MHA+非root用户SSH等效性配置-Mysql Tutorial-php.cn

Home

Database

Mysql Tutorial

MHA+非root用户SSH等效性配置

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 07, 2016 pm 04:02 PM

rootsshenvironmentuserConfiguration

环境：CentOS5.8 MySQL5.5.17 实验：搭建MHA高可用架构（非root用户SSH等效性配置）SSH等效性用户配置的是：concert 端口：1314 MHA配置文件 [concert@mhamanager mha]$ more /etc/masterha_default.cnf [server default] user = root password = mysql_admi

环境：CentOS5.8

MySQL5.5.17

实验：搭建MHA高可用架构（非root用户SSH等效性配置）SSH等效性用户配置的是：concert 端口：1314

MHA配置文件

[concert@mhamanager mha]$ more /etc/masterha_default.cnf
[server default]
user = root
password = mysql_admin
ssh_user = concert
ssh_port = 1314
repl_user = repl
repl_password = repl_pwd
ping_interval = 3
ping_type = select

[concert@mhamanager mha]$ more /etc/appl.cnf
[server default]
manager_workdir = /mha/appl
manager_log = /mha/appl/manager.log
remote_workdir = /mha/appl

[server1]
hostname = 192.168.66.88
master_binlog_dir = /data/lib/mysql
candidate_master = 1

[server2]
hostname = 192.168.66.89
master_binlog_dir = /data/lib/mysql
candidate_master = 1

[server3]
hostname = 192.168.66.120
no_master = 1
port = 3307

问题：配置好非root用户SSH等效性后，通过masterha_check_ssh检查没有问题

[concert@mhamanager ~]$ /usr/bin/masterha_check_ssh --conf=/etc/appl.cnf
Tue Sep 2 15:06:01 2014 - [info] Reading default configuratoins from /etc/masterha_default.cnf..
Tue Sep 2 15:06:01 2014 - [info] Reading application default configurations from /etc/appl.cnf..
Tue Sep 2 15:06:01 2014 - [info] Reading server configurations from /etc/appl.cnf..
Tue Sep 2 15:06:01 2014 - [info] Starting SSH connection tests..
Tue Sep 2 15:06:01 2014 - [debug]
Tue Sep 2 15:06:01 2014 - [debug] Connecting via SSH from concert@192.168.66.88(192.168.66.88:1314) to concert@192.168.66.89(192.168.66.89:1314)..
Tue Sep 2 15:06:01 2014 - [debug] ok.
Tue Sep 2 15:06:01 2014 - [debug] Connecting via SSH from concert@192.168.66.88(192.168.66.88:1314) to concert@192.168.66.120(192.168.66.120:1314)..
Tue Sep 2 15:06:01 2014 - [debug] ok.
Tue Sep 2 15:06:02 2014 - [debug]
Tue Sep 2 15:06:01 2014 - [debug] Connecting via SSH from concert@192.168.66.89(192.168.66.89:1314) to concert@192.168.66.88(192.168.66.88:1314)..
Tue Sep 2 15:06:01 2014 - [debug] ok.
Tue Sep 2 15:06:01 2014 - [debug] Connecting via SSH from concert@192.168.66.89(192.168.66.89:1314) to concert@192.168.66.120(192.168.66.120:1314)..
Tue Sep 2 15:06:02 2014 - [debug] ok.
Tue Sep 2 15:06:02 2014 - [debug]
Tue Sep 2 15:06:02 2014 - [debug] Connecting via SSH from concert@192.168.66.120(192.168.66.120:1314) to concert@192.168.66.88(192.168.66.88:1314)..
Tue Sep 2 15:06:02 2014 - [debug] ok.
Tue Sep 2 15:06:02 2014 - [debug] Connecting via SSH from concert@192.168.66.120(192.168.66.120:1314) to concert@192.168.66.89(192.168.66.89:1314)..
Tue Sep 2 15:06:02 2014 - [debug] ok.
Tue Sep 2 15:06:02 2014 - [info] All SSH connection tests passed successfully.

