heartbeat overview:
Official website: http://www.linux-ha.org/
Download heartbeat: http://www.linux-ha.org/wiki/Download
Download: The current versions are: span>
Heartbeat-3-0-7e3a82377fa8.tar.bz2# Heartbeat Main package
Reusable-Cluster-Components-glue- -glue-1.0.9.tar.bz2 #Reusable cluster components
Port number: 694< /span>
[root@silence81 ~]# vim /etc/services
Extension: Who manages the port definitions of TCP/UDP public services span>
IANA means (Internet Assigned Numbers Authority), the organization of Internet number assignment. Responsible for IP address allocation planning and port definition for TCP/UDP public services.
Official website:http://www.iana.org/
All IANA tasks can be roughly divided into three types: p>
1. Domain name. IANA manages DNS domain name roots and .int, .arpa domain names and IDN (Internationalized Domain Name) resources.
Two, digital resources. IANA coordinates global IP and AS (Autonomous System) numbers and provides them to regional Internet registries. Note: AS autonomous system number is the number in the BGP routing protocol. (Manage the traffic between countries)
Three , Agreement distribution. IANA manages the protocol numbering system together with various standardization organizations.
< br>
silence80 main web
< span style="font-family:'Microsoft YaHei','Microsoft YaHei';font-size:16px;">silence84 From the web
silence81 NFS
< p>Floating resource:
1. Public IP address
2. HTTP service
3. Storage: NFS mount
< br>
Preparations: silence80, silence84
1. Modify the host name, permanent effect
# vim /etc/sysconfig/network p>
HOSTNAME=silence80
2. Analysis
# vim /etc/hosts
192.168.1.80silence80
192.168.1.84silence84
3. Turn off the firewall, turn off selinux
# iptables -F
# getenforce
Permissive
Configure silence81 as the NFS server and provide storage resources to install the NFS server:
[root@silence81 ~]# rpm -qf /etc/init.d/nfs nfs-utils-1.2.3- 15.el6.x86_64
[root@silence81 ~]# mkdir /wwwdir
[root@silence81 ~]# echo “heartbeathttpha”> /wwwdir/index.html
[root@silence81 ~]#cat /etc/exports
/wwwdir192.168.1.0/24(rw)
Configure the directory permissions:
[root@silence81 ~]# ll -d /wwwdir/
drwxr-xr-x 2 root root 4096 May 29 18:52 /wwwdir/ [root@silence81 ~]# chmod 777 -R /wwwdir/ [root@silence81 ~]# ll -d / wwwdir/
drwxrwxrwx 2 root root 4096 May 29 18: 52 /wwwdir/
Open nfs service
[root@silence81 ~]# service nfs restart
[root@silence81 ~]# chkconfig nfs on
< p>
silence80 test nfs storage mount and Install httpd web server:
[root@silence80 ~]# yum install httpd -y
[root@silence80 ~]# showmount -e 192.168.1.81
Export list for 192.168.1.81:
/wwwdir 192.168.1.0/24
[root@silence80 ~]# mount -t nfs 192.168.1.81:/wwwdir /var/www/html/ [root@silence80 ~]# service httpd restart
Test:
[root@silence80 ~]# yum install elinks -y
[root@silence80 ~]# elinks –dump 192.168.1.80
heartdeat http ha
Unload resources: Later these resources will be loaded directly through heartbeat
[root@silence80 ~]# umount /var/www/html/
[root@silence80 ~]# service httpd stop
[root@silence80 ~]# chkconfig httpd off
< p>
[root@silence84 ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=silence84
[root@silence80 ~]# scp /etc/hosts 192.168.1.84:/etc/
[email protected]’s password:
hosts100% 2130.2KB/s00:00
< span style="font-family:'Microsoft YaHei','Microsoft YaHei';font-size:16px;">[root@silence84 ~]# yum install httpd -y
[root@silence84 ~]# showmount -e 192.168.1.81
Export list for 192.168. 1.81:
/wwwdir 192.168.1.0/24 span>
[root@ silence84 ~]# mount -t nfs 192.168.1.81:/wwwdir /var/www/html/
[root@silence84 ~]# service httpd restart
Test:
[root@silence84 ~]# yum install elinks -y
[root@silence84 ~]# elinks –dump 192.168.1.84 heartdeat http ha
heartdeat http ha
Unload resources: Later these resources will be loaded directly through heartbeat< /span>
[root@silence84 ~]# umount /var/www /html/
[root@silence84 ~]# service httpd stop
[root@silence84 ~]# chkconfig httpd off
silence80 install heartbeat
Configure yum source:
[root@silence80 ~]# cat /etc/yum.repos.d/rhel-source.repo
[rhel-source]
name=Red Hat Enterprise Linux $releasever-$basearch-Source baseurl=file:///mnt/
enabled=1 gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[rhel-ha] name=Red ha baseurl=file:///mnt/HighAvailability enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[root@silence80 ~]#
#Description, if you don’t configure this baseurl=file:///mnt/HighAvailabil it, you cannot use yum to install cluster-glue and resource-agents
Centos 6.2 or 6.5 source includes cluster-glue, resource-agents, pacemaker, but there is no heartbeat. Fortunately, the source of heartbeat provides .spec, and rpmbuild can be used to generate rpm packages.
