如何实现Asterisk 高可靠性解决方案
对于asterisk用户最为头疼的事情就是Asterisk的就是如何解决asterisk系统的 HA 高可靠性解决方案。一个asterisk服务器down 掉,如何实现另外一个备份的服务器及时启动,同时不影响用户的使用。通常有两种实现方式:通过DNS SRV 实现,者kamailio/OpenSER均衡负载模块处理。今天给大家介绍如何通过Asterisk加心跳的模式实现高可靠性的解决方案。几个关键点需要注意:
- Asterisk的IP处理
- Asterisk 数据库的处理(MYSQL)
- AsterDB 和语音邮箱的文件管理同步
第一章:配置IP地址冗余
1) 在IP是192.168.0.147添加主机名:
vi /etc/sysconfig/network
HOSTNAME=PBX-147
2)在IP192.168.0.148上添加主机名:
vi /etc/sysconfig/network
HOSTNAME=PBX-148
3) 在两台机器的系统配置文件“hosts”添加以下2行:
vi /etc/hosts
192.168.0.147 PBX-147
192.168.0.148 PBX-148
4) 重新启动两台服务器,关闭selinux
5) 在两台机器安装 hearbeat 软件包:yum install heartbeat
注意,启动asterisk或者停止asterisk以及同步DB,通过
PBX-147 192.168.0.149/24 asterisk sync_astdb
6)编辑 authkeys 文件, vi /etc/ha.d/authkeys,两台机器都添加
--------------------------------------------
auth 1
1 sha1 HIlalalala!
--------------------------------------------
7)在两台机器上,修改 authkeys 文件权限: chmod 600 /etc/ha.d/authkeys
8)两台机器启动 hearbeat 服务: /etc/init.d/heartbeat start
9) 通过命令 ifconfig, 检查虚拟 192.168.0.149 IP 是否可以通信。
10) 修改启动顺序,确认网卡启动以后,hearbeat 启动:编辑 vi /etc/rc.local 文件,添加 一行:
--------------------------------------------------------------
service network restart // 启动网卡
sleep 6 // 休眠
/etc/init.d/heartbeat start // 启动心跳
---------------------------------------------------------------
删除默认启动顺序: chkconfig heartbeat --level 345 off
测试 主机关机或者心跳停止,/etc/init.d/heartbeat stop
检查 虚拟 虚拟IP是否可以ping 通,待机的服务器 192.168.0.148 是否启动
通过以下命令测试:
/usr/lib/heartbeat/hb_takeover
/usr/lib/heartbeat/hb_standby
第二章: 配置MYSQL 数据库冗
配置my.cnf 文件-MySQL replication
编辑 /etc/my.cnf on PBX-192.168.0.147
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
# add for replication from here
server-id=2
master-host = 192.168.0.148 // 待机数据库IP
master-user = replication
master-password = slave
master-port = 3306
#
log-bin
binlog-do-db=asteriskrealtime
#
[mysql.server]
user=mysql
basedir=/var/lib
################################################################
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
配置 192.168.0.148 文件:/etc/my.cnf:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
# add for replication from here
log-bin
binlog-do-db=asteriskrealtime
binlog-ignore-db=mysql
binlog-ignore-db=test
server-id=1
master-host = 192.168.0.147 // 主机数据库IP
master-user = replication
master-password = slave
master-port = 3306
[mysql.server]
user=mysql
basedir=/var/lib
#######################################################################
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
第三章:配置 MySQL访问权限
访问 IPPBX(192.168.0.147)服务器,登录 mysql
修改执行权限:
GRANT ALL PRIVILEGES ON *.* TO 'replication'@'localhost' IDENTIFIED BY 'slave' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON `asteriskrealtime`.* TO 'replication'@'localhost';
GRANT ALL PRIVILEGES ON *.* TO 'replication'@'192.168.0.148' IDENTIFIED BY 'slave' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON `asteriskrealtime`.* TO 'replication'@'192.168.0.148';
commit;
访问IPPBX(192.168.0.148),登录MYSQL, 执行以下命令
GRANT ALL PRIVILEGES ON *.* TO 'replication'@'localhost' IDENTIFIED BY 'slave' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON `asteriskrealtime`.* TO 'replication'@'localhost';
GRANT ALL PRIVILEGES ON *.* TO 'replication'@'192.168.0.147' IDENTIFIED BY 'slave' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON `asteriskrealtime`.* TO 'replication'@'192.168.0.147';
commit;
第四章:启动 MySQL 冗余备份
在两台机器分别执行以下命令:
mysql -u replication -p
start replication
start slave;
在一台机器上执行:
load data from master;
检查状态:
show master status;
show slave status;
启动或者停止replication: reset slave;
测试 mysql Replication 复制:
修改192.168.0.147 地址数据库数据,保存。
查看192.168.0.148 地址数据库,检查数据是否修改生效。
第五章:设置无密码, ssh互相通信
为了确保两台服务器之间可以互相拷贝文件,需要设置无密码的ssh帐号。
生成密匙:
[root@PBX-147 ~]# '''cd /root'''
[root@PBX-147 ~]# '''ssh-keygen -t rsa'''
Generating public/private rsa key pair.
进入到目录 (/root/.ssh/id_rsa):
建立文件目录 '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
a5:0c:38:d6:73:51:3b:ca:2c:98:e2:2a:f6:82:88:00 root@PBX-147
通过SSH 连接 192.168.0.148 服务器,建立一个新目录,然后添加 192.168.0.148 密码
[root@PBX-147 ~]# '''ssh root@PBX-148 mkdir -p .ssh'''
The authenticity of host 'pbx-148 (192.168.0.148)' can't be established.
RSA key fingerprint is e0:ed:63:7c:df:0f:8d:03:f0:a5:25:8b:5f:1b:8c:01.
