目的:
通過corosync v1 和pacemaker 提供高可用mariadb,在調度切換RS時,仍能數據庫訪問及操作不中斷。
其中corosyncv1提供底層心跳及事務信息傳遞功能,pacemaker提供CRM、LRM
試驗環境流程:
第一臺虛擬機提供nfs文件共享存儲;中間兩臺虛擬機配置相同mariadb服務,數據庫存儲位置爲第四臺虛擬機提供的nfs文件系統。對pacemaker的配置操作可以有多種形式,如CLI接口的crmsh和pcs,GUI的 hawk(webgui)和LCMC。其中crmsh功能強大,本次就採用crmsh。由於虛擬機安裝的是centos6,不帶crmsh,因此需手動安裝crmsh,crmsh的安裝依賴於pssh
corosync.x86_64 0:1.4.7-1.el6
pacemaker.x86_64 0:1.1.12-4.el6
crmsh-2.1-1.6.x86_64.rpm
pssh-2.3.1-2.el6.x86_64.rpm
mariadb-5.5.43-linux-x86_64.tar.gz(二進制程序包)
架構圖:
一、corosync/pacemaker 的安裝配置
1、配置HA集羣的準備工作:各節點都做如下工作,本次試驗是2節點
時間同步、名稱訪問、ssh 互信、仲裁設備(本次不提供仲裁設備)
(1) 節點間時間必須同步:使用ntp協議實現;
各節點
# crontab -e */3 * * * * /usr/sbin/ntpdate 172.16.0.1 &> /dev/null
(2) 節點間需要通過主機名互相通信,必須解析主機至IP地址;
(a) 建議名稱解析功能使用hosts文件來實現;
# vim /etc/hosts 127.0.0.1 localhost.localdomain localhost.localdomain localhost4 localhost4.localdomain4 localhost ::1 localhost.localdomain localhost.localdomain localhost6 localhost6.localdomain6 localhost 172.16.0.1 server.magelinux.com server 172.16.20.100 node1 172.16.20.200 node2
(b) 通信中使用的名字與節點名字必須保持一致:“uname -n”命令,或“hostname”展示出的名字保持一致;
(3) 考慮仲裁設備是否會用到:
2節點必須得有,以防發生集羣分裂發生,超過2 的偶數幾點可以沒有。
教室環境可以使用 ping node 172.16.0.1
此次試驗不考慮仲裁設備。
(4) 建立各節點之間的root用戶能夠基於密鑰認證;
# ssh-keygen -t rsa -P '' # ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] # ssh node1 'ifconfig'
2、centos6自帶了corosync和pacemaker的安裝樹,可以查詢到並直接yum安裝
各節點都安裝corosync和pacemaker:
# yum install -y corosync …… Installed: corosync.x86_64 0:1.4.7-1.el6 Dependency Installed: corosynclib.x86_64 0:1.4.7-1.el6 libibverbs.x86_64 0:1.1.8-3.el6 librdmacm.x86_64 0:1.0.18.1-1.el6 lm_sensors-libs.x86_64 0:3.1.1-17.el6 net-snmp-libs.x86_64 1:5.5-49.el6_5.3 Complete!
查看生成的文件:
# rpm -ql corosync /etc/corosync /etc/corosync/corosync.conf.example /etc/corosync/corosync.conf.example.udpu /etc/corosync/service.d /etc/corosync/uidgid.d /etc/dbus-1/system.d/corosync-signals.conf /etc/rc.d/init.d/corosync /etc/rc.d/init.d/corosync-notifyd /etc/sysconfig/corosync-notifyd /usr/bin/corosync-blackbox /usr/libexec/lcrso /usr/libexec/lcrso/coroparse.lcrso …… /usr/libexec/lcrso/service_pload.lcrso /usr/libexec/lcrso/vsf_quorum.lcrso /usr/libexec/lcrso/vsf_ykd.lcrso /usr/sbin/corosync /usr/sbin/corosync-cfgtool /usr/sbin/corosync-cpgtool /usr/sbin/corosync-fplay /usr/sbin/corosync-keygen /usr/sbin/corosync-notifyd /usr/sbin/corosync-objctl /usr/sbin/corosync-pload /usr/sbin/corosync-quorumtool /usr/share/doc/corosync-1.4.7 …… /var/log/cluster
# yum install pacemaker -y Installed: pacemaker.x86_64 0:1.1.12-4.el6 Dependency Installed: clusterlib.x86_64 0:3.0.12.1-68.el6 libqb.x86_64 0:0.16.0-2.el6 pacemaker-cli.x86_64 0:1.1.12-4.el6 pacemaker-cluster-libs.x86_64 0:1.1.12-4.el6 pacemaker-libs.x86_64 0:1.1.12-4.el6 perl-TimeDate.noarch 1:1.16-13.el6 resource-agents.x86_64 0:3.9.5-12.el6 Complete!