但通过masterha_check_repl检查则不通过

[concert@mhamanager ~]$ /usr/bin/masterha_check_repl --conf=/etc/appl.cnf
Tue Sep 2 17:10:08 2014 - [info] Reading default configuratoins from /etc/masterha_default.cnf..
Tue Sep 2 17:10:08 2014 - [info] Reading application default configurations from /etc/appl.cnf..
Tue Sep 2 17:10:08 2014 - [info] Reading server configurations from /etc/appl.cnf..
Tue Sep 2 17:10:08 2014 - [info] MHA::MasterMonitor version 0.55.
Tue Sep 2 17:10:08 2014 - [info] Dead Servers:
Tue Sep 2 17:10:08 2014 - [info] Alive Servers:
Tue Sep 2 17:10:08 2014 - [info] 192.168.66.88(192.168.66.88:3306)
Tue Sep 2 17:10:08 2014 - [info] 192.168.66.89(192.168.66.89:3306)
Tue Sep 2 17:10:08 2014 - [info] 192.168.66.120(192.168.66.120:3307)
Tue Sep 2 17:10:08 2014 - [info] Alive Slaves:
Tue Sep 2 17:10:08 2014 - [info] 192.168.66.89(192.168.66.89:3306) Version=5.5.17-log (oldest major version between slaves) log-bin:enabled
Tue Sep 2 17:10:08 2014 - [info] Replicating from 192.168.66.88(192.168.66.88:3306)
Tue Sep 2 17:10:08 2014 - [info] Primary candidate for the new Master (candidate_master is set)
Tue Sep 2 17:10:08 2014 - [info] 192.168.66.120(192.168.66.120:3307) Version=5.5.17-log (oldest major version between slaves) log-bin:enabled
Tue Sep 2 17:10:08 2014 - [info] Replicating from 192.168.66.88(192.168.66.88:3306)
Tue Sep 2 17:10:08 2014 - [info] Not candidate for the new Master (no_master is set)
Tue Sep 2 17:10:08 2014 - [info] Current Alive Master: 192.168.66.88(192.168.66.88:3306)
Tue Sep 2 17:10:08 2014 - [info] Checking slave configurations..
Tue Sep 2 17:10:08 2014 - [info] Checking replication filtering settings..
Tue Sep 2 17:10:08 2014 - [info] binlog_do_db= , binlog_ignore_db=
Tue Sep 2 17:10:08 2014 - [info] Replication filtering check ok.
Tue Sep 2 17:10:08 2014 - [info] Starting SSH connection tests..
Tue Sep 2 17:10:10 2014 - [error][/usr/lib/perl5/vendor_perl/MHA/MasterMonitor.pm, ln386] Error happend on checking configurations. SSH Configuration Check Failed!
at /usr/lib/perl5/vendor_perl/MHA/MasterMonitor.pm line 341
Tue Sep 2 17:10:10 2014 - [error][/usr/lib/perl5/vendor_perl/MHA/MasterMonitor.pm, ln482] Error happened on monitoring servers.
Tue Sep 2 17:10:10 2014 - [info] Got exit code 1 (Not master dead).

MySQL Replication Health is NOT OK!

解决方案：

1、增加remote_workdir（运行MySQL实例的服务器）的工作目录权限，其中会生成日志文件，将该目录拥有者设为concert

[root@master88 ~]# chown -R concert:concert /mha/

2、添加concert为MySQL同组用户，使其有读取MySQL binary/relay log文件和relay_log.info文件的权限，以及日志目录的写权限

