httpd 服務的兩個節點的HA

實驗目的是：實現兩個節點的http和nfs服務的HA集羣。

實現條件：準備兩個節點。node1,node2做爲HA1,HA2提供集羣服務。在node1和node2分別按照httpd服務、掛載nfs服務的客戶端，另外在要求有一個節點提供

nfs服務。

對node1和node2節點要求。

（1）node1:192.168.176.6    node2:192.168.176.7

修改node1的主機名稱：node1.magedu.com，

爲了防止服務器重啓後，名稱失效，能夠在配置文件裏對其修改。vim /etc/sysconfig/network

[root@node1 ~]# hostname node1.magedu.com
[root@node1 ~]# vim /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=node1.magedu.com

保證uname  -n 顯示的結果以下：

[root@node1 ~]# uname -n
node1.magedu.com

用一樣的方法，修改node2的主機名稱：

[root@node2 ~]# hostname node2.magedu.com
[root@node2 ~]# vim /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=node2.magedu.com
：wq
[root@node2 ~]# uname -n
node2.magedu.com

（2）修改node1,node2主機的/etc/hosts文件。（這裏不是用DNS對節點的IP進行解析，由於DNS是運行過程也能夠宕機）

因此選在/etc/hosts添加對應的主機名及對應的IP

node1:

[root@node1 ~]# vim /etc/hosts    添加兩行
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.176.6 node1 node1.magedu.com
192.168.176.7 node2 node2.magedu.com

：wq

 

node2和node1配置同樣

[root@node1 ~]# vim /etc/hosts    添加兩行
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.176.6 node1 node1.magedu.com
192.168.176.7 node2 node2.magedu.com

：wq

 

（3）配置node1和node2 互信通訊。通訊過程能夠不用使用密碼。（使用ssh-keyen工具。）

[root@node1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):    回車
Enter passphrase (empty for no passphrase): 回車
Enter same passphrase again:回車
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
77:7d:09:dc:9c:d5:dd:41:d3:66:3e:0b:e9:98:dc:32 root@node1.magedu.com
The key's randomart image is:
+--[ RSA 2048]----+
|              .+B|
|            . o @|
|             o.B |
|             +..o|
|        S o * o.+|
|         . E o o |
|            o    |
|                 |
|                 |
+-----------------+

#j將生成的公鑰拷貝至遠程主機node2上
[root@node1 ~]# ssh-copy-id -i .ssh/id_rsa.pub root@192.168.176.7
The authenticity of host '192.168.176.7 (192.168.176.7)' can't be established.
RSA key fingerprint is da:6d:09:5a:86:fa:17:6b:e4:1d:2d:57:1e:cc:32:1b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.176.7' (RSA) to the list of known hosts.
root@192.168.176.7's password:
Now try logging into the machine, with "ssh 'root@192.168.176.7'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

#y驗證下能夠不須要密碼登陸至node2(192.168.176.7)
[root@node1 heartbeat]# ssh node2
The authenticity of host 'node2 (192.168.176.7)' can't be established.
RSA key fingerprint is da:6d:09:5a:86:fa:17:6b:e4:1d:2d:57:1e:cc:32:1b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'node2' (RSA) to the list of known hosts.
Last login: Fri Apr 22 10:29:40 2016 from node1

對於節點node2
能夠用一樣的方式 ssh-keygen -t rsa,而後將生成的公鑰拷貝至node1上，這裏再也不贅述

 

（4）在node1和nodenode2分別安裝管理集羣的軟件heartbeat組件和在node1和nodenode2上分別安裝httpd服務

（4.1）

node1:

[root@node1 heartbeat]# yum install -y heartbeat
Downloading Packages:
(1/2): heartbeat-3.0.4-2.el6.i686.rpm                                                                          | 161 kB     00:00
(2/2): heartbeat-libs-3.0.4-2.el6.i686.rpm                                                                     | 260 kB     00:00
--------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                 200 kB/s | 421 kB     00:02
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : heartbeat-libs-3.0.4-2.el6.i686                                                                                    1/2
  Installing : heartbeat-3.0.4-2.el6.i686                                                                                         2/2
  Verifying  : heartbeat-3.0.4-2.el6.i686                                                                                         1/2
  Verifying  : heartbeat-libs-3.0.4-2.el6.i686                                                                                    2/2

