您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

快速入门:使用 Azure CLI 创建 Azure Database for MySQL 灵活服务器Quickstart: Create an Azure Database for MySQL Flexible Server using Azure CLI

本快速入门教程介绍如何使用 Azure Cloud Shell 中的 Azure CLI 在大约 5 分钟内创建 Azure Database for MySQL 灵活服务器。This quickstart shows how to use the Azure CLI commands in Azure Cloud Shell to create an Azure Database for MySQL Flexible Server in five minutes. 如果没有 Azure 订阅,请在开始之前创建一个免费帐户。If you don't have an Azure subscription, create a free account before you begin.

重要

Azure Database for MySQL 灵活服务器当前以公共预览版提供Azure Database for MySQL Flexible Server is currently in public preview

启动 Azure Cloud ShellLaunch Azure Cloud Shell

Azure Cloud Shell 是免费的交互式 shell,可以使用它运行本文中的步骤。The Azure Cloud Shell is a free interactive shell that you can use to run the steps in this article. 它预安装有常用 Azure 工具并将其配置与帐户一起使用。It has common Azure tools preinstalled and configured to use with your account.

若要打开 Cloud Shell,只需要从代码块的右上角选择“试一试”。 To open the Cloud Shell, just select Try it from the upper right corner of a code block. 也可以在单独的浏览器标签页中通过转到 https://shell.azure.com/bash 打开 Cloud Shell。You can also open Cloud Shell in a separate browser tab by going to https://shell.azure.com/bash. 选择“复制”以复制代码块,将其粘贴到 Cloud Shell 中,然后选择 Enter 来运行它。 Select Copy to copy the blocks of code, paste it into the Cloud Shell, and select Enter to run it.

如果希望在本地安装并使用 CLI,则本快速入门需要 Azure CLI 2.0 版或更高版本。If you prefer to install and use the CLI locally, this quickstart requires Azure CLI version 2.0 or later. 运行 az --version 即可查找版本。Run az --version to find the version. 如果需要进行安装或升级,请参阅安装 Azure CLIIf you need to install or upgrade, see Install Azure CLI.

先决条件Prerequisites

你将需要使用 az login 命令登录到你的帐户。You'll need to log in to your account using the az login command. 请注意 id 属性,该属性指的是 Azure 帐户的订阅 ID。Note the id property, which refers to Subscription ID for your Azure account.

az login

使用 az account set 命令选择帐户下的特定订阅。Select the specific subscription under your account using az account set command. 记下 az login 输出中的 id 值,以用作命令中订阅参数的值。Make a note of the id value from the az login output to use as the value for subscription argument in the command. 如果有多个订阅,请选择应计费的资源所在的相应订阅。If you have multiple subscriptions, choose the appropriate subscription in which the resource should be billed. 若要获取所有订阅,请使用 az account listTo get all your subscription, use az account list.

az account set --subscription <subscription id>

创建灵活服务器Create a flexible server

使用 az group create 命令创建 Azure 资源组,然后在此资源组中创建 MySQL 灵活服务器。Create an Azure resource group using the az group create command and then create your MySQL flexible server inside this resource group. 应提供唯一名称。You should provide a unique name. 以下示例在 eastus2 位置创建名为 myresourcegroup 的资源组。The following example creates a resource group named myresourcegroup in the eastus2 location.

az group create --name myresourcegroup --location eastus2

使用 az mysql flexible-server create 命令创建灵活服务器。Create a flexible server with the az mysql flexible-server create command. 一个服务器可以包含多个数据库。A server can contain multiple databases. 以下命令使用服务默认值和 Azure CLI 本地上下文中的值创建服务器:The following command creates a server using service defaults and values from your Azure CLI's local context:

az mysql flexible-server create

创建的服务器具有以下属性:The server created has the below attributes:

