1. 创建项目目录结构
mkdir mysql-docker && cd mysql-docker
mkdir -p {data,conf,logs,backups}
2. 创建 docker-compose.yml
version: '3.8'
services:
mysql:
image: mysql:8.0
container_name: mysql-8.0
restart: unless-stopped
environment:
# 必需的环境变量
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: ${MYSQL_DATABASE}
MYSQL_USER: ${MYSQL_USER}
MYSQL_PASSWORD: ${MYSQL_PASSWORD}
# 可选环境变量
TZ: Asia/Shanghai
MYSQL_CHARSET: utf8mb4
MYSQL_COLLATION: utf8mb4_unicode_ci
ports:
- "3306:3306"
volumes:
# 数据持久化
- ./data:/var/lib/mysql
# 自定义配置
- ./conf:/etc/mysql/conf.d
# 日志文件
- ./logs:/var/log/mysql
# 备份目录
- ./backups:/backups
# 初始化脚本
- ./init-scripts:/docker-entrypoint-initdb.d
command:
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_unicode_ci
- --default-authentication-plugin=mysql_native_password
- --max_connections=1000
- --innodb_buffer_pool_size=256M
- --bind-address=0.0.0.0
- --skip-name-resolve
networks:
- mysql-networkhealthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "root", "-p${MYSQL_ROOT_PASSWORD}"]
timeout: 20s
retries: 10
start_period: 30s# 可选:添加 phpMyAdmin 用于数据库管理
phpmyadmin:
image: phpmyadmin/phpmyadmin
container_name: mysql-pma
restart: unless-stopped
environment:
PMA_HOST: mysql
PMA_PORT: 3306
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
UPLOAD_LIMIT: 128M
ports:
- "8080:80"
depends_on:
- mysql
networks:
- mysql-networknetworks:
mysql-network:
driver: bridgevolumes:
mysql-data:
driver: local
3. 创建环境变量文件
vim .env
# MySQL 环境变量配置文件
# 请修改以下密码为安全的密码# Root 用户密码
MYSQL_ROOT_PASSWORD=YourSecureRootPassword123!# 默认创建的数据库名称
MYSQL_DATABASE=myapp# 默认创建的用户名
MYSQL_USER=myuser# 默认用户的密码
MYSQL_PASSWORD=YourUserPassword123!# 时区设置
TZ=Asia/Shanghai
设置环境文件权限
chmod 600 .env
4. 创建 MySQL 自定义配置
创建 conf/my-custom.cnf 文件
[mysqld]
# 字符集配置
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci# 连接配置
max_connections = 1000
max_connect_errors = 100000
wait_timeout = 28800
interactive_timeout = 28800# InnoDB 配置
innodb_buffer_pool_size = 256M
innodb_log_file_size = 128M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50# 日志配置
log_error = /var/log/mysql/error.log
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 2
log_queries_not_using_indexes = 1# 二进制日志(用于主从复制)
# server_id = 1
# log_bin = /var/log/mysql/mysql-bin.log
# expire_logs_days = 10
# max_binlog_size = 100M# 其他配置
skip-name-resolve
lower_case_table_names = 1
default-time-zone = '+08:00'[client]
default-character-set = utf8mb4[mysql]
default-character-set = utf8mb4
5. 创建初始化脚本
创建 init-scripts/01-create-users.sql
-- 创建额外的数据库用户和权限
-- 这个脚本会在容器首次启动时执行
-- 创建只读用户
CREATE USER IF NOT EXISTS 'readonly_user'@'%' IDENTIFIED BY 'ReadOnlyPassword123!';
GRANT SELECT ON *.* TO 'readonly_user'@'%';
-- 创建应用用户(限制权限)
CREATE USER IF NOT EXISTS 'app_user'@'%' IDENTIFIED BY 'AppUserPassword123!';
GRANT SELECT, INSERT, UPDATE, DELETE ON myapp.* TO 'app_user'@'%';
-- 创建备份用户
CREATE USER IF NOT EXISTS 'backup_user'@'%' IDENTIFIED BY 'BackupPassword123!';
GRANT SELECT, RELOAD, LOCK TABLES, REPLICATION CLIENT ON *.* TO 'backup_user'@'%';
-- 刷新权限
FLUSH PRIVILEGES;
-- 显示创建的用户
SELECT user, host FROM mysql.user WHERE user NOT LIKE 'mysql.%';
创建 init-scripts/02-create-sample-data.sql
-- 创建示例数据(可选)
USE myapp;
-- 创建示例表
CREATE TABLE IF NOT EXISTS users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
email VARCHAR(100) NOT NULL UNIQUE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-- 插入示例数据
INSERT IGNORE INTO users (username, email) VALUES
('admin', 'admin@example.com'),
('user1', 'user1@example.com'),
('user2', 'user2@example.com');
6. 部署和启动服务
拉取镜像并启动服务
# 拉取最新镜像
docker-compose pull# 启动服务(后台运行)
docker-compose up -d# 查看服务状态
docker-compose ps# 查看实时日志
docker-compose logs -f mysql
验证部署
# 检查容器状态
docker-compose ps# 检查 MySQL 服务健康状态
docker-compose exec mysql mysqladmin ping -u root -p"${MYSQL_ROOT_PASSWORD}"
# 连接测试
docker-compose exec mysql mysql -u root -p"${MYSQL_ROOT_PASSWORD}" -e "SHOW DATABASES;"
7. 配置远程访问
方法一:通过初始化脚本配置(推荐)
创建 init-scripts/03-remote-access.sql:
-- 配置远程访问权限
USE mysql;-- 为 root 用户启用远程访问(生产环境不推荐)
-- CREATE USER IF NOT EXISTS 'root'@'%' IDENTIFIED BY 'YourSecureRootPassword123!';
-- GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;-- 创建专门的远程管理用户
CREATE USER IF NOT EXISTS 'remote_admin'@'%' IDENTIFIED BY 'RemoteAdminPassword123!';
GRANT ALL PRIVILEGES ON *.* TO 'remote_admin'@'%' WITH GRANT OPTION;-- 刷新权限
FLUSH PRIVILEGES;-- 查看用户权限
SELECT user, host, authentication_string FROM mysql.user WHERE user = 'remote_admin';
8. 测试远程连接
从远程客户端连接测试
# 使用 mysql 客户端测试
mysql -h your-server-ip -P 3306 -u remote_admin -p# 或者使用其他数据库工具连接
验证网络连通性
# 测试端口是否开放
telnet your-server-ip 3306# 或者使用 nc
nc -zv your-server-ip 3306
9. 常用管理命令
服务管理
# 启动服务
docker-compose start# 停止服务
docker-compose stop# 重启服务
docker-compose restart# 停止并删除容器
docker-compose down# 停止并删除容器及数据卷
docker-compose down -v# 查看日志
docker-compose logs mysql
docker-compose logs -f mysql# 进入容器
docker-compose exec mysql bash
docker-compose exec mysql mysql -u root -p
故障排除
常见问题解决
# 查看详细错误日志
docker-compose logs mysql
首次启动服务一直在重启通过错误日志排查问题
暂停服务,重新设置权限,之后重启服务