Installed:
  heartbeat.i686 0:3.0.4-2.el6

Dependency Installed:
  heartbeat-libs.i686 0:3.0.4-2.el6

[root@node1 .ssh]# yum install -y httpd

[root@node1 ha.d]# echo "<h1>node1.magedu.com</h1>" >/var/www/html/index.html

node2:

[root@node2 .ssh]# yum install -y heartbeat

能夠用命令rpm –ql heartbeat 安裝後有的路徑有哪些。

[root@node2 .ssh]# yum install -y httpd

[root@node2 ha.d]# echo "<h1>node2.magedu.com</h1>" >/var/www/html/index.html

node1:

[root@node1 heartbeat]# cd /usr/share/doc/heartbeat-3.0.4
[root@node1 heartbeat-3.0.4]# ls
apphbd.cf  authkeys  AUTHORS  ChangeLog  COPYING  COPYING.LGPL  ha.cf  haresources  README
[root@node1 heartbeat-3.0.4]# cp authkeys ha.cf  haresources  /etc/ha.d/
cp：是否覆蓋"/etc/ha.d/authkeys"？ y
cp：是否覆蓋"/etc/ha.d/ha.cf"？ y
cp：是否覆蓋"/etc/ha.d/haresources"？ y

由於以前安裝過heartbeat，因此會出現「是否覆蓋」的提示

（5）開始配置/etc/ha.d目錄下三個文件authkeys、 ha.cf  、haresources

authkeys：是通訊過程的加密配置文件。vim /etc/ha.d/authkeys

文件的原內容是以下

#auth 1
#1 crc
#2 sha1 HI!
#3 md5 Hello!

三種加密算法，推薦使用第三種，而後將Hell！的位置修改成隨機的字符串。

auth 3
#1 crc
#2 sha1 HI!
3 md5 Helloasfsdfsd!

wq

文件authkeys的權限是：600

再修改ha.cf的配置文件vim /etc/ha.d/ha.cf，須要添加三個地方。

（5.1）設定廣播的心跳信息的接口

#       What interfaces to broadcast heartbeats over?   #哪一個接口去廣播心跳
#
bcast   eth1            # Linux                             #選擇eth1是由於HA1主機作實驗的時候只有一塊網卡eth1
#bcast  eth0            # Linux

（5.2）設定仲裁的ping節點

#       Less common options...
#
#       Treats 10.10.10.254 as a psuedo-cluster-member
#       Used together with ipfail below...
#       note: don't use a cluster node as ping node
#
ping 192.168.176.1
#ping 10.10.10.254

（5.3）設定集羣的全部節點 注意這裏node 對於必定使用uname –n 命令顯示結果一致。

#       Tell what machines are in the cluster
#       node    nodename ...    -- must match uname -n
node    node1.magedu.com
node    node2.magedu.com
#node   ken3
#node   kathy

保存退出完成。

配置資源管理文件vim /etc/ha.d/haresources

#       One service address, with the subnet, interface and bcast addr
#       explicitly defined.
#
#just.linux-ha.org      135.9.216.3/28/eth0/135.9.216.12 httpd
node1.magedu.com        192.168.176.10/24/eth1:0 httpd

這裏指定主節點是node1.magedu.com  虛擬IP是192.168.176.10 配置在主節點的eth1網卡上，其中135.9.216.12是廣播地址，而下面的廣播地址不作指定。

注意：有的時候配置後配置文件的樣例能夠直接192.168.176.10/24/eth1，可是不知道爲何，有時候必需要取別名192.168.176.10/24/eth1:0.這樣以後才能正常啓動heartbeat服務，虛擬ip才正常出現。（因此通常先按照測試樣例寫，若是不行再取別名）

(5.4)將node1節點的三個配置文件遠程拷貝至node2的/etc/ha.d/目錄下。

[root@node1 ha.d]# scp authkeys ha.cf haresources node2:/etc/ha.d/
authkeys                                                                         100%  651     0.6KB/s   00:00
ha.cf                                                                            100%   10KB  10.3KB/s   00:00
haresources                                                                      100% 5951     5.8KB/s   00:00

