mysql阶段03 mysql多实例, 数据库主从, mysql5.6和5.7区别, 用户管理, 权限管理
nginx多实例,就是配置多个配置文件 mysql多实例: 1.有多个配置文件 2.多端口 3.多个socket文件 4.多个日志文件 5.多个server_id
之前数据库已安装在/usr/local/mysql下
[root@db03 ~]# mkdir /usr/local/{3307,3308,3309} -p
[root@db03 ~]# vim /usr/local/3307/my.cnf [mysqld] basedir=/usr/local/mysql datadir=/usr/local/3307/data port=3307 socket=/usr/local/3307/mysql.sock log-error=/usr/local/3307/data/mysql.err log-bin=/usr/local/3307/data/mysql-bin server_id=7 [root@db03 ~]# vim /usr/local/3308/my.cnf [mysqld] basedir=/usr/local/mysql datadir=/usr/local/3308/data port=3308 socket=/usr/local/3308/mysql.sock log-error=/usr/local/3308/data/mysql.err log-bin=/usr/local/3308/data/mysql-bin server_id=8 [root@db03 ~]# vim /usr/local/3309/my.cnf [mysqld] basedir=/usr/local/mysql datadir=/usr/local/3309/data port=3309 socket=/usr/local/3309/mysql.sock log-error=/usr/local/3309/data/mysql.err log-bin=/usr/local/3309/data/mysql-bin server_id=9
[root@db03 scripts]# cd /usr/local/mysql/scripts [root@db03 scripts]# ./mysql_install_db --defaults-file=/usr/local/3307/my.cnf --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/3307/data #看到2个ok就行 [root@db03 scripts]# ./mysql_install_db --defaults-file=/usr/local/3308/my.cnf --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/3308/data [root@db03 scripts]# ./mysql_install_db --defaults-file=/usr/local/3309/my.cnf --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/3309/data [root@db03 local]# tree -L 3 . ├── 3307 │ ├── data │ │ ├── ibdata1 │ │ ├── ib_logfile0 │ │ ├── ib_logfile1 │ │ ├── mysql │ │ ├── mysql-bin.000001 │ │ ├── mysql-bin.000002 │ │ ├── mysql-bin.index │ │ ├── mysql.err │ │ ├── performance_schema │ │ └── test │ └── my.cnf
[root@db03 local]# chown -R mysql.mysql /usr/local/
[root@db03 local]# mysqld_safe --defaults-file=/usr/local/3307/my.cnf & [root@db03 local]# mysqld_safe --defaults-file=/usr/local/3308/my.cnf & [root@db03 local]# mysqld_safe --defaults-file=/usr/local/3309/my.cnf &
[root@db03 usr]# netstat -lntp |grep 330
[root@db03 ~]# mysql -uroot -S /usr/local/3307/mysql.sock -e "show variables like 'server_id';" +---------------+-------+ | Variable_name | Value | +---------------+-------+ | server_id | 7 | +---------------+-------+ [root@db03 ~]# mysql -uroot -S /usr/local/3308/mysql.sock -e "show variables like 'server_id';" +---------------+-------+ | Variable_name | Value | +---------------+-------+ | server_id | 8 | +---------------+-------+ [root@db03 ~]# mysql -uroot -S /usr/local/3309/mysql.sock -e "show variables like 'server_id';" +---------------+-------+ | Variable_name | Value | +---------------+-------+ | server_id | 9 | +---------------+-------+
[root@db03 ~]# mysqladmin -uroot password '123456' -S /usr/local/3307/mysql.sock [root@db03 ~]# mysqladmin -uroot password '123456' -S /usr/local/3308/mysql.sock [root@db03 ~]# mysqladmin -uroot password '123456' -S /usr/local/3309/mysql.sock
