LVS-HA

heartbeat 监听在udp的694的端口

 

LRM:本地资源管理器

CRM:资源管理器

RA:资源代理(脚本)

heartbeat legacy : heartbeat 传统类型的资源代理，通常位于/etc/ha.d/haresources.d/目录下；

   

LSB:/etc/rc.d/init.d/*{start|stop|status|restart} 目录下的脚本；

          

 

 

具体实现：

[root@stu21 ~]# lftp 172.16.0.1

lftp 172.16.0.1:~> cd pub/Sources/6.x86_64

lftp 172.16.0.1:/pub/Sources/6.x86_64> mirror heartbeat2/

Total: 1 directory, 7 files, 0 symlinks

New: 7 files, 0 symlinks

5829264 bytes transferred

lftp 172.16.0.1:/pub/Sources/6.x86_64>

 

lftp 172.16.0.1:/pub/Sources/6.x86_64> bye

[root@stu21 ~]# ls

anaconda-ks.cfg heartbeat2 install.log lamp_source nginx-1.4.7.tar.gz nginx-1.6.2.tar.gz

dir.sh ifcfg-eth6 install.log.syslog nginx nginx-1.6.2

[root@stu21 ~]# cd heartbeat2/

[root@stu21 heartbeat2]#

[root@stu21 heartbeat2]# ls

heartbeat-2.1.4-12.el6.x86_64.rpm heartbeat-ldirectord-2.1.4-12.el6.x86_64.rpm

heartbeat-debuginfo-2.1.4-12.el6.x86_64.rpm heartbeat-pils-2.1.4-12.el6.x86_64.rpm

heartbeat-devel-2.1.4-12.el6.x86_64.rpm heartbeat-stonith-2.1.4-12.el6.x86_64.rpm

heartbeat-gui-2.1.4-12.el6.x86_64.rpm

 

安装方法：

            1、# yum install net-snmp-libs libnet PyXML perl-Time-Date

            2、# rpm -ivh heartbeat-2.1.4-12.el6.x86_64.rpm heartbeat-stonith-2.1.4-12.el6.x86_64.rpm heartbeat-pils-2.1.4-12.el6.x86_64.rpm

 

 

同步时间

（两个节点）

节点一(172.16.21.6)

[root@stu21 heartbeat2]# ntpdate 172.16.0.1

31 Dec 20:59:25 ntpdate[6950]: adjust time server 172.16.0.1 offset 0.379319 sec

[root@stu21 heartbeat2]#

 

最好几分钟同步一下

[root@stu21 heartbeat2]# crontab -e

no crontab for root - using an empty one

 

*/3 * * * * /usr/sbin/ntpdate 172.16.0.1 &> /dev/null

 

~

~

 

 

节点二：(172.16.21.10)

 

[root@stu21 heartbeat2]# ntpdate 172.16.0.1

31 Dec 21:00:50 ntpdate[4737]: adjust time server 172.16.0.1 offset 0.380532 sec

[root@stu21 heartbeat2]#

最好每个几分钟同步一下

 

[root@stu21 heartbeat2]# crontab -e

no crontab for root - using an empty one

 

*/3 * * * * /usr/sbin/ntpdate 172.16.0.1 &> /dev/null

 

~

~

在节点一上生成密钥，使得两节点间检测心跳信息无须密码

[root@stu21 .ssh]# ssh-keygen -P ''

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

75:cc:d5:7e:f8:ae:d6:c7:7b:36:45:f6:22:a8:06:dc root@node1.stu21.com

The key's randomart image is:

+--[ RSA 2048]----+

| .. |

| o . .|

| . + o |

| . . . =|

| . .S . +o|

| o E . . . +|

| . . . =.|

| o ..B|

| . ..+=|

+-----------------+

[root@stu21 .ssh]#

在 节点1 的 /etc/hosts 下增加 " uname -n " 所显示两个节点的内容

172.16.21.6 node1.stu21.com node1(别名)

172.16.21.10 node2.stu21.com node2(别名)

 

[root@stu21 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node2

 

The authenticity of host 'node2 (172.16.21.10)' can't be established.

