系统环境:
Mariadb01 192.168.137.21 node01.com centos-6.x 2.6.32-573.el6.x86_64 selinux=disabled
Mariadb02 192.168.137.22 node02.com centos-6.x 2.6.32-573.el6.x86_64 selinux=disabled
Mariadb03 192.168.137.23 node03.com centos-6.x 2.6.32-573.el6.x86_64 selinux=disabled
第一部分:环境初始化(该部分的内容需在所有服务器上执行):
1、服务器Hosts 解析:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.137.21 node01.com db1
192.168.137.22 node02.com db2
192.168.137.23 node03.com db3
2、mariadb 官方Yum 源配置:
[mariadb]
name = MariaDB
baseurl = https://yum.mariadb.org/10.0/rhel6-amd64/
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
3、安装系统扩展源:
rpm -ivh http://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
4、清楚缓存并重构缓存:
yum clean all && yum makecache
5、安装搭建集群所需的软件包:
yum install -y MariaDB-Galera-server MariaDB-client galera perl-Digest-MD5-File perl-Digestrypt-PasswdMD5 perl-MD5 socat vim telnet lsof iotop tree lrzsz
6、创建集群数据存放、日志存放及临时数据存放路径,并授权创建的目录为mysql:
mkdir -p /data/{mysql,tmp,logs} && chown -R mysql:mysql /data/{mysql,tmp,logs}
7、删除安装集群工具初始化时自带的路径,并将自定义的路径连接到初始化路径下:
rm -rf /var/lib/mysql && ln -s /data/mysql /var/lib/mysql
8、编辑/etc/my.cnf 文件,设置一些优化参数:
[mysqld]
datadir = /data/mysql
socket = /data/mysql/mysql.sock
tmpdir = /data/tmp
slow_query_log_file = /data/mysql/slow-log
port = 3306
log_error = /data/logs/mysqld.log
log-bin = dbs-binlog
log-bin-index = dbs-binlog-index
server_id = 11
max_relay_log_size = 0
read_rnd_buffer_size = 16M
read_buffer_size = 6M
sort_buffer_size = 6M
slave_net_timeout = 5
table_definition_cache = 4096
table_open_cache = 4096
thread_cache_size = 64
thread_stack = 192K
query_cache_limit = 4M
query_cache_min_res_unit = 2k
query_cache_size = 64M
query_cache_type = 1
join_buffer_size = 2M
tmp_table_size = 256M
interactive_timeout = 100
max_connections = 4500
max_connect_errors = 3000
max_allowed_packet = 64M
wait_timeout = 100
key_buffer_size = 256M
myisam_sort_buffer_size = 128M
myisam_repair_threads = 1
bulk_insert_buffer_size = 64M
innodb_buffer_pool_size = 300M
innodb_log_files_in_group = 3
innodb_log_file_size = 512M
innodb_file_per_table = 1
innodb_file_format = Barracuda
innodb_lock_wait_timeout = 15
innodb_flush_log_at_trx_commit = 2
innodb_thread_concurrency = 24
innodb_log_buffer_size = 16M
innodb_max_dirty_pages_pct = 90
innodb_strict_mode = 1
innodb_read_only = 0
binlog_format = ROW
expire_logs_days = 7
relay_log_space_limit = 128m
server_id = 109
sync_binlog = 1
replicate-ignore-db = mysql,information_schema,performance_schema,new_weizuan
slow_query_log = 1
innodb_flush_method = O_DIRECT
[mysqld_safe]
open_files_limit = 65535
[client-server]
!includedir /etc/my.cnf.d
9、初始化:
mysql_install_db --defaults-file=/etc/my.cnf --user=mysql --datadir=/data/mysql
10、启动mysql 服务并将所有mysql 服务设置为开机启动及添加至系统服务:
service mysql start
chkconfig --add mysql && chkconfig mysql on
11、执行 mysql_secure_installation ,加固Mariadb 安全:
mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password: #chekir0214
Re-enter new password: #chekir0214
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success! - Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
12、因为本系列教程是采用xtrabackup ,所以还需要给每台服务器安装 percona 官方提供的工具 xtrabackup:
yum install -y http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm
yum install -y percona-xtrabackup
第二部分:集群配置(该部分都需单独配置)
node01:
1、给自身及node02、node03 授权数据同步账户 sst 登录:
[root@node01 ~ 21:44:27&&16]#mysql -uroot -pchekir0214 -e "delete from mysql.user where User=''"
[root@node01 ~ 21:45:10&&17]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'localhost' identified by '123456'"
[root@node01 ~ 21:45:51&&21]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.21' identified by '123456'"
[root@node01 ~ 21:45:29&&18]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.22' identified by '123456'"
[root@node01 ~ 21:45:38&&19]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.23' identified by '123456'"
刷新权限:
[root@node01 ~ 21:45:55&&22]#mysql -uroot -pchekir0214 -e "flush privileges"
2、停止mysql 服务:
[root@node01 ~ 21:45:58&&23]#service mysql stop
Shutting down MySQL.. SUCCESS!
