作为开发者,业务服务器和数据服务器,一般肯定是部署在不同的主机上,所以mysql 用户授权,远程访问,大家肯定玩的比较多了,网上的博客一大堆
Mysql 默认是只允许使用 host:localhost,或者 host:127.0.0.1,如果想用使用IP访问,就要重新授权。
具体如下:
-
msyql数据库
# mysql所在DB服务器 192.168.137.32
-
授权步骤
# 授权远程任何ip访问 grant all privileges on *.* to 'cat'@'%' iedentified by '123456'; # 刷新生效 flush privileges
-
navicat测试
直接用navicat链接,测试,肯定没有问题
-
远程ip测试
# 注意 192.168.137.31 是业务服务器 mysql -ucat -h 192.168.137.31 -p
连接也没有问题,很完美
-
DB服务器上IP访问
# 注意是 DB服务器本身的ip 访问 k8s-worknode1是hostname,请无视 [root@k8s-worknode1 ~]# mysql -ugpcat -h 192.168.137.32 -p Enter password: ERROR 1045 (28000): Access denied for user 'gpcat'@'k8s-worknode1' (using password: YES)
为什么不能本地Ip访问呢?
-
查看授权详情
mysql> select Host,User from mysql.user; +-----------+-------+ | Host | User | +-----------+-------+ | % | cat | | 127.0.0.1 | root | | ::1 | root | | localhost | | | localhost | root | +-----------+-------+
授权没错啊,也是刷新权限生效了啊,那是为啥呢?
-
继续查看授权详情
mysql> SELECT host,user,Grant_priv,Super_priv FROM mysql.user; +-----------+-------+------------+------------+ | host | user | Grant_priv | Super_priv | +-----------+-------+------------+------------+ | localhost | root | Y | Y | | 127.0.0.1 | root | Y | Y | | ::1 | root | Y | Y | | localhost | | N | N | | % | cat | N | Y | +-----------+-------+------------+------------+
注意,cat用户的,
Grant_priv='N',Super_priv='Y'
来,大家在回忆一下cat用户的授权方式,也就是步骤1
# 授权远程任何ip访问 grant all privileges on *.* to 'cat'@'%' iedentified by '123456'; # 刷新生效 flush privileges
也就是说,网上的一大推各种博客,Ip授权,默认的其实,还是只能开启远程的IP访问,本地IP访问其实还是没有开启的,坑啊,网上各种粘贴复制的,害死人
-
主动开启,本地IP访问
mysql> update mysql.user set Grant_priv='Y' where user='cat'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 # 刷新生效 flush privileges # 查看授权详情 mysql> SELECT host,user,Grant_priv,Super_priv FROM mysql.user; +-----------+-------+------------+------------+ | host | user | Grant_priv | Super_priv | +-----------+-------+------------+------------+ | localhost | root | Y | Y | | 127.0.0.1 | root | Y | Y | | ::1 | root | Y | Y | | localhost | | N | N | | % | cat | Y | Y | +-----------+-------+------------+------------+
-
再次验证本地IP访问
[root@k8s-masternode ~]# mysql -ucat -h 192.168.137.31 -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 12 Server version: 5.6.46 MySQL Community Server (GPL) Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
-
如果想直接授权
# 注意带上 with grant option; grant all privileges on *.* to 'cat'@'%' iedentified by '123456' with grant option;
这才是完整的授权方式,不要再被网上的粘贴复制迷惑了