mysql阶段03 mysql多实例, 数据库主从, mysql5.6和5.7区别, 用户管理, 权限管理

一、mysql的多实例

nginx多实例,就是配置多个配置文件

mysql多实例:
1.有多个配置文件
2.多端口
3.多个socket文件
4.多个日志文件
5.多个server_id

1.创建多实例存放目录

之前数据库已安装在/usr/local/mysql下

[root@db03 ~]# mkdir /usr/local/{3307,3308,3309} -p

2.配置多实例的配置文件

[root@db03 ~]# vim /usr/local/3307/my.cnf
[mysqld]
basedir=/usr/local/mysql
datadir=/usr/local/3307/data
port=3307
socket=/usr/local/3307/mysql.sock
log-error=/usr/local/3307/data/mysql.err
log-bin=/usr/local/3307/data/mysql-bin
server_id=7

[root@db03 ~]# vim /usr/local/3308/my.cnf
[mysqld]
basedir=/usr/local/mysql
datadir=/usr/local/3308/data
port=3308
socket=/usr/local/3308/mysql.sock
log-error=/usr/local/3308/data/mysql.err
log-bin=/usr/local/3308/data/mysql-bin
server_id=8

[root@db03 ~]# vim /usr/local/3309/my.cnf
[mysqld]
basedir=/usr/local/mysql
datadir=/usr/local/3309/data
port=3309
socket=/usr/local/3309/mysql.sock
log-error=/usr/local/3309/data/mysql.err
log-bin=/usr/local/3309/data/mysql-bin
server_id=9

3.初始化多实例数据库

[root@db03 scripts]# cd /usr/local/mysql/scripts
[root@db03 scripts]# ./mysql_install_db --defaults-file=/usr/local/3307/my.cnf --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/3307/data
#看到2个ok就行

[root@db03 scripts]# ./mysql_install_db --defaults-file=/usr/local/3308/my.cnf --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/3308/data

[root@db03 scripts]# ./mysql_install_db --defaults-file=/usr/local/3309/my.cnf --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/3309/data

[root@db03 local]# tree -L 3
.
├── 3307
│   ├── data
│   │   ├── ibdata1
│   │   ├── ib_logfile0
│   │   ├── ib_logfile1
│   │   ├── mysql
│   │   ├── mysql-bin.000001
│   │   ├── mysql-bin.000002
│   │   ├── mysql-bin.index
│   │   ├── mysql.err
│   │   ├── performance_schema
│   │   └── test
│   └── my.cnf

4.授权

[root@db03 local]# chown -R mysql.mysql /usr/local/

5.启动数据库多实例

[root@db03 local]# mysqld_safe --defaults-file=/usr/local/3307/my.cnf &

[root@db03 local]# mysqld_safe --defaults-file=/usr/local/3308/my.cnf &

[root@db03 local]# mysqld_safe --defaults-file=/usr/local/3309/my.cnf &

6.检查启动

[root@db03 usr]# netstat -lntp |grep 330

7.登录验证多实例

[root@db03 ~]# mysql -uroot -S /usr/local/3307/mysql.sock -e "show variables like 'server_id';"
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| server_id     | 7     |
+---------------+-------+
[root@db03 ~]# mysql -uroot -S /usr/local/3308/mysql.sock -e "show variables like 'server_id';"
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| server_id     | 8     |
+---------------+-------+
[root@db03 ~]# mysql -uroot -S /usr/local/3309/mysql.sock -e "show variables like 'server_id';"
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| server_id     | 9     |
+---------------+-------+

8.多实例设置密码

[root@db03 ~]# mysqladmin -uroot password '123456' -S /usr/local/3307/mysql.sock
[root@db03 ~]# mysqladmin -uroot password '123456' -S /usr/local/3308/mysql.sock
[root@db03 ~]# mysqladmin -uroot password '123456' -S /usr/local/3309/mysql.sock

9.连接数据库小技巧

#通过写脚本,直接登录数据库
[root@db03 ~]# vim /usr/bin/mysql3307
mysql -uroot -p123456 -S /usr/local/3307/mysql.sock
[root@db03 ~]# vim /usr/bin/mysql3308
mysql -uroot -p123456 -S /usr/local/3308/mysql.sock
[root@db03 ~]# vim /usr/bin/mysql3309
mysql -uroot -p123456 -S /usr/local/3309/mysql.sock
#执行需要授予执行权限
[root@db03 ~]# chmod +x /usr/bin/mysql330*

[root@db03 ~]# mysql3307
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 9
...

