
主机 IP地址 功能
node4.51yuki.cn web服务(nginx),HA节点
node5.51yuki.cn web服务(nginx),HA节点
nfs.51yuki.cn 提供nfs服务
[www@nfs ~]$ sudo ntpdate time1.aliyun.com
[www@nfs ~]$ crontab -e
*/5 * * * * ntpdate time1.aliyun.com &>/dev/null
[www@node4 ~]$ sudo ntpdate time1.aliyun.com
24 Jan 21:52:55 ntpdate[15537]: step time server offset 106.394191 sec
[www@node4 ~]$ crontab -e
no crontab for www - using an empty one
*/5 * * * * ntpdate time1.aliyun.com &>/dev/null
[www@node5 ~]$ sudo ntpdate time1.aliyun.com
24 Jan 21:52:55 ntpdate[15537]: step time server offset 106.394191 sec
[www@node5 ~]$ crontab -e
no crontab for www - using an empty one
*/5 * * * * ntpdate time1.aliyun.com &>/dev/null
[www@node5 ~]$ sudo vim /etc/hosts localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 node4.51yuki.cn node4 node5.51yuki.cn node5
[www@node5 ~]$ sudo scp /etc/hosts www@
The authenticity of host ' (' can't be established.
ECDSA key fingerprint is SHA256:Tqbq1rIMJKlN8PwdXlB6WXWz0TEWaklc+Qc+pdRh1gA.
ECDSA key fingerprint is MD5:65:e0:a7:8d:f7:b2:9b:d3:b2:e2:83:26:4e:3f:bf:8a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (ECDSA) to the list of known hosts.
www@'s password:
Permission denied, please try again.
www@'s password:
[www@node5 ~]$ ssh www@ "sudo cp /tmp/hosts /etc/hosts"
The authenticity of host ' (' can't be established.
ECDSA key fingerprint is SHA256:Tqbq1rIMJKlN8PwdXlB6WXWz0TEWaklc+Qc+pdRh1gA.
ECDSA key fingerprint is MD5:65:e0:a7:8d:f7:b2:9b:d3:b2:e2:83:26:4e:3f:bf:8a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (ECDSA) to the list of known hosts.
www@'s password:
[www@node4 ~]$ ssh-keygen -t rsa
[www@node4 ~]$ ssh-copy-id -i .ssh/id_rsa.pub www@
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
www@'s password:
Permission denied, please try again.
www@'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'www@'"
and check to make sure that only the key(s) you wanted were added.
[www@node5 ~]$ ssh-copy-id -i .ssh/id_rsa.pub www@node4
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: ".ssh/id_rsa.pub"
The authenticity of host 'node4 (' can't be established.
ECDSA key fingerprint is SHA256:Tqbq1rIMJKlN8PwdXlB6WXWz0TEWaklc+Qc+pdRh1gA.
ECDSA key fingerprint is MD5:65:e0:a7:8d:f7:b2:9b:d3:b2:e2:83:26:4e:3f:bf:8a.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
www@node4's password:
Permission denied, please try again.
www@node4's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'www@node4'"
and check to make sure that only the key(s) you wanted were added.
[www@node4 ~]$ sudo yum -y install pacemaker pcs psmisc policycoreutils-python corosync
[www@node5 ~]$ sudo yum -y install pacemaker pcs psmisc policycoreutils-python corosync
(一般情况安装pcs即可,yum -y install pcs)
[www@node4 ~]$ sudo systemctl enable pcsd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/pcsd.service to /usr/lib/systemd/system/pcsd.service.
[www@node4 ~]$ sudo systemctl start pcsd.service
[www@node5 ~]$ sudo systemctl enable pcsd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/pcsd.service to /usr/lib/systemd/system/pcsd.service.
[www@node5 ~]$ sudo systemctl start pcsd.service
[www@node4 ~]$ echo "Aa123456" | sudo passwd --stdin hacluster
Changing password for user hacluster.
passwd: all authentication tokens updated successfully.
[www@node5 ~]$ echo "Aa123456" | sudo passwd --stdin hacluster
Changing password for user hacluster.
passwd: all authentication tokens updated successfully.
第三步: 配置集群 (在node4或node5任意节点上操作,我这边在node4节点上配置)
cluster: Configure cluster options and nodes 配置集群节点和选项
[www@node4 ~]$ sudo pcs cluster auth node4.51yuki.cn node5.51yuki.cn
Username: hacluster
node4.51yuki.cn: Authorized
node5.51yuki.cn: Authorized
[www@node5 ~]$ sudo pcs cluster auth node4.51yuki.cn node5.51yuki.cn
node4.51yuki.cn: Already authorized
node5.51yuki.cn: Already authorized
[www@node4 ~]$ sudo pcs cluster setup --name nginx_cluster node4.51yuki.cn node5.51yuki.cn
Destroying cluster on nodes: node4.51yuki.cn, node5.51yuki.cn...
node4.51yuki.cn: Stopping Cluster (pacemaker)...
node5.51yuki.cn: Stopping Cluster (pacemaker)...
node5.51yuki.cn: Successfully destroyed cluster
node4.51yuki.cn: Successfully destroyed cluster
Sending 'pacemaker_remote authkey' to 'node4.51yuki.cn', 'node5.51yuki.cn'
node4.51yuki.cn: successful distribution of the file 'pacemaker_remote authkey'
node5.51yuki.cn: successful distribution of the file 'pacemaker_remote authkey'
Sending cluster config files to the nodes...
node4.51yuki.cn: Succeeded
node5.51yuki.cn: Succeeded
Synchronizing pcsd certificates on nodes node4.51yuki.cn, node5.51yuki.cn...
node4.51yuki.cn: Success
node5.51yuki.cn: Success
Restarting pcsd on the nodes in order to reload the certificates...
node4.51yuki.cn: Success
node5.51yuki.cn: Success
[www@node4 ~]$ sudo pcs cluster start --all
[www@node5 ~]$ sudo pcs cluster start --all
[www@node4 ~]$ cd /etc/corosync/
[www@node4 corosync]$ ll
total 16
-rw-r--r--. 1 root root 408 Jan 24 22:52 corosync.conf
-rw-r--r--. 1 root root 2881 Sep 7 00:53 corosync.conf.example
-rw-r--r--. 1 root root 767 Sep 7 00:53 corosync.conf.example.udpu
-rw-r--r--. 1 root root 3278 Sep 7 00:53 corosync.xml.example
drwxr-xr-x. 2 root root 6 Sep 7 00:53 uidgid.d
- 第一章:集群理论介绍
- 第二章:共享存储
- 第一节:搭建基于 IP SAN 的 ISCSI 存储系统(在centos6系统)
- 第二节:基于openfiler搭建共享存储
- 第三章:高可用HA集群
- 第一节:Heartbeat高可用集群
- 第二节:corosync+pacemaker高可用nginx集群
- 第四章:反向代理(负载均衡)集群
- 第一部分:haproxy服务
- 第一节:haproxy基本介绍
- 第二节:在Centos7安装HAProxy
- 第三节: haproxy配置文件参数详解
- 第四节:haproxy+nginx+mysql+discuz
- 第五节:haproxy配置文件
- 第六节: Haproxy搭建全站ssl