Table of Contents
Understanding MySQL vs MariaDB
MySQL and MariaDB are both relational database management systems (RDBMS) that implement SQL and share a common ancestry.
Key points for admins:
- Origins
- MySQL: Originally by MySQL AB → Sun → Oracle.
- MariaDB: Fork of MySQL by original MySQL developers after Oracle acquisition.
- Compatibility
- MariaDB aims to be a drop-in replacement for MySQL for many versions:
- Same client protocol.
- Same ports (default 3306).
- Similar configuration file layout.
- Many tools and libraries (e.g.,
libmysqlclient) are ABI-compatible or have compatibility modes. - At higher versions (MySQL 8 vs MariaDB 10.x), features and syntax diverge more.
- Why choose one over the other
- MySQL:
- Widely used in enterprise; strong vendor support (Oracle).
- Advanced features in recent versions (e.g., some GIS, JSON, CTEs, roles).
- MariaDB:
- Community-driven; most features GPL.
- Often faster for some workloads with alternative storage engines.
- Additional engines and features (Aria, ColumnStore, etc.).
Always check:
- Application compatibility (required SQL features, supported versions).
- Distribution defaults (e.g., some distros ship MariaDB instead of MySQL).
Installation Basics
Distribution specifics (exact commands) belong to package-management chapters; here is what’s unique to MySQL/MariaDB.
Package names and services
Common package names:
- MySQL (Oracle builds):
- Server:
mysql-server - Client:
mysql-client - MariaDB:
- Server:
mariadb-server - Client:
mariadb-clientormariadb
Service names (systemd):
- MySQL (Oracle):
mysqldormysql - MariaDB:
mariadb
Typical management commands:
sudo systemctl enable --now mariadb
sudo systemctl status mariadb
sudo systemctl enable --now mysqld
sudo systemctl status mysqldInitial secure setup
Both MySQL and MariaDB provide an interactive hardening script:
sudo mysql_secure_installationYou’ll typically be asked:
- Configure root password / authentication method.
- Remove anonymous users.
- Disallow remote root login.
- Remove test database.
- Reload privilege tables.
On modern systems, root may authenticate via Unix socket by default (no password when running as root), which affects how you log in for administration.
Core Configuration Files and Layout
The exact paths can vary, but common patterns:
- Main config file:
/etc/my.cnfor/etc/mysql/my.cnf- Additional configs:
/etc/my.cnf.d/.cnfor/etc/mysql/conf.d/.cnf
Server sections:
[mysqld]— main server options.[mysqld_safe]— wrapper script options.[client]— default options formysqlclient.
Example minimal override file:
# /etc/my.cnf.d/10-custom.cnf
[mysqld]
bind-address = 127.0.0.1
max_connections = 200
innodb_buffer_pool_size = 2GAfter changing configuration:
sudo systemctl restart mariadb
# or
sudo systemctl restart mysqldBasic Server Administration
Connecting to the server
Local (socket or TCP) as root:
sudo mysql
# or explicitly
mysql -u root -pRemote:
mysql -h db.example.com -u appuser -pCreating databases and users
Basic workflow:
- Create a database.
- Create a user.
- Grant privileges to that user on that database.
Example:
CREATE DATABASE appdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'appuser'@'localhost' IDENTIFIED BY 'StrongPassword!';
GRANT ALL PRIVILEGES ON appdb.* TO 'appuser'@'localhost';
FLUSH PRIVILEGES;Key points:
- User identities include host:
'user'@'localhost'is different from'user'@'%'. - Use
utf8mb4for full Unicode support (including emoji and 4‑byte characters), notutf8.
Checking databases and users
List databases:
SHOW DATABASES;List users (syntax varies by version):
SELECT user, host FROM mysql.user;Show grants for a user:
SHOW GRANTS FOR 'appuser'@'localhost';Storage Engines Overview
MySQL/MariaDB use pluggable storage engines. For server admins, the main concern is data durability, performance, and features.
Common engines:
- InnoDB
- Default transactional engine in modern MySQL/MariaDB.
- ACID compliant, row-level locking, foreign keys, crash recovery.
- Best choice for most production workloads.
- MyISAM
- Non-transactional, table-level locking, no foreign keys.
- Only for very specific legacy or read-mostly scenarios.
- MariaDB-specific extras (MariaDB only):
- Aria (crash-safe MyISAM replacement for internal use).
- ColumnStore (columnar, analytics).
- TokuDB (deprecated in some distros).
Check default storage engine:
SHOW ENGINES;
SHOW VARIABLES LIKE 'default_storage_engine';Basic Performance-Related Settings
Deep performance tuning is covered elsewhere; here are MySQL/MariaDB-specific knobs you should recognize.
Commonly tuned options (in [mysqld]):
innodb_buffer_pool_size- Main memory cache for InnoDB data and indexes.
- Rough starting guideline on a dedicated DB server: 50–70% of RAM (leaving room for OS + other services).
max_connections- Maximum concurrent client connections.
- Too high without enough RAM leads to swapping and instability.
query_cache_size(MySQL 5.x; removed in MySQL 8, disabled by default in MariaDB newer versions)- Generally should be
0for busy write-heavy systems. slow_query_logandlong_query_time- Enable slow query logging for diagnostics:
[mysqld]
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 1- Helps identify queries needing optimization.
