实验目的是:实现两个节点的http和nfs服务的HA集群。
实现条件:准备两个节点。node1,node2作为HA1,HA2提供集群服务。在node1和node2分别按照httpd服务、挂载nfs服务的客户端,另外在要求有一个节点提供
nfs服务。
对node1和node2节点要求。
(1)node1:192.168.176.6 node2:192.168.176.7
修改node1的主机名称:node1.magedu.com,
为了防止服务器重启后,名称失效,可以在配置文件里对其修改。vim /etc/sysconfig/network
[root@node1 ~]# hostname node1.magedu.com
[root@node1 ~]# vim /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=node1.magedu.com
保证uname -n 显示的结果如下:
[root@node1 ~]# uname -n
node1.magedu.com
用同样的方法,修改node2的主机名称:
[root@node2 ~]# hostname node2.magedu.com
[root@node2 ~]# vim /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=node2.magedu.com
:wq
[root@node2 ~]# uname -n
node2.magedu.com
(2)修改node1,node2主机的/etc/hosts文件。(这里不是用DNS对节点的IP进行解析,因为DNS是运行过程也可以宕机)
所以选在/etc/hosts添加对应的主机名及对应的IP
node1:
[root@node1 ~]# vim /etc/hosts 添加两行
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.176.6 node1 node1.magedu.com
192.168.176.7 node2 node2.magedu.com :wq
node2和node1配置一样
[root@node1 ~]# vim /etc/hosts 添加两行
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.176.6 node1 node1.magedu.com
192.168.176.7 node2 node2.magedu.com :wq
(3)配置node1和node2 互信通信。通信过程可以不用使用密码。(使用ssh-keyen工具。)
[root@node1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 回车
Enter passphrase (empty for no passphrase): 回车
Enter same passphrase again:回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
77:7d:09:dc:9c:d5:dd:41:d3:66:3e:0b:e9:98:dc:32 root@node1.magedu.com
The key's randomart image is:
+--[ RSA 2048]----+
| .+B|
| . o @|
| o.B |
| +..o|
| S o * o.+|
| . E o o |
| o |
| |
| |
+-----------------+ #j将生成的公钥拷贝至远程主机node2上
[root@node1 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.176.7
The authenticity of host '192.168.176.7 (192.168.176.7)' can't be established.
RSA key fingerprint is da:6d:09:5a:86:fa:17:6b:e4:1d:2d:57:1e:cc:32:1b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.176.7' (RSA) to the list of known hosts.
root@192.168.176.7's password:
Now try logging into the machine, with "ssh 'root@192.168.176.7'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting. #y验证下可以不需要密码登录至node2(192.168.176.7)
[root@node1 heartbeat]# ssh node2
The authenticity of host 'node2 (192.168.176.7)' can't be established.
RSA key fingerprint is da:6d:09:5a:86:fa:17:6b:e4:1d:2d:57:1e:cc:32:1b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2' (RSA) to the list of known hosts.
