This topic describes how to manually deploy a specific version of a MySQL database on a Linux ECS instance.
Prerequisites
-
A public IP address is automatically assigned to the ECS instance. Alternatively, an elastic IP address (EIP) is associated with the ECS instance. For instructions on how to enable public bandwidth, see Enable public bandwidth.
-
The ECS instance's security group must have an inbound rule that allows traffic on port 22. For instructions, see Add a security group rule.
Deploy MySQL
Alibaba Cloud Linux 3
-
Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.
-
Install the MySQL database.
# Install compat-openssl10 for compatibility with older OpenSSL libraries. sudo yum install -y compat-openssl10 # Add the official MySQL repository. sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el8-1.noarch.rpm # Install the MySQL service. sudo dnf install -y mysql-server # Start the MySQL service and enable it to start on boot. sudo systemctl start mysqld sudo systemctl enable mysqld -
Retrieve the temporary root password.
echo $(PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log); PASSWORD=${PASSWORD##* }; echo $PASSWORD) -
Run the following command to start the MySQL secure installation wizard.
sudo mysql_secure_installation-
Enter the temporary password for the
rootuser.NoteThe password is not displayed as you type. Ensure you enter it correctly.
Securing the MySQL server deployment. Enter password for user root: -
When prompted that the root password has expired, set a new password for the
rootuser. You must enter the new password twice.ImportantThe password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.
The existing password for the user account root has expired. Please set a new password. New password: Re-enter new password: -
After you change the
rootpassword, enter n to skip changing the password again.Change the password for root ? (Press y|Y for Yes, any other key for No) : -
At the
Remove anonymous users?prompt, enter y.NoteRemoving anonymous users helps prevent access to your MySQL server without a user account.
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : -
At the
Disallow root login remotely?prompt, enter y to prohibit remote login for the MySQLrootuser.NoteIf you need to allow remote
rootlogin for a specific reason, press any key other thanY.Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : -
At the
Remove test database and access to it?prompt, enter y to remove the defaulttestdatabase.By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : -
At the
Reload privilege tables now?prompt, enter y to apply your changes.Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) :
-
Alibaba Cloud Linux 2
-
Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.
-
Install the MySQL database.
# Add the official MySQL repository. sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el7-1.noarch.rpm # Install the MySQL service. sudo yum install -y mysql-server # Start the MySQL service and enable it to start on boot. sudo systemctl start mysqld sudo systemctl enable mysqld -
Retrieve the temporary root password.
echo $(PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log); PASSWORD=${PASSWORD##* }; echo $PASSWORD) -
Run the following command to start the MySQL secure installation wizard.
sudo mysql_secure_installation-
Enter the temporary password for the
rootuser.NoteThe password is not displayed as you type. Ensure you enter it correctly.
Securing the MySQL server deployment. Enter password for user root: -
When prompted that the root password has expired, set a new password for the
rootuser. You must enter the new password twice.ImportantThe password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.
The existing password for the user account root has expired. Please set a new password. New password: Re-enter new password: -
After you change the
rootpassword, enter n to skip changing the password again.Change the password for root ? (Press y|Y for Yes, any other key for No) : -
At the
Remove anonymous users?prompt, enter y.NoteRemoving anonymous users helps prevent access to your MySQL server without a user account.
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : -
At the
Disallow root login remotely?prompt, enter y to prohibit remote login for the MySQLrootuser.NoteIf you need to allow remote
rootlogin for a specific reason, press any key other thanY.Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : -
At the
Remove test database and access to it?prompt, enter y to remove the defaulttestdatabase.By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : -
At the
Reload privilege tables now?prompt, enter y to apply your changes.Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) :
-
CentOS 8
-
Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.
-
Install the MySQL database.
# Add the official MySQL repository. sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el8-1.noarch.rpm # Install the MySQL service. sudo dnf install -y mysql-server # Start the MySQL service and enable it to start on boot. sudo systemctl start mysqld sudo systemctl enable mysqld -
Run the following command to start the MySQL secure installation wizard.
sudo mysql_secure_installation-
At the
Would you like to setup VALIDATE PASSWORD component?prompt, enter y to enable theVALIDATE PASSWORDcomponent.Securing the MySQL server deployment. Connecting to MySQL using a blank password. VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component? Press y|Y for Yes, any other key for No: -
Enter 2 to set the password policy level to
STRONG. This policy requires passwords to be at least 8 characters long, contain numbers, mixed-case letters, special characters, and not be based on a dictionary file.There are three levels of password validation policy: LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: -
Set a new password for the
rootuser. You must enter the new password twice.New password: Re-enter new password: Estimated strength of the password: 100ImportantThe password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.
-
At the
Do you wish to continue with the password provided?prompt, enter y.Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : -
At the
Remove anonymous users?prompt, enter y.NoteRemoving anonymous users helps prevent access to your MySQL server without a user account.
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : -
At the
Disallow root login remotely?prompt, enter y to prohibit remote login for the MySQLrootuser.NoteIf you need to allow remote
rootlogin for a specific reason, press any key other thanY.Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : -
At the
Remove test database and access to it?prompt, enter y to remove the defaulttestdatabase.By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : -
At the
Reload privilege tables now?prompt, enter y to apply your changes.Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) :
-
CentOS 7
-
Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.
-
Install the MySQL database.
# Add the official MySQL repository. sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el7-1.noarch.rpm # Install the MySQL service. sudo yum install -y mysql-server # Start the MySQL service and enable it to start on boot. sudo systemctl start mysqld sudo systemctl enable mysqld -
Retrieve the temporary root password.
echo $(PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log); PASSWORD=${PASSWORD##* }; echo $PASSWORD) -
Run the following command to start the MySQL secure installation wizard.
sudo mysql_secure_installation-
Enter the temporary password for the
rootuser.NoteThe password is not displayed as you type. Ensure you enter it correctly.
