群集-HA&LB-053

 HA 高可用性群集

高可用   HA  high  available

类型：

1.       active/passive  primary/standy

2.       active/active

RHCS

rhel4 16个节点

             Rhel5 100个节点

3.n-m

磁盘仲裁，大于半数才会正常工作

负载均衡群集 LB  并发连接

高可用性     HA    永不不断线

 

底层：探测心跳

Heatbeat

keepalived

ultamonkey

openais/corosync

二层：群集的资源

群集ip

服务进程  http等

网络存储资源（本地文件系统 ext2 ext3，数据更改不能同步）

Crf

Gfs2 全局文件系统

三层：异常处理方法

       脚本处理

Heartbeat的使用：

必须告诉heartbeat谁是主服务器。

可以走单播或者组播。

每个node要启用watchdog进程。

单独的物理连接链路。

Stonith避免群集分裂。

实现高可用性和负载均衡的步骤：

‍

53-1

Director1

Node是通过名称通信的 所以名称要能解析。

[root@director1 ~]# ifconfig eth0 192.168.2.10

--只需要配置网卡

[root@director1 ~]# ifconfig eth1 192.168.10.1

[root@director1 ~]# vim /etc/hosts

192.168.2.10      director1.test.com

192.168.2.11      director2.test.com                                   

[root@director1 ~]# vim /etc/sysconfig/network

HOSTNAME=director1.test.com                

[root@director1 ~]# ping director1.test.com

PING  director1.test.com (192.168.2.10) 56(84) bytes of data.

64 bytes from director1.test.com (192.168.2.10): icmp_seq=1 ttl=64 time=0.055 ms

两个director时间必须一致

停用ipvadm

[root@director1 ~]# service ipvsadm stop

[root@director1 ~]# chkconfig ipvsadm off

不在yum仓库，用yum安装解决依赖关系

[root@director1 ~]# ll

-rw-r--r-- 1 root root 1637449 Oct 12 18:35 heartbeat- 2.1.4 -11.el5.i386.rpm

-rw-r--r-- 1 root root   92173 Oct 12 18:35 heartbeat-pils- 2.1.4 -11.el5.i386.rpm

-rw-r--r-- 1 root root  179298 Oct 12 18:35 heartbeat-stonith- 2.1.4 -11.el5.i386.rpm

-rw-r--r-- 1 root root   56817 Mar 14  2010 libnet- 1.1.4 -3.el5.i386.rpm

[root@director1 ~]# yum localinstall heartbeat- 2.1.4 -11.el5.i386.rpm heartbeat-stonith-2.1.4-11.el5.i386.rpm heartbeat-pils-2.1.4-11.el5.i386.rpm libnet-1.1.4-3.el5.i386.rpm --nogpgcheck -y

[root@director1 ~]# cd /etc/ha.d/

拷贝软件包安装的模板文件

--主配文档

[root@director1 ha.d]# cp /usr/share/doc/heartbeat- 2.1.4 /ha.cf ./

[root@director1 ha.d]# cp /usr/share/doc/heartbeat- 2.1.4 /authkeys ./

--管理资料的文档

[root@director1 ha.d]# cp /usr/share/doc/heartbeat- 2.1.4 /haresources ./

[root@director1 ha.d]# cp /etc/init.d/ipvsadm resource.d/

 

[root@director1 ha.d]# vim ha.cf

91 bcast   eth1            # Linux

213 node director1.test.com   --指明群集中的节点

214 node director2.test.com

 

                            

[root@director1 ha.d]# vim haresources

44 #node-name resource1 resource2 ... resourceN

 45 director1.test.com 192.168.2.100 ipvsadm

--只需要指明主节点的，群集ip ，ipvsadm进程

 

--节点间认证

[root@director1 ha.d]# dd=/dev/urandom bs=512 count=1 |openssl md5 >>authkeys

[root@director1 ha.d]# vim authkeys

auth 1

1 md5 d41d8cd98f00b204e9800998ecf8427e

[root@director1 ha.d]# ipvsadm -A -t 192.168.2.100:80 -s rr

[root@director1 ha.d]# ipvsadm -a -t 192.168.2.100:80 -r 192.168.2.20 -g

[root@director1 ha.d]# ipvsadm -a -t 192.168.2.100:80 -r 192.168.2.30 -g

[root@director1 ha.d]# service ipvsadm save

Saving IPVS table to /etc/sysconfig/ipvsadm:               [  OK  ]

[root@director1 ha.d]# service ipvsadm stop

[root@director1 ha.d]# service ipvsadm status

IP Virtual Server version  1.2.1  (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

--规则是群集启动的,不能自动启动

Director2

[root@director2 ha.d]# ifconfig eth1 192.168.10.2

 [root@director2 ~]# vim /etc/sysconfig/network

HOSTNAME=director2.test.com

[root@director2 ~]# vim /etc/hosts

192.168.2.11      director2.test.com

192.168.2.10      director1.test.com

[root@director2 ~]# ping director1.test.com

PING  director1.test.com (192.168.2.10) 56(84) bytes of data.

