Linux操作文档——MySQL安装与基础管理(5.7.26)
一、MySQL 5.7.26 二进制版本安装
1、下载软件至存放目录
[root@mysql-1 ~]# mkdir -p /server/soft
[root@mysql-1 ~]# wget https://downloads.mysql.com/archives/get/p/23/file/mysql-5.7.26-linux-glibc2.12-x86_64.tar.gz
[root@mysql-1 ~]# mv mysql-5.7.26-linux-glibc2.12-x86_64.tar.gz /server/soft/
2、解压软件
[root@mysql-1 ~]# yum -y remove mariadb-libs.x86_64
[root@mysql-1 ~]# yum -y install libaio-devel
[root@mysql-1 ~]# cd /server/soft/
[root@mysql-1 soft]# tar zxf mysql-5.7.26-linux-glibc2.12-x86_64.tar.gz
[root@mysql-1 ~]# ln -s /server/soft/mysql-5.7.26-linux-glibc2.12-x86_64 /usr/local/mysql
3、创建用户及设置环境变量
[root@mysql-1 ~]# useradd -s /sbin/nologin mysql
[root@mysql-1 ~]# echo "export PATH=/usr/local/mysql/bin:$PATH" >> /etc/profile
[root@mysql-1 ~]# source /etc/profile
[root@mysql-1 ~]# mysql -V
mysql Ver 14.14 Distrib 5.7.26, for linux-glibc2.12 (x86_64) using EditLine wrapper
4、创建数据路径并授权(数据路径为共享存储)
[root@mysql-1 ~]# mkdir -p /data/mysql/data
[root@mysql-1 ~]# showmount -e 192.168.1.30
Export list for 192.168.1.30:
/nfs/data/mysql 192.168.1.0/24
[root@mysql-1 ~]# mount -t nfs 192.168.1.30:/nfs/data/DBA /data/
[root@mysql-1 ~]# vim /etc/fstab
192.168.1.30:/nfs/data/mysql /data xfs defaults 0 0
[root@mysql-1 ~]# mount -a
[root@mysql-1 ~]# chown -R mysql.mysql /usr/local/mysql/
[root@mysql-1 ~]# chown -R mysql.mysql /data
5、初始化数据(无密码)
[root@mysql-1 ~]# mysqld --initialize-insecure --user=mysql --basedir=/usr/local/mysql --datadir=/data/mysql/data
| 参数 | 说明 |
|---|---|
| –initialize | 对于密码复杂度进行定制;密码过期时间:180;给root@localhost用户设置临时密码 |
| –initialize-insecure | 无限制,无临时密码 |
6、添加系统服务
[root@mysql-1 ~]# cat >/etc/my.cnf <<EOF
[mysqld]
user=mysql
basedir=/usr/local/mysql
datadir=/data/mysql/data
socket=/tmp/mysql.sock
server_id=6
port=3306
[mysql]
socket=/tmp/mysql.sock
EOF
[root@mysql-1 ~]# cat >/etc/systemd/system/mysqld.service <<EOF
[Unit]
Description=MySQL Server
Documentation=man:mysqld(8)
Documentation=http://dev.mysql.com/doc/refman/en/using-systemd.html
After=network.target
After=syslog.target
[Install]
WantedBy=multi-user.target
[Service]
User=mysql
Group=mysql
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/etc/my.cnf
LimitNOFILE = 5000
EOF
[root@mysql-1 ~]# systemctl start mysqld
[root@mysql-1 ~]# netstat -anpt | grep mysql
tcp6 0 0 :::3306 :::* LISTEN 67766/mysqld
二、管理数据库密码
注意:数据库密码不要明文登录
1、初次设置管理员密码
[root@mysql-1 ~]# mysql_secure_installation
| mysql_secure_installation作用 |
|---|
| 为root用户设置密码、删除匿名账号、取消root用户远程登录、删除test库和对test库的访问权限、刷新授权表使修改生效 |
2、更改管理员密码
[root@mysql-1 ~]# mysqladmin -uroot -p password
Enter password: //输入旧密码,如果没有直接回车
New password: //新密码
Confirm new password: //重复输入
[root@mysql-1 ~]# mysql -uroot -p123456
mysql> exit
Bye
3、忘记管理员用户密码(仅限数据库本机操作)
[root@mysql-1 ~]# systemctl stop mysqld
[root@mysql-1 ~]# mysqld_safe --skip-grant-tables --skip-networking & //启动数据库到维护模式
[1] 68049
[root@mysql-1 ~]# Logging to '/data/mysql/data/mysql-1.err'.
