Deploy your Bitnami MySQL Stack on CenturyLink Cloud now! Launch Now

Description

MySQL is a fast, reliable, scalable, and easy to use open-source relational database system. MySQL Server is designed to handle mission-critical, heavy-load production applications.

First steps with the Bitnami MySQL Stack

Welcome to your new Bitnami application running on CenturyLink Cloud! Here are a few questions (and answers!) you might need when first starting with your application.

What credentials do I need?

You need two sets of credentials:

  • The application credentials that allow you to log in to your new Bitnami application. These credentials consist of a username and password.
  • The server credentials that allow you to log in to your CenturyLink Cloud server using an SSH client and execute commands on the server using the command line. These credentials consist of an SSH username and key.

What is the administrator username set for me to log in to the application for the first time?

Username: root

What SSH username should I use for secure shell access to my application?

SSH username: bitnami

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh

What is the default configuration?

The grant tables define the initial MySQL user accounts and their access privileges. The default configuration consists of:

  • A privileged account with a username of root. The root user has remote access to the database.
  • An anonymous user without remote access to the database server. This user can only connect from the local machine and it is only intended for testing.
  • A test database only intended for testing.

Check our recommendations for a production server.

MySQL version

In order to see which MySQL version your system is running, execute the following command:

$ mysqld --version

MySQL configuration file

The MySQL configuration file is located at /opt/bitnami/mysql/my.cnf. Some configuration overrides are stored in /opt/bitnami/mysql/bitnami/my.cnf.

The MySQL official documentation has more details about how to configure the MySQL database.

MySQL socket

On Unix, MySQL clients can connect to the server in the local machine using an Unix socket file at /opt/bitnami/mysql/tmp/mysql.sock.

MySQL port

The default port for MySQL is 3306.

MySQL Process Identification Number

The MySQL .pid file allows other programs to find out the PID (Process Identification Number) of a running script. Find it at /opt/bitnami/mysql/data/mysqld.pid.

MySQL error log

The log-error file contains information indicating when mysqld was started and stopped and also any critical errors that occur while the server is running. If mysqld notices a table that needs to be automatically checked or repaired, it writes a message to the error log.

Find it at /opt/bitnami/mysql/data/mysqld.log.

What are the default ports?

A port is an endpoint of communication in an operating system that identifies a specific process or a type of service. Bitnami stacks include several services or servers that require a port.

Remember that if you need to open some ports you can follow the instructions given in the FAQ to learn how to open the server ports for remote access.

Port 22 is the default port for SSH connections.

The MySQL access port is 3306. This port is closed by default, you must open it to enable remote access.

How to upload files to the server with SFTP?

NOTE: Bitnami applications can be found in /opt/bitnami/apps.
NOTE: The steps below assume that your CenturyLink Cloud server has a public IP address and an open SSH port. For more information, refer to the instructions on how to configure a public IP address and open the SSH port.

The first step is to ensure that you have the SSH credentials for your server.

If you are using the Bitnami Launchpad for CenturyLink Cloud, follow these steps:

  • Browse to the Bitnami Launchpad for CenturyLink Cloud and sign in if required using your Bitnami account credentials.

  • Select the "Virtual Machines" menu item.

  • Select your cloud server from the resulting list.

  • Note the server IP address and SSH password on the resulting page. By default, the SSH username is root.

    SSH credentials

If you are using the CenturyLink Control Portal, follow these steps:

  • Browse to the CenturyLink Control Portal and sign in if required using your CenturyLink Cloud account credentials.

  • Enter the name of your server in the search box at the top of the page, or select the server from the region and group list.

  • On the server detail page, obtain the public IP address. It is important to use the public IP address and not the internal IP address.

    CenturyLink IP address

  • On the same page, click the "show admin credentials" button. Note the username and password displayed.

    SSH credentials

Although you can use any SFTP/SCP client to transfer files to your server, this guide documents FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X).

Using a Password

Once you have your server's SSH credentials, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla

Follow these steps:

  • Download and install FileZilla.
  • Launch FileZilla and use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
  • Enter your server host name.
  • Select "SFTP" as the protocol and "Ask for password" as the logon type. Specify root as the user name and enter the server password.

