MariaDB 数据库管理与web服务器
MariaDB 数据库管理与WEB 服务器
介绍 MariaDB
数据库介绍
**数据库,是一个存放计算机数据的仓库。**这个仓库是按照一定的数据结构来对数据进行组织和存储的,我们可以通过数据库提供的多种方法来管理其中的数据。
数据结构,是指数据的组织形式或数据之间的联系
MariaDB 介绍
MariaDB数据库管理系统是MySQL数据库的一个分支,主要由开源社区维护,采用GPL授权许可。开发这个MariaDB数据库分支的可能原因之一是:甲骨文公司收购了MySQL后,有将MySQL闭源的潜在风险,因此MySQL开源社区采用分支的方式来避开这个风险。
MariaDB数据库完全兼容MySQL数据库,包括API和命令行,使之能轻松的成为MySQL的代替品。
MariaDB数据库管理系统可以包含多个database,每个database包涵多张表。
关系数据库的表采用二维表格来存储数据,类似于Excle工作表。
- 表中的一行即为一个元组,或称为一条记录。
- 数据表中的每一列称为一个字段(属性),表是由其包含的各种字段定义,每个字段描述了它所含有的数据意义,为每个字段分配一个数据类型,定义它们的数据长度和其他属性。
- 行和列的交叉位置表示某个属性值。
部署 MariaDB
安装 MariaDB
安装
[root@server ~ 09:59:26]# yum install -y mariadb-server
#启用并启动服务
[root@server ~ 09:59:26]# systemctl enable mariadb --now
加固 MariaDB
MariaDB数据库默认具有test数据库和一些不太安全的配置。运行mysql_secure_installation修改这些配置。
交互式提示您进行更改,包括:
- 为root帐户设置密码。
- 禁止root帐户从本地主机外部访问数据库。
- 删除匿名用户帐户。
- 删除用于演示的test数据库。
[root@server ~ 10:01:04]# mysql_secure_installationNOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDBSERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.Enter current password for root (enter for none):
OK, successfully used password, moving on...Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.Set root password? [Y/n]
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..... Success!By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.Remove anonymous users? [Y/n] ... Success!Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.Disallow root login remotely? [Y/n] ... Success!By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.Remove test database and access to it? [Y/n] - Dropping test database...... Success!- Removing privileges on test database...... Success!Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.Reload privilege tables now? [Y/n] ... Success!Cleaning up...All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.Thanks for using MariaDB!#连接 MariaDB
[root@server ~ 10:02:16]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 5.5.68-MariaDB MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> quit
Bye
数据库操作
查询数据库列表
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.019 sec)MariaDB [(none)]>
数据库说明:
- mysql 数据库,是一个系统数据库,保存数据库用户及其访问权限等信息。
- INFORMATION_SCHEMA 数据库,保存关于数据库或者数据表的元数据信息。
- **PERFORMANCE_SCHEMA **数据库,保存数据库服务器性能信息。
使用数据库
您可以使用 USE 语句选择数据库之一,例如:USE mysql;,后续默认操作的表属于mysql数据库。
创建数据库
MariaDB [mysql]> CREATE DATABASE laoma;
Query OK, 1 row affected (0.010 sec)MariaDB [mysql]> USE laoma;
Database changed
删除数据库
DROP DATABASE语句删除数据库中的所有表并删除数据库。 这将破坏数据库中的所有数据。 只有对该数据库具有DROP特权的用户才能运行此语句。 这不会更改数据库的用户特权。 如果重新创建具有该名称的数据库,则为旧数据库设置的用户权限仍然有效。
MariaDB [inventory]> DROP DATABASE laoma;
Query OK, 0 rows affected (0.006 sec)
查询表
查询表列表
查询表列表
MariaDB [(none)]> USE inventory;
MariaDB [inventory]> SHOW TABLES;
+---------------------+
| Tables_in_inventory |
