All Products
Search
Document Center

Elastic Compute Service:Install MySQL on a Linux instance

Last Updated:Jun 20, 2026

This topic describes how to manually deploy a specific version of a MySQL database on a Linux ECS instance.

Prerequisites

  • A public IP address is automatically assigned to the ECS instance. Alternatively, an elastic IP address (EIP) is associated with the ECS instance. For instructions on how to enable public bandwidth, see Enable public bandwidth.

  • The ECS instance's security group must have an inbound rule that allows traffic on port 22. For instructions, see Add a security group rule.

Deploy MySQL

Alibaba Cloud Linux 3

  1. Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.

  2. Install the MySQL database.

    # Install compat-openssl10 for compatibility with older OpenSSL libraries.
    sudo yum install -y compat-openssl10
    # Add the official MySQL repository.
    sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el8-1.noarch.rpm
    # Install the MySQL service.
    sudo dnf install -y mysql-server
    # Start the MySQL service and enable it to start on boot.
    sudo systemctl start mysqld
    sudo systemctl enable mysqld
  3. Retrieve the temporary root password.

    echo $(PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log); PASSWORD=${PASSWORD##* }; echo $PASSWORD)
  4. Run the following command to start the MySQL secure installation wizard.

    sudo mysql_secure_installation
    1. Enter the temporary password for the root user.

      Note

      The password is not displayed as you type. Ensure you enter it correctly.

      Securing the MySQL server deployment.
      Enter password for user root:
    2. When prompted that the root password has expired, set a new password for the root user. You must enter the new password twice.

      Important

      The password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.

      The existing password for the user account root has expired. Please set a new password.
      New password:
      Re-enter new password:
    3. After you change the root password, enter n to skip changing the password again.

      Change the password for root ? (Press y|Y for Yes, any other key for No) :
    4. At the Remove anonymous users? prompt, enter y.

      Note

      Removing anonymous users helps prevent access to your MySQL server without a user account.

      By default, a MySQL installation has an anonymous user,
      allowing anyone to log into MySQL without having to have
      a user account created for them. This is intended only for
      testing, and to make the installation go a bit smoother.
      You should remove them before moving into a production
      environment.
      Remove anonymous users? (Press y|Y for Yes, any other key for No) :
    5. At the Disallow root login remotely? prompt, enter y to prohibit remote login for the MySQL root user.

      Note

      If you need to allow remote root login for a specific reason, press any key other than Y.

      Normally, root should only be allowed to connect from
      'localhost'. This ensures that someone cannot guess at
      the root password from the network.
      Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
    6. At the Remove test database and access to it? prompt, enter y to remove the default test database.

      By default, MySQL comes with a database named 'test' that
      anyone can access. This is also intended only for testing,
      and should be removed before moving into a production
      environment.
      Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
    7. At the Reload privilege tables now? prompt, enter y to apply your changes.

      Reloading the privilege tables will ensure that all changes
      made so far will take effect immediately.
      Reload privilege tables now? (Press y|Y for Yes, any other key for No) :

Alibaba Cloud Linux 2

  1. Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.

  2. Install the MySQL database.

    # Add the official MySQL repository.
    sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el7-1.noarch.rpm
    # Install the MySQL service.
    sudo yum install -y mysql-server
    # Start the MySQL service and enable it to start on boot.
    sudo systemctl start mysqld
    sudo systemctl enable mysqld
  3. Retrieve the temporary root password.

    echo $(PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log); PASSWORD=${PASSWORD##* }; echo $PASSWORD)
  4. Run the following command to start the MySQL secure installation wizard.

    sudo mysql_secure_installation
    1. Enter the temporary password for the root user.

      Note

      The password is not displayed as you type. Ensure you enter it correctly.

      Securing the MySQL server deployment.
      Enter password for user root:
    2. When prompted that the root password has expired, set a new password for the root user. You must enter the new password twice.

      Important

      The password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.

      The existing password for the user account root has expired. Please set a new password.
      New password:
      Re-enter new password:
    3. After you change the root password, enter n to skip changing the password again.

