# Percona-XtraDB-Cluster+Haproxy 搭建集群环境
环境准备及服务器信息:
主机IP | 系统版本 |集群角色
-------- | ---
192.168.1.161 |CentOS Linux release 7.5.1804 (Core)| pxc-linux-161
192.168.1.162 |CentOS Linux release 7.5.1804 (Core)| pxc-linux-162
192.168.1.163 |CentOS Linux release 7.5.1804 (Core)| pxc-linux-1613
192.168.1.165 |CentOS Linux release 7.5.1804 (Core)| haproxy-linux-165
配置防火墙
firewall-cmd --add-port=3306/tcp --permanent
firewall-cmd --add-port=4567/tcp --permanent
firewall-cmd --add-port=4568/tcp --permanent
firewall-cmd --add-port=4444/tcp --permanent
firewall-cmd --reload
安装官方yum源repo配置文件
yum install http://www.percona.com/downloads/percona-release/redhat/0.1-4/percona-release-0.1-4.noarch.rpm
安装pxc
yum -y install Percona-XtraDB-Cluster-57
yum install Percona-Server-client-57
创建用户和组
groupadd mysql
useradd -g mysql -s /sbin/nologin mysql
创建目录并赋权
mkdir /data/mysql/{data,binlog,slow,logs} -p
touch /data/mysql/logs/mysqld.log
chown -R mysql:mysql /data/mysql
修改/etc/my.cnf配置文件
vi /etc/my.cnf
增加[mysqld] ##已知BUG
vi /etc/percona-xtradb-cluster.conf.d/mysqld.cnf
替换为:
[client]
port = 3306
socket = /data/mysql/data/mysql.sock
default-character-set = utf8mb4
[mysqld]
# basic settings #
user = mysql
port=3306
sql_mode = "STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER"
autocommit = 1
server-id=163
character_set_server=utf8mb4
init_connect='SET NAMES utf8'
transaction_isolation = READ-COMMITTED
lower_case_table_names = 1
explicit_defaults_for_timestamp = 1
max_allowed_packet = 16777216
event_scheduler = 1
datadir = /data/mysql/data
basedir = /var/lib/mysql
pid-file = /data/mysql/data/mysqld.pid
socket = /data/mysql/data/mysql.sock
default-time_zone = '+8:00'
# connection #
interactive_timeout = 1800
wait_timeout = 1800
lock_wait_timeout = 1800
skip_name_resolve = 1
max_connections = 5000
max_connect_errors = 1000000
# table cache performance settings
table_open_cache = 4096
table_definition_cache = 4096
table_open_cache_instances = 128
# session memory settings #
read_buffer_size = 5M
read_rnd_buffer_size = 10M
sort_buffer_size = 10M
tmp_table_size = 25M
join_buffer_size = 40M
thread_cache_size = 20M
# log settings #
log_error = /data/mysql/logs/mysqld.log
slow_query_log_file = /data/mysql/slow/slow.log
log-bin= /data/mysql/binlog/mysql-bin
relay_log = mysql-relay-bin
general_log_file= general.log
slow_query_log = 1
log_queries_not_using_indexes = 1
log_slow_admin_statements = 1
log_slow_slave_statements = 1
log_throttle_queries_not_using_indexes = 10
long_query_time = 1
min_examined_row_limit = 100
binlog-rows-query-log-events = 1
log-bin-trust-function-creators = 1
expire-logs-days = 7
log-slave-updates = 1
# innodb settings #
innodb_page_size = 16384
innodb_buffer_pool_size = 256M
innodb_buffer_pool_instances = 8
innodb_buffer_pool_load_at_startup = 1
innodb_buffer_pool_dump_at_shutdown = 1
innodb_lru_scan_depth = 4096
innodb_lock_wait_timeout = 5
innodb_io_capacity = 10000
innodb_io_capacity_max = 20000
innodb_flush_method = O_DIRECT
innodb_file_format = Barracuda
innodb_file_format_max = Barracuda
#undo
innodb_undo_directory = /data/mysql/data
innodb_undo_logs = 128
innodb_undo_tablespaces = 3
#redo
innodb_log_group_home_dir = /data/mysql/data
innodb_log_file_size = 10M
innodb_log_files_in_group = 2
innodb_flush_neighbors = 0
innodb_log_buffer_size = 16384
innodb_purge_threads = 4
innodb_large_prefix = 1
innodb_thread_concurrency = 64
innodb_print_all_deadlocks = 1
innodb_strict_mode = 1
innodb_sort_buffer_size = 16384
innodb_write_io_threads = 16
innodb_read_io_threads = 16
