gfs:global 高度依赖集群(完整可用)
heartbeat:cman 底层基础架构:消息层
corosync(v5,v7):心跳程序:同步两个的消息,日志
cman(v6):集群管理 clust managerment
keepalived vrrp协议(双机节点):看一下。。。
redhat 支持16个节点
图:
故障切换域:选择哪个结点执行那个服务
内部:存储光纤交换机,电源交换机(fence):用两个,速度快
外部:以太网交换机
ccsd 用来同步所有node的 :cluster.conf,保证所有node的集群配置信息:
Node:
server1,server2:
1.leave cluster(clustat 报错,/etc/cluster/cluster.conf存在)
2.delete(/etc/cluster/cluster.conf不存在),同时/etc/lvm/lvm.conf:locking_type= 1。
server1,server2:
删除结点之后的影响。
clustat 无信息,/etc/cluster/cluster 文件存在。
2./etc/lvm/lvm.conf lvm锁的类型变成1.
server1:
ps ax 检查残留进程
/etc/init.d/ricci stop
/etc/init.d/modclusterd stop
/etc/init.d/iscsi stop
netstat -antulp 查看网络端口占用情况(tcp,udp)
iscsiadm -m node -u 临时卸载
iscsiadm -m node -o delete 完全删除
cat /proc/partitions 查看分区情况比fdisk-l 精准
yum remove ricci。。。等 -y
server2 :除了iscsiadm不作,部分其余相同。
停掉相关服务的启动项
chkconfig ricci off
chkconfig modclusterd off
chkconfig iscsi off
chkconfig clvmd off
chkconfig cman off
server3:
chkconfig tgtd off
chkconfig luci off
yum remove luci -y
ALL
poweroff:
重启会有异常~
NOTE:
集群启动顺序:node->cman->rg add
集群关闭顺序:rg->cman->node delete
dlm:分布式锁管理器
luci,ricci:管理组件(web),和集群工作没关系
heartbeat
heartbeat-3.0.4-2.el6.x86_64.rpm heartbeat-libs-3.0.4-2.el6.x86_64.rpm
heartbeat-devel-3.0.4-2.el6.x86_64.rpm ldirectord-3.9.5-3.1.x86_64.rpm
yum install * -y
cd /etc/ha.d/
cp/usr/share/doc/heartbeat-3.0.4/{ha.cf,haresources,authkeys} .
vimha.cf
48 keepalive 2: 每隔2秒发送,心跳频率。
56 deadtime 30: ping30秒后,没有响应,接管任务。网络状态不好要增大
61 warntime 10 10秒还没接受响应包,就警告
71 initdead 60 资源初始化时间
76 udpport 1033
91 bcast eth0 # Linux 网卡方式
157 auto_failback on 开启回切
211 node server1.lalala.com master,先写哪个哪个是主
212 node server2.lalala.com slave
220 ping 172.25.33.250 (一般ping网关地址,也可以在下面写地址群)
ping一个本应该通的ip,来检测本机网络是否通,不通则进行业务切换(增加健壮性)
253 respawn hacluster /usr/lib64/heartbeat/ipfail lib64!!!断网切换插件
259 apiauth ipfail gid=haclientuid=hacluster
vim haresources
server1.lalala.com IPaddr::172.25.33.100/24/eth0 httpd
vim authkeys
auth 1
1 crc 明文
chmod 600 authkeys
scp ha.cf haresources authkeys172.25.33.2:/etc/ha.d/ 把相同配置发给server2
server1,server2:
/etc/init.d/heartbeat start
检测:
异常处理:没有fence套件
一、/etc/init.d/heartbeat stop 注意一定是停止心跳而不是服务!!!
