1.关闭防火墙
systemctl status firewalld
systemctl stop firewalld
systemctl disable firewalld
2.查看调度
cat /sys/block/sda/queue/scheduler
3.修改内核参数(根据实际调整)
vi /etc/sysctl.conf
kernel.sem = 10000 10240000 10000 1024
# 信号量, ipcs -l 或 -u 查看,每16个进程一组,每组信号量需要17个信号量。
kernel.shmall = 7549747
# 所有共享内存段相加大小限制(建议内存的80%)
kernel.shmmax = 17179869184
#最大单个共享内存段大小(建议为内存一半)
kernel.shmmni = 4096
vm.dirty_background_ratio=2
vm.dirty_ratio = 40
vm.overcommit_memory = 1
vm.overcommit_ratio = 90
vm.swappiness = 0
fs.aio-max-nr = 40960000
fs.file-max = 6815744
fs.nr_open = 20480000
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_max_syn_backlog = 65536
net.core.somaxconn=1024
net.core.netdev_max_backlog = 32768
net.core.wmem_default = 8388608
net.core.wmem_max = 1048576
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_syn_retries = 2
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_wmem = 8192 436600 873200
net.ipv4.tcp_rmem = 32768 436600 873200
net.ipv4.tcp_mem = 94500000 91500000 92700000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_forward = 1
#sysctl -p
4.修改插入式认证模块参数
vim /etc/security/limits.conf
5.修改 ptrace scope 的安全机制
vim /etc/sysctl.d/10-ptrace.conf
kernel.yama.ptrace_scope = 0
--重启服务器生效,暂时未重启
6.修改logind.conf
vim /etc/systemd/logind.conf
RemoveIPC=no
7.修改sshd_config
vim /etc/ssh/sshd_config
PermitRootLogin yes
--修改保存后,root用户执行service sshd restart生效
8.创建用户组及用户
groupadd kingbase
useradd -m -d /home/kingbase -g kingbase kingbase
9.修改kingbase用户密码
passwd kingbase
10.创建相关目录
su - root
mkdir -p /data
chown -R kingbase:kingbase /data
mkdir -p /data/dbdata/data/
mkdir -p /data/dbarchive
mkdir -p /data/dbbackup
chown -R kingbase. /data/dbarchive
chown -R kingbase. /data/dbdata
chown -R kingbase. /data/dbbackup
su - kingbase
mkdir -p /home/kingbase/KingbaseES
mkdir -p /home/kingbase/install
11.数据库介质放入到install目录下并挂载
mkdir -p a
mount /home/kingbase/install/KingbaseES_V008R006C007B0012_Aarch64_install.iso /home/kingbase/a/
cp -r /home/kingbase/a/* /home/kingbase/install/
chown -R kingbase:kingbase /home/kingbase/install/
umount /home/kingbase/a
rm -rf /home/kingbase/a/
12.赋权
chmod +x -R /home/kingbase/install/setup*
chmod +x /home/kingbase/install/license.dat
13.单机软件安装
sh /home/kingbase/install/setup.sh -i console
回车10下
y
1
/home/kingbase/install/license.dat
/home/kingbase/KingbaseES/V8
y
回车2下
/data/dbdata/data/data
54321
system
123456
123456
1
2
2
1
回车
开另一个窗口,执行:
/home/kingbase/KingbaseES/V8/install/script/root.sh
原窗口,回车,退出安装程序
14.配置环境变量
#vi /home/kingbase/.bash_profile
export KINGBASE_HOME=/home/kingbase/KingbaseES/kingbase
export CLASSPATH=$KINGBASE_HOME/lib/:$CLASS_PATH
export PATH=$KINGBASE_HOME/bin:$PATH
#source .bash_profile
15.集群安装软件准备
----集群安装程序需要在非 root 用户环境下操作
----安装目录:/home/kingbase/KingbaseES/
----数据目录:/data/dbdata/data/data
----使用kingbase用户创建/home/kingbase/r6_install文件夹
mkdir -p /home/kingbase/r6_install
----解压db.zip,并将解压后bin目录下的 V8R6_cluster_install.sh, trust_cluster.sh, install.conf三个文件复制到/home/kingbase/r6_install下
cd /home/kingbase/KingbaseES/V8/ClientTools/guitools/DeployTools/zip/
