Centos7安装pg9.4(主从备份)下

CentOS7使⽤yum安装PostgreSQL和PostGIS的⽅法1.更新yum源同时安装epel（Extra Packages for Enterprise Linux 7），为了稳定性，CentOS7的默认yum源缺少很多组件，这些组件可以在epel上找到。

命令：yum install -y https:///pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-2.noarch.rpmyum -y install epel-release2.安装PostgreSQL使⽤yum search postgre命令可以看到多个版本的PostgreSQL，这⾥我选择了PostgreSQL10。

yum install -y postgresql10-server postgresql10-contrib初始化/usr/pgsql-10/bin/postgresql10-setup initdb设置开机启动systemctl enable postgresql-10启动数据库systemctl start postgresql-103.配置数据库配置远程访问，编辑/var/lib/pgsql/10/data/postgresql.conf，找到listen_addresses，如果想对所有IP开放，把listen_addresses的值改为‘*'，如果只对部分IP开放，多个IP之间⽤,（逗号加空格）隔开。

配置账户访问权限，编辑/var/lib/pgsql/10/data/pg_hba.conf，⽂件分为5列，分别是TYPE、DATABASE、USER、ADDRESS、METHOD，可以对不同IP地址的⽤户设置不同数据库的访问权限。

最后⼀列METHOD的解析如下：trust 任何连接都允许，不需要密码reject 拒绝符合条件(前⾯⼏个条件)的请求MD5 接收⼀个MD5加密过的密码password 接收⼀个密码来登陆，只在可信的⽹络使⽤这种⽅式gss 使⽤gssapi认证，只在tcp/ip连接可⽤sspi 只在windows可⽤的⼀种⽅式krb5 不常⽤，只在TCP/IP可⽤ident 使⽤操作系统⽤户名认证，验证它是否符合请求的的数据库⽤户名ldap 使⽤LDAP服务器认证cert 使⽤ssl客户端认证pam 使⽤操作系统的pam模块服务如果要求所有IP都是使⽤密码登录，则配置为host all all 0.0.0.0/0 md5。

centos7从源代码编译安装程序的基本过程CentOS 7是一款非常稳定的操作系统，被广泛用于企业级环境。

源代码编译安装程序是常见的操作之一，能够为用户提供更多定制化的选择。

下面将介绍在CentOS 7上从源代码编译安装程序的基本过程。

1. 下载安装包首先需要下载所需要的程序安装包，下载链接可以在官方网站或第三方网站上找到。

下载完成后，将安装包上传到CentOS 7系统上的相关目录中。

2. 安装编译工具在CentOS 7上安装程序之前，需要安装一些编译工具和依赖库，可以通过以下命令安装：```yum groupinstall "Development Tools"yum install -y ncurses-devel openssl-devel libevent-devel zlib-devel readline-devel```这里安装了一些常用的编译工具和开发库，确保能够顺利编译安装所需要的程序。

3. 解压文件将下载的安装包解压至指定目录下，可以使用以下命令解压：```tar zxvf package_name.tar.gz```4. 配置编译参数进入解压后的目录下，使用以下命令进行编译参数配置：```./configure --prefix=/usr/local```其中，--prefix指定了安装路径，请根据实际情况进行修改。

5. 编译并安装配置完成后，可以使用以下命令进行编译和安装：```makemake install```make命令用于编译，make install命令用于安装。

在执行安装命令时，需要加上sudo权限。

6. 验证安装安装完成后，可以使用以下命令验证安装是否成功：```which program_name```其中，program_name为安装的程序名称。

若显示安装路径，则说明安装成功。

总结：从源代码编译安装程序需要经历下载安装包，安装编译工具，解压文件，配置编译参数，编译并安装，验证安装等多个步骤。

CentOS 7 安装分区详解前言对于新手来说，CentOS 7 的安装可能会有些棘手。

其中一个比较重要的步骤就是分区。

在这篇文章中，我们将详细讲解CentOS 7 的分区安装过程，帮助您更好地完成安装。

准备工作在安装CentOS 7 之前，您需要准备好以下内容：– CentOS 7 安装光盘或USB 启动盘–一台能够运行CentOS 7 的计算机–一个可用的硬盘或分区分区方案在CentOS 7 安装过程中，您需要选择一个分区方案。

