##############################
2017-08-08 笔记
一、优化部分
1.操作系统参数调优
2.数据库参数调优
3.防火墙设置等
#############################
二、安装部分
1.创建用户和组
# groupadd mysql
# useradd -g mysql mysql
2.创建数据库安装目录、授权
# mkdir /mysql /mysql/data /mysql/log
# chown -R mysql:mysql /usr/local/mysql
3.到安装目录,解压安装文件
#cd /usr/local
# tar -zxvf mysql-5.7.19-linux-glibc2.12-x86_64.tar.gz
# mv mysql-5.7.19-linux-glibc2.12-x86_64 mysql
4.授权
# chown -R mysql.mysql mysql
5.验证权限
# ls -l mysql
total 52
drwxr-xr-x 2 mysql mysql 4096 Aug 8 04:06 bin
-rw-r--r-- 1 mysql mysql 17987 Jun 22 22:13 COPYING
drwxr-xr-x 2 mysql mysql 4096 Aug 8 04:06 docs
drwxr-xr-x 3 mysql mysql 4096 Aug 8 04:06 include
drwxr-xr-x 5 mysql mysql 4096 Aug 8 04:06 lib
drwxr-xr-x 4 mysql mysql 4096 Aug 8 04:06 man
-rw-r--r-- 1 mysql mysql 2478 Jun 22 22:13 README
drwxr-xr-x 28 mysql mysql 4096 Aug 8 04:06 share
drwxr-xr-x 2 mysql mysql 4096 Aug 8 04:06 support-files
6.编辑参数文件
vim /etc/my.cnf
[client]
port = 3306
socket = /tmp/mysql.sock
[mysqld]
server_id=10
port = 3306
user = mysql
character-set-server = utf8mb4
default_storage_engine = innodb
log_timestamps = SYSTEM
socket = /tmp/mysql.sock
basedir = /usr/local/mysql
datadir = /mysql/data
pid-file = /mysql/data/mysql.pid
max_connections = 1000
max_connect_errors = 1000
table_open_cache = 1024
max_allowed_packet = 128M
open_files_limit = 65535
#####====================================[innodb]==============================
innodb_buffer_pool_size = 1024M
innodb_file_per_table = 1
innodb_write_io_threads = 4
innodb_read_io_threads = 4
innodb_purge_threads = 2
innodb_flush_log_at_trx_commit = 1
innodb_log_file_size = 512M
innodb_log_files_in_group = 2
innodb_log_buffer_size = 16M
innodb_max_dirty_pages_pct = 80
innodb_lock_wait_timeout = 30
innodb_data_file_path=ibdata1:1024M:autoextend
innodb_undo_tablespaces=3
#####====================================[log]==============================
log_error = /mysql/log/mysql-error.log
slow_query_log = 1
long_query_time = 1
slow_query_log_file = /mysql/log/mysql-slow.log
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES
7.安装数据库
# ./bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/mysql/data --innodb_undo_tablespaces=3 --explicit_defaults_for_timestamp
8.配置启动文件
cp support-files/mysql.server /etc/init.d/mysql
chkconfig --add mysql
chkconfig mysql on
service mysql start
9.配置环境变量
vi /etc/profile
#for mysql
mysql_home=/usr/local/mysql
PATH=$PATH:$mysql_home/bin
source /etc/profile
10.查看默认密码
grep -i password /mysql/log/mysql-error.log
11.初始化密码
mysql -uroot -p‘xxxxx‘
SET PASSWORD=PASSWORD(‘root‘);
flush privileges;
12.数据库常规启停
# mysqladmin -uroot -proot shutdown
#mysqld_safe --defaults-file=/etc/my.cnf &
#ps -ef|grep mysql
13.安全配置
# mysql_secure_installation
Securing the MySQL server deployment.
Enter password for user root:
VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?
Press y|Y for Yes, any other key for No: y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2
Using existing password for root.
Estimated strength of the password: 25
Change the password for root ? ((Press y|Y for Yes, any other key for No) : y
New password:
Re-enter new password:
Sorry, passwords do not match.
New password:
Re-enter new password:
Sorry, passwords do not match.
New password:
Re-enter new password:
Estimated strength of the password: 50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
... Failed! Error: Your password does not satisfy the current policy requirements
New password:
Re-enter new password:
Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
‘localhost‘. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.
By default, MySQL comes with a database named ‘test‘ that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
本文出自 “roidba” 博客,请务必保留此出处http://roidba.blog.51cto.com/12318731/1954372
原文地址:http://roidba.blog.51cto.com/12318731/1954372