+---------------------+
| category |
| manufacturer |
| product |
+---------------------+
3 rows in set (0.001 sec)
查询表结构
MariaDB [inventory]> DESCRIBE product;
+-----------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+--------------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| name | varchar(100) | NO | | NULL | |
| price | double | NO | | NULL | |
| stock | int(11) | NO | | NULL | |
| id_category | int(11) | NO | | NULL | |
| id_manufacturer | int(11) | NO | | NULL | |
+-----------------+--------------+------+-----+---------+----------------+
6 rows in set (0.008 sec)MariaDB [inventory]>
[root@server ~ 10:06:35]# mysql -u root -p
Enter password: MariaDB [(none)]> grant all privileges on *.* to yy@'%' identified by '123';[root@client ~ 10:18:03]# mysql -uyy -p123 -h server输出显示,表格中有六列(属性):
- Field 列,显示该属性名称。
- Type 列,显示该属性的数据必须采用的格式。例如,stock属性必须是最多11位数字的整数。
- Null 列,指示此属性是否可以为null。
- Default 列,指示如果未指定该属性,则是否设置了默认值。
- Key 列,显示属性ID是primary key。 主键是表中一行的唯一标识符。 该属性的任何其他行都不能具有相同的值。
- Extra列,提供该列额外信息,对于id字段标记为auto_increment。 这意味着每次将新项目插入表中时,该条目的属性值都会增加。 这样可以更轻松地使数字主键保持唯一。
查询表中数据
查询表中所有记录所有字段
MariaDB [inventory]> SELECT * FROM product;
+----+-------------------+---------+-------+-------------+-----------------+
| id | name | price | stock | id_category | id_manufacturer |
+----+-------------------+---------+-------+-------------+-----------------+
| 1 | ThinkServer TS140 | 539.88 | 20 | 2 | 4 |
| 2 | ThinkServer RD630 | 2379.14 | 20 | 2 | 4 |
| 3 | RT-AC68U | 219.99 | 10 | 1 | 3 |
| 4 | X110 64GB | 73.84 | 100 | 3 | 1 |
+----+-------------------+---------+-------+-------------+-----------------+
4 rows in set (0.004 sec)MariaDB [inventory]> SELECT * FROM category;
+----+------------+
| id | name |
+----+------------+
| 1 | Networking |
| 2 | Servers |
| 3 | Ssd |
+----+------------+
3 rows in set (0.001 sec)MariaDB [inventory]> SELECT * FROM manufacturer;
+----+----------+----------------+-------------------+
| id | name | seller | phone_number |
+----+----------+----------------+-------------------+
| 1 | SanDisk | John Miller | +1 (941) 329-8855 |
| 2 | Kingston | Mike Taylor | +1 (341) 375-9999 |
| 3 | Asus | Wilson Jackson | +1 (432) 367-8899 |
| 4 | Lenovo | Allen Scott | +1 (876) 213-4439 |
+----+----------+----------------+-------------------+
4 rows in set (0.001 sec)MariaDB [inventory]>
查询表中所有记录特定字段
MariaDB [inventory]> SELECT name,price,stock FROM product;
+-------------------+---------+-------+
| name | price | stock |
+-------------------+---------+-------+
| ThinkServer TS140 | 539.88 | 20 |
| ThinkServer RD630 | 2379.14 | 20 |
| RT-AC68U | 219.99 | 10 |
| X110 64GB | 73.84 | 100 |
+-------------------+---------+-------+
4 rows in set (0.001 sec)
WHERE子句
MariaDB [inventory]> SELECT * FROM product WHERE price > 100;
