我需要配置 mysql,以便可以远程连接到它。这是文件的一部分/etc/mysql/my.cnf:
[mysqld]
#
# * Basic Settings
#
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address = 127.0.0.1
bind-address = 0.0.0.0
#
# * Fine Tuning
#
key_buffer = 16M
max_allowed_packet = 16M
thread_stack = 192K
thread_cache_size = 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover = BACKUP
#max_connections = 100
#table_cache = 64
#thread_concurrency = 10
#
# * Query Cache Configuration
#
query_cache_limit = 1M
query_cache_size = 16M
#
# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
#general_log_file = /var/log/mysql/mysql.log
#general_log = 1
#
# Error log - should be very few entries.
#
log_error = /var/log/mysql/error.log
#
# Here you can see queries with especially long duration
#log_slow_queries = /var/log/mysql/mysql-slow.log
#long_query_time = 2
#log-queries-not-using-indexes
#
# The following can be used as easy to replay backup logs or for replication.
# note: if you are setting up a replication slave, see README.Debian about
# other settings you may need to change.
#server-id = 1
#log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
max_binlog_size = 100M
#binlog_do_db = include_database_name
#binlog_ignore_db = include_database_name
#
# * InnoDB
#
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
# Read the manual for more InnoDB related options. There are many!
#
# * Security Features
#
# Read the manual, too, if you want chroot!
# chroot = /var/lib/mysql/
#
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
#
# ssl-ca=/etc/mysql/cacert.pem
# ssl-cert=/etc/mysql/server-cert.pem
# ssl-key=/etc/mysql/server-key.pem
我也尝试注释掉所有bind-address指令,但它没有解决问题。
命令输出netstat -tlnep:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 0 3159847 6038/vsftpd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 0 10112 1372/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 15680697 53108/nginx: worker
tcp 0 0 0.0.0.0:2277 0.0.0.0:* LISTEN 0 11247 1109/sshd
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 105 23269036 57272/mysqld
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 15680696 53108/nginx: worker
tcp6 0 0 :::25 :::* LISTEN 0 10113 1372/master
tcp6 0 0 :::443 :::* LISTEN 0 15680698 53108/nginx: worker
tcp6 0 0 :::2277 :::* LISTEN 0 11249 1109/sshd
现在我可以从本地主机连接到 mysql,但无法从远程主机连接。从远程主机连接时出现错误:ERROR 2003 (HY000): Can't connect to MySQL server on '<my server ip address>' (110)
Telnet 也无法连接到端口 3306 上的服务器 IP。
一些系统信息:
uname -a
Linux webdevgranat 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
mysql> SELECT VERSION();
+-------------------------+
| VERSION() |
+-------------------------+
| 5.5.54-0ubuntu0.14.04.1 |
+-------------------------+
1 row in set (0.00 sec)
另外,当我尝试扫描开放端口时(例如,这里),我得到 3306 端口标记为 not关闭但过滤的。
ufw 防火墙已禁用。
答案1
- 如果你的 MySQL 服务器监听“0.0.0.0:3306”,那就没问题了。
- 您必须允许在防火墙中的端口上连接到数据库服务器。
- 您必须为 MySQL 服务器上的数据库用户授予正确的权限。
你是如何将这台装有 MySQL 的机器连接到互联网的?是VPS还是其他有公网IP的服务器?