四、配置 corosync 提供数据库服务的高可用;
1、提供HA高可用集群的节点通信的密钥;
节点间的心跳信息和集群事务信息要加密传输的,不允许主机随便加入HA高可用集群的。
使用corosync提供的命令【corosync-keygen】生成该HA高可用集群的认证密钥。持有该解密的节点才属于该HA高可用集群的成员。
在node1节点生成密钥,生成的密钥是默认保存在/etc/corosync目录中的
生成密钥
[root@node1 corosync]# corosync-keygen为corosync提供配置文件
2、提供配置文件
[root@node1 corosync]# cp corosync.conf.example corosync.conf配置文件设置如下:
[root@haproxy ~]# cat /etc/corosync/corosync.conf # Please read the corosync.conf.5 manual page compatibility: whitetank totem { version: 2 secauth: on threads: 0 interface { ringnumber: 1 ----> 指定多播使用的网卡 bindnetaddr: 192.168.0.0 mcastaddr: 226.94.10.10 ----> 组播地址 mcastport: 5405 ttl: 1 } } logging { -----> 日志信息的配置 fileline: off to_stderr: no to_logfile: yes to_syslog: no logfile: /var/log/cluster/corosync.log debug: off ------> 关闭调试日志 timestamp: on logger_subsys { subsys: AMF debug: off } } service { ---------> pacemaker以做了corosync的一个模块工作 ver: 0 name: pacemaker } amf { mode: disabled }复制配置文件和密钥文件到node2节点,保证HA高可用节点的配置是一样的。
[root@node1 corosync]# scp -p corosync.conf authkey node2:/etc/corosync/ corosync.conf 100% 497 0.5KB/s 00:00 authkey 100% 128 0.1KB/s 00:003、启动node1节的 corosync 服务
(1)、在node1节点启动corosync服务
[root@node1 corosync]# service corosync start Starting Corosync Cluster Engine (corosync): [ OK ](2)、检测在该节点启动的corosync是否正常
由于HA高可用集群的核心层是:
Message Layer 心跳信息和集群事务信息层 Cluster Resource Manager 资源管理层corosync 自己实现 Message Layer 层的功能,使用 pacemaker 做为HA的资源管理器(corosync 2.0 版本以前,是做为corosync的一个模块工作的),
从而提供一个完成的HA高可用解决方案。为了保证 corosync 能够正常工作,通过日志查看HA的核心层的工作状况。
(A)、查看 Message Layer 层的运行状况
查看corosync引擎是否正常启动
[root@node1 ~]# grep -e "Corysync Cluster Engine" -e "configuration file" /var/log/cluster/corosync.log Sep 13 17:02:56 corosync [MAIN ] Successfully read main configuration file '/etc/corosync/corosync.conf'.查看初始化成员节点通知是否正常发出:
[root@node1 ~]# grep TOTEM /var/log/cluster/corosync.log Sep 13 17:02:56 corosync [TOTEM ] Initializing transport (UDP/IP Multicast). Sep 13 17:02:56 corosync [TOTEM ] Initializing transmit/receive security: libtomcrypt SOBER128/SHA1HMAC (mode 0). Sep 13 17:02:56 corosync [TOTEM ] The network interface [192.168.60.22] is now up. Sep 13 17:02:57 corosync [TOTEM ] Process pause detected for 594 ms, flushing membership messages. Sep 13 17:02:57 corosync [TOTEM ] A processor joined or left the membership and a new membership was formed. Sep 13 17:04:29 corosync [TOTEM ] A processor joined or left the membership and a new membership was formed.(B)、查看 Manager Resource Manager 资源管理层的工作状况
查看资源管理器pacemaker是否正常启动:
[root@node1 ~]# grep "pcmk_startup" /var/log/cluster/corosync.log Sep 13 17:02:56 corosync [pcmk ] info: pcmk_startup: CRM: Initialized Sep 13 17:02:56 corosync [pcmk ] Logging: Initialized pcmk_startup Sep 13 17:02:56 corosync [pcmk ] info: pcmk_startup: Maximum core file size is: 18446744073709551615 Sep 13 17:02:56 corosync [pcmk ] info: pcmk_startup: Service: 9 Sep 13 17:02:56 corosync [pcmk ] info: pcmk_startup: Local hostname: node1.linuxidc.com(C)、检查启动过程中是否有错误产生
