CentOS7 APM MariaDB10.4 설치

OpenSSL최신버전 설치를 안했으면 먼저 설치하고오길 바란다.

https://chocoemon.tistory.com/2

 

1. 이전버전 MariaDB삭제

 # yum -y remove mariadb* 

 

2. yum저장소에 MariaDB10.4 다운로드 경로 등록

 참조 : https://downloads.mariadb.org/mariadb/repositories/#distro=CentOS&distro_release=centos7-amd64--centos7&mirror=liquidtelecom&version=10.4

 # vi /etc/yum.repos.d/MariaDB.repo 

 # MariaDB 10.4 RedHat repository list - created 2020-05-02 10:14 UTC 

 # http://downloads.mariadb.org/mariadb/repositories/ 

 [mariadb] 

 name = MariaDB 

 baseurl = http://yum.mariadb.org/10.4/rhel7-amd64 

 gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB 

 gpgcheck=1 

 - 입력 후 저장

 

3. MariaDB10.4 설치

 # yum -y install MariaDB-server MariaDB-client 

 

4. MariaDB 부팅시 자동시작 등록 및 시작

 # systemctl enable mariadb 

 # systemctl start mariadb 

 

5. MariaDB 설정

 # mysql_secure_installation 

 

Switch to unix_socket authentication [Y/n] n - root@localhost일 때 패스워드없이 로그인 할 수 있는 기능 

... skipping. 

 

You already have your root account protected, so you can safely answer 'n'.

 

Change the root password? [Y/n] n - 아직 패스워드 변경을 하지 않았기때문에 n 

... skipping. 

 

By default, a MariaDB installation has an anonymous user, allowing anyone

to log into MariaDB without having to have a user account created for

them. This is intended only for testing, and to make the installation

go a bit smoother. You should remove them before moving into a

production environment.

 

Remove anonymous users? [Y/n] y - 익명사용자 제거여부 

... Success!

 

Normally, root should only be allowed to connect from 'localhost'. This

ensures that someone cannot guess at the root password from the network.

 

Disallow root login remotely? [Y/n] n - 원격으로 root계정 로그인 비활성화 여부 

... skipping.

 

By default, MariaDB comes with a database named 'test' that anyone can

access. This is also intended only for testing, and should be removed

before moving into a production environment.

 

Remove test database and access to it? [Y/n] y - test DB삭제 허용여부 

- Dropping test database...

... Success!

- Removing privileges on test database...

... Success!

 

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

 

Reload privilege tables now? [Y/n] y - 지금까지 설정 했던 저장 여부 

... Success!

 

Cleaning up...

 

All done! If you've completed all of the above steps, your MariaDB

installation should now be secure.

 

Thanks for using MariaDB!

 

 # vi /etc/my.cnf.d/mysql-client.cnf 

 [mysql] 

 default-character-set=utf8mb4 - 기본 문자셋을 utf8mb4로 설정 

 … 

 [mysqldump] 

 default-character-set=utf8mb4 - dump시 기본 문자셋을 utf8mb4로 설정 

 - 입력 후 저장

 

 # vi /etc/my.cnf.d/server.cnf 

 [mysqld] 

 collation-server = utf8mb4_unicode_ci 

 init-connect='SET NAMES utf8mb4' 

 character-set-server = utf8mb4 

 default_storage_engine=innodb 

 - 입력 후 저장

 

6. 계정 설정

 # systemctl restart mariadb 

 # mysql -u root -p - root계정 패스워드와 같음 

 MariaDB [(none)]> use mysql; - DB 선택 

 MariaDB [mysql]> SELECT Host, User, Password FROM user; 

 MariaDB [mysql]> UPDATE user SET Host="%" WHERE User='root'; 

 - User가 root인 Host값을 %(어느 주소에서나 접근가능)로 변경 

 Query OK, 1 row affected (0.001 sec) 

 Rows matched: 1 Changed: 1 Warnings: 0 

 MariaDB [mysql]> flush privileges; - 적용 

 Query OK, 0 rows affected (0.000 sec) 

 

 MariaDB [mysql]> SET Password FOR 'root'@'%' = PASSWORD('패스워드'); 

 - DB root계정 패스워드 변경 

 Query OK, 0 rows affected (0.001 sec) 

 

 MariaDB [mysql]> flush privileges; - 적용 

 Query OK, 0 rows affected (0.000 sec) 

 

7. 포트포워딩 설정

 1) firewalld

 # vi /etc/firewalld/zones/public.xml 

 <?xml version="1.0" encoding="utf-8"?>
 <zone> 

 … 

  <port protocol="tcp" port="3306"/> 

 </zone> 

 - 입력 후 저장

 # firewalld-cmd --reload 

 

  2) iptables

 # iptables -I INPUT -s 0.0.0.0/0 -d 아이피 ex) 192.168.0.123 -p tcp --dport 3306 -j ACCEPT 

 # service iptables save