CentOS7安装MySQL8.0

最近在CentOS7上安装了MySQL8.0，踩了一些坑，发现了一个比较简单的步骤，参照了这篇文章：https://www.if-not-true-then-false.com/2010/install-mysql-on-fedora-centos-red-hat-rhel/，记录如下。

1.安装MySQL的yum源

yum localinstall https://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm

2.安装MySQL

yum install mysql-community-server

3.启动MySQL服务

systemctl start mysqld.service 
systemctl enable mysqld.service

4.获取临时密码

grep 'A temporary password is generated for root@localhost' /var/log/mysqld.log |tail -1

输出如下：

2018-09-01T17:13:30.385800Z 5 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: NqLQAN?(m1=Q

root@localhost:后边的乱码就是临时密码，登陆的时候要用到

5.更改密码或使用安全安装脚本

临时密码用一次之后最好修改掉，修改密码可以用mysqladmin或者安全安装脚本进行。
更改密码：

mysqladmin -u root password [your_password_here]

使用安全安装脚本：

/usr/bin/mysql_secure_installation

脚本设置内容较长，如果没有兴趣可以跳过直接看添加远程账户那一节。

Securing the MySQL server deployment.
Enter password for user root:  # 在这里输入临时密码
The existing password for the user account root has expired. Please set a new password.
New password:  # 在这里输入新密码
Re-enter new password:  # 重复新密码

这段是设置新密码。

VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No: y # 选择是否设置密码复杂度策略
There are three levels of password validation policy:

LOW    Length >= 8 # 长度大于8
MEDIUM Length >= 8, numeric, mixed case, and special characters # 长度大于8，有数字，大小写混合，有特殊字符
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file # 在中间策略的基础上增加弱密码字典

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0 # 设置密码复杂度策略
Using existing password for root.

上边这段我安装的时候并没有见到，在设置完之后可以更新设置策略来简化密码，有关密码策略的相关内容可以看这篇文章：https://www.cnblogs.com/ivictor/p/5142809.html

Estimated strength of the password: 100 
Change the password for root ? ((Press y|Y for Yes, any other key for No) : y # 搞不明白为什么这里还要重新设置一遍
New password:  # 新密码
Re-enter new password:  # 重复新密码
Estimated strength of the password: 50 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y

先检查了密码复杂度，然后又重新设置了一遍密码

By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.

Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done! 

这段比较长，但是都无关紧要，一路按y就行

6. 添加远程账户

MySQL 8.0的安全策略比之前的版本要严格很多，如果想通过远程访问不能直接改my.conf了，需要到MySQL中去设置
登陆MySQL

mysql -u root -p

创建远程用户

# 创建db
mysql> CREATE DATABASE webdb;
# 添加用户和密码到监听ip，注意这里的ip应该是本机与外界通信的物理ip
mysql> CREATE USER 'webdb_user'@'10.0.15.25' IDENTIFIED BY 'password123';
# 为用户设置权限
mysql> GRANT ALL ON webdb.* TO 'webdb_user'@'10.0.15.25';
# 刷新策略
mysql> FLUSH PRIVILEGES;