Next, install heartbeat
Upload Heartbeat-3-0-7e3a82377fa8.tar.bz2 to silence80
[root@silence80 ~]# tar -jxvf Heartbeat-3-0-958e11be8686.tar.bz2
< span style="font-family:'Microsoft YaHei','Microsoft YaHei';font-size:16px;">[root@silence80 ~]# cd Heartbeat-3-0-958e11be8686
[root@silence80 Heartbeat-3-0-958e11be8686]# rpmbuild -ba heartbeat-fedora .spec # Although an error was reported, the directory: /root/rpmbuild/SOURCES/ was created for you. If your system has this directory, you can directly copy the compressed package to this directory
error: File /root/rpmbuild/SOURCES/heartbeat.tar.bz2: No such file or directory
< br>
build /root/rpmbuild/SOURCES/heartbeat.tar.bz2 File:
[root@silence80Heartbeat-3-0- 958e11be8686]#tar-jxvf /root/Heartbeat-3-0-958e11be8686.tar.bz2 -C /root/rpmbuild/SOURCES/
[root@silence80 Heartbeat-3-0-958e11be8686]# cd /root/rpmbuild/SOURCES/
[root@silence80 SOURCES]# mv Heartbeat-3-0-958e11be8686 heartbeat #must be changed to heartbeat, otherwise an error will be reported when compiling the package
[root@silence80SOURCES]#tar-jcvfheartbeat.tar.bz2heartbeat# Generate heartbeat.tar.bz2 package , If you use the source code package directly, an error will be reported when you generate the rpm package.
such as:
< p>[root@silence80 SOURCES]# cd /root/rpmbuild/SOURCES/heartbeat/ [root@ silence80 heartbeat]# rpmbuild -ba heartbeat-fedora.spec
error: File /root/rpmbuild/SOURCES/heartbeat.tar.bz2: No such file or directory
# Solve dependencies
[root@silence80 SOURCES]# yum install ncurses-devel openssl-devel gettext bison flex mailx cluster-glue-libs-devel docbook -dtds docbook-style-xsl libtool-ltdl-devel libuuid-devel -y
# Start generating RPM package
Parameter: rpmbuild parameter (-bb only compile binary rpm package -bs only compile source srpm package -ba compile both binary and source srpm Package)
[root@silence80 SOURCES]# pwd< /span>
/root/rpmbuild/SOURCES p>
[root@silence80 SOURCES]# cd heartbeat
[root@silence80 heartbeat]# rpmbuild -ba heartbeat-fedora.spec
Install on both silence80 and silence84: heartbeat
Install on silence80: heartbeat
[root@silence80 ~]# cd /root/rpmbuild/RPMS/x86_64/
[root@silence80 x86_64]# yum install -y cluster-glue resource-agents
[root@silence80 x86_64]# rpm -ivh heartbeat-libs-3.0.6-1.el6.x86_64.rpm
< p>[root@silence80 x86_64]# rpm -ivh heartbeat-3.0.6-1.el6. x86_64.rpm
Install on silence84: heartbeat
< /p>
copy the software package and yum configuration file to silence84:
[root@silence80 ~ ]#cd /root/rpmbuild/RPMS/x86_64/
[root@silence80 ~]# scp -r ./* 192.168.1.84:/root/
[root@silence80~]#scp/etc/yum.repos.d/rhel-source.repo
192.168.1.84:/etc/yum.repos.d/< /p>
silence84 configuration: heartbeat
span>
[root@silence84 ~]# yum install ncurses-devel openssl -devel gettext bison flex mailx cluster-glue-libs-devel docbook-dtds docbook-style-xsl -y
[root@silence84 ~]# rpm -ivh heartbeat-libs-3.0.5-1.el6.x86_64.rpm
[root@silence84 ~]# yum install -y cluster-glue resource-agents
[root@silence84 ~]# rpm -ivh heartbeat-3.0.6-1.el6.x86_64.rpm span>
View the generated users and groups:
[root@silence80 ha.d]# grep haclient /etc/group haclient:x:489: p>
[root@silence80 ha.d]# id hacluster p>
uid=495(hacluster) gid=489(haclient) groups=489(haclient) )
Configure heartbeat: silence80
< p>Generate a heartbeat configuration file
p>
Configure 3 configuration files on silence80 and copy them to silence84. Generate configuration file:
[root@silence80 x86_64]# cp /usr/share/doc/heartbeat-3.0.6/ha.cf /etc/ha.d/ #Main configuration file
