Linux中集群知识之DRBD的介绍和案例配置说明
前提:
1)本配置共有两个测试节点,分别node1.yangyaru.com和node2.yangyaru.com,相应的IP地址分别为172.16.20.2和172.16.20.4;
2)主机名和别名解析使用/etc/hosts解析。
2)node1和node2两个节点上各提供了一个大小相同的分区作为drbd设备;我们这里为在两个节点上均为/dev/sda11,大小为1G;
3)系统为rhel5.8,i386平台;
一、两个节点的主机名称和对应的IP地址解析服务可以正常工作,且每个节点的主机名称需要跟"uname -n“命令的结果保持一致
[root@node1 ~]#hostname node1.yangyaru.com [root@node1 ~]#vim /etc/sysconfig/network
[root@node2 ~]#hostname node2.yangyaru.com [root@node2 ~]#vim /etc/sysconfig/network
[root@node1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
[root@node2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
[root@node1 ~]# vim /etc/hosts
[root@node2 ~]# vim /etc/hosts
对刚才的配置做下测试:
[root@node1 ~]# ping -c 3 node1 #测试下自己的别名是否可以ping通 PING node1.yangyaru.com (172.16.20.2) 56(84) bytes of data. 64 bytes from node1.yangyaru.com (172.16.20.2): icmp_seq=1 ttl=64 time=0.064 ms 64 bytes from node1.yangyaru.com (172.16.20.2): icmp_seq=2 ttl=64 time=0.072 ms 64 bytes from node1.yangyaru.com (172.16.20.2): icmp_seq=3 ttl=64 time=0.071 ms --- node1.yangyaru.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2000ms rtt min/avg/max/mdev = 0.064/0.069/0.072/0.003 ms
#测试对方主机的节点名称
[root@node1 ~]# ping -c 3 node2 #测试对方主机的节点名称 PING node2.yangyaru.com (172.16.20.4) 56(84) bytes of data. 64 bytes from node2.yangyaru.com (172.16.20.4): icmp_seq=1 ttl=64 time=5.40 ms 64 bytes from node2.yangyaru.com (172.16.20.4): icmp_seq=2 ttl=64 time=0.419 ms 64 bytes from node2.yangyaru.com (172.16.20.4): icmp_seq=3 ttl=64 time=0.466 ms
二、建立基于ssh通话密钥(要使用Xshell软件连接主机),两个节点都要创建密钥发送到对方的主机上。
Node1节点上创建密钥文件。
[root@node1~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' Generating public/private rsa key pair. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: d9:2a:e4:eb:6e:be:a8:45:18:7e:c2:4f:16:65:a3:c8 [email protected]
将基于密钥通话的公钥传递给node2节点,第一次需要输入node2的登录密钥。
[root@node1 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] 21 The authenticity of host '172.16.20.4 (172.16.20.4)' can't be established. RSA key fingerprint is 73:55:d9:58:ff:85:6a:9d:12:a5:2f:12:b4:43:29:6c. Are you sure you want to continue connecting (yes/no)? y Please type 'yes' or 'no': yes Warning: Permanently added '172.16.20.4' (RSA) to the list of known hosts. [email protected]'s password: Now try logging into the machine, with "ssh '[email protected]'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
Node2节点上创建密钥文件。
[root@node2~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' Generating public/private rsa key pair. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: d9:2a:e4:eb:6e:be:a8:45:18:7e:c2:4f:16:65:a3:c8 [email protected]
将基于密钥通话的公钥传递给node1节点,第一次需要输入node1的登录密钥。
