目录
- 用户,用户组,目录设置
- 核心参数配置
- 环境变量配置
- 配置ssh用户等效性
- X Window配置
- ASMlib安装配置
1.用户,用户组,目录设置
按照oracle推荐的权限、角色分离的原则和安装文档,我们需要建立如下用户组:
oinstall :GI软件和数据库软件的所有者,oraInventory所有者。包含用户grid,oracle
dba :数据库的dba组。包含用户oracle
oper :数据库的操作员组。包含用户oracle
asmadmin :asm的管理员组。包含用户grid,oracle
asmdba :asm实例的dba组。包含用户grid
asmoper :asm操作员组。包含用户grid
在节点1和节点2上面建好用户组和用户后检查一遍。要保证用户组id和用户id都相同一致。用户的密码也一致。
[grid@racnode1 ~]$ id grid
uid=501(grid) gid=500(oinstall) groups=500(oinstall),520(asmadmin),521(asmdba),522(asmoper)
[oracle@racnode1 ~]$ id oracle
uid=502(oracle) gid=500(oinstall) groups=500(oinstall),510(dba),521(asmdba),511(oper)
[grid@racnode2 ~]$ id grid
uid=501(grid) gid=500(oinstall) groups=500(oinstall),520(asmadmin),521(asmdba),522(asmoper)
[oracle@racnode2 ~]$ id oracle
uid=502(oracle) gid=500(oinstall) groups=500(oinstall),510(dba),521(asmdba),511(oper)
2.核心参数配置
在两个节点上修改相应核心参数,配置如下:
[root@racnode1 ~]# cat /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
kernel.shmmni=4096
net.ipv4.ip_local_port_range=9000 65500
net.core.rmem_default=262144
net.core.rmem_max=4194304
net.core.wmem_default=262144
net.core.wmem_max=1048576
fs.file-max = 6815744
fs.aio-max-nr=1048576
kernel.shmmax = 536870912
kernel.shmall = 2097152
kernel.sem = 250 32000 100 200
[root@racnode1 ~]#
激活核心参数
[root@racnode1 ~]# sysctl -p
kernel.shmmni = 4096
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
fs.file-max = 6815744
fs.aio-max-nr = 1048576
kernel.shmmax = 536870912
kernel.shmall = 2097152
kernel.sem = 250 32000 100 200
添加资源管理模块pam_limits.so到login文件末尾;
[root@racnode1 ~]# tail /etc/pam.d/login
session required pam_loginuid.so
session optional pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include system-auth
session include postlogin
-session optional pam_ck_connector.so
session required pam_limits.so
配置资源限制参数:
[root@racnode1 ~]# cat /etc/security/limits.conf
# /etc/security/limits.conf
grid soft nproc 2047
grid hard nproc 16384
grid soft nofile 1024
grid hard nofile 65536
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
3.环境变量配置
需要配置grid和oracle两个用户的环境变量。
grid用户的配置文件:
[grid@racnode1 ~]$ cat .bash_profile
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
# User specific environment and startup programs
PATH=$PATH:$HOME/.local/bin:$HOME/bin
export PATH
export ORACLE_SID=+ASM1
export JAVA_HOME=/usr/local/java
export ORACLE_BASE=/u01/app/grid
export ORACLE_HOME=/u01/app/11.2.0/grid
export ORACLE_PATH=/u01/app/oracle/common/oracle/sql
export ORACLE_TERM=xterm
export NLS_DATE_FORMAT="DD-MON-YYYY HH24:MI:SS"
export TNS_ADMIN=$ORACLE_HOME/network/admin
export ORA_NLS11=$ORACLE_HOME/nls/data
export PATH=$PATH:${JAVA_HOME}/bin:$ORACLE_HOME/bin:/u01/app/common/oracle/bin
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/oracm/lib:/lib:/usr/lib:/usr/local/lib
export CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib:$ORACLE_HOME/network/jlib
export THREADS_FLAG=native
export TEMP=/tmp
export TMPDIR=/tmp
umask 022
oracle用户的配置文件:
[oracle@racnode1 ~]$ cat .bash_profile
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
# User specific environment and startup programs
PATH=$PATH:$HOME/.local/bin:$HOME/bin
export PATH
export ORACLE_SID=racdb1
export ORACLE_UNQNAME=racdb
export JAVA_HOME=/usr/local/java
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1
export ORACLE_PATH=/u01/app/commom/oracle/sql
export ORACLE_TERM=xterm
export NLS_DATE_FORMAT="DD-MON-YYYY HH24:MI:SS"
export TNS_ADMIN=$ORACLE_HOME/network/admin
export ORA_NLS11=$ORACLE_HOME/nsl/data