提供配置文件:
# cp /etc/corosync/corosync.conf.example /etc/corosync/corosync.conf # vim /etc/corosync/corosync.conf
驗證網卡是否打開多播功能:
# ip link show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:10:05:bf brd ff:ff:ff:ff:ff:ff
如果沒有需要使用如下命令打開:
# ip link set eth0 multicast on
生成corosync的密鑰文件:
# corosync-keygen
如果熵池中的隨機數不夠,可以通過從網絡上下載打文件或手動敲擊鍵盤生成。
將生成的密鑰文件和corosync配置文件保留所有屬性複製一份到node2節點,並確保屬性符合要求:
# scp -p /etc/corosync/{authkey,corosync.conf} node2:/etc/corosync/
authkey 100% 128 0.1KB/s 00:00
corosync.conf 100% 2754 2.7KB/s 00:00
[root@node2 ~]# ll /etc/corosync/
total 24
-r-------- 1 root root 128 May 30 11:56 authkey
-rw-r--r-- 1 root root 2754 May 30 11:48 corosync.conf
-rw-r--r-- 1 root root 2663 Oct 15 2014 corosync.conf.example
-rw-r--r-- 1 root root 1073 Oct 15 2014 corosync.conf.example.udpu
drwxr-xr-x 2 root root 4096 Oct 15 2014 service.d
drwxr-xr-x 2 root root 4096 Oct 15 2014 uidgid.d啓動兩個節點的corosync:
[root@node1 corosync]# service corosync start ; ssh node2 'service corosync start' Starting Corosync Cluster Engine (corosync): [ OK ] Starting Corosync Cluster Engine (corosync): [ OK ]
驗證corosync引擎是否正常啓動:
[root@node1 corosync]# ss -unlp | grep corosync
UNCONN 0 0 172.16.20.100:5404 *:* users:(("corosync",3906,13))
UNCONN 0 0 172.16.20.100:5405 *:* users:(("corosync",3906,14))
UNCONN 0 0 239.254.11.11:5405 *:* users:(("corosync",3906,10))
[root@node1 corosync]# grep -e "Corosync Cluster Engine" -e "configuration file" /var/log/cluster/corosync.log
May 30 12:08:44 corosync [MAIN ] Corosync Cluster Engine ('1.4.7'): started and ready to provide service.
May 30 12:08:44 corosync [MAIN ] Successfully read main configuration file '/etc/corosync/corosync.conf'.查看初始化成員節點通知是否正常發出:
[root@node1 corosync]# grep TOTEM /var/log/cluster/corosync.log May 30 12:08:44 corosync [TOTEM ] Initializing transport (UDP/IP Multicast). May 30 12:08:44 corosync [TOTEM ] Initializing transmit/receive security: libtomcrypt SOBER128/SHA1HMAC (mode 0). May 30 12:08:44 corosync [TOTEM ] The network interface [172.16.20.100] is now up. May 30 12:08:44 corosync [TOTEM ] A processor joined or left the membership and a new membership was formed. May 30 12:08:46 corosync [TOTEM ] A processor joined or left the membership and a new membership was formed.