+----+-------------------+---------+-------+-------------+-----------------+
| id | name | price | stock | id_category | id_manufacturer |
+----+-------------------+---------+-------+-------------+-----------------+
| 1 | ThinkServer TS140 | 539.88 | 20 | 2 | 4 |
| 2 | ThinkServer RD630 | 2379.14 | 20 | 2 | 4 |
| 3 | RT-AC68U | 219.99 | 10 | 1 | 3 |
+----+-------------------+---------+-------+-------------+-----------------+
3 rows in set (0.020 sec)# 条件操作符包括:=、<>、>、<、>=、<=
MariaDB [inventory]> SELECT * FROM product WHERE price > 100;# BETWEEN,匹配2个数字之间(包括数字本身)的记录。
MariaDB [inventory]> SELECT * FROM product WHERE id BETWEEN 1 AND 3;# IN,匹配列表中记录。
MariaDB [inventory]> SELECT * FROM product WHERE id IN (1,3);
MariaDB [inventory]> SELECT * FROM category WHERE name IN ('Servers','Ssd');# LIKE,用于匹配字符串。%表示一个或多个字符,_表示一个字符,[charlist]表示字符列中的任何单一字符,[^charlist]或者[!charlist]不在字符列中的任何单一字符。
MariaDB [inventory]> SELECT * FROM product WHERE name like '%Server%';# 逻辑与AND
MariaDB [inventory]> SELECT * FROM product WHERE name like '%RD%' AND price>1000;# 逻辑或or
MariaDB [inventory]> SELECT * FROM product WHERE name like '%RD%' OR price>500;# ORDER BY 关键字用于对结果集进行排序。
MariaDB [inventory]> SELECT * FROM product ORDER BY price;
MariaDB [inventory]> SELECT * FROM product ORDER BY price desc;
多表查询
# 示例1:产品类型是Servers的产品名称和价格
MariaDB [inventory]> SELECT product.name,product.price
FROM product,category
WHERE product.id_category = category.id
AND category.name='Servers';# 示例2:查询厂商是Lenovo的产品名称和价格
MariaDB [inventory]> SELECT product.name,product.price
FROM product,manufacturer
WHERE product.id_manufacturer = manufacturer.id
AND manufacturer.name='Lenovo';
函数
# 示例1:查询产品价格平均值
MariaDB [inventory]> SELECT avg(price) FROM product;# 示例2:查询产品价格最大值
MariaDB [inventory]> SELECT max(price) FROM product;# 示例3:查询产品价格最小值
MariaDB [inventory]> SELECT min(price) FROM product;# 示例4:查询产品存量
MariaDB [inventory]> SELECT sum(stock) FROM product;# 示例5:查询产品价格最小值的那个产品信息
MariaDB [inventory]> SELECT min(price) FROM product;
MariaDB [inventory]> SELECT * FROM product WHERE price=73.84;
或者
MariaDB [inventory]> SELECT * FROM product WHERE price=(SELECT min(price) FROM product);# 示例6:查询Lenovo厂商提供了几种产品
MariaDB [inventory]> SELECT count(product.name)
FROM product,manufacturer
WHERE product.id_manufacturer = manufacturer.id
AND manufacturer.name='Lenovo';# GROUP BY 语句用于结合聚合函数,根据一个或多个列对结果集进行分组。
MariaDB [inventory]> SELECT id_category,sum(stock) FROM product GROUP BY id_category;
创建表
MariaDB [inventory]> CREATE TABLE staff(
id INT(11) NOT NULL,
name VARCHAR(100) NOT NULL,
age INT(11) DEFAULT 10,
id_department INT(11)
);
Query OK, 0 rows affected (0.017 sec)
MariaDB [inventory]> SHOW TABLES;
插入记录
MariaDB [inventory]> INSERT INTO staff (id,name,age,id_department)
VALUES (1,'laoma1',28,10);