1.在宿主机,curl172.25.33.100,show:server1
server1的http服务被HA开启
2.server1:/etc/init.d/heartbeatstop
在宿主机,curl 172.25.33.100,show server2
3.server1:/etc/init.d/heartbeatstart
在宿主机,curl 172.25.33.100,show server1
server1:ip addr 中有172.25.33.100(vip)
如果是 httpd(服务) stop 则不接管,HA只能解决节点崩溃的问题(heartbeat stop)。
二、网卡挂掉
server1:ip link set down eth0
server2接管,因为没有fence,所以需要手动重启,重启后接管业务。
三、内核奔溃
server1: echo -c>/proc/sysrq-trigger
server1 手动重启后,自动接管
用heartbeat实现高可用,包含drbd:分布式复制块设备
server1,server2:
各添加两块虚拟硬盘4G
安装软件
tar zxf drbd-8.4.2.tar.gz
cd drbd-8.4.2
生成rpm包
./configure --enable-spec
yum install gcc -y
yum install flex -y
yum install rpm-build -y
./configure --enable-spec
./configure --enable-spec --with-km
cp ../drbd-8.4.2.tar.gz/root/rpmbuild/SOURCES/
rpmbuild -bb drbd.spec
rpmbuild -bb drbd.km !!!!!!!!!!只是编译!!!!!
yum install kernel-devel -y 内核
cp ../drbd-8.4.2.tar.gz/root/rpmbuild/SOURCES/
cd /root/rpmbuild/SOURCES
drbd-8.4.2.tar.gz 出现tar包
生成rpm包,spec
cd /root/rpmbuild/RPMS/x86_64
rpm -ivh * 8个
scp * 172.25.33.2:
server2:
rpm -ivh d*
rpm -ivhdrbd-km-2.6.32_431.el6.x86_64-8.4.2-2.el6.x86_64.rpm !!别忘记安装这个啊!!
资源定义
vim /etc/drbd.d/lalala.res
resource lalala {
meta-disk internal;
device /dev/drbd1;
syncer {
verify-alg sha1;
}
on server1.lalala.com {
disk /dev/vdb;
address 172.25.33.1:7789;
}
on server2.lalala.com {
disk /dev/vdb;
address 172.25.33.2:7789;
}
}
scp lalala.res 172.25.33.2:/etc/drbd.d
server2:drbdadmcreate-md lalala (等待server1进入)
server1:drbdadm create-md lalala
server1成功进入后,server2的状态
cat /proc/drbd查看信息
server1,server2:/etc/init.d/drbd start
格式化:mkfs.ext4 /dev/drbd1
drbdadm primary lalala --focre 只有primary才能挂载
mount /dev/drbd1 /mnt
echo lalalalal>index.html
umount /mnt
drbdadm secondary lalala
有且只有一个primary才能挂载,一方要想挂载必为primary,另一方为secondary
cat /proc/drbd查看信息
drbdadm secondary lalala 变成副的
mount /dev/drbd1 /mnt/
更改数据不能实时同步
以mysql为例
yum install mysql-server -y
ll -d /var/lib/mysql/ 查看mysql权限
mount /dev/drbd1 /mnt/
cd /var/lib/mysql/ 把mysql数据放在/dev/drbd1
cp -r * /mnt
umount /mnt
mount /dev/drbd1 /var/lib/mysql/
chown mysql.mysql /var/lib/mysql/ -R 更改/dev/drbd1上的mysql数据权限,与之前相同
验证mysql能否正常使用
/etc/init.d/mysqld start
mysql
/etc/init.d/mysqld stop
umount /var/lib/mysql/
vim /etc/ha.d/haresources
server1.lalala.com IPaddr::172.25.33.100/24/eth0drbddisk::lalala Filesystem::/dev/drbd1::/var/lib/mysql::ext4 mysqld
书写的参数。
scp haresources 172.25.33.1:/etc/ha.d/