  • 自动生成的服务器名称、管理员用户名、管理员密码、资源组名称(如果尚未在本地上下文中指定),并且与资源组位于同一位置Auto-generated server name, admin username, admin password, resource group name (if not already specified in local context), and in the same location as your resource group
  • 其余服务器配置的服务默认值:计算层(可突增)、计算大小/SKU (B1MS)、备份保持期(7 天)和 MySQL 版本 (5.7)Service defaults for remaining server configurations: compute tier (Burstable), compute size/SKU (B1MS), backup retention period (7 days), and MySQL version (5.7)
  • 默认的连接方法是设置了自动生成的虚拟网络和子网的“专用访问(VNet 集成)”The default connectivity method is Private access (VNet Integration) with an auto-generated virtual network and subnet

备注

创建服务器后,无法更改连接方法。The connectivity method cannot be changed after creating the server. 例如,如果在创建过程中选择了“专用访问(VNet 集成)”,则在创建后无法将其更改为“公共访问(允许的 IP 地址)” 。For example, if you selected Private access (VNet Integration) during create then you cannot change to Public access (allowed IP addresses) after create. 强烈建议创建采用专用访问的服务器,以使用 VNet 集成安全地访问你的服务器。We highly recommend creating a server with Private access to securely access your server using VNet Integration. 若要详细了解专用访问,请参阅概念文章Learn more about Private access in the concepts article.

如果要更改任何默认设置,请参阅 Azure CLI 参考文档以获取可配置 CLI 参数的完整列表。If you'd like to change any defaults, please refer to the Azure CLI reference documentation for the complete list of configurable CLI parameters.

下面是一些示例输出:Below is some sample output:

Command group 'mysql flexible-server' is in preview. It may be changed/removed in a future release.
Creating Resource Group 'groupXXXXXXXXXX'...
Creating new vnet "serverXXXXXXXXXVNET" in resource group "groupXXXXXXXXXX"...
Creating new subnet "serverXXXXXXXXXSubnet" in resource group "groupXXXXXXXXXX" and delegating it to "Microsoft.DBforMySQL/flexibleServers"...
Creating MySQL Server 'serverXXXXXXXXX' in group 'groupXXXXXXXXXX'...
Your server 'serverXXXXXXXXX' is using sku 'Standard_B1ms' (Paid Tier). Please refer to https://aka.ms/mysql-pricing for pricing details
Creating MySQL database 'flexibleserverdb'...
Make a note of your password. If you forget, you would have to reset your password with 'az mysql flexible-server update -n serverXXXXXXXXX -g groupXXXXXXXXXX -p <new-password>'.
{
  "connectionString": "server=serverXXXXXXXXX.mysql.database.azure.com;database=flexibleserverdb;uid=secureusername;pwd=securepasswordstring",
  "databaseName": "flexibleserverdb",
  "host": "serverXXXXXXXXX.mysql.database.azure.com",
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/groupXXXXXXXXXX/providers/Microsoft.DBforMySQL/flexibleServers/serverXXXXXXXXX",
  "location": "East US 2",
  "password": "securepasswordstring",
  "resourceGroup": "groupXXXXXXXXXX",
  "skuname": "Standard_B1ms",
  "subnetId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/groupXXXXXXXXXX/providers/Microsoft.Network/virtualNetworks/serverXXXXXXXXXVNET/subnets/serverXXXXXXXXXSubnet",
  "username": "secureusername",
  "version": "5.7"
}

如果要更改任何默认设置,请参阅 Azure CLI 参考文档以获取可配置 CLI 参数的完整列表。If you'd like to change any defaults, please refer to the Azure CLI reference documentation for the complete list of configurable CLI parameters.

