使用pcs shell配置corosync & pacemaker羣集
Pacemaker
Pacemaker,即Cluster Resource Manager(CRM),管理整個HA,客戶端通過pacemaker管理監控整個集羣。
CRM支持ocf和lsb兩種資源類型:
ocf格式的啓動腳本在/usr/lib/ocf/resource.d/下面。
lsb的腳本一般在/etc/rc.d/init.d/下面。
1、常用的集羣管理工具:
(1)基於命令行
crm shell/pcs
(2)基於圖形化
pygui/hawk/lcmc/pcs
2、相關的資源文件:
(1)/usr/lib/ocf/resource.d,pacemaker資源庫文件位置,可安裝資源包:resource-agents 獲取更多ocf格式的資源。
(2)/usr/sbin/fence_***,Fencing設備的執行腳本名稱,可安裝資源包:fence-agents 獲取更多Fencing設備資源。
3、查看使用說明:
[shell]# man ocf_heartbeat_*** ## 查看OCF資源說明,man ocf_heartbeat_apache
[shell]# man fence_*** ## 查看Fencing設備說明,man fence_vmware
4、參考文檔
https://github.com/ClusterLabs
http://clusterlabs.org/doc/
http://www.linux-ha.org/doc/man-pages/man-pages.html
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Configuring_the_Red_Hat_High_Availability_Add-On_with_Pacemaker/index.html
在羣集配置過程中參考了互聯網上衆多優秀文章,在此感謝原作者!!!
以下記錄整理了在vmware esxi5.5 + centos6.6環境中使用PCS命令配置corosync & pacemaker羣集的一些操作,由於本人水平有限,僅供參考:
--------------------------------------------------
1.安裝羣集軟件:
[shell]# yum -y install corosync pacemaker pcs
[shell]# yum -y install fence-agents resource-agents
2.拷貝配置文件、啓動腳本
[shell]# mkdir -p /etc/cluster/
[shell]# ln -s /etc/rc.d/init.d/corosync /etc/rc.d/init.d/cman
[shell]# ln -s /usr/sbin/corosync-cmapctl /usr/sbin/corosync-objctl
[shell]# cp /etc/corosync/corosync.conf.example /etc/corosync/corosync.conf
注意:羣集需要嚴格的時間同步機制,如果啓用了防火牆需要開放相應的端口。
--------------------------------------------------
PCS(Pacemaker/Corosync configuration system)命令配置羣集示例:
一、建立羣集:
1、配置羣集節點的認證as the hacluster user:
[shell]# pcs cluster auth node11 node12
2、創建一個二個節點的羣集
[shell]# pcs cluster setup --name mycluster node11 node12
[shell]# pcs cluster start --all ## 啓動羣集
3、設置資源默認粘性(防止資源回切)
[shell]# pcs resource defaults resource-stickiness=100
[shell]# pcs resource defaults
4、設置資源超時時間
[shell]# pcs resource op defaults timeout=90s
[shell]# pcs resource op defaults
5、二個節點時,忽略節點quorum功能
[shell]# pcs property set no-quorum-policy=ignore
6、沒有 Fencing設備時,禁用STONITH 組件功能
在 stonith-enabled="false" 的情況下,分佈式鎖管理器 (DLM) 等資源以及依賴DLM 的所有服務(例如 cLVM2、GFS2 和 OCFS2)都將無法啓動。
[shell]# pcs property set stonith-enabled=false
[shell]# crm_verify -L -V ## 驗證羣集配置信息
二、建立羣集資源
1、查看可用資源
[shell]# pcs resource list ## 查看支持資源列表,pcs resource list ocf:heartbeat
[shell]# pcs resource describe agent_name
## 查看資源使用參數,pcs resource describe ocf:heartbeat:IPaddr2
2、配置虛擬IP
[shell]# pcs resource create ClusterIP ocf:heartbeat:IPaddr2 \
ip="192.168.10.15" cidr_netmask=32 nic=eth0 op monitor interval=30s
3、配置Apache(httpd)
[shell]# pcs resource create WebServer ocf:heartbeat:apache \
httpd="/usr/sbin/httpd" configfile="/etc/httpd/conf/httpd.conf" \
statusurl="http://localhost/server-status" op monitor interval=1min
4、配置Nginx
[shell]# pcs resource create WebServer ocf:heartbeat:nginx \
httpd="/usr/sbin/nginx" configfile="/etc/nginx/nginx.conf" \
statusurl="http://localhost/ngx_status" op monitor interval=30s
5.1、配置FileSystem
[shell]# pcs resource create WebFS ocf:heartbeat:Filesystem \
device="/dev/sdb1" directory="/var/www/html" fstype="ext4"
[shell]# pcs resource create WebFS ocf:heartbeat:Filesystem \
device="-U 32937d65eb" directory="/var/www/html" fstype="ext4"