[root@bakmaster ~]# usermod -g mysql concert

再次检查

[concert@mhamanager mha]$ /usr/bin/masterha_check_repl --conf=/etc/appl.cnf
Wed Sep 3 22:27:41 2014 - [info] Reading default configuratoins from /etc/masterha_default.cnf..
Wed Sep 3 22:27:41 2014 - [info] Reading application default configurations from /etc/appl.cnf..
Wed Sep 3 22:27:41 2014 - [info] Reading server configurations from /etc/appl.cnf..
Wed Sep 3 22:27:41 2014 - [info] MHA::MasterMonitor version 0.55.
Wed Sep 3 22:27:41 2014 - [info] Dead Servers:
Wed Sep 3 22:27:41 2014 - [info] Alive Servers:
Wed Sep 3 22:27:41 2014 - [info] 192.168.66.88(192.168.66.88:3306)
Wed Sep 3 22:27:41 2014 - [info] 192.168.66.89(192.168.66.89:3306)
Wed Sep 3 22:27:41 2014 - [info] 192.168.66.120(192.168.66.120:3307)
Wed Sep 3 22:27:41 2014 - [info] Alive Slaves:
Wed Sep 3 22:27:41 2014 - [info] 192.168.66.89(192.168.66.89:3306) Version=5.5.17-log (oldest major version between slaves) log-bin:enabled
Wed Sep 3 22:27:41 2014 - [info] Replicating from 192.168.66.88(192.168.66.88:3306)
Wed Sep 3 22:27:41 2014 - [info] Primary candidate for the new Master (candidate_master is set)
Wed Sep 3 22:27:41 2014 - [info] 192.168.66.120(192.168.66.120:3307) Version=5.5.17-log (oldest major version between slaves) log-bin:enabled
Wed Sep 3 22:27:41 2014 - [info] Replicating from 192.168.66.88(192.168.66.88:3306)
Wed Sep 3 22:27:41 2014 - [info] Not candidate for the new Master (no_master is set)
Wed Sep 3 22:27:41 2014 - [info] Current Alive Master: 192.168.66.88(192.168.66.88:3306)
Wed Sep 3 22:27:41 2014 - [info] Checking slave configurations..
Wed Sep 3 22:27:41 2014 - [info] Checking replication filtering settings..
Wed Sep 3 22:27:41 2014 - [info] binlog_do_db= , binlog_ignore_db=
Wed Sep 3 22:27:41 2014 - [info] Replication filtering check ok.
Wed Sep 3 22:27:41 2014 - [info] Starting SSH connection tests..
Wed Sep 3 22:27:42 2014 - [info] All SSH connection tests passed successfully.
Wed Sep 3 22:27:42 2014 - [info] Checking MHA Node version..
Wed Sep 3 22:27:43 2014 - [info] Version check ok.
Wed Sep 3 22:27:43 2014 - [info] Checking SSH publickey authentication settings on the current master..
Wed Sep 3 22:27:43 2014 - [info] HealthCheck: SSH to 192.168.66.88 is reachable.
Wed Sep 3 22:27:43 2014 - [info] Master MHA Node version is 0.54.
Wed Sep 3 22:27:43 2014 - [info] Checking recovery script configurations on the current master..
Wed Sep 3 22:27:43 2014 - [info] Executing command: save_binary_logs --command=test --start_pos=4 --binlog_dir=/data/lib/mysql --output_file=/mha/appl/save_binary_logs_test --manager_version=0.55 --start_file=mysql-bin.000004
Wed Sep 3 22:27:43 2014 - [info] Connecting to concert@192.168.66.88(192.168.66.88)..
Creating /mha/appl if not exists.. ok.
Checking output directory is accessible or not..
ok.
Binlog found at /data/lib/mysql, up to mysql-bin.000004
Wed Sep 3 22:27:43 2014 - [info] Master setting check done.
Wed Sep 3 22:27:43 2014 - [info] Checking SSH publickey authentication and checking recovery script configurations on all alive slave servers..
Wed Sep 3 22:27:43 2014 - [info] Executing command : apply_diff_relay_logs --command=test --slave_user='root' --slave_host=192.168.66.89 --slave_ip=192.168.66.89 --slave_port=3306 --workdir=/mha/appl --target_version=5.5.17-log --manager_version=0.55 --relay_log_info=/data/lib/mysql/relay-log.info --relay_dir=/data/lib/mysql/ --slave_pass=xxx
Wed Sep 3 22:27:43 2014 - [info] Connecting to concert@192.168.66.89(192.168.66.89:1314)..
Checking slave recovery environment settings..
Opening /data/lib/mysql/relay-log.info ... ok.
Relay log found at /data/lib/mysql, up to mysql-relay-bin.000006
Temporary relay log file is /data/lib/mysql/mysql-relay-bin.000006
Testing mysql connection and privileges.. done.
Testing mysqlbinlog output.. done.
Cleaning up test file(s).. done.
Wed Sep 3 22:27:43 2014 - [info] Executing command : apply_diff_relay_logs --command=test --slave_user='root' --slave_host=192.168.66.120 --slave_ip=192.168.66.120 --slave_port=3307 --workdir=/mha/appl --target_version=5.5.17-log --manager_version=0.55 --relay_log_info=/data/lib/mysqlb/relay-log.info --relay_dir=/data/lib/mysqlb/ --slave_pass=xxx
Wed Sep 3 22:27:43 2014 - [info] Connecting to concert@192.168.66.120(192.168.66.120:1314)..
Checking slave recovery environment settings..
Opening /data/lib/mysqlb/relay-log.info ... ok.
Relay log found at /data/lib/mysqlb, up to mysql-relay-bin.000005
Temporary relay log file is /data/lib/mysqlb/mysql-relay-bin.000005
Testing mysql connection and privileges.. done.
Testing mysqlbinlog output.. done.
Cleaning up test file(s).. done.
Wed Sep 3 22:27:44 2014 - [info] Slaves settings check done.
Wed Sep 3 22:27:44 2014 - [info]
192.168.66.88 (current master)
+--192.168.66.89
+--192.168.66.120