      Change the password for root ? (Press y|Y for Yes, any other key for No) :
    4. At the Remove anonymous users? prompt, enter y.

      Note

      Removing anonymous users helps prevent access to your MySQL server without a user account.

      By default, a MySQL installation has an anonymous user,
      allowing anyone to log into MySQL without having to have
      a user account created for them. This is intended only for
      testing, and to make the installation go a bit smoother.
      You should remove them before moving into a production
      environment.
      Remove anonymous users? (Press y|Y for Yes, any other key for No) :
    5. At the Disallow root login remotely? prompt, enter y to prohibit remote login for the MySQL root user.

      Note

      If you need to allow remote root login for a specific reason, press any key other than Y.

      Normally, root should only be allowed to connect from
      'localhost'. This ensures that someone cannot guess at
      the root password from the network.
      Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
    6. At the Remove test database and access to it? prompt, enter y to remove the default test database.

      By default, MySQL comes with a database named 'test' that
      anyone can access. This is also intended only for testing,
      and should be removed before moving into a production
      environment.
      Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
    7. At the Reload privilege tables now? prompt, enter y to apply your changes.

      Reloading the privilege tables will ensure that all changes
      made so far will take effect immediately.
      Reload privilege tables now? (Press y|Y for Yes, any other key for No) :

CentOS 8

  1. Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.

  2. Install the MySQL database.

    # Add the official MySQL repository.
    sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el8-1.noarch.rpm
    # Install the MySQL service.
    sudo dnf install -y mysql-server
    # Start the MySQL service and enable it to start on boot.
    sudo systemctl start mysqld
    sudo systemctl enable mysqld
  3. Run the following command to start the MySQL secure installation wizard.

    sudo mysql_secure_installation
    1. At the Would you like to setup VALIDATE PASSWORD component? prompt, enter y to enable the VALIDATE PASSWORD component.

      Securing the MySQL server deployment.
      Connecting to MySQL using a blank password.
      VALIDATE PASSWORD COMPONENT can be used to test passwords
      and improve security. It checks the strength of password
      and allows the users to set only those passwords which are
      secure enough. Would you like to setup VALIDATE PASSWORD component?
      Press y|Y for Yes, any other key for No:
    2. Enter 2 to set the password policy level to STRONG. This policy requires passwords to be at least 8 characters long, contain numbers, mixed-case letters, special characters, and not be based on a dictionary file.

      There are three levels of password validation policy:
      LOW    Length >= 8
      MEDIUM Length >= 8, numeric, mixed case, and special characters
      STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file
      Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
    3. Set a new password for the root user. You must enter the new password twice.

      New password:
      
      Re-enter new password:
      
      Estimated strength of the password: 100
      Important

      The password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.

    4. At the Do you wish to continue with the password provided? prompt, enter y.

      Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) :
    5. At the Remove anonymous users? prompt, enter y.

      Note

      Removing anonymous users helps prevent access to your MySQL server without a user account.

      By default, a MySQL installation has an anonymous user,
      allowing anyone to log into MySQL without having to have
      a user account created for them. This is intended only for
      testing, and to make the installation go a bit smoother.
      You should remove them before moving into a production
      environment.
      Remove anonymous users? (Press y|Y for Yes, any other key for No) :
    6. At the Disallow root login remotely? prompt, enter y to prohibit remote login for the MySQL root user.

      Note

      If you need to allow remote root login for a specific reason, press any key other than Y.

      Normally, root should only be allowed to connect from
      'localhost'. This ensures that someone cannot guess at
      the root password from the network.
      Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
    7. At the Remove test database and access to it? prompt, enter y to remove the default test database.

      By default, MySQL comes with a database named 'test' that
      anyone can access. This is also intended only for testing,
      and should be removed before moving into a production
      environment.
      Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
    8. At the Reload privilege tables now? prompt, enter y to apply your changes.

      Reloading the privilege tables will ensure that all changes
      made so far will take effect immediately.
      Reload privilege tables now? (Press y|Y for Yes, any other key for No) :

CentOS 7

  1. Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.