通常情况下，有以下几种选择：–自动分区–手动分区– LVM 分区自动分区自动分区是CentOS 7 安装程序提供的默认选项。

如果您选择自动分区，CentOS 7 将会自动为您创建一个根分区和一个交换分区。

这个选项适合大多数用户，特别是那些没有太多经验的新手。

手动分区如果您需要更精细地控制分区，可以选择手动分区。

手动分区允许您自定义分区大小和数量。

您可以创建根分区、/boot 分区、/home 分区、/tmp 分区和/var 分区等。

LVM 分区LVM 分区是一种比较灵活的分区方案。

它允许您在一个物理卷上创建多个逻辑卷。

这样一来，您就可以根据需要动态地调整卷的大小和数量。

分区策略无论您选择哪种分区方案，都需要考虑一些分区策略。

以下是一些值得注意的方面：–根分区应该至少有20 GB 的空间– /boot 分区应该至少有500 MB 的空间– /home 分区用于存储用户数据，应该根据需要分配足够的空间– /tmp 分区用于存储临时文件，应该根据需要分配足够的空间– /var 分区用于存储系统日志和其他可变数据，应该根据需要分配足够的空间–交换分区用于虚拟内存，应该根据需要分配足够的空间。

通常情况下，交换分区的大小应该是系统内存的两倍。

分区步骤无论您选择哪种分区方案和策略，下面是CentOS 7 分区安装的基本步骤：1. 启动CentOS 7 安装程序2. 选择语言和时区3. 选择安装源和软件包4. 选择分区方案5. 选择分区策略6. 完成安装小结CentOS 7 的分区安装可能有些棘手，但只要您按照上述步骤进行，就应该能够成功完成。

Linux备份和还原实验目的备份linux系统下一个目录/boot和一个分区,其挂载点是/home。

实验步骤步骤一：添加备份盘添加之前查看当前文件系统使用情况，查看备份目录下文件占用情况。

#df –h------查看文件系统使用率#lsblk------查看分区挂载情况#du –s /home------查看目录下所有文件大小#du –s /boot步骤二：加载备份盘根据以上查询，添加一块1GB硬盘即可用于备份。

#cat /proc/scsi/scsi----查看当前磁盘控制器编号，和磁盘ID#echo “scsi add-single-device 0 0 1 0” >>/proc/scsi/scsi#lsblk步骤三：对备份盘进行分区根据需求，分两个区，/dev/sdb1 200MB空间，用来备份/boot。

/dev/sdb2 使用余下800MB空间，用来备份/home分区。

#fdisk /dev/sdb步骤四：安装dump包#mount /dev/sr0 /mnt #cd /etc/yum.repos.d #mkdir backup#mv C* backup/#vim cdrom.repo [aix]name=aix26soft baseurl=file:///mntenabled=1gpgcheck=0保存，退出。

#yum–y install dump步骤五：备份#dump 0f /dev/sdb1 /boot#restore –tf /dev/sdb1#dump 0uf /dev/sdb2 /dev/sda5 #restore –tf /dev/sdb2步骤六：还原为了到达测试效果，先删除/boot 和/home#rm –rf /boot #rm –rf /home #ls / #ls /home#restore –rf /dev/sdb1 /boot/boot还原成功。

#restore –rf /dev/sdb2 /home(注意还原分区时，先进入/home)#restore –rf /dev/sdb2 /dev/sda5(如果不想进入分区，注意书写磁盘分区名称)。

