文章目錄
1. 前置條件:
- 華爲雲 centos7.5 環境下
- docker 已經安裝完成
- docker 服務已經啓動
2. 拉取mysql:5.7的docker鏡像
[root@laoliu mysql5.7]# docker pull mysql:5.7 # 使用這個命令拉取mysql鏡像
Trying to pull repository docker.io/library/mysql ...
5.7: Pulling from docker.io/library/mysql
fc7181108d40: Pull complete
787a24c80112: Pull complete
a08cb039d3cd: Pull complete
4f7d35eb5394: Pull complete
5aa21f895d95: Pull complete
a742e211b7a2: Pull complete
0163805ad937: Pull complete
62d0ebcbfc71: Pull complete
559856d01c93: Pull complete
c849d5f46e83: Pull complete
f114c210789a: Pull complete
Digest: sha256:c3594c6528b31c6222ba426d836600abd45f554d078ef661d3c882604c70ad0a
Status: Downloaded newer image for docker.io/mysql:5.7
[root@laoliu mysql5.7]# docker images # 查看鏡像
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/mysql 5.7 a1aa4f76fab9 11 days ago 373 MB
[root@laoliu mysql5.7]#
3. 預先配置
- 配置好本地的文件目錄
[root@laoliu mysql5.7]# mkdir -p /home/project/mysql5.7/{data,conf}
[root@laoliu mysql5.7]# ll
total 0
drwxr-xr-x. 2 root root 6 Mar 10 10:01 conf
drwxr-xr-x. 2 root root 6 Mar 10 10:01 data
[root@laoliu mysql5.7]# pwd
/home/project/mysql5.7
4. 建立配置文件
- 坑1: 配置文件最好是以
.cnf
作爲後綴, 試過以.conf
後綴, 可以啓動mysql, 但配置文件不起作用. - 坑2: 修改完配置文件, 記得
docker restart containername
一下
[root@laoliu conf]# pwd
/home/project/mysql5.7/conf
[root@laoliu conf]# cat mysql5.7.cnf # 注意這裏, 我是已配置好了`mysql5.7.cnf`, 使用cat命令只是爲了查看這個文件的內容.
[client]
default-character-set=utf8
[mysql]
default-character-set=utf8
[mysqld]
init_connect='SET collation_connection = utf8_unicode_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
# default: sql_mode= STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
# modeified:
sql_mode= STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
max_allowed_packet=10M
default-time_zone='+8:00'
[root@laoliu conf]#
5. 運行命令
[root@laoliu conf]# docker run -d -p 3306:3306 --restart=always --privileged=true -v /home/project/mysql5.7/conf:/etc/mysql/conf.d -v /home/project/mysql5.7/data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 --name mysql5.7 mysql:5.7
e2c88740425a9b3eecfb3945e632255776e0fe636b008715f1444c8b8e7fd613
# 查看 容器運行狀態
[root@laoliu conf]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2c88740425a mysql:5.7 "docker-entrypoint..." 8 seconds ago Up 7 seconds 0.0.0.0:3306->3306/tcp, 33060/tcp mysql5.7
# 查看 容器運行狀態
[root@laoliu conf]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2c88740425a mysql:5.7 "docker-entrypoint..." 19 seconds ago Up 18 seconds 0.0.0.0:3306->3306/tcp, 33060/tcp mysql5.7
[root@laoliu conf]#
docker run
是啓動容器的命令;-
--restart=always
: 配置此項後, 當 Docker 重啓時,容器總是可以自動啓動, 其它參數可以參考:[no,on-failure,always]
- 1.
no
爲默認值,表示容器退出時,docker不自動重啓容器 - 2.
on-failure
表示,若容器的退出狀態非0,則docker自動重啓容器,還可以指定重啓次數,若超過指定次數未能啓動容器則放棄: - 3.
always
表示,只要容器退出,則docker將自動重啓容器
- 1.