檢查啓動過程中是否有錯誤產生,下面的錯誤信息表示pacemaker不久之後將不再作爲corosync的插件運行,因此,建議使用cman作爲集羣基礎架構服務,此處可安全忽略:
[root@node1 corosync]# grep ERROR: /var/log/cluster/corosync.log | grep -v unpack_resources May 30 12:23:17 corosync [pcmk ] ERROR: process_ais_conf: You have configured a cluster using the Pacemaker plugin for Corosync. The plugin is not supported in this environment and will be removed very soon. May 30 12:23:17 corosync [pcmk ] ERROR: process_ais_conf: Please see Chapter 8 of 'Clusters from Scratch' (http://www.clusterlabs.org/doc) for details on using Pacemaker with CMAN May 30 12:23:18 corosync [pcmk ] ERROR: pcmk_wait_dispatch: Child process mgmtd exited (pid=4144, rc=100)
查看pacemaker是否正常啓動:
[root@node1 corosync]# grep pcmk_startup /var/log/cluster/corosync.log May 30 12:23:17 corosync [pcmk ] info: pcmk_startup: CRM: Initialized May 30 12:23:17 corosync [pcmk ] Logging: Initialized pcmk_startup May 30 12:23:17 corosync [pcmk ] info: pcmk_startup: Maximum core file size is: 18446744073709551615 May 30 12:23:17 corosync [pcmk ] info: pcmk_startup: Service: 9 May 30 12:23:17 corosync [pcmk ] info: pcmk_startup: Local hostname: node1
上面查看都正常就可以在node2上的也查看檢查狀況是否正常。
安裝crmsh及其依賴的pssh包:
從ftp://172.16.0.1下載程序包 :
crmsh-2.1-1.6.x86_64.rpm pssh-2.3.1-2.el6.x86_64.rpm
一般都只需要在一個節點上安裝crmsh即可,但爲了使用方便,可以在兩個節點上都安裝crmsh
# yum install --nogpgcheck -y crmsh-2.1-1.6.x86_64.rpm pssh-2.3.1-2.el6.x86_64.rpm
安裝完後可以查看節點信息並使用了:
# crm status Last updated: Sat May 30 12:48:24 2015 Last change: Sat May 30 12:33:42 2015 Stack: classic openais (with plugin) Current DC: node2 - partition with quorum Version: 1.1.11-97629de 2 Nodes configured, 2 expected votes 0 Resources configured Online: [ node1 node2 ]
二、mariadb的配置使用
mariadb要能使用高可用,爲了保證數據讀寫一致,就必須用到共享存儲。這裏選用nfs共享存儲方式。
共享存儲時,需要將數據庫所在主機對遠程mysql程序所在主機開放讀寫訪問權限(以mysql:mysql 主:組);
做節點訪問時需要用mysql用戶訪問出故障換節點訪問時,就需要右幾點在訪問時仍以mysql用戶訪問,這時兩個節點和共享存儲點的都得需要有mysql用戶,且id號都得相同;
訪問的格式化時只需要在一個節點上初始化就可以,另一節點不需要再初始化了。
(一)準備nfs共享文件存儲系統
可以只導出一個文件目錄,也可以創建一個新分區作爲導出存儲空間。
在第三臺主機上創建一個新分區,掛載至 /data目錄下
[root@aunt-s ~]# fdisk /dev/sda [root@aunt-s ~]# partx -a /dev/sda [root@aunt-s ~]# pvcreate /dev/sda6 [root@aunt-s ~]# vgcreate myvg /dev/sda6 [root@aunt-s ~]# lvcreate -L 4G -n mydata myvg [root@aunt-s ~]# mke2fs -t ext4 /dev/myvg/mydata
編輯/etc/fstab,添加一行,使新分區能開機自動掛載
[root@aunt-s ~]# vim /etc/fstab /dev/myvg/mydata /data ext4 defaults,noatime 0 0 [root@aunt-s ~]# mount -a [root@aunt-s ~]# mount …… /dev/mapper/myvg-mydata on /data type ext4 (rw,noatime) [root@aunt-s data]# mkdir /data/cldata
編輯 /etc/exports ,添加如下行,輸出文件系統,因爲是共享存儲,所以需要能寫,且不擠壓root權限:
[root@aunt-s ~]# vim /etc/exports /data/cldata 172.16.0.0/16(rw,no_root_squash)
遠程節點mysql訪問時,是以mysql用戶進行訪問的,所有需要將文件屬主數組改爲mysql,且與節點的mysql用戶的ID要一致:
[root@aunt-s ~]# groupadd -r -g 492 mysql [root@aunt-s ~]# useradd -r -g 492 -u 492 mysql [root@aunt-s ~]# id mysql uid=492(mysql) gid=492(mysql) groups=492(mysql) [root@aunt-s data]# chown -R mysql:mysql /data/cldata [root@aunt-s data]# ll -d /data/cldata drwxr-xr-x 2 mysql mysql 4096 May 30 15:56 /data/cldata [root@aunt-s data]# exportfs -arv exporting 172.16.0.0/16:/data/cldata
(二)節點配置mysql服務
1、 掛載遠程nfs
[root@node1 ~]# showmount -e 172.16.20.150 clnt_create: RPC: Program not registered
解決辦法:在服務器上先停止rpcbind,然後在停止nfs
最後在重啓rpcbind和nfs,一定要按順序啓動和停止
做完這個動作之後,訪問成功