Last login: Fri Apr 22 10:29:40 2016 from node1 对于节点node2
可以用同样的方式 ssh-keygen -t rsa,然后将生成的公钥拷贝至node1上,这里不再赘述
(4)在node1和nodenode2分别安装管理集群的软件heartbeat组件和在node1和nodenode2上分别安装httpd服务
(4.1)
node1:
[root@node1 heartbeat]# yum install -y heartbeat
Downloading Packages:
(1/2): heartbeat-3.0.4-2.el6.i686.rpm | 161 kB 00:00
(2/2): heartbeat-libs-3.0.4-2.el6.i686.rpm | 260 kB 00:00
--------------------------------------------------------------------------------------------------------------------------------------
Total 200 kB/s | 421 kB 00:02
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : heartbeat-libs-3.0.4-2.el6.i686 1/2
Installing : heartbeat-3.0.4-2.el6.i686 2/2
Verifying : heartbeat-3.0.4-2.el6.i686 1/2
Verifying : heartbeat-libs-3.0.4-2.el6.i686 2/2 Installed:
heartbeat.i686 0:3.0.4-2.el6 Dependency Installed:
heartbeat-libs.i686 0:3.0.4-2.el6
[root@node1 .ssh]# yum install -y httpd
[root@node1 ha.d]# echo "<h1>node1.magedu.com</h1>" >/var/www/html/index.html
node2:
[root@node2 .ssh]# yum install -y heartbeat
可以用命令rpm –ql heartbeat 安装后有的路径有哪些。
[root@node2 .ssh]# yum install -y httpd
[root@node2 ha.d]# echo "<h1>node2.magedu.com</h1>" >/var/www/html/index.html
node1:
[root@node1 heartbeat]# cd /usr/share/doc/heartbeat-3.0.4
[root@node1 heartbeat-3.0.4]# ls
apphbd.cf authkeys AUTHORS ChangeLog COPYING COPYING.LGPL ha.cf haresources README
[root@node1 heartbeat-3.0.4]# cp authkeys ha.cf haresources /etc/ha.d/
cp:是否覆盖"/etc/ha.d/authkeys"? y
cp:是否覆盖"/etc/ha.d/ha.cf"? y
cp:是否覆盖"/etc/ha.d/haresources"? y
因为之前安装过heartbeat,所以会出现“是否覆盖”的提示
(5)开始配置/etc/ha.d目录下三个文件authkeys、 ha.cf 、haresources
authkeys:是通信过程的加密配置文件。vim /etc/ha.d/authkeys
文件的原内容是如下
#auth 1
#1 crc
#2 sha1 HI!
#3 md5 Hello!
三种加密算法,推荐使用第三种,然后将Hell!的位置修改为随机的字符串。
auth 3
#1 crc
#2 sha1 HI!
3 md5 Helloasfsdfsd! wq
文件authkeys的权限是:600
再修改ha.cf的配置文件vim /etc/ha.d/ha.cf,需要添加三个地方。
(5.1)设定广播的心跳信息的接口
# What interfaces to broadcast heartbeats over? #哪个接口去广播心跳
#
bcast eth1 # Linux #选择eth1是因为HA1主机做实验的时候只有一块网卡eth1
#bcast eth0 # Linux
(5.2)设定仲裁的ping节点
# Less common options...
#
# Treats 10.10.10.254 as a psuedo-cluster-member
# Used together with ipfail below...
# note: don't use a cluster node as ping node
#
ping 192.168.176.1
#ping 10.10.10.254
(5.3)设定集群的所有节点 注意这里node 对于一定使用uname –n 命令显示结果一致。
# Tell what machines are in the cluster
# node nodename ... -- must match uname -n
node node1.magedu.com
node node2.magedu.com
#node ken3
#node kathy
保存退出完成。
配置资源管理文件vim /etc/ha.d/haresources
# One service address, with the subnet, interface and bcast addr
# explicitly defined.
#
#just.linux-ha.org 135.9.216.3/28/eth0/135.9.216.12 httpd
node1.magedu.com 192.168.176.10/24/eth1:0 httpd
这里指定主节点是node1.magedu.com 虚拟IP是192.168.176.10 配置在主节点的eth1网卡上,其中135.9.216.12是广播地址,而下面的广播地址不做指定。
注意:有的时候配置后配置文件的样例可以直接192.168.176.10/24/eth1,但是不知道为什么,有时候必须要取别名192.168.176.10/24/eth1:0.这样之后才能正常启动heartbeat服务,虚拟ip才正常出现。(所以一般先按照测试样例写,如果不行再取别名)
(5.4)将node1节点的三个配置文件远程拷贝至node2的/etc/ha.d/目录下。
[root@node1 ha.d]# scp authkeys ha.cf haresources node2:/etc/ha.d/
authkeys 100% 651 0.6KB/s 00:00
ha.cf 100% 10KB 10.3KB/s 00:00
haresources 100% 5951 5.8KB/s 00:00
(6)authkeys 、ha.cf 、haresource 这三配置文件修改完成之后。
先启动主机node1上heartbeat服务,在启动从节点上heartbeat服务。
然后清除node1和node2上iptables –F 规则,确保httpd系统自启动是关闭的状态。chkconfig httpd off
node1:service heartbeat start
ifconfig
ps –ef |heartbeat
ps –ef |grep httpd
可以用tail –f /var/log/message 监控启动heartbeat服务的日志信息
在启动node2:service heartbeart start
(7)实验测试:
