MariaDB 數據庫管理與WEB 服務器
介紹 MariaDB
數據庫介紹
**數據庫,是一個存放計算機數據的倉庫。**這個倉庫是按照一定的數據結構來對數據進行組織和存儲的,我們可以通過數據庫提供的多種方法來管理其中的數據。
數據結構,是指數據的組織形式或數據之間的聯系
MariaDB 介紹
MariaDB數據庫管理系統是MySQL數據庫的一個分支,主要由開源社區維護,采用GPL授權許可。開發這個MariaDB數據庫分支的可能原因之一是:甲骨文公司收購了MySQL后,有將MySQL閉源的潛在風險,因此MySQL開源社區采用分支的方式來避開這個風險。
MariaDB數據庫完全兼容MySQL數據庫,包括API和命令行,使之能輕松的成為MySQL的代替品。
MariaDB數據庫管理系統可以包含多個database,每個database包涵多張表。
關系數據庫的表采用二維表格來存儲數據,類似于Excle工作表。
- 表中的一行即為一個元組,或稱為一條記錄。
- 數據表中的每一列稱為一個字段(屬性),表是由其包含的各種字段定義,每個字段描述了它所含有的數據意義,為每個字段分配一個數據類型,定義它們的數據長度和其他屬性。
- 行和列的交叉位置表示某個屬性值。
部署 MariaDB
安裝 MariaDB
安裝
[root@server ~ 09:59:26]# yum install -y mariadb-server
#啟用并啟動服務
[root@server ~ 09:59:26]# systemctl enable mariadb --now
加固 MariaDB
MariaDB數據庫默認具有test數據庫和一些不太安全的配置。運行mysql_secure_installation修改這些配置。
交互式提示您進行更改,包括:
- 為root帳戶設置密碼。
- 禁止root帳戶從本地主機外部訪問數據庫。
- 刪除匿名用戶帳戶。
- 刪除用于演示的test數據庫。
[root@server ~ 10:01:04]# mysql_secure_installationNOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDBSERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.Enter current password for root (enter for none):
OK, successfully used password, moving on...Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.Set root password? [Y/n]
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..... Success!By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.Remove anonymous users? [Y/n] ... Success!Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.Disallow root login remotely? [Y/n] ... Success!By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.Remove test database and access to it? [Y/n] - Dropping test database...... Success!- Removing privileges on test database...... Success!Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.Reload privilege tables now? [Y/n] ... Success!Cleaning up...All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.Thanks for using MariaDB!#連接 MariaDB
[root@server ~ 10:02:16]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 5.5.68-MariaDB MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> quit
Bye
數據庫操作
查詢數據庫列表
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.019 sec)MariaDB [(none)]>
數據庫說明:
- mysql 數據庫,是一個系統數據庫,保存數據庫用戶及其訪問權限等信息。
- INFORMATION_SCHEMA 數據庫,保存關于數據庫或者數據表的元數據信息。
- **PERFORMANCE_SCHEMA **數據庫,保存數據庫服務器性能信息。
使用數據庫
您可以使用 USE 語句選擇數據庫之一,例如:USE mysql;,后續默認操作的表屬于mysql數據庫。
創建數據庫
MariaDB [mysql]> CREATE DATABASE laoma;
Query OK, 1 row affected (0.010 sec)MariaDB [mysql]> USE laoma;
Database changed
刪除數據庫
DROP DATABASE語句刪除數據庫中的所有表并刪除數據庫。 這將破壞數據庫中的所有數據。 只有對該數據庫具有DROP特權的用戶才能運行此語句。 這不會更改數據庫的用戶特權。 如果重新創建具有該名稱的數據庫,則為舊數據庫設置的用戶權限仍然有效。
MariaDB [inventory]> DROP DATABASE laoma;
Query OK, 0 rows affected (0.006 sec)
查詢表
查詢表列表
查詢表列表
MariaDB [(none)]> USE inventory;
MariaDB [inventory]> SHOW TABLES;
+---------------------+
| Tables_in_inventory |
+---------------------+
