Setup 


https://dev.mysql.com/doc/refman/8.4/en/installing.html
https://dev.mysql.com/doc/refman/8.4/en/data-directory-initialization.html
https://dev.mysql.com/doc/refman/8.4/en/server-system-variables.html
https://dev.mysql.com/doc/refman/8.4/en/mysqld.html

1. Linux VM With systemd#

install packages:
    mysql-server or distribution package

directories:
    datadir
    log dir
    socket dir

config file:
    /etc/my.cnf
    /etc/mysql/my.cnf
    /etc/mysql/mysql.conf.d/mysqld.cnf

users/secrets:
    root or administrative account password
    application accounts created after bootstrap

systemd:
    systemctl enable mysqld
    systemctl start mysqld
    systemctl status mysqld

logs:
    journalctl -u mysqld
    mysqld error log

常见初始化动作:

mysqld --initialize
mysqld --initialize-insecure
mysql_secure_installation
note:
    initialize-insecure creates an initial data directory without a root password
    production usually prefers the secure initialization path

2. Docker#

local dev:
    use official mysql image or a pinned image tag

compose example:
    mount a persistent volume for datadir
    pass root password and initial database only for dev

persistent volume:
    keep /var/lib/mysql outside container lifecycle

security notes:
    do not bake passwords into image
    do not publish MySQL port to the public internet without protection

典型命令:

docker run --name mysql8 \
  -e MYSQL_ROOT_PASSWORD=change-me \
  -e MYSQL_DATABASE=shop \
  -p 3306:3306 \
  -v mysql8-data:/var/lib/mysql \
  -d mysql:8.4

3. K8S With Helm#

chart options:
    evaluate community chart vs vendor-supported chart carefully

install commands:
    pin version and set persistence, resources, auth, and backups

values that matter:
    persistence
    primary resources
    replica count
    auth / secrets
    backup hook or sidecar

network policy / service:
    restrict MySQL access to application namespaces only

4. High Availability#

HA architecture:
    primary + replica
    orchestrator / group replication / managed service

failover behavior:
    document read/write endpoint behavior
    verify application reconnect logic

quorum/cluster notes:
    understand who decides primary
    understand how writes are blocked during failover

backup is not HA:
    backup restores data
    HA keeps service running

5. Operations#

rolling restart:
    verify client reconnect handling

upgrade:
    test on a clone first
    verify SQL mode, auth plugin, and character set changes

useful commands:
    mysqladmin ping
    mysqladmin status
    mysqladmin processlist
    SHOW VARIABLES LIKE 'version%';
Backward SQL
TLS Forward