- 写这个blog原因:由于最近学习Centos 7,需要部署运行环境,但是百度时候找到的blog要么版本比较旧所以和现在MysqL安装包有些出入。经过自己不断测试,终于自己安装好MysqL了,所以现在分享自己的成果,顺带可以mark 一下。
提前步骤:
1.在Centos 7上先要卸载
mariadb-lib
[root@centos-linux ~]# rpm -qa|grep mariadbmariadb-libs-5.5.44-2.el7.centos.x86_64 [root@centos-linux ~]# rpm -e mariadb-libs-5.5.44-2.el7.centos.x86_64 --nodeps
下载后,放置到Centos 服务器的/usr/local/ 文件夹上解压 :
[root@centos-linux ~]# lsMysqL-5.7.16-1.el7.x86_64.rpm-bundle.tar [root@centos-linux ~]# tar xvf MysqL-5.7.16-1.el7.x86_64.rpm-bundle.tar
解压后,出现如下文件:
MysqL-community-libs-compat-5.7.16-1.el7.x86_64.rpm MysqL-community-devel-5.7.16-1.el7.x86_64.rpm MysqL-community-minimal-debuginfo-5.7.16-1.el7.x86_64.rpm MysqL-community-libs-5.7.16-1.el7.x86_64.rpm MysqL-community-common-5.7.16-1.el7.x86_64.rpm MysqL-community-embedded-compat-5.7.16-1.el7.x86_64.rpm MysqL-community-test-5.7.16-1.el7.x86_64.rpm MysqL-community-embedded-devel-5.7.16-1.el7.x86_64.rpm MysqL-community-server-minimal-5.7.16-1.el7.x86_64.rpm MysqL-community-server-5.7.16-1.el7.x86_64.rpm MysqL-community-client-5.7.16-1.el7.x86_64.rpm MysqL-community-embedded-5.7.16-1.el7.x86_64.rpm
依次执行(几个包有依赖关系,所以执行有先后)下面命令安装:
[root@centos-linux ~]# rpm -ivh MysqL-community-common-5.7.16-1.el7.x86_64.rpm [root@centos-linux ~]# rpm -ivh MysqL-community-libs-5.7.16-1.el7.x86_64.rpm [root@centos-linux ~]# rpm -ivh MysqL-community-client-5.7.16-1.el7.x86_64.rpm [root@centos-linux ~]# rpm -ivh MysqL-community-server-5.7.16-1.el7.x86_64.rpm
数据库初始化:
如果是以 MysqL 身份运行,则可以去掉--user选项。
另外--initialize选项默认以“安全”模式来初始化,则会为 root 用户生成一个密码并将该密码标记为过期,登陆后你需要设置一个新的密码,而使
用--initialize-insecure命令则不使用安全模式,则不会为 root 用户生成一个密码。
[root@localhost local]# cat /var/log/MysqLd.log 2016-11-18T05:17:06.439015Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use -- explicit_defaults_for_timestamp server option (see documentation for more details). 2016-11-18T05:17:06.619744Z 0 [Warning] InnoDB: New log files created,LSN=45790 2016-11-18T05:17:06.656070Z 0 [Warning] InnoDB: Creating foreign key constraint system tables. 2016-11-18T05:17:06.715702Z 0 [Warning] No existing UUID has been found,so we assume that this is the first time that this server has been started. Generating a new UUID: 3f94e95c-ad4e-11e6-ac8b-000c29994ce5. 2016-11-18T05:17:06.716475Z 0 [Warning] Gtid table is not ready to be used. Table 'MysqL.gtid_executed' cannot be opened. 2016-11-18T05:17:06.717114Z 1 [Note] A temporary password is generated for root@localhost: <.xOzij-F2vr
启动MysqL服务器:
[root@centos-linux ~]# systemctl start MysqLd [root@centos-linux ~]# MysqL -uroot -pEnter password:Welcome to the MysqL monitor. Commands end with ; or \g.Your MysqL connection id is 2Server version: 5.7.13Copyright (c) 2000,2016,Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MysqL>
修改 root 密码
MysqL> show databases;ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
不过要注意MysqL 5.7 设定密码和之前版本密码不能太简单,详情请看这里解释:
设置root外网ip访问,并对其授权:
创建一个普通用户 sa ,密码是 some_pass
CREATE
USER
'sa'
@
'%'
IDENTIFIED
BY
'some_pass'
;
给这个用户授予 SELECT,INSERT,UPDATE,DELETE 的远程访问的权限,这个账号一般用于提供给实施的系统访问
GRANT
SELECT
,
INSERT
,
UPDATE
,
DELETE
ON
*.*
TO
'sa'
@
'%'
;
CREATE
USER
'admin'
@
'%'
IDENTIFIED
BY
'some_pass'
;
GRANT
ALL
ON
*.*
TO
'admin'
@
'%'
;
使授权立刻生效
flush
privileges
;
启动MysqL 服务器指令:
启动 MysqL Server
查看 MysqL Server 状态
systemctl
status MysqLd
防火墙设置:(预防iP可以ping接,但是navicat并不能连接的情况)
远程访问 MysqL, 需开放默认端口号 3306.
打开 iptables 的配置文件:
vi /etc/sysconfig/iptables
*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT
在里面加入这2行:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW -m udp -p udp –dport 3306 -j ACCEPT
改为
*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW -m udp -p udp –dport 3306 -j ACCEPT-A INPUT -j REJECT --reject-with icmp-host-prohibited-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT
@H_404_458@
如果该 iptables 配置文件 不存在,先执行
yum install iptables-services
安装
执行 iptables 重启生效
service
iptables restart
方式2:firewall-cmd(推荐)
执行
firewall-cmd --permanent --zone=public --add-port=3306/tcpfirewall-cmd --permanent --zone=public --add-port=3306/udp
这样就开放了相应的端口。
执行
firewall-cmd --reload
使最新的防火墙设置规则生效。
还有其他设置与补充可以查阅这篇文章:
http://www.centoscn.com/mysql/2016/0315/6844.html