1. 环境信息 (2)2. postgresql (2)1. 依赖包 (2)2. 调整内核 (2)3. 服务配置 (3)4. 创建用户 (3)5. 创建目录 (3)6. 建立ssh信任 (3)7. 环境变量 (4)8. 编译安装 (4)9. 初始化实例 (5)10. 运行参数 (5)11. 启动实例 (7)12. 复制备机 (7)13. 注册服务 (7)3. pgpool (8)1. 创建用户 (8)2. 开放权限 (8)3. 环境变量 (8)4. 建立ssh信任 (8)5. 编译安装 (9)6. 加载extension (9)7. 配置pgpool.conf (9)8. 配置pool_hba.conf (10)9. 配置pcp.conf (11)10. 启动pgpool (11)11. 状态检查 (11)1.环境信息操作系统：CentOS7数据库：Postgresql9.3.5中间层：Pgpool-II-3.4.0Primary：172.15.0.11Standby：172.15.0.12Virtual IP：172.15.0.102.postgresql1.依赖包[root主/备]通过yum安装，需要联网#yum -y install gcc#yum -y install python-devel#yum -y install ncurses-devel#yum -y install readline-devel#yum -y install zlib-devel#yum -y install libxml2-devel#yum -y install libxslt-devel#yum -y install sendmail2.调整内核[root主/备]修改内核#vi /etc/sysctl.confkernel.shmmax = 68719476736kernel.shmall = 4294967296kernel.shmmni = 4096kernel.sem = 50100 64128000 50100 1280fs.file-max = 7672460net.ipv4.ip_local_port_range = 9000 65000net.core.rmem_default = 1048576net.core.rmem_max = 4194304net.core.wmem_default = 262144net.core.wmem_max = 1048576生效参数#/sbin/sysctl -p3.服务配置[root主/备]关闭防火墙(也可以设置协议规则，不关闭防火墙)#systemctl stop firewalld.service#systemctl disable firewalld.service添加主机名称(方便后续配置和管理)#vi /etc/hosts172.15.0.11 DBServer01172.15.0.12 DBServer024.创建用户[root主/备]创建用户组#groupadd postgres创建用户#useradd -d /opt/postgres -s /bin/bash -g postgres -m postgres #passwd postgres5.创建目录[postgres主/备]修改权限(pgpool用户需要读取pg的环境变量)#chmod 750 ~添加目录(源码上传路径)#mkdir ~/src添加目录(辅助脚本路径)#mkdir ~/script6.建立ssh信任[postgres主/备]生成ssh key(密码设置为空)#ssh-keygen设置对端postgres信任，hostname根据实际情况修改#ssh-copy-id postgres@DBServer027.环境变量[postgres主/备]修改profile#vi ~/.bash_profileexport PGHOME=/opt/postgresexport PATH=$PATH:$PGHOME/binexport LD_LIBRARY_PATH=$PGHOME/libexport LANG=zh_CN.UTF8export PGUSER=postgresexport PGDATA=$PGHOME/dataexport PGLOG=$PGHOME/logexport PGSCRIPT=$PGHOME/script生效profile#source ~/.bash_profile8.编译安装[postgres主/备]ftp上传postgresql-9.3.5.tar.gz至/opt/postgres/srcpostgresql-9.3.5.tar.gz#cd ~/src#tar -zxvf postgresql-9.3.5.tar.gz#cd postgresql-9.3.5#./configure --prefix=/opt/postgres --with-python --with-blocksize=16 --enable-debug --with-libxml --with-libxslt#make world#make install-worldftp上传pg_main.sh和pg_main.ini至/opt/postgres/scriptpg_main.sh pg_main.ini#chmod 750 ~/script/*配置pg_main.ini#vi pg_main.ini#脚本的日志路径log=$PGLOG#物理备份路径base=$PGHOME/backup/base#WAL日志归档路径archive=$PGHOME/backup/archive#备份保存天数的阈值keepdays=3#主备机的hostname列表nodes="DBServer01|DBServer02"9.初始化实例[postgres主]初始化实例#initdb -D $PGDATA --encoding=UTF8 -W10.运行参数[postgres主]配置postgresql.conf#vi ~/data/postgresql.conf#监听所有地址listen_addresses = '*'#监听端口port = 5432#WAL日志级别，复制流必须打开wal_level = hot_standby#归档模式，复制流必须打开archive_mode = on#归档脚本，可按照实际情况配置archive_command = 'sh $PGSCRIPT/pg_main.sh archive %p %f'#复制流WAL日志发送进程数max_wal_senders = 3#WAL日志段数量wal_keep_segments = 16#热备模式hot_standby = on#系统日志设置为标准输出log_destination = 'stderr'#系统日志转储进程logging_collector = on#系统日志目录log_directory = '/opt/postgres/log'#系统日志格式log_filename = 'postgresql-%Y%m%d.log'配置pg_hba.conf(红字部分按实际情况配置)#vi ~/data/pg_hba.confhost all all 0.0.0.0/0 md5 host replication postgres 172.15.0.12/32 trust配置recovery.conf(红字部分按实际情况配置)#cp ~/share/recovery.conf.sample ~/data/recovery.done#vi ~/data/recovery.done#备机恢复timelinerecovery_target_timeline = 'latest'#备机模式standby_mode = on#主机的信息primary_conninfo = 'host=DBServer02'#备机提升为主机的触发文件trigger_file = '/opt/postgres/postgres.trigger'11.