    FileZilla configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /root directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

FileZilla debug log

WinSCP

Follow these steps:

  • Download and install WinSCP.
  • Launch WinSCP and in the "Session" panel, select "SCP" as the file protocol.
  • Enter your server host name and specify root as the user name. Enter the corresponding password as well.

    WinSCP configuration

  • From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /root directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Cyberduck

Follow these steps:

  • Select the "Open Connection" command and specify "SFTP" as the connection protocol.

    Cyberduck configuration

  • In the connection details panel, enter the server IP address, the username root and the SSH password.

    Cyberduck configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /root directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

How to secure your server?

Once you have created a new database and user for your application, connect to your MySQL server and follow these recommendations:

  • Remove anonymous users:

     mysql> DELETE FROM mysql.user WHERE User='';
    
  • Remove the test database and access to it:

     mysql> DROP DATABASE test;
     mysql> DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
    
  • Disallow root login remotely:

     mysql> DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
    

    Don't forget to reload the privileges tables to apply the changes:

     mysql> FLUSH PRIVILEGES;
    
  • Change your root user password.

  • It is strongly recommended that you do not have empty passwords for any user accounts when using the server for any production work.

  • If you don't need remote access, uncomment the line

     #bind-address=127.0.0.1
    

    in the MySQL configuration file to only listen for connections on the local machine. Restart the server once done.

How to find the MySQL database credentials?

How to connect to the MySQL database?

You can connect to the MySQL database from the same computer where it is installed with the mysql client tool.

$ mysql -u root -p

You will be prompted to enter the root user password. This is the same as the application password.

How to connect to MySQL from a different machine?

For security reasons, the MySQL port in this solution cannot be accessed over a public IP address. To connect to MySQL from a different machine, you must open port 3306 for remote access. Refer to the FAQ for more information on this.

IMPORTANT: By default, the database port for the nodes in this solution cannot be accessed over a public IP address. As a result, you will only be able to connect to your database nodes from machines that are running in the same network. For security reasons, we do not recommend making the database port accessible over a public IP address. If you must make it accessible over a public IP address, we recommend restricting access to a trusted list of source IP addresses using firewall rules. Refer to the FAQ for information on opening ports in the server firewall.

Once you have an active SSH tunnel or you opened the port for remote access, you can then connect to MySQL using a command like the one below.

Remember to replace SOURCE-PORT with the source port number specified in the SSH tunnel configuration or 3306 if you opened the port for remote access.

$ mysql -h 127.0.0.1 -P SOURCE-PORT -u root -p

You will be prompted to enter the root user password. This is the same as the application password.

How to change the MySQL root password?

You can modify the MySQL password using the following command at the shell prompt. Replace the NEW_PASSWORD placeholder with the actual password you wish to set.

$ /opt/bitnami/mysql/bin/mysqladmin -p -u root password NEW_PASSWORD

How to reset the MySQL root password?

If you don't remember your MySQL root password, you can follow the steps below to reset it to a new value:

  • Create a file in /home/bitnami/mysql-init with the content shown below (replace NEW_PASSWORD with the password you wish to use):

     UPDATE mysql.user SET Password=PASSWORD('NEW_PASSWORD') WHERE User='root';
     FLUSH PRIVILEGES;
    

    If your stack ships MySQL v5.7.x, use the following content instead of that shown above:

     UPDATE mysql.user SET authentication_string=PASSWORD('NEW_PASSWORD') WHERE User='root';
     FLUSH PRIVILEGES;
    
    TIP: Check the MySQL version with the command /opt/bitnami/mysql/bin/mysqladmin --version or /opt/bitnami/mysql/bin/mysqld --version.
  • Stop the MySQL server:

     $ sudo /opt/bitnami/ctlscript.sh stop mysql
    
  • Start MySQL with the following command:

     $ sudo /opt/bitnami/mysql/bin/mysqld_safe --pid-file=/opt/bitnami/mysql/data/mysqld.pid --datadir=/opt/bitnami/mysql/data --init-file=/home/bitnami/mysql-init 2> /dev/null &
    
  • Restart the MySQL server:

     $ sudo /opt/bitnami/ctlscript.sh restart mysql
    
  • Remove the script:

     $ rm /home/bitnami/mysql-init
    

How to create a database for a custom application?