RSA key fingerprint is 6a:5a:71:de:61:ca:29:01:c2:7d:8d:6f:06:27:2b:b2.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'node2' (RSA) to the list of known hosts.

root@node2's password:

Now try logging into the machine, with "ssh 'root@node2'", and check in:

 

.ssh/authorized_keys

 

to make sure we haven't added extra keys that you weren't expecting.

 

[root@stu21 ~]# cd .ssh/

[root@stu21 .ssh]# ls

authorized_keys id_rsa id_rsa.pub known_hosts

 

[root@stu21 .ssh]# ssh node2 'date';date

Wed Dec 31 21:38:29 CST 2014

Wed Dec 31 21:38:29 CST 2014

[root@stu21 .ssh]#

 

 

[root@stu21 ~]# scp /etc/hosts node2:/etc/hosts

hosts 100% 358 0.4KB/s 00:00

[root@stu21 ~]#

 

 

在节点2 的终端上生成密钥一份给 节点2的机子上

 

[root@stu21 ~]# ssh-keygen -t rsa -P ''

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

fe:fe:67:a7:c2:da:23:a9:91:28:05:4b:06:ea:87:84 root@node2.stu21.com

The key's randomart image is:

+--[ RSA 2048]----+

| . |

|.. . |

|E. + |

|o .o o |

| o .. . S |

| . . o . |

| . . + o |

| . oo.+ o .|

| .o++o=.o |

+-----------------+

[root@stu21 ~]#

 

 

[root@stu21 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@node1

 

The authenticity of host 'node1 (172.16.21.6)' can't be established.

RSA key fingerprint is 6a:5a:71:de:61:ca:29:01:c2:7d:8d:6f:06:27:2b:b2.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'node1,172.16.21.6' (RSA) to the list of known hosts.

root@node1's password:

Permission denied, please try again.

root@node1's password:

Now try logging into the machine, with "ssh 'root@node1'", and check in:

 

.ssh/authorized_keys

 

to make sure we haven't added extra keys that you weren't expecting.

 

验证下是否能检测对方时间

[root@stu21 ~]# ssh node1 'date' ; date

Wed Dec 31 21:50:55 CST 2014

Wed Dec 31 21:50:55 CST 2014

[root@stu21 ~]#

 

前期准备已将完成，接下来就是配置la

分别在两个节点机子上检查

[root@stu21 ~]# rpm -ql heartbeat

 

 

 

 

[root@stu21 ~]# cd /usr/share/doc/heartbeat-2.1.4/

[root@stu21 heartbeat-2.1.4]# ls

apphbd.cf COPYING.LGPL GettingStarted.txt hb_report.html README startstop

authkeys DirectoryMap.txt ha.cf hb_report.txt Requirements.html

AUTHORS faqntips.html HardwareGuide.html heartbeat_api.html Requirements.txt

ChangeLog faqntips.txt HardwareGuide.txt heartbeat_api.txt rsync.html

COPYING GettingStarted.html haresources logd.cf rsync.txt

[root@stu21 heartbeat-2.1.4]# cp -p authkeys haresources ha.cf /etc/ha.d/

[root@stu21 heartbeat-2.1.4]#

 

[root@stu21 heartbeat-2.1.4]# cd /etc/ha.d/

[root@stu21 ha.d]#

[root@stu21 ha.d]# ll

total 48

-rw-r--r-- 1 root root 645 Sep 10 2013 authkeys

-rw-r--r-- 1 root root 10539 Sep 10 2013 ha.cf

-rwxr-xr-x 1 root root 745 Sep 10 2013 harc

-rw-r--r-- 1 root root 5905 Sep 10 2013 haresources

drwxr-xr-x 2 root root 4096 Dec 31 20:43 rc.d

-rw-r--r-- 1 root root 692 Sep 10 2013 README.config

drwxr-xr-x 2 root root 4096 Dec 31 20:43 resource.d

-rw-r--r-- 1 root root 7864 Sep 10 2013 shellfuncs

[root@stu21 ha.d]#

 

