目录
主节点环境准备:
主节点配置repmgr
备节点环境准备:
配置主备节点ssh互信
配置repmgrd实现自动故障转移
配置见证节点 防止脑裂(存在多个主节点)
关闭防火墙 防止备节点连接失败
[postgres@localhost conf]$ su root
[root@localhost conf]# firewall-cmd --add-port=5666/tcp --permanent
[root@localhost conf]# firewall-cmd --reload
修改主机名
[root@localhost ~]# vi /etc/hosts
192.168.144.140 myserver01
192.168.144.141 myserver02
192.168.144.145 myserver03
192.168.144.149 myserver04
上传源码包并解压
[postgres@localhost ~]$ cd resoruce/
[postgres@localhost resoruce]$ ll
-rw-r--r--. 1 postgres postgres 453529 May 7 03:18 repmgr-5.3.1.tar.gz
[postgres@localhost resoruce]$ tar -zxvf repmgr-5.3.1.tar.gz
环境检查
[postgres@localhost resoruce]$ cd repmgr-5.3.1
[postgres@localhost repmgr-5.3.1]$ ./configure
安装依赖
[postgres@localhost repmgr-5.3.1]$ su root
[root@localhost repmgr-5.3.1]# yum install -y flex
编译安装
[postgres@localhost repmgr-5.3.1]$ make
[postgres@localhost repmgr-5.3.1]$ make install
安装完成
[postgres@localhost repmgr-5.3.1]$ ls /home/postgres/soft/bin | grep repmgr
repmgr
repmgrd
创建扩展
[postgres@localhost repmgr-5.3.1]$ psql -U pgadmin -d appdb
appdb=# create extension repmgr;
相关表
appdb=# select * from repmgr.nodes limit 10;
appdb=# select * from repmgr.events limit 10;
appdb=# select * from repmgr.monitoring_history limit 10;
appdb=# select * from repmgr.replication_status limit 10;
appdb=# select * from repmgr.show_nodes limit 10;
开启复制模式
[postgres@localhost data]$ psql -U pgadmin -d appdb
psql (12.0)
Type "help" for help.
appdb=# alter system set archive_mode = on;
ALTER SYSTEM
appdb=# alter system set archive_command = 'cp %p /home/postgres/data/%f';
ALTER SYSTEM
appdb=# alter system set wal_level = replica;
ALTER SYSTEM
appdb=# alter system set listen_addresses = '*';
配置pg_hba文件 保证备节点可以连接
[postgres@localhost data]$ vi $PGDATA/pg_hba.conf
host appdb postgres 0.0.0.0/0 trust
host replication all 0.0.0.0/0 trust
重启数据库
[postgres@localhost data]$ pg_ctl restart
修改repmgr配置文件
[postgres@localhost data]$ mkdir -p /home/postgres/conf
[postgres@localhost data]$ cd /home/postgres/conf/
[postgres@localhost conf]$ vi repmgr.conf
node_id = 1
node_name = 'myserver01'
conninfo = 'host=myserver01 user=pgadmin dbname=appdb port=5666 password=1qaz@WSX'
data_directory = '/home/postgres/soft/../data' #这个是备节点准备克隆的目录 与$PGDATA保持一致
log_level = 'DEBUG'
log_facility = 'STDERR'
log_file = '/home/postgres/conf/repmgr.log'
log_status_interval = 150
注册主节点
[postgres@localhost conf]$ repmgr -f /home/postgres/conf/repmgr.conf primary register
INFO: connecting to primary database...