MariaDB [inventory]> INSERT INTO staff (id,name,age) VALUES (2,'laoma2',20);
MariaDB [inventory]> INSERT INTO staff (id,name) VALUES (3,'laoma3');
更新记录
MariaDB [inventory]> UPDATE staff SET age=30 WHERE id=3;
MariaDB [inventory]> UPDATE staff SET age=30
如果使用不带WHERE子句的UPDATE,则表中的所有记录都会更新。
删除记录
MariaDB [inventory]> DELETE FROM staff WHERE id=3 ;
MariaDB [inventory]> DELETE FROM staff ;
如果使用不带WHERE子句的UPDATE,则表中的所有记录都会更新。
删除记录
MariaDB [inventory]> DELETE FROM staff WHERE id=3 ;
MariaDB [inventory]> DELETE FROM staff ;
管理 MariaDB 用户
创建用户账户
默认情况下,MariaDB有自己的用户和密码,与本地系统的用户和密码分开。这意味着MariaDB数据库用户与服务器的Linux用户不同, 即使用户帐户具有相同的名称。
为了控制用户对数据库服务器的访问级别,必须在MariaDB中设置数据库用户并授予他们在服务器及其数据上执行操作的权限。
您可以配置MariaDB使用
pam身份验证插件将系统用户帐户和密码集成为MariaDB数据库用户,本课程不介绍该配置。 在大多数情况下,最好分开管理数据库和系统用户账户。
要创建新用户,您需要以下权限级别之一:
- MariaDB的root用户。
- 被授予全局CREATE USER特权的用户。
- 被授予对mysql数据库的INSERT特权的用户。
我们可以使用CREATE USER语句,在mysql数据库的user表中创建一条新记。
用户名格式:user_name@host_name。 这样就可以根据主机源,创建具有相同名称但具有不同特权的多个用户帐户。
MariaDB [(none)]> CREATE USER yy@'%' IDENTIFIED BY 'redhat';
当前,yy帐户只能使用密码redhat从**%**连接。
用户的密码,会被加密存在在mysql.user表:
MariaDB [mysql]> SELECT host,user,password FROM user WHERE user = 'yy';
+-----------+--------+-------------------------------------------+
| host | user | password |
+-----------+--------+-------------------------------------------+
| % | yy | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
+-----------+--------+-------------------------------------------+
1 row in set (0.000 sec)
控制用户权限
默认情况下,新帐户被授予最小特权。 在不授予其他特权的情况下,laoma用户只能访问最少的帐户信息,大多数其他操作均被拒绝。
示例:
[root@server ~]# mysql -u yy -p
Enter password: redhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.3.17-MariaDB MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> SELECT USER();
+------------------+
| USER() |
+------------------+
| laoma@localhost |
+------------------+
1 row in set (0.003 sec)MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
+--------------------+
1 row in set (0.004 sec)MariaDB [(none)]> USE mysql;
ERROR 1044 (42000): Access denied for user 'yy'@'localhost' to database 'mysql'
MariaDB [(none)]> CREATE DATABASE inventory;
ERROR 1044 (42000): Access denied for user 'yy'@'localhost' to database 'inventory'
MariaDB [(none)]>
授予用户权限
GRANT语句可用于向帐户授予特权。 要授予GRANT特权,连接的用户必须具有GRANT OPTION且必须具有他们所授予的特定特权。
例如,laoma用户无法授予数据库表SELECT特权,除非他们已经具有SELECT特权和GRANT OPTION表特权。
在此示例中,MariaDB根用户向清单数据库中类别表上的laoma用户授予CRUD特权。
[root@server ~]# mysql -u root -p
Enter password: redhatMariaDB [(none)]> GRANT SELECT, UPDATE, DELETE, INSERT-> ON inventory.category-> TO yy@% ;
Query OK, 0 rows affected (0.006 sec)MariaDB [inventory]> exit
Bye
[root@client ~ 10:21:09]# vim /etc/my.cnf.d/mysql-clients.cnf 物理备份
[root@server ~ 14:44:58]# systemmctl stop mariadb
[root@server ~ 14:46:42]# cp -r /var/lib/mysql{,.back}
[root@server ~ 14:46:48]# systemctl start mariadb
