Corosync: It belongs to the Openais (Open Application Interface Specification) in a project Corosync a version of itself does not have the voting function, after Corosync 2.0 introduced Votequorum subsystem also has the voting function, if we use the 1 version of the , but also need to use the votes to make the decision of how to be good, of course, in Red Hat Cman + Corosync combined with, but early cman and pacemaker can not combine, if want to use pacemaker and want to use voting function, That cman as Corosync plug-in to use, Cman as a corodync voting function, of course, here combined with two messaging lader;corosync there are currently two mainstream versions: one is 2 series, the other is the 1 series of stable version ; 2 version and 1 version is very different, 1 version does not have a voting function, 2 version after the introduction of Votequorum support voting function;
Openais Since its inception, Red Hat has developed a high-availability cluster solution based on this specification called Cman, and provides Cman with Rgmangaer as a resource manager, and the management interface for the full lifecycle of the conga is formed RHCs;
Conrosync is a project that branched out of Openais, and pacemaker is a component of the heartbeat V3 release dedicated to providing CRM for highly available clusters, which is very powerful Coreosync in the delivery of information can be through a simple configuration file to define the way and protocol of information transmission, Corosync can provide a complete ha function, Corosync is the future development direction, in future new projects, generally use Corosync, The Heartbeat_gui can provide a good ha management function, can realize the graphical management.
Pacemaker is a cluster manager. It leverages the messaging and membership capabilities of the preferred cluster infrastructure (OpenAIS or heartbeat) for fault detection and recovery by secondary nodes and systems, enabling high availability of clustered services (also known as resources).
Corosync+pacemaker: It is best to have more than three nodes in the configuration of Corosync, and the number of nodes is odd number, if the use of an even number of nodes, it does not matter, just to close the decision-making policy function that does not have the legal votes;
Topology
Implementation process:
1, dual-machine trust needs to be set up, the hosts file needs to be resolved, time to synchronize 8.39, 8.42, 8.40
#vim/etc/hosts
# hostname node2.chinasoft.comvim/etc/hosts192.168.8.39 node2.chinasoft.com node2192.168.8.42 node2.chinasoft.com Node4 Configure SSH password-free access node2 and node4# ssh-keygen-t rsa-p ' # ssh-copy-id-i on ansible server 8.40. ssh/id_rsa.pub [email protected]. chinasoft.com# ssh-copy-id-i. ssh/id_rsa.pub [email protected] Test succeeded # ssh node2.chinasoft.com ' date ';d ate# ssh Node4.chinasoft.com ' Date ';d ate
2. Installation time Server client (time server 192.168.8.102) # yum Install-y NTP
# vim/etc/ntp.conf
Join
Server 192.168.8.102
Start the NTP client and synchronize the time manually, followed by automatic smooth synchronization
# service NTPD Start
# Ntpdate-u 192.168.102
3, install Corosync, here we use ansible to install, to use ansible on a host to operate more than one host need to install ansible beforehand, then here we first said installation and configuration using Ansible, installation ansible can also be installed with Yum:
# yum Install-y epel-relase
# yum Install-y ansible1.9
# vim/etc/ansible/hosts The contents of the inside Out, add your node below hostname
[Corosync]
Node2.chinasoft.com
Node4.chinasoft.com
Here we use 192.168.8.40 this host installs Ansible, Operation 192.168.8.39 and 192.168.8.42 these two hosts, tests:
# ansible corosync-m shell-a ' Date '
node2.chinasoft.com | Success | Rc=0 >>
Tue APR 20:48:07 CST 2016
node1.chinasoft.com | Success | Rc=0 >>
Tue APR 20:48:07 CST 2016--Test successful, color green when successful
4, installation Corosync good, ready to work well after you can install Corosync, use Ansible to see if two nodes have been installed Corosync ( It is best to use centos6.5 CD as a yum source to install, test if it is not centos6.5 CD-ROM with a dependent package installation, error can not be tested):
Here we configure 8.20 as an HTTP Yum source (this yum source package comes from the centos6.5 CD-ROM)
Process:
# CD/ETC/YUM.REPOS.D
The default Yum source backup is turned off
# MV Centos-base.repo Centos-base.repo.bak
Join our own Yum source
# Vim Localyum.repo
[base]name=localyumbaseurl=http://192.168.8.20gpgcheck=0gpgkey=file:///etc/pki/rpm-gpg/rpm-gpg-key-centos-6[ Updates]name=localyumbaseurl=http://192.168.8.20gpgcheck=0gpgkey=file:///etc/pki/rpm-gpg/rpm-gpg-key-centos-6
Clean down the cache and you can
# Yum Clean All
# yum Makecache
# ansible Corosync-a "Rpm-q corosync"
node2.chinasoft.com | FAILED | Rc=1 >>
Package Corosync are not installed
node1.chinasoft.com | FAILED | Rc=1 >>
Package Corosync are not installed
# ansible corosync-m yum-a "Name=corosync state=present" all outputs shown as green instructions for successful installation
