爲什麼有這篇博客
昨天購買了阿里雲的ecs服務器,通過xshell安裝了docker,然後在docker環境中安裝mysql,版本是8.0.21。開始一切順利,在服務器環境中能正常執行各種命令。結果在使用navicat遠程連接服務器mysql時卡住了,以下就是從卡住到解決的過程,希望能幫助到同樣遇到這個問題的人。
問題根源
先說結論,由於是阿里雲新實例,控制檯未設置規則,遠程無法訪問3306這個端口,導致了客戶端遠程連接出現10038這個錯誤。
排查過程
mysql登錄
先確定是否能正常在服務器上登錄
mysql -uroot -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 9 Server version: 8.0.21 MySQL Community Server - GPL
很顯然登錄成功,能正常操作show databases;這樣的命令
mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.00 sec)
創建數據庫
然後嘗試創建數據庫
mysql> create database test; Query OK, 1 row affected (0.00 sec) mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | | test | +--------------------+ 5 rows in set (0.00 sec) mysql> use test; Database changed mysql> show tables; Empty set (0.00 sec)
走到這一步也沒有用任何問題
root用戶遠程登錄是否授權
mysql> use mysql; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> select User,authentication_string,Host from user; +------------------+------------------------------------------------------------------------+-----------+ | User | authentication_string | Host | +------------------+------------------------------------------------------------------------+-----------+ | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 | % | | mysql.infoschema | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | localhost | | mysql.session | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | localhost | | mysql.sys | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | localhost | | root | $A$005$byLhU 'ict_qEg}A4pO6IUms8wmp1NNgUG2a.27n8HIPq..p5zMeDrtqF3 | localhost | +------------------+------------------------------------------------------------------------+-----------+ 5 rows in set (0.00 sec)
通過圖表看到有2個root賬戶,一個本地連接localhost ,一個%代表可以遠程連接。爲了保險起見,再次授權
修改用戶密碼和驗證方式
mysql> ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123456'; Query OK, 0 rows affected (0.01 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> select User,authentication_string,Host from user; +------------------+------------------------------------------------------------------------+-----------+ | User | authentication_string | Host | +------------------+------------------------------------------------------------------------+-----------+ | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 | % | | mysql.infoschema | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | localhost | | mysql.session | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | localhost | | mysql.sys | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | localhost | | root | $A$005$byLhU 'ict_qEg}A4pO6IUms8wmp1NNgUG2a.27n8HIPq..p5zMeDrtqF3 | localhost | +------------------+------------------------------------------------------------------------+-----------+ 5 rows in set (0.00 sec)
再次授權
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '123456' ; flush privileges;
還是一點反應也沒有,遠程連接依然是10038
刪除一個root賬戶,保留一個
delete from user where host="%" and user="root"; 刪除之後,就修改剩餘 root 用戶 ,把host修改爲% update user set host = '%' where user = 'root'; FLUSH PRIVILEGES;
其它類型的騷操作
1.新增test用戶,再次走授權邏輯,遠程連接失敗。
2.重啓docker,重啓mysql容器
3.查看mysql配置 my.conf裏面是否禁用遠程 bind 127.0.0.1,很顯然默認是沒有的
4.是否開啓了防火牆
5.各種查博客
最終
查到一篇博客,裏面提示 如果是ecs主機,需要檢查一下規則設置,3306是否被允許訪問, 果斷的試了試,搞定
ecs設置如下
果斷的把常用的幾個端口一起設置了 6379,8080,3306,80
結尾
如果你遇到了mysql 遠程連接10038 並且是阿里雲主機,可以考慮第一時間看看訪問規則設置,新實例默認只有一個22端口是可以訪問的。
如果確認了訪問規則設置沒有問題,可以按照我的排查步驟一個個嘗試。