NFS冗長化
NFS冗長化は辛い。
救いのEFSは日本に来ない。
死ぬしかない。
ということで、NFSをCorosyncとPacemakerで冗長化します。
構成
VIP付け替えは遅いので、RouteTable切り替え方式。
Install
curl -O http://iij.dl.osdn.jp/linux-ha/63919/pacemaker-repo-1.1.13-1.1.el6.x86_64.rpm sudo rpm -iUvh pacemaker-repo-1.1.13-1.1.el6.x86_64.rpm sudo yum -c /etc/yum.repos.d/pacemaker.repo install pacemaker sudo yum install --enablerepo=epel lsyncd chkconfig corosync off chkconfig pacemaker off chkconfig lsyncd off
File
/etc/init.d/にスクリプトを配置
ryncd
https://gist.github.com/SatoHiroyuki/dfccaf5b5e547087b2e4fb7552034760
route-change 切り替え用
https://gist.github.com/SatoHiroyuki/fad97868fa6dc5110c825e7ca22c2583
chmod +x [script-path] chkconfig [script-name] off
https://gist.github.com/SatoHiroyuki/e9fc0d52c42cced4ee2944b26f55a28b
chmod +x [script-path] chkconfig [script-name] on
Network
vim /etc/sysconfig/network-scripts/ifcfg-eth0:1
DEVICE=eth0:1 BOOTPROTO=static ONPARENT=yes IPADDR=240.0.0.1 NETMASK=255.255.255.255
service network restart
AWS
EC2 Src/Dst Check Disable
VPC RouteTable [240.0.0.1/32 → InstanceID]
Corosync
/etc/corosync/corosync.conf
# Please read the corosync.conf.5 manual page
totem {
version: 2
crypto_cipher: none
crypto_hash: none
interface {
ringnumber: 0
bindnetaddr: [[eth0-ip-address]]
mcastport: 5405
ttl: 1
}
transport: udpu
}
logging {
fileline: off
to_logfile: yes
to_syslog: yes
logfile: /var/log/cluster/corosync.log
debug: off
timestamp: on
}
nodelist {
node {
ring0_addr: [[eth0-ip-address]]
nodeid: 1
}
node {
ring0_addr: [[対向:eth0-ip-address]]
nodeid: 2
}
}
quorum {
# Enable and configure quorum subsystem (default: off)
# see also corosync.conf.5 and votequorum.5
provider: corosync_votequorum
expected_votes: 2
}
service {
# Load the Pacemaker Cluster Resource Manager
name: pacemaker
ver: 0
}
Pacemaker
# STONITH (Shoot The Other Node In The Head)
pcs property set stonith-enabled=false
# 2ノード構成の場合は不要のため ignore に変更
pcs property set no-quorum-policy=ignore
# 自動フェイルバックは無効にしておく
pcs resource defaults resource-stickiness="INFINITY" migration-threshold="1"
pcs resource create NFS lsb:nfs
op start interval="0s" timeout="30s" on-fail="restart"
op monitor interval="20s" timeout="30s" on-fail="restart"
op stop interval="0s" timeout="30s" on-fail="fence"
pcs resource create ROUTE lsb:route-change
op start interval="0s" timeout="20s" on-fail="restart"
op monitor interval="20s" timeout="30s" on-fail="restart"
op stop interval="0s" timeout="20s" on-fail="fence"
pcs resource create LSYNCD-RSYNCD lsb:lsyncd-rsyncd-change
op start interval="0s" timeout="30s" on-fail="restart"
op monitor interval="20s" timeout="30s" on-fail="restart"
op stop interval="0s" timeout="30s" on-fail="fence"
pcs resource group add Group-A LSYNCD-RSYNCD NFS ROUTE
Lsyncd
/etc/lsyncd.conf
----
-- User configuration file for lsyncd.
--
-- Simple example for default rsync.
--
settings {
logfile = "/var/log/lsyncd.log",
statusFile = "/tmp/lsyncd.stat",
statusInterval = 1,
maxProcesses = 2,
nodaemon = false,
insist = 1,
}
sync{
default.rsync,
source="[[SourceDir]],
target="[[対向IPaddress]]::nfs",
delay = 0,
init = false,
rsync = {
archive = true,
compress = false,
_extra = { "-auhLP","--safe-links" },
}
}
Rsyncd
/etc/rsyncd.conf
uid = root gid = root read only = no log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid dont compress = *.gz *.xz *.tgz *.zip *.pdf *.sit *.sitx *.lzh *.bz2 *.jpg *.jpeg *.gif *.png *.ico *.swf [nfs] path = [[SourceDir]] hosts allow = localhost [[対向のIP]] hosts deny = * read only = false
