节点 | 系统 | IP | hosts名 | 业务 |
Node01 | CentOS x64 7.2.1511 | 10.10.231.149 | hanode01 | HAProxy+Keepalived |
Node02 | CentOS x64 7.2.1511 | 10.10.231.150 | hanode02 | HAProxy+Keepalived |
Node03 | CentOS x64 7.2.1511 | 10.10.231.126 | mariadbhanode01 | MariaDB+Galera |
Node04 | CentOS x64 7.2.1511 | 10.10.231.127 | mariadbhanode02 | MariaDB+Galera |
Node05 | CentOS x64 7.2.1511 | 10.10.231.131 | mariadbhanode03 | MariaDB+Galera |
一、基础配置
1、配置节点的ssh互信
[root@DS-VM-Node149 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [root@DS-VM-Node149 ~]# echo -e "150\n126\n127\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.10.231.{}
[root@DS-VM-Node150 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [root@DS-VM-Node150 ~]# echo -e "149\n126\n127\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.10.231.{}
[root@DS-VM-Node126 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [root@DS-VM-Node126 ~]# echo -e "150\n149\n127\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.10.231.{}
[root@DS-VM-Node127 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [root@DS-VM-Node127 ~]# echo -e "150\n126\n149\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.10.231.{}
[root@DS-VM-Node131 ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [root@DS-VM-Node131 ~]# echo -e "150\n126\n127\n149"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub root@10.10.231.{}
2、设置时间同步
[root@DS-VM-Node149 ~]# yum install ntpdate -y [root@DS-VM-Node149 ~]# ntpdate pool.ntp.org && echo '*/20 * * * * `which ntpdate` pool.ntp.org > /dev/null 2>&1' >> /var/spool/cron/root [root@DS-VM-Node149 ~]# echo -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "yum install ntpdate -y" [root@DS-VM-Node149 ~]# echo -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "ntpdate pool.ntp.org && echo '*/20 * * * * `which ntpdate` pool.ntp.org > /dev/null 2>&1' >> /var/spool/cron/root"
3、设置hosts
[root@DS-VM-Node149 ~]# echo -e '10.10.231.149\thanode01\n10.10.231.150\thanode02\n10.10.231.126\tmariadbhanode01\n10.10.231.127\tmariadbhanode02\n10.10.231.131\tmariadbhanode03' >> /etc/hosts [root@DS-VM-Node149 ~]# echo -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "echo -e '10.10.231.149\thanode01\n10.10.231.150\thanode02\n10.10.231.126\tmariadbhanode01\n10.10.231.127\tmariadbhanode02\n10.10.231.131\tmariadbhanode03' >> /etc/hosts"
4、关闭SELinux
[root@DS-VM-Node149 ~]# sed -i -e 's/SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux [root@DS-VM-Node149 ~]# echo -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "sed -i -e 's/SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux"
5、添加防火墙白名单
[root@DS-VM-Node149 ~]# iptables添加放行方法 (由于我已经将CentOS 7 上的FrieWall换成了iptables) ##CentOS 7 FrieWall改成iptables方法见http://www.dwhd.org/20160322_101301.html [root@DS-VM-Node149 ~]# iptables -N DB-Galera [root@DS-VM-Node149 ~]# iptables -I INPUT 3 -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j DB-Galera [root@DS-VM-Node149 ~]# iptables -I DB-Galera -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j ACCEPT [root@DS-VM-Node149 ~]# cho -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "iptables -N DB-Galera" [root@DS-VM-Node149 ~]# cho -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "iptables -I INPUT 3 -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j DB-Galera" [root@DS-VM-Node149 ~]# cho -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "iptables -I DB-Galera -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j ACCEPT" #4567 = Galera Cluster replication traffic. #873 = Rsync ports. #4444 = For all other State Snapshot Transfer (SST). #9200 = xinetd - clustercheck.
