mysql 主主HA高可用方案详解

1.环境准备：
主机：192@@@1.4,192@@@1.5
操作系统：centos 7.3
mysql数据库版本：mysql 5.7.13
浮动IP:192@@@1.182
2.mysql 下载及解压安装配置
2.1 下载：
#wget http://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.13-linux-glibc2.5-x86_64.tar.gz
2.2 解压安装

tar -xzvf mysql-5.7.13-linux-glibc2.5-x86_64.tar.gz -C /usr/local/

mv mysql-5.7.13-linux-glibc2.5-x86_64 mysql

#mv mysql /usr/local
2.3 配置
2.3.1 创建数据目录（/mysqldata/mysql）
#mkdir /data/mysql
2.3.2 新建mysql用户、组及目录

—新建一个msyql组

groupadd mysql

useradd -r -s /sbin/nologin -g mysql mysql -d /usr/local/mysql —新建msyql用户禁止登录shell

2.3.3 修改目录属有者
#cd /usr/local
#chown -R mysql:mysql /usr/local/mysql
#chown -R mysql:mysql /data/mysql
2.3.4 配置参数初始化
#cd /usr/local/mysql
#bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/data/mysql
…
…
[Note] A temporary password is generated for root@localhost:YLi>7ecpe;YP
⚠️注意：执行的输出内容最后有临时生成的密码！
2.3.5 SSL的安装与配置（/mysqldata/mysql）
#bin/mysql_ssl_rsa_setup --datadir=/data/mysql
执行完后数据目录下多出了一些以pem结尾的文件，而这些文件就是开启SSL连接所需要的文件。
2.3.6 修改系统配置文件

cp support-files/my-default.cnf /etc/my.cnf

cp support-files/mysql.server /etc/init.d/mysqld

编辑：/etc/init.d/mysqld:
basedir=/usr/local/mysql
datadir=/data/mysql

⚠️预设字符集：UTF-8
a.在[mysqld]下添加
　　default-character-set=utf8（mysql 5.5 版本添加character-set-server=utf8）
b.在[client]下添加
　　default-character-set=utf8

2.3.6.1 修改192@@@1.4 主机/etc/my.cnf配置文件底部有实例
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/5.6/en/server-configuration-defaults.html

[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove leading # to turn on a very important data integrity option: logging
# changes to the binary log between backups.
# log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M#datadir=/data/mysql
#socket=/var/lib/mysql/mysql.sockbasedir=/usr/local/mysql
datadir=/mysqldata/mysql
socket=/mysqldata/mysql/mysql.sock
character-set-server=utf8
max_connections=1000default-storage-engine=INNODB
innodb_large_prefix=on# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0# Recommended in standard MySQL setup
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES#主主复制配置:
auto_increment_offset=1
auto_increment_increment=2
#启用二进制日志 注意：日志的目录需要先建立，并将所有者该为mysql
log-bin=mysql-bin
binlog_format=row
log_bin_trust_function_creators=1
##################################################
#注：不加binlog-do-db和binlog_ignore_db，那就表示全部数据库都记录二进制日志。
#需要记录二进制日志的数据库，如果有多个数据库，需要重复设置此参数，每个数据库一行
binlog-do-db=ambari
binlog-do-db=hive
binlog-do-db=ranger
#不需要记录二进制日志的数据库，如果有多个数据库，需要重复设置此参数，每个数据库一行
binlog-ignore-db=mysql
binlog-ignore-db=information_schema
binlog-ignore-db=performance_schema
###################################################
#超过30天的binlog删除
expire_logs_days=30
#服务器唯一ID，默认是1，一般取IP最后一段
server-id=4
#配置从库上的更新操作是否写入二进制文件，如果这台从库，还要做其他从库的主库，那么就需要打这个参数，以便从库的从库能够进行日志同步
log-slave-updates
sync_binlog=1
#中继日志文件
relay_log = mysql-relay-bin
##################################################
#需要复制的数据库，如果有多个数据库，需要重复设置此参数，每个数据库一行
replicate-do-db=ambari
replicate-do-db=hive
replicate-do-db=ranger
#不需要复制的数据库，如果有多个数据库，需要重复设置此参数，每个数据库一行
#replicate-ignore-db=mysql
replicate-ignore-db=information_schema
replicate-ignore-db=performance_schema
##################################################[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
[client]
socket=/mysqldata/mysql/mysql.sock
default-character-set=utf8

