描述Solaris 10上的Oracle RAC 11.2.0.1新增节点的过程。
这一篇介绍安装新节点的准备工作。
安装Oracle11.2 RAC for Solaris10 sparc64(一):http://yangtingkun.itpub.net/post/468/515361
首先在已有的两个节点的/etc/hosts中,添加新节点的地址信息:
172.25.198.226 racnode3
10.0.0.3 racnode3-priv
编辑新节点的/etc/hosts信息:
# vi /etc/hosts
"/etc/hosts"[只读取] 6 行,115 字符
#
# Internet host table
#
::1 localhost
127.0.0.1 localhost
172.25.198.226 racnode3 ractest.emedchina.cn loghost
10.0.0.3 racnode3-priv
172.25.198.222 racnode1
172.25.198.223 racnode2
10.0.0.1 racnode1-priv
10.0.0.2 racnode2-priv
172.25.198.200 racnode-cluster
配置新节点上的两块网卡信息,使之符合上面配置的地址:
# ifconfig -a
lo0: flags=2001000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
ce0: flags=1000843 mtu 1500 index 2
inet 172.25.198.226 netmask ffff0000 broadcast 172.25.255.255
ether 0:3:ba:2c:d8:da
# ifconfig ce1 plumb
# ifconfig ce1 10.0.0.3 netmask 255.255.255.0 broadcast 10.0.0.255 up
编辑hostname.ce1文件:
# vi /etc/hostname.ce1
"/etc/hostname.ce1"[新文件]
racnode3-priv
在/etc/netmasks中添加:
10.0.0.0 255.255.0.0
检查/etc/defaultrounter文件是否配置了默认网关:
# more /etc/defaultrouter
172.25.13.1
检查操作系统情况,参考RAC安装文档。
设置系统TCP和UDP端口范围:
# /usr/sbin/ndd /dev/tcp tcp_smallest_anon_port tcp_largest_anon_port
32768
65535
# /usr/sbin/ndd -set /dev/tcp tcp_smallest_anon_port 9000
# /usr/sbin/ndd /dev/udp udp_smallest_anon_port udp_largest_anon_port
32768
65535
# /usr/sbin/ndd -set /dev/udp udp_smallest_anon_port 9000
检查并设置core文件创建信息:
# coreadm
全局(主存储器)信息转储文件模式:
全局信息转储文件内容: default
初始(主存储器)信息转储文件模式: core
初始信息转储文件内容: default
全局(主存储器)信息转储: disabled
每进程的(主存储器)信息转储: enabled
全局 setid (主存储器)信息转储: disabled
每进程的 setid (主存储器)信息转储: disabled
全局(主存储器)信息转储记录: disabled
# mkdir -p /var/cores
# coreadm -g /var/cores/%f.%n.%p.%t.core -e global -e global-setid -e log -d process -d proc-setid
禁止ntp时间同步服务:
# /usr/sbin/svcadm disable ntp
图形化工具可以自动配置ssh网络连接,但是由于图形接口的默认配置与Solaris系统不一致,需要添加下来的链接:
# mkdir /usr/local
# ln -s /etc/ssh /usr/local/etc
# ln -s /usr/bin /usr/local/bin
清除服务器上以往的用户和组配置:
# userdel oracle
# groupdel oinstall
# groupdel dba
新增用户和组:
# groupadd -g 1000 oinstall
# groupadd -g 1031 dba
# mkdir /export/home/oracle
# useradd -u 1101 -g oinstall -G dba -d /export/home/oracle oracle
# chown -R oracle:oinstall /export/home/oracle
# passwd oracle
在两个节点上分别创建CLUSTER和ORACLE的安装目录:
# mkdir /data/grid
# mkdir -p /data/oracle/product/11.2
# chown -R oracle:oinstall /data
# chmod -R 775 /data/
下面切换到oracle用户,编辑shell启动脚本:
# su - oracle
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ echo $SHELL
/bin/sh
$ vi .profile
".profile"[新文件]
umask 022
ulimit -s 32768
ulimit -n 65536
对于共享存储设备,需要对oracle用户授权:
# chown oracle:oinstall /dev/rdsk/c1*
最后通过安装节点上的软件安装目录下的工具sshUserSetup.sh来添加节点3的oracle用户验证:
bash-3.00$ cd /data/software/grid/sshsetup/
bash-3.00$ ./sshUserSetup.sh -user oracle -hosts "racnode1 racnode2 racnode3"
The output of this script. is also logged into /tmp/sshUserSetup_2010-12-23-13-59-35.log
Hosts are racnode1 racnode2 racnode3
user is oracle
Platform.:- SunOS
Checking if the remote hosts are reachable
PING racnode1: 5 data bytes
13 bytes from racnode1 (172.25.198.222): icmp_seq=0.