改下加深颜色的文件权限必须为 600或是400

[root@stu21 ha.d]# chmod 600 authkeys

[root@stu21 ha.d]# ll

total 48

-rw------- 1 root root 645 Sep 10 2013 authkeys

-rw-r--r-- 1 root root 10539 Sep 10 2013 ha.cf

-rwxr-xr-x 1 root root 745 Sep 10 2013 harc

-rw-r--r-- 1 root root 5905 Sep 10 2013 haresources

drwxr-xr-x 2 root root 4096 Dec 31 20:43 rc.d

-rw-r--r-- 1 root root 692 Sep 10 2013 README.config

drwxr-xr-x 2 root root 4096 Dec 31 20:43 resource.d

-rw-r--r-- 1 root root 7864 Sep 10 2013 shellfuncs

[root@stu21 ha.d]#

 

                配置文件：

            ha.cf： heartbeat的主配置文件；

            authkeys：集群信息加密算法及密钥；

            haresources: heartbeat v1的CRM配置接口；

---------------------------------------------------------------------------------------------------------------------------------

        

[root@stu21 ha.d]# vim ha.cf    

logfile /var/log/ha-log(开启)

#

#

# Facility to use for syslog()/logger

#

#logfacility local0（关闭）//如果要开启，则需要在 /etc/rsyslog.conf 增加一条 local0.* /var/log/heartbeat.log

.

.

    mcast eth0 227.203.101.1 694 1 0（开启多播地址，集群，得在默认下修改）

 

#node ken3

#node kathy

node node1.stu21.com (节点1 uname -n)

node node2.stu21.com（节点2 ）

 

 

        #ping 10.10.10.254

ping 172.16.0.1

 

 

compression bz2

#

# Confiugre compression threshold

# This value determines the threshold to compress a message,

# e.g. if the threshold is 1, then any message with size greater than 1 KB

# will be compressed, the default is 2 (KB)

compression_threshold 2

 

---------------------------------------------------------------------------------------------------------------------------------

[root@node1 ~]# openssl rand -hex 6

89b3938df5e8

[root@node1 ~]#

[root@stu21 ha.d]# ls

authkeys ha.cf harc haresources rc.d README.config resource.d shellfuncs

[root@stu21 ha.d]# vim authkeys

 

#auth 1

#1 crc

#2 sha1 HI!

#3 md5 Hello!

auth 2

2 sha1 89b3938df5e8

 

[root@stu21 ha.d]# vim haresources

#node1 10.0.0.170 Filesystem::/dev/sda1::/data1::ext2

#

# Regarding the node-names in this file:

#

# They must match the names of the nodes listed in ha.cf, which in turn

# must match the `uname -n` of some node in the cluster. So they aren't

#virtual in any sense of the word.

node1.stu21.com 172.16.21.35/16/eth0/172.16.255.255 httpd（只加这一句）

 

 

接下来同样复制一份给节点 node2

 

[root@stu21 ha.d]# scp -p authkeys haresources ha.cf node2:/etc/ha.d/

authkeys 100% 672 0.7KB/s 00:00

haresources 100% 5968 5.8KB/s 00:00

ha.cf 100% 10KB 10.4KB/s 00:00

[root@stu21 ha.d]#

 

 

下面来测试两节点的web服务器是否正常

测试节点1（172.16.21.6）

    [root@stu21 ha.d]# service nginx start

Starting nginx: [ OK ]

[root@stu21 ha.d]# curl 172.16.21.6

<h1>www.stu21.com /nginx </h1>

[root@stu21 ha.d]# service nginx stop

Stopping nginx: [ OK ]

[root@stu21 ha.d]# chkconfig nginx off

[root@stu21 ha.d]# chkconfig --list nginx

nginx     0:off    1:off    2:off    3:off    4:off    5:off    6:off

[root@stu21 ha.d]#

 

测试节点2（172.16.21.10）

    [root@stu21 ~]#

[root@stu21 ~]# curl 172.16.21.10

<h1>node2.stu21.com /nginx </h1>

[root@stu21 ~]# service nginx stop

Stopping nginx: [ OK ]

[root@stu21 ~]# chkconfig nginx off

[root@stu21 ~]# chkconfig --list nginx

nginx     0:off    1:off    2:off    3:off    4:off    5:off    6:off

[root@stu21 ~]#

 

 

 

[root@stu21 ~]# service heartbeat start;ssh node2 'service heartbeat start'