NTP服务器的搭建和使用
由于在做到高可用集群时,对个各节点的时间要求比较严格。因此我们需要配置一个NTP服务器实现高可用集群的的时间同步器。然后将其他的节点时间指向这个ntp,先来创建一个NTP服务器。
[root@localhost ~ ]# rpm -q ntp ntp-4.2.6p5-1.el6.CentOS.x86_64
由于我们的服务器已经有ntp服务器,那么我们这里边直接使用好了。
[root@localhost ~ ]# rpm -ql ntp /etc/ntp.conf //配置文件 /etc/ntp/crypto /etc/ntp/crypto/pw /etc/rc.d/init.d/ntpd //脚本程序
# vim /etc/ntp.conf 1 # For more information about this file, see the man pages 2 # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). 3 4 driftfile /var/lib/ntp/drift 5 6 # Permit time synchronization with our time source, but do not 7 # permit the source to query or modify the service on this system. 8 restrict default kod nomodify notrap nopeer noquery 9 restrict -6 default kod nomodify notrap nopeer noquery 10 11 # Permit all access over the loopback interface. This could 12 # be tightened as well, but to do so would effect some of 13 # the administrative functions. 14 restrict 127.0.0.1 15 restrict -6 ::1 16 17 # Hosts on local network are less restricted. 18 restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap //允许其他主机同步时间 19 20 # Use public servers from the pool.ntp.org project. 21 # Please consider joining the pool (http://www.pool.ntp.org/join.html). 22 # server 0.centos.pool.ntp.org iburst (默认时间服务器) 23 # server 1.centos.pool.ntp.org iburst (默认时间服务器) 24 # server 2.centos.pool.ntp.org iburst (默认时间服务器) 25 # server 3.centos.pool.ntp.org iburst (默认时间服务器) 26 server 172.16.0.1 (自己添加的) 27 #broadcast 192.168.1.255 autokey # broadcast server 27 #broadcast 192.168.1.255 autokey # broadcast server 28 #broadcastclient # broadcast client 29 #broadcast 224.0.1.1 autokey # multicast server 30 #multicastclient 224.0.1.1 # multicast client 31 #manycastserver 239.255.254.254 # manycast server 32 #manycastclient 239.255.254.254 autokey # manycast client 33 restrict172.16.0.1 nomodify notrap noquery //允许上游时间服务器修改本地时间 34 server127.127.1.0 #local clock fudge 127.127.1.0 stratum 10 #Enable public key cryptography. 35 #crypto 36 37 includefile /etc/ntp/crypto/pw 38 39 # Key file containing the keys and key identifiers used when operating 40 # with symmetric key cryptography. 41 keys /etc/ntp/keys 42 43 # Specify the key identifiers which are trusted. 44 #trustedkey 4 8 42 45 46 # Specify the key identifier to use with the ntpdc utility. 47 #requestkey 8 48 49 # Specify the key identifier to use with the ntpq utility. 50 #controlkey 8 51 52 # Enable writing of statistics records. 53 #statistics clockstats cryptostats loopstats peerstats
同样是其他节点服务器将时间指向该NTP服务器即可:
restrict 127.0.0.1 restrict -6 ::1 server 172.16.31.10 //ntp指向ntp服务器 restrict 172.16.31.10 nomodify notrap noquery //允许矫正时间 server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10
#service ntpd start 即可:
准备各节点:
实验环境
1.时间需要同步,建议使用NTP服务器同步时间并且创建时间同步计划
2.root用户基于密钥认证的时候
3../etc/hosts文件作好IP对应的主机名的解析
解决依赖关系及包的安装:
#yum -y installnet-snmp-libs libnet PyXML #rpm -ivh heartbeat-pils-2.1.4-12.el6.x86_64.rpm #rpm -ivhheartbeat-stonith-2.1.4-12.el6.x86_64.rpm #rpm -ivhheartbeat-2.1.4-12.el6.x86_64.rpm
安装好heartbeat之后配置以下三个文件:
一.配置主配置文件
#vim ha.cf mcast eth0 229.155.11.24 694 1 0 auto_failback on logfile /var/log/ha-log #logfacility local0 node node2 node node3 ping 172.16.0.1
二.配置认证文件
在最后添加
auth2 2 sha1 17d1df5da5db
三配置资源文件
在最后添加
node2 172.16。11.13/16/eth0/172.16.255.255 httpd
把authkeys、ha.cf和haresources复制给另一台主机,放在相同位置
保证各httpd服务开机不会自动启动
# chkconfig httpd off
启动heartbeat,测试结果。