2020-10-18 数据库与ansible

作业 1016

1= 如果主节点已经运行了一段时间，且有大量数据时，如何配置并启动slave节点（写出操作步骤）

# 主节点 10.0.0.8
# 新增从节点 10.0.0.81
1.在主服务器创建复制账号
grant replication slave on *.* to repluser@'10.0.0.%' identified by 'centos';

2.在主服务器完全备份
mkdir /backup
mysqldump -A -F --single-transaction --master-data=1 > /backup/fullbackup.sql
# 并将文件复制到新增的从节点
scp /backup/fullbackup.sql 10.0.0.81:

3.在从节点安装相同版本的数据库
yum -y install mysql-server

4.从节点配置
# 编辑配置文件
vim /etc/my.cnf
[mysqld]
server-id=81
# 启动服务
systemctl enable --now mysql

5.在从节点打开备份文件
# 找到以下内容：
CHANGE MASTER TO MASTER_LOG_FILE='mariadb-bin.000002', MASTER_LOG_POS=389;
# 将本行修改为下述内容：
CHANGE MASTER TO
MASTER_HOST='10.0.0.8',
MASTER_USER='repluser',
MASTER_PASSWORD='centos',
MASTER_PORT=3306, 
MASTER_LOG_FILE='mariadb-bin.000002', MASTER_LOG_POS=389;

6.在从节点执行恢复命令
mysql < fullbackup.sql

7.从节点登录数据库
# 开启从节点线程
start slave;

# 查看状态
show slave status\G;

8.检查从节点数据库内容，验证备份情况

2= 当master服务器宕机，提升一个slave成为新的master（写出操作步骤）

# 环境
master=10.0.0.8
slave1=10.0.0.81
slave2=10.0.0.82
###########################################################
1.比较两台从服务器的复制进度，选择数据最新的一台，让它成为新master
cat /var/lib/mysql/relay-log.info
# 比较第三行的值，数值大的优先（假设为slave2）

2.登录slave2的数据库
# 停止其线程，并清除从节点信息
stop slave;
reset slave all;

3.修改slave2的配置文件
# 关闭read-only配置，并开启二进制日志
vim /etc/my.cnf
[mysqld]
server-id=82
read-only=OFF
log-bin

4.清除原master的复制信息
set global read_only=off;
stop slave;
reset slave all;

5.slave2作为新的master
# 进行全备份
mysqldump -A -F --single-transaction --master-data=1 > backup.sql
# 将备份拷贝至slave1
scp backup.sql 10.0.0.81:

6.分析旧的 master的二进制日志，将未同步到至新 master的二进制日志导出来，恢复到新master
# 假设最新日志为 mariadb-bin.000777
# 首先导出文件
mysqlbinlog /var/lib/mysql/mariadb-bin.000777 > bin.sql
# 分析并编辑内容，只留下还未备份的内容
# 同步到新的master：
mysql < bin.sql

7.让slave1指向新的master
# 打开备份文件，编辑内容
vim backup.sql
找到 CHANGE MASTER TO... 修改为如下内容：
CHANGE MASTER TO
MASTER_HOST='10.0.0.82',
MASTER_USER='repluser',
MASTER_PASSWORD='centos',
MASTER_PORT=3306,
MASTER_LOG_FILE='mysql-bin.00000X', MASTER_LOG_POS=XXX;

# 在slave1进行还原：
MariaDB [hellodb]> stop slave;
MariaDB [hellodb]> reset slave all;
MariaDB [hellodb]> set sql_log_bin=off;
MariaDB [hellodb]> source backup.sql;
MariaDB [hellodb]> set sql_log_bin=on;
MariaDB [hellodb]> start slave;

8.查看状态
show slave status\G;