export PATH=.:$PATH:${JAVA_HOME}/bin:$ORACLE_HOME/bin
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/oracm/lib:/lib:/usr/lib:/usr/local/lib
export CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib:$ORACLE_HOME/network/jlib
export THREADS_FLAG=native
export TEMP=/tmp
export TMPDIR=/tmp
umask 022
分别在两个节点创建目录:
[root@racnode1 ~]# mkdir -p /u01/app/grid
[root@racnode1 ~]# mkdir -p /u01/app/11.2.0/grid
[root@racnode1 ~]# chown -R grid:oinstall /u01
[root@racnode1 ~]# mkdir -p /u01/app/oracle
[root@racnode1 ~]# chown -R oracle:oinstall /u01/app/oracle/
[root@racnode1 ~]# chmod -R 755 /u01
[root@racnode1 ~]# ll /u01
total 0
drwxr-xr-x. 5 grid oinstall 46 Jun 7 10:38 app
[root@racnode1 ~]# ll /u01/app
total 0
drwxr-xr-x. 3 grid oinstall 18 Jun 7 10:37 11.2.0
drwxr-xr-x. 2 grid oinstall 6 Jun 7 10:37 grid
drwxr-xr-x. 2 oracle oinstall 6 Jun 7 10:38 oracle
4.配置ssh用户等效性
配置ssh用户等效性,实现节点间无密码访问。
分别在每个节点上建立.ssh目录,并创建密钥。
[root@racnode1 ~]# su - grid
Last login: Fri Jun 7 10:55:11 CST 2019 on pts/0
[grid@racnode1 ~]$ mkdir .ssh
[grid@racnode1 ~]$ chmod 700 .ssh
[grid@racnode1 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/grid/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/grid/.ssh/id_rsa.
Your public key has been saved in /home/grid/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:BTiknvN1AJTPi7FevbG7gG2Fb1eo6XjSNOXfpIfOVBk grid@racnode1
The key's randomart image is:
+---[RSA 2048]----+
| o+o. |
| .+. . |
| . +. . E |
| . .. o+ .. o|
| + +Sooo. ...|
| oo+o+=o.. ..|
| .o.+o==...= |
| ...==. o+ o|
| .o+o .o. |
+----[SHA256]-----+
[grid@racnode1 ~]$
在其余节点也执行上述命令。
将公钥添加到授权文件中:
[grid@racnode1 ~]$ touch .ssh/authorized_keys
[grid@racnode1 ~]$ ll .ssh
total 8
-rw-r--r-- 1 grid oinstall 0 Jun 7 11:02 authorized_keys
-rw------- 1 grid oinstall 1679 Jun 7 10:58 id_rsa
-rw-r--r-- 1 grid oinstall 395 Jun 7 10:58 id_rsa.pub
[grid@racnode1 ~]$ ssh racnode1 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host 'racnode1 (192.168.1.8)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode1,192.168.1.8' (ECDSA) to the list of known hosts.
grid@racnode1's password:
[grid@racnode1 ~]$ ssh racnode2 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
The authenticity of host 'racnode2 (192.168.1.9)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode2,192.168.1.9' (ECDSA) to the list of known hosts.
grid@racnode2's password:
[grid@racnode1 ~]$ ll .ssh
total 16
-rw-r--r-- 1 grid oinstall 790 Jun 7 11:03 authorized_keys
-rw------- 1 grid oinstall 1679 Jun 7 10:58 id_rsa
-rw-r--r-- 1 grid oinstall 395 Jun 7 10:58 id_rsa.pub
-rw-r--r-- 1 grid oinstall 364 Jun 7 11:03 known_hosts
[grid@racnode1 ~]$ scp .ssh/authorized_keys racnode2:.ssh/authorized_keys
grid@racnode2's password:
authorized_keys 100% 790 1.1MB/s 00:00
[grid@racnode1 ~]$ chmod 600 .ssh/authorized_keys
登录其他节点,修改authorized_keys的属性。
[grid@racnode2 ~]$ ll .ssh
total 12
-rw-r--r--. 1 grid oinstall 790 Jun 7 11:04 authorized_keys
-rw-------. 1 grid oinstall 1679 Jun 7 11:00 id_rsa
-rw-r--r--. 1 grid oinstall 395 Jun 7 11:00 id_rsa.pub
[grid@racnode2 ~]$ chmod 600 .ssh/authorized_keys
[grid@racnode2 ~]$
验证ssh等效性,首先在节点1上验证。
[grid@racnode1 ~]$ ssh racnode1 "date;hostname"
Fri Jun 7 11:10:11 CST 2019
racnode1
[grid@racnode1 ~]$ ssh racnode2 "date;hostname"
Fri Jun 7 11:10:24 CST 2019
racnode2
[grid@racnode1 ~]$
在节点2上验证:
[grid@racnode2 ~]$ ssh racnode1 "date;hostname"
The authenticity of host 'racnode1 (192.168.1.8)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode1,192.168.1.8' (ECDSA) to the list of known hosts.
