openGauss 2.1.0一主两备企业版安装

原创 .key 2021-12-01

937

环境信息

OpenGauss版本：2.1.0
软件包下载地址：https://opengauss.org/zh/download.html
Linux：CentOS 7.6
192.168.0.11 opengauss01
192.168.0.12 opengauss02
192.168.0.13 opengauss03

1. 配置主机域名解析

[root@opengauss01 ~]# vim /etc/hosts
......
192.168.0.11 opengauss01
192.168.0.12 opengauss02
192.168.0.13 opengauss03

# 同步至其他所有节点
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
scp /etc/hosts root@$ip:/etc/
done

2. 配置各节点root用户免密登录

# 为简化操作将所有主机配置免密登录
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa"
done

[root@opengauss01 ~]# cat ~/.ssh/id_rsa.pub
# 输出公钥信息
[root@opengauss02 ~]# cat ~/.ssh/id_rsa.pub
# 输出公钥信息
[root@opengauss03 ~]# cat ~/.ssh/id_rsa.pub
# 输出公钥信息

# 将所有节点的公钥信息内容拷贝到authorized_keys文件中
[root@opengauss01 ~]# vim ~/.ssh/authorized_keys

# 同步至其他所有节点
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
scp ~/.ssh/authorized_keys root@$ip:~/.ssh/
done

3. 安装依赖包

# yum源配置
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "mkdir /etc/yum.repos.d/repo_bak"
ssh root@$ip "mv /etc/yum.repos.d/* /etc/yum.repos.d/repo_bak/"
ssh root@$ip "curl -o /etc/yum.repos.d/CentOS-Base.repo https://repo.huaweicloud.com/repository/conf/CentOS-7-reg.repo"
ssh root@$ip "yum clean all"
ssh root@$ip "yum repolist"
done

# 安装依赖软件包
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "yum -y install libaio-devel flex bison ncurses-devel glibc-devel patch redhat-lsb-core"
ssh root@$ip "yum -y install readline-devel java-1.8.0-openjdk* psmisc bzip2 python3 python3-devel lksctp*"
done

4. 关闭安全策略

# 关闭selinux，重启后永久生效
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "setenforce 0"ssh root@$ip "sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config"
done

# 关闭防火墙
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "systemctl stop firewalld"
ssh root@$ip "systemctl disable firewalld"
done

5. 修改字符集

[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "echo $LANG"
ssh root@$ip "echo "export LANG=en_US.UTF8" >> ~/.bash_profile"
ssh root@$ip "source ~/.bash_profile"
ssh root@$ip "echo $LANG"
done

6. 配置ssh服务

[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "cat /etc/ssh/sshd_config | egrep 'Banner|PermitRootLogin'"
done

#Banner none          # 注释掉ssh登录的欢迎信息
PermitRootLogin yes   # 允许root用户远程登录

# 如有修改，修改后重启sshd服务
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "systemctl restart sshd"
done

7. 关闭swap分区

# 注释开机挂载swap分区，所有节点操作 [root@opengauss ~]# cat /etc/fstab | grep swap #/dev/mapper/centos_centos7-swap swap swap defaults 0 0 # 关闭swap分区 [root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'` do echo $ip ssh root@$ip "swapoff -a" ssh root@$ip "free -h | grep -i "swap"" done # 正常输出 Swap: 0B 0B 0B Swap: 0B 0B 0B Swap: 0B 0B 0B

8. 关闭大透明页

# 修改如下
[root@opengauss01 ~]# sed -i 's/GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="rhgb quiet transparent_hugepage=never"/' /etc/default/grub
[root@opengauss01 ~]# cat /etc/default/grub | grep "GRUB_CMDLINE_LINUX"

GRUB_CMDLINE_LINUX="rhgb quiet transparent_hugepage=never"

[root@opengauss02 ~]# sed -i 's/GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="rhgb quiet transparent_hugepage=never"/' /etc/default/grub
[root@opengauss02 ~]# cat /etc/default/grub | grep "GRUB_CMDLINE_LINUX"

GRUB_CMDLINE_LINUX="rhgb quiet transparent_hugepage=never"

[root@opengauss03 ~]# sed -i 's/GRUB_CMDLINE_LINUX=.*/GRUB_CMDLINE_LINUX="rhgb quiet transparent_hugepage=never"/' /etc/default/grub
[root@opengauss03 ~]# cat /etc/default/grub | grep "GRUB_CMDLINE_LINUX"