[root@silence80 ~]# cp /usr/share/doc/heartbeat-3.0.6/authkeys /etc/ha.d/ # primary and standby nodes The verification file used in inter-communication to ensure security
[root@silence80 ~]# cp /usr/share/doc/heartbeat-3.0.6/haresources /etc/ha.d/ #define the configuration file of floating resources
1. Set the verification file used for communication between the active and standby nodes to ensure security. The configuration requirements of the active and standby nodes are consistent.
[root@silence80 ~]# vim /etc/ ha.d/authkeys
Change:
#auth 3
< span style="font-family:'Microsoft YaHei','Microsoft YaHei';font-size:16px;">#1 crc
#2 sha1 HI!
#3 md5 Hello!
is:
auth 3
#1 crc
#2 sha1 HI!
3 md5 mkkey
View:
[root@silence80 ~] # grep ^[^#] /etc/ha.d/authkeys
auth 3
3 md5 Hello!< /span>
[root@silence80 ~]# chmod 600 /etc/ ha.d/authkeys #The permission of this file must be 600, otherwise the startup will not succeed
Note:
/etc/ha.d/authkeys file determines the authentication key. There are three authentication methods: crc, md5, and sha1. Interaction: “Which method should I use?”
If Heartbeat is running on a secure network, such as the crossover line in this example, crc can be used. From a resource point of view, this is the least expensive method. If the network is not secure, but you also want to reduce CPU usage, use md5. Finally, if you want to get the best certification, regardless of CPU usage, use sha1, which is the most difficult to crack among the three.
2. Define floating resources, pay attention to the order of adding, :: represents the separator
[root@silence80 ~]#vim /etc/ha.d/haresources
Change:
44 #node-name resource1 resource2 … resourceN
is:
silence80 IPaddr::192.168.1.88/24/eth0 Filesystem::192.168.1.81:/wwwdir::/var/www/html::nfs httpd
Note:
node-name is the host of the main server name. No modification is required on silence84. In this way, the resource will be added to this host by default. When silence80 is broken, silence84 will take over again.
IPaddr::192.168.1.88/24/eth0# Specify the VIP and which network card to bind to
Filesystem: :192.168.1.81:/wwwdir::/var/www/html::nfs #Specify the storage to be mounted
httpd #Specify the service to be started. Note, this service must be under /etc/init.d and can be started or closed through service
< p>
Test: Manually load VIP 192.168.1.88 to eth0 :0上
[root@silence80 ~]# ll /etc/ha.d/resource.d/IPaddr
-rwxr-xr-x 1 root root 2273 Jul 29 20:49 /etc/ha.d/resource.d/IPaddr span>
[root@ silence80 ~]# /etc/ha.d/resource.d/IPaddr 192.168.1.88/24/eth0:0 start
IPaddr[7142]: INFO: Using calculated netmask for 192.168.1.88: 255.255.255.0
IPaddr[7142]: DEBUG: Using calculated broadcast for 192.168.1.88: 192. 168.1.255
IPaddr[7142]: INFO: eval ifconfig eth0:0 192.168.1.88 netmask 255.255.255.0 broadcast
192.168.1.255
IPaddr[7142]: DEBUG: Sending Gratuitous Arp for 192.168.1.88 on eth0:0 [eth0] ARPING 192.168.1.88 from 192.168.1.88 eth0
IPaddr[7116]: INFO: Success
INFO: Success
View VIP:
[root@silence80 x86_64]# ifconfig#You can see that the IP of eth0:0 is: 192.168.1.88
Test: Manually load NFS storage resources to /var/www/html
[root@silence80~]#/etc/ha.d/resource.d/Filesystem192.168.1.81:/wwwdir
< p>/var/www/html/ nfs start
Filesystem[23575]: INFO: Running start for 192.168.1.81:/wwwdir on /var/www/ html
Filesystem[23567]: INFO: Success span>
INFO: Success
[root@silence80 ~]# ls /var/www/html/index.html
/var/www/html/index.html
[root@silence80 ~]# mount
…..
