AlpineLinux安装部署MariaDB
简单来说,MariaDB被视为MySQL的一个社区驱动的分支,它保留了MySQL的许多特性和功能,同时引入了一些新的特性和改进。许多用户和组织选择使用MariaDB,因为它提供了更多的自由度和对未来许可证变更的保护。而对于一些需要特定Oracle支持或特定MySQL功能的用例,依然使用MySQL是首选。
这里不对两者间的差异做任何介绍,仅介绍如何在 Alpine Linux 下安装 MariaDB。在Alpine Linux上安装MariaDB很简单,和其他的发行版本一样,使用在线仓库安装即可。
更新软件包索引:
打开终端并以root用户身份登录,更新Alpine Linux的软件包索引:
localhost:~# apk update
fetch http://mirrors.ustc.edu.cn/alpine/v3.20/main/x86_64/APKINDEX.tar.gz
fetch http://mirrors.ustc.edu.cn/alpine/v3.20/community/x86_64/APKINDEX.tar.gz
v3.20.3-159-g093e185483c [http://mirrors.ustc.edu.cn/alpine/v3.20/main]
v3.20.3-164-gfc2a8ea9609 [http://mirrors.ustc.edu.cn/alpine/v3.20/community]
OK: 24169 distinct packages available
安装MariaDB:
Alpine Linux的软件仓库中包含的是MariaDB。哪怕你执行的是apk add mysql mysql-client,安装的也是MariaDB的服务端和客户端。下面的命令将安装MariaDB服务器和客户端工具 。
localhost:~# apk add mariadb mariadb-client
(1/12) Installing mariadb-common (10.11.8-r0)
(2/12) Installing skalibs (2.14.1.1-r0)
(3/12) Installing utmps-libs (0.1.2.2-r1)
(4/12) Installing linux-pam (1.6.0-r0)
(5/12) Installing libxml2 (2.12.7-r0)
(6/12) Installing mariadb (10.11.8-r0)
Executing mariadb-10.11.8-r0.pre-install
(7/12) Installing mariadb-openrc (10.11.8-r0)
(8/12) Installing perl (5.38.2-r0)
(9/12) Installing perl-error (0.17029-r2)
(10/12) Installing perl-git (2.45.2-r0)
(11/12) Installing git-perl (2.45.2-r0)
(12/12) Installing mariadb-client (10.11.8-r0)
Executing busybox-1.36.1-r29.trigger
OK: 777 MiB in 131 packages
初始化MySQL数据目录:
在首次启动前,需要初始化MySQL的数据库文件。这可以通过以下命令完成:
localhost:~# rc-service mariadb setup
* Creating a new MySQL database ...
Installing MariaDB/MySQL system tables in '/var/lib/mysql' ...
OK
To start mariadbd at boot time you have to copy
support-files/mariadb.service to the right place for your system
Two all-privilege accounts were created.
One is root@localhost, it has no password, but you need to
be system 'root' user to connect. Use, for example, sudo mysql
The second is mysql@localhost, it has no password either, but
you need to be the system 'mysql' user to connect.
After connecting you can set the password, if you would need to be
able to connect as any of these users with a password and without sudo
See the MariaDB Knowledgebase at https://mariadb.com/kb
You can start the MariaDB daemon with:
cd '/usr' ; /usr/bin/mariadbd-safe --datadir='/var/lib/mysql'
You can test the MariaDB daemon with mysql-test-run.pl
cd '/usr/mysql-test' ; perl mariadb-test-run.pl
Please report any problems at https://mariadb.org/jira
The latest information about MariaDB is available at https://mariadb.org/.
Consider joining MariaDB's strong and vibrant community:
https://mariadb.org/get-involved/
[ ok ]
启动MySQL服务:
启动MariaDB服务:
localhost:~# rc-service mariadb start
* Caching service dependencies ... [ ok ]
* Starting mariadb ...
241014 16:08:53 mysqld_safe Logging to syslog.
241014 16:08:53 mysqld_safe Starting mariadbd daemon with databases from /var/lib/mysql [ ok ]
你可以使用以下命令来确认MariaDB服务是否正在运行:
localhost:~# ps -ef | grep mysql
3810 mysql 0:00 /usr/bin/mariadbd --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib/mariadb/plugin --user=mysql --pid-file=/run/mysqld/mariadb.pid
3811 root 0:00 logger -t mysqld -p daemon.error
3835 root 0:00 grep mysql
设置MySQL安全配置:
运行mysql_secure_installation命令来设置root用户的密码和其他安全选项:
localhost:~# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] n
... skipping.
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] n
... skipping.
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] n
... skipping.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
按照提示输入密码和其他选项
- Enter current password for root (enter for none):输入当前MariaDB的root用户的密码,新安装完成的默认密码为空,这里直接回车就可以了。
- Switch to unix_socket authentication [Y/n]:切换到unix的认证,咱们用自己的root用户密码,不用系统的,这里选 n 。
- Change the root password? [Y/n]:是否修改 root 用户的密码,选是,然后输入一个密码用于 root 用户登录时使用。
- Remove anonymous users? [Y/n]:是否移除其他的用户,MariaDB或者说MariaDB在安装服务端的时候,会默认创建几个用户,为了安全,建议这里输入 y 删除这些用户。
- Disallow root login remotely? [Y/n]:是否屏蔽root用户的远程登录,基于安全考虑,建议屏蔽root用户的远程登录功能。
- Remove test database and access to it? [Y/n]:是否删除test库及其相关权限?安装过程创建了一个名为test的库,同样是建议生产环境的话,将其删除。
- Reload privilege tables now? [Y/n]:是否刷新权限表。输入 y 。上面的设置需要生效,需要刷新权限表。
本地登录MariaDB
上面的步骤在安装MariaDB服务端时也安装了MariaDB的客户端,我们直接在命令行中进行登录的测试:
localhost:~# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.11.8-MariaDB Alpine Linux
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| test |
+--------------------+
5 rows in set (0.003 sec)
配置MariaDB以允许远程连接:
编辑MariaDB配置文件以允许远程连接:
vi /etc/my.cnf.d/mariadb-server.cnf
找到skip-networking添加注释,找到# bind-address = 0.0.0.0行取消注释:
skip-networking
# bind-address = 0.0.0.0
将其修改为:
#skip-networking
bind-address = 0.0.0.0
这将允许来自任何IP地址的远程客户端连接到MariaDB。保存并退出编辑器 。
重启MySQL服务: 使更改生效:
localhost:~# rc-service mariadb restart
* Stopping mariadb ... [ ok ]
* Starting mariadb ...
241014 16:37:28 mysqld_safe Logging to syslog.
241014 16:37:28 mysqld_safe Starting mariadbd daemon with databases from /var/lib/mysql [ ok ]
远程使用DBeaver测试远程登录
上面的初始化中,已经禁止了root用户的远程登录,我们在这里重新新建一个可以远程登录的账号,并且给它管理员的权限
MariaDB [(none)]> CREATE USER 'remoteuser'@'%' IDENTIFIED BY 'your_password';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'remoteuser'@'%' WITH GRANT OPTION;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.001 sec)
在远程的电脑使用DBeaver来进行远程的连接测试:
添加开机自启动
上面的步骤一切正常之后, 就可以给 mariadb 添加到开机自启动中去。
localhost:~# rc-update add mariadb
* service mariadb added to runlevel default