3、编辑 /etc/my.cnf.d 目录下的sever.cnf 文件,配置集群内容:
[root@node01 ~ 14:11:58&&2]#egrep -v '^$|#' /etc/my.cnf.d/server.cnf
[server]
[mysqld]
[galera]
[embedded]
[mariadb]
[mariadb-10.0]
innodb_autoinc_lock_mode=2
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_name="wsrep_cluster"
wsrep_cluster_address="gcomm://192.168.137.21,192.168.137.22,192.168.137.23"
wsrep_node_name=node01.com
wsrep_node_address=192.168.137.21
wsrep_slave_threads=1
wsrep_certify_nonPK=1
wsrep_max_ws_rows=131072
wsrep_max_ws_size=1073741824
wsrep_debug=0
wsrep_convert_LOCK_to_trx=0
wsrep_retry_autocommit=1
wsrep_auto_increment_control=1
wsrep_drupal_282555_workaround=0
wsrep_causal_reads=0
wsrep_sst_method=xtrabackup
wsrep_sst_auth=sst:123456
4、配置防火墙,允许node02和 node03 访问本机的3306、4444 及 4567 端口:
[root@node01 ~ 22:07:37&&30]#iptables -I INPUT -p tcp -s 192.168.137.22 -m multiport --dport 3306,4444,4567,4568 -j ACCEPT
[root@node01 ~ 22:15:07&&31]#iptables -I INPUT -p tcp -s 192.168.137.23 -m multiport --dport 3306,4444,4567,4568 -j ACCEPT
同时。保存防火墙配置:
[root@node01 ~ 22:15:15&&33]#service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
node02:
1、给自身及node01、node03 授权数据同步账户 sst 登录:
[root@node02 ~ 21:44:59&&15]#mysql -uroot -pchekir0214 -e "delete from mysql.user where User=''"
[root@node02 ~ 21:45:12&&16]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'localhost' identified by '123456'"
[root@node02 ~ 21:46:06&&17]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.21' identified by '123456'"
[root@node02 ~ 21:46:13&&18]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.22' identified by '123456'"
[root@node02 ~ 21:46:22&&19]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.23' identified by '123456'"
刷新权限:
[root@node02 ~ 21:46:25&&20]#mysql -uroot -pchekir0214 -e "flush privileges"
2、停止mysql 服务:
[root@node02 ~ 21:46:45&&21]#service mysql stop
Shutting down MySQL.. SUCCESS!
