节点 | 系统 | IP | hosts名 | 业务 |
Node01 | CentOS x64 7.2.1511 | 10.10.231.149 | hanode01 | HAProxy+Keepalived |
Node02 | CentOS x64 7.2.1511 | 10.10.231.150 | hanode02 | HAProxy+Keepalived |
Node03 | CentOS x64 7.2.1511 | 10.10.231.126 | mariadbhanode01 | MariaDB+Galera |
Node04 | CentOS x64 7.2.1511 | 10.10.231.127 | mariadbhanode02 | MariaDB+Galera |
Node05 | CentOS x64 7.2.1511 | 10.10.231.131 | mariadbhanode03 | MariaDB+Galera |
一、基础配置
1、配置节点的ssh互信
[[email protected] ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [[email protected] ~]# echo -e "150\n126\n127\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected].{}
[[email protected] ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [[email protected] ~]# echo -e "149\n126\n127\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected].{}
[[email protected] ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [[email protected] ~]# echo -e "150\n149\n127\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected].{}
[[email protected] ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [[email protected] ~]# echo -e "150\n126\n149\n131"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected].{}
[[email protected] ~]# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' [[email protected] ~]# echo -e "150\n126\n127\n149"|xargs -i ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected].{}
2、设置时间同步
[[email protected] ~]# yum install ntpdate -y [[email protected] ~]# ntpdate pool.ntp.org && echo '*/20 * * * * `which ntpdate` pool.ntp.org > /dev/null 2>&1' >> /var/spool/cron/root [[email protected] ~]# echo -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "yum install ntpdate -y" [[email protected] ~]# echo -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "ntpdate pool.ntp.org && echo '*/20 * * * * `which ntpdate` pool.ntp.org > /dev/null 2>&1' >> /var/spool/cron/root"
3、设置hosts
[[email protected] ~]# echo -e '10.10.231.149\thanode01\n10.10.231.150\thanode02\n10.10.231.126\tmariadbhanode01\n10.10.231.127\tmariadbhanode02\n10.10.231.131\tmariadbhanode03' >> /etc/hosts [[email protected] ~]# echo -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "echo -e '10.10.231.149\thanode01\n10.10.231.150\thanode02\n10.10.231.126\tmariadbhanode01\n10.10.231.127\tmariadbhanode02\n10.10.231.131\tmariadbhanode03' >> /etc/hosts"
4、关闭SELinux
[[email protected] ~]# sed -i -e 's/SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux [[email protected] ~]# echo -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "sed -i -e 's/SELINUX=permissive/SELINUX=disabled/g' /etc/sysconfig/selinux"
5、添加防火墙白名单
[[email protected] ~]# iptables添加放行方法 (由于我已经将CentOS 7 上的FrieWall换成了iptables) ##CentOS 7 FrieWall改成iptables方法见http://www.dwhd.org/20160322_101301.html [[email protected] ~]# iptables -N DB-Galera [[email protected] ~]# iptables -I INPUT 3 -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j DB-Galera [[email protected] ~]# iptables -I DB-Galera -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j ACCEPT [[email protected] ~]# cho -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "iptables -N DB-Galera" [[email protected] ~]# cho -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "iptables -I INPUT 3 -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j DB-Galera" [[email protected] ~]# cho -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "iptables -I DB-Galera -s 10.0.0.0/8 -p tcp -m state --state NEW -m multiport --dports 873,3306,4444,4567,4568,9200 -j ACCEPT" #4567 = Galera Cluster replication traffic. #873 = Rsync ports. #4444 = For all other State Snapshot Transfer (SST). #9200 = xinetd - clustercheck.