unzip db.zip
cp bin/install.conf bin/V8R6_cluster_install.sh bin/trust_cluster.sh /home/kingbase/r6_install/
----将db.zip和license.dat复制到/home/kingbase/r6_install目录下,最终目录结构如下:
cp /home/kingbase/KingbaseES/V8/ClientTools/guitools/DeployTools/zip /home/kingbase/r6_install/
cp /home/kingbase/install/license.dat /home/kingbase/r6_install/
[kingbase@kylinv10 install]$ ls /home/kingbase/r6_install/
db.zip install.conf license.dat trust_cluster.sh V8R6_cluster_install.sh
----把原data目录删掉
rm -rf /data/dbdata/data/data
16.修改集群配置文件,对应参数填写
vim /home/kingbase/r6_install/install.conf
on_bmj=0
all_ip=((192.168.0.22 192.168.0.23))
install_dir="/home/kingbase/KingbaseES"
zip_package="/home/kingbase/r6_install/db.zip"
license_file=(license.dat)
db_user="system"
db_password="password"
db_port="64321"
db_mode="oracle"
db_auth="scram-sha-256"
trusted_servers="10.72.0.254"
data_directory="/data/dbdata/data/data"
virtual_ip=""
net_device=()
ipaddr_path="/sbin"
arping_path="/usr/sbin/arp"
ping_path="/bin"
super_user="root"
execute_user="kingbase"
reconnect_attempts="6"
reconnect_interval="10"
recovery="automatic"
ssh_port="22"
17.安装部署securecmdd
----解锁用户
passwd -u root
passwd -u kingbase
----复制securecmdd.zip包到r6_install下并解压
cp /home/kingbase/KingbaseES/V8/ClientTools/guitools/DeployTools/zip/securecmdd.zip /home/kingbase/r6_install/
unzip /home/kingbase/r6_install/securecmdd.zip
su - root
cd /home/kingbase/r6_install/securecmdd/bin/
----securecmdd初始化
sh sys_HAscmdd.sh init
----查看初始化生成的文件
ls -lh /etc/systemd/system/securecmdd.service
cat /etc/systemd/system/securecmdd.service
----查看认证配置文件
ls -lh /etc/.kes/
ls -lh /root/.es
ls -lh /home/kingbase/.es
----查看securecmdd服务配置文件
cd /etc/.kes/
cat securecmdd_config
----启动securecmdd服务
cd /home/kingbase/r6_install/securecmdd/bin
sh sys_HAscmdd.sh start
ps -ef |grep secure
netstat -antlp |grep 8890
systemctl status securecmdd
18.kingbase用户互信(采用scmd金仓自带互信可忽略)
ssh-keygen -t rsa -f ~/.ssh/id_rsa -P ''
ssh-copy-id -i .ssh/id_rsa.pub kingbase@10.72.30.48
19.建立安装目录
mkdir -p /home/kingbase/KingbaseES/kingbase
cp /home/kingbase/r6_install/db.zip /home/kingbase/KingbaseES/kingbase/
unzip /home/kingbase/KingbaseES/kingbase/db.zip
cp /home/kingbase/install/license.dat /home/kingbase/KingbaseES/kingbase/bin/
20.一键脚本安装部署集群
/home/kingbase/r6_install/V8R6_cluster_install.sh
21.配置生产集群参数
max_connections=1000
shared_buffers=8GB #-----------内存的四分之一
work_mem =10MB
effective_cache_size=16GB #------------内存的一半
maintenance_work_mem=6GB
log_checkpoints=on
log_connections=on
log_disconnections=on
log_lock_waits=on
log_autovacuum_min_duration=0
log_temp_files=0
log_min_duration_statement=1000
lc_messages='C'
log_statement='ddl'
log_filename='kingbase-%d.log'
log_line_prefix='%t [%p]: [%l-1] user=%u,db=%d,app=%a,client=%h'
log_truncate_on_rotation=on
log_rotation_age=1440
log_rotation_size=1GB
max_locks_per_transaction=1024
track_activities = on
track_wait_timing = on
track_io_timing = on
track_functions = 'all'
sys_stat_statements.track = 'top'
