案例说明:

在KingbaseES V8R3及V8R6早期的版本,对于读写分离的集群如果网关地址无法连通,将会导致整个集群关闭,数据库服务无法访问。在后期版本的改进中,降低了对网关的依赖性,当网关地址不通时,会影响集群的部分高可用功能比如failover切换,但集群可以正常对外提供数据库访问服务。如下图所示:

适用版本:

KingbaseES V8R6

集群网关配置:

[kingbase@node101 bin]$ cat ../etc/repmgr.conf |grep trust

trusted_servers='192.168.1.1'

running_under_failure_trusted_servers='on'

一、查看集群节点状态

[kingbase@node101 bin]$ ./repmgr cluster show

 ID | Name  | Role    | Status    | Upstream | Location | Priority | Timeline | LSN_Lag | Connection string

----+-------+---------+-----------+----------+----------+----------+----------+---------+---------------------------------------------------------------------------------------------------------------------------------------------------

 1  | node1 | standby |   running | node2    | default  | 100      | 4        | 0 bytes | host=192.168.1.102 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

 2  | node2 | primary | * running |          | default  | 100      | 4        |         | host=192.168.1.101 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

二、模拟网关故障

[kingbase@node101 ~]$ ping 192.168.1.1

PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.

From 192.168.1.101 icmp_seq=10 Destination Host Unreachable

From 192.168.1.101 icmp_seq=11 Destination Host Unreachable

From 192.168.1.101 icmp_seq=12 Destination Host Unreachable

.....

---如上所示,所有集群节点已经无法ping通网关地址。

三、查看网关失败后集群状态

1、集群节点状态

[kingbase@node101 bin]$ ./repmgr cluster show

 ID | Name  | Role    | Status    | Upstream | Location | Priority | Timeline | LSN_Lag | Connection string

----+-------+---------+-----------+----------+----------+----------+----------+---------+---------------------------------------------------------------------------------------------------------------------------------------------------

 1  | node1 | standby |   running | node2    | default  | 100      | 4        | 0 bytes | host=192.168.1.102 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

 2  | node2 | primary | * running |          | default  | 100      | 4        |         | host=192.168.1.101 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

2、数据库连接测试

[kingbase@node102 bin]$ ./ksql -U system test

ksql (V8.0)

Type "help" for help.

                                                       version

----------------------------------------------------------------------------------------------------------------------

 KingbaseES V008R006C007B0012 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 4.1.2 20080704 (Red Hat 4.1.2-46), 64-bit

(1 row)

---如上所示,网关无法连通后,集群节点状态及数据库服务仍都正常。

3、查看kbha.log日志

Tips:

KingbaseES V8R6集群通过kbha进程每过三秒执行一次网关连通性的测试。

[2023-04-10 15:57:30] [WARNING] ping host"192.168.1.1" failed

[2023-04-10 15:57:31] [NOTICE] PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.

--- 192.168.1.1 ping statistics ---

2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 999ms

pipe 2

[2023-04-10 15:57:31] [WARNING] ping host"192.168.1.1" failed

[2023-04-10 15:57:31] [DETAIL] average RTT value is not greater than zero

[2023-04-10 15:57:31] [DEBUG] ping process end early. usleep(994400)

----如上所示,kbha.log日志记录了网关地址连接失败的日志。

四、集群failover切换测试

1、关闭主库数据库服务

[kingbase@node101 bin]$ ./sys_ctl stop -D ../../data

2、查看备库hamgr.log日志

[2023-04-10 16:13:41] [DEBUG] monitoring node in degraded state for 640 seconds

[2023-04-10 16:13:43] [DEBUG] connecting to: "user=esrep connect_timeout=10 dbname=esrep host=192.168.1.101 port=54321 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3 fallback_application_name=repmgr options=-csearch_path="

[2023-04-10 16:13:43] [DEBUG] monitoring node in degraded state for 642 seconds

[2023-04-10 16:13:45] [DEBUG] connecting to: "user=esrep connect_timeout=10 dbname=esrep host=192.168.1.101 port=54321 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3 fallback_application_name=repmgr options=-csearch_path="