3、编辑 /etc/my.cnf.d 目录下的sever.cnf 文件,配置集群内容:
[root@node02 ~ 13:55:09&&4]#egrep -v '^$|#' /etc/my.cnf.d/server.cnf
[server]
[mysqld]
[galera]
[embedded]
[mariadb]
[mariadb-10.0]
innodb_autoinc_lock_mode=2
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_name="wsrep_cluster"
wsrep_cluster_address="gcomm://192.168.137.21,192.168.137.22,192.168.137.23"
wsrep_node_name=node02.com
wsrep_node_address=192.168.137.22
wsrep_slave_threads=1
wsrep_certify_nonPK=1
wsrep_max_ws_rows=131072
wsrep_max_ws_size=1073741824
wsrep_debug=0
wsrep_convert_LOCK_to_trx=0
wsrep_retry_autocommit=1
wsrep_auto_increment_control=1
wsrep_drupal_282555_workaround=0
wsrep_causal_reads=0
wsrep_sst_method=xtrabackup
wsrep_sst_auth=sst:123456
4、配置防火墙,允许node01和 node03 访问本机的3306、4444 及 4567 端口:
[root@node02 ~ 22:06:43&&31]#iptables -I INPUT -p tcp -s 192.168.137.21 -m multiport --dport 3306,4444,4567,4568 -j ACCEPT
[root@node02 ~ 22:15:51&&32]#iptables -I INPUT -p tcp -s 192.168.137.23 -m multiport --dport 3306,4444,4567,4568 -j ACCEPT
保存配置:
[root@node02 ~ 22:15:58&&34]#service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
node03:
1、给自身及node01、node02 授权数据同步账户 sst 登录:
[root@node03 ~ 21:44:38&&12]#mysql -uroot -pchekir0214 -e "delete from mysql.user where User=''"
[root@node03 ~ 21:45:11&&13]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.23' identified by '123456'"
[root@node03 ~ 21:46:27&&14]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'localhost' identified by '123456'"
[root@node03 ~ 21:46:32&&15]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.21' identified by '123456'"
[root@node03 ~ 21:46:36&&16]#mysql -uroot -pchekir0214 -e "grant all privileges on . to 'sst'@'192.168.137.22' identified by '123456'"
刷新权限:
[root@node03 ~ 21:46:39&&17]#mysql -uroot -pchekir0214 -e "flush privileges"
2、停止mysql 服务:
root@node03 ~ 21:46:44&&18]#service mysql stop
Shutting down MySQL.. SUCCESS!
3、编辑 /etc/my.cnf.d 目录下的sever.cnf 文件,配置集群内容:
[root@node03 ~ 14:20:51&&1]#egrep -v '^$|#' /etc/my.cnf.d/server.cnf
[server]
[mysqld]
[galera]
[embedded]
[mariadb]
[mariadb-10.0]
innodb_autoinc_lock_mode=2
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_name="wsrep_cluster"
wsrep_cluster_address="gcomm://192.168.137.21,192.168.137.22,192.168.137.23"
wsrep_node_name=node03.com
wsrep_node_address=192.168.137.23
wsrep_slave_threads=1
wsrep_certify_nonPK=1
wsrep_max_ws_rows=131072
wsrep_max_ws_size=1073741824
wsrep_debug=0
wsrep_convert_LOCK_to_trx=0
wsrep_retry_autocommit=1
wsrep_auto_increment_control=1
wsrep_drupal_282555_workaround=0
wsrep_causal_reads=0
wsrep_sst_method=xtrabackup
wsrep_sst_auth=sst:123456
4、配置防火墙,允许node01和 node02 访问本机的3306、4444 及 4567 端口:
[root@node03 ~ 22:15:31&&26]#iptables -I INPUT -p tcp -s 192.168.137.21 -m multiport --dport 3306,4444,4567,4568 -j ACCEPT
[root@node03 ~ 22:09:18&&25]#iptables -I INPUT -p tcp -s 192.168.137.22 -m multiport --dport 3306,4444,4567,4568 -j ACCEPT
保存防火墙配置i:
[root@node03 ~ 22:15:40&&28]#service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
第三部分:启动集群
1、启动第一台(注:整个集群第一次启动,必须使用参数 --wsrep-new-cluster,否则,第一个节点会启动失败)
[root@node01 ~ 22:15:21&&34]#service mysql start --wsrep-new-cluster
Starting MySQL.. SUCCESS!