9.登录检查数据

3= 通过 MHA 0.58 搭建一个数据库集群结构

00——环境

# 环境:四台主机
10.0.0.7  CentOS7 MHA-manager
10.0.0.8  CentOS8 Master
10.0.0.81 CentOS8 Slave1
10.0.0.82 CentOS8 Slave2

01——在管理节点（CentOS7）上安装两个包

# 将两个安装包放入当前目录
yum -y install ./mha4mysql-*

02——在所有MySQL服务器上安装 MHA

# 另外3台 CentOS8 安装：
yum -y install ./mha4mysql-node-0.58-0.el7.centos.noarch.rpm

03——在所有节点实现相互之间ssh key验证

# 在CentOS7操作：
1# 生成密钥
ssh-keygen  执行之后连续3次回车

2# copy私钥到本机，得到私钥文件 authorized_keys
ssh-copy-id 127.0.0.1   执行之后验证本机密码

3# 将整个ssh目录复制到需要通讯的主机
# 首先各个主机全部安装rsync
yum -y install rsync

# 依次复制
rsync -a .ssh 10.0.0.8:/root/
rsync -a .ssh 10.0.0.81:/root/
rsync -a .ssh 10.0.0.82:/root/

4# 相互连接进行检验

04——在管理节点 (centos 7) 建立配置文件

# 脚本安装 mysql 5.7

# 准备配置文件
mkdir /etc/mastermha/
vim /etc/mastermha/app1.cnf
[server default]
user=mhauser
password=centos
manager_workdir=/data/mastermha/app1/
manager_log=/data/mastermha/app1/manager.log
remote_workdir=/data/mastermha/app1/
ssh_user=root
repl_user=repluser
repl_password=centos
ping_interval=1 
master_ip_failover_script=/usr/local/bin/master_ip_failover
report_script=/usr/local/bin/sendmail.sh
master_binlog_dir=/data/mysql/
check_repl_delay=1

[server1]                       
hostname=10.0.0.8
candidate_master=1

[server2]
hostname=10.0.0.81

[server3]
hostname=10.0.0.82
candidate_master=1

05——准备相关脚本

# 邮件报警
cat > /usr/local/bin/sendmail.sh << EOF
echo 'mysql is down' | mail -s 'MHA warning' [email protected]
EOF
# 添加执行权限
chmod +x /usr/local/bin/sendmail.sh
#################################################################
# 实现vip（虚拟ip）  perl语言脚本
vim /usr/local/bin/master_ip_failover

#!/usr/bin/env perl
use strict;
use warnings FATAL => 'all';
use Getopt::Long;
my (
$command, $ssh_user, $orig_master_host, $orig_master_ip,
$orig_master_port, $new_master_host, $new_master_ip, $new_master_port
);
my $vip = '10.0.0.100/24';
my $gateway = '10.0.0.254';
my $interface = 'eth0';
my $key = "1";
my $ssh_start_vip = "/sbin/ifconfig $interface:$key $vip;/sbin/arping -I
$interface -c 3 -s $vip $gateway >/dev/null 2>&1";
my $ssh_stop_vip = "/sbin/ifconfig $interface:$key down";
GetOptions(
'command=s' => \$command,
'ssh_user=s' => \$ssh_user,
'orig_master_host=s' => \$orig_master_host,
'orig_master_ip=s' => \$orig_master_ip,
'orig_master_port=i' => \$orig_master_port,
'new_master_host=s' => \$new_master_host,
'new_master_ip=s' => \$new_master_ip,
'new_master_port=i' => \$new_master_port,
);
exit &main();
sub main {
print "\n\nIN SCRIPT TEST====$ssh_stop_vip==$ssh_start_vip===\n\n";
if ( $command eq "stop" || $command eq "stopssh" ) {
# $orig_master_host, $orig_master_ip, $orig_master_port are passed.
# If you manage master ip address at global catalog database,
# invalidate orig_master_ip here.
my $exit_code = 1;
eval {
print "Disabling the VIP on old master: $orig_master_host \n";
&stop_vip();
$exit_code = 0;
};
if ($@) {
warn "Got Error: $@\n";
exit $exit_code;
}
exit $exit_code;
}
elsif ( $command eq "start" ) {
# all arguments are passed.
# If you manage master ip address at global catalog database,
# activate new_master_ip here.
# You can also grant write access (create user, set read_only=0, etc) here.
my $exit_code = 10;
eval {
print "Enabling the VIP - $vip on the new master - $new_master_host \n";
&start_vip();
$exit_code = 0;
};
if ($@) {
warn $@;
exit $exit_code;
}
exit $exit_code;
}
elsif ( $command eq "status" ) {
print "Checking the Status of the script.. OK \n";
`ssh $ssh_user\@$orig_master_host \" $ssh_start_vip \"`;
exit 0;
}
else {
&usage();
exit 1;
}
}
# A simple system call that enable the VIP on the new master
sub start_vip() {
`ssh $ssh_user\@$new_master_host \" $ssh_start_vip \"`;
}
# A simple system call that disable the VIP on the old_master
sub stop_vip() {
`ssh $ssh_user\@$orig_master_host \" $ssh_stop_vip \"`;
}
sub usage {
print
"Usage: master_ip_failover --command=start|stop|stopssh|status --
orig_master_host=host --orig_master_ip=ip --orig_master_port=port --
new_master_host=host --new_master_ip=ip --new_master_port=port\n";
}

