heartbeat 监听在udp的694的端口
LRM:本地资源管理器
CRM:资源管理器
RA:资源代理(脚本)
heartbeat legacy : heartbeat 传统类型的资源代理,通常位于/etc/ha.d/haresources.d/目录下;
LSB:/etc/rc.d/init.d/*{start|stop|status|restart} 目录下的脚本;
具体实现:
[root@stu21 ~]# lftp 172.16.0.1
lftp 172.16.0.1:~> cd pub/Sources/6.x86_64
lftp 172.16.0.1:/pub/Sources/6.x86_64> mirror heartbeat2/
Total: 1 directory, 7 files, 0 symlinks
New: 7 files, 0 symlinks
5829264 bytes transferred
lftp 172.16.0.1:/pub/Sources/6.x86_64>
lftp 172.16.0.1:/pub/Sources/6.x86_64> bye
[root@stu21 ~]# ls
anaconda-ks.cfg heartbeat2 install.log lamp_source nginx-1.4.7.tar.gz nginx-1.6.2.tar.gz
dir.sh ifcfg-eth6 install.log.syslog nginx nginx-1.6.2
[root@stu21 ~]# cd heartbeat2/
[root@stu21 heartbeat2]#
[root@stu21 heartbeat2]# ls
heartbeat-2.1.4-12.el6.x86_64.rpm heartbeat-ldirectord-2.1.4-12.el6.x86_64.rpm
heartbeat-debuginfo-2.1.4-12.el6.x86_64.rpm heartbeat-pils-2.1.4-12.el6.x86_64.rpm
heartbeat-devel-2.1.4-12.el6.x86_64.rpm heartbeat-stonith-2.1.4-12.el6.x86_64.rpm
heartbeat-gui-2.1.4-12.el6.x86_64.rpm
安装方法:
1、# yum install net-snmp-libs libnet PyXML perl-Time-Date
2、# rpm -ivh heartbeat-2.1.4-12.el6.x86_64.rpm heartbeat-stonith-2.1.4-12.el6.x86_64.rpm heartbeat-pils-2.1.4-12.el6.x86_64.rpm
同步时间
(两个节点)
节点一(172.16.21.6)
[root@stu21 heartbeat2]# ntpdate 172.16.0.1
31 Dec 20:59:25 ntpdate[6950]: adjust time server 172.16.0.1 offset 0.379319 sec
[root@stu21 heartbeat2]#
最好几分钟同步一下
[root@stu21 heartbeat2]# crontab -e
no crontab for root - using an empty one
*/3 * * * * /usr/sbin/ntpdate 172.16.0.1 &> /dev/null
~
~
节点二:(172.16.21.10)
[root@stu21 heartbeat2]# ntpdate 172.16.0.1
31 Dec 21:00:50 ntpdate[4737]: adjust time server 172.16.0.1 offset 0.380532 sec
[root@stu21 heartbeat2]#
最好每个几分钟同步一下
[root@stu21 heartbeat2]# crontab -e
no crontab for root - using an empty one
*/3 * * * * /usr/sbin/ntpdate 172.16.0.1 &> /dev/null
~
~
在节点一上生成密钥,使得两节点间检测心跳信息无须密码
[root@stu21 .ssh]# ssh-keygen -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
75:cc:d5:7e:f8:ae:d6:c7:7b:36:45:f6:22:a8:06:dc [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| .. |
| o . .|
| . + o |
| . . . =|
| . .S . +o|
| o E . . . +|
| . . . =.|
| o ..B|
| . ..+=|
+-----------------+
[root@stu21 .ssh]#
在 节点1 的 /etc/hosts 下增加 " uname -n " 所显示两个节点的内容
172.16.21.6 node1.stu21.com node1(别名)
172.16.21.10 node2.stu21.com node2(别名)
[root@stu21 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node2
The authenticity of host 'node2 (172.16.21.10)' can't be established.