GRUB_CMDLINE_LINUX="rhgb quiet transparent_hugepage=never"

# 重新编译grub，关闭透明页
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "grub2-mkconfig -o /boot/grub2/grub.cfg"
ssh root@$ip "cat /proc/meminfo | grep -i "huge""
done

# [可选]临时关闭透明页
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "echo "never" > /sys/kernel/mm/transparent_hugepage/enabled"
ssh root@$ip "echo "never" > /sys/kernel/mm/transparent_hugepage/defrag"
done

# 检查是否已修改完毕
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "cat /sys/kernel/mm/transparent_hugepage/enabled"
ssh root@$ip "cat /sys/kernel/mm/transparent_hugepage/defrag"
done
# 正常输出:
192.168.0.11
always madvise [never]
always madvise [never]
192.168.0.12
always madvise [never]
always madvise [never]
192.168.0.13
always madvise [never]
always madvise [never]

9. 检查时区

# 设置为上海时区
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "ls -l /etc/localtime"
done
192.168.0.11
lrwxrwxrwx. 1 root root 35 Feb 26  2021 /etc/localtime -> ../usr/share/zoneinfo/Asia/Shanghai
192.168.0.12
lrwxrwxrwx. 1 root root 35 Feb 26  2021 /etc/localtime -> ../usr/share/zoneinfo/Asia/Shanghai
192.168.0.13
lrwxrwxrwx. 1 root root 35 Feb 26  2021 /etc/localtime -> ../usr/share/zoneinfo/Asia/Shanghai

# 同步系统时间至硬件
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "hwclock -w"
done

10. 设置网卡MTU值

将各数据库节点的网卡MTU值设置为相同大小。对于x86，MTU值推荐1500；对于ARM，MTU值推荐8192。

[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "ifconfig | grep "mtu""
done

11. 操作系统资源限制

# 所有节点操作
[root@opengauss01 ~]# cat >> /etc/security/limits.conf <<EOF
* soft stack 3072
* hard stack 3072
* soft nofile 1000000
* hard nofile 1000000
EOF

[root@opengauss ~]# vim /etc/security/limits.d/20-nproc.conf 
......
*          soft    nproc     unlimited

12. 内核参数配置

[root@opengauss01 ~]# vim /etc/sysctl.conf
vm.swappiness=0
net.ipv4.tcp_max_tw_buckets = 10000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_retries1 = 5
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_synack_retries = 5
net.sctp.path_max_retrans = 10
net.sctp.max_init_retransmits = 10
net.sctp.association_max_retrans = 10
net.sctp.hb_interval = 30000
net.ipv4.tcp_retries2 = 12
vm.overcommit_memory = 0
net.sctp.sndbuf_policy = 0
net.sctp.rcvbuf_policy = 0
net.sctp.sctp_mem = 94500000 915000000 927000000
net.sctp.sctp_rmem = 8192 250000 16777216
net.sctp.sctp_wmem = 8192 250000 16777216
net.ipv4.tcp_rmem = 8192 250000 16777216
net.ipv4.tcp_wmem = 8192 250000 16777216
net.core.wmem_max = 21299200
net.core.rmem_max = 21299200
net.core.wmem_default = 21299200
net.core.rmem_default = 21299200
net.ipv4.ip_local_port_range = 26000 65535
kernel.sem = 250 6400000 1000 25600
vm.min_free_kbytes = 201318     # 该值设置为系统总内存的5%，单位：字节
net.core.somaxconn = 65535
net.ipv4.tcp_syncookies = 1
net.sctp.addip_enable = 0
net.core.netdev_max_backlog = 65535
net.ipv4.tcp_max_syn_backlog = 65535
net.ipv4.tcp_fin_timeout = 60
kernel.shmall = 1152921504606846720
kernel.shmmax = 18446744073709551615
net.ipv4.tcp_sack = 1
net.ipv4.tcp_timestamps = 1
vm.extfrag_threshold = 500
vm.overcommit_ratio = 90