#登录mysql,配置navicat登录账号
mysql> grant all on *.* to root@'%' identified by '123456';

 

二、数据库多实例主从

1.主库创建主从使用的用户(3307数据库)

#主从权限    replication slave    一般主从用户用rep
mysql> grant replication slave on *.* to rep@'127.0.0.1' identified by '123456';

2.主库查看binlog信息(3307数据库)

mysql> show master status;
+------------------+----------+--------------+------------------+-------------------+
| File             | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
+------------------+----------+--------------+------------------+-------------------+
| mysql-bin.000006 |      662 |              |                  |                   |
+------------------+----------+--------------+------------------+-------------------+
1 row in set (0.00 sec)

3.从库配置(3308数据库)

#从库需要知道主的信息:
    主库是谁?
    做主从同步的用户是谁?
    做主从同步的密码是多少?
    端口?
    从哪里同步?binlog名字?binlog的位置点?
    
mysql> change master to
    -> master_host='127.0.0.1',
    -> master_user='rep',
    -> master_password='123456',
    -> master_port=3307,
    -> master_log_file='mysql-bin.000006',
    -> master_log_pos=662;
Query OK, 0 rows affected, 2 warnings (0.01 sec)

4.从库开启主从复制

mysql> start slave;
Query OK, 0 rows  affected (0.01 sec)

5.查看主从状态

mysql> show slave status\G
*************************** 1. row ***************************
               Slave_IO_State: Waiting for master to send event
                  Master_Host: 127.0.0.1
                  Master_User: rep
                  Master_Port: 3307
                Connect_Retry: 60
              Master_Log_File: mysql-bin.000006
          Read_Master_Log_Pos: 662
               Relay_Log_File: db03-relay-bin.000002
                Relay_Log_Pos: 283
        Relay_Master_Log_File: mysql-bin.000006
            #下面的IO和SQL线程为yes,主从一定成功
             Slave_IO_Running: Yes    #IO是从库连接主库用的
            Slave_SQL_Running: Yes    #把主库的SQL拿过来执行一遍

6.如果IO线程是NO

#说明连接主库的过程有问题
1.监测网络
[root@db03 ~]# ping 10.0.0.7

2.监测端口
[root@db03 ~]# telnet 127.0.0.1 3307

3.监测账号密码
[root@db03 ~]# mysql -urep -p123456 -h 127.0.0.1 -P 3307

7.如果SQL线程是NO

#说明从库与主库数据不一致
解决方法:
    最根本的,先同步主库和从库数据再重新做主从

 

三、mysql5.6和mysql5.7安装的区别

1.cmake的时候加入了boostory

如果安装mysql5.7,建议使用二进制包安装,因为它已经cmake过了,已经装好了boostory了

[root@db02 mysql-5.7.20]# yum install -y gcc gcc-c++ automake autoconf
[root@db02 mysql-5.7.20]# yum install make cmake bison-devel ncurses-devel libaio-devel
[root@db02 mysql-5.7.20]#
wget httpss://dl.bintray.com/boostorg/release/1.65.1/source/boost_1_59_0.tar.gz
#登录boost.org下载也可以(也可以直接下载mysql5.7带boost的,这样不用再单独下载boost)
[root@db02 mysql-5.7.20]# tar xf boost_1_59_0.tar.gz -C /usr/local/
[root@db02 mysql-5.7.20]# cmake . -DCMAKE_INSTALL_PREFIX=/application/mysql-5.7.20 \
-DMYSQL_DATADIR=/application/mysql-5.7.20/data \
-DMYSQL_UNIX_ADDR=/application/mysql-5.7.20/tmp/mysql.sock \
#安装boost
-DDOWNLOAD_BOOST=1 \
#指定boost目录
-DWITH_BOOST=/usr/local/boost_1_59_0 \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_EXTRA_CHARSETS=all \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_FEDERATED_STORAGE_ENGINE=1 \
-DWITH_BLACKHOLE_STORAGE_ENGINE=1 \
-DWITHOUT_EXAMPLE_STORAGE_ENGINE=1 \
-DWITH_ZLIB=bundled \
-DWITH_SSL=bundled \
-DENABLED_LOCAL_INFILE=1 \
-DWITH_EMBEDDED_SERVER=1 \
-DENABLE_DOWNLOADS=1 \
-DWITH_DEBUG=0 

2.初始化的命令不一样了

#5.6初始化命令
[root@db03 ~]# /usr/local/mysql/scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data

#5.7初始化命令
[root@db03 ~]# /usr/local/mysql/bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data
--initialize 会生成一个密码文件(登录需要用这个密码)
--initialize-insecure 还可以用另外一个参数,这个不会生成密码文件(可以直接mysql登录)

 

四、mysql用户权限管理

1.linux用户和mysql用户对比

 linux系统mysql数据库
用户作用 1.登录系统 2.管理系统文件 1.登录MySQL数据库 2.管理数据库数据
创建用户 1.useradd 2.adduser 1.create user test@'%'; 2.grant(没就创)
用户密码 1.passwd lhd 2.useradd lhd -p 123 1.mysqladmin 2.create user test@'%' identified by '123'
删除用户 userdel 1.drop user test@'%'; 2.delete
修改用户 useradd update