innodb_file_per_table = 1
innodb_stats_persistent_sample_pages = 64
innodb_autoinc_lock_mode = 2
innodb_online_alter_log_max_size=100M
innodb_open_files=4096
# replication settings #
master_info_repository = TABLE
relay_log_info_repository = TABLE
sync_binlog = 1
gtid_mode = on
enforce_gtid_consistency = 1
log_slave_updates
binlog_format = ROW
binlog_rows_query_log_events = 1
relay_log = relay.log
relay_log_recovery = 1
slave_skip_errors = ddl_exist_errors
slave-rows-search-algorithms = 'INDEX_SCAN,HASH_SCAN'
[mysqld-5.6]
# metalock performance settings
metadata_locks_hash_instances=64
[mysqld-5.7]
# new innodb settings #
loose_innodb_numa_interleave=1
innodb_buffer_pool_dump_pct = 40
innodb_page_cleaners = 16
innodb_undo_log_truncate = 1
innodb_max_undo_log_size = 100M #2G
innodb_purge_rseg_truncate_frequency = 128
# new replication settings #
slave-parallel-type = LOGICAL_CLOCK
slave-parallel-workers = 16
slave_preserve_commit_order=1
slave_transaction_retries=128
# other change settings #
binlog_gtid_simple_recovery=1
log_timestamps=system
show_compatibility_56=on
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
vi /etc/percona-xtradb-cluster.conf.d/mysqld_safe.cnf
替换pid-file、socket为:
pid-file = /data/mysql/data/mysqld.pid
socket = /data/mysql/data/mysql.sock
vi /etc/percona-xtradb-cluster.conf.d/wsrep.cnf
修改:
wsrep_cluster_address=gcomm://192.168.253.28,192.168.253.29,192.168.253.30 ##根据实际修改
wsrep_retry_autocommit=1
wsrep_auto_increment_control=1
wsrep_node_name =pxc-linux-29 ##根据实际修改
wsrep_node_address=192.168.253.29 ##根据实际修改
wsrep_sst_method=xtrabackup-v2
wsrep_cluster_name=test-pxc
wsrep_sst_auth="sstuser:s3cretPass" ##根据实际修改
第一个节点启动
systemctl start mysql@bootstrap
备注:谨记,只要是启动集群的第一个Node(首次搭建集群或者集群全部关闭),都要用此命令
修改密码
mysql5.7版本日志均在error.log 里面生成
grep "temporary password" /data/logs/mysql/mysqld.log
使用改密码登陆MySQL,修改成自己想要的密码
mysql> alter user 'root'@'localhost' idnetified by 'abc123';
创建SST同步用户
mysql> GRANT PROCESS,RELOAD,LOCK TABLES,REPLICATION CLIENT ON *.* TO 'sstuser'@'192.168.%.%' IDENTIFIED BY 's3cretPass';
mysql> flush privileges;
其它节点启动
systemctl start mysql
备注:谨记,只要集群有一个Node启动,其余节点都是用此命令
# Haproxy负载均衡
Haproxy是一个反向代理负载均衡解决方案,支持4层和7层模式,提供后端服务器健康检查,非常稳定。淘宝前期也使用Haproxy作为CDN系统负载均衡器
安装haproxy
yum -y install haproxy
在cluster的MySQL上创建用户(一个节点创建,会被复制到其它节点)
监控用帐号:
grant usage on *.* to 'pxc-monitor'@'%' identified by 'testpxc';
服务测试帐号:
grant all privileges on *.* to 'zxw'@'%' identified by 'xxwzopop';
配置haproxy.cfg
cat /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend pxc-write-front
bind *:3307
mode tcp
default_backend pxc-write-back
frontend pxc-read-front
bind *:3308
mode tcp
default_backend pxc-read-back
frontend statas-front
bind *:8088
mode http
default_backend stats-back
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend pxc-write-back
mode tcp
balance leastconn
option httpchk
server pxc-linux-161 192.168.1.161:3306 check port 9200 inter 12000 rise 3 fall 3
server pxc-linux-162 192.168.1.162:3306 check port 9200 inter 12000 rise 3 fall 3
backend pxc-read-back
mode tcp
balance leastconn
option httpchk
server pxc-linux-162 192.168.1.162:3306 check port 9200 inter 12000 rise 3 fall 3
server pxc-linux-163 192.168.1.163:3306 check port 9200 inter 12000 rise 3 fall 3
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend stats-back
mode http
balance roundrobin
stats uri /haproxy/stats
stats auth pxcstats:xxwzopop
配置haproxy的日志:
安装完HAProxy后,默认情况下,HAProxy为了节省读写IO所消耗的性能,默认情况下没有日志输出,一下是开启日志的过程
yum -y install rsyslog
# vim /etc/rsyslog.conf
#
#
...........