2020-08-27T16:21:06.730348Z mysqld_safe Starting mysqld daemon with databases from /data/mysql/data
[root@mysql-1 ~]# mysql
mysql> select user,host from mysql.user;
+---------------+-----------+
| user | host |
+---------------+-----------+
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+---------------+-----------+
3 rows in set (0.00 sec)
mysql> select user,host,authentication_string from mysql.user; //查看密码
+---------------+-----------+-------------------------------------------+
| user | host | authentication_string |
+---------------+-----------+-------------------------------------------+
| root | localhost | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| mysql.session | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql.sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+---------------+-----------+-------------------------------------------+
3 rows in set (0.00 sec)
mysql> flush privileges; //启用授权表
Query OK, 0 rows affected (0.00 sec)
mysql> grant all on *.* to root@'localhost' identified by '1'; //密码更改为1
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> select user,host,authentication_string from mysql.user; //密码已改变
+---------------+-----------+-------------------------------------------+
| user | host | authentication_string |
+---------------+-----------+-------------------------------------------+
| root | localhost | *E6CC90B878B948C35E92B003C792C46C58C4AF40 |
| mysql.session | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| mysql.sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
+---------------+-----------+-------------------------------------------+
3 rows in set (0.00 sec)
mysql> exit
Bye
[root@mysql-1 ~]# mysql -uroot -p1
mysql>
三、用户管理
1、创建用户
mysql> create user zhangsan@'192.168.1.%' identified by '123456';
说明:8.0以前,可以自动创建用户并授权
mysql> grant all on *.* to lisi@'192.168.1.%' identified by '123456';
2、查询用户
mysql> select user,host from mysql.user;
+---------------+-------------+
| user | host |
+---------------+-------------+
| lisi | 192.168.1.% |
| zhangsan | 192.168.1.% |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+---------------+-------------+
3、修改用户密码
mysql> alter user zhangsan@'192.168.1.%' identified by '111111';
4、删除用户
mysql> drop user lisi@'192.168.1.%';
四、权限管理
1、权限说明
| 权限 | 说明 | 权限 | 说明 |
|---|---|---|---|
| ALL | 全局的所有权限或者表级的所有权限 | SELECT | 查询权限 |
| INSERT | 允许插入数据行 | UPDATE | 更新权限 |
| DELETE | 删除数据行 | CREATE | 允许创建数据库或表 |
| DROP | 允许删除对象(权限大) | FILE | 允许对服务器主机上文件的访问 |
| RELOAD | 允许执行flush操作 | SHUTDOWN | 允许执行mysqladmin shutdown |
| PROCESS | 允许查看线程运行信息 | REFERENCES | 在一个表创建外键时,需要有父表的references权限 |
| INDEX | 允许创建或删除索引 | ALTER | 允许执行alter table更改表结构 |
| SHOW DATABASES | 允许执行show databases查看所有数据库名 | SUPER | 允许执行一系列数据库管理命令,包括kill强制关闭某个连接命令,change master to创建复制关系命令,以及create/alter/drop server等命令 |
| CREATE TEMPORARY TABLES | 允许使用create temporary table创建临时表,创建临时表以后,该会话对该临时表拥有所有权限,不再做权限检查 | LOCK TABLES | 允许执行lock tables语句 |
| EXECUTE | 允许执行存储过程或函数 | REPLICATION SLAVE | 复制用户所需权限,否则无法请求主库变更推送 |
| REPLICATION CLIENT | 允许执行show master status,show slave status,show binary logs | CREATE VIEW | 允许创建视图 |
| SHOW VIEW | 允许执行show create view | CREATE ROUTINE | 允许创建存储过程或函数 |
| ALTER ROUTINE | 允许对存储过程或函数执行alter或drop操作 | CREATE USER | 可以创建,修改和删除用户 |
| EVENT | 允许create,alter,drop,see event | TRIGGER | 允许create,drop,execute或查看trigger,触发器的创建用户,在执行触发器时仍然要求该用户拥有trigger权限 |
| CREATE TABLESPACE | 允许create,alter,drop tablespaces或log file group |
2、授权命令格式
格式:grant 权限 on 作用目标 to 用户 identified by 密码 with grant option;
3、授权需求
1、创建一个管理员用户root,可以通过192.168.1.0网段,管理数据库
mysql> grant all on *.* to root@'192.168.1.%' identified by '123456' with grant option;
2、创建一个应用用户wangwu,可以通过192.168.1.0网段,对blog库下的所有表进行增删改查
mysql> grant SELECT,INSERT, UPDATE, DELETE on blog.* to wangwu@'192.168.1.%' identified by '123456';
4、查看用户权限
mysql> show grants for wangwu@'192.168.1.%';
+----------------------------------------------------------------------------+
| Grants for wangwu@192.168.1.% |
+----------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'wangwu'@'192.168.1.%' |
| GRANT SELECT, INSERT, UPDATE, DELETE ON `blog`.* TO 'wangwu'@'192.168.1.%' |
+----------------------------------------------------------------------------+
5、回收权限
mysql> revoke delete on blog.* from 'wangwu'@'192.168.1.%'; //回收删除权限
Query OK, 0 rows affected (0.00 sec)
mysql> show grants for wangwu@'192.168.1.%';
+--------------------------------------------------------------------+
| Grants for wangwu@192.168.1.% |
+--------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'wangwu'@'192.168.1.%' |
| GRANT SELECT, INSERT, UPDATE ON `blog`.* TO 'wangwu'@'192.168.1.%' |
+--------------------------------------------------------------------+
2 rows in set (0.00 sec)
五、启动管理
1、日常启动
[root@mysql-1 ~]# systemctl start mysqld
[root@mysql-1 ~]# systemctl stop mysqld
2、维护启动
例如忘记管理员密码↑
[root@mysql-1 ~]# mysqld_safe &
[2] 70379
[root@mysql-1 ~]# 2020-08-29T15:38:35.623046Z mysqld_safe Logging to '/data/mysql/data/mysql-1.err'.