sys_kwr.enable = on
track_sql = on
connect_pool_size = 0
connect_delay_time = 0
synchronous_commit = remote_apply
22.重启集群使参数生效
sys_monitor.sh restart
----查看集群状态
[kingbase@localhost ~]$ repmgr cluster show
ID | Name | Role | Status | Upstream | Location | Priority | Timeline | LSN_Lag | Connection string
----+-------+---------+-----------+----------+----------+----------+----------+---------+-------------------------------------------------------------------------------------------------------------------------------------------------
1 | node1 | primary | * running | | default | 100 | 1 | | host=192.168.0.22 user=esrep dbname=esrep port=64321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3
2 | node2 | standby | running | node1 | default | 100 | 1 | 0 bytes | host=192.168.0.23 user=esrep dbname=esrep port=64321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3
----查看集群状态
[kingbase@localhost ~]$ ksql test system -p 64321
ksql (V8.0)
输入 "help" 来获取帮助信息.
test=# select * from sys_stat_replication;
pid | usesysid | usename | application_name | client_addr | client_hostname | client_port | backend_start | backend_xmin | state | sen
t_lsn | write_lsn | flush_lsn | replay_lsn | write_lag | flush_lag | replay_lag | sync_priority | sync_state | reply_time
--------+----------+---------+------------------+-------------+-----------------+-------------+-------------------------------+--------------+-----------+----
-------+-----------+-----------+------------+-----------+-----------+------------+---------------+------------+-------------------------------
437854 | 16385 | esrep | node2 | 192.168.0.23 | | 35334 | 2022-11-23 20:59:48.326956+08 | | streaming | 0/6
122030 | 0/6122030 | 0/6122030 | 0/6122030 | | | | 1 | quorum | 2022-11-23 21:02:58.643977+08
(1 行记录)
test=# \l+
数据库列表
名称 | 拥有者 | 字元编码 | 校对规则 | Ctype | 存取权限 | 大小 | 表空间 | 描述
-----------+--------+----------+-------------+-------------+-------------------+-------+-------------+--------------------------------------------
esrep | system | UTF8 | zh_CN.UTF-8 | zh_CN.UTF-8 | | 13 MB | sys_default |
security | system | UTF8 | zh_CN.UTF-8 | zh_CN.UTF-8 | | 13 MB | sys_default |
template0 | system | UTF8 | zh_CN.UTF-8 | zh_CN.UTF-8 | =c/system +| 13 MB | sys_default | unmodifiable empty database
| | | | | system=CTc/system | | |
template1 | system | UTF8 | zh_CN.UTF-8 | zh_CN.UTF-8 | =c/system +| 13 MB | sys_default | default template for new databases
| | | | | system=CTc/system | | |
test | system | UTF8 | zh_CN.UTF-8 | zh_CN.UTF-8 | | 18 MB | sys_default | default administrative connection database
(5 行记录)
----查看复制槽
test=# select * from sys_replication_slots ;
slot_name | plugin | slot_type | datoid | database | temporary | active | active_pid | xmin | catalog_xmin | restart_lsn | confirmed_flush_lsn
---------------+--------+-----------+--------+----------+-----------+--------+------------+------+--------------+-------------+---------------------
repmgr_slot_2 | | physical | | | f | t | 437854 | 979 | | 0/6122158 |
(1 行记录)