drbdadm secondary lalala
yum install mysql-server -y
drbdadm primary lalala
mount /dev/drbd1 /var/lib/mysql/
/etc/init.d/mysqld start
mysql
/etc/init.d/mysqld stop
umount /var/lib/mysql
drbdadm secondary lalala
cat /proc/drbd
两个都是secondary
server1,server2:/etc/init.d/heartbeatstart
df:那边服务被激活,就挂载到哪边。(只挂载一边)
server1 的heartbeat停止,server2就接管mysqld。可以从IP地址上看出。
1./etc/init.d/mysqld 中出现mysql.sock,表示数据库正在使用。(删除)
2.端口被rpc占用,换个端口
/etc/init.d/heartbeat stop
chkconfig heartbeat off
LVS(面试说4种哦~~)
默认3种工作模式,其实第4种用的多
NAT:进一次(dnat),出一次(snat):回包经过调度器(慢)
YUN:隧道:回包不经过调度器,广域网,VLAN:virtul局域网:254(快),成本高
VS/DR:直连:回包不经过调度器(快),所有结点都需要vip
fullnat:进2次出2此。(用的多~~~)
看十种调度算法
yum install -y ipvsadm
ipvsadm -l
ip addr add 172.25.88.222/24 dev eth0
ipvsadm -A -t 172.25.88.222:80 -s rr
ipvsadm -a -t 172.25.88.222:80 -r 172.25.88.3:80-g
ipvsadm -a -t 172.25.88.222:80 -r 172.25.88.4:80-g
/etc/init.d/ipvsadmsave
-s scheduler 调度
-r 轮询
-g --gatewaying (direct routing)
-t tcp
删除
ipvsadm -d -t 172.25.88.222:80 server-r172.25.33.4:80
yum install -y httpd
/etc/init.d/httpd start
vim /var/www/html/index.html
<h>server3</h> 加粗
<h>server4</h>
ip addr add 172.25.88.222/32 dev eth0
这个时候在真机访问172.25.33.222,调度器和其他两台主机都有可能被访问(取决于三台主机的回包速率)
是server3
arp -d 172.25.88.222 删除arp地址绑定
是server1
所以要屏蔽server3,server4,172.25.88.222对外响应(arp会绑定IP和错误MAC)。
server3,server4:
yum install arptable* -y arp防火墙
arptables -A IN -d 172.25.33.222 -jDROP 删除从外部访问172.25.33.222
arptables -A OUT -s 172.25.33.222 -j mangle--mangle-ip-s 172.25.33.3
外部发包把172.25.33.222转换成172.25.33.3或5
/etc/init.d/arptables_jf save 否则重启就没了
1.server1: ipvsadm –l
InAction 为调度次数。
2.在浏览器:172.25.33.222
server3,server5轮询。
arp 解析的mac地址为server1(调度器)。
3.关闭server3的httpd
在真机curl 172.25.33.222
会出现访问server3错误,但此时LVS还在进行调度
由此可见:
LVS:对后端服务不进行健康检查
arp:数据链路层,转换物理地址
client->VS->RS->client
工作原理(核心):在数据链路层,在同一个网段,Vmac->Rmac
DR模式:调度器只负责调度,处理数据全都在客户端。
NAT 是怎么进来怎么出去。
NAT
client->vs->rs->vs->direct
vs 是rs的路由
Tun:隧道
ip隧道,
client->vs->rs->client
cip->vip vip->cip
Fullnat:更新内核,抗攻击能力。
ipvsadm -C 清空之前的配置,但不删IP哦~~
rpm -ivh ldirectord-3.9.5-3.1.x86_64.rpm
rpm -qd ldirectord 查看主配置文件
/usr/share/doc/ldirectord-3.9.5/ldirectord.cf
cp/usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d/
vim /etc/ha.d/ldirectord.cf
25 virtual=172.25.88.222:80
26 real=172.25.88.3:80 gate
27 real=172.25.88.5:80 gate
28 fallback=127.0.0.1:80 gate 集群所有机器都挂了,访问本机:
29 service=http 程序猿正在修复中...
