rockylinux8.6に mariadb を入れてみる. マルチインスタンスはこちらMariaDB/mysqld_multi
そのインストール対象のmariadbですが「dnf module」に対応していて
[root@slurmdbd ~]# dnf module list mariadb
Last metadata expiration check: 0:00:59 ago on Fri 30 Dec 2022 09:43:25 PM JST.
Rocky Linux 8 - AppStream
Name Stream Profiles Summary
mariadb 10.3 [d] client, galera, server [d] MariaDB Module
mariadb 10.5 client, galera, server [d] MariaDB Module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
[root@slurmdbd ~]#
と現状は 10.3 と 10.5 が選べて「10.3」が既定のご様子. っでmysqlも「dnf module」に対応していて
[root@slurmdbd ~]# dnf module list mysql
Last metadata expiration check: 0:02:01 ago on Fri 30 Dec 2022 09:43:25 PM JST.
Rocky Linux 8 - AppStream
Name Stream Profiles Summary
mysql 8.0 [d] client, server [d] MySQL Module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
[root@slurmdbd ~]#
こちらはmysql8.0のみ利用可能のご様子.
ここでは mariadb の 10.3 を利用します. mariadb 10.3 までは mysql 5.7 に該当、10.4から mysql 8.0 に該当とからしい
ではパッケージのインストール. 「dnf module」でのパッケージインストールに関しては FreeIPA に詳しく載せている
[root@slurmdbd ~]# dnf module install mariadb:10.3/server
(起動)
[root@slurmdbd ~]# systemctl enable mariadb --now
これで mariadb は稼働しました. 再起動時の自動起動付き
ここでちょいと確認
[root@slurmdbd ~]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.3.35-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.000 sec)
MariaDB [(none)]> \q
Bye
[root@slurmdbd ~]#
このままport 3306 を開けてデータベース内アカウントを設けるなりで使えますが、ちょいとセキュアな対策を施します
mysql_secure_installation †
文面からも施した方がいい模様、
[root@slurmdbd ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): <---- 初回なのでそのままリターン
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y <---- [MariaDB]内rootアカウントにパスワードを付けたいので[Y]を入力
New password: <---- [MariaDB]内rootのパスワードを入力します
Re-enter new password: <---- そのパスワードを再入力。(OSのrootのパスワードではない!)
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y <---- 匿名ユーザを削除しますか?で[Y]を入力
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n <---- リモートから[MariaDB]内rootアカウントを使えるようにするか。[n]を入力
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y <---- [test]データベースは削除しますか?[Y]を入力
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y <---- 権限関係を再読み込みしますか?[Y]を入力
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
[root@slurmdbd ~]#
これで多少はセキュアになって、さっきまで有効だったrootによるmysql実行で中に入れたのに
[root@slurmdbd ~]# mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
[root@slurmdbd ~]#
と拒否された. mariadbを利用するには「mysql -p」とパスワード入力を行うようにする. 「mysql -u root -p」がより明確かな
[root@slurmdbd ~]# mysql -p
Enter password: <---- 定義した[MariaDB]のrootのパスワードを入力します
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 19
Server version: 10.3.35-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | 127.0.0.1 |
| root | ::1 |
| root | localhost |
| root | slurmdbd |
+------+-----------+
MariaDB [(none)]> \q
[root@slurmdbd ~]#
firewall †
外部とのマシンと通信が必要ならfirewallに穴をあけます
[root@slurmdbd ~]# firewall-cmd --add-service=mysql --zone=public --permanent
[root@slurmdbd ~]# firewall-cmd --reload
接続経由(sock/inet) †
メモとしてつなぎ方
[root@slurmdbd ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[root@slurmdbd ~]#
な状態で
[root@slurmdbd ~]# mysql -h localhost -P 3306 -u root -p [root@slurmdbd ~]# mysql -h 127.0.0.1 -P 3306 -u root -p
Enter password: Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g. Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 27 Your MariaDB connection id is 28
Server version: 10.3.35-MariaDB MariaDB Server Server version: 10.3.35-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> status MariaDB [(none)]> status
-------------- --------------
mysql Ver 15.1 Distrib 10.3.35-MariaDB, for Linux (x86_64) using readline 5.1 mysql Ver 15.1 Distrib 10.3.35-MariaDB, for Linux (x86_64) using readline 5.1
Connection id: 27 Connection id: 28
Current database: Current database:
Current user: root@localhost Current user: root@localhost
SSL: Not in use SSL: Not in use
Current pager: stdout Current pager: stdout
Using outfile: '' Using outfile: ''
Using delimiter: ; Using delimiter: ;
Server: MariaDB Server: MariaDB
Server version: 10.3.35-MariaDB MariaDB Server Server version: 10.3.35-MariaDB MariaDB Server
Protocol version: 10 Protocol version: 10
Connection: Localhost via UNIX socket Connection: 127.0.0.1 via TCP/IP
Server characterset: latin1 Server characterset: latin1
Db characterset: latin1 Db characterset: latin1
Client characterset: utf8 Client characterset: utf8
Conn. characterset: utf8 Conn. characterset: utf8
UNIX socket: /var/lib/mysql/mysql.sock TCP port: 3306
Uptime: 30 min 17 sec Uptime: 30 min 47 sec
Threads: 6 Questions: 46 Slow queries: 0 Opens: 18 Flush tables: 1 Open (略 Threads: 6 Questions: 50 Slow queries: 0 Opens: 18 Flush tables: 1 Open (略
-------------- --------------
MariaDB [(none)]> MariaDB [(none)]>
左は「UNIX socket:」右は「TCP port:」で接続している. /etc/hostsに書かれている「localhost4」で接続すると「TCP port:」になる. ここら留意点かなと.
アプリとmariadb間で通信する際、同じ計算機で収めるのなら「UNIX socket」を使うのが宜しくて firewallに余計な穴を作らなくていいから
まぁーその際は明示的に「UNIX socket」を使う「mysql -S /var/lib/mysql/mysql.sock -u root -p」で接続した方がいいのかも.
![[PukiWiki]](image/picc.png "[PukiWiki]")