| category |
| manufacturer |
| product |
+---------------------+
3 rows in set (0.001 sec)
查詢表結構
MariaDB [inventory]> DESCRIBE product;
+-----------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+--------------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| name | varchar(100) | NO | | NULL | |
| price | double | NO | | NULL | |
| stock | int(11) | NO | | NULL | |
| id_category | int(11) | NO | | NULL | |
| id_manufacturer | int(11) | NO | | NULL | |
+-----------------+--------------+------+-----+---------+----------------+
6 rows in set (0.008 sec)MariaDB [inventory]>
[root@server ~ 10:06:35]# mysql -u root -p
Enter password: MariaDB [(none)]> grant all privileges on *.* to yy@'%' identified by '123';[root@client ~ 10:18:03]# mysql -uyy -p123 -h server輸出顯示,表格中有六列(屬性):
- Field 列,顯示該屬性名稱。
- Type 列,顯示該屬性的數據必須采用的格式。例如,stock屬性必須是最多11位數字的整數。
- Null 列,指示此屬性是否可以為null。
- Default 列,指示如果未指定該屬性,則是否設置了默認值。
- Key 列,顯示屬性ID是primary key。 主鍵是表中一行的唯一標識符。 該屬性的任何其他行都不能具有相同的值。
- Extra列,提供該列額外信息,對于id字段標記為auto_increment。 這意味著每次將新項目插入表中時,該條目的屬性值都會增加。 這樣可以更輕松地使數字主鍵保持唯一。
查詢表中數據
查詢表中所有記錄所有字段
MariaDB [inventory]> SELECT * FROM product;
+----+-------------------+---------+-------+-------------+-----------------+
| id | name | price | stock | id_category | id_manufacturer |
+----+-------------------+---------+-------+-------------+-----------------+
| 1 | ThinkServer TS140 | 539.88 | 20 | 2 | 4 |
| 2 | ThinkServer RD630 | 2379.14 | 20 | 2 | 4 |
| 3 | RT-AC68U | 219.99 | 10 | 1 | 3 |
| 4 | X110 64GB | 73.84 | 100 | 3 | 1 |
+----+-------------------+---------+-------+-------------+-----------------+
4 rows in set (0.004 sec)MariaDB [inventory]> SELECT * FROM category;
+----+------------+
| id | name |
+----+------------+
| 1 | Networking |
| 2 | Servers |
| 3 | Ssd |
+----+------------+
3 rows in set (0.001 sec)MariaDB [inventory]> SELECT * FROM manufacturer;
+----+----------+----------------+-------------------+
| id | name | seller | phone_number |
+----+----------+----------------+-------------------+
| 1 | SanDisk | John Miller | +1 (941) 329-8855 |
| 2 | Kingston | Mike Taylor | +1 (341) 375-9999 |
| 3 | Asus | Wilson Jackson | +1 (432) 367-8899 |
| 4 | Lenovo | Allen Scott | +1 (876) 213-4439 |
+----+----------+----------------+-------------------+
4 rows in set (0.001 sec)MariaDB [inventory]>
查詢表中所有記錄特定字段
MariaDB [inventory]> SELECT name,price,stock FROM product;
+-------------------+---------+-------+
| name | price | stock |
+-------------------+---------+-------+
| ThinkServer TS140 | 539.88 | 20 |
| ThinkServer RD630 | 2379.14 | 20 |
| RT-AC68U | 219.99 | 10 |
| X110 64GB | 73.84 | 100 |
+-------------------+---------+-------+
4 rows in set (0.001 sec)
WHERE子句
MariaDB [inventory]> SELECT * FROM product WHERE price > 100;