2.3.6.2 修改192@@@1.5 主机/etc/my.cnf配置文件
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/5.6/en/server-configuration-defaults.html

[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove leading # to turn on a very important data integrity option: logging
# changes to the binary log between backups.
# log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M#datadir=/data/mysql
#socket=/var/lib/mysql/mysql.sockbasedir=/usr/local/mysql
datadir=/mysqldata/mysql
socket=/mysqldata/mysql/mysql.sock
character-set-server=utf8
max_connections=1000# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0# Recommended in standard MySQL setup
sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES#主主复制配置(offset不同):
auto_increment_offset=2
auto_increment_increment=2
#启用二进制日志 注意：日志的目录需要先建立，并将所有者该为mysql
log-bin=mysql-bin
binlog_format=row
log_bin_trust_function_creators=1
################################################
#注：不加binlog-do-db和binlog_ignore_db，那就表示全部数据库都记录二进制日志。
#需要记录二进制日志的数据库，如果有多个数据库，需要重复设置此参数，每个数据库一行
binlog-do-db=ambari
binlog-do-db=hive
binlog-do-db=ranger
#不需要记录二进制日志的数据库，如果有多个数据库，需要重复设置此参数，每个数据库一行
binlog-ignore-db=mysql
binlog-ignore-db=information_schema
binlog-ignore-db=performance_schema
################################################
#超过30天的binlog删除
expire_logs_days=30
#服务器唯一ID，默认是1，一般取IP最后一段
server-id=5
#配置从库上的更新操作是否写入二进制文件，如果这台从库，还要做其他从库的主库，那么就需要打这个参数，以便从库的从库能够进行日志同步
log-slave-updates
sync_binlog=1
#中继日志文件
relay_log = mysql-relay-bin
################################################
#需要复制的数据库名，如果有多个数据库，需要重复设置此参数，每个数据库一行
replicate-do-db=ambari
replicate-do-db=hive
replicate-do-db=ranger
#不需要复制的数据库，如果有多个数据库，需要重复设置此参数，每个数据库一行
#replicate-ignore-db=mysql
replicate-ignore-db=information_schema
replicate-ignore-db=performance_schema
################################################[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid[client]
socket=/mysqldata/mysql/mysql.sock
default-character-set=utf8优化参数：

#mysqld
init_connect=‘SET collation_connection = utf8_unicode_ci’
init_connect=‘SET NAMES utf8’
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
#不区分大小写
lower_case_table_names=1

show global variables like “%check%”;
set global foreign_key_checks=0;

2.3.7 添加系统路径
# vim /etc/profile
添加：
export PATH=/usr/local/mysql/bin:$PATH
# source /etc/profile

touch /data/data1/mysqllog/mysqld.log
chown -R mysql:mysql /data/data1/mysqllog
service mysqld start
2.4 启动mysql
#service mysqld start (ok)
#bin/mysql --user=root –p

mysql -uroot -p

set global validate_password_policy=0;
set global validate_password_length=1;

ALTER USER ‘root’@‘localhost’ IDENTIFIED BY ‘Aa123456789Aa123456789!’;

修改root密码
mysql>set password=password(‘@@@-2017’);
在5.6后，mysql内置密码增强机制，低强度密码会报错：
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements

1)降低密码安全度要求：
mysql>set global validate_password_policy=0;
mysql>set global validate_password_length=1;

