Distributed Replicated Block Device(DRBD)是一个用软件实现的、无共享的、服务器之间镜像块设备内容的存储复制解决方案。
数据镜像:实时、透明、同步(所有服务器都成功后返回)、异步(本地服务器成功后返回)
一、环境准备
Linux
2.6.32-573.26.1.el6.centos.plus.x86_64
drbd-8.4.4.tar.gz
keepalived-1.2.9.tar.gz
主机名及对应IP,写入hosts
master 192.168.224.30
minion 192.168.224.20
VIP 192.168.224.50
client 192.168.224.40
二、drbd的安装部署
1、master和minion上操作
yum groupinstall -y "Development Tools" "Server Platform Development"
wget http://oss.linbit.com/drbd/8.4/drbd-8.4.4.tar.gz
tar xf drbd-8.4.4.tar.gz
cd drbd-8.4.4
./configure --prefix=/usr/local/services/drbd
make DIR=/usr/src/kernels/2.6.32-642.3.1.el6.centos.plus.x86_64/
make install
cd drbd
make KDIR=/usr/src/kernels/2.6.32-642.3.1.el6.centos.plus.x86_64/
cp drbd.ko /lib/modules/2.6.32-573.26.1.el6.centos.plus.x86_64/kernel/lib/
depmod
modprobe drdb
2、创建分区。但不进行初始化
fdisk /dev/sdb
3、编辑drbd配置文件
协议A:异步复制协议。本地写成功后立即返回,数据放在发送buffer中,可能丢失。
协议B:内存同步(半同步)复制协议。本地写成功并将数据发送到对方后立即返回,如果双机掉电,数据可能丢失。
协议C:同步复制协议。本地和对方写成功确认后返回。如果双机掉电或磁盘同时损坏,则数据可能丢失。
一般用协议C。选择协议将影响流量,从而影响网络时延。
vim /usr/local/services/drbd/etc/drbd.d/global_common.conf
global {
usage-count yes;
# minor-count dialog-refresh disable-ip-verification
}
common {
protocol C; //A 异步,B半同步,C同步
handlers {
# These are EXAMPLE handlers only.
# They may have severe implications,
# like hard resetting the node under certain circumstances.
# Be careful when chosing your poison.
pri-on-incon-degr "/usr/lib/drbd/notify-pri-on-incon-degr.sh; /usr/lib/drbd/notify-emergency-reboot.sh; echo b > /proc/sysrq-trigger ; reboot -f";
pri-lost-after-sb "/usr/lib/drbd/notify-pri-lost-after-sb.sh; /usr/lib/drbd/notify-emergency-reboot.sh; echo b > /proc/sysrq-trigger ; reboot -f";
local-io-error "/usr/lib/drbd/notify-io-error.sh; /usr/lib/drbd/notify-emergency-shutdown.sh; echo o > /proc/sysrq-trigger ; halt -f";
# fence-peer "/usr/lib/drbd/crm-fence-peer.sh";
# split-brain "/usr/lib/drbd/notify-split-brain.sh root";
# out-of-sync "/usr/lib/drbd/notify-out-of-sync.sh root";
# before-resync-target "/usr/lib/drbd/snapshot-resync-target-lvm.sh -p 15 -- -c 16k";
# after-resync-target /usr/lib/drbd/unsnapshot-resync-target-lvm.sh;
}
startup {
# wfc-timeout degr-wfc-timeout outdated-wfc-timeout wait-after-sb
}
options {
# cpu-mask on-no-data-accessible
}
disk {
# size max-bio-bvecs on-io-error fencing disk-barrier disk-flushes
# disk-drain md-flushes resync-rate resync-after al-extents
# c-plan-ahead c-delay-target c-fill-target c-max-rate
# c-min-rate disk-timeout
on-io-error detach;
}
net {
# protocol timeout max-epoch-size max-buffers unplug-watermark
# connect-int ping-int sndbuf-size rcvbuf-size ko-count
# allow-two-primaries cram-hmac-alg shared-secret after-sb-0pri
# after-sb-1pri after-sb-2pri always-asbp rr-conflict
# ping-timeout data-integrity-alg tcp-cork on-congestion
# congestion-fill congestion-extents csums-alg verify-alg
# use-rle
cram-hmac-alg "sha1";
shared-secret "mydrbdlab";
}
syncer {
rate 1000M;