+----+-------------------+---------+-------+-------------+-----------------+
| id | name | price | stock | id_category | id_manufacturer |
+----+-------------------+---------+-------+-------------+-----------------+
| 1 | ThinkServer TS140 | 539.88 | 20 | 2 | 4 |
| 2 | ThinkServer RD630 | 2379.14 | 20 | 2 | 4 |
| 3 | RT-AC68U | 219.99 | 10 | 1 | 3 |
+----+-------------------+---------+-------+-------------+-----------------+
3 rows in set (0.020 sec)# 條件操作符包括:=、<>、>、<、>=、<=
MariaDB [inventory]> SELECT * FROM product WHERE price > 100;# BETWEEN,匹配2個數字之間(包括數字本身)的記錄。
MariaDB [inventory]> SELECT * FROM product WHERE id BETWEEN 1 AND 3;# IN,匹配列表中記錄。
MariaDB [inventory]> SELECT * FROM product WHERE id IN (1,3);
MariaDB [inventory]> SELECT * FROM category WHERE name IN ('Servers','Ssd');# LIKE,用于匹配字符串。%表示一個或多個字符,_表示一個字符,[charlist]表示字符列中的任何單一字符,[^charlist]或者[!charlist]不在字符列中的任何單一字符。
MariaDB [inventory]> SELECT * FROM product WHERE name like '%Server%';# 邏輯與AND
MariaDB [inventory]> SELECT * FROM product WHERE name like '%RD%' AND price>1000;# 邏輯或or
MariaDB [inventory]> SELECT * FROM product WHERE name like '%RD%' OR price>500;# ORDER BY 關鍵字用于對結果集進行排序。
MariaDB [inventory]> SELECT * FROM product ORDER BY price;
MariaDB [inventory]> SELECT * FROM product ORDER BY price desc;
多表查詢
# 示例1:產品類型是Servers的產品名稱和價格
MariaDB [inventory]> SELECT product.name,product.price
FROM product,category
WHERE product.id_category = category.id
AND category.name='Servers';# 示例2:查詢廠商是Lenovo的產品名稱和價格
MariaDB [inventory]> SELECT product.name,product.price
FROM product,manufacturer
WHERE product.id_manufacturer = manufacturer.id
AND manufacturer.name='Lenovo';
函數
# 示例1:查詢產品價格平均值
MariaDB [inventory]> SELECT avg(price) FROM product;# 示例2:查詢產品價格最大值
MariaDB [inventory]> SELECT max(price) FROM product;# 示例3:查詢產品價格最小值
MariaDB [inventory]> SELECT min(price) FROM product;# 示例4:查詢產品存量
MariaDB [inventory]> SELECT sum(stock) FROM product;# 示例5:查詢產品價格最小值的那個產品信息
MariaDB [inventory]> SELECT min(price) FROM product;
MariaDB [inventory]> SELECT * FROM product WHERE price=73.84;
或者
MariaDB [inventory]> SELECT * FROM product WHERE price=(SELECT min(price) FROM product);# 示例6:查詢Lenovo廠商提供了幾種產品
MariaDB [inventory]> SELECT count(product.name)
FROM product,manufacturer
WHERE product.id_manufacturer = manufacturer.id
AND manufacturer.name='Lenovo';# GROUP BY 語句用于結合聚合函數,根據一個或多個列對結果集進行分組。
MariaDB [inventory]> SELECT id_category,sum(stock) FROM product GROUP BY id_category;
創建表
MariaDB [inventory]> CREATE TABLE staff(
id INT(11) NOT NULL,
name VARCHAR(100) NOT NULL,
age INT(11) DEFAULT 10,
id_department INT(11)
);
Query OK, 0 rows affected (0.017 sec)
MariaDB [inventory]> SHOW TABLES;
插入記錄
MariaDB [inventory]> INSERT INTO staff (id,name,age,id_department)
VALUES (1,'laoma1',28,10);