[root@node2 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] 21 The authenticity of host '172.16.20.2 (172.16.20.2)' can't be established. RSA key fingerprint is 73:55:d9:58:ff:85:6a:9d:12:a5:2f:12:b4:43:29:6c. Are you sure you want to continue connecting (yes/no)? y Please type 'yes' or 'no': yes Warning: Permanently added '172.16.20.2' (RSA) to the list of known hosts. [email protected]'s password: Now try logging into the machine, with "ssh '[email protected]'", and check in: .ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
三、互相连接到对方的主机上面测试下
#node1测试下是否可以基于密钥访问node2的信息
[root@node1 ~]# ssh 172.16.20.4 'ifconfig' eth0 Link encap:Ethernet HWaddr 00:0C:29:EB:62:53 inet addr:172.16.20.4 Bcast:172.16.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:feeb:6253/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:8114 errors:0 dropped:0 overruns:0 frame:0 TX packets:1978 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4879892 (4.6 MiB) TX bytes:159102 (155.3 KiB) Interrupt:67 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:74 errors:0 dropped:0 overruns:0 frame:0 TX packets:74 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:7523 (7.3 KiB) TX bytes:7523 (7.3 KiB)
#node2测试下是否可以基于密钥访问node2的信息
[root@node2 ~]# ssh 172.16.20.2 'ifconfig' eth0 Link encap:Ethernet HWaddr 00:0C:29:8C:0B:04 inet addr:172.16.20.2 Bcast:172.16.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:fe8c:b04/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:215692 errors:0 dropped:0 overruns:0 frame:0 TX packets:23150 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:87806162 (83.7 MiB) TX bytes:1795586 (1.7 MiB) Interrupt:67 Base address:0x2000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:52 errors:0 dropped:0 overruns:0 frame:0 TX packets:52 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:13159 (12.8 KiB) TX bytes:13159 (12.8 KiB)
四、集群配置时间一定要同步负责集群可能出现各种不知的问题,这里我们自己指定一个时间同步服务器。
[root@node1 ~]# service ntpd stop #如果系统启动了ntpd服务器就先停止时间同步服务器哈 Shutting down ntpd: [ OK ] [root@node1 ~]# chkconfig ntpd off #让它开机自动启动也关闭 [root@node1 ~]# chkconfig --list ntpd #检查是够开始自动启动关闭 ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@node1 ~]# ntpdate 172.16.0.1 #让两个节点的时间都以172.16.0.1的地址一样。 11 May 15:12:45 ntpdate[29501]: adjust time server 172.16.0.1 offset 0.000326 sec [root@node1 ~]# which ntpdate 查看同步时间的命令ntpdate的绝对路径是在哪里 /sbin/ntpdate [root@node1 ~]# crontab -e #制定一个任务计算每个5分钟就同步下时间,添加如下一行。 */5 * * * * sbin/ntpdate 172.16.0.1 &> /dev/null [root@node1 ~]# scp /var/spool/cron/root node2:/var/spool/cron #将时间同步复制到另外一个节点上 root 100% 49 0.1KB/s 00:00 [root@node2 ~]# service ntpd stop #停止时间同步服务器 Shutting down ntpd: [ OK ] [root@node2 ~]# chkconfig ntpd off #让它开机自动启动也关闭 [root@node2 ~]# chkconfig --list ntpd ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@node2 ~]# ntpdate 172.16.0.1 #让两个节点的时间都以172.16.0.1的地址一样。 11 May 15:22:02 ntpdate[29527]: adjust time server 172.16.0.1 offset 0.006779 sec
五、DRBD的安装说明和步骤:
drbd共有两部分组成:内核模块和用户空间的管理工具。其中drbd内核模块代码已经整合进Linux内核2.6.33以后的版本中,因此,如果您的内核版本高于此版本的话,你只需要安装管理工具即可;否则,您需要同时安装内核模块和管理工具两个软件包,并且此两者的版本号一定要保持对应。(本实现是在内核版本为2.6.18-308.)