}
vim /usr/local/services/drdb/etc/drbd.d/data.res
resource data {
on master {
device /dev/drbd0;
disk /dev/sdb1;
address 192.168.224.30:7789;
meta-disk internal;
}
on minion {
device /dev/drbd0;
disk /dev/sdb1;
address 192.168.224.20:7789;
meta-disk internal;
}
}
4、初始化并启动
drbdadm create-md data
/etc/init.d/drbd start
5、设置master为主节点
drbdadm primary data
cat /proc/drbd
格式化并挂载
mkfs.ext4 /dev/drbd0
mkdir /liuly
mount /dev/drbd0 /liuly
6、验证冗余性
先将master设置为secondary,并将minion设置为primary
master
umount /liuly
drbdadm secondary data
minion
drbdadm primary data
mount /dev/drbd0 /liuly
三、通过keepalived实现nfs的高可用
1、master的配置
cat keepalived.conf
global_defs {
router_id LVS_DEVEL
}
vrrp_script check_nfs {
script "/etc/keepalived/check_nfs.sh"
interval 5
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 111111
}
track_script {
check_nfs
}
virtual_ipaddress {
192.168.224.50
}
notify_stop "/etc/keepalived/notify_stop.sh"
notify_master "/etc/keepalived/notify_master.sh"
}
cat check_nfs.sh
#!/bin/bash
prog_flag="[n]fsd"
VIP="192.168.224.50"
prog_exists=$(ps -ef | grep "${prog_flag}" | wc -l)
if [ "${prog_exists}" -eq 0 ];
then
VIP_exists=$(/sbin/ip addr | grep ""$VIP"" | wc -l)
if [ "${VIP_exists}" -ge 1 ];
then
/etc/init.d/keepalived stop
fi
fi
cat notify_master.sh
#!/bin/bash
/sbin/drbdadm primary data
/bin/mount /dev/drbd0 /liuly
/etc/init.d/nfs start
cat notify_backup.sh
#!/bin/bash
/etc/init.d/nfs stop
/bin/umount /dev/drbd0
/sbin/drbdadm secondary data
cat notify_stop.sh
#!/bin/bash
/sbin/service nfs stop
/bin/umount /liuly
/sbin/drbdadm secondary data
2、minion的配置
cat keepalived.conf
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 111111
}
notify_master "/etc/keepalived/notify_master.sh"
notify_backup "/etc/keepalived/notify_backup.sh"
virtual_ipaddress {
192.168.224.50
}
}
3、先启动master上的keepalived,在起动minion上的keepdalived
PS:nfs
vim /etc/exports
/liuly/ 192.168.224.*/255.255.255.0(rw,no_root_squash,sync,insecure)
all_squash:将远程访问的所有普通用户及所属组都映射为匿名用户或用户组(nfsnobody);
no_all_squash:与all_squash取反(默认设置);
root_squash:将root用户及所属组都映射为匿名用户或用户组(默认设置);
no_root_squash:与rootsquash取反;
anonuid=xxx:将远程访问的所有用户都映射为匿名用户,并指定该用户为本地用户(UID=xxx);
anongid=xxx:将远程访问的所有用户组都映射为匿名用户组账户,并指定该匿名用户组账户为本地用户组账户(GID=xxx);
secure:限制客户端只能从小于1024的tcp/ip端口连接nfs服务器(默认设置);
insecure:允许客户端从大于1024的tcp/ip端口连接服务器;
sync:将数据同步写入内存缓冲区与磁盘中,效率低,但可以保证数据的一致性;
async:将数据先保存在内存缓冲区中,必要时才写入磁盘;
wdelay:检查是否有相关的写操作,如果有则将这些写操作一起执行,这样可以提高效率(默认设置);
no_wdelay:若有写操作则立即执行,应与sync配合使用;
subtree:若输出目录是一个子目录,则nfs服务器将检查其父目录的权限(默认设置);
no_subtree:即使输出目录是一个子目录,nfs服务器也不检查其父目录的权限,这样可以提高效率;
服务端
服务端默认查看自己共享的服务
showmount -e
显示已经已客户端连接上的目录信息
showmount -a
打开/var/lib/nfs/etab 查看分享出来的/liuly完整权限设定值
exportfs
-a 全部挂载或卸载 /etc/exports中的内容
-r 重新读取/etc/exports 中的信息 ,并同步更新/etc/exports、/var/lib/nfs/xtab
-u 卸载单一目录(和-a一起使用为卸载所有/etc/exports文件中的目录)
-v 在export的时候,将详细的信息输出到屏幕上。
具体例子:
# exportfs -au 卸载所有共享目录
# exportfs -rv 重新共享所有目录并输出详细信息
nfsstat
客户端
客户端查询nfs的共享状态
showmount -e nfs_ip