Instructions for the future development of Hearbeat software (after 2.1.4):
| hearbeat Cluster message layer | Responsible for maintaining the mutual communication and basic information between the nodes of the cluster< /td> |
| cluster glue The middle layer | Responsible for scheduling, including two Modules: local resource management and stonith |
|
resource agents Resource agent layer |
Realize the start, stop, monitoring, etc. of various resources |
(pacemaker) information to be added!
Production scenarios (mainly to solve single points):
1. Four layers: front-end load balancer, with lvs (keeplived has difference).
Attention: hearbeat + lvs + ldirectord (health check)
2. Seventh layer: with haporxy, nginx, load ip drift!
3. Cooperate with the high availability of the main database.
4. High storage availability, such as nfs network file storage system.
5. Single-point distributed file system.
Experiment preparation: two virtual machines; configure their own VIP; (virtual network card simulates direct connection)
Three network cards :Eth0 external network eth1 internal network management ip eth2 used for server heartbeat; VIP application mounting service.
Configure hosts, ping test;
Add heartbeat route: Prompt: The firewall must be turned off, success or failure is the key!
Installation:
|
1. Download the software package: < p> Tip: Normal Yum source does not have this software |
< p style="margin-top:0px;margin-bottom:6px;text-align:justify;font-size:8px;font-family:Times;">Use Epel source installation:
< span style="font-size:16px;">wget http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm p> rpm -ivh epel-release-6-8.noarch.rpm # Note that the epel source uses the same version as the system rpm-qa|grepepel Install heartbeat hint: yum source Follow the new URL: http://mirrors.aliyun.com/help/centos wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/ repo/Centos-6.repo yum cache retention modification settings: sed-i’s#keepcache=0#keepcache=1#g’/etc/yum.conf |
| 2, installation check | rpm -aq heartbeat |
| 3. Startup file |
/etc/init.d/heartbeat #Script file |
| 4. Configuration directory |
/etc/ha.d/ |
|
5. Service resources Control catalog |
/etc/ha.d/resource.d/ #Can be placed in init.d (script file) |
|
6. Core configuration file |
ha.cf (parameter configuration file): Basic parameters < /td> |
| authkey (authentication file): The high-availability server authenticates the peer based on the peer’s authkey | |
| harresource (resource configuration file): configure and start ip resources and script programs, services, etc. | |
|
Tip: Configuration file template path: /usr/share/doc/heartbeat-3.0.4/ s s s s To on the documents include: Configuration file ha.cf configuration instructions: |
|
|
production Configuration example (/etc/ha.d/ha.cf): #the start by kong 2015/7/5 debugfile/var /log/ha-debuglogfile/var/log/ha-loglogfacilitylocal1keepalive 2deadtime 30warntime 10initdead 60#bcasteth1mcast eth2 225.0.0.7 694 1 0auto_failback onnode Anode Bc rmno#the end by kong # prompt that the heartbaet configuration of the two hosts is the same |
|
|
debugfile /var/log/ha-debug |
Heartbeat debug log storage location# 24 lines |
| logfile /var/log/ha-log | Ordinary log # 29 rows |
| logfacility local0 | Configure in the syslog service to receive logs through the locall device #34 line |
|
keepalive 2 ( Heartbeat interval time) |
Specify the heartbeat interval time as 2 seconds (that is, broadcast on eth1 every 2 seconds) # 48 |
|
deadtime 30 (declared time of death) < /td> | Specify that if the standby node does not receive the heartbeat signal of the master node within 30 seconds, it will immediately take over the resource service of the master node # 56 lines |
|
wamtime 10 (Warning delay time) |
Specify the heartbeat delay time as 10 seconds. When the backup node cannot receive the heartbeat signal of the primary node within 10 seconds, a warning log will be written to the log, but the service will not be switched at this time. |
|
initdead 120 (initial dead time) |