5.2、配置FileSystem-NFS
[shell]# pcs resource create WebFS ocf:heartbeat:Filesystem \
device="192.168.10.18:/mysqldata" directory="/var/lib/mysql" fstype="nfs" \
options="-o username=your_name,password=your_password" \
op start timeout=60s op stop timeout=60s op monitor interval=20s timeout=60s
6、配置Iscsi
[shell]# pcs resource create WebData ocf:heartbeat:iscsi \
portal="192.168.10.18" target="iqn.2008-08.com.starwindsoftware:" \
op monitor depth="0" timeout="30" interval="120"
[shell]# pcs resource create WebFS ocf:heartbeat:Filesystem \
device="-U 32937d65eb" directory="/var/www/html" fstype="ext4" options="_netdev"
7、配置DRBD
[shell]# pcs resource create WebData ocf:linbit:drbd \
drbd_resource=wwwdata op monitor interval=60s
[shell]# pcs resource master WebDataClone WebData \
master-max=1 master-node-max=1 clone-max=2 clone-node-max=1 notify=true
[shell]# pcs resource create WebFS ocf:heartbeat:Filesystem \
device="/dev/drbd1" directory="/var/www/html" fstype="ext4"
8、配置MySQL
[shell]# pcs resource create MySQL ocf:heartbeat:mysql \
binary="/usr/bin/mysqld_safe" config="/etc/my.cnf" datadir="/var/lib/mysql" \
pid="/var/run/mysqld/mysql.pid" socket="/tmp/mysql.sock" \
op start timeout=180s op stop timeout=180s op monitor interval=20s timeout=60s
9、配置Pingd,檢測節點與目標的連接有效性
[shell]# pcs resource create PingCheck ocf:heartbeat:pingd \
dampen=5s multiplier=100 host_list="192.168.10.1 router" \
op monitor interval=30s timeout=10s
10、創建資源clone,克隆的資源會在全部節點啓動
[shell]# pcs resource clone PingCheck
[shell]# pcs resource clone ClusterIP clone-max=2 clone-node-max=2 globally-unique=true
## clone-max=2,數據包分成2路
[shell]# pcs resource update ClusterIP clusterip_hash=sourceip
## 指定響應請求的分配策略爲:sourceip
三、調整羣集資源
1、配置資源約束
[shell]# pcs resource group add WebSrvs ClusterIP
## 配置資源組,組中資源會在同一節點運行
[shell]# pcs resource group remove WebSrvs ClusterIP
## 移除組中的指定資源
[shell]# pcs resource master WebDataClone WebData
## 配置具有多個狀態的資源,如 DRBD master/slave狀態
[shell]# pcs constraint colocation add WebServer ClusterIP INFINITY
## 配置資源捆綁關係
[shell]# pcs constraint colocation remove WebServer
## 移除資源捆綁關係約束中資源
[shell]# pcs constraint order ClusterIP then WebServer
## 配置資源啓動順序
[shell]# pcs constraint order remove ClusterIP
## 移除資源啓動順序約束中資源
[shell]# pcs constraint ## 查看資源約束關係, pcs constraint --full
2、配置資源位置
[shell]# pcs constraint location WebServer prefers node11
## 指定資源默認某個節點,node=50 指定增加的 score
[shell]# pcs constraint location WebServer avoids node11
## 指定資源避開某個節點,node=50 指定減少的 score
[shell]# pcs constraint location remove location-WebServer
## 移除資源節點位置約束中資源ID,可用pcs config獲取
[shell]# pcs constraint location WebServer prefers node11=INFINITY
## 手工移動資源節點,指定節點資源的 score of INFINITY
[shell]# crm_simulate -sL ## 驗證節點資源 score 值
3、修改資源配置
[shell]# pcs resource update WebFS ## 更新資源配置
[shell]# pcs resource delete WebFS ## 刪除指定資源
4、管理羣集資源
[shell]# pcs resource disable ClusterIP
## 禁用資源
[shell]# pcs resource enable ClusterIP
## 啓用資源
[shell]# pcs resource failcount show ClusterIP
## 顯示指定資源的錯誤計數
[shell]# pcs resource failcount reset ClusterIP ## 清除指定資源的錯誤計數
[shell]# pcs resource cleanup ClusterIP ## 清除指定資源的狀態與錯誤計數
