ansible简易实现corosync自动安装启动

corosync是HA集群的一种实现，类似的有基于VRRP协议的keepalived，尝试用ansible实现自动安装corosync，在集群的架构里面  ML+CRM+RA  ,

corosync + pacemaker 这种组合方式是目前比较流行的一种，先安装corosync，再了解它吧。。。

corosync已经被收录进RHCS的base源中：

因此直接yum就可以安装，但是比较老的RHCS5系列只支持heartbeat和cman，据说也不太好使，也是被淘汰的产品，除了银行这类极度追求稳定的金融行业有可能还在用，互联网公司应该不会用的。

Install && configuration

准备：

host1:172.16.52.58

host2:172.16.52.59

host2:172.16.52.60

host1：

1.安装ansible，配置ansible的官方yum源后： 

yum install -y   ansiable

///安装ansible

2.安装corosync，因为pacemaker没有什么需要配置的，因此直接安装启动就成了。。

yum install  -y  corosync

 corosync-keygen  -l

///生成authkey，默认会存放在/etc/corosync/目录下，-l 是以防熵池中随机数不够用了，再另外生成伪随机数

3.

cd /etc/ansible

mkdir  -p  roles/corosync/{vars,templates,tasks,handlers}

cp  /etc/corosync/corosync.conf   roles/corosync/templates/corosync.conf.j2      

///复制配置文件到templates并指定为.j2,是用的jinjia2的语法

4.在hosts列表里面指定需要安装corosync的主机，命名为corosyncservers组

vim hosts

[corosyncserver]
172.16.52.59  
172.16.52.60

5.配置ansible，采用自定义变量

cd  roles/corosync

vim vars/main.yml

cipher: aes256

hash: sha1

vim  tasks/main.yml

- name: time sync

  cron:  name=ntpsync   job="/usr/sbin/ntpdate  172.16.0.1"  state=present

- name: Uninstall  {{ item }}

  yum: name={{ item }} state=absent

   with_items:

   - corosync

   - pacemaker

- name: Install {{ item }}

 yum: name={{item}} state=present

  with_items:

  - corosync

  - pacemaker

- name: copy authkey

  template: src=authkey   dest=/etc/corosync/authkey

- name: copy corosync.conf.j2

  template: src=corosync.conf.j2  dest=/etc/corosync/corosync.conf

  notify: restart corosync

- name: start {{ item }}
  service: name={{ item }} state=started
  with_items:
  - corosync
  - pacemake

vim  handlers/main.yml

- name: restart corosync

  service: name={{ item }} state=restarted

  with_items:

  - corosync

  - pacemaker

cd  /etc/ansible

vim corosyncservers.yml

- hosts: corosyncserver

  remote_user: root

  roles:

  - corosync

6.配置corosync.conf.j2

vim  /etc/ansible/roles/corosync/templates/corosync.conf.j2

# Please read the corosync.conf.5 manual page
totem {
version: 2


# crypto_cipher and crypto_hash: Used for mutual node authentication.
# If you choose to enable this, then do remember to create a shared
# secret with "corosync-keygen".
# enabling crypto_cipher, requires also enabling of crypto_hash.
crypto_cipher: {{ cipher }} 
crypto_hash: {{ hash }}
        secauth on
cluster_name  mycluster


# interface: define at least one interface to communicate
# over. If you define more than one interface stanza, you must
# also set rrp_mode.
interface {
                # Rings must be consecutively numbered, starting at 0.
ringnumber: 0
# This is normally the *network* address of the
# interface to bind to. This ensures that you can use
# identical instances of this configuration file
# across all your cluster nodes, without having to
# modify this option.
bindnetaddr: 172.16.52.0 

# However, if you have multiple physical network
# interfaces configured for the same subnet, then the
# network address alone is not sufficient to identify
# the interface Corosync should bind to. In that case,
# configure the *host* address of the interface
# instead:
# bindnetaddr: 192.168.1.1
# When selecting a multicast address, consider RFC
# 2365 (which, among other things, specifies that
# 239.255.x.x addresses are left to the discretion of
# the network administrator). Do not reuse multicast
# addresses across multiple Corosync clusters sharing
# the same network.
mcastaddr: 239.255.1.1
# Corosync uses the port you specify here for UDP
# messaging, and also the immediately preceding
# port. Thus if you set this to 5405, Corosync sends
# messages over UDP ports 5405 and 5404.
mcastport: 5405
# Time-to-live for cluster communication packets. The
# number of hops (routers) that this ring will allow
# itself to pass. Note that multicast routing must be
# specifically enabled on most network routers.
ttl: 1
}
}


nodelist {
node {
ring0_addr: 172.16.52.59
nodeid: 1
}
node {
ring0_addr: 172.16.52.60
nodeid: 2
}
}
logging {
# Log the source file and line where messages are being
# generated. When in doubt, leave off. Potentially useful for
# debugging.
fileline: off
# Log to standard error. When in doubt, set to no. Useful when
# running in the foreground (when invoking "corosync -f")
to_stderr: no
# Log to a log file. When set to "no", the "logfile" option
# must not be set.
to_logfile: yes
logfile: /var/log/cluster/corosync.log
# Log to the system log daemon. When in doubt, set to yes.
to_syslog: yes
# Log debug messages (very verbose). When in doubt, leave off.
debug: off
# Log messages with time stamps. When in doubt, set to on
# (unless you are only logging to syslog, where double
# timestamps can be annoying).
timestamp: on
logger_subsys {
subsys: QUORUM
debug: off
}
}


quorum {
# Enable and configure quorum subsystem (default: off)
# see also corosync.conf.5 and votequorum.5
provider: corosync_votequorum
expected_votes: 2
two_node: 1
}

7.测试

ansible-playbook  corosync

8.到host2和host3上面去测试

~]# crm_mon