启动实例[postgres主]启动实例#pg_ctl start12.复制备机[postgres备]从主机复制(红字部分按实际情况配置)#pg_basebackup -D $PGDATA -Fp -Xs -v -P -h DBServer01 -U postgres修改recovery.conf(红字部分按实际情况配置)#mv ~/data/recovery.done ~/data/recovery.conf#vi ~/data/recovery.confprimary_conninfo = 'host=DBServer01'修改pg_hba.conf(红字部分按实际情况配置)#vi ~/data/pg_hba.confhost r eplication postgres 172.15.0.11/32 trust启动实例#pg_ctl start检查进程#ps -ef | grep receiverpostgres 21527 21521 0 20:01 ? 00:00:00 postgres: wal receiver process13.注册服务[root 主/备]ftp上传postgres至/etc/init.d(可以从/opt/postgres/src/postgresql-9.3.5/contrib/start-scripts/linux拷贝修改)postgres#chkconfig --add postgres#chkconfig postgres on3.pgpool1.创建用户[root主/备]#useradd -d /opt/pgpool -s /bin/bash -g postgres -m pgpool#passwd pgpool2.开放权限[root 主/备]生成虚拟ip用到#chmod u+s /sbin/ifconfig#chmod u+s /sbin/arping3.环境变量[pgpool主/备]修改profile#vi ~/.bash_profile. /opt/postgres/.bash_profileexport PATH=$PATH:$HOME/bin生效profile#source ~/.bash_profile4.建立ssh信任生成ssh key(密码设置为空)#ssh-keygen本机postgres信任#ssh-copy-id postgres@`hostname`5.编译安装[pgpool主/备]添加目录#mkdir ~/src解压编译ftp上传pgpool-II-3.4.0.tar.gz至/opt/pgpool/src#cd ~/src#tar -zxvf pgpool-II-3.4.0.tar.gz#cd ~/src/pgpool-II-3.4.0#./configure --prefix=/opt/pgpool --with-pgsql=/opt/postgres#make#make install#cd ~/src/pgpool-II-3.4.0/src/sql#make#make install6.加载extension[pgpool主]备机会自动复制操作，template1是pg创建database的默认模板#psql -h DBServer01 -U postgres -d template1 -c "create extension pgpool_regclass;"#psql -h DBServer01 -U postgres -d template1 -c "create extension pgpool_recovery;"7.配置pgpool.conf[pgpool主/备]以sample-stream为模板，以下列出的是需要更改的配置(红字部分按实际情况配置) #cp ~/etc/pgpool.conf.sample-stream ~/etc/pgpool.conf#vi ~/etc/pgpool.conf#监听地址listen_addresses = '*'#节点信息backend_hostname0 = 'DBServer01'backend_port0 = 5432backend_weight0 = 1backend_data_directory0 = '/opt/postgres/data'backend_flag0 = 'ALLOW_TO_FAILOVER'backend_hostname1 = 'DBServer02'backend_port1 = 5432backend_weight1 = 1backend_data_directory1 = '/opt/postgres/data'backend_flag1 = 'ALLOW_TO_FAILOVER'#认证方式enable_pool_hba = on#日志模式log_connections = onlog_hostname = onlog_statement = onlog_per_node_statement = onpid_file_name = '/opt/pgpool/pgpool.pid'#状态检查sr_check_user = 'postgres'sr_check_password = 'postgres'health_check_period = 1health_check_user = 'postgres'health_check_password = 'postgres'#切换脚本failover_command = 'ssh postgres@DBServer02"$PGSCRIPT/pg_main.sh promote %H "'#看门狗(避免单点故障)use_watchdog = onwd_hostname = 'DBServer01'delegate_IP = '172.15.0.10'heartbeat_destination0 = 'DBServer02'heartbeat_device0 = 'eth0'other_pgpool_hostname0 = 'DBServer02'other_pgpool_port0 = 9999other_wd_port0 = 90008.配置pool_hba.conf[pgpool主/备]认证文件#cp ~/etc/pool_hba.conf.sample ~/etc/pool_hba.conf#vi ~/etc/pool_hba.confhost all all 0.0.0.0/0 md5密码文件(pgsql中所有user需要在此配置，密码需要一致)#pg_md5 -p -u postgres9.配置pcp.conf[pgpool主/备]执行pcp命令时的用户认证(红字部分密码可以任意修改)#cp ~/etc/pcp.conf.sample ~/etc/pcp.conf#echo "postgres:"`pg_md5 postgres` >>~/etc/pcp.conf10.启动pgpool[pgpool主/备]先启动的pgpool节点会为master状态，后启动的为normal状态#pgpool -n > /opt/pgpool/pgpool.log 2>&1 &11.状态检查[pgpool主]使用pgpool的pcp命令，检查watchdog的状态#pcp_watchdog_info 5 DBServer01 9898 postgres postgresnode1 9999 9000 3#pcp_watchdog_info 5 DBServer02 9898 postgres postgresNode2 9999 9000 2watchdog状态说明：（注：可编辑下载，若有不当之处，请指正，谢谢!）。

