一. 什么是RHCS:
RHCS是Red Hat Cluster Suite的缩写,也就是红帽集群套件,RHCS是一个能够提供高可用性、高可靠性、负载均衡、存储共享且经济廉价的集群工具集合,它将集群系统中三大集群架构融合一体,可以给web应用、数据库应用等提供安全、稳定的运行环境。
更确切的说,RHCS是一个功能完备的集群应用解决方案,它从应用的前端访问到后端的数据存储都提供了一个行之有效的集群架构实现,通过RHCS提供的这种解决方案,不但能保证前端应用持久、稳定的提供服务,同时也保证了后端数据存储的安全。
RHCS提供了集群系统中三种集群构架,分别是高可用性集群、负载均衡集群、存储集群。
二. RHCS提供的三个核心功能:
高可用集群是RHCS的核心功能。当应用程序出现故障,或者系统硬件、网络出现故障时,应用可以通过RHCS提供的高可用**管理组件自动、快速从一个节点切换到另一个节点,节点故障转移功能对客户端来说是透明的,从而保证应用持续、不间断的对外提供服务,这就是RHCS高可用集群实现的功能。
RHCS通过LVS(Linux Virtual Server)来提供负载均衡集群,而LVS是一个开源的、功能强大的基于IP的负载均衡技术,LVS由负载调度器和服务访问节点组成,通过LVS的负载调度功能,可以将客户端请求平均的分配到各个服务节点,同时,还可以定义多种负载分配策略,当一个请求进来时,集群系统根据调度算法来判断应该将请求分配到哪个服务节点,然后,由分配到的节点响应客户端请求,同时,LVS还提供了服务节点故障转移功能,也就是当某个服务节点不能提供服务时,LVS会自动屏蔽这个故障节点,接着将失败节点从集群中剔除,同时将新来此节点的请求平滑的转移到其它正常节点上来;而当此故障节点恢复正常后,LVS又会自动将此节点加入到集群中去。而这一系列切换动作,对用户来说,都是透明的,通过故障转移功能,保证了服务的不间断、稳定运行。
RHCS通过GFS文件系统来提供存储集群功能,GFS是Global File System的缩写,它允许多个服务同时去读写一个单一的共享文件系统,存储集群通过将共享数据放到一个共享文件系统中从而消除了在应用程序间同步数据的麻烦,GFS是一个分布式文件系统,它通过锁管理机制,来协调和管理多个服务节点对同一个文件系统的读写操作。
三. Failover Domain(错误切换域):
每个Failover Domain都与两个或两个以上的Node(服务器节点)进行绑定,Failover Domain指定了集群中某个Service运行时的范围,也就是指定此Service将会由哪些服务器提供Failover错误切换功能。每个Node都允许与多个Failover Domain进行绑定,也就是说每个Node都可以为多个Service服务,因此可以实现"主动/主动(双活动)"方式的集群配置。
四. Resources(资源):
Resources指的是组成一个应用所需的各种组件,通常包括:应用程序、虚拟IP、文件系统。资源与Service组合时,往往还会体现出一定的层次关系,例如:通常系统都要求确认虚拟IP及文件系统都已经正常连接及挂载后,才可以运行某个应用程序,这个顺序一旦调转,就会使应用程序运行出错。
五. Fence机制:
在RHCS集群运行时,为了避免因出现不可预知的情况而造成的"脑裂"现象(如:心跳线断连,此时两台服务器都无法找到对方,无法向对方发出操作指令,都各自认为自己是主节点;又或者主服务器系统崩溃,系统能接收到备用服务器的操作指令,但无法返回运行情况的确认信号,导致备用服务器无法获知系统资源的使用情况),系统要求通过Fence机制来保障系统切换时的I/O使用安全。
六. 具体配置步骤:
-
准备两台虚拟机(redhat6.5)
server1配置luci集群管理界面,配置管理集群
sever1和server2为集群节点,配置ricci -
server1和server2配置高级yum源
[root@server1 ~]# vim /etc/yum.repos.d/rhel-source.repo [rhel-source] name=Red Hat Enterprise Linux $releasever - $basearch - Source baseurl=http://172.25.61.250/rhel6.5 enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release [LoadBalancer] name=LoadBalancer baseurl=http://172.25.61.250/rhel6.5/LoadBalancer gpgcheck=0 [HighAvailability] name=HighAvailability baseurl=http://172.25.61.250/rhel6.5/HighAvailability gpgcheck=0 [ResilientStorage] name=ResilientStorage baseurl=http://172.25.61.250/rhel6.5/ResilientStorage gpgcheck=0 [ScalableFileSystem] name=ScalableFileSystem baseurl=http://172.25.61.250/rhel6.5/ScalableFileSystem gpgcheck=0
- 开启服务,设置开机自启
server1:
passwd ricci
/etc/init.d/ricci start
/etc/init.d/luci start
chkconfig ricci on
chkconfig luci on
server2:
/etc/init.d/ricci start
chkconfig ricci on
/etc/init.d/ricci start
passwd ricci
-
在浏览器上输入https://172.25.61.1:8084,通过安全认证
-
登陆,创建节点
7.在server1上可以查看
vim /etc/cluster/cluster.conf
cman 检测集群状态
rgmanager 集群管理器
ricci 管理资源
modclusterd 修改配置文件
clvmd 集群逻辑卷服务
- 添加fence
在RHCS集群运行时,为了避免因出现不可预知的情况而造成的"脑裂"现象(如:心跳线断连,此时两台服务器都无法找到对方,无法向对方发出操作指令,都各自认为自己是主节点;又或者主服务器系统崩溃,系统能接收到备用服务器的操作指令,但无法返回运行情况的确认信号,导致备用服务器无法获知系统资源的使用情况),系统要求通过Fence机制来保障系统切换时的I/O使用安全。
-
在真机上下载软件,制作密钥
yum install fence-virtd.x86_64 fence-virtd-libvirt.x86_64 fence-virtd- multicast.x86_64 -y mkdir /etc/cluster cd /etc/cluster/ fence_virtd -c ##生成钥匙 ls dd if=/dev/urandom of=/etc/cluster/fence_xvm.key bs=128 count=1如果制作钥匙不成功,可以手动生存钥匙
