Difference between revisions of "Installing MySQL on CentOS 7"
From rdkwiki
Line 1: | Line 1: | ||
== Intro == | == Intro == | ||
− | The steps below will configure a working MySQL 5.6 | + | The steps below will configure a working MySQL 5.6, 5.7 or 8.0 server. The steps assume that you have a (fresh) CentOS 7 server running. |
== Make MySQL available for installation == | == Make MySQL available for installation == | ||
Line 6: | Line 6: | ||
* '''rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm''' --> Make MySQL 5.6 available for installation | * '''rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm''' --> Make MySQL 5.6 available for installation | ||
* '''rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm''' --> Make MySQL 5.7 available for installation | * '''rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm''' --> Make MySQL 5.7 available for installation | ||
+ | * '''rpm -Uvh http://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm''' --> Make MySQL 8.0 available for installation | ||
== Installing MySQL == | == Installing MySQL == | ||
Line 14: | Line 15: | ||
== Securing MySQL == | == Securing MySQL == | ||
− | * '''grep "temporary password" /var/log/mysqld.log''' --> get the random password that is generated during the MySQL 5.7 installation | + | * '''grep "temporary password" /var/log/mysqld.log''' --> get the random password that is generated during the MySQL 5.7 or MySQL 8.0 installation |
* '''mysql_secure_installation''' --> default script with a few questions to harden the MySQL security | * '''mysql_secure_installation''' --> default script with a few questions to harden the MySQL security | ||
* '''mysql -h localhost -u root -p''' --> connect with the new password from the previous step | * '''mysql -h localhost -u root -p''' --> connect with the new password from the previous step | ||
Line 20: | Line 21: | ||
* '''grant all privileges on *.* to '<user>'@'<ip/subnet>' with grant option;''' --> give the new user all rights | * '''grant all privileges on *.* to '<user>'@'<ip/subnet>' with grant option;''' --> give the new user all rights | ||
* '''flush privileges;''' --> reload all privileges | * '''flush privileges;''' --> reload all privileges | ||
+ | |||
+ | == allow (the older) more compatible password authentication == | ||
+ | * add '''default-authentication-plugin=mysql_native_password''' to /etc/my.cnf | ||
== Firewall configuration == | == Firewall configuration == |
Revision as of 07:22, 29 June 2018
Contents
Intro
The steps below will configure a working MySQL 5.6, 5.7 or 8.0 server. The steps assume that you have a (fresh) CentOS 7 server running.
Make MySQL available for installation
!! This step will replace CentOS's default MariaDB
- rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm --> Make MySQL 5.6 available for installation
- rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-8.noarch.rpm --> Make MySQL 5.7 available for installation
- rpm -Uvh http://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm --> Make MySQL 8.0 available for installation
Installing MySQL
- yum install mysql-server --> install the MySQL server
- systemctl start mysqld --> start the MySQL server
- systemctl status mysqld --> check if the MySQL server is running
- systemctl enable mysqld --> make the MySQL server start at boot
Securing MySQL
- grep "temporary password" /var/log/mysqld.log --> get the random password that is generated during the MySQL 5.7 or MySQL 8.0 installation
- mysql_secure_installation --> default script with a few questions to harden the MySQL security
- mysql -h localhost -u root -p --> connect with the new password from the previous step
- create user '<user>'@'<ip/subnet>' identified by '<password>'; --> here you can use wildcards for the ip/subnet (for example: '192.168.0.%' or '%' for all hosts)
- grant all privileges on *.* to '<user>'@'<ip/subnet>' with grant option; --> give the new user all rights
- flush privileges; --> reload all privileges
allow (the older) more compatible password authentication
- add default-authentication-plugin=mysql_native_password to /etc/my.cnf
Firewall configuration
- firewall-cmd --permanent --add-service=mysql --> add MySQL service to firewall
- firewall-cmd --reload --> reload firewall with changed configuration
Move MySQL data (optional)
if you want to move the MySQL databases to another location (directory / filesystem) on your server follow the steps below.
- systemctl stop mysqld --> stop the MySQL server
- mkdir /<path>/<directory> --> create a directory of choice
- cd /var/lib/mysql --> goto the default directory
- mv * /<path>/<directory> --> move data to folder of choice
- nano /etc/my.cnf
change datadir=/var/lib/mysql to match the new path
- chown mysql.mysql /<path>/<folder> --> make MySQL owner of the new location
- systemctl start mysqld --> start the MySQL server
SELINUX restore context
if you have selinux enabled you have to restore the security settings else mysqld won't start.
- sudo yum install policycoreutils-python --> install utils
- semanage fcontext -a -t mysqld_db_t "/<path>/<folder>(/.*)?" --> apply context
- sudo restorecon -Rv /<path>/<folder> --> restore context
MySQL should start successfully again after doing this.