Centos7中安装和配置nginx和keepalived（主从模式）系统版本 Centos7IP：192.168.0.3 MasterIP：192.168.0.4 Slave⼀.Linux安装nginx (主从都安装NGINX)1.安装依赖[root@Master ~]# yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel[root@Slave ~]# yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel2.创建⼀个⽂件夹[root@Master ~]# cd /usr/local[root@Master local]# mkdir nginx[root@Master local]# cd nginx/[root@Master nginx]#[root@Slave ~]# cd /usr/localYou have new mail in /var/spool/mail/root[root@Slave local]# mkdir nginx[root@Slave local]# cd nginx/[root@Slave nginx]#4.编译并make[root@Master nginx]# cd nginx-1.16.1[root@Master nginx-1.16.1]# ./configure --prefix=/usr/local/nginx[root@Master nginx-1.16.1]# make[root@Master nginx-1.16.1]# make install修改nginx访问界⾯html[root@Master nginx-1.16.1]# cd /usr/local/nginx/html/You have new mail in /var/spool/mail/root[root@Master html]# lltotal 8-rw-r--r-- 1 root root 494 Oct 12 03:23 50x.html-rw-r--r-- 1 root root 612 Oct 12 03:23 index.html[root@Master html]# vi index.html<p><em>Master ip:192.168.0.3</em></p>[root@Slave nginx]# cd nginx-1.16.1[root@Slave nginx-1.16.1]# ./configure --prefix=/usr/local/nginx[root@Slave nginx-1.16.1]# make[root@Slave nginx-1.16.1]# make install修改nginx访问界⾯html[root@Slave nginx-1.16.1]# cd /usr/local/nginx/html/You have new mail in /var/spool/mail/root[root@Slave html]# lltotal 8-rw-r--r-- 1 root root 494 Oct 12 03:23 50x.html-rw-r--r-- 1 root root 612 Oct 12 03:23 index.html[root@Slave html]# vi index.html<p><em>Slave ip:192.168.0.4</em></p>常⽤命令#启动/usr/local/nginx/sbin/nginx#修改配置⽂件重新加载/usr/local/nginx/sbin/nginx -s reload#关闭/usr/local/nginx/sbin/nginx2.安装相关依赖,有不⽤下载了[root@Master local]# yum install -y gcc openssl-devel popt-devel[root@Slave local]# yum install -y gcc openssl-devel popt-devel3.编译安装[root@Master local]# cd keepalived-1.4.2[root@Master keepalived-1.4.2]# ./configure --prefix=/usr/local/keepalived[root@Master keepalived-1.4.2]# make[root@Master keepalived-1.4.2]# make install[root@Slave local]# cd keepalived-1.4.2[root@Slave keepalived-1.4.2]# ./configure --prefix=/usr/local/keepalived[root@Slave keepalived-1.4.2]# make[root@Slave keepalived-1.4.2]# make install4.相关配置,复制就完了[root@Master keepalived-1.4.2]# pwd/usr/local/keepalived-1.4.2You have new mail in /var/spool/mail/root[root@Master keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/init.d/keepalived /etc/init.d/[root@Master keepalived-1.4.2]# mkdir /etc/keepalived[root@Master keepalived-1.4.2]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/[root@Master keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@Master keepalived-1.4.2]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/[root@Slave keepalived-1.4.2]# pwd/usr/local/keepalived-1.4.2You have new mail in /var/spool/mail/root[root@Slave keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/init.d/keepalived /etc/init.d/[root@Slave keepalived-1.4.2]# mkdir /etc/keepalived[root@Slave keepalived-1.4.2]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/[root@Slave keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@Slave keepalived-1.4.2]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/[root@Slave keepalived-1.4.2]#使⽤keepalived保证nginx的⾼可⽤(⼀主⼀从),我的主服务器ip为(192.168.0.3),从机(192.168.0.4)在两条服务器分别安装nginx和keepalived,修改keeplived.conf⽂件vim /etc/keepalived/keepalived.conf主机配置⽂件! Configuration File for keepalivedglobal_defs {#⼀个没重复的名字即可router_id LVS_DEVEL}# 检测nginx是否运⾏vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2#权重减少20,减少完要⽐从机的值⼩weight -20}vrrp_instance VI_1 {# MASTER代表主机state MASTER# ⽹卡名字 ip addr 可以查看interface eno16777736# 同⼀个keepalived集群的virtual_router_id相同virtual_router_id 