64 bytes from director1.test.com (192.168.2.10): icmp_seq=1 ttl=64 time=23.8 ms

 

[root@director2 ~]# mount /dev/cdrom /mnt/cdrom/

[root@director2 ~]# cp server.repo /etc/yum.repos.d/server.repo

[root@director2 ~]# yum list all

[root@director2 ~]# yum localinstall heartbeat- 2.1.4 -9.el5.i386.rpm heartbeat-pils-2.1.4-10.el5.i386.rpm heartbeat-stonith-2.1.4-10.el5.i386.rpm libnet-1.1.4-3.el5.i386.rpm perl-MailTools-1.77-1.el5.noarch.rpm --nogpgcheck -y

 

 

[root@director2 ~]# yum install ipvsadm –y

 

[root@director1 ~]# cd /etc/ha.d/

[root@director1 ha.d]# scp ha.cf 192.168.2.11:/etc/ha.d/

[root@director1 ha.d]# scp authkeys 192.168.2.11:/etc/ha.d/

[root@director1 ha.d]# scp haresources 192.168.2.11:/etc/ha.d/

 [root@director2 ha.d]# ifconfig eth1 192.168.10.2

 

[root@director2 ~]# cd /etc/ha.d/

[root@director2 ha.d]# cp /etc/init.d/ipvsadm resource.d/

[root@director1 ha.d]# scp /etc/sysconfig/ipvsadm 192.168.2.11:/etc/sysconfig/

资源代理

[root@director2 ha.d]# vim haresources

45 director1.test.com 192.168.2.100 ipvsadm

--只写主节点

 

[root@director2 ha.d]# service ipvsadm stop

[root@director2 ha.d]# chkconfig ipvsadm off

[root@director2 ha.d]# chmod 600 authkeys

 

[root@director2 ha.d]# service heartbeat start

logd is already running

Starting High-Availability services:

2011/10/13 _16:01:18 INFO:  Resource is stopped

                                                           [  OK  ]

--主机名要与ha.cf的node名称一致，否则启动不了。

[root@director1 ha.d]# hostname director1.test.com

[root@director1 ha.d]# service heartbeat restart

Server1

[root@localhost ~]# mount /dev/cdrom /mnt/cdrom/

[root@localhost ~]# cd /mnt/cdrom/Server/

[root@localhost Server]# rpm -ivh httpd- 2.2.3 -22.el5.i386.rpm

[root@localhost Server]# vim /var/www/html/index.html

[root@localhost Server]# sysctl -a |grep announce |head -1>>/etc/sysctl.conf

[root@localhost Server]# sysctl -a |grep ignore |head -1>>/etc/sysctl.conf

[root@localhost Server]# vim /etc/sysctl.conf

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.lo.arp_announce = 2

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.all.arp_ignore = 1

[root@localhost Server]# ifconfig lo:0 192.168.2.100 netmask 255.255.255.255

[root@localhost Server]# route add -host 192.168.2.100 dev lo:0

[root@localhost Server]# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

192.168.2.100    0.0.0 .0         255.255.255.255 UH    0      0        0 lo

192.168.2.0      0.0.0 .0         255.255.255.0   U     0      0        0 eth0

[root@localhost Server]# service httpd restart

[root@localhost Server]# scp /etc/sysctl.conf 192.168.2.30:/etc/sysctl.conf

Server2

[root@localhost ~]# vim /etc/sysctl.conf

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.lo.arp_announce = 2

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.all.arp_ignore = 1

[root@localhost ~]# ifconfig lo:0 192.168.2.100 netmask 255.255.255.255

[root@localhost ~]# route add -host 192.168.2.100 dev lo:0

[root@localhost ~]# route -n

[root@localhost ~]# mkdir /mnt/cdrom

[root@localhost ~]# mount /dev/cdrom /mnt/cdrom

[root@localhost ~]# cd /mnt/cdrom/Server/

[root@localhost Server]# rpm -ivh httpd- 2.2.3 -22.el5.i386.rpm

[root@localhost Server]# vim /var/www/html/index.html

server2~         

[root@localhost Server]# service httpd start

      

‍

53-2

模拟自己是备份

‍

53-3

故障恢复

 

‍

53-4