192.168.1.81:/wwwdiron/var/www/htmltypenfs
(rw,vers=4,addr=192.168.1.81,clientaddr=192.168.1.80)
测试: 手动启动 httpd 服务
[root@silence80 ~]# /etc/init.d/httpd restart
3.定义/etc/ha.d/ha.cf
[root@silence80 ~]# grep ^[^#] /etc/ha.d/ha.cf #默认只开启了以下两行内容
logfacili tylocal0 auto_failback on
#auto_failback on #为 on 时,主结点恢复正常后,资源自动转给主结点。建议设为 auto_failback off ,等主节点恢复正常后,在业务不繁忙时,切换回来。防止主节点恢复正常时,回切时,再次影起网 络中断。
[root@silence80 ha.d]# vim /etc/ha.d/ha.cf#将配置文件中,以下内存前面的#号去掉
24 debugfile /var/log/ha-debug
29 logfile /var/log/ha-log
48 keepalive 2 #设定 heartbeat 之间的时间间隔为 2 秒。
56 deadtime 30 #在 30 秒后宣布节点死亡。
61 warntime 10 #在日志中发出“late heartbeat“警告之前等待的时间,单位为秒。
71 initdead 120#在某些系统上,系统启动或重启之后需要经过一段时间网络才能正常工作,该选项 用于解决这种情况产生的时间间隔。取值至少为 deadtime 的两倍。
76 udpport 694 #使用端口 694 进行 bcast 和 ucast 通信。这是默认的,并且在 IANA 官方注册的端 口号。
121 ucast eth0 192.168.1.84 #表示从本机的 eth0 接口发心跳消息给对方节点,写另一端的 IP 地址 。这是单播地址。 silence84 上改为 192.168.1.80 。心跳网卡 ,如果你有两个网卡,可以写成 eth1 注:配置文件中 91 #bcast eth0#表示在 eth0 接口上使用广播 heartbeat(将 eth1 替换为 eth0, eth2,或者您使用的任何接口)。
157 auto_failback on#当 auto_failback 设置为 on 时,一旦主节点重新恢复联机,将从从节点取回 所有资源。若该选项设置为 off,主节点便不能重新获得资源。
211 nodesilence80 #该选项是必须配置的。集群中机器的主机名,不“uname �n”的输 出相同。
212 nodesilence84
这两行内容大约在此位置:
改:223 #ping 10.10.10.254
为:223 ping 192.168.1.1#通过 ping 命令来实现仲裁 改:256 #respawn hacluster /usr/lib/heartbeat/ipfail
为:256 respawn hacluster /usr/libexec/heartbeat/ipfail 改:262 #apiauth ipfail gid=haclient uid=hacluster
为: apiauth ipfail gid=haclient uid=hacluster
到此修改结束,保存,退出。
[root@silence80 x86_64]# rpm -qf /usr/libexec/heartbeat/ipfail#查看这个包是哪个软件包 安装生成的
heartbeat-3.0.6-1.el6.x86_64
复制配置文件到 silence84 上:
[root@node1 ha.d]# cd /etc/ha.d/
[root@silence80 ha.d]# scp ha.cf haresources authkeys 192.168.1.84:/etc/ha.d/
[email protected]’s password:
ha.cf100%10KB10.3KB/s00:00
haresources100% 60075.9KB/s00:00
authkeys100% 6420.6KB/s00:00
silence84 上配置 heartbeat
[root@silence84 ~]# chmod 600 /etc/ha.d/authkeys #此文件必须是 600 否则 heartbeat 启动 不成功
#修改单播地址
[root@silence84 ~]# vim /etc/ha.d/ha.cf
改:
ucast eth0 192.168.1.84
为:
ucast eth0 192.168.1.80
两机器启动 heartbeat 服务:
[root@silence80 ~]# /etc/init.d/heartbeat restart
[root@silence84 ~]# /etc/init.d/heartbeat restart
Stopping High-Availability services:[ OK ]
Waiting to allow resource takeover to complete:[ OK ]
#等待资源接管完成。 takeover 接管。 当启动停留在这个界面时,silence84 会接管所有浮动资源。等下面启动成功时,silence84 会释放资源,浮云资源,再次加载。
Starting High-Availability services: IPaddr[27857]: INFO: Resource is stopped [ OK ]
查看端口号:
[root@silence80 ~]# netstat -antup | grep 694
udp00 0.0.0.0:6940.0.0.0:*6895/heartbeat: wr
查看端口号:
[root@silence84 ~]# netstat -antup | grep 694
udp00 0.0.0.0:6940.0.0.0:*6895/heartbeat: wr
在 silence80 查看集群资源:
[root@silence80 ~]# ifconfig
…..
