Node1 Master/
slave Node2 – Master/ Slave
192.168.1.11 192.168.1.12
Mơ hình master-slave replication chỉ có tính dự phịng, dữ liệu chỉ được ghi từ master sang slave, không thể thực hiện theo chiều ngược lại
Mơ hình master- master: dữ liệu được ghi trên 2 chiều Node1: master/slave: 192.168.1.11
Node2: master/slave: 192.168.1.12 Các bước thực hiện:
B1: Cấu hình node1 làm master
Thêm và sửa các dịng sau vào trong file /etc/my.cnf [mysqld]
log-bin
binlog-do-db=sitenhac # database sẽ được replicated binlog-ignore-db=mysql # database không replication binlog-ignore-db=test
server-id=1
bind-address=192.168.1.11
B2: Gán quyền replication trên node2 cho node1 cho user replication #mysql -p
MariaDB [(none)]> GRANT REPLICATION SLAVE ON *.* TO 'replication'@'%.nhatnghe1.com' IDENTIFIED BY '123456'; MariaDB [(none)]> FLUSH PRIVILEGES;
Thêm các dòng sau vào trong file /etc/my.cnf [mysqld] server-id=2 log-bin bind-address=192.168.1.12 binlog-do-db=sitenhac Trên 2 máy khởi động lại dịch vụ mysql
# systemctl restart mariadb.service B4: node2 - slave
B5. Node2 Gán quyền replication trên node1 cho user replication # mysql -p
MariaDB [(none)]> grant replication slave on *.* to 'replication'@192.168.100.101 identified by 'slave2';
Query OK, 0 rows affected (0.00 sec B6. Node 2 xem trạng thái database MariaDB [(none)]> show master status;
MariaDB [(none)]> stop slave;
MariaDB [(none)]> CHANGE MASTER TO
master_host='node1.nhatnghe1.com',master_user='replication',master_password='123456',master_log_file='mysql- bin.000003',master_log_pos=395;
Query OK, 0 rows affected (0.01 sec) MariaDB [(none)]> reset slave; MariaDB [(none)]> start slave;
MariaDB [(none)]> SHOW SLAVE STATUS\G
*************************** 1. row *************************** Slave_IO_State: Waiting for master to send event
Master_Host: node1.nhatnghe1.com Master_User: replication Master_Port: 3306 Connect_Retry: 60 Master_Log_File: mariadb-bin.000003 Read_Master_Log_Pos: 395 Relay_Log_File: mariadb-relay-bin.000005 Relay_Log_Pos: 681 Relay_Master_Log_File: mariadb-bin.000003 Slave_IO_Running: Yes Slave_SQL_Running: Yes Replicate_Do_DB: Replicate_Ignore_DB: Replicate_Do_Table: Replicate_Ignore_Table:
B7: Tại máy node1
B8: Kiểm tra Trên node1:
MariaDB [(none)]> CHANGE MASTER TO
master_host='node2.nhatnghe1.com',master_user='replication',master_password='slave2',master_log_file='mysql- bin.000001',master_log_pos=759;
Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> stop slave;
Query OK, 0 rows affected, 1 warning (0.00 sec) MariaDB [(none)]> reset slave;
Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> start slave; Query OK, 0 rows affected (0.01 sec) MariaDB [(none)]> show slave status\G;
*************************** 1. row *************************** Slave_IO_State: Waiting for master to send event
Master_Host: node2.nhatnghe1.com Master_User: replication Master_Port: 3306 Connect_Retry: 60 Master_Log_File: mariadb-bin.000001 Read_Master_Log_Pos: 406 Relay_Log_File: mariadb-relay-bin.000003 Relay_Log_Pos: 692 Relay_Master_Log_File: mariadb-bin.000001 Slave_IO_Running: Yes Slave_SQL_Running: Yes Replicate_Do_DB: Replicate_Ignore_DB: Replicate_Do_Table: Replicate_Ignore_Table: Replicate_Wild_Do_Table: #mysql -p
MariaDB [(none)]> create database sitenhac; Query OK, 1 row affected (0.00 sec)
MariaDB [sitenhac]> use sitenhac CREATE TABLE example (
id INT,
data VARCHAR(100) );
Trên node2: kiểm tra thấy database sitenhac và table example đã được đồng bộ.