13 bytes from racnode1 (172.25.198.222): icmp_seq=1.
13 bytes from racnode1 (172.25.198.222): icmp_seq=2.
13 bytes from racnode1 (172.25.198.222): icmp_seq=3.
13 bytes from racnode1 (172.25.198.222): icmp_seq=4.
----racnode1 PING Statistics----
5 packets transmitted, 5 packets received, 0% packet loss
PING racnode2: 5 data bytes
13 bytes from racnode2 (172.25.198.223): icmp_seq=0.
13 bytes from racnode2 (172.25.198.223): icmp_seq=1.
13 bytes from racnode2 (172.25.198.223): icmp_seq=2.
13 bytes from racnode2 (172.25.198.223): icmp_seq=3.
13 bytes from racnode2 (172.25.198.223): icmp_seq=4.
----racnode2 PING Statistics----
5 packets transmitted, 5 packets received, 0% packet loss
PING racnode3: 5 data bytes
13 bytes from racnode3 (172.25.198.226): icmp_seq=0.
13 bytes from racnode3 (172.25.198.226): icmp_seq=1.
13 bytes from racnode3 (172.25.198.226): icmp_seq=2.
13 bytes from racnode3 (172.25.198.226): icmp_seq=3.
13 bytes from racnode3 (172.25.198.226): icmp_seq=4.
----racnode3 PING Statistics----
5 packets transmitted, 5 packets received, 0% packet loss
Remote host reachability check succeeded.
The following hosts are reachable: racnode1 racnode2 racnode3.
The following hosts are not reachable: .
All hosts are reachable. Proceeding further...
firsthost racnode1
numhosts 0
The script. will setup SSH connectivity from the host racnode1 to all
the remote hosts. After the script. is executed, the user can use SSH to run
commands on the remote hosts or copy files between this host racnode1
and the remote hosts without being prompted for passwords or confirmations.
NOTE 1:
As part of the setup procedure, this script. will use ssh and scp to copy
files between the local host and the remote hosts. Since the script. does not
store passwords, you may be prompted for the passwords during the execution of
the script. whenever ssh or scp is invoked.
NOTE 2:
AS PER SSH REQUIREMENTS, THIS SCRIPT. WILL SECURE THE USER HOME DIRECTORY
AND THE .ssh DIRECTORY BY REVOKING GROUP AND WORLD WRITE PRIVILEDGES TO THESE
directories.
Do you want to continue and let the script. make the above mentioned changes (yes/no)?
yes
The user chose yes
./sshUserSetup.sh: typeset: 没找到
Please specify if you want to specify a passphrase for the private key this script. will create for the local host. Passphrase is used to encrypt the private key and makes SSH much more secure. Type 'yes' or 'no' and then press enter. In case you press 'yes', you would need to enter the passphrase whenever the script. executes ssh or scp.
The estimated number of times the user would be prompted for a passphrase is 2*0. In addition, if the private-public files are also newly created, the user would have to specify the passphrase on one additional occasion.
Enter 'yes' or 'no'.
'yes'
The user chose 'yes'
The files containing the client public and private keys already exist on the local host. The current private key may have a passphrase associated with it. In case you find using passphrase inconvenient(although it is more secure), you can change to it empty through this script. Press 'change' if you want the script. to change the passphrase for you. Press 'no' if you want to use your old passphrase, if you had one.
'change'
The user chose 'change'
Creating .ssh directory on local host, if not present already
Creating authorized_keys file on local host
Changing permissions on authorized_keys to 644 on local host
Creating known_hosts file on local host
Changing permissions on known_hosts to 644 on local host
Creating config file on local host
If a config file exists already at /export/home/oracle/.ssh/config, it would be backed up to /export/home/oracle/.ssh/config.backup.
Creating .ssh directory and setting permissions on remote host racnode1
THE SCRIPT. WOULD ALSO BE REVOKING WRITE PERMISSIONS FOR group AND others ON THE HOME DIRECTORY FOR oracle. THIS IS AN SSH REQUIREMENT.