Specifies that after HEARTBEAT runs for the first time, it needs to wait 120 seconds before starting any resources of the main server. This option is used to solve the time interval caused by this situation. The value should be at least two times the deadtime. It is normal that VIP binding is slow when the stand-alone starts. The reason why the value is set long. |
|
#bcast eth1 (broadcasting method) < /td> |
Specifies that the heartbeat is broadcast on the eth1 interface using the Ethernet broadcast method. If two actual networks are used to transmit heartbeats, #bcast eth0 eth1 |
|
mcast eth2 255.0.0.1 694 1 0 (Multicast) |
Set the port used for broadcast communication, 694 is the default port; eth2 device 255.0.0.1 address |
| auto failback on | # is used to define whether to automatically switch back the service after the master node responds. |Recommended manual |
| node | #Master node host name. Use uname -n to view |
| node hostname2 | #spare The host name of the node. |
| crm no | Whether to enable the cluster resource management function< /td> |
|
Configuration file /etc/ha.d/authkeys Configuration instructions: # as follows Is the default configuration file |
|
|
# #Authentication file. Must be mode 600 # Tip: authkey permission must be 600 # # Must have exactly one auth directive at the front. #authsend authentication using this method-id # # Then, list the method and key that go with that method-id # #Available methods: crc sha1, md5. Crc doesn’t need/want a key. # Tips: There are three types of authentication methods that can be set. p> #You normally only have one authentication method-id listed in this file # #Put more than one to make a smooth transition when changing auth #methods and/or keys . # # #sha1 is believed to be the ” best”, md5 next best. # Tip: sha1 The way is the best #crc adds no security, except from packet corruption. #Use only on physically secure networks. # #auth 1 #1 crc #2 sha1 HI ! #3 md5 Hello! #The default is the crc method, which is not encrypted and not secure enough |
| Generation method: |
[root@B ha.d]# echo kong|sha1sum # Sha1 used 5e1d19b4602d90f43ab23a1470bb3d3a8939799a – td> |
|
Edit configuration file: Tips : Both machines have the same configuration |
[root@A ha.d]# cat authkeys auth 1 1 sha1 5e1d19b4602d90f43ab23a1470bb3d3a8939799a [root@A ha.d]# chmod 600 authkeys |
| Configuration file /etc/ ha.d/haresource Configuration instructions (the two configurations are the same): | ||
|
Production configuration Example: |
[root@A ha. d]#cat haresources #kongservicesA IPaddr::10.0.0.18/24/eth0B IPaddr::10.0.0.19/24/eth0 |
|
| #A | is the host name, which means that the initial state will bind ip 10.0.0.17 | |
| #IPaddr | is hea rtbeat configures the default script of ip, and the following ip etc. are the parameters of the script. | |
| #10.0.0.17/24 eth0 | ||
| #10.0.0.17/24 eth0 | ||
|
# is the VIP for external services of the cluster, which is initially started on A; #24 is the subnet mask; #eth0 is the actual physical network card bound to ip, which provides the communication interface for external services for heartbeat |
||
| More instructions: |
From the Mysql+drdb+Heartbeat document |
haresource: data-1-2 kong::test abc:test:ab shipeng Analysis: data-1-2 priority startup script: /etc/ ha.d/resource.d/kong test start /etc/ha.d/resource.d/abc test ab start /etc/ha.d/resource.d/shipeng start All the contents under haresource Support control modes such as /etc/ha.d/resource.d/shipeng start/stop. |
Start service
< pre class="brush:bash;toolbar:false">[root@A Ha.d]# /etc/init.d/heartbeat strat Usage: /etc/init.d/heartbeat {start|stop|status|restart| reload|force-reload}[root@A ha.d]# /etc/init.d/heartbeat startStarting High-Availability services: INFO: Resource is stoppedINFO: Resource is stoppedDone.
Server A:< /p>
vip check:
[root@A Ha.d ]#Ip addr |grep -E "10.0.0.19|10.0.0.18" inet 10.0.0.18/24 brd 10.0.0.255 scope global secondary eth0
Server B :
[root@B Ha.d]# ip a|grep-E "10.0.0.18|10.0.0.19" inet 10.0.0.19/24 brd 10.0.0.255 scope global secon dary eth0
Close it One (B):
vip check:
[[email protected]]#ipaddr|grep-E" 10.0.0.19|10.0.0.18" inet 10.0.0.18/24 brd 10.0.0.255 scope global secondary eth0 inet 10.0.0.19/24 brd 10.0.0.255 scope global secondary eth0
Tip: Remember to turn off the firewall