实验目的:使用corosync作为集群消息事务层(Massage Layer),pacemaker作为集群资源管理器(Cluster Resource Management),pcs作为CRM的管理接口工具。要求实现httpd的高可用功能。
环境:centos 6.9
Pacemaker: 1.1.15
Pcs: 0.9.155

  1. 配置SSH双机互信;
  2. 配置主机名解析/etc/hosts文件;
  3. 关闭防火墙:service iptables stop
  4. 关闭selunux:setenforce 0
  5. 关闭networkmanager: chkconfig NetworkManager off 、service NetworkManager stop
    一、 软件安装
    使用yum源可以直接安装corosync pacemaker以及pcs软件:
    yum install corosync pacemaker pcs -y

二、 开启pcsd服务,两台都要开启
Service pcsd start

[root@node1 ~]# service pcsd start
Starting pcsd: [ OK ]
[root@node1 ~]#
[root@node1 ~]#
[root@node1 ~]# ssh node2 "service pcsd start"
Starting pcsd: [ OK ]
[root@node1 ~]#

三、 设置hacluster账号的密码,两台都要设置
[root@node1 ~]# grep "hacluster" /etc/passwd
hacluster:x:496:493:heartbeat user:/var/lib/heartbeat/cores/hacluster:/sbin/nologin
[root@node2 ~]# passwd hacluster
Changing password for user hacluster.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@node2 ~]#

四、 配置corosync,生成/etc/cluster/cluster.conf文件,在指定的节点上给pcs与pcsd完成认证。
[root@node1 ~]# pcs cluster auth node1 node2
Username: hacluster //输入上面设置的帐户及密码
node1: Authorized
Error: Unable to communicate with node2

[root@node1 ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@node1 ~]#
[root@node1 ~]#
[root@node1 ~]# getenforce

[root@node1 ~]# pcs cluster auth node1 node2
Username: hacluster
node1: Authorized
node2: Authorized
tcp 0 0 :::2224 :::* LISTEN 2303/ruby
备注:务必要关闭防火墙,或者配置iptables放行tcp 2224端口。

pcs cluster setup --name mycluster node1 node2 设置集群相关的参数
[root@node1 corosync]# pcs cluster setup --name webcluster node1 node2 --force
Destroying cluster on nodes: node1, node2...
node1: Stopping Cluster (pacemaker)...
node2: Stopping Cluster (pacemaker)...
node1: Successfully destroyed cluster
node2: Successfully destroyed cluster

Sending cluster config files to the nodes...
node1: Updated cluster.conf...
node2: Updated cluster.conf...

Synchronizing pcsd certificates on nodes node1, node2...
node1: Success
node2: Success

Restarting pcsd on the nodes in order to reload the certificates...
node1: Success
node2: Success

[root@node1 corosync]# cat /etc/cluster/cluster.conf //生成的配置文件
<cluster config_version="9" name="webcluster">
<clusternode name="node1" nodeid="1">
<method name="pcmk-method">
<device name="pcmk-redirect" port="node1"/>
<clusternode name="node2" nodeid="2">
<method name="pcmk-method">
<device name="pcmk-redirect" port="node2"/>
<cman broadcast="no" expected_votes="1" transport="udp" two_node="1"/>
<fencedevice agent="fence_pcmk" name="pcmk-redirect"/>

五、 启动集群服务
pcs cluster start --all //注意关闭NetworkManager服务
可以使用pcs --debug cluster start --all 打开调试模式,检查其中的错误,提示需要关闭NetworkManager服务

六、 查看集群节点状态:
Pcs status
Pcs status corosync
Pcs status cluster
[root@node1 corosync]# pcs status
Cluster name: webcluster
WARNING: no stonith devices and stonith-enabled is not false
Stack: cman
Current DC: node1 (version 1.1.15-5.el6-e174ec8) - partition with quorum
Last updated: Mon Apr 30 10:06:42 2018 Last change: Mon Apr 30 09:26:32 2018 by root via crmd on node2

2 nodes and 0 resources configured

Online: [ node1 node2 ]