$ModLoad imudp
$UDPServerRun 514 //rsyslog 默认情况下,需要在514端口监听UDP,所以可以把这两行注释掉
.........
local2.* /var/log/haproxy.log //和haproxy的配置文件中定义的log level一致
systemctl start rsyslog
在每个PXC 每个mysql节点安装mysql健康状态检查脚本(需要在pxc的每个节点执行)
脚本拷贝
# cp /usr/local/mysql/bin/clustercheck /usr/bin/
# cp /usr/local/mysql/xinetd.d/mysqlchk /etc/xinetd.d/
ps:clustercheck和脚本都是默认值没有修改
创建mysql用户,用于mysql健康检查(在任一节点即可):
grant process on *.* to 'clustercheckuser'@'localhost' identified by 'clustercheckpassword!';
flush privileges;
ps:如不使用clustercheck中默认用户名和密码,将需要修改clustercheck脚本,MYSQL_USERNAME和MYSQL_PASSWORD值
更改用户名和密码(三个节点都得修改)
#vim /usr/bin/clustercheck
MYSQL_USERNAME="pxc-monitor"
MYSQL_PASSWORD="testpxc"
更改/etc/services添加mysqlchk的服务端口号:
# echo 'mysqlchk 9200/tcp # mysqlchk' >> /etc/services
安装xinetd服务,通过守护进程来管理mysql健康状态检查脚本
yum -y install xinetd ###非常重要
systemctl start xinetd
测试
clustercheck
HTTP/1.1 200 OK
Content-Type: text/plain
Connection: close
Content-Length: 40
Percona XtraDB Cluster Node is synced.
ps:要保证状态为200,否则检测不通过,可能是mysql服务不正常,或者环境不对致使haproxy无法使用mysql
haproxy如何侦测 MySQL Server 是否存活,靠着就是 9200 port,透过 Http check 方式,让 HAProxy 知道 PXC 状态
启动haproxy
haproxy -f /etc/haproxy/haproxy.cfg
ps -ef |grep haproxy
haproxy 9754 0 0 11:29 ? 00:00:00 haproxy -f /etc/haproxy/haproxy.cfg
root 9823 74 0 11:30 ? 00:00:00 grep --color=auto haproxy
netstat -nlap |grep haproxy
tcp 0 0 0.0.0.0:3307 0.0.0.0:* LISTEN 9754/haproxy
tcp 0 0 0.0.0.0:8088 0.0.0.0:* LISTEN 9754/haproxy
udp 0 0 0.0.0.0:59349 0.0.0.0:* 9754/haproxy
unix 2 [ ACC ] STREAM LISTENING 30637572 9754/haproxy /var/lib/haproxy/stats.9753.tmp
# cp /usr/local/sbin/haproxy /usr/sbin/haproxy
cd /opt/soft/haproxy-1.5.3/examples
[root@db169 examples]# cp haproxy.init /etc/init.d/haproxy
[root@db169 examples]# chmod +x /etc/init.d/haproxy
haproxy测试
在mysql pxc创建测试账号:
grant all privileges on *.* to 'zxw'@'%' identified by 'xxwzopop';
#for i in `seq 1 10`;do mysql -h 192.168.1.163 -P3307 -uzxw -pxxwzopop -e "select @@hostname;";done
注:其实可以只允许haproxy侧的IP访问即可,因用户通过vip访问mysql集群,haproxy根据调度策略使用自己的ip创建与后端mysql服务器的连接。
查看Haproxy状态:
http://192.168.1.163:8088/haproxy/stats
输入用户密码:stats auth pxcstats:xxwzopop
# 用keepalived实现haproxy 的高可用
yum install -y gcc openssl-devel popt-devel ipvsadm
yum -y install kernel kernel-devel* popt popt-devel libssl-dev libnl libnl-devel openssl openssl-* ipvsadm libnfnetlink-devel
yum install keepalived -y
yum install MySQL-python -y
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id haproxy_pxc #keepalived组的名称
}
vrrp_script chk_haprocy {
