corosync+pacemaker双机同步

环境  :两台服务器版本:centos7(64)

IP分配:192.168.1.204(主 web1) 192.168.1.205(备份 web2) 192.168.1.206(VIP)

需要的rpm包安装:http://download.opensuse.org/repositories/network:/ha-clustering:/Stable/CentOS_CentOS-7/x86_64/


关闭防火墙:

vi /etc/selinux/config

SELINUX=disable


关闭selinux:
systemctl stop firewalld

systemctl disable firewalld


web1服务器环境配置:

yum install "python*" corosync* pacemaker*  rsync -y

rpm -ivh crmsh-2.1.4-1.1.x86_64.rpm


配置时间同步:

yum install ntpdate ntp -y

rm -fr /etc/localtime

ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

vi /etc/ntp.conf (server cn.pool.ntp.org)添加中国时间

        # Please consider joining the pool (http://www.pool.ntp.org/join.html).
        server cn.pool.ntp.org

ntpdate -d cn.pool.ntp.org 检查差异时间

ntpdate cn.pool.ntp.org  同步时间

vi /etc/sysconfig/ntpd:SYNC_HWCLOCK=yes 添加硬件时钟

chkconfig --levels 235 ntpd on

systemctl restart  ntpd

设置本地解析:
192.168.1.204 web1
192.168.1.205 web2

ssh设置互信:

ssh-keygen -t rsa

将生成id_rsa.pub互传对方/root/.ssh/更名为:authorized_keys

修改corosync.conf:

[root@web1 tools]# cat /etc/corosync/corosync.conf
compatibility: whitetank  
  totem {  
  version:                             2  
  token:                               3000  
  token_retransmits_before_loss_const: 10  
  join:                                60  
  consensus:                           3600  
  vsftype:                             none  
  max_messages:                        20  
  clear_node_high_bit:                 yes  
  rrp_mode:                            none  
  secauth:                             on  
  threads:                             2  
  interface {  
    ringnumber:  0  
    bindnetaddr: 192.168.1.0
    mcastaddr:   239.32.12.5  
    mcastport:   5405  
  }  
}  
 
logging {  
  fileline:        off  
  to_stderr:       yes  
  to_logfile:      yes  
  to_syslog:       no  
  logfile: /var/log/cluster/corosync.log  
  syslog_facility: daemon  
  debug:           off  
  timestamp:       on  
  logger_subsys {  
    subsys: AMF  
    debug:  off  
    tags:   enter|leave|trace1|trace2|trace3|trace4|trace6  
  }  
}  
 
 
amf {  
  mode: disabled  
}  
 
aisexec {  
  user:  root  
  group: root  
}  
       quorum {  
           provider: corosync_votequorum  
           expected_votes: 2  
           two_node: 1  
       }

   mv /dev/{random,random.bak}

   ln -s /dev/urandom /dev/random

   corosync-keygen

   scp -p authkey corosync.conf [email protected]:/etc/corosync 将web1文件传送至web2

启动corosync:

  ssh web2 "systemctl start corosync "

  systemctl start corosync

  启动pacemaker
   systemctl start pacemaker


出现 错误:
    Last updated: Mon May  4 14:43:13 2015
    Last change: Mon May  4 14:26:45 2015
    Current DC: NONE
    0 Nodes configured
    0 Resources configured    增加在corosync文件底部即可:     

            quorum {  
           provider: corosync_votequorum  
           expected_votes: 2  
           two_node: 1  
       }

crm操作:

crm(live)configure# property stonith-enabled=false
crm(live)configure# property no-quorum-policy=ignore
crm(live)configure# primitive vip ocf:heartbeat:IPaddr params ip=192.168.1.206
crm(live)configure# commit


2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:69:ab:ad brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.204/24 brd 192.168.1.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 192.168.1.206/24 brd 192.168.1.255 scope global secondary eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe69:abad/64 scope link

可以看到VIP已经添加上去,即可使用VIP访问,实验关闭服务自动切换


wKioL1Vm4BmhnYGJAAHCm74OOUI653.jpg

如果出现脑裂,vip无法跳转,重启双机corosync/pacemaker服务


关于pacemaker服务资源调度:

强行停止服务kill掉服务,不会自动重启;因为,节点没有故障,所有资源不会转移,默认情况下,pacemaker不会对任何资源进行监控,所以,即便是资源关掉了,只要节点没有故障,资源依然不会转移;要想达到资源转移的目的,得定义监控(monitoer);http://www.it165.net/admin/html/201405/3066.html

   

你可能感兴趣的:(python,防火墙,服务器)