[root@node1 ~]# grep ERROR: /var/log/cluster/corosync.log Sep 13 17:02:56 corosync [pcmk ] ERROR: process_ais_conf: You have configured a cluster using the Pacemaker plugin for Corosync. The plugin is not supported in this environment and will be removed very soon. Sep 13 17:02:56 corosync [pcmk ] ERROR: process_ais_conf: Please see Chapter 8 of 'Clusters from Scratch' () for details on using Pacemaker with CMAN说明:
在 corosync 2.0版本,packmaker是作为 corosync 的插件运行的。
上述的错误信息表示packmaker不久之后将不再作为corosync的插件运行,因此,建议使用cman作为集群基础架构服务;此处可安全忽略。
从查看corosync的日志可以得知,node2节点的corosync已经运行正常。
4、启动node2节的 corosync 服务
node1 节点的 corosync 运行正常了,就可以启动 node2 节点的 corosyn 服务器。
(1)、通过远程方式启动corosync服务
[root@node1 corosync]# ssh node2 "service corosync start" Starting Corosync Cluster Engine (corosync): [ OK ](2)、同样,也像查看 node1 节点那样,查看 node2 节点的 corosync 的运行状况:
(A)、查看 Message Layer 的运行状况
查看corosync引擎是否正常启动
[root@node2 ~]# grep "Corosync Cluster Engine" -e "configuration file" /var/log/cluster/corosync.log /var/log/cluster/corosync.log:Sep 13 17:14:22 corosync [MAIN ] Successfully read main configuration file '/etc/corosync/corosync.conf'.查看初始化成员节点通知是否正常发出
[root@node2 ~]# grep "TOTEM" /var/log/cluster/corosync.log Sep 13 17:14:22 corosync [TOTEM ] Initializing transport (UDP/IP Multicast). Sep 13 17:14:22 corosync [TOTEM ] Initializing transmit/receive security: libtomcrypt SOBER128/SHA1HMAC (mode 0). Sep 13 17:14:22 corosync [TOTEM ] The network interface [192.168.60.128] is now up. Sep 13 17:14:23 corosync [TOTEM ] A processor joined or left the membership and a new membership was formed.(B)、查看 Cluser Resource Manager 层的工作状况
查看资源管理器pacemaker是否正常启动
[root@node2 ~]# grep "pcmk_startup" /var/log/cluster/corosync.log Sep 13 17:14:22 corosync [pcmk ] info: pcmk_startup: CRM: Initialized Sep 13 17:14:22 corosync [pcmk ] Logging: Initialized pcmk_startup Sep 13 17:14:22 corosync [pcmk ] info: pcmk_startup: Maximum core file size is: 18446744073709551615 Sep 13 17:14:22 corosync [pcmk ] info: pcmk_startup: Service: 9 Sep 13 17:14:22 corosync [pcmk ] info: pcmk_startup: Local hostname: node2.linuxidc.com(C)、查看 corosync 启动过程中是否有错误信息。
[root@node2 ~]# grep ERROR: /var/log/cluster/corosync.log ep 13 17:14:22 corosync [pcmk ] ERROR: process_ais_conf: You have configured a cluster using the Pacemaker plugin for Corosync. The plugin is not supported in this environment and will be removed very soon. Sep 13 17:14:22 corosync [pcmk ] ERROR: process_ais_conf: Please see Chapter 8 of 'Clusters from Scratch' () for details on using Pacemaker with CMAN说明:
上述的错误信息可以忽略。
从上述的日志分析,corosync 服务已经运行正常。
到此为止,两个节点的 corosync 服务都运行OK!!!