View current values:
SHOW VARIABLES LIKE 'innodb_buffer_pool_size';
SHOW VARIABLES LIKE 'max_connections';Backup and Restore with mysqldump
General backup strategy is covered elsewhere; this section focuses on MySQL/MariaDB tools.
Logical backups with `mysqldump`
mysqldump exports SQL statements to recreate schema and data.
Example: dump a single database
mysqldump -u root -p appdb > appdb.sqlDump multiple databases:
mysqldump -u root -p --databases appdb otherdb > multi.sqlDump all databases:
mysqldump -u root -p --all-databases > all.sqlUseful options:
--single-transaction- For InnoDB, creates a consistent snapshot without locking tables (good for live backups).
--routines --triggers --events- Include stored procedures, triggers, events.
Example consistent backup:
mysqldump -u root -p \
--single-transaction \
--routines --triggers --events \
appdb > appdb_full.sqlRestoring from `mysqldump`
Restore a single database dump:
mysql -u root -p appdb < appdb.sql
For dumps created with --databases or --all-databases:
mysql -u root -p < all.sqlBe aware:
- Restoring will execute
CREATE DATABASE,DROP TABLE, etc. according to the dump. - Permissions and users are only included if you dumped the
mysqlsystem database, which is usually not recommended for mixed environments.
Basic Security Practices (MySQL/MariaDB-specific)
General system security is covered elsewhere; here are DB-specific practices.
Restricting network exposure
In config ([mysqld]):
- To listen only on localhost (no remote access):
bind-address = 127.0.0.1- To allow remote connections:
bind-address = 0.0.0.0If you allow remote access:
- Use firewall rules to limit which IPs can connect to port 3306.
- Prefer SSH tunnels or VPN instead of exposing 3306 publicly.
Principle of least privilege
- Avoid giving application users
SUPER,FILE, orALL PRIVILEGESon.unnecessarily. - Typical app user:
GRANT SELECT, INSERT, UPDATE, DELETE
ON appdb.* TO 'appuser'@'10.0.0.%';- Separate admin and application accounts.
Authentication and passwords
- Enforce strong passwords and rotate credentials.
- In MySQL 8 / newer MariaDB:
- Familiarize yourself with password validation plugins and default authentication plugins (e.g.,
caching_sha2_passwordin MySQL 8).
Basic Monitoring and Diagnostics
Monitoring connections and status
See who is connected:
SHOW PROCESSLIST;Global status metrics:
SHOW GLOBAL STATUS LIKE 'Threads%';
SHOW GLOBAL STATUS LIKE 'Questions';
SHOW GLOBAL STATUS LIKE 'Connections';Example: QPS (queries per second), measured over time:
- Take two snapshots of
Questionswith timestamps and compute:
$$
\text{QPS} = \frac{\Delta \text{Questions}}{\Delta \text{time (seconds)}}
$$
Logs
Locations vary by distro, but common:
- Error log:
/var/log/mysql/error.log/var/log/mariadb/mariadb.log- Slow query log (if enabled):
/var/log/mysql/slow.log
Check paths:
SHOW VARIABLES LIKE 'log_error';
SHOW VARIABLES LIKE 'slow_query_log_file';Schema and Table Basics for Admins
Application schema design is not the focus here; instead, what admins often need to do.
Creating and inspecting tables
Create a simple table:
USE appdb;
CREATE TABLE users (
id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
email VARCHAR(255) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;Inspect a table:
DESCRIBE users;
SHOW CREATE TABLE users\GChange table schema carefully, especially on large tables:
ALTER TABLE users ADD COLUMN last_login DATETIME NULL AFTER email;
On busy systems, consider online DDL options where supported (ALGORITHM=INPLACE, LOCK=NONE) to minimize downtime.
Replication Overview (MySQL/MariaDB)
Detailed replication and clustering are broader topics, but you should know basic terminology.
Key replication features:
- Master/Replica (Primary/Replica):
- Writes go to primary.
- Replicas replay binary logs to stay in sync.
- Used for read scaling and backups.
Core concepts:
- Binary log (binlog)
- Server IDs
- Replication user with
REPLICATION SLAVEorREPLICATION REPLICAprivilege CHANGE MASTER TO/CHANGE REPLICATION SOURCE TO(terminology changed in newer releases).
Checking if binary logging is enabled:
SHOW VARIABLES LIKE 'log_bin';
SHOW VARIABLES LIKE 'server_id';MariaDB and MySQL implement replication similarly but not identically; never mix major versions arbitrarily in a replication topology without checking compatibility.
Practical Operational Tips
- Always test version upgrades and config changes in staging first.
- Regularly:
- Check backups and perform test restores.
- Monitor disk space where data and logs live (
/var/lib/mysqlor/var/lib/mariadb). - Rotate logs and watch for slow queries and errors.
- For planned maintenance:
- Use
SET GLOBAL read_only = ON;on replicas when needed. - Consider connection draining at the application / load balancer layer.
This chapter focused on what is specific to running MySQL/MariaDB as a Linux server admin. Broader backup strategies, security hardening, and performance tuning are handled in their dedicated chapters.