这是19年10月份工作需要,部署的一套MHA整体过程。
MHA+keepalived双主模式环境部署
(一)准备工作
1.环境配置列表
mha01:10.121.10.111 mha02:10.121.10.112 VIP:10.121.10.254
2.设备免密处理
(1)各个服务器执行:
ssh-keygen -t rsa
(2)各服务器的rsa传到第一台上
scp ~/.ssh/id_rsa.pub 10.121.10.111:~/.ssh/pub-6 scp ~/.ssh/id_rsa.pub 10.121.10.111:~/.ssh/pub-5 scp ~/.ssh/id_rsa.pub 10.121.10.111:~/.ssh/pub-4 scp ~/.ssh/id_rsa.pub 10.121.10.111:~/.ssh/pub-3 scp ~/.ssh/id_rsa.pub 10.121.10.111:~/.ssh/pub-2
(3)将所有主机的id_rsa.pub统一追加到authorized_keys中,做一次整合
cat ~/.ssh/id_rsa.pub >> authorized_keys cat ~/.ssh/pub-6 >> authorized_keys cat ~/.ssh/pub-5 >> authorized_keys cat ~/.ssh/pub-4 >> authorized_keys cat ~/.ssh/pub-3 >> authorized_keys cat ~/.ssh/pub-2 >> authorized_keys
(4)将整合完的autuorized_keys分发到各个服务器上
scp ~/.ssh/authorized_keys 10.121.10.112:~/.ssh/authorized_keys scp ~/.ssh/authorized_keys 10.121.10.101:~/.ssh/authorized_keys scp ~/.ssh/authorized_keys 10.121.10.102:~/.ssh/authorized_keys scp ~/.ssh/authorized_keys 10.121.10.103:~/.ssh/authorized_keys scp ~/.ssh/authorized_keys 10.121.10.109:~/.ssh/authorized_keys
(5)验证服务器互信是否正常
3.设置NTP时间同步,server服务器设置:
restrict 127.0.0.1 restrict -6 ::1 resttrict 127.127.1.0 # Hosts on local network are less restricted. restrict 10.121.10.0 mask 255.255.255.0 nomodify notrap # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.rhel.pool.ntp.org iburst #server 1.rhel.pool.ntp.org iburst #server 2.rhel.pool.ntp.org iburst #server 3.rhel.pool.ntp.org iburst server 127.127.1.0 fudge 127.127.1.0 stratum 10
client服务器设置
restrict 127.0.0.1 restrict -6 ::1 # Hosts on local network are less restricted. restrict 10.121.10.0 mask 255.255.255.0 nomodify notrap # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.rhel.pool.ntp.org iburst #server 1.rhel.pool.ntp.org iburst #server 2.rhel.pool.ntp.org iburst #server 3.rhel.pool.ntp.org iburst server 10.121.10.111 prefer #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client
4.设置/etc/hosts
5.关闭selinux
vi /etc/sysconfig/selinux SELINUX=disabled
(二)MYSQL二进制安装部署
准备工作:
操作系统:Red Hat Enterprise Linux Server release 6.8 (Santiago)
MYSQL版本:mysql-5.7.24-linux-glibc2.12-x86_64.tar.gz
1.检查本机系统是否安装过mysql
rpm -qa|grep mysql
如果存在卸载关于mysql的所有安装
rpm -ev {包名} find / -name mysql
查询所有关于mysql类文件
rm -rf mysql
2.解压mysql文件并存放到/usr/local/mysql目录下
tar -xzvf /mysql-5.7.24-linux-glibc2.12-x86_64.tar.gz -C /usr/local mv /opt/soft/mysql-5.7.24-linux-glibc2.12-x86_64 /usr/local/mysql mkdir /usr/local/mysql/data/ chown -R mysql:mysql /usr/local/mysql
3.检查系统中是否存在原mysql用户及组
cat /etc/group | grep mysql cat /etc/passwd |grep mysql
存在则删除掉
userdel -r mysql
4.创建mysql用户和组
groupadd mysql useradd -r -g mysql mysql
5.创建并编辑my.cnf
touch /etc/my.cnf
vi /etc/my.cnf
[mysqld] datadir=/usr/local/mysql/data basedir=/usr/local/mysql socket=/tmp/mysql.sock user=mysql port=3306 server_id=2 log-bin=mysql-bin binlog_format=mixed relay-log=relay-bin relay-log-index=slave-relay-bin.index auto-increment-increment=2 auto-increment-offset=1 character-set-server=utf8 lower_case_table_names=1 #取消密码验证 #skip-grant-tables symbolic-links=0 [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/tmp/mysqld/mysqld.pid
创建文件及目录
touch /tmp/mysql.sock mkdir /tmp/mysqld touch /tmp/mysqld/mysqld.pid chown -R mysql:mysql /tmp/mysql.sock /tmp/mysqld/ chmod 755 /tmp/mysql.sock /tmp/mysqld/
6.初始化mysql数据库
cd /usr/local/mysql/bin/ ./mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data ./mysqld_safe --user=mysql & ./mysql -uroot -p alter user 'root'@'localhost' identified by 'R00t@tdxs'; flush privileges; grant all privileges on *.* to 'root'@'%' identified by 'R00t@tdxs'; flush privileges;
7.设置开机启动并添加服务列表
cp /usr/local/mysql/support-files/mysql.server /etc/rc.d/init.d/mysqld chmod +x /etc/rc.d/init.d/mysqld chkconfig --list mysqld chkconfig --add mysqld chkconfig --list mysqld ln -s /usr/local/mysql/bin/mysql /usr/bin
#修改用户密码
alter user 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'B!n2O3c$123'; alter user 'root'@'%' IDENTIFIED WITH mysql_native_password BY 'B!n2O3c$123';
#创建用户并设置密码