Fri Jun 7 11:11:13 CST 2019
racnode1
[grid@racnode2 ~]$ ssh racnode2 "date;hostname"
The authenticity of host 'racnode2 (192.168.1.9)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode2,192.168.1.9' (ECDSA) to the list of known hosts.
Fri Jun 7 11:11:20 CST 2019
racnode2
[grid@racnode2 ~]$
5.X window 配置
安装过程需要GUI界面,我们使用ssh的X forwarding。如下图在Enable X11 forwarding前打勾。
重新登陆服务器。
我们配置下X11的显示属性参数。
[grid@racnode1 ~]$ cd ~
[grid@racnode1 ~]$ cat .Xresources
xterm*faceName:DejaVu Sans Mono:antialias=True:pixelsize=18
xterm*faceNameDoublesize:WenQuanYi Zen Hei Sharp:antialias=True:pixelsize=18
Xterm*locale:zh_CN.UTF-8
xterm*termName:xterm-256color
[grid@racnode1 ~]$ xrdb .Xresources
试试xterm的显示。
[grid@racnode1 ~]$ xterm &
[1] 17155
[grid@racnode1 ~]$
6.ASMlib安装配置
使用ASMlib直接在块设备上建立文件,不需要设定原始文件。
使用我们配置好的本地yum源。进行安装。
[root@racnode1 ~]# yum install oracleasm
oracleasm-support包和oracleasmlib包需要额外下载.下载地址
安装完成后查询包显示如下:
[root@racnode1 ~]# rpm -aq |grep oracleasm
oracleasm-support-2.1.11-1.el7.x86_64
kmod-oracleasm-2.0.8-22.1.0.1.el7_6.x86_64
oracleasmlib-2.0.12-1.el7.x86_64
初始配置:
[root@racnode1 Packages]# oracleasm configure -i
Configuring the Oracle ASM library driver.
This will configure the on-boot properties of the Oracle ASM library
driver. The following questions will determine whether the driver is
loaded on boot and what permissions it will have. The current values
will be shown in brackets ('[]'). Hitting without typing an
answer will keep that current value. Ctrl-C will abort.
Default user to own the driver interface [grid]: grid
Default group to own the driver interface [asmadmin]: asmadmin
Start Oracle ASM library driver on boot (y/n) [n]: y
Scan for Oracle ASM disks on boot (y/n) [y]: y
Writing Oracle ASM library driver configuration: done
装载ASMLib 驱动
[root@racnode1 Packages]# oracleasm init
Loading module "oracleasm": oracleasm
Configuring "oracleasm" to use device physical block size
Mounting ASMlib driver filesystem: /dev/oracleasm
创建设备:
[root@racnode1 Packages]# oracleasm createdisk CRS /dev/sdd1
Writing disk header: done
Instantiating disk: done
[root@racnode1 Packages]# oracleasm createdisk DATA /dev/sdb1
Writing disk header: done
Instantiating disk: done
[root@racnode1 Packages]# oracleasm createdisk FRA /dev/sdc1
Writing disk header: done
Instantiating disk: done
[root@racnode1 Packages]# oracleasm listdisks
CRS
DATA
FRA
在其余节点上也完成asmlib的安装和初始化。设备创建这步可以通过scandisks发现。
[root@racnode2 ~]# oracleasm scandisks
Reloading disk partitions: done
Cleaning any stale ASM disks...
Scanning system for ASM disks...
Instantiating disk "DATA"
Instantiating disk "FRA"
Instantiating disk "CRS"
[root@racnode2 ~]# oracleasm listdisks
CRS
DATA
FRA
[root@racnode2 ~]#
下一节,我们准备应用软件的安装。