MySQL database advanced chapter_account management and MySQL master-slave

Advanced MySQL Database

Account management (for understanding only)

• When operating a database in a production environment, you must not use the root account to connect. Instead, create a specific account, grant this account specific operation permissions, and then connect to operate. The main operation is data crud

• MySQL account system: According to the different permissions of the account, MySQL accounts can be divided into the following types of
  *service instance-level accounts: When a mysqld is started, it is a database instance; if a user such as root has a service instance-level Assigned permissions, then the account can delete all databases, as well as the tables in these databases

  • Database-level account: perform all operations of adding, deleting, modifying and checking a specific database

  • Data table-level account: perform all operations such as adding, deleting, modifying, and querying specific tables

  • Field-level permissions: perform operations on specific fields of certain tables

  • Stored program-level account: add, delete, modify, and check stored programs

  • Account operations mainly include creating accounts, deleting accounts, modifying passwords, authorization permissions, etc.

note:

进行账户操作时，需要使用root账户登录，这个账户拥有最高的实例级权限
通常都使用数据库级操作权限

Granted permission

Need to use instance-level account to log in and operate, take root as an example

The main operations include:

• View all users
• change Password
• delete users

View all users

• All user and permission information is stored in the user table of the mysql database
• View the structure of the user table

desc user;

• Main field description:
  • Host indicates the host allowed to access
  • User represents the user name
  • authentication_string represents the password, which is the encrypted value

View all users

select host,user,authentication_string from user;

result

mysql> select host,user,authentication_string from user;

host	user	authentication_string
localhost	root	* E74858DB86EBA20BC33D0AECAE8A8108C56B17FA
localhost	mysql.sys	*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE
localhost	debian-sys-maint	* EFED9C764966EDB33BB7318E1CBD122C0DFE4827

3 rows in set (0.00 sec)

Create account, authorize

• Need to use instance-level account to log in and operate, take root as an example
• Common permissions mainly include: create, alter, drop, insert, update, delete, select
• If you assign all privileges, you can use all privileges

创建账户&授权
grant 权限列表 on 数据库 to '用户名'@'访问主机' identified by '密码';

示例1：
Create a laowang account with a password of 123456, which can only be accessed locally, and can only read all the tables in the jing_dong database

• step1: Log in as root

mysql -uroot -p
回车后写密码，然后回车

• step2: Create an account and grant all permissions

grant select on jing_dong.* to 'laowang'@'localhost' identified by '123456';

说明:

1、可以操作python数据库的所有表，方式为:jing_dong.*
2、访问主机通常使用 百分号% 表示此账户可以使用任何ip的主机登录访问此数据库
3、访问主机可以设置成 localhost或具体的ip，表示只允许本机或特定主机访问
4、查看用户有哪些权限


show grants for laowang@localhost;

• step3: log out of root

quit

• step4: Log in with laowang account

mysql -ulaowang -p
回车后写密码，然后回车

• The landing effect is as follows

Account operation

Modify permissions

grant 权限名称 on 数据库 to 账户@主机 with grant option;

change Password

使用root登录，修改mysql数据库的user表

• Use password() function for password encryption

update user set authentication_string=password('新密码') where user='用户名';
例：
update user set authentication_string=password('123') where user='laowang';

• Note that you need to refresh the permissions after the modification is completed

刷新权限：flush privileges

Remote login (dangerous use with caution)

Use with caution
Use with caution
Use with caution

If you use the msyql command in an Ubuntu to remotely connect to another mysql server, you can do it in the following way, but this method is just good for understanding, don’t use it in an actual production environment

修改 /etc/mysql/mysql.conf.d/mysqld.cnf 文件

vim /etc/mysql/mysql.conf.d/mysqld.cnf

Then restart msyql

service mysql restart

Test the connection in another Ubuntu

If it still fails to connect, the possible reasons are:

1. network issue

通过 ping xxx.xxx.xx.xxx可以发现网络是否正常

2) Check whether the database is configured with the bind_address parameter

本地登录数据库查看my.cnf文件和数据库当前参数show variables like 'bind_address';

如果设置了bind_address=127.0.0.1 那么只能本地登录

3) Check whether the skip_networking parameter is set in the database

如果设置了该参数，那么只能本地登录mysql数据库

4) Is the port specified correctly?

Delete account

• Syntax 1: Log in as root

drop user '用户名'@'主机';
例：
drop user 'laowang'@'%';

• Syntax 2: Log in as root and delete the data in the user table of the mysql database

delete from user where user='用户名';
例：
delete from user where user='laowang';

-- 操作结束之后需要刷新权限
flush privileges

• It is recommended to use Syntax 1 to delete users. If the deletion fails using Syntax 1, use Syntax 2

What should I do if I forget the root account password!!

• Generally, it is not our turn to manage the root account, so don't be a fan.
• What if? I'll check the solution for forgetting the mysql root user password (skip-grant-tables)

MySQL master-slave (for understanding only)

Definition of master-slave synchronization

Master-slave synchronization allows data to be replicated from one database server to other servers. When replicating data, one server acts as the master and the remaining servers act as slaves. Because replication is performed asynchronously, the slave server does not need to be connected to the master server all the time, and the slave server can even connect to the master server intermittently by dialing. Through the configuration file, you can specify to copy all databases, a certain database, or even a certain table on a certain database.

Benefits of using master-slave synchronization:

• Improve the performance of the database by adding slave servers, perform write and update on the master server, and provide read functions on the slave server, which can dynamically adjust the number of slave servers, thereby adjusting the performance of the entire database.

• Improve data security, because the data has been copied to the slave server, the slave server can terminate the replication process, so it can be backed up on the slave server without destroying the corresponding data of the master server

• Real-time data is generated on the master server, and the data is analyzed on the slave server to improve the performance of the master server.

Master-slave synchronization mechanism

The master-slave synchronization between Mysql servers is based on the binary log mechanism. The master server uses the binary log to record changes in the database. The slave server reads and executes the log file to keep the data consistent with the master server.

When using the binary log, all operations of the master server will be recorded, and then the slave server will receive a copy of the log. The slave server can specify which type of event in the log is executed (for example, only insert data or only update data), and all statements in the log will be executed by default.

Each slave server will record information about the binary log: file name and processed statements, which means that different slave servers can execute different parts of the same binary log, and the slave server can connect or interrupt the connection with the server at any time .

The master server and each slave server must be configured with a unique ID number (there is a server-id configuration item under the [mysqld] module of the my.cnf file). In addition, each slave server also needs to pass the CHANGE MASTER TO statement Configure the ip address of the main server it wants to connect to, the name of the log file and the location in the log (this information is stored in the main server's database).

Basic steps to configure master-slave synchronization

There are many ways to configure master-slave synchronization, which can be summarized as the following steps:

• On the main server, the binary log mechanism must be turned on and an independent ID must be configured
• On each slave server, configure a unique ID, and create an account to specifically copy the data of the master server
• Before starting the copy process, record the location information of the binary file on the master server
• If there is already data in the database before starting to copy, you must first create a data snapshot (you can use mysqldump to export the database, or copy the data file directly)
• Configure the IP address and login authorization of the master server to be connected from the server, the binary log file name and location

How to configure master-slave synchronization in detail

Reference materials: Database read and write separation, master-slave synchronization implementation method