Trên node2: Thêm 2 dòng sau vào bảng example MariaDB [(none)]> show databases;
MariaDB [(none)]> use sitenhac; MariaDB [sitenhac]> show tables;
mysql>
MariaDB [sitenhac]> insert into example (id,data) values("10","nhatnghe"); Query OK, 1 row affected (0.01 sec)
MariaDB [sitenhac]> insert into example (id,data) values("20","daotao"); Query OK, 1 row affected (0.00 sec)
Trên node1 thực hiện truy vấn:
Kết quả dữ liệu đã được đồng bộ 2 chiều từ node1 sang node2 và ngược lại. MariaDB [sitenhac]> select * from example;
HA Proxy
Load Balencer 1: haproxy1, IP: 192.168.100.101; ens34: 10.0.0.1 Load Balencer 2: haproxy2, IP: 192.168.100.102; ens34: 10.0.0.2 Web Server 1: web1, IP: 192.168.100.103
Web Server 2: web2, IP: 192.168.100.104 VIP IP: 192.168.100.105 1. Cài và cấ hình haproxy1, haproxy2 b1. cài haproxy
# mount /dev/cdrom /media/
# rpm -ivh /media/Packages/haproxy-1.5.18-6.el7.x86_64.rpm b2. cấu hình HAProxy
# vi /etc/haproxy/haproxy.cfg
b3. Khởi động haproxy # systemctl start haproxy # systemctl enable haproxy # vi /etc/sysctl.conf net.ipv4.ip_nonlocal_bind = 1 # sysctl -p b4. Cài Keepalived #rpm -ivh /media/Packages/net-snmp-agent-libs-5.7.2-28.el7.x86_64.rpm # rpm -ivh /media/Packages/keepalived-1.3.5-1.el7.x86_64.rpm
b5. Máy haproxy1, Tạo mới file /etc/keepalived/keepalived.conf 63 frontend main *:80
78 #
79 # round robin balancing between the various backends
80 # - 81 backend app 82 83 84 85 balance roundrobin
server app1 192.168.100.103:80 check server app2 192.168.100.104:80 check 86 listen http_proxy 192.168.100.105:80
balance roundrobin option httpchk option forwardfor
server web1 192.168.100.103:80 weight 1 cookie A check server web2 192.168.100.104:80 weight 2 cookie B check
(xóa nội dung cũ)
#systemctl start keepalived #systemctl enable keepalived
B6. Máy haproxy2, Tạo mới file /etc/keepalived/keepalived.conf (xóa nội dung cũ)
# vi /etc/keepalived/keepalived.conf 1 global_defs {
2 router_id test1 3 }
4 vrrp_script chk_haproxy {
5 script "killall -0 haproxy" # check the haproxy process 6 interval 2 # every 2 seconds
7 weight 2 # add 2 points if OK 8 }
9
10 vrrp_instance VI_1 {
11 interface ens34 # interface to monitor
12 state MASTER # MASTER on haproxy1, BACKUP on haproxy2 13 virtual_router_id 51
14 priority 101 # 101 on haproxy1, 100 on haproxy2 15 virtual_ipaddress {
16 192.168.100.105 dev ens33 # virtual ip address 17 } 18 19 authentication { 20 auth_type PASS 21 auth_pass 123456 22 } 23 track_script { 24 chk_haproxy 25 } 26 } 1 global_defs { 2 router_id test2 3 } 4 vrrp_script chk_haproxy {
5 script "killall -0 haproxy" # check the haproxy process 6 interval 2 # every 2 seconds
7 weight 2 # add 2 points if OK 8 }
9
10 vrrp_instance VI_1 {
11 interface ens34 # interface to monitor
12 state MASTER # MASTER on haproxy1, BACKUP on haproxy2 13 virtual_router_id 51
14 priority 100 # 101 on haproxy1, 100 on haproxy2 15 virtual_ipaddress {
16 192.168.100.105 dev ens33 # virtual ip address 17 }
B7.. Kiểm tra, haproxy1 # ip addr
# systemctl stop keepalived Trên máy haproxy
# ip addr
Sẽ thấy ip 192.168.100.105