[root@node1 ~]# showmount -e 172.16.20.150 Export list for 172.16.20.150: /data 172.16.0.0/16 [root@node1 ~]# mkdir /mydata ; ssh node2 'mkdir /mydata' [root@node1 ~]# mount -t nfs 172.16.20.150:/data /mydata [root@node1 ~]# mount …… 172.16.20.150:/data on /mydata type nfs (rw,vers=4,addr=172.16.20.150,clientaddr=172.16.20.100)
創建mysql用戶並驗證是否對nfs共享存儲有寫權限
[root@node1 ~]# id mysql id: mysql: No such user [root@node1 ~]# groupadd -r -g 492 mysql [root@node1 ~]# useradd -r -g 492 -u 492 mysql [root@node1 ~]# su - mysql su: warning: cannot change directory to /home/mysql: No such file or directory -bash-4.1$ tree /mydata /mydata ├── cldata └── lost+found [error opening dir] 2 directories, 0 files -bash-4.1$ cd /mydata/cldata/ -bash-4.1$ touch a.txt -bash-4.1$ ls /mydata/cldata/ a.txt -bash-4.1$ rm /mydata/cldata/a.txt -bash-4.1$ exit logout [root@node1 ~]#
在node2上也需要創建相同的mysql用戶,並掛載nfs共享目錄,然後驗證mysql用戶是否對其有寫權限。過程略。
2、 安裝mariadb並初始化
主程序包: mariadb-5.5.43-linux-x86_64.tar.gz
先將二進制程序包解壓縮:
[root@node1 ~]# tar xf mariadb-5.5.43-linux-x86_64.tar.gz -C /usr/local [root@node1 ~]# ln -sv mariadb-5.5.43-linux-x86_64/ mysql `mysql' -> `mariadb-5.5.43-linux-x86_64/' [root@node1 ~]# cd /usr/local/mysql/ [root@node1 mysql]# ls bin COPYING.LESSER EXCEPTIONS-CLIENT INSTALL-BINARY man README share support-files COPYING data include lib mysql-test scripts sql-bench [root@node1 mysql]# chown -R root:mysql ./* [root@node1 mysql]# ll total 220 drwxr-xr-x 2 root mysql 4096 May 30 16:45 bin -rw-r--r-- 1 root mysql 17987 Apr 30 02:55 COPYING …… [root@node1 mysql]# ./scripts/mysql_install_db --user=mysql --datadir=/mydata/cldata/
在第二節點上可以看到初始化已成功:
[root@node2 ~]# ls /mydata/cldata/ aria_log.00000001 aria_log_control mysql performance_schema test
創建完成後,nfs共享存儲就不需要管理員操作了,可以將nfs共享修改爲 root_squash:
[root@aunt-s data]# vim /etc/exports /data 172.16.0.0/16(rw,root_squash) [root@aunt-s data]# exportfs -arv exporting 172.16.0.0/16:/data
設置好配置文件:
[root@node1 mysql]# ls bin COPYING.LESSER EXCEPTIONS-CLIENT INSTALL-BINARY man README share support-files COPYING data include lib mysql-test scripts sql-bench [root@node1 mysql]# cp support-files/ binary-configure my-innodb-heavy-4G.cnf my-small.cnf mysql.server magic my-large.cnf mysqld_multi.server SELinux/ my-huge.cnf my-medium.cnf mysql-log-rotate
將樣本複製到 /etc下,並修改或添加下面四項:
[root@node1 mysql]# cp support-files/my-large.cnf /etc/my.cnf thread_concurrency = 2 datadir = /mydata/cldata innodb_file_per_table = on skip_name_resolve = on [root@node1 mysql]# service mysqld start Starting MySQL. [FAILED] [root@node1 mysql]# service mysqld status MySQL is not running, but lock file (/var/lock/subsys/mysql[FAILED]
如果出現這種情況,是原來的程序沒有處理乾淨,需要將鎖文件/var/lock/subsys/mysql刪除。如果還是不行,則需要刪除所有安裝文件及生成的庫文件後再啓動就可以了。
[root@node1 mysql]# service mysqld start Starting MySQL... [ OK ]
驗證mysql能正常使用:
[root@node1 mysql]# /usr/local/mysql/bin/mysql …… MariaDB [(none)]> CREATE DATABASE testclusterdb; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> quit Bye [root@node1 mysql]# service mysqld stop Shutting down MySQL. [ OK ] [root@node1 mysql]# chkconfig mysqld off [root@node1 mysql]# chkconfig | grep mysqld mysqld 0:off1:off2:off3:off4:off5:off6:off
在node2主機上執行上述過程,但不需要執行初始化(# ./scripts/mysql_install_db --user=mysql --datadir=/mydata/cldata/)
mariadb服務安裝配置好,停止mysqld服務,並卸載nfs掛載:
[root@node2 ~]# umount /mydata ; ssh node1 'umount /mydata'
三 corosync/pacemaker與mariadb結合構建高可用存儲
根據mariadb的高可用存儲特點,按如下順序定義:
① 三種資源定義:
IP、mariadb服務程序、nfs共享存儲
② 排列約束定義