These are the basic steps to create a new database and user for your applications:

  • Create a new database:

     mysql> create database DATABASE_NAME;
     Query OK, 1 row affected (0.00 sec)
    
  • Create a new user (only with local access) and grant privileges to this user on the new database:

     mysql> grant all privileges on DATABASE_NAME.* TO 'USER_NAME'@'localhost' identified by 'PASSWORD';
     Query OK, 1 row affected (0.00 sec)
    
  • Create a new user (with remote access) and grant privileges to this user on the new database:

     mysql> grant all privileges on DATABASE_NAME.* TO 'USER_NAME'@'%' identified by 'PASSWORD';
     Query OK, 1 row affected (0.00 sec)
    
  • After modifying the MySQL grant tables, execute the following command in order to apply the changes:

     mysql> flush privileges;
     Query OK, 1 row affected (0.00 sec)
    

Some applications require specific privileges in the database. Check the MySQL official getting started guide.

How to change the data directory?

The data directory for MySQL is set to /opt/bitnami/mysql/data by default. You can modify the location of this folder modifying the /opt/bitnami/mysql/my.cnf file, as shown below:

...
datadir=/opt/bitnami/mysql/data
...

Also modify the /opt/bitnami/mysql/scripts/ctl.sh file to reflect the new directory location:

--datadir=/opt/bitnami/mysql/data

Finally, move the data/ directory to the new location and restart the database.

How to encrypt a database table?

NOTE: Table encryption support is only available for InnoDB tables stored as individual files (the innodb_file_per_table option, enabled by default).

Follow the steps below to configure table encryption support:

  • Edit the /opt/bitnami/mysql/bitnami/my.cnf file and add the following lines to it, within the [mysqld] section, to activate the keyring_file plugin:

    early-plugin-load=keyring_file.so
    keyring_file_data=/opt/bitnami/mysql/data/keyring
    
    NOTE: The keyring file will be automatically created in the above location when the first table is encrypted. Keep a backup of this file as the data stored in the encrypted tables cannot be recovered without it.
  • Restart the MySQL server:

    $ sudo /opt/bitnami/ctlscript.sh restart mysql
    
  • Confirm that the keyring_file plugin is active by running the query below in the MySQL client:

    SELECT PLUGIN_NAME, PLUGIN_STATUS FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME LIKE 'keyring%';
    

You should now be able to create an encrypted table by adding the ENCRYPTED='Y' clause to any CREATE TABLE command. Here is an example:

CREATE TABLE mytable (id INT, value VARCHAR(255)) ENCRYPTION='Y'

Tables which are not already encrypted can be encrypted by using an ALTER TABLE command, such as the one below:

ALTER TABLE mytable ENCRYPTION='Y'

How can I run a command in the Bitnami MySQL Stack?

Log in to the server console as the bitnami user and run the command as usual. The required environment is automatically loaded for the bitnami user.

How to create a database backup?

To back up all the databases, create a dump file using the mysqldump tool.

$ mysqldump -A -u root -p > backup.sql

This operation could take some time depending on the database sizes.

NOTE: The steps previously described will only back up the data contained inside your databases. There may be other files that you should take into account when performing a full backup, such as files that may have been uploaded to your application. Refer to your application's documentation for more details.

How to restore a database backup?

Once you have the backup file, you can restore it with a command like the one below:

$ mysql -u root -p < backup.sql

How to debug errors in your database?

The main log file is created at /opt/bitnami/mysql/data/mysqld.log on the MySQL database server host.

How to configure MySQL Workbench?

NOTE: This section assumes that you have downloaded and installed MySQL Workbench.

To connect to your remote MySQL database server using MySQL Workbench, you have to allow remote connections to the server.

Once your MySQL server is configured to accept remote connections, you can connect to it using MySQL Workbench. Follow these steps:

  • Launch MySQL Workbench.
  • Click the "+" symbol in the "MySQL Connections" tab to add a new connection.

    MySQL Workbench configuration

  • Configure the connection as follows:
    • Enter a name for the connection in the "Connection Name" field.
    • Select "Standard (TCP/IP)" as the "Connection Type".
    • Enter your cloud server's IP address in the "Hostname" field.
    • Specify the "Port" as "3306".
    • Specify the "Username" as "root".