2. Cấu hình Web Server 1, Web Server 2 B1. Cài httpd
Trên 2 máy cài các gói:
mailcap-2.1.41-2.el7.noarch.rpm httpd-tools-2.4.6-67.el7.centos.x86_64.rpm httpd-2.4.6-67.el7.centos.x86_64.rpm B2. Khởi động httpd # systemctl start httpd # systemctl enable httpd B3. Tạo trang web
Web Server 1
# echo "web on node1" > /var/www/html/index.html Web Server 2:
# echo "web on node2" > /var/www/html/index.html B4. Kiểm tra http://192.168.100.105, nhấn F5 nhiều lần 18 19 authentication { 20 auth_type PASS 21 auth_pass 123456 22 } 23 track_script { 24 chk_haproxy 25 } 26 }
3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:46:13:05 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 brd 10.0.0.255 scope global ens34 valid_lft forever preferred_lft forever
inet 192.168.100.105/32 scope global ens34 valid_lft forever preferred_lft forever
inet6 fe80::c5e6:b531:68ec:5601/64 scope link valid_lft forever preferred_lft forever
3. Statistics and monitoring vi /etc/haproxy/haproxy.cfg
Thêm trong phần defaults, dòng 59 stats enable
stats hide-version stats scope .
stats realm Haproxy\ Statistics
stats uri /monitor #tạo alias or : stats uri / stats auth ngoc:123456 #username:password # systemctl restart haproxy
Tại client:
http://192.168.100.105/monitor
http://192.168.100.105/ ; Nhấn f5
b5. Configure log log global
log 127.0.0.1:514 local0 notice # only send important events log 127.0.0.1:514 local0 notice notice # same but limit output level 4. Kiểm tra tính năng HA
haproxy1, haproxy2:
# tailf /var/log/messages B2.
Máy haproxy1: systemctl stop haproxy (priority:101 – weght :2 = 99 )
Máy haproxy2: sẽ nhận VIP 192.168.100.105 (do priority =100 > 99)
B3.
Máy haproxy1: systemctl start haproxy Máy haproxy2: systemctl stop haproxy
Máy haproxy1: sẽ nhận VIP 192.168.100.105 B4.
Máy haproxy1: # systemctl stop keepalived.service Máy haproxy2: sẽ nhận VIP 192.168.100.105 B5. Máy web1 # systemctl stop httpd Quan sát monitor 5. TLS Máy haproxy1
[root@localhost certs]# openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/pki/tls/certs/haproxy.pem -out /etc/pki/tls/certs/haproxy.pem -days 365 Generating a 2048 bit RSA private key
..+++ .......+++
writing new private key to '/etc/pki/tls/certs/haproxy.pem'
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank
# chmod 600 haproxy.pem vi /etc/haproxy/haproxy.cfg [global] 37 maxsslconn 256 38 tune.ssl.default-dh-param 2048 [frontend] 77 bind *:443 ssl crt /etc/pki/tls/certs/haproxy.pem #systemctl restart haproxy
#scp ./haproxy.pem 192.168.100.102:/etc/pki/tls/certs
#scp /etc/haproxy/haproxy.cfg 192.168.100.102:/etc/haproxy/ https://192.168.100.105/
For some fields there will be a default value, If you enter '.', the field will be left blank. Country Name (2 letter code) [XX]:vn State or Province Name (full name) []:hcm Locality Name (eg, city) [Default City]:hcm
Organization Name (eg, company) [Default Company Ltd]:nn Organizational Unit Name (eg, section) []:nn
Common Name (eg, your name or your server's hostname) []:192.168.100.105 Email Address []: