文章目录
一、安装mysql
使用rpm安装mysql
借用文档:
安装mysql
https://www.mooloco.com/?p=106
关闭密码限制修改简单密码(必须要先改一个复杂密码):
bash
mysql> SHOW VARIABLES LIKE 'validate_password%';
+-------------------------------------------------+--------+
| Variable_name | Value |
+-------------------------------------------------+--------+
| validate_password.changed_characters_percentage | 0 |
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 8 |
| validate_password.mixed_case_count | 1 |
| validate_password.number_count | 1 |
| validate_password.policy | MEDIUM |
| validate_password.special_char_count | 1 |
+-------------------------------------------------+--------+
8 rows in set (0.02 sec)
mysql> SET GLOBAL validate_password.policy = LOW;
Query OK, 0 rows affected (0.00 sec)
mysql> SET GLOBAL validate_password.length = 1;
Query OK, 0 rows affected (0.00 sec)
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.01 sec)二、配置实操
1.配置mysql
bash
#master1、2互为主从(操作一样)
vim /etc/my.cnf
log-bin=/usr/local/mysql/data/mysql-bin
binlog-format=MIXED
server-id=1/2
如果没有文件夹,需要在重启前创建
mkdir -p /usr/local/mysql/data
chown -R mysql:mysql /usr/local/mysql/data
--重启MySQL
systemctl restart mysqld
#创建用户,为从授权
create user 'myslave'@'%' identified by '123456';
grant replication slave on *.* to 'myslave'@'%';
alter user 'myslave'@'%' identified with mysql_native_password by '123456';
注意:identified with mysql_native_password 加密模块,保护密码
#刷新并查看主的状态信息
flush privileges;
show master status; //看File和Position
#两个主机互相连接主 (注意好不要填错IP和pos偏移量)
change master to master_host='192.168.10.101',master_user='myslave',master_password='123456',master_log_file='mysql-bin.000001',master_log_pos=1149;
两个主机分别执行对方的
#开启从同步
start slave;
#查看从状态信息
show slave status\G
看到
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
证明配置成功
验证主主复制的同步:创建测试库2.部署haproxy
bash
#关闭selinux和防火墙
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
systemctl stop firewalld
systemctl disable firewalld
#安装haproxy
yum -y install haproxy
#编辑配置文件
vim /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
daemon
maxconn 4000
defaults
mode tcp #改
log global
option tcplog #改
option dontlognull
retries 3
timeout http-request 5s
timeout queue 1m
timeout connect 5s
timeout client 1m
timeout server 1m
timeout http-keep-alive 5s
timeout check 5s
maxconn 3000
listen mysql
bind 0.0.0.0:3306 # 显式指定监听地址和端口
balance leastconn # 负载均衡算法
server mysql1 192.168.10.101:3306 check port 3306 maxconn 300 #声明服务器节点
server mysql2 192.168.10.102:3306 check port 3306 maxconn 300
#重启服务并检测文件配置
haproxy -c -f /etc/haproxy/haproxy.cfg
systemctl restart haproxy3.在haproxy代理上安装keepalived(用来检测haproxy的状态)
bash
#关闭selinux和防火墙(做过不用)
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
setenforce 0
systemctl stop firewalld
systemctl disable firewalld
#安装
yum install -y keepalived
#编辑配置文件
注意:需要拷贝一下备份
cp /etc/keepalived/keepalived.conf/etc/keepalived/keepalived.conf.bak
vim /etc/keepalived/keepalived.conf
router_id r1/r2 在 global_defs 中
vrrp_instance VI_1 {
state BACKUP 全为back
nopreempt //优先级高的主机设置,将优先级低的注释
interface ens33 //设置网卡名
priority 100 //优先级,改成不同的
}
注释掉vrrp_strict,删除virtual_ipaddress:区域配置完后面的内容
##2台配置不同,要注意router_id 设置不同,
vrrp_instance 实例(管理VIP的):
要注意两台都为备BACKUP(通过优先级自动选主);优先级修改成不同;优先高一台设置nopreempt(不抢占模式),防止优先级高的故障后还抢占另一台的主身份。
interface 网卡对应本机的网卡名;
virtual_ipaddress: 改成同网段的
注释掉vrrp_strict :严格模式,它会阻止VIP单播通信 #####
#添加监控脚本(测试haproxy的状态,故障后关闭haproxy,keepalived就把VIP漂到另一台)
vim /etc/keepalived/chk.sh
#!/bin/bash
# 若 HAProxy 进程不存在,返回 1(故障);存在返回 0(正常)
if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
exit 1 # 故障状态,触发 Keepalived 切换
else
exit 0 # 正常状态
fi
#重启keepalived
systemctl restart keepalived
#查看VIP(必须是一台有,一台没有)
ip add
#自动跑监控脚本
方一:创建计划任务,定期自动执行
方二:添加到keepalived的配置文件里(keepalived允许添加外部脚本到配置里)
添到示例上方:vrrp_script chk_haproxy {
script "/etc/keepalived/chk.sh"
interval 2
}
添加到示例里面:
track_script {
chk_haproxy
}
chmod +x /etc/keepalived/chk.sh //给脚本执行权限
systemctl restart keepalived
配置文件参考
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id r1
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
nopreempt
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_haproxy # 对应 vrrp_script 定义的名称
}
virtual_ipaddress {
192.168.10.100 虚拟ip
}
}
#客户端验证
用Vip连接MySQL
mysql -utest -p123456 -h192.168.10.100
#注意:客户端没有mysql的命令,可以用"yum -y install mysql"下载5.模拟故障并验证架构效果
#在服务器上创建测试账户test(只需创一次,另一台主会同步)
create user testt@'%' identified by '123456';
grant all on *.* to testt@'%';
alter user 'testt'@'%' identified with mysql_native_password by '123456';
flush privileges;
模拟故障:
1.关闭master1,测试HAProxy的效果,它具备健康检测功能,会自动切换
ping master1IP //发现已离线
如果使用:
mysql -utest -p123456 -h192.168.10.100 //客户端验证是否能正常登录,正常登为正确
只要能登进去,mysql主主和负载均衡就是正常的
2.关闭一个keepalived,查看VIP漂移的效果
ip a // mysql还是可以访问的
观察vip是否移动到另一台haproxy上数据流向:
客户端 → 虚拟 IP(VIP)→ 持有 VIP 的服务器(A 或 B)→ 该服务器上的 HAProxy → 后端 MySQL 主主服务器(通过负载均衡转发)