環境：

Red Hat Enterprise Linux Server release 7.2 (Maipo)

mysql-5.7.18-linux-glibc2.5-x86_64.tar.gz

安裝需求：

libaio

MySQL 5.7.19 and later 需要安裝libnuma，由於本次測試為5.7.18，不需要安裝libnuma.

如之前安裝過MySQL，清除一下目錄和檔案

/etc/my.cnf or the /etc/mysql

rhel7以後需要取消RemoveIPC限制

[root@rhelb mysql]# vi /etc/systemd/logind.conf

#RemoveIPC=yes -> RemoveIPC=no

檢查軟體包是否安裝

[root@rhelb mysql]# rpm -qa | grep libaio

關閉防火牆

[root@rhelb yum.repos.d]# vi /etc/sysconfig/selinux

SELINUX=enforcing-> SELINUX=disabled

關閉系統THP,rhel7以後和之前關閉THP檔案有變化，rhel7及以後關閉方式如下：

[root@rhelb yum.repos.d]# cat /sys/kernel/mm/transparent_hugepage/enabled

[always] madvise never

在quiet後新增 transparent_hugepage=never

[root@rhelb yum.repos.d]# cat /etc/default/grub

GRUB_TIMEOUT=5

GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"

GRUB_DEFAULT=saved

GRUB_DISABLE_SUBMENU=true

GRUB_TERMINAL_OUTPUT="console"

GRUB_CMDLINE_LINUX="crashkernel=auto rhgb quiet transparent_hugepage=never "

GRUB_DISABLE_RECOVERY="true"

新增後重啟主機

[root@rhelb yum.repos.d]# cat /sys/kernel/mm/transparent_hugepage/enabled

always madvise [never]

配置yum源，rhel7以後，新建一個新的yum資料庫

[root@rhelb mysql]# mount /dev/sr0 /mnt

[root@rhelb yum.repos.d]# ls -lrt

total 8

-rw-r--r--. 1 root root 91 Aug 16 23:11 rhel.repo

-rw-r--r--. 1 root root 358 Aug 16 23:12 redhat.repo

[root@rhelb yum.repos.d]# more /etc/yum.repos.d/rhel.repo

[rhel7_server]

name=added from: file:///rhel7/dvd

baseurl=file:///mnt

enabled=1

gpgcheck=0

安裝軟體包：

[root@rhelb mysql]# yum -y install libaio.x86_64

......

Installed:

libaio.x86_64 0:0.3.109-13.el7

Complete!

MySQL二進位制目錄說明：

Directory	Contents of Directory
`bin`	mysqld server, client and utility programs
`docs`	MySQL manual in Info format
`man`	Unix manual pages
`include`	Include (header) files
`lib`	Libraries
`share`	Error messages, dictionary, and SQL for database installation
`support-files`	Miscellaneous support files

解壓軟體：

[root@rhelb soft]# tar -xzvf mysql-5.7.18-linux-glibc2.5-x86_64.tar.gz

[root@rhelb soft]# mv mysql-5.7.18-linux-glibc2.5-x86_64 /usr/local/mysql

建立相關使用者：

[root@rhelb mysql]# groupadd mysql

[root@rhelb mysql]# useradd -r -g mysql -s /bin/false mysql

[root@rhelb mysql]# cd /usr/local

[root@rhelb local]# mkdir /data

[root@rhelb local]# chown -R mysql:mysql /usr/local/mysql/

[root@rhelb local]# chown -R mysql:mysql /data/

[root@rhelb local]# chmod 750 /data/

初始化資料庫：

檢視mysqld引數：

root@rhelb mysql]# bin/mysqld --verbose --help |more

mysqld: Can't change dir to '/var/lib/mysql/' (Errcode: 2 - No such file or directory)

bin/mysqld Ver 5.7.18 for linux-glibc2.5 on x86_64 (MySQL Community Server (GPL))

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Starts the MySQL database server.

Usage: bin/mysqld [OPTIONS]

Default options are read from the following files in the given order:

/etc/my.cnf /etc/mysql/my.cnf /usr/local/mysql/etc/my.cnf ~/.my.cnf

The following groups are read: mysqld server mysqld-5.7

The following options may be given as the first argument:

......

[root@rhelb mysql]# ./bin/mysqld --initialize --user=mysql --basedir=/data/ --datadir=/data/

2018-08-21T09:11:34.367385Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).

2018-08-21T09:11:34.367604Z 0 [ERROR] Can't find error-message file '/data/share/errmsg.sys'. Check error-message file location and 'lc-messages-dir' configuration directive.

2018-08-21T09:11:34.632615Z 0 [Warning] InnoDB: New log files created, LSN=45790

2018-08-21T09:11:34.705037Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.

2018-08-21T09:11:34.997455Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 33b8197c-a522-11e8-83a6-080027073030.

2018-08-21T09:11:35.001885Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.