1、实现下载好我们需要的drbd软件rpm包。这里我已经下载好了放在弄得节点的/root/目录中。 
使用ssh会话复制一份到node2节点上。
[root@node1 ~]# scp *.rpm node2:/root/ #因为我这个目录下只要两个rpm包所以可以使用正则表达式复制它们。 drbd83-8.3.8-1.el5.centos.i386.rpm 100% 217KB 216.7KB/s 00:00 kmod-drbd83-8.3.8-1.el5.centos.i686.rpm 100% 123KB 123.0KB/s 00:00
到node2上看看是否复制过去。 
2、使用本地yun源安装我们的rpm软件包,
[root@node1 ~]# yum -y --nogpgcheck localintsall *.rpm [root@node2 ~]# yum -y --nogpgcheck localintsall *.rpm
查看下是否已经安装成功。
Node1:
node2
六、DRBD的配置文件说明和配置案例步骤:
drbd的主配置文件为/etc/drbd.conf;为了管理的便捷性,目前通常会将些配置文件分成多个部分,且都保存至/etc/drbd.d目录中,主配置文件中仅使用"include"指令将这些配置文件片断整合起来。通常,/etc/drbd.d目录中的配置文件为global_common.conf和所有以.res结尾的文件。其中global_common.conf中主要定义global段和common段,而每一个.res的文件用于定义一个资源。
在配置文件中,global段仅能出现一次,且如果所有的配置信息都保存至同一个配置文件中而不分开为多个文件的话,global段必须位于配置文件的最开始处。目前global段中可以定义的参数仅有minor-count, dialog-refresh, disable-ip-verification和usage-count。
common段则用于定义被每一个资源默认继承的参数,可以在资源定义中使用的参数都可以在common段中定义。实际应用中,common段并非必须,但建议将多个资源共享的参数定义为common段中的参数以降低配置文件的复杂度。
resource段则用于定义drbd资源,每个资源通常定义在一个单独的位于/etc/drbd.d目录中的以.res结尾的文件中。资源在定义时必须为其命名,名字可以由非空白的ASCII字符组成。每一个资源段的定义中至少要包含两个host子段,以定义此资源关联至的节点,其它参数均可以从common段或drbd的默认中进行继承而无须定义。
下面的配置信息都在node1节点上操作,之后将我们的配置信息复制到node2节点上就可以啦!
1、复制样例配置文件为即将使用的配置文件:
[root@node1 ~]# cp /usr/share/doc/drbd83-8.3.8/drbd.conf /etc
2、配置/etc/drbd.d/global-common.conf
[root@node1 ~]#vim /etc/drbd.d/global-common.conf
global {
usage-count yes;
# minor-count dialog-refresh disable-ip-verification
}
common {
protocol C;
handlers {
pri-on-incon-degr "/usr/lib/drbd/notify-pri-on-incon-degr.sh; /usr/lib/drbd/notify-emergency-reboot.sh; echo b > /proc/sysrq-trigger ; reboot -f";
pri-lost-after-sb "/usr/lib/drbd/notify-pri-lost-after-sb.sh; /usr/lib/drbd/notify-emergency-reboot.sh; echo b > /proc/sysrq-trigger ; reboot -f";
local-io-error "/usr/lib/drbd/notify-io-error.sh; /usr/lib/drbd/notify-emergency-shutdown.sh; echo o > /proc/sysrq-trigger ; halt -f";
# fence-peer "/usr/lib/drbd/crm-fence-peer.sh";
# split-brain "/usr/lib/drbd/notify-split-brain.sh root";
# out-of-sync "/usr/lib/drbd/notify-out-of-sync.sh root";
# before-resync-target "/usr/lib/drbd/snapshot-resync-target-lvm.sh -p 15 -- -c 16k";
# after-resync-target /usr/lib/drbd/unsnapshot-resync-target-lvm.sh;
}
startup {
# wfc-timeout degr-wfc-timeout outdated-wfc-timeout wait-after-sb
}
disk {
on-io-error detach;
# on-io-error fencing use-bmbv no-disk-barrier no-disk-flushes
# no-disk-drain no-md-flushes max-bio-bvecs
}
net {
cram-hmac-alg "sha1";
shared-secret "dsfasjgfasjgl";
# sndbuf-size rcvbuf-size timeout connect-int ping-int ping-timeout max-buffers
# max-epoch-size ko-count allow-two-primaries cram-hmac-alg shared-secret
# after-sb-0pri after-sb-1pri after-sb-2pri data-integrity-alg no-tcp-cork
}
syncer {
rate 200M;
# rate after al-extents use-rle cpu-mask verify-alg csums-alg
}
3、定义一个资源/etc/drbd.d/web.res,内容如下:
[root@node1 ~]#vim /etc/drbd.d/web.res 
4、将配置信息复制到node2一份。
[root@node1 ~]# scp -r /etc/drbd.* node2:/etc/ drbd.conf 100% 133 0.1KB/s 00:00 web.res 100% 294 0.3KB/s 00:00 global_common.conf 100% 1510 1.5KB/s 00:00
