of sqlcmd are secure by default. For more information about connection encryption, see sqlcmd utility for Windows, and Connecting with sqlcmd for Linux and macOS. If the connection doesn't succeed, you can add the -No option to sqlcmd to specify that encryption is optional, not mandatory.
Connect to SQL Server
The following steps use the SQL Server command-line tool, sqlcmd, inside the container to connect to SQL Server.
Use the docker exec -it command to start an interactive bash shell inside your running container. In the following example sql1 is name specified by the --name parameter when you created the container.
sudo docker exec -it sql1 "bash"
docker exec -it sql1 "bash"
docker exec -it sql1 "bash"
Once inside the container, connect locally with sqlcmd, using its full path.
/opt/mssql-tools/bin/sqlcmd -S localhost -U SA -P "<YourNewStrong@Passw0rd>"
Newer versions of sqlcmd are secure by default. For more information about connection encryption, see sqlcmd utility for Windows, and Connecting with sqlcmd for Linux and macOS. If the connection doesn't succeed, you can add the -No option to sqlcmd to specify that encryption is optional, not mandatory.
You can omit the password on the command-line to be prompted to enter it. For example:
/opt/mssql-tools/bin/sqlcmd -S localhost -U SA
If successful, you should get to a sqlcmd command prompt: 1>.
Create and query data
The following sections walk you through using sqlcmd and Transact-SQL to create a new database, add data, and run a query.
Create a new database
The following steps create a new database named TestDB.
From the sqlcmd command prompt, paste the following Transact-SQL command to create a test database:
CREATE DATABASE TestDB;
On the next line, write a query to return the name of all of the databases on your server:
SELECT Name from sys.databases;
The previous two commands weren't run immediately. Type GO on a new line to run the previous commands:
Insert data
Next create a new table, Inventory, and insert two new rows.
From the sqlcmd command prompt, switch context to the new TestDB database:
USE TestDB;
Create new table named Inventory:
CREATE TABLE Inventory (id INT, name NVARCHAR(50), quantity INT);
Insert data into the new table:
INSERT INTO Inventory VALUES (1, 'banana', 150); INSERT INTO Inventory VALUES (2, 'orange', 154);
Type GO to run the previous commands:
Select data
Now, run a query to return data from the Inventory table.
From the sqlcmd command prompt, enter a query that returns rows from the Inventory table where the quantity is greater than 152:
SELECT * FROM Inventory WHERE quantity > 152;
Run the command:
Exit the sqlcmd command prompt
To end your sqlcmd session, type QUIT:
To exit the interactive command-prompt in your container, type exit. Your container continues to run after you exit the interactive bash shell.
Connect from outside the container
You can also connect to the SQL Server instance on your Docker machine from any external Linux, Windows, or macOS tool that supports SQL connections. The external tool will use the IP address for the host machine.
The following steps use sqlcmd outside of your container to connect to SQL Server running in the container. These steps assume that you already have the SQL Server command-line tools installed outside of your container. The same principles apply when using other tools, but the process of connecting is unique to each tool.
Find the IP address for your container's host machine, using ifconfig or ip addr.
For this example, install the sqlcmd tool on your client machine. For more information, see Install sqlcmd on Windows or Install sqlcmd on Linux.
Run sqlcmd specifying the IP address and the port mapped to port 1433 in your container. In this example, the port is the same as port 1433 on the host machine. If you specified a different mapped port on the host machine, you would use it here. You'll also need to open the appropriate inbound port on your firewall to allow the connection.
Newer versions of sqlcmd are secure by default. If the connection doesn't succeed, and you're using version 18 or higher, you can add the -No option to sqlcmd to specify that encryption is optional, not mandatory.
sqlcmd -S <ip_address>,1433 -U SA -P "<YourNewStrong@Passw0rd>"
sqlcmd -S <ip_address>,1433 -U SA -P "<YourNewStrong@Passw0rd>"
sqlcmd -S <ip_address>,1433 -U SA -P "<YourNewStrong@Passw0rd>"
Run Transact-SQL commands. When finished, type QUIT.
Other common tools to connect to SQL Server include:
Visual Studio Code
SQL Server Management Studio (SSMS) on Windows
Azure Data Studio
mssql-cli (Preview)
PowerShell Core
Remove your container
If you want to remove the SQL Server container used in this tutorial, run the following commands:
sudo docker stop sql1
sudo docker rm sql1
docker stop sql1
docker rm sql1
docker stop sql1
docker rm sql1
Warning
Stopping and removing a container permanently deletes any SQL Server data in the container. If you need to preserve your data, create and copy a backup file out of the container or use a container data persistence technique.
Docker demo
After you have tried using the SQL Server Linux container image for Docker, you might want to know how Docker is used to improve development and testing. The following video shows how Docker can be used in a continuous integration and deployment scenario.
Next steps
Restore a SQL Server database in a Linux container.
Learn about running multiple containers and data persistence.
Troubleshoot SQL Server Linux containers.
Also, check out the mssql-docker GitHub repository for resources, feedback, and known issues.
Contribute to SQL documentation
Did you know that you can edit SQL content yourself? If you do so, not only do you help improve our documentation, but you also get credited as a contributor to the page.
For more information, see How to contribute to SQL Server documentation