2)增加root远程登录(两个机器都要执行！)
mysql>CREATE USER ‘root’@‘%’ IDENTIFIED BY ‘@@@-2017’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘root’@‘%’ WITH GRANT OPTION;
mysql>CREATE USER ‘root’@‘nn01’ IDENTIFIED BY ‘@@@-2017’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘root’@‘nn01’ WITH GRANT OPTION;
mysql>CREATE USER ‘root’@‘nn02’ IDENTIFIED BY ‘@@@-2017’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘root’@‘nn02’ WITH GRANT OPTION;
mysql>CREATE USER ‘root’@‘135.0.97.208’ IDENTIFIED BY ‘@@@-2017’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘root’@‘135.0.97.208’ WITH GRANT OPTION;
mysql>FLUSH PRIVILEGES;
3）、为ambari创建数据库
mysql>create database ambari; -----不用CHARACTER SET=latin1;
4）、配置ambari用户和权限(两个机器都要执行！
mysql>CREATE USER ‘ambari’@‘%’ IDENTIFIED BY ‘ambari123’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘ambari’@‘%’ WITH GRANT OPTION;
mysql>CREATE USER ‘ambari’@‘localhost’ IDENTIFIED BY ‘ambari123’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘ambari’@‘localhost’ WITH GRANT OPTION;
mysql>CREATE USER ‘ambari’@‘nn01’ IDENTIFIED BY ‘ambari123’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘ambari’@‘nn01’ WITH GRANT OPTION;
mysql>CREATE USER ‘ambari’@‘nn02’ IDENTIFIED BY ‘ambari123’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘ambari’@‘nn02’ WITH GRANT OPTION;
mysql>CREATE USER ‘ambari’@‘135.0.97.208’ IDENTIFIED BY ‘ambari123’;
mysql>GRANT ALL PRIVILEGES ON . TO ‘ambari’@‘135.0.97.208’ WITH GRANT OPTION;
mysql>FLUSH PRIVILEGES;

create database hive;
alter database hive character set latin1;
CREATE USER ‘hive’@‘%’ IDENTIFIED BY ‘Hive@123’;
GRANT ALL PRIVILEGES ON hive.* TO ‘hive’@‘%’;

create database ambari;
CREATE USER ‘ambari’@‘%’ IDENTIFIED BY ‘Ambari@123’;
GRANT ALL PRIVILEGES ON ambari.* TO ‘ambari’@‘%’;

create database ranger;
alter database ranger character set latin1;
CREATE USER ‘rangeradmin’@‘%’ IDENTIFIED BY ‘Ranger@123’;
GRANT ALL PRIVILEGES ON ranger.* TO ‘rangeradmin’@‘%’;
FLUSH PRIVILEGES;

CREATE USER ‘root’@‘%’ IDENTIFIED BY ‘Root@123’;
GRANT ALL PRIVILEGES ON . TO ‘root’@‘%’ WITH GRANT OPTION;
FLUSH PRIVILEGES;

ALTER USER ‘root’@‘localhost’ IDENTIFIED BY ‘Root@123’;

update mysql.user set Grant_priv=‘Y’,Super_priv=‘Y’;
SELECT host,user,authentication_string,Grant_priv,Super_priv,authentication_string FROM mysql.user;

mysql>select user,host from mysql.user; //查看授权用户
mysql>show grants for repuser@‘slaveip’; //查看授权用户情况
SELECT host,user,Grant_priv,Super_priv FROM mysql.user;

SELECT host,user,Grant_priv,Super_priv,authentication_string FROM mysql.user;

grant all privileges on . to root@‘%’ identified by ‘root1234’;
update mysql.user set Grant_priv=‘Y’,Super_priv=‘Y’;

5）、设置mysql开机自启动
systemctl enable mysqld
systemctl restart mysqld

–输入 2.3.4 操作步骤生成的临时密码
重新设置密码：（Test%0831）
mysql> set password=password(‘Test%0831’);
允许远程登录：(本机登录赋权)
mysql>grant all privileges on . to root@‘%’ identified by ‘Test%0831’;
mysql> flush privileges;
查看用户信息
mysql> use mysql;
mysql> select host,user from user where user=‘root’;
±----------±-----+
| host | user |
±----------±-----+
| % | root |
| localhost | root |
±----------±-----+
2 rows in set (0.00 sec)

本机登录：—ERROR 1045 (28000): Access denied for user ‘root’@‘%’ (using password: YES)
2.5 设置主主复制
创建Slave复制帐号,每个slave使用标准的MySQL用户名和密码连接master。进行复制操作的用户会授予REPLICATION SLAVE 权限。
---- 在 4 上执行：
mysql> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON . TO ‘replication’@‘192@@@1.5’ IDENTIFIED BY ‘password’;
mysql> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON . TO ‘slave’@‘192@@@1.5’ IDENTIFIED BY ‘123’;
FLUSH PRIVILEGES;
---- 在 5 上执行：
mysql> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON . TO ‘replication’@‘192@@@1.4’ IDENTIFIED BY ‘password’;
mysql> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON . TO ‘slave’@‘192@@@1.4’ IDENTIFIED BY ‘123’;
FLUSH PRIVILEGES;