  2. Install the MySQL database.

    # Add the official MySQL repository.
    sudo rpm -Uvh https://repo.mysql.com/mysql84-community-release-el7-1.noarch.rpm
    # Install the MySQL service.
    sudo yum install -y mysql-server
    # Start the MySQL service and enable it to start on boot.
    sudo systemctl start mysqld
    sudo systemctl enable mysqld
  3. Retrieve the temporary root password.

    echo $(PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log); PASSWORD=${PASSWORD##* }; echo $PASSWORD)
  4. Run the following command to start the MySQL secure installation wizard.

    sudo mysql_secure_installation
    1. Enter the temporary password for the root user.

      Note

      The password is not displayed as you type. Ensure you enter it correctly.

      Securing the MySQL server deployment.
      Enter password for user root:
    2. When prompted that the root password has expired, set a new password for the root user. You must enter the new password twice.

      Important

      The password policy requires a password to be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one digit, and one special character.

      The existing password for the user account root has expired. Please set a new password.
      New password:
      Re-enter new password:
    3. After you change the root password, enter n to skip changing the password again.

      Change the password for root ? (Press y|Y for Yes, any other key for No) :
    4. At the Remove anonymous users? prompt, enter y.

      Note

      Removing anonymous users helps prevent access to your MySQL server without a user account.

      By default, a MySQL installation has an anonymous user,
      allowing anyone to log into MySQL without having to have
      a user account created for them. This is intended only for
      testing, and to make the installation go a bit smoother.
      You should remove them before moving into a production
      environment.
      Remove anonymous users? (Press y|Y for Yes, any other key for No) :
    5. At the Disallow root login remotely? prompt, enter y to prohibit remote login for the MySQL root user.

      Note

      If you need to allow remote root login for a specific reason, press any key other than Y.

      Normally, root should only be allowed to connect from
      'localhost'. This ensures that someone cannot guess at
      the root password from the network.
      Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
    6. At the Remove test database and access to it? prompt, enter y to remove the default test database.

      By default, MySQL comes with a database named 'test' that
      anyone can access. This is also intended only for testing,
      and should be removed before moving into a production
      environment.
      Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
    7. At the Reload privilege tables now? prompt, enter y to apply your changes.

      Reloading the privilege tables will ensure that all changes
      made so far will take effect immediately.
      Reload privilege tables now? (Press y|Y for Yes, any other key for No) :

Ubuntu/Debian

  1. Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.

  2. Run the following command to update your package list.

    sudo apt-get update
  3. Install the MySQL APT repository.

    # Download the APT configuration package.
    sudo wget https://dev.mysql.com/get/mysql-apt-config_0.8.33-1_all.deb
    # Use the dpkg command to install the downloaded MySQL APT configuration package.
    sudo dpkg -i mysql-apt-config_0.8.33-1_all.deb
    1. (Optional) If the mysql-apt-config script detects that your operating system version is not officially supported, an interface appears. Select the most compatible supported version to continue.

      Note

      To find your system codename, see FAQ.

      Configuring mysql-apt-config
      The detected system (ubuntu bionic) is not supported by MySQL. If you believe the platform is compatible with one of the supported systems, one of the corresponding repositories may be selected.
      Add repository to unsupported system?
                                  ubuntu lunar
                                  ubuntu focal
                                  ubuntu jammy
                                  ubuntu noble
                                  ubuntu oracular
                                  debian bookworm
                                  abort
                                     <Ok>
    2. The configuration page lists all components to be installed, including MySQL Server, Client, and Tools. Verify the version and components, use the arrow keys to navigate to Ok, and then press Enter.

      Configuring mysql-apt-config
      The MySQL APT Repository features MySQL Server along with a variety of components. You may select the desired products to install and update from the official MySQL Repository, and also select the associated version series.
      Select "Ok" to save the configuration, and then execute "apt update" to load the selected package list. This configuration can be updated later, depending on your needs.
      Which MySQL product do you wish to configure?
          MySQL Server & Cluster (Currently selected: mysql-8.4-lts)
          MySQL Connectors (Currently selected: Enabled)
          Ok
                                    <Ok>
  4. Install the MySQL server.