[root@server ~ 14:47:41]# mysql -uroot -p123
MariaDB [(none)]> drop user root@localhost;MariaDB [(none)]> drop user root@127.0.0.1;MariaDB [(none)]> quit恢复
[root@server ~ 14:48:39]# systemctl stop mariadb
[root@server ~ 14:49:25]# /bin/cp /var/lib/mysql.back/mysql/user.* /var/lib/mysql/mysql
[root@server ~ 14:51:27]# chmod 660 /var/lib/mysql/mysql/user.*
[root@server ~ 14:51:55]# chown mysql:mysql /var/lib/mysql/mysql/user.*
[root@server ~ 14:52:20]# systemctl start mariadbWEB 服务器
WEB 服务器简介
WEB也称为WWW(WORLD WIDE WEB),中文名字为万维网、全球信息网等,主要功能是提供网上信息浏览服务。Web服务器可以为Internet上的用户提供WWW、Email和FTP等各种Internet服务。
Nginx
Nginx是一款高性能的HTTP和反向代理服务器,能够选择高效的epoll、kqueue、eventport最为网络I/O模型,在高连接并发的情况下,能够支持高达5万个并发连接数的响应,而内存、CPU等系统资源消耗却非常低,运行非常稳定。
安装 nginx
# 安装 nginx
[root@server ~ 15:13:36]# yum -y install nginx
# 启动 nginx
[root@server ~ 15:15:10]# systemctl enable nginx --now
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
# 准备主页
[root@server ~ 15:15:42]# mv /usr/share/nginx/html/index.html{,.ori}
[root@server ~ 15:17:34]# echo hello world from nginx > /usr/share/nginx/html/index.html虚拟主机
同一个web服务器提供多个站点。
根据名称
[root@www ~]# vim /etc/nginx/conf.d/vhost-name.conf
server {server_name web1.yy.cloud;root /usr/share/nginx/web1;
}
server {server_name web2.yy.cloud;root /usr/share/nginx/web2;
}
根据 port
[root@www ~]# vim /etc/nginx/conf.d/vhost-port.conf
server {listen 8081;server_name www.yy.cloud;root /usr/share/nginx/8081;
}
server {listen 8082;server_name www.yy.cloud;root /usr/share/nginx/8082;
}
配置SSL/TLS
生成证书
#--1--生成私钥
[root@server ~ 16:51:21]# openssl genrsa -out www.key 2048
#--2--生成请求文件csr
[root@server ~ 17:07:02]# openssl req -new -key www.key -out www.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:JS
Locality Name (eg, city) [Default City]:NJ
Organization Name (eg, company) [Default Company Ltd]:yy
Organizational Unit Name (eg, section) []:wanho
Common Name (eg, your name or your server's hostname) []:www.yy.cloud
Email Address []:yy@yy.cloudPlease enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:#--3--使用自己的私钥对请求文件签名,以生成证书
[root@server ~ 17:08:29]# openssl x509 -req -days 3650 -in www.csr -signkey www.key -out www.crt#配置站点
[root@server ~ 17:09:18]# mkdir /etc/ssl/certs/www.yy.cloud
[root@server ~ 17:09:46]# mv www* /etc/ssl/certs/www.yy.cloud
[root@server ~ 17:11:21]# vim /etc/nginx/conf.d/ssl.conf
server {listen 443 ssl http2 default_server;listen [::]:443 ssl http2 default_server;server_name www.yy.cloud;root /usr/share/nginx/html;
[root@server ~ 17:13:09]# systemctl restart nginx
[root@server ~ 17:13:48]# vim /etc/nginx/nginx.conf
[root@www ~]# vim /etc/nginx/nginx.confserver {listen 80 default_server;listen [::]:80 default_server;server_name www.yy.cloud;root /usr/share/nginx/html;# 添加 重定向return 301 https://$host$request_uri;}