# ansible Corosync-a "Rpm-q corosync" Check the installation version of Corosync again.
node2.chinasoft.com | Success | Rc=0 >>
Corosync-1.4.7-2.el6.x86_64
node4.chinasoft.com | Success | Rc=0 >>
Corosync-1.4.7-2.el6.x86_64
In one of these nodes such as node2.chinasoft.com (8.39) is configured:
# cp/etc/corosync/corosync.conf.example/etc/corosync/corosync.conf Copy a sample configuration file for Corosync
# vim/etc/corosync/corosync.conf Edit Config file modify the following content
Compatibility:whitetank #这个表示是否兼容0. Version Totem {#图腾, which is used to define how the nodes in the cluster communicate and the parameters Version:2 #图腾的协议版本, it is a kind of association Protocol is a version of the protocol that is used for each node to communicate with each other, which is the definition version of the Secauth:on #表示安全认证功能是否启用的 threads:0 #实现认证时的并行线程数, 0 means the default configuration interface {# Specifies on which interface the heartbeat information is sent, it is a sub-module ringnumber:0 #环号码, there are multiple nodes in the cluster, there are multiple network cards on each node, the other nodes can receive, while our native A network card can also be received, in order to avoid this information in such a loop send, so to define a unique ring number for this network card, to avoid heartbeat information loop sent. bindnetaddr:192.168.8.0 # Bound Network address mcastaddr:226.95.1.188 #多播地址, one-to-many communication mcastport:5 405 # Multicast Port Ttl:1 # indicates that only one time}}logging {# is associated with the log Fileline:off to _stderr:no # Indicates if a send to error output To_logfile:yes #是不是送给日志文件 To_syslog:no is required #是不是送给系统日志 LogFile:/var/log/cluster/corosync.log #日志文件路径 debug:off #是否启动调试 timestamp:on #日志是否需要 Record timestamp Logger_subsys {#日志的子系统 SUBSYS:AMF Debug:off}}AMF {# Mode:disabled}service associated with programming interface {#定义一个服务来启动pacemaker ver:0 #定义版本 Name:pacemaker #这个表示启动corosync时会自动启动pacemaker}aisexec {#表示启动ais的功能时以哪个用户的身份去运行的 user:root group:root #其实这个块定义不定义都可以, corosync default is to run as root}
Here we change a random number pool, and then copy the configured Corosync configuration and authentication files to another node:
For Corosync, the communication between our nodes must be able to achieve security authentication, to use a key file:
# corosync-keygen # Generate key file for two-machine communication mutual trust, will generate a Authkey file
Also open a window to install the LFTP command, and get a larger file via FTP
# yum Install-y lftp
# lftp 192.168.8.53-uadmin,pass
> Get Bigdata.zip
# Corosync-keygen
Corosync Cluster Engine authentication key generator.
Gathering 1024x768 bits for key from/dev/random.
Press keys on your keyboard to generate entropy.
Press keys on your keyboard to generate entropy (bits = 848).
Press keys on your keyboard to generate entropy (bits = 912).
Press keys on your keyboard to generate entropy (bits = 976).
Writing corosync key To/etc/corosync/authkey.