[root@DS-VM-Node149 ~]# FrieWall添加放行方法 [root@DS-VM-Node149 ~]# for i in 873 3306 4444 4567 4568 9200;do firewall-cmd --permanent --add-port=$i/tcp;done [root@DS-VM-Node149 ~]# cho -e "150\n126\n127\n131"|xargs -i ssh root@10.10.231.{} "for i in 873 3306 4444 4567 4568 9200;do firewall-cmd --permanent --add-port=$i/tcp;done"
二、Node01和Node02上编译安装HAproxy 1.5.18
1、Node01上编译安装HAproxy 1.5.18
[root@DS-VM-Node149 ~]# yum clean all && yum makecache [root@DS-VM-Node149 ~]# yum install pcre-devel openssl-devel -y [root@DS-VM-Node149 ~]# wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.18.tar.gz [root@DS-VM-Node149 ~]# tar xf haproxy-1.5.18.tar.gz [root@DS-VM-Node149 ~]# cd haproxy-1.5.18 [root@DS-VM-Node149 ~/haproxy-1.5.18]# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 [root@DS-VM-Node149 ~/haproxy-1.5.18]# make install && cd [root@DS-VM-Node149 ~]# which haproxy /usr/local/sbin/haproxy [root@DS-VM-Node149 ~]# haproxy -v HA-Proxy version 1.5.18 2016/05/10 Copyright 2000-2016 Willy Tarreau <willy@haproxy.org> [root@DS-VM-Node149 ~]# cp /usr/local/sbin/haproxy /usr/sbin/ [root@DS-VM-Node149 ~]# cp ~/haproxy-1.5.18/examples/haproxy /etc/init.d/haproxy [root@DS-VM-Node149 ~]# cp ~/haproxy-1.5.18/examples/haproxy.init /etc/init.d/haproxy [root@DS-VM-Node149 ~]# chmod +x /etc/init.d/haproxy [root@DS-VM-Node149 ~]# mkdir -pv /{etc,run,var/lib}/haproxy mkdir: 已创建目录 "/etc/haproxy" mkdir: 已创建目录 "/run/haproxy" mkdir: 已创建目录 "/var/lib/haproxy" [root@DS-VM-Node149 ~]# touch /var/lib/haproxy/stats
2、Node02上编译安装HAproxy 1.5.18
[root@DS-VM-Node150 ~]# yum clean all && yum makecache [root@DS-VM-Node150 ~]# yum install pcre-devel openssl-devel -y [root@DS-VM-Node150 ~]# wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.18.tar.gz [root@DS-VM-Node150 ~]# tar xf haproxy-1.5.18.tar.gz [root@DS-VM-Node150 ~]# cd haproxy-1.5.18 [root@DS-VM-Node150 ~/haproxy-1.5.18]# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 [root@DS-VM-Node150 ~/haproxy-1.5.18]# make install && cd [root@DS-VM-Node150 ~]# which haproxy /usr/local/sbin/haproxy [root@DS-VM-Node150 ~]# haproxy -v HA-Proxy version 1.5.18 2016/05/10 Copyright 2000-2016 Willy Tarreau <willy@haproxy.org> [root@DS-VM-Node150 ~]# cp /usr/local/sbin/haproxy /usr/sbin/ [root@DS-VM-Node150 ~]# cp ~/haproxy-1.5.18/examples/haproxy /etc/init.d/haproxy [root@DS-VM-Node150 ~]# cp ~/haproxy-1.5.18/examples/haproxy.init /etc/init.d/haproxy [root@DS-VM-Node150 ~]# chmod +x /etc/init.d/haproxy [root@DS-VM-Node150 ~]# mkdir -pv /{etc,run,var/lib}/haproxy mkdir: 已创建目录 "/etc/haproxy" mkdir: 已创建目录 "/run/haproxy" mkdir: 已创建目录 "/var/lib/haproxy" [root@DS-VM-Node150 ~]# touch /var/lib/haproxy/stats [root@DS-VM-Node149 ~]# useradd -r -s /sbin/nologin -d /etc/haproxy -M haproxy
三、Node01和Node02上编译安装keepalived
1、在Node01上编译安装keepalived
[root@DS-VM-Node149 ~]# wget http://www.keepalived.org/software/keepalived-1.2.20.tar.gz [root@DS-VM-Node149 ~]# tar xf keepalived-1.2.20.tar.gz [root@DS-VM-Node149 ~]# cd keepalived-1.2.20/ [root@DS-VM-Node149 ~/keepalived-1.2.20]# ./configure --prefix=/usr/local/keepalived --sysconfdir=/etc --with-kernel-dir=/usr/src/kernels/`uname -r` --enable-sha1 [root@DS-VM-Node149 ~/keepalived-1.2.20]# make -j $(awk '/processor/{i++}END{print i}' /proc/cpuinfo) && make install && cd .. [root@DS-VM-Node149 ~]# scp keepalived-1.2.20.tar.gz root@hanode02:~ [root@DS-VM-Node149 ~]# echo "export PATH=/usr/local/keepalived/sbin:\$PATH" > /etc/profile.d/keepalived.sh [root@DS-VM-Node149 ~]# . /etc/profile.d/keepalived.sh [root@DS-VM-Node149 ~]# mv /etc/keepalived/keepalived.conf{,_`date "+%F"`_backup} [root@DS-VM-Node149 ~]# ln -sv /usr/local/keepalived/sbin/keepalived /usr/sbin/
2、在Node02上编译安装keepalived
[root@DS-VM-Node150 ~]# tar xf keepalived-1.2.20.tar.gz [root@DS-VM-Node150 ~]# cd keepalived-1.2.20/ [root@DS-VM-Node150 ~/keepalived-1.2.20]# ./configure --prefix=/usr/local/keepalived --sysconfdir=/etc --with-kernel-dir=/usr/src/kernels/`uname -r` --enable-sha1 [root@DS-VM-Node150 ~/keepalived-1.2.20]# make -j $(awk '/processor/{i++}END{print i}' /proc/cpuinfo) && make install && cd .. [root@DS-VM-Node150 ~]# echo "export PATH=/usr/local/keepalived/sbin:\$PATH" > /etc/profile.d/keepalived.sh [root@DS-VM-Node150 ~]# . /etc/profile.d/keepalived.sh [root@DS-VM-Node150 ~]# mv /etc/keepalived/keepalived.conf{,_`date "+%F"`_backup} [root@DS-VM-Node150 ~]# ln -sv /usr/local/keepalived/sbin/keepalived /usr/sbin/
四、在Node03、Node04、Node05上安装MariaDB Galera
[root@DS-VM-Node126 ~]# curl -Ls onekey.sh/mariadb_galera|bash [root@DS-VM-Node126 ~]# echo -e "127\n131"|xargs -i ssh root@10.10.231.{} "curl -Ls onekey.sh/mariadb_galera|bash"
您可以选择一种方式赞助本站
支付宝扫一扫赞助
微信钱包扫描赞助
赏