浅析:
具体部署:
mysql服务器:
#授权远程登录账户
[root@localhost ~]# mysql -uroot -p
mysql> GRANT ALL ON *.* to 'test'@'192.168.0.1' IDENTIFIED BY 'lmdb(A7105#B9606@com!';
mysql> flush privileges;
mysql> select user,host from mysql.user;
+---------------+----------------+
| user | host |
+---------------+----------------+
| root | 127.0.0.1 |
| zabbix | 127.0.0.1 |
| test | 192.168.0.1 |
| root | localhost |
+---------------+----------------+
11 rows in set (0.00 sec)
mysql> quit
#防火墙开放数据库的端口,或者关闭防火墙
a。关闭防火墙
[root@localhost ~]# systemctl status iptables
# systemctl stop iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: inactive (dead) since Tue 2019-08-13 15:43:07 CST; 1 weeks 1 days ago
Main PID: 1969 (code=exited, status=0/SUCCESS)
b。防火墙规则
[root@localhost ~]# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
[root@localhost ~]# ystemctl restart iptables
mysql-proxy服务器
#下载mysql-proxy包
wget https://downloads.mysql.com/archives/get/file/mysql-proxy-0.8.5-linux-glibc2.3-x86-64bit.tar.gz
#安装
[root@e test]# tar zxf mysql-proxy-0.8.5-linux-glibc2.3-x86-64bit.tar.gz -C /usr/local/
cd /usr/local/
[root@e local]# ls
mysql-proxy-0.8.5-linux-glibc2.3-x86-64bit
[root@e local]# mv mysql-proxy-0.8.5-linux-glibc2.3-x86-64bit/ mysql-proxy
[root@e local]# ls
mysql-proxy
[root@e local]# mkdir /usr/local/mysql-proxy/{conf,log} -p
[root@e mysql-proxy]# tail -3 /etc/profile
#(添加下面三行内容)
LUA_PATH="/usr/local/mysql-proxy/share/doc/mysql-proxy/?.lua"
export LUA_PATH
export PATH=$PATH:/usr/local/mysql-proxy/bin
[root@e mysql-proxy]# source /etc/profile
[root@e conf]# vi mysql-proxy.conf
[mysql-proxy]
user=www
daemon=true
keepalive=true
plugins=proxy,admin
###日志级别
log-level=info
log-file=/usr/local/mysql-proxy/log/mysql-proxy.log
###本机ip地址
proxy-address=14.152.90.6:9196 #本地的ip和代理端口,后期navicat连接使用的地址
##backend主 注意addresses
proxy-backend-addresses=192.168.0.2:3306 #mysql的内网ip地址
##proxy的管理用户admin的IP和端口
admin-address=192.168.0.1:9197 #mysql-proxy的内网
###下面的三个参数必须设定,否则mysql-proxy服务启动不了的
admin-username=test1
admin-password=test1
###admin的lua脚本地址;
admin-lua-script=/usr/local/mysql-proxy/lib/mysql-proxy/lua/admin.lua
#启动
[root@e conf]# chmod 660 mysql-proxy.conf
[root@e conf]# /usr/local/mysql-proxy/bin/mysql-proxy --defaults-file=/usr/local/mysql-proxy/conf/mysql-proxy.conf
[root@e conf]# netstat -luntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 14.152.90.6:9196 0.0.0.0:* LISTEN 11502/mysql-proxy
tcp 0 0 192.168.0.1:9197 0.0.0.0:* LISTEN 11502/mysql-proxy
#登陆mysql-proxy管理账户,查看代理管理列表
[root@e bin]# mysql -utest1 -ptest1 -h192.168.0.1 --port=9197
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.0.99-agent-admin
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> SELECT * FROM backends;
+-------------+------------------+---------+------+------+-------------------+
| backend_ndx | address | state | type | uuid | connected_clients |
+-------------+------------------+---------+------+------+-------------------+
| 1 | 192.168.0.2:3306 | unknown | rw | NULL | 0 |
+-------------+------------------+---------+------+------+-------------------+
1 row in set (0.00 sec)
mysql> SELECT * FROM help;
+------------------------+------------------------------------+
| command | description |
+------------------------+------------------------------------+
| SELECT * FROM help | shows this help |
| SELECT * FROM backends | lists the backends and their state |
+------------------------+------------------------------------+
2 rows in set (0.00 sec)
mysql> quit
#远程连接mysql
[root@e bin]# mysql -utest -p'lmdb(A7105#B9606@com!' -h 192.168.0.2
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 223226
Server version: 5.7.27-log MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| CodeDB |
| mysql |
| mysqldata |
| performance_schema |
| sys |
+--------------------+
6 rows in set (0.00 sec)
mysql> quit
######################成功######################
#防火墙规则(通过navicat,sqlyog等工具连接数据库的时候,当然需要开放本地的代理端口)
a。关闭防火墙
[root@localhost ~]# systemctl status iptables
# systemctl stop iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: inactive (dead) since Tue 2019-08-13 15:43:07 CST; 1 weeks 1 days ago
Main PID: 1969 (code=exited, status=0/SUCCESS)
b。添加防火墙规则
[root@localhost ~]# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m tcp --dport 9196 -j ACCEPT
[root@localhost ~]# ystemctl restart iptables