-
--privileged=true
: 使用該參數,container內的root擁有真正的root權限, 否則,container內的root只是外部的一個普通用戶權限 -
--name
:指定了容器的名稱,方便之後進入容器的命令行 -
-d
:d指的是在後臺運行。 也可以使用-idt
,i是交互式操作,t是一個終端, -
-p
:指在本地生成一個隨機端口,用來映射mysql的3306端口 -
-e
:設置環境變量 -
MYSQL_ROOT_PASSWORD=emc123123
:指定了mysql的root密碼 -
mysql:5.7
:指運行mysql鏡像及tag -
-v
:表示掛載, 持久化存儲的關鍵所在
-
6. 使用navicat連接mysql進行檢查
在電腦本地使用navicat連接時報錯:
Host '127.0.0.1' is not allowed to connect to this MySQL server
其實就是我們的MySQL不允許遠程登錄,所以遠程登錄失敗了,解決方法如下:
[root@laoliu conf]# docker exec -it mysql5.7 /bin/bash #進入mysql5.7 容器
root@7e8060b03125:/# mysql -u root -p # 登錄mysql服務器
# 在這裏輸入mysql密碼:123456
mysql> show databases; # 查看數據庫
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.09 sec)
mysql> select host, user,plugin,authentication_string from mysql.user;
+-----------+---------------+-----------------------+-------------------------------------------+
| host | user | plugin | authentication_string |
+-----------+---------------+-----------------------+-------------------------------------------+
| localhost | mysql.session | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| % | root | mysql_native_password | *50208BAA1E29F372145D89CC187279F75FBEC2CC |
+-----------+---------------+-----------------------+-------------------------------------------+
3 rows in set (0.00 sec)
# 備註:host爲 % 表示不限制ip
# localhost表示本機使用
# plugin 非mysql_native_password則需要修改密碼
也有可能需要
mysql> update mysql.user set host='%' where user='root'; # 更新 root的 遠程登錄爲所有
Query OK, 1 row affected (0.10 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> select host, user,plugin,authentication_string from mysql.user;
+-----------+---------------+-----------------------+-------------------------------------------+
| host | user | plugin | authentication_string |
+-----------+---------------+-----------------------+-------------------------------------------+
| localhost | mysql.session | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| % | root | mysql_native_password | *50208BAA1E29F372145D89CC187279F75FBEC2CC |
+-----------+---------------+-----------------------+-------------------------------------------+
3 rows in set (0.00 sec)
# 備註:host爲 % 表示不限制ip localhost表示本機使用 plugin非mysql_native_password 則需要修改密碼
mysql> flush privileges; # 刷新權限
Query OK, 0 rows affected (0.03 sec)
但是還報錯了,報錯內容不一樣了:
1045 Access denied for user 'root'@'192.168.31.43' (usingpassword:YES)
解決方法如下:
mysql> grant all privileges on *.* to root@'%' identified by '123456'; # 給用戶授權
Query OK, 0 rows affected, 1 warning (0.11 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.04 sec)
mysql>
7. 順便說下mysql給用戶授權
mysql> grant 權限1,權限2, … 權限n on 數據庫名稱.表名稱 to 用戶名@用戶地址 identified by ‘連接口令’;
權限1,權限2,… 權限n 代表 select、insert、update、delete、create、drop、index、alter、grant、references、reload、shutdown、process、file 等14個權限。
當權限1,權限2,… 權限n 被 all privileges 或者 all 代替時,表示賦予用戶全部權限。
當 數據庫名稱.表名稱 被 . 代替時,表示賦予用戶操作服務器上所有數據庫所有表的權限。
用戶地址可以是localhost,也可以是IP地址、機器名和域名。也可以用 ‘%’ 表示從任何地址連接。
‘連接口令’ 不能爲空,否則創建失敗。
舉幾個例子:
mysql> grant select,insert,update,delete,create,drop on vtdc.employee to [email protected] identified by ‘123′;
給來自10.163.225.87的用戶joe分配可對數據庫vtdc的employee表進行select,insert,update,delete,create,drop等操作的權限,並設定口令爲123。
mysql> grant all privileges on vtdc.* to [email protected] identified by ‘123′;
給來自10.163.225.87的用戶joe分配可對數據庫vtdc所有表進行所有操作的權限,並設定口令爲123。
mysql> grant all privileges on . to [email protected] identified by ‘123′;