No resources

Daemon Status:
cman: active/disabled
corosync: active/disabled
pacemaker: active/disabled
pcsd: active/disabled
[root@node1 corosync]# pcs status corosync
Nodeid Name
1 node1
2 node2

Crm_verify –L –V
pcs property set stonith-enabled=false #关掉这些错误

七、 配置服务

  1. 配置VIP服务
    pcs resource create vip ocf:heartbeat:IPaddr2 ip= cidr_netmask=24 op monitor interval=30s
    pcs status 查看资源是否启动,注意这里测试发现掩码需要配置为与网卡同掩码,否则资源启动不了

  2. 配置httpd服务
    pcs resource create web lsb:httpd op monitor interval=20s
    pcs status 可以看到资源已经启动。

同时,可以在对应的节点上面直接service httpd status查看服务是否启动,以及ip addr 查看VIP是否获取到。

八、 资源约束配置

  1. 配置资源的启动顺序:order,要求vip先启动,web后启动。
    pcs constraint order vip then web
  2. 配置位置约束,希望资源优先在node1节点上运行,设置vip/web对node1节点的优先级为150,对node2节点的优先级为50:
    pcs constraint location web prefers node1=150
    pcs constraint location vip prefers node1=150
    pcs constraint location web prefers node2=50
    pcs constraint location vip prefers node2=50
    [root@node1 ~]# pcs constraint

Location Constraints:
Resource: vip
Enabled on: node1 (score:100)
Enabled on: node2 (score:50)
Resource: web
Enabled on: node1 (score:100)
Enabled on: node2 (score:50)


  1. 配置资源组,只有两者对节点的位置优先级调整为一样后,资源组同时切换:
    pcs resource group add mygroup vip web
    [root@node2 ~]# pcs status groups
    mygroup: vip web
    [root@node1 ~]# pcs resource
    Resource Group: httpgroup
    vip (ocf::heartbeat:IPaddr2): Started node1
    web (lsb:httpd): Started node1

[root@node1 ~]# crm_simulate -sL

Current cluster status:
Online: [ node1 node2 ]

Resource Group: httpgroup
vip (ocf::heartbeat:IPaddr2): Started node1
web (lsb:httpd): Started node1

Allocation scores:
group_color: httpgroup allocation score on node1: 0
group_color: httpgroup allocation score on node2: 0
group_color: vip allocation score on node1: 100
group_color: vip allocation score on node2: 50
group_color: web allocation score on node1: 100
group_color: web allocation score on node2: 50
native_color: web allocation score on node1: 200
native_color: web allocation score on node2: 100
native_color: vip allocation score on node1: 400
native_color: vip allocation score on node2: 150

pcs constraint location httpgroup prefers node2=100
pcs constraint location httpgroup prefers node1=200

[root@node1 ~]# pcs constraint
Location Constraints:
Resource: httpgroup
Enabled on: node1 (score:200)
Enabled on: node2 (score:100)
Resource: vip
Enabled on: node1 (score:100)
Enabled on: node2 (score:50)
Resource: web
Enabled on: node1 (score:100)
Enabled on: node2 (score:50)
Ordering Constraints:
start vip then start web (kind:Mandatory)

  1. 配置排列约束,让vip与web 资源运行在一起,分数为100
    [root@node1 ~]# pcs constraint colocation add vip with web 100
    [root@node1 ~]# pcs constraint show
    Location Constraints:
    Resource: httpgroup
    Enabled on: node1 (score:200)
    Enabled on: node2 (score:100)
    Resource: vip
    Enabled on: node1 (score:100)
    Enabled on: node2 (score:50)
    Resource: web
    Enabled on: node1 (score:100)
    Enabled on: node2 (score:50)
    Ordering Constraints:
    start vip then start web (kind:Mandatory)
    Colocation Constraints:
    vip with web (score:100)
    Ticket Constraints:

