CentOS 8操作系统上安装MySQL 8.0,可从默认的CentOS 8存储库中安装最新版本的MySQL数据库服务器8.0版,CentOS 8还提供了MariaDB 10.3,它是MySQL 5.7的直接替代品,但有一些限制,如果你的应用程序与MySQL 8.0不兼容,请安装MariaDB 10.3,参考在CentOS 7服务器中安装MariaDB 10.4的方法。
在CentOS 8上安装MySQL 8.0
通过以root用户或具有sudo特权的用户身份使用CentOS软件包管理器来安装MySQL 8.0服务器:
sudo dnf install @mysql

@mysql模块将安装MySQL及其所有依赖项。
安装完成后,通过运行以下命令来启动MySQL服务并使它在启动时自动启动:
sudo systemctl enable --now mysqld

要检查MySQL服务器是否正在运行,请输入:
sudo systemctl status mysqld

返回信息如下:
mysqld.service - MySQL 8.0 database server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2019-10-17 22:09:39 UTC; 15s ago
注:说明安装MySQL 8.0成功了。
保护MySQL的操作
运行mysql_secure_installation脚本,该脚本执行一些与安全性相关的操作并设置MySQL根密码:
sudo mysql_secure_installation

系统将要求你配置VALIDATE PASSWORD PLUGIN(验证密码插件),该插件用于测试MySQL用户密码的强度并提高安全性,密码验证策略分为三个级别:低、中和强,如果你不想设置验证密码插件,请按Enter。
在下一个提示符下,将要求你设置MySQL root用户的密码,完成此操作后,脚本还将要求你删除匿名用户,限制root用户对本地计算机的访问,并删除测试数据库,你应该对所有问题回答“是”。
要从命令行与MySQL服务器进行交互,请使用MySQL客户端实用程序,它作为依赖项安装,通过键入以下内容测试根访问权限:
mysql -u root -p

在出现提示时输入root密码,然后将显示MySQL shell,如下所示:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 8.0.17 Source distribution
至此,已经在CentOS 8服务器上安装并保护了MySQL 8.0,并准备使用它。
[root@server1 ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL

SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current

password for the root user. If you've just installed MySQL, and

you haven't set the root password yet, the password will be blank,

so you should just press enter here.

Enter current password for root (enter for none):<–初次运行直接回车

OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MySQL

root user without the proper authorisation.

Set root password? [Y/n] <– 是否设置root用户密码,输入y并回车或直接回车

New password: <– 设置root用户的密码

Re-enter new password: <– 再输入一次你设置的密码
###这里如果出现密码... Failed! Error: Your password does not satisfy the current policy requirements
Password updated successfully! 则重新输入,这时可以先设置一个MySQL安全配置向导通过的密码 比如 Root_12root 先设置成功,后续我们更改

Reloading privilege tables..

… Success!

By default, a MySQL installation has an anonymous user, allowing anyone

to log into MySQL without having to have a user account created for

them. This is intended only for testing, and to make the installation

go a bit smoother. You should remove them before moving into a

production environment.

Remove anonymous users? [Y/n] <– 是否删除匿名用户,生产环境建议删除,所以直接回车

… Success!

Normally, root should only be allowed to connect from 'localhost'. This

ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] <–是否禁止root远程登录,根据自己的需求选择Y/n并回车,建议禁止

… Success!

By default, MySQL comes with a database named 'test' that anyone can

access. This is also intended only for testing, and should be removed

before moving into a production environment.

Remove test database and access to it? [Y/n] <– 是否删除test数据库,直接回车

- Dropping test database…

… Success!

- Removing privileges on test database…

… Success!

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

Reload privilege tables now? [Y/n] <– 是否重新加载权限表,直接回车

… Success!

Cleaning up…

All done! If you've completed all of the above steps, your MySQL

installation should now be secure.

Thanks for using MySQL!

[root@server1 ~]#

身份验证的操作
由于CentOS 8中的某些客户端工具和库与caching_sha2_password方法不兼容,因此CentOS 8存储库中包含的MySQL 8.0服务器设置为使用旧的mysql_native_password身份验证插件,该方法在上游MySQL 8.0发行版中设置为默认。
对于大多数设置,mysql_native_password方法应该没问题,但是,如果你想将默认身份验证插件更改为caching_sha2_password,这样可以更快并提供更好的安全性,请打开以下配置文件:
sudo vim /etc/my.cnf.d/mysql-default-authentication-plugin.cnf

将default_authentication_plugin的值更改为caching_sha2_password:
[mysqld]

default_authentication_plugin=caching_sha2_password

关闭并保存文件,然后重新启动MySQL服务器以使更改生效:
sudo systemctl restart mysqld

这里补充修改简单密码的方法
MySQL 8.0 调整密码验证规则:
mysql> set global validate_password.policy=0;
mysql> set global validate_password.length=1;

重新设置密码:
ALTER USER 'root'@'localhost' IDENTIFIED BY '你的密码';

这里补充打开远程连接的方法
Mysql默认不允许远程登录,所以需要开启远程访问权限
可以先查看user表
mysql> select user,authentication_string,host from user;

默认都是localhost
mysql> update user set host = '%' where user = 'root';

此时root的host是所有都可以了
然后刷新修改,这步一定要做,否则无法生效。
FLUSH PRIVILEGES;

然后开启防火墙
[root@localhost ~]# firewall-cmd --zone=public --add-port=3306/tcp --permanent
success
[root@localhost ~]# firewall-cmd --reload
success