vmware + 裸设备 + crs + oracle10g RAC搭建步骤(三):安装RAC的准备工作
上一篇 / 下一篇 2008-01-22 11:29:02 / 个人分类:Oracle技术
最近在本机上重新用vmware server 1.04 搭建了一套10G RAC系统,在搭建过程把步骤基本记录下来,希望对大家有帮助。
本部分主要讲述安装RAC要做的一些准备工作。
RAC安装准备工作
一、创建用户组和用户
1、 在rac1创建用户组和用户
创建组
[root@rac1 ~]# groupadd oinstall
[root@rac1 ~]# groupadd dba
创建用户
[root@rac1 ~]# useradd -u 200 -g oinstall -G dba oracle
修改口令
[root@rac1 ~]# passwd oracle
Changing password for user oracle.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
验证nobody用户是否存在
[root@rac1 ~]# id nobody
uid=99(nobody) gid=99(nobody) groups=99(nobody)
如果nobody用户不存在,需要创建。
2、 在rac2上创建相同的组和用户
Rac中,所有节点的oracle相关组和用户必须保持一致,包括名称、ID、密码。
在rac1执行id –a oracle,把oracle的相关信息打印出来:
[root@rac1 ~]# id -a oracle
uid=200(oracle) gid=500(oinstall) groups=500(oinstall),501(dba)
根据这个信息,在rac2上创建相同的组和用户:
[root@rac2 ~]# groupadd -g 500 oinstall
[root@rac2 ~]# groupadd -g 501 dba
[root@rac2 ~]# useradd -u 200 -g oinstall -G dba oracle
[root@rac2 ~]# passwd oracle
Changing password for user oracle.
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@rac2 ~]# id -a oracle
uid=200(oracle) gid=500(oinstall) groups=500(oinstall),501(dba)
二、在所有节点间配置ssh
在安装rac的多个步骤都需要从一个节点拷贝文件到其他节点中,这要求各个节点间互相访问不需要输入密码,否则安装就会失败。
这一步骤就是要配置ssh,使得rac的各个节点间不需要密码就可以互相访问。
以下步骤要求在oracle用户下执行:
Ø 在所有节点生成RSA和DSA Keys
过程需要回车几次。
Rac1中执行步骤如下:
[root@rac1 ~]# su - oracle
[oracle@rac1 ~]$ mkdir ~/.ssh
[oracle@rac1 ~]$ chmod 700 ~/.ssh
[oracle@rac1 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
f3:df:90:e7:a7:47:7b:47:52:b1:f0:09:07:39:1b:c7 oracle@rac1
[oracle@rac1 ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
8d:57:66:
在rac2中执行如下:
[root@rac2 ~]# su - oracle
[oracle@rac2 ~]$ mkdir ~/.ssh
[oracle@rac2 ~]$ chmod 700 ~/.ssh
[oracle@rac2 ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
c8:93:83:8e:
[oracle@rac2 ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/oracle/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_dsa.
Your public key has been saved in /home/oracle/.ssh/id_dsa.pub.
The key fingerprint is:
e1:56:
Ø 添加密钥信息到验证文件中
这一系列步骤只需要在其中一个节点执行就可以了(这里选择rac1):
首先生成一个验证文件(ssh登录时会读取这个文件的信息),用来存储各个密钥信息:
bash-3.00$ touch ~/.ssh/authorized_keys
把各个节点的密钥信息都放在上一步新建的验证文件中:
[oracle@rac1 ~]$ cd ~/.ssh
[oracle@rac1 .ssh]$ ssh rac1 cat ~/.ssh/id_rsa.pub >> authorized_keys
The authenticity of host 'rac1 (192.168.1.111)' can't be established.
RSA key fingerprint is e6:b8:99:04:
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rac1,192.168.1.111' (RSA) to the list of known hosts.
oracle@rac1's password:
[oracle@rac1 .ssh]$ ssh rac2 cat ~/.ssh/id_rsa.pub >> authorized_keys
The authenticity of host 'rac2 (192.168.1.222)' can't be established.
RSA key fingerprint is e6:b8:99:04:
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'rac2,192.168.1.222' (RSA) to the list of known hosts.
oracle@rac2's password:
[oracle@rac1 .ssh]$ ssh rac1 cat ~/.ssh/id_dsa.pub >> authorized_keys
[oracle@rac1 .ssh]$ ssh rac2 cat ~/.ssh/id_dsa.pub >> authorized_keys
oracle@rac2's password:
Ø 在rac1把存储公钥信息的验证文件传送到rac2上
[oracle@rac1 .ssh]$ pwd
/home/oracle/.ssh
[oracle@rac1 .ssh]$ scp authorized_keys rac2:`pwd`
oracle@rac2's password:
authorized_keys 100% 1644 1.6KB/s 00:00
Ø 设置验证文件的权限
在每一个节点执行:
bash-3.00$ chmod 600 ~/.ssh/authorized_keys
Ø 启用用户一致性
在你要运行OUI的节点以oracle用户运行(这里选择rac1):
[oracle@rac1 .ssh]$ exec /usr/bin/ssh-agent $SHELL
[oracle@rac1 .ssh]$ ssh-add
Identity added: /home/oracle/.ssh/id_rsa (/home/oracle/.ssh/id_rsa)
Identity added: /home/oracle/.ssh/id_dsa (/home/oracle/.ssh/id_dsa)
Ø 验证ssh配置是否正确
以oracle用户在所有节点分别执行:
ssh rac1 date
ssh rac2 date
ssh rac1-priv date
ssh rac2-priv date
如果不需要输入密码就可以输出时间,说明ssh验证配置成功。必须把以上命令在两个节点都运行,每一个命令在第一次执行的时候需要输入yes。
如果不运行这些命令,即使ssh验证已经配好,安装clusterware的时候也会出现错误:
The specified nodes are not clusterable
因为,配好ssh后,还需要在第一次访问时输入yes,才算是真正的无障碍访问其他服务器。
验证网络是否满足安装rac要求:
[oracle@rac1 cluvfy]$ ./runcluvfy.sh comp nodecon -n rac1,rac2 -verbose
Verifying node connectivity
Checking node connectivity...
Interface information for node "rac2"
Interface Name IP Address Subnet
------------------------------ ------------------------------ ----------------
eth0 200.200.200.2 200.200.200.0
eth1
eth2 192.168.1.104 192.168.1.0
Interface information for node "rac1"
Interface Name IP Address Subnet
------------------------------ ------------------------------ ----------------
eth0 200.200.200.1 200.200.200.0
eth1
eth2 192.168.1.105 192.168.1.0
Check: Node connectivity of subnet "200.200.200.0"
Source Destination Connected?
------------------------------ ------------------------------ ----------------
rac2:eth0 rac1:eth0 yes
Result: Node connectivity check passed for subnet "200.200.200.0" with node(s) rac2,rac1.
Check: Node connectivity of subnet "
导入论坛 引用链接 收藏 分享给好友 推荐到圈子 管理 举报
TAG:
