kingbaseES R6 读写分离集群修改ssh端口案例

数据库环境：

test=# select version();
                                                       version                                                    
    ------------------------------------------------------------------------------------------------------------------
 KingbaseES V008R006C003B0010 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 4.1.2 20080704 (Red Hat 4.1.2-46), 64-bit
(1 row)

操作系统：

[kingbase@node1 bin]$ cat /etc/centos-release
CentOS Linux release 7.2.1511 (Core)

集群架构：

案例说明：

1）本案例在通用机环境下执行。
2）修改ssh端口对于集群的运行，只需要修改repmgr.conf文件中变量即可。

一、查看当前集群状态

[kingbase@node2 bin]$ ./repmgr cluster show
 ID | Name    | Role    | Status    | Upstream | Location | Priority | Timeline | Connection string                                                                                                                                
----+---------+---------+-----------+----------+----------+----------+----------+----------------
 1  | node248 | standby |   running | node249  | default  | 100      | 6        | host=192.168.7.248 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3
 2  | node249 | primary | * running |          | default  | 100      | 6        | host=192.168.7.249 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count

二、修改操作系统和集群配置文件ssh端口号（所有节点）

1）查看系统原ssh端口号（默认22）

[kingbase@node2 bin]$ netstat -antlp |grep 22
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      -                   
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -                   
tcp        0      0 192.168.7.249:22        192.168.7.116:55883     ESTABLISHED -                   
tcp6       0      0 :::22                   :::*                    LISTEN      -

2）查看集群repmgr.conf应用ssh端口

[kingbase@node2 bin]$ cat ../etc/repmgr.conf|grep ssh
ssh_options='-q -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o ServerAliveInterval=2 -o ServerAliveCountMax=5 -p 22'

=== 默认用-p 22 指定集群ssh通讯端口===

3）修改操作系统端口

[root@node1 ~]# cat /etc/ssh/sshd_config|grep -i Port
# If you want to change the port on a SELinux system, you have to tell
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
Port 2222

4）修改集群ssh通讯端口（改为2222）

[kingbase@node1 bin]$ cat ../etc/repmgr.conf |grep ssh
ssh_options='-q -o ConnectTimeout=10 -o StrictHostKeyChecking=no -o ServerAliveInterval=2 -o ServerAliveCountMax=5 -p 2222'

5）重启sshd服务

[root@node1 ~]# systemctl restart sshd

[root@node1 ~]# netstat -an |grep 22
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN  

6）通过非默认端口ssh连接测试

[root@node1 ~]# ssh -p 2222 node2
Last failed login: Mon Mar  1 17:06:07 CST 2021 from 192.168.7.116 on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Mon Mar  1 16:43:29 2021 from 192.168.7.249