四、配置Fencing設備,啓用STONITH
1、查詢Fence設備資源
[shell]# pcs stonith list ## 查看支持Fence列表
[shell]# pcs stonith describe agent_name
## 查看Fence資源使用參數,pcs stonith describe fence_vmware_soap
2、配置fence設備資源
[shell]# pcs stonith create ipmi-fencing fence_ipmilan \
pcmk_host_list="pcmk-1 pcmk-2" ipaddr="10.0.0.1" login=testuser passwd=acd123 \
op monitor interval=60s
mark:
If the device does not support the standard port parameter or may provide additional ones, you may also need to set the special pcmk_host_argument parameter. See man stonithd for details.
If the device does not know how to fence nodes based on their uname, you may also need to set the special pcmk_host_map parameter. See man stonithd for details.
If the device does not support the list command, you may also need to set the special pcmk_host_list and/or pcmk_host_check parameters. See man stonithd for details.
If the device does not expect the victim to be specified with the port parameter, you may also need to set the special pcmk_host_argument parameter. See man stonithd for details.
example: pcmk_host_argument="uuid" pcmk_host_map="node11:4;node12:5;node13:6" pcmk_host_list="node11,node12" pcmk_host_check="static-list"
3、配置VMWARE (fence_vmware_soap)
特別說明:本次實例中使用了第3項(pcs stonith create vmware-fencing fence_vmware_soap)這個指定pcmk配置參數才能正常執行Fencing動作。
3.1、確認vmware虛擬機的狀態:
[shell]# fence_vmware_soap -o list -a vcenter.example.com -l cluster-admin -p <password> -z
## 獲取虛擬機UUID
[shell]# fence_vmware_soap -o status -a vcenter.example.com -l cluster-admin -p <password> -z -U <UUID>
## 查看狀態
[shell]# fence_vmware_soap -o status -a vcenter.example.com -l cluster-admin -p <password> -z -n <vm name>
3.2、配置fence_vmware_soap
[shell]# pcs stonith create vmware-fencing-node11 fence_vmware_soap \
action="reboot" ipaddr="192.168.10.10" login="vmuser" passwd="vmuserpd" ssl="1" \
port="node11" shell_timeout=60s login_timeout=60s op monitor interval=90s
[shell]# pcs stonith create vmware-fencing-node11 fence_vmware_soap \
action="reboot" ipaddr="192.168.10.10" login="vmuser" passwd="vmuserpd" ssl="1" \
uuid="421dec5f-c484-3d69-ddfb-65af46530581" shell_timeout=60s login_timeout=60s op monitor interval=90s
[shell]# pcs stonith create vmware-fencing fence_vmware_soap \
action="reboot" ipaddr="192.168.10.10" login="vmuser" passwd="vmuserpd" ssl="1" \
pcmk_host_argument="uuid" pcmk_host_check="static-list" pcmk_host_list="node11,node12" \
pcmk_host_map="node11:421dec5f-c484-3d69-ddfb-65af46530581;node12:421dec5f-c484-3d69-ddfb-65af46530582" \
shell_timeout=60s login_timeout=60s op monitor interval=90s
注:如果配置fence_vmware_soap設備時用port=vm name在測試時不能識別,則使用uuid=vm uuid代替;
建議使用 pcmk_host_argument、pcmk_host_map、pcmk_host_check、pcmk_host_list 參數指明節點與設備端口關係,格式:
pcmk_host_argument="uuid" pcmk_host_map="node11:uuid4;node12:uuid5;node13:uuid6" pcmk_host_list="node11,node12,node13" pcmk_host_check="static-list"
4、配置SCSI
[shell]# ls /dev/disk/by-id/wwn-* ## 獲取Fencing磁盤UUID號,磁盤須未格式化
[shell]# pcs stonith create iscsi-fencing fence_scsi \
action="reboot" devices="/dev/disk/by-id/wwn-0x600e002" meta provides=unfencing
5、配置DELL DRAC
[shell]# pcs stonith create dell-fencing-node11 fence_drac
.....