Wed Sep 3 22:27:44 2014 - [info] Checking replication health on 192.168.66.89..
Wed Sep 3 22:27:44 2014 - [info] ok.
Wed Sep 3 22:27:44 2014 - [info] Checking replication health on 192.168.66.120..
Wed Sep 3 22:27:44 2014 - [info] ok.
Wed Sep 3 22:27:44 2014 - [warning] master_ip_failover_script is not defined.
Wed Sep 3 22:27:44 2014 - [warning] shutdown_script is not defined.
Wed Sep 3 22:27:44 2014 - [info] Got exit code 0 (Not master dead).

MySQL Replication Health is OK.

OK!问题解决。

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Windows 11 上缺少本地用户和组：如何添加它Sep 22, 2023 am 08:41 AM

“本地用户和组”实用程序内置于“计算机管理”中，可以从控制台访问，也可以独立访问。但是，一些用户发现Windows11中缺少本地用户和组。对于可以访问它的一些人来说，该消息显示，此管理单元可能不适用于此版本的Windows10。若要管理此计算机的用户帐户，请使用“控制面板”中的“用户帐户”工具。该问题已在上一次迭代Windows10中报告，并且通常是由于用户端的问题或疏忽引起的。为什么Windows11中缺少本地用户和组？您运行的是Windows家庭版，本地用户和组在专业版及更高版本上可用。活动

以超级用户身份登录UbuntuMar 20, 2024 am 10:55 AM

在Ubuntu系统中，root用户通常是禁用状态的。要激活root用户，可以使用passwd命令设置密码，然后使用su-命令以root身份登录。根用户是具有系统管理权限且不受限制的用户。他拥有访问和修改文件、用户管理、软件安装和删除，以及系统配置更改等权限。根用户与普通用户有着明显的区别，根用户拥有系统中最高的权限和更广泛的控制权。根用户可以执行重要的系统命令和编辑系统文件，而普通用户则无法做到这一点。在本指南中，我将探讨Ubuntu根用户，如何以根用户身份登录，以及它与普通用户的不同之处。注意