创建数据库Create a database

如果尚未创建数据库,请运行 newdatabase 命令进行创建。Run the following command to create a database, newdatabase if you have not already created one.

az mysql flexible-server db create -d newdatabase

备注

连接到 Azure Database for MySQL 时,经端口 3306 进行通信。Connections to Azure Database for MySQL communicate over port 3306. 如果尝试从企业网络内部进行连接,则可能不允许经端口 3306 的出站流量。If you try to connect from within a corporate network, outbound traffic over port 3306 might not be allowed. 如果是这样,则无法连接到服务器,除非 IT 部门打开了端口 3306。If this is the case, you can't connect to your server unless your IT department opens port 3306.

获取连接信息Get the connection information

若要连接到服务器,需要提供主机信息和访问凭据。To connect to your server, you need to provide host information and access credentials.

az mysql flexible-server show --resource-group myresourcegroup --name mydemoserver

结果采用 JSON 格式。The result is in JSON format. 记下 fullyQualifiedDomainName 和 administratorLogin 。Make a note of the fullyQualifiedDomainName and administratorLogin. 下面是 JSON 输出的示例:Below is a sample of the JSON output:

{
  "administratorLogin": "myadminusername",
  "administratorLoginPassword": null,
  "delegatedSubnetArguments": {
    "subnetArmResourceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Network/virtualNetworks/mydemoserverVNET/subnets/mydemoserverSubnet"
  },
  "fullyQualifiedDomainName": "mydemoserver.mysql.database.azure.com",
  "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.DBforMySQL/flexibleServers/mydemoserver",
  "location": "East US 2",
  "name": "mydemoserver",
  "publicNetworkAccess": "Disabled",
  "resourceGroup": "myresourcegroup",
  "sku": {
    "capacity": 0,
    "name": "Standard_B1ms",
    "tier": "Burstable"
  },
  "storageProfile": {
    "backupRetentionDays": 7,
    "fileStorageSkuName": "Premium_LRS",
    "storageAutogrow": "Disabled",
    "storageIops": 0,
    "storageMb": 10240
  },
  "tags": null,
  "type": "Microsoft.DBforMySQL/flexibleServers",
  "version": "5.7"
}

使用 Azure CLI 连接并测试连接Connect and test the connection using Azure CLI

借助 Azure Database for MySQL 灵活服务器,你可使用 Azure CLI az mysql flexible-server connect 命令连接到 MySQL 服务器。Azure Database for MySQL Flexible Server enables you to connect to your mysql server with Azure CLI az mysql flexible-server connect command. 使用此命令可以测试与数据库服务器的连接情况,创建快速入门数据库并直接对服务器运行查询,无需安装 mysql.exe 或 MySQL Workbench。This command allows you test connectivity to your database server, create a quick starter database and run queries directly against your server without having to install mysql.exe or MySQL Workbench. 还可以使用在交互模式下运行命令来运行多个查询。You can also use run the command in an interactive mode for running multiple queries.

运行以下脚本,在开发环境中测试和验证与数据库的连接。Run the following script to test and validate the connection to the database from your development environment.

az mysql flexible-server connect -n <servername> -u <username> -p <password> -d <databasename>

示例:Example:

az mysql flexible-server connect -n mysqldemoserver1 -u dbuser -p "dbpassword" -d newdatabase

对于成功的连接,应看到以下输出:You should see the following output for successful connection:

Command group 'mysql flexible-server' is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Connecting to newdatabase database.
Successfully connected to mysqldemoserver1.

如果连接失败,请尝试以下解决方案:If the connection failed, try these solutions:

  • 检查是否已在客户端计算机上打开端口 3306。Check if port 3306 is open on your client machine.
  • 如果服务器管理员用户名和密码正确if your server administrator user name and password are correct
  • 如果已为客户端计算机配置防火墙规则if you have configured firewall rule for your client machine
  • 如果已在虚拟网络中为服务器配置了专用访问权限,请确保客户端计算机位于同一虚拟网络中。if you have configured your server with private access in virtual networking, make sure your client machine is in the same virtual network.