# SCP Authkey corosync.conf node4.chinasoft.com:/etc/corosync Copy These two files to the Corosync configuration file on the other node on the configured node
# scp-p Authkey corosync.conf Node4.chinasoft.com:/etc/corosync
-bash:scp:command not found
# yum Install Openssh-clients-y
Attention:
The Corosync-keygen command generates a key when it uses/dev/random
/dev/random is a random number generator under a Linux system that generates random numbers from an address space in the current system's memory called the entropy pool based on a system outage, and the cryptographic program or key generator uses a large number of random numbers, and random numbers are not sufficient. Is that once the random number in the entropy pool is emptied, it blocks the current system process waiting for the interrupt to generate a random number;
Since the 1024-bit-length key is used here, there may be a situation where the random number in the entropy pool is not sufficient, and the two solutions are blocked at the time of the key generation:
1, manually enter a large number of characters on the keyboard, resulting in system interruption (slow generation of interrupts, not recommended)
2, the Internet or FTP server to download large files (resulting in a faster interruption, the recommended use)
Installing pacemaker
# ansible corosync-m yum-a "Name=pacemaker state=present"
If we want to use pacemaker configuration, we need to install a pacemaker interface, its interface is called Crmshell, it is in the new version of the pacemaker has been independent, is no longer part of the pacemaker, Early loaded on the pacemaker will be self-contained crmshell, so want to use Crmshell words to install Crmshell, and install Crmshell and rely on PSSH related package, so we have to install the two components, (here the two packages are their own workpiece), Which node configuration is installed on which node is available, and no two nodes are required to install both packages:
crmsh-1.2.6-4.el6.x86_64.rpm
pssh-2.3.1-2.el6.x86_64.rpm
# yum-y Install crmsh-1.2.6-4.el6.x86_64.rpm pssh-2.3.1-2.el6.x86_64.rpm
Everything is OK. After you can start the service, two nodes need to be started:
# service Corosync Start
# grep Totem/var/log/cluster/corosync.log
APR 20:35:52 Corosync [TOTEM] Initializing Transport (UDP/IP multicast).
APR 20:35:52 Corosync [TOTEM] Initializing transmit/receive security:libtomcrypt sober128/sha1hmac (mode 0).
APR 20:35:52 Corosync [TOTEM] The network interface [192.168.8.39] is now up.
APR 20:35:52 Corosync [TOTEM] A processor joined or left the membership and A new membership was formed.
APR 20:35:52 Corosync [TOTEM] A processor joined or left the membership and A new membership was formed.
APR 20:36:00 Corosync [TOTEM] A processor joined or left the membership and A new membership was formed.
APR 20:36:00 Corosync [TOTEM] A processor joined or left the membership and A new membership was formed.
# CRM Status
Last Updated:thu Apr 21 20:38:16 2016
Last Change:thu April 20:35:31 via CRMD on node4.chinasoft.com
Stack:classic Openais (with plugin)
Current dc:node2.chinasoft.com-partition with Quorum
version:1.1.10-14.el6-368c726
2 Nodes configured, 2 expected votes
0 Resources configured
Online: [node2.chinasoft.com node4.chinasoft.com]
Here CRM is a very complex command that can be entered directly on the command line CRM into the CRM command line mode: # CRM
So here, how do we configure a resource, although it is slightly different from heartbeat, but the concept is basically the same, let's configure a Web resource now!