DEBUG: connecting to: "user=pgadmin password=1qaz@WSX dbname=appdb host=myserver01 port=5666 connect_timeout=2 fallback_application_name=repmgr options=-csearch_path="
INFO: "repmgr" extension is already installed
NOTICE: primary node record (ID: 1) registered
查看主节点注册信息
[postgres@localhost conf]$ repmgr cluster show -f /home/postgres/conf/repmgr.conf
关闭防火墙
[postgres@localhost conf]$ su root
[root@localhost conf]# firewall-cmd --add-port=5666/tcp --permanent
[root@localhost conf]# firewall-cmd --reload
修改主机名
[root@localhost ~]# vi /etc/hosts
192.168.144.140 myserver01
192.168.144.141 myserver02
192.168.144.145 myserver03
192.168.144.149 myserver04
创建用户
[root@localhost ~]# groupadd postgres
[root@localhost ~]# useradd -g postgres postgres
[root@localhost ~]# passwd postgres
创建表空间目录
[postgres@localhost ~]$ su - root
[root@localhost ~]# cd /
[root@localhost /]# mkdir /exam
[root@localhost /]# chown postgres.postgres /exam
创建日志目录
[postgres@localhost openssl]$ su root
[root@localhost openssl]# mkdir /pglog
[root@localhost openssl]# chown postgres.postgres /pglog
安装数据库(不用初始化数据库)
[root@localhost ~]# yum install -y openssl-devel gcc gcc-c++ readline-devel zlib-devel
[postgres@myserver02 resource]$ tar -xvf postgresql-12.0.tar
[postgres@myserver02 resource]$ cd postgresql-12.0
[postgres@myserver02 postgresql-12.0]$ ./configure --prefix=/home/postgres/soft/ --with-openssl --with-pgport=5666
[postgres@myserver02 postgresql-12.0]$ make world -j4
[postgres@myserver02 postgresql-12.0]$ make install-world -j4
[postgres@myserver02 postgresql-12.0]$ su - postgres
[postgres@myserver02 postgresql-12.0]$ vi ~/.bashrc
[postgres@myserver02 postgresql-12.0]$ source ~/.bashrc
export PGHOME=/home/postgres/soft
export PGDATA=${PGHOME}/../data
export PATH=${PGHOME}/bin:${PATH}
安装repmgr
[postgres@myserver02 resource]$ cd ~/resource/
[postgres@myserver02 resource]$ su root
[root@myserver02 resource]# yum install -y flex
[root@myserver02 resource]# su - postgres
[postgres@myserver02 resource]$ tar -zxvf repmgr-5.3.1.tar.gz
[postgres@myserver02 repmgr-5.3.1]$ cd resource/repmgr-5.3.1
[postgres@myserver02 repmgr-5.3.1]$ ./configure
[postgres@myserver02 repmgr-5.3.1]$ make
[postgres@myserver02 repmgr-5.3.1]$ make install
配置repmgr
[postgres@localhost repmgr-5.3.1]$ mkdir -p /home/postgres/conf
[postgres@localhost repmgr-5.3.1]$ cd /home/postgres/conf/
[postgres@localhost conf]$ vi repmgr.conf
node_id = 2
node_name = 'myserver02'
conninfo = 'host=myserver02 user=pgadmin dbname=appdb port=5666 password=1qaz@WSX'
data_directory = '/home/postgres/data' #这个目录一定要是空目录才行 要往这个目录克隆
log_level = 'DEBUG'
log_facility = 'STDERR'
log_file = '/home/postgres/conf/repmgr.log'
log_status_interval = 150
配置pgpass 不然克隆时会报密码错误
[postgres@localhost soft]$ cd ~
[postgres@localhost ~]$ touch ~/.pgpass
[postgres@localhost ~]$ chmod 0600 ~/.pgpass
[postgres@localhost ~]$ vi ~/.pgpass
#hostname:port:database:username:password
localhost:5666:postgres:pgadmin:1qaz@WSX
将主节点克隆到备节点(备节点执行)
[postgres@localhost conf]$ repmgr -h 192.168.144.140 -U pgadmin -d appdb -f /home/postgres/conf/repmgr.conf standby clone --dry-run
[postgres@localhost conf]$ repmgr -h 192.168.144.140 -U pgadmin -d appdb -f /home/postgres/conf/repmgr.conf standby clone
配置openssl 因为主节点开启了openssl 备节点不开启 会启动失败
过程见 PostgreSQL开启openssl(通讯加密)_GNAIXGNAHZ的博客-CSDN博客
[postgres@localhost ~]$ cd ~
[postgres@localhost ~]$ mkdir openssl
[postgres@localhost ~]$ cd openssl/
[postgres@localhost openssl]$ openssl req -new -nodes -text -out root.csr -keyout root.key -subj "/CN=test1"
[postgres@localhost openssl]$ chmod og-rwx root.key
[postgres@localhost openssl]$ cp /etc/pki/tls/openssl.cnf /home/postgres/openssl/
[postgres@localhost openssl]$ vi openssl.cnf
[ CA_default ]
dir = /home/postgres/openssl # Where everything is kept
certs = $dir # Where the issued certs are kept
[postgres@localhost openssl]$ openssl x509 -req -in root.csr -text -days 3650 -extfile /home/postgres/openssl//openssl.cnf -extensions v3_ca -signkey root.key -out root.crt
[postgres@localhost openssl]$ openssl req -new -nodes -text -out server.csr -keyout server.key -subj "/CN=test1"