ls scp fence_xvm.key server2:/etc/cluster scp fence_xvm.key root@172.25.61.2:/etc/cluster ##将钥匙发给server1和server2一份 [root@foundation61 cluster]# fence_virtd -c Module search path [/usr/lib64/fence-virt]: Available backends: libvirt 0.1 Available listeners: multicast 1.2 Listener modules are responsible for accepting requests from fencing clients. Listener module [multicast]: The multicast listener module is designed for use environments where the guests and hosts may communicate over a network using multicast. The multicast address is the address that a client will use to send fencing requests to fence_virtd. Multicast IP Address [225.0.0.12]: Using ipv4 as family. Multicast IP Port [1229]: Setting a preferred interface causes fence_virtd to listen only on that interface. Normally, it listens on all interfaces. In environments where the virtual machines are using the host machine as a gateway, this *must* be set (typically to virbr0). Set to 'none' for no interface. Interface [virbr0]: br0 The key file is the shared key information which is used to authenticate fencing requests. The contents of this file must be distributed to each physical host and virtual machine within a cluster. Key File [/etc/cluster/fence_xvm.key]: Backend modules are responsible for routing requests to the appropriate hypervisor or management layer. Backend module [libvirt]: Configuration complete. === Begin Configuration === backends { libvirt { uri = "qemu:///system"; } } listeners { multicast { port = "1229"; family = "ipv4"; interface = "br0"; address = "225.0.0.12"; key_file = "/etc/cluster/fence_xvm.key"; } } fence_virtd { module_path = "/usr/lib64/fence-virt"; backend = "libvirt"; listener = "multicast"; } === End Configuration === [root@foundation61 cluster]# ls fence_xvm.key -
浏览器添加资源
首先添加设备
3)给节点添加fence
4)domain设置server1的UUID为好
server2同理添加
-
开启服务,测试
[root@foundation61 cluster]# virt-manager [root@foundation61 cluster]# systemctl start fence_virtd.service e ebtables.service emergency.service emergency.target [root@foundation61 cluster]# systemctl start fence_virtd.service [root@foundation61 cluster]# systemctl status fence_virtd.service ● fence_virtd.service - Fence-Virt system host daemon Loaded: loaded (/usr/lib/systemd/system/fence_virtd.service; disabled; vendor preset: disabled) Active: active (running) since Wed 2019-04-24 22:44:14 CST; 7s ago Process: 5163 ExecStart=/usr/sbin/fence_virtd $FENCE_VIRTD_ARGS (code=exited, status=0/SUCCESS) Main PID: 5168 (fence_virtd) CGroup: /system.slice/fence_virtd.service └─5168 /usr/sbin/fence_virtd -w Apr 24 22:44:14 foundation61.ilt.example.com systemd[1]: Starting Fence-Virt system host daemon... Apr 24 22:44:14 foundation61.ilt.example.com fence_virtd[5168]: fence_virtd starting. Listener: libvirt Backe...ast Apr 24 22:44:14 foundation61.ilt.example.com systemd[1]: Started Fence-Virt system host daemon. Hint: Some lines were ellipsized, use -l to show in full.
