Welcome to Alibaba Cloud Elastic Compute Service !
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Wed Sep 16 08:49:31 2020 from 122.226.XXX.XX
[root@ZSSM01 ~]# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: CentOS
Description: CentOS Linux release 8.2.2004 (Core)
Release: 8.2.2004
Codename: Core
首先打开 MySQL 的官网,需要根据自己的服务器信息选择合适的源信息,因操作系统是 CentOS,所以选择的是 yum 源(yum 源地址:https://dev.mysql.com/downloads/repo/yum/)。
因操作系统是最新的CentOS8.2,所以选择了最新的MySql版本:mysql80-community-release-el8-1.noarch.rpm。
[root@ZSSM01 ~]# wget https://dev.mysql.com/get/mysql80-community-release-el8-1.noarch.rpm
[root@ZSSM01 ~]# rpm -ivh mysql80-community-release-el8-1.noarch.rpm
[root@ZSSM01 ~]# md5sum mysql80-community-release-el8-1.noarch.rpm
7166fed89332ab92fb3ec666e95d6ad1 mysql80-community-release-el8-1.noarch.rpm
[root@ZSSM01 ~]# yum install mysql-server
[root@ZSSM01 ~]# sudo systemctl start mysqld
[root@ZSSM01 ~]# systemctl status mysqld
[root@ZSSM01 ~]# ps -ef | grep mysqld
mysql 1021 1 0 Sep15 ? 00:01:05 /usr/libexec/mysqld --basedir=/usr
root 86604 86574 0 13:07 pts/0 00:00:00 grep --color=auto mysqld
在整个设置密码的过程中,总共有五步:设置 root 密码;是否禁止 root 账号远程登录;是否禁止匿名账号(anonymous)登录;是否删除测试库;是否确认修改。按照你自己的需求后,设置完成后即可。
[root@ZSSM01 /]# mysql_secure_installation
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1
Please set the password for root here.
New password:
Re-enter new password:
Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
设置完成后,我们用自己本地的 Workbench 连接服务器上的数据库,发现无法进行连接,如果你之前使用过远程连接 MySQL Server 你应该会知道,我们需要在 user 表中设置 root 用户允许访问的地址。
[root@ZSSM01 ~]# mysql -h localhost -u root -p ##登录数据库,输入密码后完成登录
mysql> use mysql; ##选择 mysql 库
mysql> select user,host from user; ##查询连接配置
+------------------+-----------+
| user | host |
+------------------+-----------+
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+------------------+-----------+
4 rows in set (0.00 sec)
mysql> update user set host='%' where user='root';##允许使用 root 账户进行远程登录
mysql> flush privileges; ##刷新设置
在【云服务器管理控制台】中,选择要配置安全策略的服务器,然后选择【本实例安全组】,进入安全策略组配置,手动添加3306入站规则。
至此,我们就可以通过WorkBench等工具远程连接到我们的 MySQL Server 上了。
[root@ZSSM01 mysql]# systemctl enable mysqld
Created symlink /etc/systemd/system/multi-user.target.wants/mysqld.service → /usr/lib/systemd/system/mysqld.service.