当前位置:   article > 正文

BCLinux8U6系统部署oceanbase分布式数据库社区版之二、数据库服务器准备_bigcloud enterprise linux 8.6操作系统

bigcloud enterprise linux 8.6操作系统

本文是在完成步骤一、准备 OBD 中控机后的第二步,准备3台oceanbase分布式数据库服务器。

前序步骤:BCLinux8U6系统部署oceanbase分布式数据库社区版之一、准备 OBD 中控机

一、服务器配置

1、服务器硬件配置

本例采用vmware虚拟机来构建测试平台,共3台虚拟机,16核CPU、32GB内存,1T数据盘

2、服务器操作系统

采用BCLinux8U6

  1. [root@localhost ~]# cat /etc/os-release
  2. NAME="BigCloud Enterprise Linux"
  3. VERSION="8.6 (Core)"
  4. ID="bclinux"
  5. ID_LIKE="rhel fedora"
  6. VERSION_ID="8.6"
  7. PLATFORM_ID="platform:an8"
  8. PRETTY_NAME="BigCloud Enterprise Linux 8.6 (Core)"
  9. ANSI_COLOR="0;31"
  10. CPE_NAME="cpe:/o:bclinux:bclinux:8"
  11. HOME_URL="https://mirrors.bclinux.org/"
  12. BUG_REPORT_URL="https://bugs.bclinux.org/"
  13. BCLINUX_BUGZILLA_PRODUCT="BigCloud Enterprise Linux 8 (Core)"
  14. BCLINUX_BUGZILLA_PRODUCT_VERSION=8.6
  15. BCLINUX_SUPPORT_PRODUCT="BigCloud Enterprise Linux 8 (Core)"
  16. BCLINUX_SUPPORT_PRODUCT_VERSION=8.6
3、系统内核,操作系统内核为5.10
  1. [root@localhost ~]# uname -r
  2. 5.10.134-12.2.el8.bclinux.x86_64
  3. [root@localhost ~]# free -g
  4. total used free shared buff/cache available
  5. Mem: 31 0 30 0 0 30
  6. Swap: 1 0 1

二、服务器系统环境初始化(每台服务器需完成相同设置)

1、准备数据盘分区
  1. [root@localhost ~]# fdisk -l |grep /dev/sdb
  2. Disk /dev/sdb:1000 GiB,1073741824000 字节,2097152000 个扇区
  3. [root@localhost ~]# fdisk /dev/sdb
  4. 欢迎使用 fdisk (util-linux 2.32.1)。
  5. 更改将停留在内存中,直到您决定将更改写入磁盘。
  6. 使用写入命令前请三思。
  7. 设备不包含可识别的分区表。
  8. 创建了一个磁盘标识符为 0x9febb181 的新 DOS 磁盘标签。
  9. 命令(输入 m 获取帮助):n
  10. 分区类型
  11. p 主分区 (0个主分区,0个扩展分区,4空闲)
  12. e 扩展分区 (逻辑分区容器)
  13. 选择 (默认 p):p
  14. 分区号 (1-4, 默认 1):
  15. 第一个扇区 (2048-2097151999, 默认 2048):
  16. 上个扇区,+sectors 或 +size{K,M,G,T,P} (2048-2097151999, 默认 2097151999):
  17. 创建了一个新分区 1,类型为“Linux”,大小为 1000 GiB。
  18. 命令(输入 m 获取帮助):w
  19. 分区表已调整。
  20. 将调用 ioctl() 来重新读分区表。
  21. 正在同步磁盘。
  22. [root@localhost ~]# fdisk -l |grep /dev/sdb
  23. Disk /dev/sdb:1000 GiB,1073741824000 字节,2097152000 个扇区
  24. /dev/sdb1 2048 2097151999 2097149952 1000G 83 Linux
  25. [root@localhost ~]# pvcreate /dev/sdb1
  26. Physical volume "/dev/sdb1" successfully created.
  27. [root@localhost ~]# vgcreate appvg /dev/sdb1
  28. Volume group "appvg" successfully created
  29. [root@localhost ~]# lvcreate -n applv -l 100%vg /dev/appvg
  30. Logical volume "applv" created.
  31. [root@localhost ~]# lvs |grep applv
  32. applv appvg -wi-a----- <1000.00g
  33. [root@localhost ~]# mkfs.xfs -m bigtime=1 /dev/appvg/applv
  34. meta-data=/dev/appvg/applv isize=512 agcount=4, agsize=65535744 blks
  35. = sectsz=512 attr=2, projid32bit=1
  36. = crc=1 finobt=1, sparse=1, rmapbt=0
  37. = reflink=1 bigtime=1 inobtcount=0
  38. data = bsize=4096 blocks=262142976, imaxpct=25
  39. = sunit=0 swidth=0 blks
  40. naming =version 2 bsize=4096 ascii-ci=0, ftype=1
  41. log =internal log bsize=4096 blocks=127999, version=2
  42. = sectsz=512 sunit=0 blks, lazy-count=1
  43. realtime =none extsz=4096 blocks=0, rtextents=0
  44. [root@localhost ~]# vi /etc/fstab
  45. [root@localhost ~]# grep applv /etc/fstab
  46. /dev/appvg/applv /app xfs defaults 0 0
  47. [root@localhost ~]# mkdir /app
  48. [root@localhost ~]# mount -a
  49. [root@localhost ~]# df -hT |grep applv
  50. /dev/mapper/appvg-applv xfs 1000G 7.1G 993G 1% /app
2、检查时间同步

因是分布式环境,时间同步非常重要,否则可能会出现各种意想不到的问题

  1. [root@localhost ~]# chronyc sources -v
  2. .-- Source mode '^' = server, '=' = peer, '#' = local clock.
  3. / .- Source state '*' = current best, '+' = combined, '-' = not combined,
  4. | / 'x' = may be in error, '~' = too variable, '?' = unusable.
  5. || .- xxxx [ yyyy ] +/- zzzz
  6. || Reachability register (octal) -. | xxxx = adjusted offset,
  7. || Log2(Polling interval) --. | | yyyy = measured offset,
  8. || \ | | zzzz = estimated error.
  9. || | | \
  10. MS Name/IP address Stratum Poll Reach LastRx Last sample
  11. ===============================================================================
  12. ^* 192.168.2.33 2 6 377 51 -1808us[ -325us] +/- 27ms
  13. ^+ 192.168.2.34 2 6 377 53 +1443us[+2925us] +/- 42ms
  14. ^+ 192.168.2.35 2 6 377 50 +15ms[ +15ms] +/- 50ms
3、系统限制参数设置
  1. [root@localhost ~]# vi /etc/security/limits.conf
  2. [root@localhost ~]# egrep -v "^#|^$" /etc/security/limits.conf
  3. root soft nofile 655350
  4. root hard nofile 655350
  5. * soft nofile 655350
  6. * hard nofile 655350
  7. * soft stack unlimited
  8. * hard stack unlimited
  9. * soft nproc 655360
  10. * hard nproc 655360
  11. * soft core unlimited
  12. * hard core unlimited
4、系统控制参数配置
  1. [root@localhost ~]# vi /etc/sysctl.conf
  2. [root@localhost ~]# cat /etc/sysctl.conf
  3. # sysctl settings are defined through files in
  4. # /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
  5. #
  6. # Vendors settings live in /usr/lib/sysctl.d/.
  7. # To override a whole file, create a new file with the same in
  8. # /etc/sysctl.d/ and put new settings there. To override
  9. # only specific settings, add a file with a lexically later
  10. # name in /etc/sysctl.d/ and put new settings there.
  11. #
  12. # For more information, see sysctl.conf(5) and sysctl.d(5).
  13. net.ipv4.conf.all.accept_redirects = 0
  14. net.ipv4.conf.all.rp_filter = 1
  15. net.ipv4.conf.default.rp_filter = 1
  16. # for oceanbase
  17. ## 修改内核异步 I/O 限制
  18. fs.aio-max-nr=1048576
  19. ## 网络优化
  20. net.core.somaxconn = 2048
  21. net.core.netdev_max_backlog = 10000
  22. net.core.rmem_default = 16777216
  23. net.core.wmem_default = 16777216
  24. net.core.rmem_max = 16777216
  25. net.core.wmem_max = 16777216
  26. net.ipv4.ip_local_port_range = 3500 65535
  27. net.ipv4.ip_forward = 0
  28. net.ipv4.conf.default.rp_filter = 1
  29. net.ipv4.conf.default.accept_source_route = 0
  30. net.ipv4.tcp_syncookies = 1
  31. net.ipv4.tcp_rmem = 4096 87380 16777216
  32. net.ipv4.tcp_wmem = 4096 65536 16777216
  33. net.ipv4.tcp_max_syn_backlog = 16384
  34. net.ipv4.tcp_fin_timeout = 15
  35. net.ipv4.tcp_max_syn_backlog = 16384
  36. net.ipv4.tcp_tw_reuse = 1
  37. net.ipv4.tcp_tw_recycle = 1
  38. net.ipv4.tcp_slow_start_after_idle=0
  39. vm.swappiness = 0
  40. vm.min_free_kbytes = 2097152
  41. fs.file-max = 6573688
  42. # 修改进程可以拥有的虚拟内存区域数量
  43. vm.max_map_count = 655360
  44. # 此处为 OceanBase 数据库的 data 目录
