1

我在 Centos7 中使用 Pacemaker + Corosync 使用以下命令创建集群:

pcs cluster auth pcmk01-cr pcmk02-cr -u hacluster -p passwd
pcs cluster setup --name my_cluster pcmk01-cr pcmk02-cr

[pcmk01]# pcs cluster start --all
[root@pcmk01 /]# pcs cluster cib clust_cfg
[pcmk01]# pcs -f clust_cfg property set stonith-enabled=false
[root@pcmk01 /]# pcs -f clust_cfg property set no-quorum-policy=ignore
[root@pcmk01 /]# pcs -f clust_cfg resource defaults resource-stickiness=200 

当我检查集群的状态时,我看到节点之间的奇怪和不同的行为,看起来节点彼此不认识。

NODE1上的 pcs 状态:

[root@rvpcmk01 ~]# pcs status
Cluster name: my_cluster
Stack: corosync
Current DC: rvpcmk01-cr (version 1.1.15-11.el7_3.2-e174ec8) - partition WITHOUT quorum
Last updated: Mon Feb  6 15:18:18 2017          Last change: Mon Feb  6 15:03:03 2017 by root via cibadmin on rvpcmk01-cr

2 nodes and 0 resources configured

Online: [ rvpcmk01-cr ]
OFFLINE: [ rvpcmk02-cr ]

No resources


PCSD Status:
  rvpcmk01-cr: Online
  rvpcmk02-cr: Online

Daemon Status:
  corosync: active/enabled
  pacemaker: active/enabled
  pcsd: active/enabled

NODE2上的 pcs 状态:

[root@rvpcmk02 ~]# pcs status
Cluster name: RV_cluster
Stack: corosync
Current DC: rvpcmk02-cr (version 1.1.15-11.el7_3.2-e174ec8) - partition WITHOUT quorum
Last updated: Mon Feb  6 15:19:53 2017          Last change: Mon Feb  6 15:04:12 2017 by root via crm_attribute on rvpcmk02-cr

2 nodes and 0 resources configured

Online: [ rvpcmk02-cr ]
OFFLINE: [ rvpcmk01-cr ]

No resources


PCSD Status:
  rvpcmk01-cr: Offline
  rvpcmk02-cr: Online

Daemon Status:
  corosync: active/enabled
  pacemaker: active/enabled
  pcsd: active/enabled

我也在两个节点上运行这个命令:

节点1:

[root@rvpcmk01 ~]#  pcs status corosync

Membership information
----------------------
    Nodeid      Votes Name
         1          1 rvpcmk01-cr (local)

节点2:

[root@rvpcmk02 ~]# pcs status corosync

Membership information
----------------------
    Nodeid      Votes Name
         2          1 rvpcmk02-cr (local)

据我所知,两个节点都应该出现在上述状态。

你能帮忙并告诉我我在这里缺少什么吗?为什么节点似乎彼此不认识?

这也是我在两台服务器上的 /etc/hosts 文件:

[root@rvpcmk01 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.17.235.109 rvpcmkvip
172.17.235.43 rvpcmk01
172.17.235.44 rvpcmk02
172.17.235.75 rvpcmk01-cr
172.17.235.106 rvpcmk02-cr
172.17.235.119 rvpcmk01-drbd
172.17.235.46 rvpcmk02-drbd

[root@rvpcmk02 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.17.235.109 rvpcmkvip
172.17.235.43 rvpcmk01
172.17.235.44 rvpcmk02
172.17.235.75 rvpcmk01-cr
172.17.235.106 rvpcmk02-cr
172.17.235.119 rvpcmk01-drbd
172.17.235.46 rvpcmk02-drbd

我检查了授权(当我开始配置集群时肯定是授权的,现在我可以看到有问题,但我不明白它是什么以及它的根本原因是什么:

[root@rvpcmk02 drbd.d]# pcs cluster auth rvpcmk01-cr rvpcmk02-cr -u hacluster -p passwd --debug
Running: /usr/bin/ruby -I/usr/lib/pcsd/ /usr/lib/pcsd/pcsd-cli.rb auth
--Debug Input Start--
{"username": "hacluster", "local": false, "nodes": ["rvpcmk01-cr", "rvpcmk02-cr"], "password": "passwd", "force": false}
--Debug Input End--