      MySQL Workbench configuration

  • Click "Test Connection" to test the connection.
  • If the connection is successful, click "OK" to save the connection.

    MySQL Workbench configuration

  • Double-click the new connection to launch the MySQL Workbench SQL Editor. You may be prompted for a password. Use the same password you used when previously configuring the server to accept remote connections. Once connected, the SQL editor window will open and you can interact with the server using SQL commands, as shown below:

MySQL Workbench configuration

How to allow remote connections to the MySQL server?

IMPORTANT: Making this application's network ports public is a significant security risk. You are strongly advised to only allow access to those ports from trusted networks. If, for development purposes, you need to access from outside of a trusted network, please do not allow access to those ports via a public IP address. Instead, use a secure channel such as a VPN or an SSH tunnel. Follow these instructions to remotely connect safely and reliably.

To connect to your remote MySQL database server using a remote client or a visual tool like MySQL Workbench, follow these steps:

  • Make sure that you have your cloud server's IP address and application credentials (instructions).
  • Open port 3306 in the server firewall (instructions).
  • Connect to your cloud server using PuTTY or another SSH client (instructions).
  • At the server console, edit the file /opt/bitnami/mysql/my.cnf and find the line containing

    bind-address=127.0.0.1
    
  • Comment out this line by placing a hash (#) symbol at the beginning, so that it looks like this:

    #bind-address=127.0.0.1
    
  • Save the file.
  • At the server console, allow remote access to the MySQL database server using the MySQL command line client. Use the following command, remembering to replace PASSWORD with the application password from the first step:

    $ /opt/bitnami/mysql/bin/mysql -u root -p -e "grant all privileges on *.* to 'root'@'%' identified by 'PASSWORD' with grant option";
    
  • When prompted for a password, enter the application password you noted in the first step.
  • Restart the MySQL server:

    $ sudo /opt/bitnami/ctlscript.sh restart mysql
    

How to install and run mysqltuner?

To install mysqtuner, download the mysqltuner.pl script. For example, you can download it with wget:

$ wget https://raw.github.com/rackerhacker/MySQLTuner-perl/master/mysqltuner.pl

To monitor a MySQL server installed by a Bitnami stack, pass the connection values through the command line, as shown below. Note that you will need Perl installed on the system.

$ perl mysqltuner.pl --socket /opt/bitnami/mysql/tmp/mysql.sock

How to recover a MySQL database with errors?

Before trying to recover a MySQL database, you should check the exact error in the MySQL log file at /opt/bitnami/mysql/data/mysqld.log. Check the latest entries in the MySQL log file with the following command:

$ sudo tail -n 100 /opt/bitnami/mysql/data/mysqld.log 

In this case, assume the following error in the log file:

110108 10:37:45 [ERROR] Fatal error: Can't open and lock privilege tables: Table 'user' is marked as crashed

Here are some steps to resolve this error:

  • The MySQL database is configured to use InnoDB engine by default. You can add the innodb_force_recovery=1 option in the main MySQL configuration file at /opt/bitnami/mysql/etc/my.cnf to try and fix the database:

     [mysqld]
     innodb_force_recovery = 1
    
  • Start the MySQL database with the following command:

     $ mysqld --skip-grant-tables --user=mysql --pid-file=/opt/bitnami/mysql/data/mysqld.pid 
     --skip-external-locking --port=3306 --sock=/opt/bitnami/mysql/tmp/mysql.sock
    
  • Open a new console and try to log in the database:

     $ mysql -u root -p
    
  • In this case, the error was related to the mysql.user table. Run these commands:

     mysql> use mysql;
     mysql> repair table user;
     mysql> check table user;
     mysql> exit;
    

If the table is recovered, you should see "OK" in the mysql.user status table. Do not forget to remove the innodb_force_recovery option from the my.cnf file and restart the MySQL server again.

$ sudo /opt/bitnami/ctlscript.sh restart mysql

If you find a different error or cannot fix an issue, we can try to help at http://community.bitnami.com.

centurylink

Bitnami Documentation