  45. kernel.core_pattern = /app/core-%e-%p-%t
  46. [root@localhost ~]# sysctl -p
  47. net.ipv4.conf.all.accept_redirects = 0
  48. net.ipv4.conf.all.rp_filter = 1
  49. net.ipv4.conf.default.rp_filter = 1
  50. fs.aio-max-nr = 1048576
  51. net.core.somaxconn = 2048
  52. net.core.netdev_max_backlog = 10000
  53. net.core.rmem_default = 16777216
  54. net.core.wmem_default = 16777216
  55. net.core.rmem_max = 16777216
  56. net.core.wmem_max = 16777216
  57. net.ipv4.ip_local_port_range = 3500 65535
  58. net.ipv4.ip_forward = 0
  59. net.ipv4.conf.default.rp_filter = 1
  60. net.ipv4.conf.default.accept_source_route = 0
  61. net.ipv4.tcp_syncookies = 1
  62. net.ipv4.tcp_rmem = 4096 87380 16777216
  63. net.ipv4.tcp_wmem = 4096 65536 16777216
  64. net.ipv4.tcp_max_syn_backlog = 16384
  65. net.ipv4.tcp_fin_timeout = 15
  66. net.ipv4.tcp_max_syn_backlog = 16384
  67. net.ipv4.tcp_tw_reuse = 1
  68. sysctl: cannot stat /proc/sys/net/ipv4/tcp_tw_recycle: 没有那个文件或目录
  69. net.ipv4.tcp_slow_start_after_idle = 0
  70. vm.swappiness = 0
  71. vm.min_free_kbytes = 2097152
  72. fs.file-max = 6573688
  73. vm.max_map_count = 655360
  74. kernel.core_pattern = /app/core-%e-%p-%t
  75. [root@localhost ~]#
5、停用selinux服务
  1. [root@localhost ~]# getenforce
  2. Disabled
  3. [root@localhost ~]# cat /etc/selinux/config
  4. # This file controls the state of SELinux on the system.
  5. # SELINUX= can take one of these three values:
  6. # enforcing - SELinux security policy is enforced.
  7. # permissive - SELinux prints warnings instead of enforcing.
  8. # disabled - No SELinux policy is loaded.
  9. SELINUX=disabled
  10. # SELINUXTYPE= can take one of these three values:
  11. # targeted - Targeted processes are protected,
  12. # minimum - Modification of targeted policy. Only selected processes are protected.
  13. # mls - Multi Level Security protection.
  14. SELINUXTYPE=targeted
6、创建admin管理用户并初始化密码
  1. [root@localhost ~]# useradd -U admin -d /home/admin -s /bin/bash -m
  2. [root@localhost ~]# ll /home
  3. 总用量 8
  4. drwx------. 2 AAAA AAAA 4096 4月 10 09:40 AAAA
  5. drwx------ 2 admin admin 4096 4月 15 16:08 admin
  6. [root@localhost ~]# ll /home |grep admin
  7. drwx------ 2 admin admin 4096 4月 15 16:08 admin
  8. [root@localhost ~]# passwd admin
  9. 更改用户 admin 的密码 。
  10. 新的 密码:
  11. 重新输入新的 密码:
  12. passwd:所有的身份验证令牌已经成功更新。
7、admin用户sudo免密设置及加入wheel组

配置admin用户的sudo免密设置,为避免其它安全策略影响,建议加到/etc/sudoers文件的最后面;同时将admin用户加入wheel组。

  1. [root@localhost ~]# vim /etc/sudoers
  2. [root@localhost ~]# grep ^admin /etc/sudoers
  3. admin ALL=(ALL) NOPASSWD:ALL
  4. [root@localhost ~]# vi /etc/group
  5. [root@localhost ~]# grep wheel /etc/group
  6. wheel:x:10:admin
8、准备数据库的数据目录和日志目录,有条件的话,可以按部署建议进行分盘部署
  1. [root@localhost ~]# mkdir -p /app/oceanbase/data /app/oceanbase/redo
  2. [root@localhost ~]# chown -R admin:admin /app
  3. [root@localhost ~]# tree /app
  4. /app
  5. └── oceanbase
  6. ├── data
  7. └── redo
  8. 3 directories, 0 files
  9. [root@localhost ~]#