CREATE USER 'root'@'10.167.129.57' IDENTIFIED WITH mysql_native_password BY 'B!n2O3c$123'; CREATE USER 'root'@'10.167.129.59' IDENTIFIED WITH mysql_native_password BY 'B!n2O3c$123';
8.设置mysql的slave节点的归档日志
本机设置本机IP
grant replication slave on *.* to 'root'@'10.121.10.111' identified by 'R00t@tdxs'; grant replication slave on *.* to 'root'@'10.121.10.112' identified by 'R00t@tdxs';
flush logs; show master status;
本机设置对端IP
change master to master_host='10.121.10.111',master_user='root',master_password='R00t@tdxs',master_log_file='mysql-bin.000010',master_log_pos=154; change master to master_host='10.121.10.112',master_user='root',master_password='R00t@tdxs',master_log_file='mysql-bin.000004',master_log_pos=154; flush privileges;
检查Mysql同步状态
show slave status\G stop slave; reset slave; start slave; show variables like 'server_id';
两个库不同步期间可以进行以下操作:
停报错库的slave
stop slave;
进行日志同步下移
set GLOBAL SQL_SLAVE_SKIP_COUNTER=1;
启动报错库的slave
start slave;
查看同步状态
show slave status\G
(三)安装部署keepalived
1.解压Keepalived压缩包
tar -zxvf keepalived-1.3.5.tar.gz -C /usr/local/
2.创建安装目录
mkdir /usr/local/keepalived
3.切换到keepalived解压缩的目录(/usr/local/keepalived-1.3.5)
cd /usr/local/keepalived-1.3.5
4.安装keepalived
./configure --prefix=/usr/local/keepalived
检查缺少libnfnetlink
下载libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm并进行安装
重新编译
./configure --prefix=/usr/local/keepalived make && make install
完成安装
5.创建目录并加入开机自启
mkdir /etc/keepalived/ cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ cp /usr/local/keepalived-1.3.5/keepalived/etc/init.d/keepalived /etc/init.d/ cp /usr/local/keepalived-1.3.5/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ chmod 755 /etc/init.d/keepalived chkconfig --add keepalived chkconfig --level 345 keepalived on
6.配置keepalived.conf
双主模式的配置文件如下:
server1
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id mysql-1 vrrp_skip_check_adv_addr vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script checkmysql { script "/etc/keepalived/checkmysql.sh" interval 1 weight -20 } vrrp_instance VI_1 { state backup interface bond0 virtual_router_id 79 priority 180 advert_int 1 nopreempt track_script { checkmysql } authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.121.10.254 } } virtual_server 10.121.10.254 3306 { delay_loop 6 #lb_algo rr #lb_kind NAT persistence_timeout 50 protocol TCP real_server 10.121.10.111 3306 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
server2
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id mysql-2 vrrp_skip_check_adv_addr vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script checkmysql { script "/etc/keepalived/checkmysql.sh" interval 1 weight -20 } vrrp_instance VI_1 { state backup interface bond0 virtual_router_id 79 priority 90 advert_int 1 nopreempt track_script { checkmysql } authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.121.10.254 } } virtual_server 10.121.10.254 3306 { delay_loop 6 #lb_algo rr #lb_kind NAT persistence_timeout 50 protocol TCP real_server 10.121.10.112 3306 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
/etc/keepalived/checkmysql.sh监控脚本如下:
#!/bin/sh #isok=$(sed -n '2p' /etc/keepalived/result.txt) isok=$(/usr/local/mysql/bin/mysql -uroot -pR00t@tdxs -e 'select 1' |sed -n '2p') function error_query(){ service keepalived stop echo "192.168.192.101 mysql down, keepalived 切换" } echo "$isok" if [ "$isok" != "1" ] then echo 'diaoyong error' error_query fi
(四)注意事项
1.一般产生"keepalived 已死,但是 subsys 被锁"类问题,基本上是配置文件keepalived.conf问题,如果需要修改配置文件keepalived.conf
要先停止service keepalived stop,然后进行修改,修改后启动服务service keepalived start并且重新加载service keepalived reload即可避免产生锁死问题。
2.如果设置完VIP后无法ping通,检查keepalived.conf文件中是否存在vrrp_strict参数,如果存在需要注释掉,一般情况即可ping通
3.如果两台主机的keepalived启动都正常,但是就是无法产生vip,需要检查virtual_router_id 参数是否设置的是一样的,如果为同一个集群,那么virtual_router_id值要必须一致,否则virtual_router_id值不能一致,virtual_router_id的取值围在0-255即可。
查看cat /var/log/messages报错信息一般为:
Jan 22 18:27:27 mha01 Keepalived_vrrp[8390]: (VI_1): ip address associated with VRID 51 not present in MASTER advert : 10.121.10.254 Jan 22 18:27:27 mha01 Keepalived_vrrp[8390]: bogus VRRP packet received on bond0 !!!
4.检查keepalived启动问题可查看messages日志
继续阅读
评论