MariaDB [inventory]> INSERT INTO staff (id,name,age) VALUES (2,'laoma2',20);
MariaDB [inventory]> INSERT INTO staff (id,name) VALUES (3,'laoma3');
更新記錄
MariaDB [inventory]> UPDATE staff SET age=30 WHERE id=3;
MariaDB [inventory]> UPDATE staff SET age=30
如果使用不帶WHERE子句的UPDATE,則表中的所有記錄都會更新。
刪除記錄
MariaDB [inventory]> DELETE FROM staff WHERE id=3 ;
MariaDB [inventory]> DELETE FROM staff ;
如果使用不帶WHERE子句的UPDATE,則表中的所有記錄都會更新。
刪除記錄
MariaDB [inventory]> DELETE FROM staff WHERE id=3 ;
MariaDB [inventory]> DELETE FROM staff ;
管理 MariaDB 用戶
創建用戶賬戶
默認情況下,MariaDB有自己的用戶和密碼,與本地系統的用戶和密碼分開。這意味著MariaDB數據庫用戶與服務器的Linux用戶不同, 即使用戶帳戶具有相同的名稱。
為了控制用戶對數據庫服務器的訪問級別,必須在MariaDB中設置數據庫用戶并授予他們在服務器及其數據上執行操作的權限。
您可以配置MariaDB使用
pam身份驗證插件將系統用戶帳戶和密碼集成為MariaDB數據庫用戶,本課程不介紹該配置。 在大多數情況下,最好分開管理數據庫和系統用戶賬戶。
要創建新用戶,您需要以下權限級別之一:
- MariaDB的root用戶。
- 被授予全局CREATE USER特權的用戶。
- 被授予對mysql數據庫的INSERT特權的用戶。
我們可以使用CREATE USER語句,在mysql數據庫的user表中創建一條新記。
用戶名格式:user_name@host_name。 這樣就可以根據主機源,創建具有相同名稱但具有不同特權的多個用戶帳戶。
MariaDB [(none)]> CREATE USER yy@'%' IDENTIFIED BY 'redhat';
當前,yy帳戶只能使用密碼redhat從**%**連接。
用戶的密碼,會被加密存在在mysql.user表:
MariaDB [mysql]> SELECT host,user,password FROM user WHERE user = 'yy';
+-----------+--------+-------------------------------------------+
| host | user | password |
+-----------+--------+-------------------------------------------+
| % | yy | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
+-----------+--------+-------------------------------------------+
1 row in set (0.000 sec)
控制用戶權限
默認情況下,新帳戶被授予最小特權。 在不授予其他特權的情況下,laoma用戶只能訪問最少的帳戶信息,大多數其他操作均被拒絕。
示例:
[root@server ~]# mysql -u yy -p
Enter password: redhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.3.17-MariaDB MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> SELECT USER();
+------------------+
| USER() |
+------------------+
| laoma@localhost |
+------------------+
1 row in set (0.003 sec)MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.004 sec)MariaDB [(none)]> USE mysql;
ERROR 1044 (42000): Access denied for user 'yy'@'localhost' to database 'mysql'
MariaDB [(none)]> CREATE DATABASE inventory;
ERROR 1044 (42000): Access denied for user 'yy'@'localhost' to database 'inventory'
MariaDB [(none)]>
授予用戶權限
GRANT語句可用于向帳戶授予特權。 要授予GRANT特權,連接的用戶必須具有GRANT OPTION且必須具有他們所授予的特定特權。
例如,laoma用戶無法授予數據庫表SELECT特權,除非他們已經具有SELECT特權和GRANT OPTION表特權。
在此示例中,MariaDB根用戶向清單數據庫中類別表上的laoma用戶授予CRUD特權。
[root@server ~]# mysql -u root -p
Enter password: redhatMariaDB [(none)]> GRANT SELECT, UPDATE, DELETE, INSERT-> ON inventory.category-> TO yy@% ;
Query OK, 0 rows affected (0.006 sec)MariaDB [inventory]> exit
Bye
[root@client ~ 10:21:09]# vim /etc/my.cnf.d/mysql-clients.cnf 物理備份
[root@server ~ 14:44:58]# systemmctl stop mariadb
[root@server ~ 14:46:42]# cp -r /var/lib/mysql{,.back}
[root@server ~ 14:46:48]# systemctl start mariadb