2.在mysql中,用户是怎么定义的

#在mysql中,定义一个完整的用户是:
'用户名'@'主机域'

用户名写法:
    如果是字符不需要加引号: rep@'27.0.0.1'
    如果是数字作为用户则加引号: '123'@'127.0.0.1'
    
主机域的写法:
    localhosts
    127.0.0.1
    db01
    ::1
    %
    10.%.%.%
    10.0.%.%
    10.0.0.%    (10.0.0.1-10.0.0.255)
    10.0.0.5%    (10.0.0.50-10.0.0.59)
    10.0.0.0/255.255.255.0
    10.0.0.0/24    #可以创建,但不生效。mysql不能识别/24
    
mysql> grant all on *.* to lhd@'10.0.0.0/255.255.255.0' identified by '123';
mysql> grant all on *.* to zz@'10.0.0.0/24' identified by '123'; #可以创建,但无法用该账户登录

 

3.用户管理

1)创建用户

create user lhd@'10.0.0.%' identfied by '123';

2)查看用户

select user,host from mysql.user;

3)删除用户

drop user lhd@'10.0.0.%';

4)修改用户密码

1.命令行使用mysqladmin修改密码
[root@db03 ~]# mysqladmin -uroot -p123 password '123456'

2.授权的方式修改密码
mysql> grant all on *.* to root@'localhost' identified by '123';

3.更新数据修改密码
mysql> update mysql.user set password=password('123456') where user='root' and host='localhost';
mysql> flush privileges;    #刷新用户授权表

4.set不加条件修改密码
mysql> set password=password('123');
修改当前登录数据库用户的密码

5)忘记了root用户的密码

1.停止数据库
[root@db03 ~]# systemctl stop mysql

2.跳过授权表和网络启动数据库
[root@db03 ~]# mysqld_safe --skip-grant-tables --skip-networking &

3.连接数据库
[root@db03 ~]# mysql

4.update修改密码
mysql> update mysql.user set password=password('123456') where user='root' and host='localhost';

5.刷新授权表
mysql> flush privileges;    #刷新用户授权表

6.正常启动数据库
[root@db03 ~]# mysqladmin -p123456 shutdown
[root@db03 ~]# systemctl start mysql
[root@db03 ~]# mysql -uroot -p123456

 

4.权限管理

#授权的命令
grant all privileges on *.* to root@'localhost' identified by '123';
grant all on *.* to root@'localhost' identified by '123';
grant        #授权命令
all            #所有权限
on            #在......上
*.*            #所有库.所有表
to            #
root@'localhost'    #'用户名'@'主机域'
identified    #密码
by            #
'123'        #密码本身

1)所有权限

INSERT,SELECT,UPDATE,DELETE,CREATE,DROP,RELOAD,SHUTDOWN,PROCESS,FILE,REFERENCES,INDEX,ALTER,SHOW DATABASES,
SUPER,CREATE TEMPORARY TABLES,LOCK TABLES,EXECUTE,REPLICATION SLAVE,REPLICATION CLIENT,CREATE VIEW,SHOW VIEW,
CREATE ROUTINE,ALTER ROUTINE,CREATE USER,EVENT,TRIGGER,CREATE TABLESPACE

2)作用对象

grant all on *.* to root@'localhost' identified by '123';            #所有库所有表
grant all on mysql.* to gcc@'localhost' identified by '123';        #单库授权
grant all on mysql.user to gcc@'localhost' identified by '123';        #单表授权

#企业里面称单列授权为 脱敏: 脱离敏感信息
grant select(user) on mysql.user to putong@'localhost' identified by '123';
grant select(user,host) on mysql.user to putong@'localhost' identified by '123'; #多列

#举例:
    1.普通用户只能看到user列
    grant select(user) on mysql.user to putong@'localhost' identified by '123';
    2.VIP用户能看到所有
    grant all on mysql.user to vip@'localhost' identified by '123';

3)在企业里权限的设定

#开发要开一个用户连接数据库

1.进行沟通
    1.1 你要操作哪些数据库哪些表?
    1.2 你从哪个ip连接过来?
    1.3 用户名你想用什么?
    1.4 密码想设置什么?
    1.5 这个用户你要用多久?
    1.6发邮件
    
2.一般给开发什么权限
    grant select,update,insert on test.* to dev@'10.0.0.101' identified by 'Lhd@123.com';

3.千万不能随便把root权限交出去

 

posted @ 2024-06-08 17:01  战斗小人  阅读(4)  评论(0编辑  收藏  举报