2020-08-29T15:38:35.663314Z mysqld_safe A mysqld process already exists
[2]+ 退出 1 mysqld_safe
[root@mysql-1 ~]# mysqladmin -uroot -p shutdown
2020-08-29T15:39:08.019176Z mysqld_safe mysqld from pid file /data/mysql/data/mysql-1.pid ended
[1]+ 完成 mysqld_safe --skip-grant-tables --skip-networking
六、连接管理
1、本地连接
[root@mysql-1 ~]# mysql -uroot -p
或者
[root@mysql-1 ~]# mysql -uroot -p -S /tmp/mysql.sock
2、远程连接
[root@mysql-1 ~]# mysql -uroot -p123456
mysql> grant all on *.* to root@'192.168.1.%' identified by '123456';
[root@mysql-2 ~]# mysql -uroot -p -h 192.168.1.11 -P3306
七、多实例管理
1、准备数据目录
[root@mysql-1 ~]# mkdir -p /data/330{7,8,9}/data
2、准备配置文件
[root@mysql-1 ~]# cat > /data/3307/my.cnf <<EOF
[mysqld]
basedir=/usr/local/mysql
datadir=/data/3307/data
socket=/data/3307/mysql.sock
log_error=/data/3307/mysql.log
port=3307
server_id=7
log_bin=/data/3307/mysql-bin
EOF
[root@mysql-1 ~]# cat > /data/3308/my.cnf <<EOF
[mysqld]
basedir=/usr/local/mysql
datadir=/data/3308/data
socket=/data/3308/mysql.sock
log_error=/data/3308/mysql.log
port=3308
server_id=8
log_bin=/data/3308/mysql-bin
EOF
[root@mysql-1 ~]# cat > /data/3309/my.cnf <<EOF
[mysqld]
basedir=/usr/local/mysql
datadir=/data/3309/data
socket=/data/3309/mysql.sock
log_error=/data/3309/mysql.log
port=3309
server_id=9
log_bin=/data/3309/mysql-bin
EOF
3、初始化数据
[root@mysql-1 ~]# mv /etc/my.cnf /etc/my.cnf.bak
[root@mysql-1 ~]# mysqld --initialize-insecure --user=mysql --datadir=/data/3307/data --basedir=/usr/local/mysql
[root@mysql-1 ~]# mysqld --initialize-insecure --user=mysql --datadir=/data/3308/data --basedir=/usr/local/mysql
[root@mysql-1 ~]# mysqld --initialize-insecure --user=mysql --datadir=/data/3309/data --basedir=/usr/local/mysql
4、systemd管理多实例
[root@mysql-1 ~]# cd /etc/systemd/system
[root@mysql-1 system]# cp mysqld.service mysqld3307.service
[root@mysql-1 system]# cp mysqld.service mysqld3308.service
[root@mysql-1 system]# cp mysqld.service mysqld3309.service
[root@mysql-1 system]# vim mysqld3307.service
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/data/3307/my.cnf
[root@mysql-1 system]# vim mysqld3308.service
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/data/3308/my.cnf
[root@mysql-1 system]# vim mysqld3309.service
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/data/3309/my.cnf
5、授权并启动
[root@mysql-1 ~]# chown -R mysql.mysql /data/*
[root@mysql-1 ~]# systemctl start mysqld3307.service
[root@mysql-1 ~]# systemctl start mysqld3308.service
[root@mysql-1 ~]# systemctl start mysqld3309.service
[root@mysql-1 ~]# netstat -anpt | grep 330
tcp6 0 0 :::3306 :::* LISTEN 70847/mysqld
tcp6 0 0 :::3307 :::* LISTEN 71447/mysqld
tcp6 0 0 :::3308 :::* LISTEN 71487/mysqld
tcp6 0 0 :::3309 :::* LISTEN 71527/mysqld
[root@mysql-1 ~]# mysql -S /data/3307/mysql.sock -e "select @@server_id"
+-------------+
| @@server_id |
+-------------+
| 7 |
+-------------+
[root@mysql-1 ~]# mysql -S /data/3308/mysql.sock -e "select @@server_id"
+-------------+
| @@server_id |
+-------------+
| 8 |
+-------------+
[root@mysql-1 ~]# mysql -S /data/3309/mysql.sock -e "select @@server_id"
+-------------+
| @@server_id |
+-------------+
| 9 |
+-------------+
[root@mysql-1 ~]# mysql -S /data/3307/mysql.sock
mysql>
浙公网安备 33010602011771号