[root@server ~ 14:47:41]# mysql -uroot -p123
MariaDB [(none)]> drop user root@localhost;MariaDB [(none)]> drop user root@127.0.0.1;MariaDB [(none)]> quit恢復
[root@server ~ 14:48:39]# systemctl stop mariadb
[root@server ~ 14:49:25]# /bin/cp /var/lib/mysql.back/mysql/user.* /var/lib/mysql/mysql
[root@server ~ 14:51:27]# chmod 660 /var/lib/mysql/mysql/user.*
[root@server ~ 14:51:55]# chown mysql:mysql /var/lib/mysql/mysql/user.*
[root@server ~ 14:52:20]# systemctl start mariadbWEB 服務器
WEB 服務器簡介
WEB也稱為WWW(WORLD WIDE WEB),中文名字為萬維網、全球信息網等,主要功能是提供網上信息瀏覽服務。Web服務器可以為Internet上的用戶提供WWW、Email和FTP等各種Internet服務。
Nginx
Nginx是一款高性能的HTTP和反向代理服務器,能夠選擇高效的epoll、kqueue、eventport最為網絡I/O模型,在高連接并發的情況下,能夠支持高達5萬個并發連接數的響應,而內存、CPU等系統資源消耗卻非常低,運行非常穩定。
安裝 nginx
# 安裝 nginx
[root@server ~ 15:13:36]# yum -y install nginx
# 啟動 nginx
[root@server ~ 15:15:10]# systemctl enable nginx --now
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
# 準備主頁
[root@server ~ 15:15:42]# mv /usr/share/nginx/html/index.html{,.ori}
[root@server ~ 15:17:34]# echo hello world from nginx > /usr/share/nginx/html/index.html虛擬主機
同一個web服務器提供多個站點。
根據名稱
[root@www ~]# vim /etc/nginx/conf.d/vhost-name.conf
server {server_name web1.yy.cloud;root /usr/share/nginx/web1;
}
server {server_name web2.yy.cloud;root /usr/share/nginx/web2;
}
根據 port
[root@www ~]# vim /etc/nginx/conf.d/vhost-port.conf
server {listen 8081;server_name www.yy.cloud;root /usr/share/nginx/8081;
}
server {listen 8082;server_name www.yy.cloud;root /usr/share/nginx/8082;
}
配置SSL/TLS
生成證書
#--1--生成私鑰
[root@server ~ 16:51:21]# openssl genrsa -out www.key 2048
#--2--生成請求文件csr
[root@server ~ 17:07:02]# openssl req -new -key www.key -out www.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:JS
Locality Name (eg, city) [Default City]:NJ
Organization Name (eg, company) [Default Company Ltd]:yy
Organizational Unit Name (eg, section) []:wanho
Common Name (eg, your name or your server's hostname) []:www.yy.cloud
Email Address []:yy@yy.cloudPlease enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:#--3--使用自己的私鑰對請求文件簽名,以生成證書
[root@server ~ 17:08:29]# openssl x509 -req -days 3650 -in www.csr -signkey www.key -out www.crt#配置站點
[root@server ~ 17:09:18]# mkdir /etc/ssl/certs/www.yy.cloud
[root@server ~ 17:09:46]# mv www* /etc/ssl/certs/www.yy.cloud
[root@server ~ 17:11:21]# vim /etc/nginx/conf.d/ssl.conf
server {listen 443 ssl http2 default_server;listen [::]:443 ssl http2 default_server;server_name www.yy.cloud;root /usr/share/nginx/html;
[root@server ~ 17:13:09]# systemctl restart nginx
[root@server ~ 17:13:48]# vim /etc/nginx/nginx.conf
[root@www ~]# vim /etc/nginx/nginx.confserver {listen 80 default_server;listen [::]:80 default_server;server_name www.yy.cloud;root /usr/share/nginx/html;# 添加 重定向return 301 https://$host$request_uri;}
)
)
)
)
)
)
)
0->b 講解)
)