[2023-04-10 16:13:45] [DEBUG] monitoring node in degraded state for 644 seconds

[2023-04-10 16:13:47] [DEBUG] connecting to: "user=esrep connect_timeout=10 dbname=esrep host=192.168.1.101 port=54321 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3 fallback_application_name=repmgr options=-csearch_path="

[2023-04-10 16:13:47] [DEBUG] monitoring node in degraded state for 646 seconds

[2023-04-10 16:13:49] [DEBUG] connecting to: "user=esrep connect_timeout=10 dbname=esrep host=192.168.1.101 port=54321 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3 fallback_application_name=repmgr options=-csearch_path="

[2023-04-10 16:13:49] [DEBUG] monitoring node in degraded state for 648 seconds

---如以上所示,备库检测到主库连接失败,但是并没有触发主备切换。

3、查看集群节点状态

[kingbase@node102 bin]$ ./repmgr cluster show

 ID | Name  | Role    | Status        | Upstream | Location | Priority | Timeline | LSN_Lag | Connection string

----+-------+---------+---------------+----------+----------+----------+----------+---------+---------------------------------------------------------------------------------------------------------------------------------------------------

 1  | node1 | standby |   running     | ? node2  | default  | 100      | 4        | ?       | host=192.168.1.102 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

 2  | node2 | primary | ? unreachable | ?        | default  | 100      |          |         | host=192.168.1.101 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3

[WARNING] following issues were detected

  - unable to connect to node "node1" (ID: 1)'s upstream node "node2" (ID: 2)

  - unable to determine if node "node1" (ID: 1) is attached to its upstream node "node2" (ID: 2)

  - unable to connect to node "node2" (ID: 2)

  - node "node2" (ID: 2) is registered as an active primary but is unreachable

[HINT] execute with --verbose option to see connection error messages

如下图所示,primary处于不可连接状态,未产生failover切换:

五、总结

KingbaseES集群节点通过ping网关地址,测试集群节点之间的网络的互通,如果网关失败,会影响到集群的正常运行,可以在集群中配置多个网关,保证网关地址的高可用。

[kingbase@node101 bin]$ cat ../etc/repmgr.conf |grep trust

trusted_servers='192.168.1.1,192.168.1.254'

running_under_failure_trusted_servers='on'

KingbaseES V8R6 集群运维系列 -- trusted_server的更多相关文章

  1. KingbaseES V8R6集群运维案例之---repmgr standby promote应用案例

    案例说明: 在容灾环境中,跨区域部署的异地备节点不会自主提升为主节点,在主节点发生故障或者人为需要切换时需要手动执行切换操作.若主节点已经失效,希望将异地备机提升为主节点. $bin/repmgr s ...

  2. KingbaseES V8R6集群管理运维案例之---repmgr standby switchover故障

    案例说明: 在KingbaseES V8R6集群备库执行"repmgr standby switchover"时,切换失败,并且在执行过程中,伴随着"repmr stan ...

  3. KingbaseES V8R6集群维护案例之---停用集群node_export进程

    案例说明: 在KingbaseES V8R6集群启动时,会启动node_exporter进程,此进程主要用于向kmonitor监控服务输出节点状态信息.在系统安全漏洞扫描中,提示出现以下安全漏洞: 对 ...

  4. kingbaseES V8R6集群备份恢复案例之---备库作为repo主机执行物理备份

    ​ 案例说明: 此案例是在KingbaseES V8R6集群环境下,当主库磁盘空间不足时,执行sys_rman备份,将集群的备库节点作为repo主机,执行备份,并将备份存储在备库的磁盘空间. 集群架构 ...

  5. KingbaseES V8R6集群维护之--修改数据库服务端口案例

    ​ 案例说明: 对于KingbaseES数据库单实例环境,只需要修改kingbase.conf文件的'port'参数即可,但是对于KingbaseES V8R6集群中涉及到多个配置文件的修改,并且在应 ...

  6. KingbaseES V8R6集群外部备份案例

    案例说明: 本案例采用sys_backup.sh执行物理备份,备份使用如下逻辑架构:集群采用CentOS 7系统,repo采用kylin V10 Server. 一主一备+外部备份 此场景为主备双机常 ...