RSA key fingerprint is 6a:5a:71:de:61:ca:29:01:c2:7d:8d:6f:06:27:2b:b2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2' (RSA) to the list of known hosts.
root@node2's password:
Now try logging into the machine, with "ssh 'root@node2'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@stu21 ~]# cd .ssh/
[root@stu21 .ssh]# ls
authorized_keys id_rsa id_rsa.pub known_hosts
[root@stu21 .ssh]# ssh node2 'date';date
Wed Dec 31 21:38:29 CST 2014
Wed Dec 31 21:38:29 CST 2014
[root@stu21 .ssh]#
[root@stu21 ~]# scp /etc/hosts node2:/etc/hosts
hosts 100% 358 0.4KB/s 00:00
[root@stu21 ~]#
在节点2 的终端上生成密钥一份给 节点2的机子上
[root@stu21 ~]# ssh-keygen -t rsa -P ''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
fe:fe:67:a7:c2:da:23:a9:91:28:05:4b:06:ea:87:84 [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| . |
|.. . |
|E. + |
|o .o o |
| o .. . S |
| . . o . |
| . . + o |
| . oo.+ o .|
| .o++o=.o |
+-----------------+
[root@stu21 ~]#
[root@stu21 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node1
The authenticity of host 'node1 (172.16.21.6)' can't be established.
RSA key fingerprint is 6a:5a:71:de:61:ca:29:01:c2:7d:8d:6f:06:27:2b:b2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node1,172.16.21.6' (RSA) to the list of known hosts.
root@node1's password:
Permission denied, please try again.
root@node1's password:
Now try logging into the machine, with "ssh 'root@node1'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
验证下是否能检测对方时间
[root@stu21 ~]# ssh node1 'date' ; date
Wed Dec 31 21:50:55 CST 2014
Wed Dec 31 21:50:55 CST 2014
[root@stu21 ~]#
前期准备已将完成,接下来就是配置la
分别在两个节点机子上检查
[root@stu21 ~]# rpm -ql heartbeat
[root@stu21 ~]# cd /usr/share/doc/heartbeat-2.1.4/
[root@stu21 heartbeat-2.1.4]# ls
apphbd.cf COPYING.LGPL GettingStarted.txt hb_report.html README startstop
authkeys DirectoryMap.txt ha.cf hb_report.txt Requirements.html
AUTHORS faqntips.html HardwareGuide.html heartbeat_api.html Requirements.txt
ChangeLog faqntips.txt HardwareGuide.txt heartbeat_api.txt rsync.html
COPYING GettingStarted.html haresources logd.cf rsync.txt
[root@stu21 heartbeat-2.1.4]# cp -p authkeys haresources ha.cf /etc/ha.d/
[root@stu21 heartbeat-2.1.4]#
[root@stu21 heartbeat-2.1.4]# cd /etc/ha.d/
[root@stu21 ha.d]#
[root@stu21 ha.d]# ll
total 48
-rw-r--r-- 1 root root 645 Sep 10 2013 authkeys
-rw-r--r-- 1 root root 10539 Sep 10 2013 ha.cf
-rwxr-xr-x 1 root root 745 Sep 10 2013 harc
-rw-r--r-- 1 root root 5905 Sep 10 2013 haresources
drwxr-xr-x 2 root root 4096 Dec 31 20:43 rc.d
-rw-r--r-- 1 root root 692 Sep 10 2013 README.config
drwxr-xr-x 2 root root 4096 Dec 31 20:43 resource.d
-rw-r--r-- 1 root root 7864 Sep 10 2013 shellfuncs
[root@stu21 ha.d]#
改下加深颜色的文件权限必须为 600或是400
[root@stu21 ha.d]# chmod 600 authkeys
[root@stu21 ha.d]# ll
total 48
-rw------- 1 root root 645 Sep 10 2013 authkeys
-rw-r--r-- 1 root root 10539 Sep 10 2013 ha.cf
-rwxr-xr-x 1 root root 745 Sep 10 2013 harc
-rw-r--r-- 1 root root 5905 Sep 10 2013 haresources
drwxr-xr-x 2 root root 4096 Dec 31 20:43 rc.d
-rw-r--r-- 1 root root 692 Sep 10 2013 README.config
drwxr-xr-x 2 root root 4096 Dec 31 20:43 resource.d
-rw-r--r-- 1 root root 7864 Sep 10 2013 shellfuncs
[root@stu21 ha.d]#
配置文件:
ha.cf: heartbeat的主配置文件;
authkeys:集群信息加密算法及密钥;
haresources: heartbeat v1的CRM配置接口;
---------------------------------------------------------------------------------------------------------------------------------
[root@stu21 ha.d]# vim ha.cf
logfile /var/log/ha-log(开启)
#
#
# Facility to use for syslog()/logger
#
#logfacility local0(关闭)//如果要开启,则需要在 /etc/rsyslog.conf 增加一条 local0.* /var/log/heartbeat.log
.