（6）authkeys 、ha.cf 、haresource 這三配置文件修改完成以後。

先啓動主機node1上heartbeat服務，在啓動從節點上heartbeat服務。

而後清除node1和node2上iptables –F 規則，確保httpd系統自啓動是關閉的狀態。chkconfig httpd off

node1：service heartbeat start

ifconfig 

ps –ef |heartbeat

ps –ef |grep httpd

能夠用tail –f  /var/log/message 監控啓動heartbeat服務的日誌信息

 

在啓動node2：service heartbeart start

（7）實驗測試：

node1: service heartbeat stop   #中止node1的heartbeart服務，這裏查看node2的httpd服務是否啓動，已經ifconfig查看虛擬vip地址。

node1: service heartbeat start # 重啓動node1的heartbeat服務，查看node1的heartbeat服務時候從新接管http資源

node1: 斷掉node1的網卡eth1鏈接，是的ping節點192.168.176.1沒法ping通主節點node1，這裏在查看node2時候接管httpd資源

[root@node1 ~]# service heartbeat start
Starting High-Availability services: INFO:  Resource is stopped
Done.

[root@node1 ~]# ifconfig
eth1      Link encap:Ethernet  HWaddr 00:0C:29:DC:B6:9F
          inet addr:192.168.176.6  Bcast:192.168.176.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fedc:b69f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:115672 errors:0 dropped:0 overruns:0 frame:0
          TX packets:99379 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:48714317 (46.4 MiB)  TX bytes:17954573 (17.1 MiB)
          Interrupt:19 Base address:0x2000

eth1:0    Link encap:Ethernet  HWaddr 00:0C:29:DC:B6:9F
          inet addr:192.168.176.10  Bcast:192.168.176.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:19 Base address:0x2000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1405 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1405 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:226530 (221.2 KiB)  TX bytes:226530 (221.2 KiB)

 

（8）測試掛載nfs服務的HA

再啓動node2上heartbeat服務

ssh node2  ’service heartbeart start’

[root@node1 ~]# ssh node2 'service heartbeat start'
Starting High-Availability services: 2016/04/22_14:21:30 INFO:  Resource is stopped
Done.

 

 

安裝主機192.168.176.128上安裝nfs服務，能夠提供192.168.176.6 和192.168.176.7,也就是node1和node2掛載。

而後,更改haresouces配置文件：

#node1  10.0.0.170 Filesystem::/dev/sda1::/data1::ext2
node1 192.168.176.10/24/eth1:0 Filesystem::192.168.176.128:/usr/local/apache/htdocs/::/var/www/html::nfs httpd

#其中httpd服務按照順序是放在文件系統後續的服務。服務於服務之間空格，服務參數用：：隔開

從新拷貝修改文件至node2上：

[root@node1 ~]# scp /etc/ha.d/haresources node2:/etc/h
ha.d/        hal/         host.conf    hosts        hosts.allow  hosts.deny   httpd/
[root@node1 ~]# scp /etc/ha.d/haresources node2:/etc/ha.d/
haresources                                                                                         100% 6073     5.9KB/s   00:00

從新啓node1和node2的heartbeat服務。

node2:service heartbeat stop

node1:service heartbeat stop

node1:service heartbeat start

node2:service heartbeat start

 

檢驗:

ifconfig  #查看vip

df –h  #查看nfs時候掛載

ps –ef |grep httpd #httpd 服務是否啓動

eth1:0    Link encap:Ethernet  HWaddr 00:0C:29:DC:B6:9F
          inet addr:192.168.176.10  Bcast:192.168.176.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:19 Base address:0x2000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1405 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1405 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:226530 (221.2 KiB)  TX bytes:226530 (221.2 KiB)

[root@node1 ~]# ps -ef |grep httpd
root     11594     1  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11596 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11597 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11598 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11599 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11600 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11601 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11602 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
apache   11603 11594  0 16:36 ?        00:00:00 /usr/sbin/httpd
root     11607 10299  1 16:36 pts/3    00:00:00 grep --color httpd
[root@node1 ~]# ps -ef |grep httpd^C
[root@node1 ~]# df
Filesystem                                1K-blocks    Used Available Use% Mounted on
/dev/sda2                                  18375548 4174508  13267616  24% /
tmpfs                                        515224       0    515224   0% /dev/shm
/dev/sda1                                    198337   26446    161651  15% /boot
192.168.176.128:/usr/local/apache/htdocs/  18375552 4085632  13356416  24% /var/www/html
[root@node1 ~]#