  7. KingbaseES V8R3集群运维案例之---主库系统down failover切换过程分析

    ​ 案例说明: KingbaseES V8R3集群failover时两个cluster都会触发,但只有一个cluster会调用脚本去执行真正的切换流程,另一个有对应的打印,但不会调用脚本,只是走相关的 ...

  8. KingbaseES V8R3集群运维案例之---kingbase_monitor.sh启动”two master“案例

    案例说明: KingbaseES V8R3集群,执行kingbase_monitor.sh启动集群,出现"two master"节点的故障,启动集群失败:通过手工sys_ctl启动 ...

  9. KingbaseES V8R3集群运维案例之---cluster.log ERROR: md5 authentication failed

    案例说明: 在KingbaseES V8R3集群的cluster.log日志中,经常会出现"ERROR: md5 authentication failed:DETAIL: password ...

  10. KingbaseES V8R6集群维护案例之---将securecmdd通讯改为ssh案例

    案例说明: 在KingbaseES V8R6的后期版本中,为了解决有的主机之间不允许root用户ssh登录的问题,使用了securecmdd作为集群部署分发和通讯的服务,有生产环境通过漏洞扫描,在88 ...

随机推荐

  1. Js中Symbol对象

    Js中Symbol对象 ES6引入了一种新的基本数据类型Symbol,表示独一无二的值,最大的用法是用来定义对象的唯一属性名,Symbol()函数会返回symbol类型的值,该类型具有静态属性和静态方 ...

  2. Linux实现指定用户sftp传输,静止ssh登录

    1.环境 名称 ip server 192.168.1.1 client 192.168.1.2 2.服务器创建repl用户 useradd -m -d /home/repl -s /usr/sbin ...

  3. Java设计模式-解释器模式Interpreter

    介绍 在编译原理中,一个算术表达式通过词法分析器形成词法单元,而后这些词法单元再通过语法分析器构建语法 分析树,最终形成一颗抽象的语法分析树.这里的词法分析器和语法分析器都可以看做是解释器 解释器模式 ...

  4. 无 dmp 文件的情况下使用 windbg

    项目线上出现了闪退问题,查看日志发现是 sentry 模块出问题了 因为用户电脑上没有 pdb 文件,所以无法加载具体函数的调用位置,只能手动去计算 具体步骤是:在 windbg.exe 中加载 se ...

  5. macOS使用CodeRunner快速配置fortran环境

    个人网站:xzajyjs.cn 由于一些项目的缘故,需要有fortran的需求,但由于是M1 mac的缘故,不能像windows那样直接使用vs+ivf这种经典配置.搜了一下网上主流的跨平台方案,主要 ...

  6. python开发接口时,使用jsonschema模块对数据进行校验

    import jsonschema schema = { "type": "object", # 先声明每个键都是对象 "properties&quo ...

  7. 【Azure 应用服务】应用代码中需要使用客户端证书访问服务接口,部署在应用服务后报错不能找到证书(Cannot find the X.509 certificate)

    问题描述 在应用中,需要访问另一个服务接口,这个接口需要使用客户端证书进行认证.在代码中使用 System.Security.Cryptography.X509Certificates 加载Windo ...

  8. 【Azure 应用服务】在Azure App Service for Windows 中部署Java/NodeJS/Python项目时,web.config的配置模板内容

    问题描述 在Azure App Service for Windows 中部署web项目时候,需要在wwwroot下设置web.config,对于不同语言的项目,web.config文件中的httpP ...

  9. 【Azure 应用服务】在创建Web App Service的时候,选Linux系统后无法使用Mysql in App

    问题描述 如图上,是App Services在Windows环境中,系统自带了MySQL In App功能.而在,Linux环境中,没有发现Mysql in App功能,是不是无法在Linux中使用呢 ...

  10. 【Azure 存储服务】Azure Blob下面是否可以创建子文件夹

    问题描述 如何在Azure Storage Account(存储账户) 门户上为 Container 创建子文件夹? 问题解决 经验证,没有办法在门户上直接创建文件夹,不过可以使用Azure Stor ...