Return Value: 0
--Debug Output Start--
{
  "status": "ok",
  "data": {
    "auth_responses": {
      "rvpcmk01-cr": {
        "status": "noresponse"
      },
      "rvpcmk02-cr": {
        "status": "ok",
        "token": "e340f461-12ef-4701-a1a6-ef44439dda94"
      }
    },
    "sync_successful": true,
    "sync_nodes_err": [
      "rvpcmk01-cr"
    ],
    "sync_responses": {
      "rvpcmk01-cr": {
        "status": "error"
      },
      "rvpcmk02-cr": {
        "status": "ok",
        "result": {
          "tokens": "accepted"
        }
      }
    }
  },
  "log": [
    "I, [2017-02-06T17:58:16.146090 #27368]  INFO -- : PCSD Debugging enabled\n",
    "D, [2017-02-06T17:58:16.146225 #27368] DEBUG -- : Did not detect RHEL 6\n",
    "I, [2017-02-06T17:58:16.146304 #27368]  INFO -- : Running: /usr/sbin/corosync-cmapctl totem.cluster_name\n",
    "I, [2017-02-06T17:58:16.146375 #27368]  INFO -- : CIB USER: hacluster, groups: \n",
    "D, [2017-02-06T17:58:16.156239 #27368] DEBUG -- : [\"totem.cluster_name (str) = RV-cluster\\n\"]\n",
    "D, [2017-02-06T17:58:16.156390 #27368] DEBUG -- : Duration: 0.009834697s\n",
    "I, [2017-02-06T17:58:16.156525 #27368]  INFO -- : Return Value: 0\n",
    "I, [2017-02-06T17:58:16.157212 #27368]  INFO -- : SRWT Node: rvpcmk02-cr Request: check_auth\n",
    "I, [2017-02-06T17:58:16.160119 #27368]  INFO -- : SRWT Node: rvpcmk01-cr Request: check_auth\n",
    "I, [2017-02-06T17:58:16.162104 #27368]  INFO -- : No response from: rvpcmk01-cr request: /check_auth, exception: Connection refused - connect(2)\n",
    "I, [2017-02-06T17:58:16.240477 #27368]  INFO -- : No response from: rvpcmk01-cr request: /auth, exception: Connection refused - connect(2)\n",
    "I, [2017-02-06T17:58:16.387075 #27368]  INFO -- : Running: /usr/sbin/pcs status nodes corosync\n",
    "I, [2017-02-06T17:58:16.387208 #27368]  INFO -- : CIB USER: hacluster, groups: \n",
    "D, [2017-02-06T17:58:16.670689 #27368] DEBUG -- : [\"Corosync Nodes:\\n\", \" Online: rvpcmk02-cr \\n\", \" Offline: rvpcmk01-cr \\n\"]\n",
    "D, [2017-02-06T17:58:16.670889 #27368] DEBUG -- : Duration: 0.28344494s\n",
    "I, [2017-02-06T17:58:16.671033 #27368]  INFO -- : Return Value: 0\n",
    "I, [2017-02-06T17:58:16.671978 #27368]  INFO -- : Sending config 'tokens' version 36 1f36b1c29146694381cd47b96c01d65876ba8db9 to nodes: rvpcmk02-cr, rvpcmk01-cr\n",
    "I, [2017-02-06T17:58:16.672428 #27368]  INFO -- : SRWT Node: rvpcmk01-cr Request: set_configs\n",
    "I, [2017-02-06T17:58:16.673819 #27368]  INFO -- : SRWT Node: rvpcmk02-cr Request: set_configs\n",
    "I, [2017-02-06T17:58:16.681322 #27368]  INFO -- : No response from: rvpcmk01-cr request: /set_configs, exception: Connection refused - connect(2)\n",
    "I, [2017-02-06T17:58:16.783061 #27368]  INFO -- : Sending config response from rvpcmk01-cr: {\"status\"=>\"error\"}\n",
    "I, [2017-02-06T17:58:16.783169 #27368]  INFO -- : Sending config response from rvpcmk02-cr: {\"status\"=>\"ok\", \"result\"=>{\"tokens\"=>\"accepted\"}}\n"
  ]
}

--Debug Output End--

Error: Unable to communicate with rvpcmk01-cr
rvpcmk02-cr: Authorized
Error: Unable to synchronize and save tokens on nodes: rvpcmk01-cr. Are they authorized?

如果您需要其他信息,请告诉我什么,我会提供。

4

2 回答 2

2

在所有集群节点上添加以下防火墙规则或刷新 iptables 规则

# firewall-cmd --permanent --add-service=high-availability
# firewall-cmd --add-service=high-availability

然后从rvpcmk02-cr(这是 DC 节点)尝试重新验证集群节点

# pcs cluster auth rvpcmk01-cr rvpcmk02-cr -u hacluster -p passwd --debug
于 2018-05-30T10:14:27.057 回答
0

请不要在关键环境中运行以下命令。
冲洗 iptables 对我有用

iptables -F
ip6tables -F

于 2021-01-21T11:23:51.213 回答