Are you sure you want to continue connecting (yes/no)? '''yes'''
Warning: Permanently added 'pbx-148,192.168.0.148' (RSA) to the list of known hosts.
root@pbx-148's password:
[root@PBX-147 ~]# '''cat .ssh/id_rsa.pub | ssh root@PBX-148 'cat >> .ssh/authorized_keys''''
root@pbx-148's password:
检查 192.168.0.148 主机名:
[ root@PBX-147 ~]# '''ssh root@PBX-148 hostname'''
PBX-148
通过192.168.0.148 主机访问 192.168.0.147 主机
[root@PBX-148 ~]# '''cd /root'''
[root@PBX-148 ~]# '''ssh-keygen -t rsa'''
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
e0:a1:27:17:c6:5d:69:60:73:73:b9:bd:80:ed:0f:df root@PBX-148
访问 192.168.0.147 ,建立目录
[root@PBX-148 ~]# '''ssh root@PBX-147 mkdir -p .ssh'''
The authenticity of host 'pbx-147 (192.168.0.147)' can't be established.
RSA key fingerprint is e0:ed:63:7c:df:0f:8d:03:f0:a5:25:8b:5f:1b:8c:01.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'pbx-147,192.168.0.147' (RSA) to the list of known hosts.
root@pbx-147's password:
[root@PBX-148 ~]# '''cat .ssh/id_rsa.pub | ssh root@PBX-147 'cat >> .ssh/authorized_keys''''
root@pbx-147's password:
[root@PBX-148 ~]# ''' ssh root@PBX-147 hostname'''
PBX-147
为了同步 astdb 文件,必须拷贝 主机的文件到待机的机器上,这样如果一方停止工作,
备用机器可以及时启动。同样, voicemail 文件也需要备份。
第六章: 建立同步文件服务
在机器 192.168.0.147 上编辑:
vi /opt/sync_astdb
添加以下代码:
#!/bin/sh
while true
do
rsync -r /var/lib/asterisk/astdb root@PBX-148:/var/lib/asterisk/astdb
# logger Rsync myscript
sleep 30
done
在 192.168.0.147 上做同步
----------------------------------------------------------------------------------------
vi /opt/sync_astdb
#!/bin/sh
while true
do
rsync -r /var/lib/asterisk/astdb root@PBX-147:/var/lib/asterisk/astdb
# logger Rsync myscript
sleep 30
done
在两台服务器设置 sync_astdb 为系统服务
vi /etc/init.d/sync_astdb
#!/bin/sh
#
# chkconfig: 2345 75 05
# description: Startup script AstDb replication
# processname: sync_astdb
# pidfile: /var/run/sync_astdb.pid
# config: /opt/sync_astdb
# Source function library.
. /etc/init.d/functions
SLAPD_HOST=`hostname -a`
SLAPD_DIR=/opt/
PIDFILE=$SLAPD_DIR/logs/pid
STARTPIDFILE=$SLAPD_DIR/logs/startpid
if [ -f /etc/sysconfig/sync_astdb ]; then
. /etc/sysconfig/sync_astdb
fi
start() {
echo -n "Starting AstDB replication: "
if [ -f $STARTPIDFILE ]; then
PID=`cat $STARTPIDFILE`
echo AstSB replication is already running: $PID
exit 2;
elif [ -f $PIDFILE ]; then
PID=`cat $PIDFILE`
echo AstDB replication is already running: $PID
exit 2;
else
cd $SLAPD_DIR
daemon ./sync_astdb $OPTIONS &
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sync_astdb
return $RETVAL
fi
}
stop() {
echo -n "Shutting down AstDb replication: "
echo
killproc sync_astdb
echo
rm -f /var/lock/subsys/sync_astdb
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status sync_astdb
;;
restart)
stop
start
;;
*)
echo "Usage: {start|stop|status|restart}"
exit 1
;;
esac
exit $?
------------------------------------------------------------------------------
添加 sync_astdb 服务,从启动程序删除:
chkconfig --add sync_astdb
chkconfig sync_astdb --level 345 off
两台机器修改服务权限:
chmod 755 /etc/init.d/sync_astdb
chmod 755 /opt/sync_astdb
检查机器的状态:
/etc/init.d/sync_astdb start
/etc/init.d/sync_astdb stop
第七章:测试asterisk冗余
到目前为止,我们有主机和备份服务器两个asterisk。主机有一个工作状态的heartbeat 心跳(虚拟IP),MYSQL和AstDB都支持了同步和备份。如果主机停止工作,虚拟IP地址自动切换到备份主机,同时启动asterisk,MYSQL和astDB等备份服务。
以下是经过测试的步骤:
1)通过 Ping 命令检查 两台机器和虚拟IP是否可以正常通 信(192.168.0.147,192.168.0.148,192.168.0.149)
2)重新启动两台服务器:
2.1) 当启动以后,192.168.0.147 服务器将激活并且工作。
2.2)检查虚拟IP地址 192.168.0.149 是否可以正常通信。
2.3)检查MYSQL复制是否可以正常工作,修改 192.168.0.147 数据库数据,
然后检查 192.168.0.148 数据,是否修改意见成功复制
2.4)检查在192.168.0.147(不是192.168.0.148的同步)的 服务 sync_astdb是否正常工作.
3)启动 192.168.0.147 asterisk服务器
3.1)检查虚拟IP地址是否正在工作,检查 192.168.0.148 服务器
3.2)检查 192.168.0.148 上的服务以及启动 sync_astdb 了:
PBX-147 192.168.0.149/24 asterisk sync_astdb
原地址:http://www.hiastar.com/index.php/2013-09-17-02-24-21/2012-09-16-03-25-50/22-wendang/92-asterisk-ha