share facebook facebook2 twitter menu hatena pocket slack

2016.07.25 MON

AWS/EC2 Corosync PacemakerでNFSを冗長化する

佐藤 裕行

WRITTEN BY佐藤 裕行

NFS冗長化

NFS冗長化は辛い。
救いのEFSは日本に来ない。
死ぬしかない。

ということで、NFSをCorosyncとPacemakerで冗長化します。

構成

VIP付け替えは遅いので、RouteTable切り替え方式。

2ab17156-a2f9-eb33-dec6-85cfb1a2d3c5

Install

curl -O http://iij.dl.osdn.jp/linux-ha/63919/pacemaker-repo-1.1.13-1.1.el6.x86_64.rpm
sudo rpm -iUvh pacemaker-repo-1.1.13-1.1.el6.x86_64.rpm
sudo yum -c /etc/yum.repos.d/pacemaker.repo install pacemaker
sudo yum install --enablerepo=epel lsyncd

chkconfig corosync off
chkconfig pacemaker off
chkconfig lsyncd off

File

/etc/init.d/にスクリプトを配置

ryncd
https://gist.github.com/SatoHiroyuki/dfccaf5b5e547087b2e4fb7552034760

route-change 切り替え用
https://gist.github.com/SatoHiroyuki/fad97868fa6dc5110c825e7ca22c2583

chmod +x [script-path]
chkconfig [script-name] off

https://gist.github.com/SatoHiroyuki/e9fc0d52c42cced4ee2944b26f55a28b

chmod +x [script-path]
chkconfig [script-name] on

Network

vim /etc/sysconfig/network-scripts/ifcfg-eth0:1

DEVICE=eth0:1
BOOTPROTO=static
ONPARENT=yes
IPADDR=240.0.0.1
NETMASK=255.255.255.255
service network restart

AWS

EC2 Src/Dst Check Disable
VPC RouteTable [240.0.0.1/32 → InstanceID]

Corosync

/etc/corosync/corosync.conf

# Please read the corosync.conf.5 manual page
totem {
version: 2

crypto_cipher: none
crypto_hash: none

interface {
ringnumber: 0
bindnetaddr: [[eth0-ip-address]]
mcastport: 5405
ttl: 1
}
transport: udpu
}

logging {
fileline: off
to_logfile: yes
to_syslog: yes
logfile: /var/log/cluster/corosync.log
debug: off
timestamp: on
}

nodelist {
node {
ring0_addr: [[eth0-ip-address]]
nodeid: 1
}

node {
ring0_addr: [[対向:eth0-ip-address]]
nodeid: 2
}

}

quorum {
# Enable and configure quorum subsystem (default: off)
# see also corosync.conf.5 and votequorum.5
provider: corosync_votequorum
expected_votes: 2
}

service {
        # Load the Pacemaker Cluster Resource Manager
        name: pacemaker
        ver: 0
}

Pacemaker

# STONITH (Shoot The Other Node In The Head)
pcs property set stonith-enabled=false
# 2ノード構成の場合は不要のため ignore に変更
pcs property set no-quorum-policy=ignore
# 自動フェイルバックは無効にしておく
pcs resource defaults resource-stickiness="INFINITY" migration-threshold="1"

pcs resource create NFS lsb:nfs 
        op start interval="0s" timeout="30s" on-fail="restart" 
        op monitor interval="20s" timeout="30s" on-fail="restart" 
        op stop interval="0s" timeout="30s" on-fail="fence"

pcs resource create ROUTE lsb:route-change 
        op start interval="0s" timeout="20s" on-fail="restart" 
        op monitor interval="20s" timeout="30s" on-fail="restart" 
        op stop interval="0s" timeout="20s" on-fail="fence"

pcs resource create LSYNCD-RSYNCD lsb:lsyncd-rsyncd-change 
        op start interval="0s" timeout="30s" on-fail="restart" 
        op monitor interval="20s" timeout="30s" on-fail="restart" 
        op stop interval="0s" timeout="30s" on-fail="fence"

pcs resource group add Group-A LSYNCD-RSYNCD NFS ROUTE

Lsyncd

/etc/lsyncd.conf

----
-- User configuration file for lsyncd.
--
-- Simple example for default rsync.
--
settings {
        logfile    = "/var/log/lsyncd.log",
        statusFile = "/tmp/lsyncd.stat",
        statusInterval = 1,
        maxProcesses = 2,
        nodaemon     = false,
        insist       = 1,
}

sync{
        default.rsync,
        source="[[SourceDir]],
        target="[[対向IPaddress]]::nfs",
        delay = 0,
        init = false,
        rsync = {
         archive = true,
        compress = false,
         _extra = {  "-auhLP","--safe-links" },
        }
}

Rsyncd

/etc/rsyncd.conf

uid = root
gid = root
read only = no
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid

dont compress = *.gz *.xz *.tgz *.zip *.pdf *.sit *.sitx *.lzh *.bz2 *.jpg *.jpeg *.gif *.png *.ico *.swf

[nfs]
path = [[SourceDir]]
hosts allow = localhost [[対向のIP]]
hosts deny = *
read only = false

元記事はこちら

AWS/EC2 Corosync PacemakerでNFSを冗長化する

佐藤 裕行

佐藤 裕行

元NIerの通称砂糖です。AWSのネットワークまわりには詳しいです。現在は構築チームに所属し、多忙な日々を過ごしています。