2、启动第二个节点: 如果node1防火墙未添加会造成后面节点启动失败
[root@node02 ~ 15:32:50&&27]#service mysql start
Starting MySQL...SST in progress, setting sleep higher. SUCCESS!
3、启动第三个节点:
[root@node03 ~ 15:32:55&&24]#service mysql start
Starting MySQL..SST in progress, setting sleep higher. SUCCESS!
4、启动完成,验证集群:
[root@node01 ~ 15:32:33&&27]#mysql -uroot -pchekir0214 -e 'show status like "%wsrep%"'
+------------------------------+-------------------------------------------------------------+
| Variable_name | Value |
+------------------------------+-------------------------------------------------------------+
| wsrep_local_state_uuid | 8ec37b65-f649-11e5-9b39-3f1a0e9b7936 |
| wsrep_protocol_version | 7 |
| wsrep_last_committed | 0 |
| wsrep_replicated | 0 |
| wsrep_replicated_bytes | 0 |
| wsrep_repl_keys | 0 |
| wsrep_repl_keys_bytes | 0 |
| wsrep_repl_data_bytes | 0 |
| wsrep_repl_other_bytes | 0 |
| wsrep_received | 10 |
| wsrep_received_bytes | 808 |
| wsrep_local_commits | 0 |
| wsrep_local_cert_failures | 0 |
| wsrep_local_replays | 0 |
| wsrep_local_send_queue | 0 |
| wsrep_local_send_queue_max | 1 |
| wsrep_local_send_queue_min | 0 |
| wsrep_local_send_queue_avg | 0.000000 |
| wsrep_local_recv_queue | 0 |
| wsrep_local_recv_queue_max | 2 |
| wsrep_local_recv_queue_min | 0 |
| wsrep_local_recv_queue_avg | 0.100000 |
| wsrep_local_cached_downto | 18446744073709551615 |
| wsrep_flow_control_paused_ns | 0 |
| wsrep_flow_control_paused | 0.000000 |
| wsrep_flow_control_sent | 0 |
| wsrep_flow_control_recv | 0 |
| wsrep_cert_deps_distance | 0.000000 |
| wsrep_apply_oooe | 0.000000 |
| wsrep_apply_oool | 0.000000 |
| wsrep_apply_window | 0.000000 |
| wsrep_commit_oooe | 0.000000 |
| wsrep_commit_oool | 0.000000 |
| wsrep_commit_window | 0.000000 |
| wsrep_local_state | 4 |
| wsrep_local_state_comment | Synced |
| wsrep_cert_index_size | 0 |
| wsrep_causal_reads | 0 |
| wsrep_cert_interval | 0.000000 |
| wsrep_incoming_addresses | 192.168.137.21:3306,192.168.137.22:3306,192.168.137.23:3306 |
| wsrep_evs_delayed | |
| wsrep_evs_evict_list | |
| wsrep_evs_repl_latency | 0/0/0/0/0 |
| wsrep_evs_state | OPERATIONAL |
| wsrep_gcomm_uuid | 8ec2b989-f649-11e5-9fb7-c2cc8e011c39 |
| wsrep_cluster_conf_id | 3 |
| wsrep_cluster_size | 3 |
| wsrep_cluster_state_uuid | 8ec37b65-f649-11e5-9b39-3f1a0e9b7936 |
| wsrep_cluster_status | Primary |
| wsrep_connected | ON |
| wsrep_local_bf_aborts | 0 |
| wsrep_local_index | 0 |
| wsrep_provider_name | Galera |
| wsrep_provider_vendor | Codership Oy <[email protected]> |
| wsrep_provider_version | 25.3.14(r3560) |
| wsrep_ready | ON |
| wsrep_thread_count | 2 |
+------------------------------+-------------------------------------------------------------+
此时可以停止某一个节点再查看,在任意节点建库再看,在任意节点删除这个库再看。