作爲開發者,業務服務器和數據服務器,一般肯定是部署在不同的主機上,所以mysql 用戶授權,遠程訪問,大家肯定玩的比較多了,網上的博客一大堆
Mysql 默認是隻允許使用 host:localhost,或者 host:127.0.0.1,如果想用使用IP訪問,就要重新授權。
具體如下:
-
msyql數據庫
# mysql所在DB服務器 192.168.137.32
-
授權步驟
# 授權遠程任何ip訪問 grant all privileges on *.* to 'cat'@'%' iedentified by '123456'; # 刷新生效 flush privileges
-
navicat測試
直接用navicat鏈接,測試,肯定沒有問題
-
遠程ip測試
# 注意 192.168.137.31 是業務服務器 mysql -ucat -h 192.168.137.31 -p
連接也沒有問題,很完美
-
DB服務器上IP訪問
# 注意是 DB服務器本身的ip 訪問 k8s-worknode1是hostname,請無視 [root@k8s-worknode1 ~]# mysql -ugpcat -h 192.168.137.32 -p Enter password: ERROR 1045 (28000): Access denied for user 'gpcat'@'k8s-worknode1' (using password: YES)
爲什麼不能本地Ip訪問呢?
-
查看授權詳情
mysql> select Host,User from mysql.user; +-----------+-------+ | Host | User | +-----------+-------+ | % | cat | | 127.0.0.1 | root | | ::1 | root | | localhost | | | localhost | root | +-----------+-------+
授權沒錯啊,也是刷新權限生效了啊,那是爲啥呢?
-
繼續查看授權詳情
mysql> SELECT host,user,Grant_priv,Super_priv FROM mysql.user; +-----------+-------+------------+------------+ | host | user | Grant_priv | Super_priv | +-----------+-------+------------+------------+ | localhost | root | Y | Y | | 127.0.0.1 | root | Y | Y | | ::1 | root | Y | Y | | localhost | | N | N | | % | cat | N | Y | +-----------+-------+------------+------------+
注意,cat用戶的,
Grant_priv='N',Super_priv='Y'
來,大家在回憶一下cat用戶的授權方式,也就是步驟1
# 授權遠程任何ip訪問 grant all privileges on *.* to 'cat'@'%' iedentified by '123456'; # 刷新生效 flush privileges
也就是說,網上的一大推各種博客,Ip授權,默認的其實,還是隻能開啓遠程的IP訪問,本地IP訪問其實還是沒有開啓的,坑啊,網上各種粘貼複製的,害死人
-
主動開啓,本地IP訪問
mysql> update mysql.user set Grant_priv='Y' where user='cat'; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 # 刷新生效 flush privileges # 查看授權詳情 mysql> SELECT host,user,Grant_priv,Super_priv FROM mysql.user; +-----------+-------+------------+------------+ | host | user | Grant_priv | Super_priv | +-----------+-------+------------+------------+ | localhost | root | Y | Y | | 127.0.0.1 | root | Y | Y | | ::1 | root | Y | Y | | localhost | | N | N | | % | cat | Y | Y | +-----------+-------+------------+------------+
-
再次驗證本地IP訪問
[root@k8s-masternode ~]# mysql -ucat -h 192.168.137.31 -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 12 Server version: 5.6.46 MySQL Community Server (GPL) Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
-
如果想直接授權
# 注意帶上 with grant option; grant all privileges on *.* to 'cat'@'%' iedentified by '123456' with grant option;
這纔是完整的授權方式,不要再被網上的粘貼複製迷惑了