6、管理 STONITH
[shell]# pcs resource clone vmware-fencing
## clone stonith資源,供多節點啓動
[shell]# pcs property set stonith-enabled=true
## 啓用 stonith 組件功能
[shell]# pcs stonith cleanup vmware-fencing
## 清除Fence資源的狀態與錯誤計數
[shell]# pcs stonith fence node11 ## fencing指定節點
五、羣集操作命令
1、驗證羣集安裝
[shell]# pacemakerd -F ## 查看pacemaker組件,ps axf | grep pacemaker
[shell]# corosync-cfgtool -s ## 查看corosync序號
[shell]# corosync-cmapctl | grep members
## corosync 2.3.x
[shell]# corosync-objctl | grep members ## corosync 1.4.x
2、查看羣集資源
[shell]# pcs resource standards ## 查看支持資源類型
[shell]# pcs resource providers ## 查看資源提供商
[shell]# pcs resource agents ## 查看所有資源代理
[shell]# pcs resource list ## 查看支持資源列表
[shell]# pcs stonith list ## 查看支持Fence列表
[shell]# pcs property list --all ## 顯示羣集默認變量參數
[shell]# crm_simulate -sL ## 檢驗資源 score 值
3、使用羣集腳本
[shell]# pcs cluster cib ra_cfg ## 將羣集資源配置信息保存在指定文件
[shell]# pcs -f ra_cfg resource create
## 創建羣集資源並保存在指定文件中(而非保存在運行配置)
[shell]# pcs -f ra_cfg resource show ## 顯示指定文件的配置信息,檢查無誤後
[shell]# pcs cluster cib-push ra_cfg ## 將指定配置文件加載到運行配置中
4、STONITH 設備操作
[shell]# stonith_admin -I ## 查詢fence設備
[shell]# stonith_admin -M -a agent_name ## 查詢fence設備的元數據,stonith_admin -M -a fence_vmware_soap
[shell]# stonith_admin --reboot nodename
## 測試 STONITH 設備
5、查看羣集配置
[shell]# crm_verify -L -V ## 檢查配置有無錯誤
[shell]# pcs property ## 查看羣集屬性
[shell]# pcs stonith ## 查看stonith
[shell]# pcs constraint ## 查看資源約束
[shell]# pcs config ## 查看羣集資源配置
[shell]# pcs cluster cib ## 以XML格式顯示羣集配置
6、管理羣集
[shell]# pcs status ## 查看羣集狀態
[shell]# pcs status cluster
[shell]# pcs status corosync
[shell]# pcs cluster stop [node11] ## 停止羣集
[shell]# pcs cluster start --all ## 啓動羣集
[shell]# pcs cluster standby node11 ## 將節點置爲後備standby狀態,pcs cluster unstandby node11
[shell]# pcs cluster destroy [--all] ## 刪除羣集,[--all]同時恢復corosync.conf文件
[shell]# pcs resource cleanup ClusterIP ## 清除指定資源的狀態與錯誤計數
[shell]# pcs stonith cleanup vmware-fencing
## 清除Fence資源的狀態與錯誤計數
corosync & pacemaker羣集-命令
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.