node1: service heartbeat stop #停止node1的heartbeart服务,这里查看node2的httpd服务是否启动,已经ifconfig查看虚拟vip地址。
node1: service heartbeat start # 重启动node1的heartbeat服务,查看node1的heartbeat服务时候重新接管http资源
node1: 断掉node1的网卡eth1连接,是的ping节点192.168.176.1无法ping通主节点node1,这里在查看node2时候接管httpd资源
[root@node1 ~]# service heartbeat start
Starting High-Availability services: INFO: Resource is stopped
Done. [root@node1 ~]# ifconfig
eth1 Link encap:Ethernet HWaddr 00:0C:29:DC:B6:9F
inet addr:192.168.176.6 Bcast:192.168.176.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fedc:b69f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:115672 errors:0 dropped:0 overruns:0 frame:0
TX packets:99379 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:48714317 (46.4 MiB) TX bytes:17954573 (17.1 MiB)
Interrupt:19 Base address:0x2000 eth1:0 Link encap:Ethernet HWaddr 00:0C:29:DC:B6:9F
inet addr:192.168.176.10 Bcast:192.168.176.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:19 Base address:0x2000 lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1405 errors:0 dropped:0 overruns:0 frame:0
TX packets:1405 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:226530 (221.2 KiB) TX bytes:226530 (221.2 KiB)
(8)测试挂载nfs服务的HA
再启动node2上heartbeat服务
ssh node2 ’service heartbeart start’
[root@node1 ~]# ssh node2 'service heartbeat start'
Starting High-Availability services: 2016/04/22_14:21:30 INFO: Resource is stopped
Done.
安装主机192.168.176.128上安装nfs服务,可以提供192.168.176.6 和192.168.176.7,也就是node1和node2挂载。
然后,更改haresouces配置文件:
#node1 10.0.0.170 Filesystem::/dev/sda1::/data1::ext2
node1 192.168.176.10/24/eth1:0 Filesystem::192.168.176.128:/usr/local/apache/htdocs/::/var/www/html::nfs httpd #其中httpd服务按照顺序是放在文件系统后续的服务。服务于服务之间空格,服务参数用::隔开
重新拷贝修改文件至node2上:
[root@node1 ~]# scp /etc/ha.d/haresources node2:/etc/h
ha.d/ hal/ host.conf hosts hosts.allow hosts.deny httpd/
[root@node1 ~]# scp /etc/ha.d/haresources node2:/etc/ha.d/
haresources 100% 6073 5.9KB/s 00:00
重新启node1和node2的heartbeat服务。
node2:service heartbeat stop
node1:service heartbeat stop
node1:service heartbeat start
node2:service heartbeat start
检验:
ifconfig #查看vip
df –h #查看nfs时候挂载
ps –ef |grep httpd #httpd 服务是否启动
eth1:0 Link encap:Ethernet HWaddr 00:0C:29:DC:B6:9F
inet addr:192.168.176.10 Bcast:192.168.176.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:19 Base address:0x2000 lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1405 errors:0 dropped:0 overruns:0 frame:0
TX packets:1405 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:226530 (221.2 KiB) TX bytes:226530 (221.2 KiB) [root@node1 ~]# ps -ef |grep httpd
root 11594 1 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11596 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11597 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11598 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11599 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11600 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11601 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11602 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
apache 11603 11594 0 16:36 ? 00:00:00 /usr/sbin/httpd
root 11607 10299 1 16:36 pts/3 00:00:00 grep --color httpd
[root@node1 ~]# ps -ef |grep httpd^C
[root@node1 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda2 18375548 4174508 13267616 24% /
tmpfs 515224 0 515224 0% /dev/shm
/dev/sda1 198337 26446 161651 15% /boot
192.168.176.128:/usr/local/apache/htdocs/ 18375552 4085632 13356416 24% /var/www/html
[root@node1 ~]#