#通过写脚本,直接登录数据库 [root@db03 ~]# vim /usr/bin/mysql3307 mysql -uroot -p123456 -S /usr/local/3307/mysql.sock [root@db03 ~]# vim /usr/bin/mysql3308 mysql -uroot -p123456 -S /usr/local/3308/mysql.sock [root@db03 ~]# vim /usr/bin/mysql3309 mysql -uroot -p123456 -S /usr/local/3309/mysql.sock #执行需要授予执行权限 [root@db03 ~]# chmod +x /usr/bin/mysql330* [root@db03 ~]# mysql3307 Warning: Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 9 ... #登录mysql,配置navicat登录账号 mysql> grant all on *.* to root@'%' identified by '123456';
1.主库创建主从使用的用户(3307数据库)
#主从权限 replication slave 一般主从用户用rep mysql> grant replication slave on *.* to rep@'127.0.0.1' identified by '123456';
mysql> show master status; +------------------+----------+--------------+------------------+-------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set | +------------------+----------+--------------+------------------+-------------------+ | mysql-bin.000006 | 662 | | | | +------------------+----------+--------------+------------------+-------------------+ 1 row in set (0.00 sec)
#从库需要知道主的信息: 主库是谁? 做主从同步的用户是谁? 做主从同步的密码是多少? 端口? 从哪里同步?binlog名字?binlog的位置点? mysql> change master to -> master_host='127.0.0.1', -> master_user='rep', -> master_password='123456', -> master_port=3307, -> master_log_file='mysql-bin.000006', -> master_log_pos=662; Query OK, 0 rows affected, 2 warnings (0.01 sec)
mysql> start slave;
Query OK, 0 rows affected (0.01 sec)
mysql> show slave status\G *************************** 1. row *************************** Slave_IO_State: Waiting for master to send event Master_Host: 127.0.0.1 Master_User: rep Master_Port: 3307 Connect_Retry: 60 Master_Log_File: mysql-bin.000006 Read_Master_Log_Pos: 662 Relay_Log_File: db03-relay-bin.000002 Relay_Log_Pos: 283 Relay_Master_Log_File: mysql-bin.000006 #下面的IO和SQL线程为yes,主从一定成功 Slave_IO_Running: Yes #IO是从库连接主库用的 Slave_SQL_Running: Yes #把主库的SQL拿过来执行一遍
#说明连接主库的过程有问题 1.监测网络 [root@db03 ~]# ping 10.0.0.7 2.监测端口 [root@db03 ~]# telnet 127.0.0.1 3307 3.监测账号密码 [root@db03 ~]# mysql -urep -p123456 -h 127.0.0.1 -P 3307
#说明从库与主库数据不一致 解决方法: 最根本的,先同步主库和从库数据再重新做主从
1.cmake的时候加入了boostory
如果安装mysql5.7,建议使用二进制包安装,因为它已经cmake过了,已经装好了boostory了
[root@db02 mysql-5.7.20]# yum install -y gcc gcc-c++ automake autoconf [root@db02 mysql-5.7.20]# yum install make cmake bison-devel ncurses-devel libaio-devel [root@db02 mysql-5.7.20]# wget httpss://dl.bintray.com/boostorg/release/1.65.1/source/boost_1_59_0.tar.gz #登录boost.org下载也可以(也可以直接下载mysql5.7带boost的,这样不用再单独下载boost) [root@db02 mysql-5.7.20]# tar xf boost_1_59_0.tar.gz -C /usr/local/ [root@db02 mysql-5.7.20]# cmake . -DCMAKE_INSTALL_PREFIX=/application/mysql-5.7.20 \ -DMYSQL_DATADIR=/application/mysql-5.7.20/data \ -DMYSQL_UNIX_ADDR=/application/mysql-5.7.20/tmp/mysql.sock \ #安装boost -DDOWNLOAD_BOOST=1 \ #指定boost目录 -DWITH_BOOST=/usr/local/boost_1_59_0 \ -DDEFAULT_CHARSET=utf8 \ -DDEFAULT_COLLATION=utf8_general_ci \ -DWITH_EXTRA_CHARSETS=all \ -DWITH_INNOBASE_STORAGE_ENGINE=1 \ -DWITH_FEDERATED_STORAGE_ENGINE=1 \ -DWITH_BLACKHOLE_STORAGE_ENGINE=1 \ -DWITHOUT_EXAMPLE_STORAGE_ENGINE=1 \ -DWITH_ZLIB=bundled \ -DWITH_SSL=bundled \ -DENABLED_LOCAL_INFILE=1 \ -DWITH_EMBEDDED_SERVER=1 \ -DENABLE_DOWNLOADS=1 \ -DWITH_DEBUG=0
#5.6初始化命令 [root@db03 ~]# /usr/local/mysql/scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data #5.7初始化命令 [root@db03 ~]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --initialize 会生成一个密码文件(登录需要用这个密码) --initialize-insecure 还可以用另外一个参数,这个不会生成密码文件(可以直接mysql登录)