[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "sysctl -p"
done

Tips: 新系统执行sysctl -p命令时可能会输出很多文件或目录不存在错误，      重启操作系统后再次执行sysctl -p便没有这些报错。

13. 创建XML配置文件

[root@opengauss01 ~]# vim cluster_config.xml
<?xml version="1.0" encoding="UTF-8"?>
<ROOT>
    <!-- openGauss整体信息 -->
    <CLUSTER>
        <!-- 数据库名称 -->
        <PARAM name="clusterName" value="Cluster_opengauss" />
        <!-- 数据库节点名称(hostname) -->
        <PARAM name="nodeNames" value="opengauss01,opengauss02,opengauss03" />
        <!-- 数据库安装目录-->
        <PARAM name="gaussdbAppPath" value="/opt/huawei/opengauss/app" />
        <!-- 日志目录-->
        <PARAM name="gaussdbLogPath" value="/var/log/opengauss" />
        <!-- 临时文件目录-->
        <PARAM name="tmpMppdbPath" value="/opt/huawei/opengauss/tmp"/>
        <!-- 数据库工具目录-->
        <PARAM name="gaussdbToolPath" value="/opt/huawei/opengauss/om" />
        <!-- 数据库core文件目录-->
        <PARAM name="corePath" value="/opt/huawei/opengauss/corefile"/>
        <!-- 节点IP，与数据库节点名称列表一一对应 -->
        <PARAM name="backIp1s" value="192.168.0.11,192.168.0.12,192.168.0.13"/>
    </CLUSTER>
    <!-- 每台服务器上的节点部署信息 -->
    <DEVICELIST>
        <!-- 节点1上的部署信息 -->
        <DEVICE sn="opengauss01">
            <!-- 节点1的主机名称 -->
            <PARAM name="name" value="opengauss01"/>
            <!-- 节点1所在的AZ及AZ优先级 -->
            <PARAM name="azName" value="AZ1"/>
            <PARAM name="azPriority" value="1"/>
            <!-- 节点1的IP，如果服务器只有一个网卡可用，将backIP1和sshIP1配置成同一个IP -->
            <PARAM name="backIp1" value="192.168.0.11"/>
            <PARAM name="sshIp1" value="192.168.0.11"/>
            
	    <!--dn-->
            <PARAM name="dataNum" value="1"/>
	    <PARAM name="dataPortBase" value="26000"/>
	    <PARAM name="dataNode1" value="/srv/BigData/OpenGauss/data1,opengauss02,/srv/BigData/OpenGauss/data1,opengauss03,/srv/BigData/OpenGauss/data1"/>
            <PARAM name="dataNode1_syncNum" value="0"/>
        </DEVICE>

        <!-- 节点2上的部署信息 -->
        <DEVICE sn="opengauss02">
            <!-- 节点2的主机名称 -->
            <PARAM name="name" value="opengauss02"/>
            <!-- 节点2所在的AZ及AZ优先级 -->
            <PARAM name="azName" value="AZ1"/>
            <PARAM name="azPriority" value="1"/>
            <!-- 节点2的IP，如果服务器只有一个网卡可用，将backIP1和sshIP1配置成同一个IP -->
            <PARAM name="backIp1" value="192.168.0.12"/>
            <PARAM name="sshIp1" value="192.168.0.12"/>
	</DEVICE>

        <!-- 节点3上的部署信息 -->
        <DEVICE sn="opengauss03">
            <!-- 节点3的主机名称 -->
            <PARAM name="name" value="opengauss03"/>
            <!-- 节点3所在的AZ及AZ优先级 -->
            <PARAM name="azName" value="AZ1"/>
            <PARAM name="azPriority" value="1"/>
            <!-- 节点3的IP，如果服务器只有一个网卡可用，将backIP1和sshIP1配置成同一个IP -->
            <PARAM name="backIp1" value="192.168.0.13"/>
            <PARAM name="sshIp1" value="192.168.0.13"/>
	</DEVICE>
    </DEVICELIST>
</ROOT>

14. 创建目录并解压软件包

# 创建相应目录
[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'`
do
echo $ip
ssh root@$ip "mkdir -p /srv/BigData/OpenGauss/data1"
ssh root@$ip "mkdir -p /opt/software/openGauss"
ssh root@$ip "chmod 755 -R /opt/software"
done

[root@opengauss01 ~]# cd /opt/software/openGauss# 将opengauss软件包上传至该目录
[root@opengauss01 openGauss]# ls
openGauss-2.1.0-CentOS-64bit-all.tar.gz
[root@opengauss01 openGauss]# tar -zxvf openGauss-2.1.0-CentOS-64bit-all.tar.gz
[root@opengauss01 openGauss]# tar -zxvf openGauss-2.1.0-CentOS-64bit-om.tar.gz 