這三者之間都是都是具有高粘性的,必須在同一節點上
③ 順序約束
啓動順序爲 IP --> nfs掛載 --> mariadb服務
關閉順序爲 mariadb --> nfs卸載 --> IP
1、定義兩個關鍵全局配置:
stonith-enabled=false
no-quorum-policy=ignore
[root@node1 ~]# crm crm(live)# configure property no-quorum-policy=ignore crm(live)configure# property stonith-enabled=false
2、定義資源
注意:如果是在configure外定義,在定義完無錯誤時是自動commit的,只有在configure裏定義完後,可以做verify和手動commit。
(1)ip資源
[root@node1 ~]# crm crm(live)configure# primitive mdbip ocf:heartbeat:IPaddr params ip=172.16.20.50 nic=eth0 cidr_netmask=16 op monitor interval=10s timeout=20s
(2)nfs掛載
[root@node1 ~]# crm crm(live)# ra info ocf:heartbeat:Filesystem (查看掛載文件系統需要配置的參數) crm(live)# configure primitive mdbstore ocf:heartbeat:Filesystem params device="172.16.20.150:/data" directory="/mydata/" fstype=nfs op monitor interval=10s timeout=40s op start timeout=60s op stop timeout=60
(3)mariadb服務資源
[root@node1 ~]# crm crm(live)configure# primitive maria lsb:mysqld op monitor interval=10s timeout=20s crm(live)configure# show node node1 \ attributes standby=off node node2 primitive maria lsb:mysqld \ op monitor interval=10s timeout=20s primitive mdbip IPaddr \ params ip=172.16.20.50 nic=eth0 cidr_netmask=16 \ op monitor interval=10s timeout=20s primitive mdbstore Filesystem \ params device="172.16.20.150:/data" directory="/mydata/" fstype=nfs \ op monitor interval=10s timeout=40s \ op start timeout=60s interval=0 \ op stop timeout=60 interval=0 property cib-bootstrap-options: \ dc-version=1.1.11-97629de \ cluster-infrastructure="classic openais (with plugin)" \ expected-quorum-votes=2 \ stonith-enabled=false \ no-quorum-policy=ignore \ last-lrm-refresh=1432984183 crm(live)configure#
3、定義排列約束
將資源綁定在一個節點上運行有多種方法,一是將資源定義到一個group裏,二是定義colocation。這裏用group方法
[root@node1 ~]# crm crm(live)configure# group mdbservice mdbip mdbstore maria crm(live)configure# show node node1 \ attributes standby=off node node2 primitive maria lsb:mysqld \ op monitor interval=10s timeout=20s primitive mdbip IPaddr \ params ip=172.16.20.50 nic=eth0 cidr_netmask=16 \ op monitor interval=10s timeout=20s primitive mdbstore Filesystem \ params device="172.16.20.150:/data" directory="/mydata/" fstype=nfs \ op monitor interval=10s timeout=40s \ op start timeout=60s interval=0 \ op stop timeout=60 interval=0 group mdbservice mdbip mdbstore maria property cib-bootstrap-options: \ dc-version=1.1.11-97629de \ cluster-infrastructure="classic openais (with plugin)" \ expected-quorum-votes=2 \ stonith-enabled=false \ no-quorum-policy=ignore \ last-lrm-refresh=1432984183
此時,就定義完了mariadb的高可用集羣了,可以通過網頁進行測試
4、測試高可用
(1)查看幾點信息
在node1節點可以看到,三個資源都已經啓動,且運行在同一個節點上(node2):
[root@node1 ~]# crm crm(live)# status Last updated: Sat May 30 19:59:49 2015 Last change: Sat May 30 19:59:32 2015 Stack: classic openais (with plugin) Current DC: node1 - partition with quorum Version: 1.1.11-97629de 2 Nodes configured, 2 expected votes 3 Resources configured Online: [ node1 node2 ] Resource Group: mdbservice mdbip(ocf::heartbeat:IPaddr):Started node2 mdbstore(ocf::heartbeat:Filesystem):Started node2 maria(lsb:mysqld):Started node2 crm(live)#
(2)遠程第三方主機測試:
用主機172.16.20.96 [root@hot-d ~] 進行遠程登錄操作測試:
在mysql中授權能遠程登錄並退出:
[root@node2 ~]# mysql mysql> GRANT ALL ON *.* to tom@'172.16.20.96' IDENTIFIED BY '123'; Query OK, 0 rows affected (0.00 sec) mysql> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.01 sec) mysql> \q Bye [root@node2 ~]#
在新主機hot-d上登錄mysql,並做資源轉移測試:
