Install Mysql installation on cenos 7

การติดตั้ง mysql บน enterprise centos 7 สามารถเลือกติดตั้ง ได้จาก MySQL community yum repository หรือ mariadb

Install Reposioty

MYSQL community เปิด browser ไปที่

    https://dev.mysql.com/downloads/repo/yum/

    wget https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
    md5sum mysql57-community-release-el7-11.noarch.rpm

    output
    c070b754ce2de9f714ab4db4736c7e05  mysql57-community-release-el7-11.noarch.rpm

ตรวจสอบค่า output ออกมา

    sudo rpm -ivh mysql57-community-release-el7-11.noarch.rpm
    sudo yum install mysql-server
    sudo systemctl start mysqld
    sudo systemctl enable mysqld
    sudo systemctl status mysqld

Output

    ● mysqld.service - MySQL Server
       Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
       Active: active (running) since Mon 2018-02-12 04:10:30 UTC; 7min ago
         Docs: man:mysqld(8)
                       http://dev.mysql.com/doc/refman/en/using-systemd.html
     Main PID: 4378 (mysqld)
       CGroup: /system.slice/mysqld.service
               └─4378 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid

    Feb 12 04:10:25 localhost.localdomain systemd[1]: Starting MySQL Server...
    Feb 12 04:10:30 localhost.localdomain systemd[1]: Started MySQL Server.

security firewall

ตั้งค่า ไฟล์วอล ที่ พอร์ต 3306 โดยกำหนดให้กับ interface eth1 ใน zone truested การ active โซนใน ไฟล์วอลจะเกิดขึ้นโดยอัตโนมัติทันทีที่มีการ add interace ให้แก่ โซน ในคำสั่ง firewall-cmd จะต้อง ระบุบ --permanent ทุกครั้ง และจึงทำการ --reload

    sudo systemctl start firewalld
    sudo systemctl enable firewalld
    sudo firewall-cmd --get-zones
    sudo firewall-cmd --get-default-zone
    sudo firewall-cmd --list-all

    //output
    public (active)
      target: default
      icmp-block-inversion: no
      interfaces: eth0 eth1
      sources:
      services: dhcpv6-client ssh
      ports:
      protocols:
      masquerade: no
      forward-ports:
      sourceports:
      icmp-blocks:
      rich rules:

    sudo firewall-cmd --permanent --add-interface=eth1 --zone=trusted
    sudo firewall-cmd --permanent --zone=trusted --add-source=192.168.30.0/24
    sudo firewall-cmd --permanent --zone=trusted --add-port=3306/tcp
    sudo firewall-cmd  --reload
    $ firewall-cmd --get-active-zones
    //output
    public
      interfaces: eth0
    trusted
      interfaces: eth1
      sources: 192.168.30.0/24

หลังการติดตั้ง installer ได้ทำการสร้าง temporary password ให้ตรวจสอบดังนี้


    $ sudo grep 'temporary password'  /var/log/mysqld.log
    2018-02-12T04:10:28.290165Z 1 [Note] A temporary password is generated \
    for root@localhost: ?eUbcipl:8E8


    $ sudo mysql_secure_installation

    Securing the MySQL server deployment.

    Enter password for user root:

หลังจากกรอก รหัสชั่วคราวเรียบร้อย ระบบจะให้เราทำการเปลี่ยน password อีกครั้งword อีกครั้ง


    The existing password for the user account root has expired. Please set a new password.

    New password:

ให้กรอก password มีความยาว 12 character ประกอบด้วยอักษรตัวเลข ตัวใหญ่ ตัวเลข และ อักขระพิเศษ ระบบจะแสดงผลยืนยันความมั่นใจอีกครั้ง หากเรามัน่ใจให้ตอบ no

    Output
    Estimated strength of the password: 100
    Change the password for root ? (Press y|Y for Yes, any other key for No) :

ยกเลิก anonymous users

     ... skipping.
    By default, a MySQL installation has an anonymous user,
    allowing anyone to log into MySQL without having to have
    a user account created for them. This is intended only for
    testing, and to make the installation go a bit smoother.
    You should remove them before moving into a production
    environment.

    Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
    Success.

ยกเลิก root login remote

    Normally, root should only be allowed to connect from
    'localhost'. This ensures that someone cannot guess at
    the root password from the network.

    Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
    Success.

    By default, MySQL comes with a database named 'test' that
    anyone can access. This is also intended only for testing,
    and should be removed before moving into a production
    environment.

remove test database


    Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
     - Dropping test database...
    Success.

     - Removing privileges on test database...
    Success.

    Reloading the privilege tables will ensure that all changes
    made so far will take effect immediately.

reload


    Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
    Success.

    All done!

Login

ทำการ login mysql -u root -p -h localhost

    $ mysql -u root -p
    Enter password:
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 7
    Server version: 5.7.21 MySQL Community Server (GPL)

    Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.

    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

    mysql>

แต่หาก login ด้วย -h 192.168.30.10 จะไม่สามารถ ที่เข้าถึงได้ use root

    $ mysql -u root -p -h 192.168.30.10
    Enter password:
    ERROR 1130 (HY000): Host '192.168.30.1' is not allowed to connect to this MySQL server

กลับไปยัง เครื่อง mysql database

    mysql> CREATE USER 'dbadmin'@'localhost' IDENTIFIED BY 'P@ssw0rd';
    Query OK, 0 rows affected (0.00 sec)

    mysql> CREATE USER 'dbadmin'@'192.168.30.1' IDENTIFIED BY 'P@ssw0rd';
    Query OK, 0 rows affected (0.00 sec)

    mysql> CREATE DATABASE mydatabase;

    mysql> use mysql;
    Database changed
    mysql> SELECT host,user FROM user;
    +--------------+---------------+
    | host         | user          |
    +--------------+---------------+
    | 192.168.30.1 | dbadmin       |
    | localhost    | dbadmin       |
    | localhost    | mysql.session |
    | localhost    | mysql.sys     |
    | localhost    | root          |
    +--------------+---------------+
    5 rows in set (0.00 sec)

Grant permission

    GRANT type_of_permission ON database_name.table_name TO ‘username’@'localhost’;

type_of_permission สามารถเลือกได้ดังนี้

  • ALL PRIVILEGES- as we saw previously, this would allow a MySQL user full access to a designated database (or if no database is selected, global access across the system)
  • CREATE- allows them to create new tables or databases
  • DROP- allows them to them to delete tables or databases
  • DELETE- allows them to delete rows from tables
  • INSERT- allows them to insert rows into tables
  • SELECT- allows them to use the SELECT command to read through databases
  • UPDATE- allow them to update table rows
  • GRANT OPTION- allows them to grant or remove other users' privileges
    mysql> GRANT ALL PRIVILEGES ON mydatabase.* to 'dbadmin'@'localhost';
    Query OK, 0 rows affected (0.00 sec)

    mysql> GRANT ALL PRIVILEGES ON mydatabase.* to 'dbadmin'@'192.168.30.1';
    Query OK, 0 rows affected (0.00 sec)

    mysql> FLUSH PRIVILEGES;

    mysql> SHOW GRANTS FOR dbadmin@localhost;
    +-----------------------------------------------------------------+
    | Grants for dbadmin@localhost                                    |
    +-----------------------------------------------------------------+
    | GRANT USAGE ON *.* TO 'dbadmin'@'localhost'                     |
    | GRANT ALL PRIVILEGES ON `mydatabase`.* TO 'dbadmin'@'localhost' |
    +-----------------------------------------------------------------+
    2 rows in set (0.00 sec)

ทดสอบการ login จาก 192.168.30.1 (host) โดยการเปิด terminal ขึ้นมาใหม่จากเครื่อง host

    $ mysql -u dbadmin -p -h 192.168.30.10
    Enter password:
    Welcome to the MySQL monitor.  Commands end with ; or \g.
    Your MySQL connection id is 14
    Server version: 5.7.21 MySQL Community Server (GPL)

    Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.

    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

    mysql> SHOW databases;
    +--------------------+
    | Database           |
    +--------------------+
    | information_schema |
    | mydatabase         |
    +--------------------+
    2 rows in set (0.00 sec)

Install MYSQL Workbench

เป็นเครื่องมือสำหรับการบริหารจัดการ ฐานข้อมูล โดยไปยัง https://www.mysql.com/products/workbench/ <https://www.mysql.com/products/workbench/>_ Download ใช้งานได้ทั้ง window, linux , mac

results matching ""

    No results matching ""