# 将XML配置文件移动至解压目录下
[root@opengauss01 ~]# mv ~/cluster_config.xml /opt/software/openGauss/

15. 执行交互式预安装

[root@opengauss01 ~]# export LD_LIBRARY_PATH=/opt/software/openGauss/script/gspylib/clib:$LD_LIBRARY_PATH [root@opengauss01 ~]# cd /opt/software/openGauss/script/ [root@opengauss01 script]# ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/cluster_config.xml \ --sep-env-file=/srv/BigData/OpenGauss/db1_env ...... Are you sure you want to create trust for root (yes/no)? yes Please enter password for root. Password: # 输入root用户的密码 ...... Are you sure you want to create the user[omm] and create trust for it (yes/no)? yes Please enter password for cluster user. Password: # 设置omm用户的密码 Please enter password for cluster user again. Password: # 再次输入omm用户的密码 Successfully created [omm] user on all nodes. ...... Successfully set finish flag. Preinstallation succeeded. # 成功。

16. 检查参数配置情况

# 预安装完成后重启一次操作系统，使预安装的部分参数配置生效
[root@opengauss01 ~]# ssh 192.168.0.12 "reboot"
[root@opengauss01 ~]# ssh 192.168.0.13 "reboot"
[root@opengauss01 ~]# reboot

# 执行检查命令
[root@opengauss01 ~]# /opt/software/openGauss/script/gs_checkos -i A \
-h opengauss01,opengauss02,opengauss03 --detail

# 使用tree命令查看预安装产生的目录文件
[root@opengauss01 ~]# tree -L 2 /opt/huawei/opengauss/
/opt/huawei/opengauss/
|-- app_compiled
|-- corefile
|-- om
|   |-- lib
|   |-- omm
|   |-- openGauss-2.1.0-CentOS-64bit.sha256
|   |-- openGauss-2.1.0-CentOS-64bit.tar.bz2
|   |-- openGauss-Package-bak_compiled.tar.gz
|   |-- script
|   |-- upgrade_sql.sha256
|   |-- upgrade_sql.tar.gz
|   `-- version.cfg
`-- tmp

7 directories, 6 files

# 检查环境变量文件
[root@opengauss01 ~]# cat /srv/BigData/OpenGauss/db1_env

17. 执行数据库安装

[root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'` do echo $ip ssh root@$ip "chown -R omm:dbgrp /opt/huawei/ /opt/software/ /srv/BigData/" done [root@opengauss01 ~]# su - omm [omm@opengauss01 ~]$ source /srv/BigData/OpenGauss/db1_env [omm@opengauss01 ~]$ gs_install -X /opt/software/openGauss/cluster_config.xml \ --gsinit-parameter="--encoding=UTF8" \ --dn-guc="max_connections=1000" \ --dn-guc="max_process_memory=3GB" \ --dn-guc="shared_buffers=128MB" \ --dn-guc="bulk_write_ring_size=128MB" \ --dn-guc="cstore_buffers=16MB" ...... encrypt cipher and rand files for database. Please enter password for database: # 输入数据库omm用户初始密码 Please repeat for database: # 再次输入数据库omm用户初始密码 begin to create CA cert files ...... Successfully installed application. end deploy.. # 成功 Tips: 若主机内存大于等于32GB就直接执行"gs_install -X /opt/software/openGauss/cluster_config.xml"即可，这些参数是主机内存不满足推荐要求时需要加上。 # 查看数据库进程，primary代表是主实例，standby代表是备实例 [omm@opengauss01 ~]$ ps -ef | grep opengauss omm 7884 1 1 16:23 ? 00:00:03 /opt/huawei/opengauss/app/bin/gaussdb -D /srv/BigData/OpenGauss/data1 -M primary omm 8365 2576 0 16:26 pts/0 00:00:00 grep --color=auto opengauss [omm@opengauss01 ~]$ ssh 192.168.0.13 "ps -ef | grep opengauss" omm 4741 1 4 16:23 ? 00:00:09 /opt/huawei/opengauss/app/bin/gaussdb -D /srv/BigData/OpenGauss/data1 -M standby omm 4893 4892 0 16:26 ? 00:00:00 bash -c ps -ef | grep opengauss omm 4905 4893 0 16:26 ? 00:00:00 grep opengauss [omm@opengauss01 ~]$ ssh 192.168.0.12 "ps -ef | grep opengauss" omm 4770 1 5 16:23 ? 00:00:10 /opt/huawei/opengauss/app/bin/gaussdb -D /srv/BigData/OpenGauss/data1 -M standby omm 4917 4916 0 16:26 ? 00:00:00 bash -c ps -ef | grep opengauss omm 4929 4917 0 16:26 ? 00:00:00 grep opengauss