=== 从以上可知，修改端口后ssh信任关系正常===

7）sys_monitor.sh重启集群测试

[kingbase@node1 bin]$ ./sys_monitor.sh restart
2021-03-01 17:29:55 Ready to stop all DB ...
Service process "node_export" was killed at process 11833
Service process "postgres_ex" was killed at process 11834
Service process "node_export" was killed at process 9343
Service process "postgres_ex" was killed at process 9344
2021-03-01 17:30:00 begin to stop repmgrd on "[192.168.7.248]".
2021-03-01 17:30:01 repmgrd on "[192.168.7.248]" stop success.
2021-03-01 17:30:01 begin to stop repmgrd on "[192.168.7.249]".
2021-03-01 17:30:02 repmgrd on "[192.168.7.249]" stop success.
2021-03-01 17:30:02 begin to stop DB on "[192.168.7.249]".
waiting for server to shut down..... done
server stopped
2021-03-01 17:30:04 DB on "[192.168.7.249]" stop success.
2021-03-01 17:30:04 begin to stop DB on "[192.168.7.248]".
waiting for server to shut down......... done
server stopped
2021-03-01 17:30:11 DB on "[192.168.7.248]" stop success.
2021-03-01 17:30:11 Done.
2021-03-01 17:30:11 Ready to start all DB ...
2021-03-01 17:30:11 begin to start DB on "[192.168.7.248]".
waiting for server to start.... done
server started
2021-03-01 17:30:12 execute to start DB on "[192.168.7.248]" success, connect to check it.
2021-03-01 17:30:13 DB on "[192.168.7.248]" start success.
2021-03-01 17:30:13 Try to ping trusted_servers on host 192.168.7.248 ...
2021-03-01 17:30:16 Try to ping trusted_servers on host 192.168.7.249 ...
2021-03-01 17:30:18 begin to start DB on "[192.168.7.249]".
waiting for server to start.... done
server started
2021-03-01 17:30:20 execute to start DB on "[192.168.7.249]" success, connect to check it.
2021-03-01 17:30:21 DB on "[192.168.7.249]" start success.
 ID | Name    | Role    | Status    | Upstream  | Location | Priority | Timeline | Connection string                                                                                                                                
----+---------+---------+-----------+-----------+----------+----------+----------+---------------------------------------------------------------------------------------------------------------------------------------------------
 1  | node248 | standby |   running | ! node249 | default  | 100      | 6        | host=192.168.7.248 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3
 2  | node249 | primary | * running |           | default  | 100      | 6        | host=192.168.7.249 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3
WARNING: following issues were detected
  - node "node248" (ID: 1) is not attached to its upstream node "node249" (ID: 2)
2021-03-01 17:30:21 The primary DB is started.
2021-03-01 17:30:25 Success to load virtual ip [192.168.7.240/24] on primary host [192.168.7.249].
2021-03-01 17:30:25 Try to ping vip on host 192.168.7.248 ...
2021-03-01 17:30:28 Try to ping vip on host 192.168.7.249 ...
2021-03-01 17:30:30 begin to start repmgrd on "[192.168.7.248]".
[2021-03-01 17:30:31] [NOTICE] using provided configuration file "/home/kingbase/cluster/R6HA/KHA/kingbase/bin/../etc/repmgr.conf"
[2021-03-01 17:30:31] [NOTICE] redirecting logging output to "/home/kingbase/cluster/R6HA/KHA/kingbase/hamgr.log"

2021-03-01 17:30:31 repmgrd on "[192.168.7.248]" start success.
2021-03-01 17:30:31 begin to start repmgrd on "[192.168.7.249]".
[2021-03-01 17:29:25] [NOTICE] using provided configuration file "/home/kingbase/cluster/R6HA/KHA/kingbase/bin/../etc/repmgr.conf"
[2021-03-01 17:29:25] [NOTICE] redirecting logging output to "/home/kingbase/cluster/R6HA/KHA/kingbase/hamgr.log"

2021-03-01 17:30:32 repmgrd on "[192.168.7.249]" start success.
 ID | Name    | Role    | Status    | Upstream | repmgrd | PID   | Paused? | Upstream last seen
----+---------+---------+-----------+----------+---------+-------+---------+--------------------
 1  | node248 | standby |   running | node249  | running | 16767 | no      | 0 second(s) ago    
 2  | node249 | primary | * running |          | running | 17865 | no      | n/a                
2021-03-01 17:30:38 Done.

8）查看集群节点状态

[kingbase@node1 bin]$ ./repmgr cluster show
 ID | Name    | Role    | Status    | Upstream | Location | Priority | Timeline | Connection string                                                                                                                                
----+---------+---------+-----------+----------+----------+----------+----------+----------------
 1  | node248 | standby |   running | node249  | default  | 100      | 6        | host=192.168.7.248 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count=3
 2  | node249 | primary | * running |          | default  | 100      | 6        | host=192.168.7.249 user=esrep dbname=esrep port=54321 connect_timeout=10 keepalives=1 keepalives_idle=10 keepalives_interval=1 keepalives_count

=== 从以上可知，修改ssh端口后，集群通讯正常===