eth0:0Link encap:Ethernet HWaddr 00:0C:29:12:EC:1E
inet addr:192.168.1.88 Bcast:192.168.1.255 Mask:255.255.255.0
[root@silence80 ~]# df -h
…..
/dev/sr03.4G 3.4G0 100% /mnt
192.168.1.81:/wwwdir 9.7G 3.4G 5.8G 37% /var/www/html
[root@silence80 ~]# /etc/init.d/httpd status httpd (pid 23641) is running…
silence84 上查看,没有任务浮动资源:
[root@silence84 ~]# ifconfig
[root@silence84 ~]# df -h
[root@silence80 ~]# /etc/init.d/httpd status httpd is stopped
测试:
两台主机都开启时,所有请求到转到了 silence80 上。访问:http://192.168.1.88/ 正常
当掉 silence80,关闭网卡,等 30 秒钟,所有请求都转到 silence84 上了
[root@silence80 ha.d]# ifdown eth0
[root@silence84 ~]# ifconfig
…
eth0:0Link encap:Ethernet HWaddr 00:0C:29:48:80:95
inet addr:192.168.1.88 Bcast:192.168.1.255 M ask:255.255.255.0 [root@silence84 ~]# df -h
…
192.168.1.81:/wwwdir 9.7G 3.4G 5.8G 37% /var/www/html
[root@silence84 ~]# service httpd status
httpd (pid 6375) is running…
silence80 上把 eth0 网卡再次开启:
[root@silence80 ~]# ifup eth0
等 30 秒后,查看:
[root@silence80 ~]# df -h
…
192.168.1.81:/wwwdir 9.7G 3.4G 5.8G 37% /var/www/html#已经加载了 httpd 资源
[root@silence80 ~]# service httpd status
httpd (pid 27097) is running…
[root@silence80 ~]# ifconfig
。 . .
eth0:0Link encap:Ethernet HWaddr 00:0C:29:12:EC:1E
inet addr:192.168.1.88 Bcast:192.168.1.255 Mask:255.255.255.0
资源已经回切过来。
在 silence84 上查看释放资料:
[root@silence84 ~]# ifconfig#查看不到 eth0:0 192.168.1.88 这个 IP 地址
[root@silence84 ~]# df -h
FilesystemSize Used Avail Use% Mounted on
/dev/sda29.7G 3.7G 5.5G 41% /
tmpfs569M0 569M0% /dev/shm
/dev/sda1194M28M 157M 15% /boot
/dev/sr03.4G 3.4G0 100% /mnt
[root@silence84 ~]# service httpd status
httpd is stopped
扩展:
heartbeat 自带的断网切换的工具-ipfail ipfail 断网切换的原理
关于 ipfail 这个断网切换的原理很简单,首先 heartbeat 要判断自己的网络是否正常其实就是通过 ping某个 ip,如果可以 ping 的通,说明网络是通的,如果 ping 不通了,说明是网络断了,或者是主服务器的网卡坏了,然后执行切换的动作。
ping 一个 group 的 ipfail 配置:
ping-groupipfail :
ping_group groupll72.16.103.254 172.16.103.212
end!