1.linux用户和mysql用户对比
linux系统 | mysql数据库 | |
---|---|---|
用户作用 | 1.登录系统 2.管理系统文件 | 1.登录MySQL数据库 2.管理数据库数据 |
创建用户 | 1.useradd 2.adduser | 1.create user test@'%'; 2.grant(没就创) |
用户密码 | 1.passwd lhd 2.useradd lhd -p 123 | 1.mysqladmin 2.create user test@'%' identified by '123' |
删除用户 | userdel | 1.drop user test@'%'; 2.delete |
修改用户 | useradd | update |
2.在mysql中,用户是怎么定义的
#在mysql中,定义一个完整的用户是: '用户名'@'主机域' 用户名写法: 如果是字符不需要加引号: rep@'27.0.0.1' 如果是数字作为用户则加引号: '123'@'127.0.0.1' 主机域的写法: localhosts 127.0.0.1 db01 ::1 % 10.%.%.% 10.0.%.% 10.0.0.% (10.0.0.1-10.0.0.255) 10.0.0.5% (10.0.0.50-10.0.0.59) 10.0.0.0/255.255.255.0 10.0.0.0/24 #可以创建,但不生效。mysql不能识别/24 mysql> grant all on *.* to lhd@'10.0.0.0/255.255.255.0' identified by '123'; mysql> grant all on *.* to zz@'10.0.0.0/24' identified by '123'; #可以创建,但无法用该账户登录
3.用户管理
create user lhd@'10.0.0.%' identfied by '123';
select user,host from mysql.user;
drop user lhd@'10.0.0.%';
1.命令行使用mysqladmin修改密码 [root@db03 ~]# mysqladmin -uroot -p123 password '123456' 2.授权的方式修改密码 mysql> grant all on *.* to root@'localhost' identified by '123'; 3.更新数据修改密码 mysql> update mysql.user set password=password('123456') where user='root' and host='localhost'; mysql> flush privileges; #刷新用户授权表 4.set不加条件修改密码 mysql> set password=password('123'); 修改当前登录数据库用户的密码
1.停止数据库 [root@db03 ~]# systemctl stop mysql 2.跳过授权表和网络启动数据库 [root@db03 ~]# mysqld_safe --skip-grant-tables --skip-networking & 3.连接数据库 [root@db03 ~]# mysql 4.update修改密码 mysql> update mysql.user set password=password('123456') where user='root' and host='localhost'; 5.刷新授权表 mysql> flush privileges; #刷新用户授权表 6.正常启动数据库 [root@db03 ~]# mysqladmin -p123456 shutdown [root@db03 ~]# systemctl start mysql [root@db03 ~]# mysql -uroot -p123456
#授权的命令 grant all privileges on *.* to root@'localhost' identified by '123'; grant all on *.* to root@'localhost' identified by '123'; grant #授权命令 all #所有权限 on #在......上 *.* #所有库.所有表 to #给 root@'localhost' #'用户名'@'主机域' identified #密码 by #是 '123' #密码本身
INSERT,SELECT,UPDATE,DELETE,CREATE,DROP,RELOAD,SHUTDOWN,PROCESS,FILE,REFERENCES,INDEX,ALTER,SHOW DATABASES,
SUPER,CREATE TEMPORARY TABLES,LOCK TABLES,EXECUTE,REPLICATION SLAVE,REPLICATION CLIENT,CREATE VIEW,SHOW VIEW,
CREATE ROUTINE,ALTER ROUTINE,CREATE USER,EVENT,TRIGGER,CREATE TABLESPACE
grant all on *.* to root@'localhost' identified by '123'; #所有库所有表 grant all on mysql.* to gcc@'localhost' identified by '123'; #单库授权 grant all on mysql.user to gcc@'localhost' identified by '123'; #单表授权 #企业里面称单列授权为 脱敏: 脱离敏感信息 grant select(user) on mysql.user to putong@'localhost' identified by '123'; grant select(user,host) on mysql.user to putong@'localhost' identified by '123'; #多列 #举例: 1.普通用户只能看到user列 grant select(user) on mysql.user to putong@'localhost' identified by '123'; 2.VIP用户能看到所有 grant all on mysql.user to vip@'localhost' identified by '123';
#开发要开一个用户连接数据库 1.进行沟通 1.1 你要操作哪些数据库哪些表? 1.2 你从哪个ip连接过来? 1.3 用户名你想用什么? 1.4 密码想设置什么? 1.5 这个用户你要用多久? 1.6发邮件 2.一般给开发什么权限 grant select,update,insert on test.* to dev@'10.0.0.101' identified by 'Lhd@123.com'; 3.千万不能随便把root权限交出去