# 添加执行权限
chmod +x /usr/local/bin/master_ip_failover

06——实现Master（10.0.0.8）

# 脚本安装 mysql 5.7

# 从 centos7 将安装文件拷贝过去
[root@centos7 ~]#scp ins.sh mysql-5.7.29-linux-glibc2.12-x86_64.tar.gz 10.0.0.8:

# 配置文件
vim /etc/my.cnf
[mysqld]
server_id=8
log-bin
general_log
general_log=ON
skip_name_resolve=1

# 重启服务
systemctl restart mysqld

# 二进制定位
mysql> show master logs;
+-------------------+-----------+
| Log_name          | File_size |
+-------------------+-----------+
| master-bin.000001 |       154 |
+-------------------+-----------+
1 row in set (0.00 sec)

# 创建账号！！！！！！
# 【复制账号】
grant replication slave on *.* to repluser@'10.0.0.%' identified by 'centos';
# 【MHA管理账号】
grant all on *.* to mhauser@'10.0.0.%' identified by 'centos';

# 配置VIP
ifconfig eth0:1 10.0.0.100/24

07——实现slave（两台）

# 脚本安装 mysql 5.7

# 从 centos7 将安装文件拷贝过去
[root@centos7 ~]#scp ins.sh mysql-5.7.29-linux-glibc2.12-x86_64.tar.gz 10.0.0.81:
[root@centos7 ~]#scp ins.sh mysql-5.7.29-linux-glibc2.12-x86_64.tar.gz 10.0.0.82:

# 分别配置
vim /etc/my.cnf
[mysqld]
server_id=81 与 82
log-bin
read_only
relay_log_purge=0
skip_name_resolve=1

# 重启服务
systemctl restart mysqld

# 实现主从
CHANGE MASTER TO 
MASTER_HOST='10.0.0.8', 
MASTER_USER='repluser',
MASTER_PASSWORD='centos', 
MASTER_LOG_FILE='master-bin.000001',
MASTER_LOG_POS=154;

# 启动线程
START SLAVE;
# 检查状态
show slave status\G;

08——检查MHA的环境

# 检查ssh
masterha_check_ssh --conf=/etc/mastermha/app1.cnf

# 检查repl
masterha_check_repl --conf=/etc/mastermha/app1.cnf

# 查看状态
masterha_check_status --conf=/etc/mastermha/app1.cnf

09——启动MHA

# 启动
nohup masterha_manager --conf=/etc/mastermha/app1.cnf &> /dev/null

# 查看状态
masterha_check_status --conf=/etc/mastermha/app1.cnf 

# 在主节点查看到健康性检查
tail -f /data/mysql/master.log 

4= 实战案例：Percona XtraDB Cluster(PXC 5.7）

01——环境准备

pxc1:10.0.0.7
pxc2:10.0.0.70
pxc3:10.0.0.71

02——安装 Percona XtraDB Cluster 5.7

# 官方源太慢，此处使用清华大学yum源
[root@pxc1 ~]#vim /etc/yum.repos.d/pxc.repo
[percona]
name=percona_repo
baseurl=https://mirrors.tuna.tsinghua.edu.cn/percona/release/$releasever/RPMS/$basearch
enabled=1
gpgcheck=0

# 测试安装效果
[root@pxc1 ~]#yum -y install Percona-XtraDB-Cluster-57

# 将此仓库拷贝至其他主机
[root@pxc1 ~]#scp /etc/yum.repos.d/pxc.repo 10.0.0.70:/etc/yum.repos.d
[root@pxc1 ~]#scp /etc/yum.repos.d/pxc.repo 10.0.0.71:/etc/yum.repos.d

# 其他节点安装pxc
[root@pxc2 ~]#yum -y install Percona-XtraDB-Cluster-57
[root@pxc3 ~]#yum -y install Percona-XtraDB-Cluster-57