三、中控机ssh免密操作

以下皆在中控机上操作

1、生成admin用户的公钥文件
  1. [root@localhost ~]# su - admin
  2. 上一次登录:一 4月 15 16:45:26 CST 2024pts/1 上
  3. [admin@localhost ~]$ ls ~/.ssh/id_rsa.pub
  4. ls: 无法访问'/home/admin/.ssh/id_rsa.pub': 没有那个文件或目录
  5. [admin@localhost ~]$ ssh-keygen -t rsa
  6. Generating public/private rsa key pair.
  7. Enter file in which to save the key (/home/admin/.ssh/id_rsa):
  8. Created directory '/home/admin/.ssh'.
  9. Enter passphrase (empty for no passphrase):
  10. Enter same passphrase again:
  11. Your identification has been saved in /home/admin/.ssh/id_rsa
  12. Your public key has been saved in /home/admin/.ssh/id_rsa.pub
  13. The key fingerprint is:
  14. SHA256:dioymcUobYwt9nUpt5OWuqhCiS+KQ7sVpzUIKHhBEuQ admin@localhost.localdomain
  15. The key's randomart image is:
  16. +---[RSA 3072]----+
  17. |++o |
  18. |+. . |
  19. |+E. |
  20. |...=.o . |
  21. |. *o*+= S . |
  22. |.= ===.= * |
  23. |o..o* . B |
  24. |=.o + + . |
  25. |+=o.. o. |
  26. +----[SHA256]-----+
2、分发公钥文件到各数据库服务器
  1. [admin@localhost ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub -p4422 admin@192.168.2.161
  2. /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/admin/.ssh/id_rsa.pub"
  3. The authenticity of host '[192.168.2.161]:4422 ([192.168.2.161]:4422)' can't be established.
  4. ED25519 key fingerprint is SHA256:wySYs++V/r0GwbmVUSZpvBNFej8nrE2ptlPWLPzyVEk.
  5. This key is not known by any other names.
  6. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  7. /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
  8. /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
  9. Authorized users only. All activities may be monitored and reported.
  10. admin@192.168.2.161's password:
  11. Number of key(s) added: 1
  12. Now try logging into the machine, with: "ssh -p 4422 'admin@192.168.2.161'"
  13. and check to make sure that only the key(s) you wanted were added.
  14. [admin@localhost ~]$
3、免密登录各数据库服务器测试
  1. [admin@localhost ~]$ ssh -p 4422 'admin@192.168.2.161'
  2. Authorized users only. All activities may be monitored and reported.
  3. Authorized users only. All activities may be monitored and reported.
  4. [admin@localhost ~]$ sudo su
  5. ____ _ ____ _ _
  6. | __ )(_) __ _ / ___| | ___ _ _ __| |
  7. | _ \| |/ _` | | | |/ _ \| | | |/ _` |
  8. | |_) | | (_| | |___| | (_) | |_| | (_| |
  9. |____/|_|\__, |\____|_|\___/ \__,_|\__,_|
  10. |___/
  11. _____ _ _ _ _
  12. | ____|_ __ | |_ ___ _ __ _ __ _ __(_)___ ___ | | (_)_ __ _ ___ __
  13. | _| | '_ \| __/ _ \ '__| '_ \| '__| / __|/ _ \ | | | | '_ \| | | \ \/ /
  14. | |___| | | | || __/ | | |_) | | | \__ \ __/ | |___| | | | | |_| |> <
  15. |_____|_| |_|\__\___|_| | .__/|_| |_|___/\___| |_____|_|_| |_|\__,_/_/\_\
  16. |_|
  17. ___
  18. ( _ )
  19. / _ \
  20. | (_) |
  21. \___/
  22. Welcome to BigCloud Enterprise Linux 8 (GNU/Linux 5.10.134-12.2.el8.bclinux.x86_64 x86_64)
  23. System information as of 2024年 04月 15日 星期一 16:55:05 CST
  24. * System CPU load: 0.00 0.00 0.00 * System uptime: 16:55:05 up 1:18
  25. * Active sessions: 2 * Memory usage: 32185 / 32819 MB
  26. * Processes count: 306
  27. * Contact US :
  28. MAIL : support@bclinux.org / TEL : 4001-10086-5
  29. [root@localhost admin]# exit
  30. exit
  31. [admin@localhost ~]$ exit
  32. 注销
  33. Connection to 192.168.2.161 closed.
  34. [admin@localhost ~]$

至此,完成各台数据库服务器的环境准备及中控机免密ssh配置。

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/IT小白/article/detail/458298
推荐阅读
相关标签
  

闽ICP备14008679号