51# 权重，master要⼤于slavepriority 100# 主备通讯时间间隔advert_int 1# 如果两节点的上联交换机禁⽤了组播，则采⽤vrrp单播通告的⽅式# 本机ipunicast_src_ip 192.168.118.3unicast_peer {# 其他机器ip192.168.118.5}# 设置nopreempt防⽌抢占资源nopreempt# 主备保持⼀致authentication {auth_type PASSauth_pass 1111}# 与上⽅nginx运⾏状况检测呼应track_script {chk_nginx}virtual_ipaddress {# 虚拟ip地址（VIP，⼀个尚未占⽤的内⽹ip即可）192.168.118.118}}[root@Master keepalived-1.4.2]# cd /etc/keepalived/[root@Master keepalived]# lltotal 4-rw-r--r-- 1 root root 3550 Oct 12 03:41 keepalived.conf[root@Master keepalived]# cp keepalived.conf keepalived.conf.bak [root@Master keepalived]# vi /etc/keepalived/keepalived.conf global_defs {router_id LVS_DEVEL}vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2weight -20}vrrp_instance VI_1 {state MASTERinterface enp0s3virtual_router_id 51priority 100advert_int 1unicast_src_ip 192.168.0.3unicast_peer {192.168.0.4}nopreemptauthentication {auth_type PASSauth_pass 1111}track_script {chk_nginx}virtual_ipaddress {192.168.0.10}}从机配置⽂! Configuration File for keepalivedglobal_defs {#⼀个没重复的名字即可router_id LVS_DEVEL}# 检测nginx是否运⾏vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2weight -20}vrrp_instance VI_1 {# 代表是从机state BACKUP# ⽹卡名字，ip addr获取interface eno16777736# 同⼀个keepalived集群的virtual_router_id相同virtual_router_id 51# 权重，master要⼤于slavepriority 90# 主备通讯时间间隔advert_int 1# 如果两节点的上联交换机禁⽤了组播，则采⽤vrrp单播通告的⽅式# 本机ipunicast_src_ip 192.168.118.5unicast_peer {# 其他机器ip192.168.118.3}# 设置nopreempt防⽌抢占资源nopreempt# 主备保持⼀致authentication {auth_type PASSauth_pass 1111}# 与上⽅nginx运⾏状况检测呼应track_script {chk_nginx}virtual_ipaddress {# 虚拟ip地址（VIP，⼀个尚未占⽤的内⽹ip即可）192.168.118.118}}-------------------------------------------------------------从机配置⽂![root@Slave keepalived-1.4.2]# cd /etc/keepalived/You have new mail in /var/spool/mail/root[root@Slave keepalived]# lltotal 4-rw-r--r-- 1 root root 3550 Oct 12 03:42 keepalived.conf[root@Slave keepalived]# cp keepalived.conf keepalived.conf.bak[root@Slave keepalived]# vi /etc/keepalived/keepalived.confglobal_defs {router_id LVS_DEVEL}vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2weight -20}vrrp_instance VI_1 {state Slaveinterface enp0s3virtual_router_id 51priority 90advert_int 1unicast_src_ip 192.168.0.4unicast_peer {192.168.0.3}nopreemptauthentication {auth_type PASSauth_pass 1111}track_script {chk_nginx}virtual_ipaddress {192.168.0.10}}主从机都需配置检测nginx是否在运⾏,不在允许就直接启动nginx的脚本,和keepalived放在⼀起脚本名称 nginx_check.sh#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then/usr/local/nginx/sbin/nginxsleep 2if [ `ps -C nginx --no-header |wc -l` -eq 0 ];thenkillall keepalivedfifi[root@Master keepalived]# pwd/etc/keepalived[root@Master keepalived]# vi nginx_check.sh#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then/usr/local/nginx/sbin/nginxsleep 2if [ `ps -C nginx --no-header |wc -l` -eq 0 ];thenkillall keepalivedfifi[root@Slave keepalived]# pwd/etc/keepalived[root@Slave keepalived]# vi nginx_check.sh#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then/usr/local/nginx/sbin/nginxsleep 2if [ `ps -C nginx --no-header |wc -l` -eq 0 ];thenkillall keepalivedfifi只要配置好了,以后直接启动keepalived就好了,keepalived运⾏之后就会检测nginx是否在运⾏,不在运⾏就通过脚本去启动⾃动重启不了解决⽅案查看脚本是否有运⾏的权限如果你是root登陆的话(不是的话，切换到root⽤户，对*.sh 赋可执⾏的权限)chmod 777*.sh或者chmod +x *.sh主：[root@Master keepalived]# chmod +x nginx_check.sh[root@Master keepalived]# lltotal 12-rw-r--r-- 1 root root 572 Oct 12 03:55 keepalived.conf-rw-r--r-- 1 root root 3550 Oct 12 03:48 keepalived.conf.bak-rwxr-xr-x 1 root root 205 Oct 12 04:04 nginx_check.sh[root@Master keepalived]#备：[root@Slave keepalived]# chmod +x nginx_check.sh[root@Slave keepalived]# lltotal 12-rw-r--r-- 1 root