[postgres@localhost openssl]$ chmod og-rwx server.key
[postgres@localhost openssl]$ openssl x509 -req -in server.csr -text -days 365 -CA root.crt -CAkey root.key -CAcreateserial -out server.crt
[postgres@localhost openssl]$ vi $PGDATA/postgresql.conf
ssl = on
#ssl_ca_file = ''
ssl_cert_file = '/home/postgres/openssl/server.crt'
#ssl_crl_file = ''
ssl_key_file = '/home/postgres/openssl/server.key'
修改配置文件 保证备库可以连接
[postgres@localhost conf]$ vi $PGDATA/pg_hba.conf
host all all 192.168.144.0/24 trust
host replication all 192.168.144.0/24 trust
[postgres@localhost conf]$ vi $PGDATA/postgresql.conf
listen_addresses = '*'
启动备节点
[root@localhost openssl]# su postgres
[postgres@localhost openssl]$ pg_ctl start
注册备节点
[postgres@localhost openssl]$ repmgr -f /home/postgres/conf/repmgr.conf standby register
主节点信任备节点
[postgres@myserver01 conf]$ su - postgres
[postgres@myserver01 ~]$ ssh-keygen
[postgres@myserver01 ~]$ ssh-copy-id postgres@myserver02 #备节点IP
备节点信任主节点
[postgres@myserver02 conf]$ su - postgres
[postgres@myserver02 ~]$ ssh-keygen
[postgres@myserver02 ~]$ ssh-copy-id postgres@myserver01 #主节点IP
将备节点手工切换为主节点(手动故障转移)
[postgres@localhost ~]$ repmgr -f /home/postgres/conf/repmgr.conf standby switchover --siblings-follow
[postgres@localhost ~]$ repmgr cluster -f /home/postgres/conf/repmgr.conf show
停止集群 先停止备库 后停止主库
[postgres@localhost conf]$ pg_ctl stop
所有节点都需要添加预加载库
[postgres@myserver01 conf]$ vi $PGDATA/postgresql.conf
shared_preload_libraries = 'repmgr'
所有节点修改repmgr配置文件 添加参数
[postgres@localhost conf]$ vi /home/postgres/conf/repmgr.conf
monitor_interval_secs = 1
connection_check_type = ping
reconnect_attempts = 2
reconnect_interval = 5
failover = automatic
promote_command = '/home/postgres/soft/bin/repmgrd standby promote -f /home/postgres/conf/repmgr.conf'
follow_command = '/home/postgres/soft/bin/repmgrd standby follow -f /home/postgres/conf/repmgr.conf --upstream-node-id=%n'
启动集群 先启动主节点 后启动备节点
[postgres@localhost conf]$ pg_ctl start
所有节点启动repmgrd
[postgres@localhost conf]$ repmgrd -f /home/postgres/conf/repmgr.conf -d -p /home/postgres/conf/repmgr.pid
检查repmgrd是否正常
[postgres@myserver01 conf]$ repmgr -f /home/postgres/conf/repmgr.conf service status
停止主节点 模拟故障
[postgres@localhost conf]$ pg_ctl stop
明天再写
[postgres@myserver01 system]$ su root
[root@myserver01 system]# vi /usr/lib/systemd/system/postgresql-12.service
[Unit]
Description=PostgreSQL database server
After=network.target
[Service]
Type=forking
User=postgres
Group=postgres
OOMScoreAdjust=-1000
Environment=PG_OOM_ADJUST_FILE=/proc/self/oom_score_adj
Environment=PG_OOM_ADJUST_VALUE=0
Environment=PGDATA=/home/postgres/data
Environment=PGLOG=/tmp/logfile
ExecStart=/home/postgres/soft/bin/pg_ctl start -D ${PGDATA} -l ${PGLOG}
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
KillSignal=SIGINT
TimeoutSec=0
[Install]
WantedBy=multi-user.target
配置sudoers
[root@myserver01 system]# visudo
[root@myserver01 system]# scp /etc/sudoers root@server2:/etc/ #复制到从节点
#includedir /etc/sudoers.d
Defaults:postgres !requiretty
postgres ALL=NOPASSWD:/bin/systemctl start postgresql-12,\
/bin/systemctl stop postgresql-12,\
/bin/systemctl reload postgresql-12,\
/bin/systemctl status postgresql-12,\
/bin/systemctl restart postgresql-12
检查sudo是否正常
[root@myserver01 ~]# su postgres
[postgres@myserver01 root]$ sudo systemctl status postgresql-12
[postgres@myserver01 root]$ sudo systemctl stop postgresql-12
[postgres@myserver01 root]$ sudo systemctl start postgresql-12
配置repmgr.conf其他参数
[postgres@myserver01 root]$ vi /home/postgres/conf/repmgr.conf
#[options configuration]
replication_user = 'appuser'
replication_type = 'physical'
ssh_options='-q -o ConnectTimeout=10'
#[log record]
log_level = 'DEBUG'
log_facility = 'STDERR'
log_file = '/home/postgres/conf/repmgr.log'
log_status_interval = 150
#[service command configuration]
service_start_command = 'sudo systemctl start postgresql-12'
service_stop_command = 'sudo systemctl stop postgresql-12'
service_restart_command = 'sudo systemctl restart postgresql-12'
service_reload_command = 'sudo systemctl reload postgresql-12'