运行以下命令,以使用 --querytext 参数 -q 执行单个查询。Run the following command to execute a single query using --querytext argument, -q.

az mysql flexible-server connect -n <server-name> -u <username> -p "<password>" -d <database-name> --querytext "<query text>"

示例:Example:

az mysql flexible-server connect -n mysqldemoserver1 -u dbuser -p "dbpassword" -d newdatabase -q "select * from table1;" --output table

若要详细了解如何使用 az mysql flexible-server connect 命令,请参阅连接和查询文档。To learn more about using az mysql flexible-server connect command, refer to the connect and query documentation.

使用 mysql 命令行客户端进行连接Connect using mysql command-line client

如果使用“专用访问(VNet 集成)”创建了灵活服务器,需要从与服务器相同的虚拟网络中的资源连接到服务器。If you created your flexible server by using private access (VNet Integration), you'll need to connect to your server from a resource within the same virtual network as your server. 可以创建虚拟机并将其添加到使用灵活服务器创建的虚拟网络中。You can create a virtual machine and add it to the virtual network created with your flexible server. 有关详细信息,请参阅配置专用访问文档Refer configuring private access documentation to learn more.

如果使用“公共访问(允许的 IP 地址)”创建了灵活服务器,可以将本地 IP 地址添加到服务器上的防火墙规则列表中。If you created your flexible server by using public access (allowed IP addresses), you can add your local IP address to the list of firewall rules on your server. 有关分步指南,请参阅创建或管理防火墙规则文档Refer create or manage firewall rules documentation for step by step guidance.

可以使用 mysql.exeMySQL Workbench 从本地环境连接到服务器。You can use either mysql.exe or MySQL Workbench to connect to the server from your local environment. Azure Database for MySQL 灵活服务器支持使用传输层安全性 (TLS)(以前称为安全套接字层 (SSL))将客户端应用程序连接到 MySQL 服务。Azure Database for MySQL Flexible Server supports connecting your client applications to the MySQL service using Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL). TLS 是一种行业标准协议,可确保数据库服务器和客户端应用程序之间的加密网络连接,让你能够遵守合规要求。若要通过 MySQL 灵活服务器进行连接,你需要下载用于证书颁发机构验证的公用 SSL 证书TLS is an industry standard protocol that ensures encrypted network connections between your database server and client applications, allowing you to adhere to compliance requirements.To connect with your MySQL flexible server, you will require to download the public SSL certificate for certificate authority verification. 若要详细了解如何通过加密连接进行连接或禁用 SSL,请参阅连接到具有加密连接的 Azure Database for MySQL — 灵活服务器文档。To learn more about connecting with encrypted connections or disabling SSL, refer to Connect to Azure Database for MySQL - Flexible Server with encrypted connections documentation.

以下示例演示如何使用 mysql 命令行接口连接到你的灵活服务器。The following example shows how to connect to your flexible server using the mysql command-line interface. 如果尚未安装 mysql 命令行,请先进行安装。You will first install the mysql command-line if it is not installed already. 你将下载 SSL 连接所需的 DigiCertGlobalRootCA 证书。You will download the DigiCertGlobalRootCA certificate required for SSL connections. 使用 --ssl-mode=REQUIRED 连接字符串设置强制实施 TLS/SSL 证书验证。Use the --ssl-mode=REQUIRED connection string setting to enforce TLS/SSL certificate verification. 将本地证书文件路径传递给 --ssl-ca 参数。Pass the local certificate file path to the --ssl-ca parameter. 将值替换为实际的服务器名称和密码。Replace values with your actual server name and password.

sudo apt-get install mysql-client
wget --no-check-certificate https://dl.cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem
mysql -h mydemoserver.mysql.database.azure.com -u mydemouser -p --ssl-mode=REQUIRED --ssl-ca=DigiCertGlobalRootCA.crt.pem