2018-08-21T09:11:35.004186Z 1 [Note] A temporary password is generated for root@localhost: kdivr2ax2P,K

root初始化密碼kdivr2ax2P,K

[root@rhelb mysql]# ls -lrt /data/

total 110628

-rw-r----- 1 mysql mysql 50331648 Aug 21 05:11 ib_logfile1

-rw-r----- 1 mysql mysql 56 Aug 21 05:11 auto.cnf

drwxr-x--- 2 mysql mysql 8192 Aug 21 05:11 performance_schema

drwxr-x--- 2 mysql mysql 4096 Aug 21 05:11 mysql

drwxr-x--- 2 mysql mysql 8192 Aug 21 05:11 sys

-rw-r----- 1 mysql mysql 419 Aug 21 05:11 ib_buffer_pool

-rw-r----- 1 mysql mysql 50331648 Aug 21 05:11 ib_logfile0

-rw-r----- 1 mysql mysql 12582912 Aug 21 05:11 ibdata1

配置ssl，會話安全方面考慮，如不需要可以不配置

[root@rhelb mysql]# bin/mysql_ssl_rsa_setup

Generating a 2048 bit RSA private key

.................................+++

...+++

writing new private key to 'ca-key.pem'

-----

Generating a 2048 bit RSA private key

..........................................................................+++

.+++

writing new private key to 'server-key.pem'

-----

Generating a 2048 bit RSA private key

..............................+++

..................................................................+++

writing new private key to 'client-key.pem'

配置引數檔案，如果不配置[client]客戶端連線時提示/tmp/socket.sock

[root@rhelb etc]# vi /etc/my.cnf

[mysqld]

port = 3306

pid-file = /data/mysql3306.pid

datadir = /data/

socket = /data/mysql3306.sock

slow_query_log_file = /data/slow.log

log-error = /data/error.log

[client]

socket = /data/mysql3306.sock

MySQL取消安全隱患：

a)為root使用者設定密碼
b)刪除匿名賬號
c)取消root使用者遠端登入
d)刪除test庫和對test庫的訪問許可權
e)重新整理授權表使修改生效

root@rhelb mysql]# bin/mysql_secure_installation

Securing the MySQL server deployment.

Enter password for user root:

Error: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)

[root@rhelb mysql]# bin/mysql_secure_installation -S /data/mysql3306.sock

Securing the MySQL server deployment.

Enter password for user root:

Error: Access denied for user 'root'@'localhost' (using password: NO)

[root@rhelb mysql]# bin/mysql_secure_installation -S /data/mysql3306.sock

Securing the MySQL server deployment.

Enter password for user root: <<——日誌中臨時生成的密碼

The existing password for the user account root has expired. Please set a new password.

New password:

Re-enter new password:

VALIDATE PASSWORD PLUGIN can be used to test passwords

and improve security. It checks the strength of password

and allows the users to set only those passwords which are

secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No: Y

There are three levels of password validation policy:

LOW Length >= 8

MEDIUM Length >= 8, numeric, mixed case, and special characters

STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1

Using existing password for root.

Estimated strength of the password: 100

Change the password for root ? ((Press y|Y for Yes, any other key for No) :

... skipping.

By default, a MySQL installation has an anonymous user,

allowing anyone to log into MySQL without having to have

a user account created for them. This is intended only for

testing, and to make the installation go a bit smoother.

You should remove them before moving into a production

environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y

Success.

Normally, root should only be allowed to connect from

'localhost'. This ensures that someone cannot guess at

the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y

Success.

By default, MySQL comes with a database named 'test' that

anyone can access. This is also intended only for testing,

and should be removed before moving into a production

environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y

- Dropping test database...

Success.

- Removing privileges on test database...

Success.

Reloading the privilege tables will ensure that all changes

made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y

Success.

All done!

配置服務啟動：

[root@rhelb mysql]# cp support-files/mysql.server /etc/init.d/

[root@rhelb mysql]# service mysql.server start

Starting MySQL. SUCCESS!

[root@rhelb mysql]# ps -ef | grep mysql

root 3486 1 0 05:51 pts/2 00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/ --pid-file=/data/mysql3306.pid

mysql 3653 3486 6 05:51 pts/2 00:00:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/error.log --pid-file=/data/mysql3306.pid --socket=/data/mysql3306.sock --port=3306

root 3685 2711 0 05:51 pts/2 00:00:00 grep --color=auto mysql

[root@rhelb etc]# mysql -uroot -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 4

Server version: 5.7.18 MySQL Community Server (GPL)

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> status;

--------------

mysql Ver 14.14 Distrib 5.7.18, for linux-glibc2.5 (x86_64) using EditLine wrapper

Connection id: 4

Current database:

Current user: root@localhost

SSL: Not in use

Current pager: stdout

Using outfile: ''

Using delimiter: ;

Server version: 5.7.18 MySQL Community Server (GPL)

Protocol version: 10

Connection: Localhost via UNIX socket

Server characterset: latin1

Db characterset: latin1

Client characterset: utf8

Conn. characterset: utf8

UNIX socket: /data/mysql3306.sock

Uptime: 12 sec

Threads: 1 Questions: 6 Slow queries: 0 Opens: 105 Flush tables: 1 Open tables: 98 Queries per second avg: 0.500

--------------

RHEL 7.2 安裝二進位制MySQL 5.7.18

相關文章