root 575 Oct 12 04:02 keepalived.conf-rw-r--r-- 1 root root 3550 Oct 12 03:57 keepalived.conf.bak-rwxr-xr-x 1 root root 205 Oct 12 04:04 nginx_check.sh[root@Slave keepalived]#keepalived常⽤命令#启动service keepalived start#停⽌service keepalived stop#查看状态service keepalived status主：[root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived stopStopping keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived status● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)Active: active (running) since Mon 2020-10-12 04:08:03 EDT; 14s agoProcess: 9822 ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 9823 (keepalived)CGroup: /system.slice/keepalived.service├─9823 /usr/local/keepalived/sbin/keepalived -D├─9824 /usr/local/keepalived/sbin/keepalived -D└─9825 /usr/local/keepalived/sbin/keepalived -DOct 12 04:08:05 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:09 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on enp0s3 for 192.168.0.10 Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:13 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:17 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping run[root@Master keepalived]#备：[root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived stopStopping keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived status● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)Active: active (running) since Mon 2020-10-12 04:08:03 EDT; 14s agoProcess: 9822 ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)Main PID: 9823 (keepalived)CGroup: /system.slice/keepalived.service├─9823 /usr/local/keepalived/sbin/keepalived -D├─9824 /usr/local/keepalived/sbin/keepalived -D└─9825 /usr/local/keepalived/sbin/keepalived -DOct 12 04:08:05 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:09 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on enp0s3 for 192.168.0.10 Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:13 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:17 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping run[root@Master keepalived]#Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Master ip:192.168.0.3Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Slave ip:192.168.0.4Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Master ip:192.168.0.3⼀切正常,将主机的keepalived服务给停掉,模拟服务器宕机的场景[root@Master keepalived]# service keepalived stopStopping keepalived (via systemctl): [ OK ]You have new mail in /var/spool/mail/root[root@Master keepalived]#Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Slave ip:192.168.0.4成功切换到备⽤服务器接下来重启主服务器,再访问虚拟ip[root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]#Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Master ip:192.168.0.3由此可见,当主机dowm掉的时候才会访问从机,当主机连进来的时候⼜回去访问主机当主机正常运⾏通过ip addr命令的时候可以看到⽹络下多了个虚拟ip,⽽从机却没有,只要当主机挂了时候从机才会显⽰xuniip 主：[root@Master keepalived]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:19:70:2f brd ff:ff:ff:ff:ff:ffinet 192.168.0.3/24 brd 192.168.0.255 scope global noprefixroute enp0s3valid_lft forever preferred_lft foreverinet 192.168.0.10/32 scope global enp0s3valid_lft forever preferred_lft foreverinet6 fe80::58e8:d448:52fb:c18c/64 scope link noprefixroutevalid_lft forever preferred_lft forever[root@Master keepalived]#备：[root@Slave keepalived]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:93:55:c9 brd ff:ff:ff:ff:ff:ffinet 192.168.0.4/24 brd 192.168.0.255 scope global noprefixroute enp0s3valid_lft forever preferred_lft foreverinet6 fe80::4ee7:51c7:e8fe:f5e5/64 scope link noprefixroutevalid_lft forever preferred_lft foreverYou have new mail in /var/spool/mail/root[root@Slave keepalived]#。

