Continued from Part 3 of the Lock It Down series
By now, we should have both of our servers set up to communicate to each other via the Private Network. Our DBServer is on 10.0.2.0/24 and the Webservers are on 10.0.1.0/24, so now we’re left with installing our Database Server Software, configuring our DBUser for our webservers, and that’s it.
I’m not going to try to re-invent the wheel when maria already has a great article on it here: https://mariadb.com/kb/en/mariadb/yum/ .
To summarize though:
Go to https://downloads.mariadb.org/mariadb/repositories/#mirror=digitalocean-sfo&distro=CentOS to get your repo file. Place repo file in your /etc/yum.repos.d/ folder # sudo yum update && sudo yum install MariaDB-server MariaDB-client After installation completes # sudo /etc/init.d/mysql start
MariaDB is a drop-in replacement of mysql, So all your normal mysql commands should work without an issue, we’ll leverage Maria’s improvements over MySQL to our advantage for having a better preforming service.
# sudo /usr/bin/mysql_secure_installation Your password is current BLANK, so set a new one. # mysql -u root -p Password: mysql> Now we can create a user to use as an Admin from our WebServers
CREATE USER 'GIVE_USER_NAME'@'10.0.%.% IDENTIFIED BY 'GIVE_PASSWORD';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'GIVE_USER_NAME'@'10.0.%.%' WITH GRANT OPTION;
mysql> FLUSH PRIVILEGES;mysql> quit;
So now we have created our database user, we’ll link it to our Webserver and off we go. We shouldn’t ever have to come back to this server unless we need to do MySQL Integrity Checks.