CREATE USER ‘root’@‘浮动ip’ IDENTIFIED BY ‘*password’;
GRANT ALL PRIVILEGES ON . TO ‘root’@‘浮动ip’ ;
FLUSH PRIVILEGES;

远程登陆
CREATE USER ‘root’@‘@@@174.19.85’ IDENTIFIED BY ‘password’;
GRANT ALL PRIVILEGES ON . TO ‘root’@‘@@@174.19.85’;
FLUSH PRIVILEGES;

slave上指定master同步信息(告知二进制文件名与位置)
—按照5 master的状态设置 slave 4 mysql–
change master to
master_host=‘192@@@1.5’,
master_user=‘replication’,
master_password=‘password’,
master_log_file=‘mysql-bin.000009’,
master_log_pos=154; #对端状态显示的值
start slave;
-查看4 mysql master 状态
mysql> show master status;
±-----------------±---------±------------------±-------------------------±------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB | Executed_Gtid_Set |
±-----------------±---------±------------------±-------------------------±------------------+
| mysql-bin.000008 | 1653 | ambari,hive,ranger| mysql,information_schema | |
±-----------------±---------±------------------±-------------------------±------------------+
1 row in set (0.00 sec)

—按照4 master的状态设置 slave 5 mysql–
change master to
master_host=‘192@@@1.4’,
master_user=‘replication’,
master_password=‘password’,
master_log_file=‘mysql-bin.000008’,
master_log_pos=1653; #对端状态显示的值
start slave;

mysql>SLAVE START; #开启复制
mysql>SHOW SLAVE STATUS\G #查看主从复制是否配置成功

2.6 配置mysql自动启动

chmod 755 /etc/init.d/mysqld

chkconfig --add mysqld

chkconfig --level 345 mysqld on

2.7 Keepalived 安装配置
2.7.1 安装：
#yum install keepalived -y
2.7.2.1 192@@@1.4 keepalived 配置：
#vi /etc/keepalived/keepalived.cnf
global_defs {
notification_email {
}
}

vrrp_instance PX_MYSQL {state MASTER#state BACKUPinterface bond1virtual_router_id 50priority 100advert_int 1authentication {auth_type PASSauth_pass password123}virtual_ipaddress {192@@@1.182}
}virtual_server 192@@@1.182 3306 {delay_loop 3lb_algo wrrlb_kind DRpersistence_timeout 9600protocol TCPreal_server 192@@@1.4 3306 {notify_down /usr/sbin/stop_keepalived.shweight 1TCP_CHECK {connect_timeout 10connect_port    3306}}
}

2.7.2.2 192@@@1.5 keepalived 配置：
global_defs {
notification_email {
}
}

vrrp_instance PX_MYSQL {state MASTER#state BACKUPinterface bond1virtual_router_id 50priority 90advert_int 1authentication {auth_type PASSauth_pass password123}virtual_ipaddress {192@@@1.182}
}virtual_server 192@@@1.182 3306 {delay_loop 3lb_algo wrrlb_kind DRpersistence_timeout 9600protocol TCPreal_server 192@@@1.5 3306 {notify_down /usr/sbin/stop_keepalived.shweight 1TCP_CHECK {connect_timeout 10connect_port    3306}}
}

⚠️注意：interface 对应的网卡是 192.168网段地址对应的网卡

2.7.2.3 keepalived自监控
[root@OCDC-MYSQL-01 ~]# crontab -l crontab -e
##start keepalived if mysqld started.

- - - - /usr/sbin/start_keepalived.sh &>/dev/null

[root@OCDC-MYSQL-01 ~]# cat /usr/sbin/start_keepalived.sh （service | systemctl命令监控mysql状态）
#!/bin/sh

#start keepalived if mysqld started.
#* * * * * /usr/sbin/start_keepalived.sh &>/dev/null

if [ $(systemctl status mysql.service|grep -c “active (running)”) -eq 1 ];
then
if [ $(systemctl status keepalived.service|grep -c “active (running)”) -eq 0 ];
then
systemctl start keepalived
fi
fi
####################################
[root@OCDC-MYSQL-01 ~]# cat /usr/sbin/stop_keepalived.sh
#!/bin/sh

systemctl stop keepalived