18. 数据库登录测试

[root@opengauss01 ~]# gsql -d postgres -p 26000 -r
postgres=# \l
                         List of databases
   Name    | Owner | Encoding | Collate | Ctype | Access privileges 
-----------+-------+----------+---------+-------+-------------------
 postgres  | omm   | UTF8     | C       | C     | 
 template0 | omm   | UTF8     | C       | C     | =c/omm           +
           |       |          |         |       | omm=CTc/omm
 template1 | omm   | UTF8     | C       | C     | =c/omm           +
           |       |          |         |       | omm=CTc/omm
(3 rows)

openGauss=# create database chenyq;
CREATE DATABASE
openGauss=# \l
                         List of databases
   Name    | Owner | Encoding | Collate | Ctype | Access privileges 
-----------+-------+----------+---------+-------+-------------------
 chenyq    | omm   | UTF8     | C       | C     | 
 postgres  | omm   | UTF8     | C       | C     | 
 template0 | omm   | UTF8     | C       | C     | =c/omm           +
           |       |          |         |       | omm=CTc/omm
 template1 | omm   | UTF8     | C       | C     | =c/omm           +
           |       |          |         |       | omm=CTc/omm
(4 rows)

openGauss=# \c chenyq;
Non-SSL connection (SSL connection is recommended when requiring high-security)
You are now connected to database "chenyq" as user "omm".
chenyq=# create table chenyq(id int);
CREATE TABLE
chenyq=# insert into chenyq values(1);
INSERT 0 1
chenyq=# select * from chenyq;
 id 
----
  1
(1 row)

# 检查备机已经将数据同步过来
[omm@opengauss02 ~]$ source /srv/BigData/OpenGauss/db1_env 
[omm@opengauss02 ~]$ gsql -d postgres -p 26000 -r
gsql ((openGauss 2.1.0 build 590b0f8e) compiled at 2021-09-30 14:29:04 commit 0 last mr  )
Non-SSL connection (SSL connection is recommended when requiring high-security)
Type "help" for help.

openGauss=# \l
                         List of databases
   Name    | Owner | Encoding | Collate | Ctype | Access privileges 
-----------+-------+----------+---------+-------+-------------------
 chenyq    | omm   | UTF8     | C       | C     | 
 postgres  | omm   | UTF8     | C       | C     | 
 template0 | omm   | UTF8     | C       | C     | =c/omm           +
           |       |          |         |       | omm=CTc/omm
 template1 | omm   | UTF8     | C       | C     | =c/omm           +
           |       |          |         |       | omm=CTc/omm
(4 rows)

openGauss=# \c chenyq;
Non-SSL connection (SSL connection is recommended when requiring high-security)
You are now connected to database "chenyq" as user "omm".
chenyq=# select * from chenyq;
 id 
----
  1
(1 row)

19. 实验环境清理

# 卸载数据库 [omm@opengauss01 ~]$ gs_uninstall --delete-data ...... Successfully uninstalled application. Uninstallation succeeded. # 卸载omm用户和用户组 [root@opengauss01 ~]# cd /opt/software/openGauss/script/ [root@opengauss01 script]# source /srv/BigData/OpenGauss/db1_env [root@opengauss01 script]# ./gs_postuninstall -U omm -X /opt/software/openGauss/cluster_config.xml --delete-user --delete-group ...... Successfully deleted local node's logs. Successfully cleaned environment. # 成功卸载 # 删除运行环境目录 [root@opengauss01 ~]# for ip in `cat /etc/hosts | grep "opengauss" | awk '{print $1}'` do echo $ip ssh root@$ip "rm -rf /srv/BigData/OpenGauss/ /opt/huawei/" done

opengauss

最后修改时间：2021-12-01 23:29:24

「喜欢这篇文章，您的关注和赞赏是给作者最好的鼓励」

关注作者

openGauss 2.1.0一主两备企业版安装

环境信息

评论