测试,在server1上
[root@server1 cluster]# fence_node server2
fence server2 success
[root@server1 cluster]#
集群和节点没有被破坏
web高可用集群
1.添加集群服务
选择Failover Domains ,自定义一个名字,选择只在固定节点,资源故障不回切,设置优先级,数字越小优先级越高,server1为主节点
- 添加集群资源
添加服务名称和服务脚本路径
这里添加的ip就是vip
- 添加服务组
Run Exclusive 代表运行独占,Failover Domain 选择我们刚才创建的集群服务,然后点击Add Child Resource,将刚才的资源添加
-
server1和server2上下载http,撰写默认发布页
Installed: httpd.x86_64 0:2.2.15-29.el6_4 Dependency Installed: apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1 apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 httpd-tools.x86_64 0:2.2.15-29.el6_4 mailcap.noarch 0:2.1.31-2.el6 Complete! [root@server1 cluster]# vim /var/www/html/index.html [root@server1 cluster]# cat /var/www/html/index.html server1 [root@server1 cluster]# Installed: httpd.x86_64 0:2.2.15-29.el6_4 Dependency Installed: apr.x86_64 0:1.3.9-5.el6_2 apr-util.x86_64 0:1.3.9-3.el6_0.1 apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 httpd-tools.x86_64 0:2.2.15-29.el6_4 mailcap.noarch 0:2.1.31-2.el6 Complete! [root@server2 ~]# vim /var/www/html/index.html [root@server2 ~]# cat /var/www/html/index.html server2 -
启动apache服务组
[root@server1 cluster]# clustat Cluster Status for redhat_ha @ Wed Apr 24 23:31:39 2019 Member Status: Quorate Member Name ID Status ------ ---- ---- ------ server1 1 Online, Local, rgmanager server2 2 Online, rgmanager Service Name Owner (Last) State ------- ---- ----- ------ ----- service:apache server1 started
由于server1的优先级高,所以apache服务在server1上
测试1:先将服务手动切换到server2上,然后对server1进行脑裂。模拟内核故障
server2重启
测试2:将server1的和http服务关闭
[root@server1 cluster]# /etc/init.d/httpd stop
Stopping httpd: [ OK ]
[root@server1 cluster]# clustat
[root@server1 cluster]# clustat
Cluster Status for redhat_ha @ Wed Apr 24 23:44:52 2019
Member Status: Quorate
Member Name ID Status
------ ---- ---- ------
server1 1 Online, Local, rgmanager
server2 2 Online, rgmanager
Service Name Owner (Last) State
------- ---- ----- ------ -----
service:apache server2 started
服务调转到了server2上,
测试3:将server2的网络关闭,模拟网络故障
[root@server2 ~]# /etc/init.d/network stop
Shutting down interface eth0:
[root@server1 cluster]# clustat
Cluster Status for redhat_ha @ Wed Apr 24 23:49:52 2019
Member Status: Quorate
Member Name ID Status
------ ---- ---- ------
server1 1 Online, Local, rgmanager
server2 2 Online
Service Name Owner (Last) State
------- ---- ----- ------ -----
service:apache server1 started
服务又重新调转到server1上,关闭了网络服务后,fence机制触发迫使server2关机重启,服务不再回切
216
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