03——在各个节点上分别配置mysql及集群配置文件

# 主配置文件 /etc/my.cnf 不需要修改
# /etc/percona-xtradb-cluster.conf.d/mysqld_safe.cnf   不需要修改

# PXC的配置文件必须修改
[root@pxc1 ~]# vim /etc/percona-xtradb-cluster.conf.d/wsrep.cnf
【8行】 wsrep_cluster_address=gcomm://10.0.0.7,10.0.0.70,10.0.0.71
【25行】 wsrep_node_address=10.0.0.7
【30行】 wsrep_node_name=pxc-cluster-node-1    # 默认为1
【39行】 wsrep_sst_auth="sstuser:s3cretPass"
# 补充
vim /etc/percona-xtradb-cluster.conf.d/mysqld.cnf 文件中 server-id=1 保持默认值

[root@pxc2 ~]# vim /etc/percona-xtradb-cluster.conf.d/wsrep.cnf
【8行】 wsrep_cluster_address=gcomm://10.0.0.7,10.0.0.70,10.0.0.71
【25行】 wsrep_node_address=10.0.0.70
【30行】 wsrep_node_name=pxc-cluster-node-2    # 修改为2
【39行】 wsrep_sst_auth="sstuser:s3cretPass"
# 补充
vim /etc/percona-xtradb-cluster.conf.d/mysqld.cnf 文件中 server-id=2 # 修改为2

[root@pxc3 ~]# vim /etc/percona-xtradb-cluster.conf.d/wsrep.cnf
【8行】 wsrep_cluster_address=gcomm://10.0.0.7,10.0.0.70,10.0.0.71
【25行】 wsrep_node_address=10.0.0.71
【30行】 wsrep_node_name=pxc-cluster-node-3    # 修改为3
【39行】 wsrep_sst_auth="sstuser:s3cretPass"
# 补充
vim /etc/percona-xtradb-cluster.conf.d/mysqld.cnf 文件中 server-id=3 # 修改为3

04——启动PXC集群中第一个节点

# 启动
[root@pxc1 ~]#systemctl start [email protected]

# 查看端口，发现多出 3306 和 4567

# 查看root密码
[root@pxc1 ~]#grep "temporary password" /var/log/mysqld.log
2020-10-16T13:30:57.915970Z 1 [Note] A temporary password is generated for root@localhost: 6K/1!*iSAdr>

# 登录
[root@pxc1 ~]#mysql -uroot -p'6K/1!*iSAdr>'

# 修改密码
mysql> alter user 'root'@'localhost' identified by 'centos';

# 创建相关用户并授权
mysql> CREATE USER 'sstuser'@'localhost' IDENTIFIED BY 's3cretPass';
mysql> GRANT RELOAD, LOCK TABLES, PROCESS, REPLICATION CLIENT ON *.* TO 'sstuser'@'localhost';

# 查看相关变量
mysql> SHOW VARIABLES LIKE 'wsrep%'\G;

# 查看相关状态变量
mysql> SHOW STATUS LIKE 'wsrep%'\G;

05——启动PXC集群中其它所有节点

# 启动
[root@pxc2 ~]#systemctl start mysql
[root@pxc3 ~]#systemctl start mysql

# 分别查看端口
3306 + 4567

06——查看集群状态，验证集群是否成功

# 在任意节点，查看集群状态
[root@pxc2 ~]#mysql -uroot -pcentos
mysql> SHOW VARIABLES LIKE 'wsrep_node_name';
+-----------------+--------------------+
| Variable_name   | Value              |
+-----------------+--------------------+
| wsrep_node_name | pxc-cluster-node-2 |
+-----------------+--------------------+
1 row in set (0.00 sec)

mysql> SHOW VARIABLES LIKE 'wsrep_node_address';
+--------------------+-----------+
| Variable_name      | Value     |
+--------------------+-----------+
| wsrep_node_address | 10.0.0.70 |
+--------------------+-----------+
1 row in set (0.00 sec)

mysql> SHOW VARIABLES LIKE 'wsrep_on';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| wsrep_on      | ON    |
+---------------+-------+
1 row in set (0.00 sec)

mysql> SHOW STATUS LIKE 'wsrep_cluster_size';
+--------------------+-------+
| Variable_name      | Value |
+--------------------+-------+
| wsrep_cluster_size | 3     |
+--------------------+-------+
1 row in set (0.00 sec)