如果已使用公共访问权限预配了灵活服务器,还可使用 Azure Cloud Shell,通过预安装的 mysql 客户端连接到你的灵活服务器,如下所示:If you have provisioned your flexible server using public access, you can also use Azure Cloud Shell to connect to your flexible server using pre-installed mysql client as shown below:

若要使用 Azure Cloud Shell 连接到灵活服务器,则将需要允许从 Azure Cloud Shell 到灵活服务器的网络访问。In order to use Azure Cloud Shell to connect to your flexible server, you will need to allow networking access from Azure Cloud Shell to your flexible server. 若要实现此目的,你可在 Azure 门户上访问 MySQL 灵活服务器的“网络”边栏选项卡,选中“防火墙”部分下的“允许从 Azure 中的任何 Azure 服务公开访问此服务器”这一对话框(如下图所示),然后单击“保存”以保存设置。To achieve this, you can go to Networking blade on Azure portal for your MySQL flexible server and check the box under Firewall section which says, "Allow public access from any Azure service within Azure to this server" as shown in the screenshot below and click Save to persist the setting.

屏幕截图:显示如何允许 Azure Cloud Shell 访问 MySQL 灵活服务器以进行公共访问网络配置。

备注

选中“允许从 Azure 中的任何 Azure 服务公共访问此服务器”应仅用于开发或测试目的。Checking the Allow public access from any Azure service within Azure to this server should be used for development or testing only. 该选项可将防火墙配置为允许来自分配给任何 Azure 服务或资产的 IP 地址的连接,包括来自其他客户的订阅的连接。It configures the firewall to allow connections from IP addresses allocated to any Azure service or asset, including connections from the subscriptions of other customers.

单击“尝试”以启动 Azure Cloud Shell,并使用以下命令连接到你的灵活服务器。Click on Try it to launch the Azure Cloud Shell and using the following commands to connect to your flexible server. 在命令中使用服务器名称、用户名和密码。Use your server name, user name, and password in the command.

wget --no-check-certificate https://dl.cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem
mysql -h mydemoserver.mysql.database.azure.com -u mydemouser -p --ssl=true --ssl-ca=DigiCertGlobalRootCA.crt.pem

重要

使用 Azure Cloud Shell 连接到灵活服务器时,你需要使用 --ssl=true 参数,而非 --ssl-mode=REQUIRED。While connecting to your flexible server using Azure Cloud Shell, you will require to use --ssl=true parameter and not --ssl-mode=REQUIRED. 主要原因是 MariaDB 分发中预安装的 mysql.exe 客户端 Azure Cloud Shell,它需要 --ssl 参数,而来自 Oracle 分发的 mysql 客户端需要 --ssl 模式参数。The primary reason is Azure Cloud Shell comes with pre-installed mysql.exe client from MariaDB distribution which requires --ssl parameter while mysql client from Oracle's distribution requires --ssl-mode parameter.

如果按照之前的命令连接到灵活服务器时看到以下错误消息,则说明未使用前面提到过的“允许从 Azure 中的任何 Azure 服务公共访问此服务器”设置防火墙规则,或该选项未保存。If you see the following error message while connecting to your flexible server following the command earlier, you missed setting the firewall rule using the "Allow public access from any Azure service within Azure to this server" mentioned earlier or the option isn't saved. 请尝试重新设置防火墙,然后重试。Please retry setting firewall and try again.

错误 2002 (HY000):无法连接到 上的 MySQL 服务器 (115)ERROR 2002 (HY000): Can't connect to MySQL server on (115)

清理资源Clean up resources

如果不需要将这些资源用于其他快速入门/教程,则可通过执行以下命令将其删除:If you don't need these resources for another quickstart/tutorial, you can delete them by doing the following command:

az group delete --name myresourcegroup

如果只想删除这一新创建的服务器,可以运行 az mysql server delete 命令。If you would just like to delete the one newly created server, you can run the az mysql server delete command.

az mysql flexible-server delete --resource-group myresourcegroup --name mydemoserver

后续步骤Next steps