九、 将资源切换到node2上面
pcs constraint location web prefers node1=100 //将web资源对node1的位置优先级调整为100,可以看到资源从node2转换到node1,注意可以调整httpgroup,也可以同时调整web以及vip对node2的优先级。
May 1 09:43:02 node1 crmd[2965]: notice: State transition S_IDLE -> S_POLICY_ENGINE | input=I_PE_CALC cause=C_FSA_INTERNAL origin=abort_transition_graph
May 1 09:43:02 node1 pengine[2964]: warning: Processing failed op monitor for web on node2: not running (7)
May 1 09:43:02 node1 pengine[2964]: notice: Move web#011(Started node2 -> node1)
May 1 09:43:02 node1 pengine[2964]: notice: Calculated transition 4, saving inputs in /var/lib/pacemaker/pengine/pe-input-57.bz2
May 1 09:43:02 node1 crmd[2965]: notice: Initiating stop operation web_stop_0 on node2 | action 6
May 1 09:43:02 node1 crmd[2965]: notice: Initiating start operation web_start_0 locally on node1 | action 7
May 1 09:43:03 node1 lrmd[2962]: notice: web_start_0:3682:stderr [ httpd: Could not reliably determine the server‘s fully qualified domain name, using node1.yang.com for ServerName ]
May 1 09:43:03 node1 crmd[2965]: notice: Result of start operation for web on node1: 0 (ok) | call=12 key=web_start_0 confirmed=true cib-update=42
May 1 09:43:03 node1 crmd[2965]: notice: Initiating monitor operation web_monitor_20000 locally on node1 | action 8
May 1 09:43:03 node1 crmd[2965]: notice: Transition 4 (Complete=4, Pending=0, Fired=0, Skipped=0, Incomplete=0, Source=/var/lib/pacemaker/pengine/pe-input-57.bz2): Complete
May 1 09:43:03 node1 crmd[2965]: notice: State transition S_TRANSITION_ENGINE -> S_IDLE | input=I_TE_SUCCESS cause=C_FSA_INTERNAL origin=notify_crmd

十、 遗留问题:
[root@node1 ~]# pcs status
Cluster name: mycluster
Stack: cman
Current DC: node1 (version 1.1.15-5.el6-e174ec8) - partition with quorum
Last updated: Tue May 1 11:13:00 2018 Last change: Tue May 1 11:04:20 2018 by root via cibadmin on node1

2 nodes and 2 resources configured

Online: [ node1 node2 ]

Full list of resources:

Resource Group: httpgroup
vip (ocf::heartbeat:IPaddr2): Started node1
web (lsb:httpd): Started node1

    Failed Actions:                                     //看着像和监控有关,但一直未能弄明白原因
* web_monitor_20000 on node2 ‘not running‘ (7): call=11, status=complete, exitreason=‘none‘,
    last-rc-change=‘Tue May  1 09:41:09 2018‘, queued=0ms, exec=16ms

Daemon Status:
cman: active/disabled
corosync: active/disabled
pacemaker: active/disabled
pcsd: active/disabled

pcs cluster 设备集群的pcsd认证、集群参数、启动集群节点、删除节点等功能。

pcs cluster stop node1 // 关闭集群中的node1
[root@node2 ~]# pcs status
Cluster name: mycluster
Stack: cman
Current DC: node2 (version 1.1.15-5.el6-e174ec8) - partition with quorum
Last updated: Sat Apr 28 02:23:00 2018 Last change: Sat Apr 28 02:16:12 2018 by root via cibadmin on node2

2 nodes and 2 resources configured

Online: [ node2 ]
OFFLINE: [ node1 ]

Full list of resources:

Resource Group: mygroup
vip (ocf::heartbeat:IPaddr2): Started node2
web (lsb:httpd): Started node2

Daemon Status:
cman: active/disabled
corosync: active/disabled
pacemaker: active/disabled
pcsd: active/disabled
[root@node1 ~]# pcs status
Error: cluster is not currently running on this node
[root@node1 ~]#
[root@node1 ~]#
[root@node1 ~]# pcs cluster start node1
node1: Starting Cluster...
pcs resource :资源相关的命令,包括资源创建、资源删除、资源使能、描述等。
Pcs constraint:资源约束相关的配置命令
Pcs status :资源状态查看相关的命令。