給來自10.163.225.87的用戶joe分配可對所有數據庫的所有表進行所有操作的權限,並設定口令爲123。
mysql> grant all privileges on . to joe@localhost identified by ‘123′;
給本機用戶joe分配可對所有數據庫的所有表進行所有操作的權限,並設定口令爲123。
8. 連接雲端mysql
- 在華爲雲上使用docker安裝好mysql後, 電腦本地連接不上,解決過程如下:
- 前置條件: 1-7都已經調試完成
# 前置條件檢查
# 檢查docker mysql 有沒有啓動
[root@ecs-s6-medium-2-linux-20191113090041 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d7fb16f4d1 mysql:5.7 "docker-entrypoint..." 23 hours ago Up 23 hours 0.0.0.0:3306->3306/tcp, 33060/tcp mysql5.7
# 果然已經停了, 那就重啓它
[root@ecs-s6-medium-2-linux-20191113090041 ~]# docker restart 00d7fb16f4d1
00d7fb16f4d1
# 現在mysql5.7服務已經啓動
[root@ecs-s6-medium-2-linux-20191113090041 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d7fb16f4d1 mysql:5.7 "docker-entrypoint..." 23 hours ago Up 7 seconds 0.0.0.0:3306->3306/tcp, 33060/tcp mysql5.7
[root@ecs-s6-medium-2-linux-20191113090041 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
00d7fb16f4d1 mysql:5.7 "docker-entrypoint..." 23 hours ago Up 14 seconds 0.0.0.0:3306->3306/tcp, 33060/tcp mysql5.7
# 進入mysql5.7 容器中檢查細節
[root@ecs-s6-medium-2-linux-20191113090041 ~]# docker exec -it mysql5.7 /bin/bash
# 已經進入容器, 使用root賬戶 登陸mysql
root@00d7fb16f4d1:/# mysql -u root -p
Enter password: ##### 在這裏輸入密碼 ########
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.28 MySQL Community Server (GPL)
Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)
# 查看數據庫用戶及其訪問權限控制
mysql> select host, user,plugin,authentication_string from mysql.user;
+-----------+---------------+-----------------------+-------------------------------------------+
| host | user | plugin | authentication_string |
+-----------+---------------+-----------------------+-------------------------------------------+
| localhost | mysql.session | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| localhost | mysql.sys | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| % | root | mysql_native_password | *50208BAA1E29F372145D89CC187279F75FBEC2CC |
+-----------+---------------+-----------------------+-------------------------------------------+
3 rows in set (0.00 sec)
mysql> exit;
Bye
root@00d7fb16f4d1:/# exit
exit
# 至此,數據庫裏的配置及權限都已經驗證完畢, 查看mysql服務有沒有啓動
[root@ecs-s6-medium-2-linux-20191113090041 ~]# netstat -an | grep 3306
tcp6 0 0 :::3306 :::* LISTEN
# 查看防火牆是否狀態 返回running 或 not running
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --state
not running
# 關閉防火牆
[root@ecs-s6-medium-2-linux-20191113090041 ~]# systemctl stop firewalld.service
# 禁用防火牆
[root@ecs-s6-medium-2-linux-20191113090041 ~]# systemctl disable firewalld.service
# 啓動防火牆
[root@ecs-s6-medium-2-linux-20191113090041 ~]# systemctl start firewalld.service
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --state
running
# 打開3306端口
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --zone=public --add-port=3306/tcp --permanent
success
# 重載防火牆
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --reload
success
# 查看80端口是否打開
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --query-port=80/tcp
no
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent
success
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --query-port=3306/tcp
yes
[root@ecs-s6-medium-2-linux-20191113090041 ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent
Warning: ALREADY_ENABLED: 80:tcp
success
8.2 華爲雲安全組配置
- 8 以上全部配置完成,就可以在電腦本地使用
navicate premuim
訪問了mysql了2