The script. would create ~oracle/.ssh/config file on remote host racnode1. If a config file exists already at ~oracle/.ssh/config, it would be backed up to ~oracle/.ssh/config.backup.
The user may be prompted for a password here since the script. would be running SSH on host racnode1.
警告:已向已知主机的列表中永久添加 "racnode1,172.25.198.222" (RSA)。
口令:
Done with creating .ssh directory and setting permissions on remote host racnode1.
Creating .ssh directory and setting permissions on remote host racnode2
THE SCRIPT. WOULD ALSO BE REVOKING WRITE PERMISSIONS FOR group AND others ON THE HOME DIRECTORY FOR oracle. THIS IS AN SSH REQUIREMENT.
The script. would create ~oracle/.ssh/config file on remote host racnode2. If a config file exists already at ~oracle/.ssh/config, it would be backed up to ~oracle/.ssh/config.backup.
The user may be prompted for a password here since the script. would be running SSH on host racnode2.
警告:已向已知主机的列表中永久添加 "racnode2,172.25.198.223" (RSA)。
Done with creating .ssh directory and setting permissions on remote host racnode2.
Creating .ssh directory and setting permissions on remote host racnode3
THE SCRIPT. WOULD ALSO BE REVOKING WRITE PERMISSIONS FOR group AND others ON THE HOME DIRECTORY FOR oracle. THIS IS AN SSH REQUIREMENT.
The script. would create ~oracle/.ssh/config file on remote host racnode3. If a config file exists already at ~oracle/.ssh/config, it would be backed up to ~oracle/.ssh/config.backup.
The user may be prompted for a password here since the script. would be running SSH on host racnode3.
警告:已向已知主机的列表中永久添加 "racnode3,172.25.198.226" (RSA)。
口令:
Done with creating .ssh directory and setting permissions on remote host racnode3.
Copying local host public key to the remote host racnode1
The user may be prompted for a password or passphrase here since the script. would be using SCP for host racnode1.
口令:
Done copying local host public key to the remote host racnode1
Copying local host public key to the remote host racnode2
The user may be prompted for a password or passphrase here since the script. would be using SCP for host racnode2.
Done copying local host public key to the remote host racnode2
Copying local host public key to the remote host racnode3
The user may be prompted for a password or passphrase here since the script. would be using SCP for host racnode3.
口令:
Done copying local host public key to the remote host racnode3
cat: 不能打开 /export/home/oracle/.ssh/known_hosts.tmp
cat: 不能打开 /export/home/oracle/.ssh/authorized_keys.tmp
SSH setup is complete.
------------------------------------------------------------------------
Verifying SSH setup
===================
The script. will now run the date command on the remote nodes using ssh
to verify if ssh is setup correctly. IF THE SETUP IS CORRECTLY SETUP,
THERE SHOULD BE NO OUTPUT OTHER THAN THE DATE AND SSH SHOULD NOT ASK FOR
PASSWORDS. If you see any output other than date or are prompted for the
password, ssh is not setup correctly and you will need to resolve the
issue and set up ssh again.
The possible causes for failure could be:
1. The server settings in /etc/ssh/sshd_config file do not allow ssh
for user oracle.
2. The server may have disabled public key based authentication.
3. The client public key on the server may be outdated.
4. ~oracle or ~oracle/.ssh on the remote host may not be owned by oracle.
5. User may not have passed -shared option for shared remote users or
may be passing the -shared option for non-shared remote users.
6. If there is output in addition to the date, but no password is asked,
it may be a security alert shown as part of company policy. Append the
additional text to the /sysman/prov/resources/ignoreMessages.txt file.
------------------------------------------------------------------------
--racnode1:--
Running /usr/local/bin/ssh -x -l oracle racnode1 date to verify SSH connectivity has been setup from local host to racnode1.
IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.
2010年12月23日 星期四 14时01分27秒 CST
------------------------------------------------------------------------
--racnode2:--
Running /usr/local/bin/ssh -x -l oracle racnode2 date to verify SSH connectivity has been setup from local host to racnode2.
IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.
2010年12月23日 星期四 14时01分29秒 CST
------------------------------------------------------------------------
--racnode3:--
Running /usr/local/bin/ssh -x -l oracle racnode3 date to verify SSH connectivity has been setup from local host to racnode3.
IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.
2010年12月23日 星期四 13时59分34秒 CST
------------------------------------------------------------------------
SSH verification complete.
至此,准备工作完成。
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/4227/viewspace-702530/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/4227/viewspace-702530/
2837
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