script "/etc/keepalived/check_haproxy.sh"
interval 2
weight 2
}
vrrp_instance VI_HAPROXY {
state MASTER #备份机是BACKUP
#nopreempt #非抢占模式
interface eth0
virtual_router_id 51 #同一集群中该数值要相同,只能从1-255
priority 100 //备库可以90
advert_int 1
authentication {
auth_type PASS #Auth 用密码,但密码不要超过8位
auth_pass 1111
}
track_script {
chk_haprocy
}
virtual_ipaddress {
192.168.1.188/24
}
}
#vi /etc/keepalived/check_haproxy.sh
#!/bin/bash
A=`ps -C haproxy --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg
sleep 3
if [ `ps -C haproxy --no-header |wc -l` -eq 0 ];then
/etc/init.d/keepalived stop
fi
fi
#chmod 755 /etc/keepalived/check_haproxy.sh
# 迁移数据
vi /etc/percona-xtradb-cluster.conf.d/mysqld.cnf
replicate-do-db=dbtest
导入昨天全量备份数据
change master to master_host='10.200.22.33',master_port=3306,master_user='repl',master_password='mysql',master_log_file='master-bin.000009',master_log_pos=674;
start slave;
# PMM监控:
pmm server:
docker pull percona/pmm-server:latest
mkdir -p /data/pmm_data/opt/prometheus/data
mkdir -p /data/pmm_data/opt/consul-data
mkdir -p /data/pmm_data/var/lib/mysql
mkdir -p /data/pmm_data/var/lib/grafana
docker create -v /data/pmm_data/opt/prometheus/data -v /data/pmm_data/opt/consul-data -v /data/pmm_data/var/lib/mysql -v /data/pmm_data/var/lib/grafana --name pmm-data percona/pmm-server:latest /bin/true
docker run -d \
-e ORCHESTRATOR_ENABLED=true \
-e METRICS_RETENTION=720h \
-e SERVER_USER=admin \
-e SERVER_PASSWORD=abcd.1234 \
-p 8080:80 \
--net staticnet \
--ip 192.168.0.11 \
--volumes-from pmm-data \
--name pmm-server \
--restart always percona/pmm-server:latest
pmm client:
yum -y install http://www.percona.com/downloads/percona-release/redhat/0.1-4/percona-release-0.1-4.noarch.rpm
yum install pmm-client -y
#配置Server
pmm-admin config --server 10.1.12.114:8080 --server-user admin --server-password abcd.1234
#添加linux监控
pmm-admin add linux:metrics
#创建MySQL监控账号并开启innodb_monitor_enable
GRANT ALL PRIVILEGES ON *.* TO 'pmm'@'10.1.%' IDENTIFIED BY 'L2iLf#eqISQ613u^';
set global innodb_monitor_enable=all;
#添加MySQL监控
pmm-admin add mysql --user pmm --password 'L2iLf#eqISQ613u^' --host 10.1.21.33 --query-source perfschema
#查看配置信息
pmm-admin list
#检查网络
pmm-admin check-network
[linux:metrics] OK, already monitoring this system.
[mysql:metrics] OK, now monitoring MySQL metrics using DSN root:***@unix(/data/mysql/data/mysql.sock)
[mysql:queries] OK, now monitoring MySQL queries from slowlog using DSN root:***@unix(/data/mysql/data/mysql.sock)
前端访问地址:
浏览器输入Server IP : http://10.200.22.33:8881
输入默认的用户名密码:admin