# 在任意节点查看数据库
mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
4 rows in set (0.00 sec)


# 在任意节点创建数据库
# pxc3创建：
mysql> create database caokunzi333;
Query OK, 1 row affected (0.00 sec)

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| caokunzi333        |
| mysql              |
| performance_schema |
| sys                |
+--------------------+
5 rows in set (0.01 sec)

# px1和px2验证：
mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| caokunzi333        |      # 同步成功
| mysql              |
| performance_schema |
| sys                |
+--------------------+
5 rows in set (0.00 sec)

# 利用Xshell撰写栏工具，同时在三个节点数据库，只会在其中一个节点成功
# px1：
mysql> create database  onetime;
ERROR 1007 (HY000): Can't create database 'onetime'; database exists

# px2：
mysql> create database  onetime;
Query OK, 1 row affected (0.01 sec)

# px3：
mysql> create database  onetime;
ERROR 1007 (HY000): Can't create database 'onetime'; database exists

5= 通过 ansible 部署二进制 mysql 8

# 主机准备
堡垒机 10.0.0.7
# 远程主机
[root@centos7 ~]#cat hosts.list 
10.0.0.71
10.0.0.72
10.0.0.81
10.0.0.82

# 实现key验证
[root@centos7 ~]#cat ssh.sh 
#!/bin/bash
#
#********************************************
#Author:       jacklee
#QQ:           1227163339
#Time:         2020-10-18_10:14:39
#FileName:     ssh.sh
#Copyright:    2020 All rights reserved
#Description:   
#*********************************************
rpm -q sshpass || yum -y install sshpass
[ -f /root/.ssh/id_rsa ] || ssh-keygen -f /root/.ssh/id_rsa -P ''

export SSHPASS=centos

while read IP; do
    sshpass -e ssh-copy-id -o StrictHostKeyChecking=no $IP
done < hosts.list

# 运行脚本并验证key
[root@centos7 ~]#ssh 10.0.0.71
Last login: Sun Oct 18 09:46:03 2020 from 10.0.0.1
[root@centos7 ~]#logout
Connection to 10.0.0.71 closed.
[root@centos7 ~]#ssh 10.0.0.72
Last login: Sun Oct 18 09:46:17 2020 from 10.0.0.1
[root@centos7 ~]#logout
Connection to 10.0.0.72 closed.
[root@centos7 ~]#ssh 10.0.0.81
Last login: Sun Oct 18 09:46:24 2020 from 10.0.0.1
[root@centos8 ~]#logout
Connection to 10.0.0.81 closed.
[root@centos7 ~]#ssh 10.0.0.82
Last login: Sun Oct 18 09:46:27 2020 from 10.0.0.1
[root@centos8 ~]#

# 安装 ansible，并准备主机列表
yum -y install ansible

[root@centos7 ~]#cat /etc/ansible/hosts
[appsrvs]
10.0.0.71
10.0.0.81
[websrvs]
10.0.0.72
10.0.0.82

# 检验
[root@centos7 ~]#ansible all --list
  hosts (4):
    10.0.0.71
    10.0.0.81
    10.0.0.72
    10.0.0.82

# 测试可用性
[root@centos7 ~]#ansible all -m ping
10.0.0.72 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
10.0.0.71 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    }, 
    "changed": false, 
    "ping": "pong"
}
10.0.0.81 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    }, 
    "changed": false, 
    "ping": "pong"
}
10.0.0.82 | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    }, 
    "changed": false, 
    "ping": "pong"
}
----------------------------------------------------------------------
# 准备文件目录
mkdir -pv /data/ansible/files/

# 准备相关文件
cd /data/ansible/files/
# 安装包： 
mysql-8.0.19-linux-glibc2.12-x86_64.tar.xz

# 配置文件
vim my.cnf
[mysqld]
socket=/tmp/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file_per_table=1
log-bin
pid-file=/data/mysql/mysqld.pid
[client]
port=3306
socket=/tmp/mysql.sock
[mysqld_safe]
log-error=/var/log/mysqld.log

# 安全加固解决方案
vim  /data/ansible/files/secure_mysql.sh

#!/bin/bash
yum -y install expect &> /dev/null
expect &> /dev/null <