centos7 教程CentOS 7 是一种基于企业级 Linux 发行版的操作系统。

CentOS（Community Enterprise Operating System）是由CentOS 项目团队开发的，可免费使用并且具有长期维护支持。

在本教程中，我们将介绍 CentOS 7 的一些常见操作和配置。

1. 安装 CentOS 7a. 下载 CentOS 7 ISO 镜像文件。

b. 创建启动盘或虚拟机并加载镜像。

c. 启动计算机或虚拟机并按照安装程序的指导完成安装。

2. 连接到网络a. 使用命令 `ifconfig` 检查网络接口的状态。

b. 使用命令 `nmcli` 配置网络连接。

例如，`nmcli con add ifname eth0 type ethernet autoconnect yes`。

3. 更新软件包a. 执行命令 `yum update` 来更新系统和安装的软件包。

4. 安装软件包a. 使用命令 `yum install` 安装软件包。

例如，`yum install httpd` 安装 Apache Web 服务器。

5. 配置防火墙a. 使用命令 `firewall-cmd` 配置防火墙规则。

例如，`firewall-cmd --permanent --zone=public --add-service=http` 允许 HTTP 流量通过防火墙。

6. 设置 SELinuxa. 使用命令 `sestatus` 检查 SELinux 状态。

b. 使用命令 `setenforce` 设置 SELinux 模式。

例如，`setenforce 0` 设置 SELinux 为宽容模式。

7. 配置用户和权限a. 使用命令 `useradd` 添加用户。

例如，`useradd -m -s/bin/bash username` 添加一个新用户。

b. 使用命令 `passwd` 设置用户密码。