30 scheduler=rr
31 #persistent=600
32 #netmask=255.255.255.255
33 protocol=tcp
34 checktype=negotiate
35 checkport=80
36 request="index.html"
37 # receive="Test Page"
38 # virtualhost=www.x.y.z
/etc/init.d/ldirectord start
ipvsadm -l
两条都有
ip addr show
server3:/etc/init.d/httpd stop
server1:
ipvsadm -l : 只剩下server4,所以具备健康检查
server1,server2:
在集群启动之前保证server1,server2:
1. ipvsadm -C
ipvsadm -l 为空
2. ip addr del 172.25.88.222/24 dev eth0
ip addr 为空
vim haresources
server1.lalala.com IPaddr::172.25.88.222/24/eth0 ldirectordhttpd
scp ldirectord.cf haresources root@172.25.88.2:/etc/ha.d/
/etc/init.d/heartbeat start
tail -f /var/log/messages
server3.server5:
/etc/init.d/httpd start 手动开启
1.server1,server2:
heartbeat start 开启后,server1有了virtul ip , httpd自动开启
真机:for i in {1..10} ;do curl 172.25.33.222;done
轮询
2.server1:/etc/init.d/heartbeatstop
server2自动接管,server2有了virtul ip , httpd自动开启
真机:for i in {1..10} ;do curl 172.25.33.222;done
轮询
3.server3:/etc/init.d/httpd stop
真机:for i in {1..10} ;do curl 172.25.33.222;done
server5
4.server3:/etc/init.d/httpd stop,server4:/etc/init.d/httpd stop
真机:for i in {1..10} ;do curl 172.25.33.222;done
server2
vrrp
tar xzf keepalived-1.2.24.tar.gz
cd keepalived-1.2.24
./configure
rpm -ivhlibnfnetlink-devel-1.0.0-1.el6.x86_64.rpm
yum install openssl* -y
yum install libnfnetlink-devel-1.0* -y
./configure --prefix=/usr/local/keepalived
make&& make install
cd/usr/local/keepalived/
ls 有东西说明安装成功
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/init.d/
ln -s/usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived//etc/
ln -s /usr/local/keepalived/sbin/keepalived/sbin/
scp-r /usr/local/keepalived/ 172.25.88.2:/usr/local/
cd /etc/keepalived/
vim keepalived.conf
5 root@localhost
7 notification_email_from keepalive@server1.lalala.com
8 smtp_server 127.0.0.1
18 state MASTER
20 virtual_router_id 33
21 priority 100
27 virtual_ipaddress {
28 172.25.88.222
32virtual_server 172.25.88.222 80 {
33 delay_loop 6
34 lb_algo rr
35 lb_kind DR
36# persistence_timeout 500
37 protocol TCP
38
39 real_server 172.25.88.3 80 {
40 weight 1
41 TCP_CHECK {
42 connect_timeout 3
43 nb_get_retry 3
44 delay_before_retry 3
45 }
46 }
47 real_server172.25.88.5 80 {
48 weight 1
49 TCP_CHECK {
50 connect_timeout 3
51 nb_get_retry 3
52 delay_before_retry 3
chmod +x/usr/local/keepalived/etc/rc.d/init.d/keepalived
server2:
ln -s/usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived/etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived//etc/
ln -s /usr/local/keepalived/sbin/keepalived/sbin/
vim keepalived.conf
18 state BACKUP
21 priority 50 要比主的低
36 # persistence_timeout 500
chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
启动前确定
1.ip addr 没有vip
2.
ipvsadm -C
ipvsadm -l 为空
/etc/init.d/ldirectord status 确定检查健康的不是ldirectord
/etc/init.d/keepalived start
1.server1,server2:
keepalived start 开启后,server1有了virtul ip , httpd自动开启
真机:for i in {1..10};do curl 172.25.33.222;done
轮询
2.server1:/etc/init.d/keepalivedstop
server2自动接管,server2有了virtul ip , httpd自动开启
真机:for i in {1..10} ;do curl 172.25.33.222;done
轮询
3.server3:/etc/init.d/httpdstop
真机:for i in {1..10} ;do curl 172.25.33.222;done
server5
ftp:172.25.88.122
27 virtual_ipaddress {
28 172.25.88.222
29 172.25.88.122
36 virtual_server 172.25.88.122 21 {
40 persistence_timeout 50
43 real_server 172.25.88.3 21 {
51 real_server 172.25.88.5 21 {
61virtual_server 172.25.88.222 80 {
65 #persistence_timeout 50
68 real_server 172.25.88.3 80 {
76 real_server 172.25.88.4 80 {
367 scp keepalived.confroot@172.25.88.2:/etc/keepalived/
记得改bakeup,和优先级(小于MASTER的即可)
yum install vsftp* -y
/etc/init.d/vsftpd start
ip addr add 172.25.88.122/32 dev eth0
arptables -A IN -d 172.25.88.122 -j DROP
arptables -A OUT -s 172.25.88.122 -j mangle--mangle-ip-s 172.25.33.3或5
/etc/init.d/arptables_jf save
touch /var/ftp/server3
touch /var/ftp/server4
/etc/init.d/vsftpd start
server1:
ipvsadm -l
ip addr
lftp 172.25.88.222
server4
不轮询,因为持续连接(persistence),除非server3的vsftp服务停止,才会切
server3:/etc/init.d/vsftpd stop
server1:/etc/init.d/keepalived stop
交给server2 调度
本文出自 “12049878” 博客,谢绝转载!
原文:http://12059878.blog.51cto.com/12049878/1900028