[[email protected] ~]# FrieWall添加放行方法 [[email protected] ~]# for i in 873 3306 4444 4567 4568 9200;do firewall-cmd --permanent --add-port=$i/tcp;done [[email protected] ~]# cho -e "150\n126\n127\n131"|xargs -i ssh [email protected].{} "for i in 873 3306 4444 4567 4568 9200;do firewall-cmd --permanent --add-port=$i/tcp;done"
二、Node01和Node02上编译安装HAproxy 1.5.18
1、Node01上编译安装HAproxy 1.5.18
[[email protected] ~]# yum clean all && yum makecache [[email protected] ~]# yum install pcre-devel openssl-devel -y [[email protected] ~]# wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.18.tar.gz [[email protected] ~]# tar xf haproxy-1.5.18.tar.gz [[email protected] ~]# cd haproxy-1.5.18 [[email protected] ~/haproxy-1.5.18]# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 [[email protected] ~/haproxy-1.5.18]# make install && cd [[email protected] ~]# which haproxy /usr/local/sbin/haproxy [[email protected] ~]# haproxy -v HA-Proxy version 1.5.18 2016/05/10 Copyright 2000-2016 Willy Tarreau <[email protected]> [[email protected] ~]# cp /usr/local/sbin/haproxy /usr/sbin/ [[email protected] ~]# cp ~/haproxy-1.5.18/examples/haproxy /etc/init.d/haproxy [[email protected] ~]# cp ~/haproxy-1.5.18/examples/haproxy.init /etc/init.d/haproxy [[email protected] ~]# chmod +x /etc/init.d/haproxy [[email protected] ~]# mkdir -pv /{etc,run,var/lib}/haproxy mkdir: 已创建目录 "/etc/haproxy" mkdir: 已创建目录 "/run/haproxy" mkdir: 已创建目录 "/var/lib/haproxy" [[email protected] ~]# touch /var/lib/haproxy/stats
2、Node02上编译安装HAproxy 1.5.18
[[email protected] ~]# yum clean all && yum makecache [[email protected] ~]# yum install pcre-devel openssl-devel -y [[email protected] ~]# wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.18.tar.gz [[email protected] ~]# tar xf haproxy-1.5.18.tar.gz [[email protected] ~]# cd haproxy-1.5.18 [[email protected] ~/haproxy-1.5.18]# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 [[email protected] ~/haproxy-1.5.18]# make install && cd [[email protected] ~]# which haproxy /usr/local/sbin/haproxy [[email protected] ~]# haproxy -v HA-Proxy version 1.5.18 2016/05/10 Copyright 2000-2016 Willy Tarreau <[email protected]> [[email protected] ~]# cp /usr/local/sbin/haproxy /usr/sbin/ [[email protected] ~]# cp ~/haproxy-1.5.18/examples/haproxy /etc/init.d/haproxy [[email protected] ~]# cp ~/haproxy-1.5.18/examples/haproxy.init /etc/init.d/haproxy [[email protected] ~]# chmod +x /etc/init.d/haproxy [[email protected] ~]# mkdir -pv /{etc,run,var/lib}/haproxy mkdir: 已创建目录 "/etc/haproxy" mkdir: 已创建目录 "/run/haproxy" mkdir: 已创建目录 "/var/lib/haproxy" [[email protected] ~]# touch /var/lib/haproxy/stats [[email protected] ~]# useradd -r -s /sbin/nologin -d /etc/haproxy -M haproxy
三、Node01和Node02上编译安装keepalived
1、在Node01上编译安装keepalived
[[email protected] ~]# wget http://www.keepalived.org/software/keepalived-1.2.20.tar.gz [[email protected] ~]# tar xf keepalived-1.2.20.tar.gz [[email protected] ~]# cd keepalived-1.2.20/ [[email protected] ~/keepalived-1.2.20]# ./configure --prefix=/usr/local/keepalived --sysconfdir=/etc --with-kernel-dir=/usr/src/kernels/`uname -r` --enable-sha1 [[email protected] ~/keepalived-1.2.20]# make -j $(awk '/processor/{i++}END{print i}' /proc/cpuinfo) && make install && cd .. [[email protected] ~]# scp keepalived-1.2.20.tar.gz [email protected]:~ [[email protected] ~]# echo "export PATH=/usr/local/keepalived/sbin:\$PATH" > /etc/profile.d/keepalived.sh [[email protected] ~]# . /etc/profile.d/keepalived.sh [[email protected] ~]# mv /etc/keepalived/keepalived.conf{,_`date "+%F"`_backup} [[email protected] ~]# ln -sv /usr/local/keepalived/sbin/keepalived /usr/sbin/
2、在Node02上编译安装keepalived
[[email protected] ~]# tar xf keepalived-1.2.20.tar.gz [[email protected] ~]# cd keepalived-1.2.20/ [[email protected] ~/keepalived-1.2.20]# ./configure --prefix=/usr/local/keepalived --sysconfdir=/etc --with-kernel-dir=/usr/src/kernels/`uname -r` --enable-sha1 [[email protected] ~/keepalived-1.2.20]# make -j $(awk '/processor/{i++}END{print i}' /proc/cpuinfo) && make install && cd .. [[email protected] ~]# echo "export PATH=/usr/local/keepalived/sbin:\$PATH" > /etc/profile.d/keepalived.sh [[email protected] ~]# . /etc/profile.d/keepalived.sh [[email protected] ~]# mv /etc/keepalived/keepalived.conf{,_`date "+%F"`_backup} [[email protected] ~]# ln -sv /usr/local/keepalived/sbin/keepalived /usr/sbin/
四、在Node03、Node04、Node05上安装MariaDB Galera
[[email protected] ~]# curl -Ls onekey.sh/mariadb_galera|bash [[email protected] ~]# echo -e "127\n131"|xargs -i ssh root@10.10.231.{} "curl -Ls onekey.sh/mariadb_galera|bash"
您可以选择一种方式赞助本站
支付宝扫一扫赞助
微信钱包扫描赞助
赏