5、初始化资源,在Node1和Node2上分别执行:
node1:
[root@node1 ~]# drbdadm create-md web You want me to create a v08 style flexible-size internal meta data block. There appears to be a v08 flexible-size internal meta data block already in place on /dev/sda11 at byte offset 1011671040 Do you really want to overwrite the existing v08 meta-data? [need to type 'yes' to confirm] yes Writing meta data... initializing activity log NOT initialized bitmap New drbd meta data block successfully created. Success
Node2:
[root@node2 ~]# drbdadm create-md web Writing meta data... initializing activity log NOT initialized bitmap New drbd meta data block successfully created. Success
到此简单的DRBD的配置案例就已经完成了下面我们可以看一看配置的信息和资源节点是什么架构。
6、查看启动状态:
[root@node1 ~]cat /proc/drbd version: 8.3.8 (api:88/proto:86-94) GIT-hash: d78846e52224fd00562f7c225bcc25b2d422321d build by [email protected], 2010-06-04 08:04:16 0: cs:Connected ro:Secondary/Secondary ds:Inconsistent/Inconsistent C r---- ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:505964
从上面的信息中可以看出此时两个节点均处于Secondary状态。接下来需要将其中一个节点设置为Primary,在要设置为Primary的节点上执行如下命令:
[root@node1 ~] drbdsetup /dev/drbd0 primary �Co
查看状态,可以发现数据同步过程已经开始:
[root@node1 ~]# drbd-overview 0:web SyncSource Primary/Secondary UpToDate/Inconsistent C r---- [>...................] sync'ed: 6.7% (926232/987896)K delay_probe: 5
过一会再过来查看下,就会发现数据已经同步完成并且主节点运行在node1上。
[root@node1 ~]# drbd-overview 0:web Connected Primary/Secondary UpToDate/UpToDate C r----
从node2上面看secondary是在前面的说明自己是备节点对方是主节点。
[root@node2 ~]# drbd-overview 0:web Connected Secondary/Primary UpToDate/UpToDate C r----
7、创建文件系统,文件系统的挂载只能在Primary节点进行,因此,也只有在设置了主节点后才能对drbd设备进行格式化:
[root@node1 ~]# mke2fs -j -L DRBD /dev/drbd0 mke2fs 1.39 (29-May-2006) Filesystem label=DRBD OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) 123648 inodes, 246974 blocks 12348 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=255852544 8 block groups 32768 blocks per group, 32768 fragments per group 15456 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376 Writing inode tables: done Creating journal (4096 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 28 mounts or 180 days, whichever comes first. Use tune2fs -c or -i to override.
8、创建挂载目录mount文件系统。
[root@node1 ~]# mkdir /mnt/drbd [root@node1 ~]# mount /dev/drbd0 /mnt/drbd/
到此我们DRBD配置已经完成,如果在生产环境中我们的节点设备出现问题了,可以手动切换到备节点上去。
七、切换Primary和Secondary节点
对主Primary/Secondary模型的drbd服务来讲,在某个时刻只能有一个节点为Primary,因此,要切换两个节点的角色,只能在先将原有的Primary节点设置为Secondary后,才能原来的Secondary节点设置为Primary:
做法步骤如下:
Node1:
[root@node1 ~]# cp -r /etc/drbd.* /mnt/drbd [root@node1 ~]# umount /mnt/drbd [root@node1 ~]# drbdadm secondary web
查看状态:
[root@node1 ~]# drbd-overview 0:web Connected Secondary/Secondary UpToDate/UpToDate C r----
Node2:
[root@node2 ~]# drbd-overview 0:web Connected Secondary/Secondary UpToDate/UpToDate C r---- [root@node2 ~]# drbdadm primary web [root@node2 ~]# drbd-overview 0:web Connected Primary/Secondary UpToDate/UpToDate C r---- [root@node2 ~]# mkdir /mnt/drbd [root@node2 ~]# mount /dev/drbd0 /mnt/drbd/