.
mcast eth0 227.203.101.1 694 1 0(开启多播地址,集群,得在默认下修改)
#node ken3
#node kathy
node node1.stu21.com (节点1 uname -n)
node node2.stu21.com(节点2 )
#ping 10.10.10.254
ping 172.16.0.1
compression bz2
#
# Confiugre compression threshold
# This value determines the threshold to compress a message,
# e.g. if the threshold is 1, then any message with size greater than 1 KB
# will be compressed, the default is 2 (KB)
compression_threshold 2
---------------------------------------------------------------------------------------------------------------------------------
[root@node1 ~]# openssl rand -hex 6
89b3938df5e8
[root@node1 ~]#
[root@stu21 ha.d]# ls
authkeys ha.cf harc haresources rc.d README.config resource.d shellfuncs
[root@stu21 ha.d]# vim authkeys
#auth 1
#1 crc
#2 sha1 HI!
#3 md5 Hello!
auth 2
2 sha1 89b3938df5e8
[root@stu21 ha.d]# vim haresources
#node1 10.0.0.170 Filesystem::/dev/sda1::/data1::ext2
#
# Regarding the node-names in this file:
#
# They must match the names of the nodes listed in ha.cf, which in turn
# must match the `uname -n` of some node in the cluster. So they aren't
#virtual in any sense of the word.
node1.stu21.com 172.16.21.35/16/eth0/172.16.255.255 httpd(只加这一句)
接下来同样复制一份给节点 node2
[root@stu21 ha.d]# scp -p authkeys haresources ha.cf node2:/etc/ha.d/
authkeys 100% 672 0.7KB/s 00:00
haresources 100% 5968 5.8KB/s 00:00
ha.cf 100% 10KB 10.4KB/s 00:00
[root@stu21 ha.d]#
下面来测试两节点的web服务器是否正常
测试节点1(172.16.21.6)
[root@stu21 ha.d]# service nginx start
Starting nginx: [ OK ]
[root@stu21 ha.d]# curl 172.16.21.6
<h1>www.stu21.com /nginx </h1>
[root@stu21 ha.d]# service nginx stop
Stopping nginx: [ OK ]
[root@stu21 ha.d]# chkconfig nginx off
[root@stu21 ha.d]# chkconfig --list nginx
nginx 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@stu21 ha.d]#
测试节点2(172.16.21.10)
[root@stu21 ~]#
[root@stu21 ~]# curl 172.16.21.10
<h1>node2.stu21.com /nginx </h1>
[root@stu21 ~]# service nginx stop
Stopping nginx: [ OK ]
[root@stu21 ~]# chkconfig nginx off
[root@stu21 ~]# chkconfig --list nginx
nginx 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@stu21 ~]#
[root@stu21 ~]# service heartbeat start;ssh node2 'service heartbeat start'