Since our Corosync default is to enable the Stonith feature, but we do not have stonith device here, if we go directly to configure resources, because there is no stonith function, so the switch of the resources will not be completed, so to disable the Stonith function, But disabling stonoith requires us to configure the global Stonith property of the cluster, and the global attribute is valid for all nodes;
# CRM Configure #进入crm命令行模式配置资源等crm (Live) configure# property #切换到property目录下, you can use the TAB key two times to complete and view usage: property [$id =<set_id>] <option>=<value> # Property usage and format CRM (live) configure# property Stonith-enabled=false #禁用stonith-enabledcrm (Live) configure# verify #检查设置的属性是否正确crm (live) configure# Commit #检查没问题就可以提交了crm (live) configure# show #查看当前集群的所有配置信息node node2.chinasoft.comnode node4.chinasoft.com #两个节点property $id = "Cib-bootstrap-options" \ dc-version= "1.1.10-14.el6-368c726" \ #DC的版本号cluster-infrastructure= "Classic Openais (with plugin) \ #集群的基础架构, using Openais, plug-in expected-quorum-votes=" 2 "\ #期望节点的票数stonith-enabled= "false" #禁用stonith功能crm (live) configure#
Note: If a node is hung, it will not have the legal votes, the resources will not be switched
There are several strategies for clustering:
Stopped: Stop service
Ignore: Ignore, continue running
Freeze: Frozen, connected request continues to respond, new request no longer responds
Suicide: Kill yourself, kill the service
Here we define a Web resource, how to define a resource, and before we define a Web resource we start testing whether our web service is working properly and provide them with two different pages to differentiate:
# ansible corosync-a "service httpd start"
# ansible Corosync-a "Chkconfig httpd off"
Don't let Apache start randomly, let pacemaker to manage
# ansible Corosync-a "Chkconfig--list httpd"
node4.chinasoft.com | Success | Rc=0 >>
httpd 0:off1:off 2:off3:off 4:off5:off 6:off
node2.chinasoft.com | Success | Rc=0 >>
httpd 0:off1:off 2:off3:off 4:off5:off 6: Off
Then enter CRM to define the resources we need:
Define a group and add the resources defined later to the group:
# Group Weservice Webip webserver
CRM (Live) # CONFIGURECRM (live) configure# Group WebService Webip Webservercrm (Live) configure# VERIFYCRM (live) Configure # COMMITCRM (Live) configure# shownode node2.chinasoft.comnode node4.chinasoft.comprimitive webip ocf:heartbeat:IPaddr params ip= "192.168.8.77" primitive webserver lsb:httpdgroup WebService webip webserverproperty $id = " Cib-bootstrap-options "dc-version=" 1.1.10-14.el6-368c726 "cluster-infrastructure=" Classic Openais (with plugin) " Expected-quorum-votes= "2" stonith-enabled= "false" CRM (live) configure# Cdcrm (live) # Statuslast Updated:thu APR 21 20:57:15 2016Last Change:thu Apr 20:56:58 via cibadmin on Node2.chinasoft.comStack:classic Openais (with plugin) Current dc:node4.chinasoft.com-partition with quorumversion:1.1.10-14.el6-368c7262 Nodes configured, 2 expected Votes2 Resources configuredonline: [node2.chinasoft.com node4.chinasoft.com] Resource group:webservice Webip (OCF::HEARTB EAT:IPADDR): Started node2.chinasoft.com webserver (lsb:httpd): Started nOde2.chinasoft.com
OK, we test on the page, now is running on the Node2, we see is not node2 on the page content, of course, the real environment of our two Web page content should be the same, here to show the difference in order to set two different page content:
To take the Node2 node offline:
If let Node2 on-line it will not be reversed, because we do not define its tendency and fault back, so node2 come back to it, and service is still running on the node4;
CRM (live) # node
CRM (Live) node# online node2.chinasoft.com get Node2 back online
End:
Here we are the configuration and operation of the service, of course, we also need other functions we can add, such as the arrangement of constraints, preference definition, or add the other resources come in are all can be added to each other, we can add a reason to define the high availability of the cluster we need
issues to be aware of when configuring:
1. The two node hosts doing the Corosync experiment have the best system version, preferably using centos6.5, and using the CD to do the Yum source
2. Through the CRM Status command found only to see their own node, no error but # Serevice pacemaker start recognition, the problem is because the firewall and SELinux, turn off the firewall and SELinux can
# SETENFROCE 0
# Service Iptables Stop
# CRM Status
Last Updated:thu Apr 21 20:23:13 2016
Last Change:thu April 20:14:48 via Cibadmin on node4.chinasoft.com
Stack:classic Openais (with plugin)
Current Dc:none
1 Nodes configured, 2 expected votes
0 Resources configured
OFFLINE: [node4.chinasoft.com]
CentOS 6.5 uses Corosync + pacemaker for high availability of httpd services