    Important

    During the installation, the Configuring mysql-community-server dialog box prompts you to set a password for the MySQL root user. The password policy requires a password to be at least 8 characters long and include an uppercase letter, a lowercase letter, a digit, and a special character. In the Enter root password field, enter your password and select Ok. In the next Configuring mysql-community-server dialog box, re-enter the password in the Re-enter root password field and select Ok to confirm. If you leave the password field blank, UNIX socket authentication is enabled. Keep this password secure.

    # Update the package list.
    sudo apt update
    # Install the MySQL server.
    sudo apt install -y mysql-server
    # Start the MySQL service.
    sudo systemctl start mysql
    # Check the service status.
    sudo systemctl status mysql
    # Enable the service to start on boot.
    sudo systemctl enable mysql
  5. Run the following command to start the MySQL secure installation wizard.

    sudo mysql_secure_installation
    1. Enter the password for the root user.

    2. At the Would you like to setup VALIDATE PASSWORD component? prompt, enter y to enable the VALIDATE PASSWORD component.

      Securing the MySQL server deployment.
      Connecting to MySQL using a blank password.
      VALIDATE PASSWORD COMPONENT can be used to test passwords
      and improve security. It checks the strength of password
      and allows the users to set only those passwords which are
      secure enough. Would you like to setup VALIDATE PASSWORD component?
      Press y|Y for Yes, any other key for No:
    3. Enter 2 to set the password policy level to STRONG. This policy requires passwords to be at least 8 characters long, contain numbers, mixed-case letters, special characters, and not be based on a dictionary file.

      There are three levels of password validation policy:
      LOW    Length >= 8
      MEDIUM Length >= 8, numeric, mixed case, and special characters
      STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file
      Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
    4. Because you set the root password during the apt install step, you can skip changing it now. Enter n to continue.

      Note

      If you need to change the root user password, enter y.

    5. At the Remove anonymous users? prompt, enter y.

      Note

      Removing anonymous users helps prevent access to your MySQL server without a user account.

      By default, a MySQL installation has an anonymous user,
      allowing anyone to log into MySQL without having to have
      a user account created for them. This is intended only for
      testing, and to make the installation go a bit smoother.
      You should remove them before moving into a production
      environment.
      Remove anonymous users? (Press y|Y for Yes, any other key for No) :
    6. At the Disallow root login remotely? prompt, enter y to prohibit remote login for the MySQL root user.

      Note

      If you need to allow remote root login for a specific reason, press any key other than Y.

      Normally, root should only be allowed to connect from
      'localhost'. This ensures that someone cannot guess at
      the root password from the network.
      Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
    7. At the Remove test database and access to it? prompt, enter y to remove the default test database.

      By default, MySQL comes with a database named 'test' that
      anyone can access. This is also intended only for testing,
      and should be removed before moving into a production
      environment.
      Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
    8. At the Reload privilege tables now? prompt, enter y to apply your changes.

      Reloading the privilege tables will ensure that all changes
      made so far will take effect immediately.
      Reload privilege tables now? (Press y|Y for Yes, any other key for No) :

Add a remote MySQL user

  1. Connect to the ECS instance. For more information, see Log on to a Linux instance using Workbench.

  2. Ensure the instance's security group has an inbound rule that allows traffic on port 3306. If you use a different port, adjust the security group settings accordingly. For more information, see Add a security group rule.

  3. Run the following command to create a user and grant remote access permissions to all MySQL databases.

    Important
    • Replace <username> with the username that you want to create.

    • Replace <password> with the password for the MySQL user. The password must be at least 8 characters long and include an uppercase letter, a lowercase letter, a digit, and a special character.

    # After you run the command, enter the password for the root user.
    sudo mysql -uroot -p \
    -e "CREATE USER '<username>'@'%' IDENTIFIED BY '<password>';" \
    -e "GRANT ALL PRIVILEGES ON *.* TO '<username>'@'%' WITH GRANT OPTION;" \
    -e "FLUSH PRIVILEGES;"
  4. Verify the connection by using the new user's credentials.

    # Replace  with the username of the user that you created. After you run the command, enter the password for the new user.
    sudo mysql -u<username> -p

References

FAQ