Securing the MySQL server deployment. Enter password for user root: -
When prompted that the root password has expired, set a new password for the
rootuser. You must enter the new password twice.ImportantThe password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.
The existing password for the user account root has expired. Please set a new password. New password: Re-enter new password: -
After you change the
rootpassword, enter n to skip changing the password again.Change the password for root ? (Press y|Y for Yes, any other key for No) : -
At the
Remove anonymous users?prompt, enter y.NoteRemoving anonymous users helps prevent access to your MySQL server without a user account.
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : -
At the
Disallow root login remotely?prompt, enter y to prohibit remote login for the MySQLrootuser.NoteIf you need to allow remote
rootlogin for a specific reason, press any key other thanY.Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : -
At the
Remove test database and access to it?prompt, enter y to remove the defaulttestdatabase.By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : -
At the
Reload privilege tables now?prompt, enter y to apply your changes.Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) :
-
Ubuntu/Debian
-
Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.
-
Run the following command to update your package list.
sudo apt-get update -
Install the MySQL APT repository.
# Download the APT configuration package. sudo wget https://dev.mysql.com/get/mysql-apt-config_0.8.33-1_all.deb # Use the dpkg command to install the downloaded MySQL APT configuration package. sudo dpkg -i mysql-apt-config_0.8.33-1_all.deb-
(Optional) If the
mysql-apt-configscript detects that your operating system version is not officially supported, an interface appears. Select the most compatible supported version to continue.NoteTo find your system codename, see FAQ.
Configuring mysql-apt-config The detected system (ubuntu bionic) is not supported by MySQL. If you believe the platform is compatible with one of the supported systems, one of the corresponding repositories may be selected. Add repository to unsupported system? ubuntu lunar ubuntu focal ubuntu jammy ubuntu noble ubuntu oracular debian bookworm abort <Ok> -
The configuration page lists all components to be installed, including MySQL Server, Client, and Tools. Verify the version and components, use the arrow keys to navigate to
Ok, and then press Enter.Configuring mysql-apt-config The MySQL APT Repository features MySQL Server along with a variety of components. You may select the desired products to install and update from the official MySQL Repository, and also select the associated version series. Select "Ok" to save the configuration, and then execute "apt update" to load the selected package list. This configuration can be updated later, depending on your needs. Which MySQL product do you wish to configure? MySQL Server & Cluster (Currently selected: mysql-8.4-lts) MySQL Connectors (Currently selected: Enabled) Ok <Ok>
-
-
Install the MySQL server.
ImportantDuring the installation, the Configuring mysql-community-server dialog box prompts you to set a password for the MySQL
rootuser. The password policy requires a password to be at least 8 characters long and include an uppercase letter, a lowercase letter, a digit, and a special character. In the Enter root password field, enter your password and select Ok. In the next Configuring mysql-community-server dialog box, re-enter the password in the Re-enter root password field and select Ok to confirm. If you leave the password field blank, UNIX socket authentication is enabled. Keep this password secure.# Update the package list. sudo apt update # Install the MySQL server. sudo apt install -y mysql-server # Start the MySQL service. sudo systemctl start mysql # Check the service status. sudo systemctl status mysql # Enable the service to start on boot. sudo systemctl enable mysql -
Run the following command to start the MySQL secure installation wizard.
sudo mysql_secure_installation-
Enter the password for the
rootuser. -
At the
Would you like to setup VALIDATE PASSWORD component?prompt, enter y to enable theVALIDATE PASSWORDcomponent.Securing the MySQL server deployment. Connecting to MySQL using a blank password. VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component? Press y|Y for Yes, any other key for No: -
Enter 2 to set the password policy level to
STRONG. This policy requires passwords to be at least 8 characters long, contain numbers, mixed-case letters, special characters, and not be based on a dictionary file.There are three levels of password validation policy: LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: -
Because you set the root password during the apt install step, you can skip changing it now. Enter n to continue.
NoteIf you need to change the
rootuser password, entery. -
At the
Remove anonymous users?prompt, enter y.NoteRemoving anonymous users helps prevent access to your MySQL server without a user account.
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : -
At the
Disallow root login remotely?prompt, enter y to prohibit remote login for the MySQLrootuser.NoteIf you need to allow remote
rootlogin for a specific reason, press any key other thanY.Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : -
At the
Remove test database and access to it?prompt, enter y to remove the defaulttestdatabase.By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : -
At the
Reload privilege tables now?prompt, enter y to apply your changes.Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) :
-
Add a remote MySQL user
-
Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.
-
Ensure the instance's security group has an inbound rule that allows traffic on port 3306. If you use a different port, adjust the security group settings accordingly. For more information, see Add a security group rule.
-
Run the following command to create a user and grant remote access permissions to all MySQL databases.
Important-
Replace
<username>with the username that you want to create. -
Replace
<password>with the password for the MySQL user. The password must be at least 8 characters long and include an uppercase letter, a lowercase letter, a digit, and a special character.
# After you run the command, enter the password for the root user. sudo mysql -uroot -p \ -e "CREATE USER '<username>'@'%' IDENTIFIED BY '<password>';" \ -e "GRANT ALL PRIVILEGES ON *.* TO '<username>'@'%' WITH GRANT OPTION;" \ -e "FLUSH PRIVILEGES;" -
-
Verify the connection by using the new user's credentials.
# Replacewith the username of the user that you created. After you run the command, enter the password for the new user. sudo mysql -u<username> -p