探索Windows 11指南：如何访问旧硬盘驱动器上的用户文件夹Sep 27, 2023 am 10:17 AM

由于权限，并不总是可以访问某些文件夹，在今天的指南中，我们将向您展示如何在Windows11上的旧硬盘驱动器上访问用户文件夹。此过程很简单，但可能需要一段时间，有时甚至数小时，具体取决于驱动器的大小，因此请格外耐心并严格按照本指南中的说明进行操作。为什么我无法访问旧硬盘上的用户文件夹？用户文件夹的所有权属于另一台电脑，因此您无法对其进行修改。除了所有权之外，您对该文件夹没有任何权限。如何打开旧硬盘上的用户文件？1.取得文件夹的所有权并更改权限找到旧的用户目录，右键单击它，然后选择属性。导航到“安

Windows 11 KB5031455无法安装，导致某些用户出现其他问题Nov 01, 2023 am 08:17 AM

Microsoft开始推出作为Windows503145511H22或更高版本的可选更新向公众KB2。这是第一个默认启用Windows11Moment4功能的更新，包括受支持区域中的WindowsCopilot、对“开始”菜单中项目的预览支持、任务栏的取消分组等。此外，它还修复了Windows11的几个错误，包括导致内存泄漏的潜在性能问题。但具有讽刺意味的是，2023年<>月的可选更新对于尝试安装更新的用户甚至已经安装更新的用户来说都是一场灾难。许多用户不会安装此Wi

Nginx配置中指令root和alias的区别是什么May 12, 2023 pm 12:16 PM

root和alias都可以定义在location模块中，都是用来指定请求资源的真实路径，比如：location/i/{root/data/w3;}请求http://foofish.net/i/top.gif这个地址时，那么在服务器里面对应的真正的资源是/data/w3/i/top.gif文件注意：真实的路径是root指定的值加上location指定的值。而alias正如其名，alias指定的路径是location的别名，不管location的值怎么写，资源的真实路径都是alias指定的路径，比如

手把手使用 Python 删除 Windows 下的长路径文件Apr 12, 2023 pm 01:31 PM

0x01 文章背景近期，笔者所在公司的某业务系统的存储临近极限，服务器马上就要跑不动了，由于该业务系统A包含多个子系统A1、A2、A3 ... An，这些子系统的中间存储文件由于设计原因，都存储在同一个父级目录之内，唯一不同的是，不同子系统产生的文件和文件夹的名字都以该子系统名开始。如A1子系统产生的文件命名方式均为A1xxxxxx, A2子系统产生的文件名均为A2xxxxx。现在要删除其中一些子系统的历史文件，以释放服务器空间，几十T的数据，存放在一起，手动删除肯定不显示，只能借助程序自动化

Linux怎么修改root用户名称May 18, 2023 pm 07:50 PM

1、以CentOS为例，登录后修改/etc/passwd与/etc/shadow，将第一行开始的root改为新的用户名（比如admin），修改之后通过wq!保存。2、修改并保存后，重启服务器后即可生效，可以看下文件的权限，可以看到所属帐号一栏变为admin了，如下：注：在Linux中默认的最高管理权限用户是root，uid为0。在系统中只识别uid，因此只要uid为0，系统就视为最高管理用户。但是对于应用程序可能会存在一定的问题，有些软件默认使用的是root用户，所以在对软件应用的了解有限的情况

Win11 新版画图：一键移除背景实现抠图功能Sep 15, 2023 pm 10:53 PM

微软邀请Canary和Dev频道的WindowsInsider项目成员，测试和体验新版画图（Paint）应用，最新版本号为11.2306.30.0。本次版本更新最值得关注的新功能是一键抠图功能，用户只需要点击一下，就能自动消除背景，凸显画面主体，便于用户后续操作。整个步骤非常简单，用户在新版画图应用中导入图片，然后点击工具栏上“移除背景”（removebackground）按钮，就可以删除图片中的背景，用户也可以使用矩形来选择要消除背景的区域。

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hello Kitty Island Adventure: How To Get Giant Seeds

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

How Long Does It Take To Beat Split Fiction?

4 weeks agoByDDD

R.E.P.O. Save File Location: Where Is It & How to Protect It?

4 weeks agoByDDD

Two Point Museum: All Exhibits And Where To Find Them

1 months agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.