基于IP SAN的Oracle 11gR2 RAC构建（三）

按照oracle推荐的权限、角色分离的原则和安装文档，我们需要建立如下用户组：
oinstall :GI软件和数据库软件的所有者，oraInventory所有者。包含用户grid,oracle
dba ：数据库的dba组。包含用户oracle
oper ：数据库的操作员组。包含用户oracle
asmadmin ：asm的管理员组。包含用户grid,oracle
asmdba ：asm实例的dba组。包含用户grid
asmoper ：asm操作员组。包含用户grid
在节点1和节点2上面建好用户组和用户后检查一遍。要保证用户组id和用户id都相同一致。用户的密码也一致。

[grid@racnode1 ~]$ id grid
uid=501(grid) gid=500(oinstall) groups=500(oinstall),520(asmadmin),521(asmdba),522(asmoper)
[oracle@racnode1 ~]$ id oracle
uid=502(oracle) gid=500(oinstall) groups=500(oinstall),510(dba),521(asmdba),511(oper)

[grid@racnode2 ~]$ id grid
uid=501(grid) gid=500(oinstall) groups=500(oinstall),520(asmadmin),521(asmdba),522(asmoper)
[oracle@racnode2 ~]$ id oracle
uid=502(oracle) gid=500(oinstall) groups=500(oinstall),510(dba),521(asmdba),511(oper)

2.核心参数配置

在两个节点上修改相应核心参数，配置如下：

[root@racnode1 ~]# cat /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
kernel.shmmni=4096
net.ipv4.ip_local_port_range=9000 65500
net.core.rmem_default=262144
net.core.rmem_max=4194304
net.core.wmem_default=262144
net.core.wmem_max=1048576
fs.file-max = 6815744
fs.aio-max-nr=1048576
kernel.shmmax = 536870912
kernel.shmall = 2097152
kernel.sem = 250 32000 100 200
[root@racnode1 ~]#

激活核心参数

[root@racnode1 ~]# sysctl -p
kernel.shmmni = 4096
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
fs.file-max = 6815744
fs.aio-max-nr = 1048576
kernel.shmmax = 536870912
kernel.shmall = 2097152
kernel.sem = 250 32000 100 200

添加资源管理模块pam_limits.so到login文件末尾；

[root@racnode1 ~]# tail /etc/pam.d/login
session    required     pam_loginuid.so
session    optional     pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open
session    required     pam_namespace.so
session    optional     pam_keyinit.so force revoke
session    include      system-auth
session    include      postlogin
-session   optional     pam_ck_connector.so
session required pam_limits.so

配置资源限制参数：

[root@racnode1 ~]# cat /etc/security/limits.conf
# /etc/security/limits.conf
grid soft nproc 2047
grid hard nproc 16384
grid soft nofile 1024
grid hard nofile 65536
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536

3.环境变量配置

需要配置grid和oracle两个用户的环境变量。
grid用户的配置文件：

[grid@racnode1 ~]$ cat .bash_profile
# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
        . ~/.bashrc
fi

# User specific environment and startup programs

PATH=$PATH:$HOME/.local/bin:$HOME/bin

export PATH
export ORACLE_SID=+ASM1
export JAVA_HOME=/usr/local/java
export ORACLE_BASE=/u01/app/grid
export ORACLE_HOME=/u01/app/11.2.0/grid
export ORACLE_PATH=/u01/app/oracle/common/oracle/sql
export ORACLE_TERM=xterm
export NLS_DATE_FORMAT="DD-MON-YYYY HH24:MI:SS"
export TNS_ADMIN=$ORACLE_HOME/network/admin
export ORA_NLS11=$ORACLE_HOME/nls/data
export PATH=$PATH:${JAVA_HOME}/bin:$ORACLE_HOME/bin:/u01/app/common/oracle/bin
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/oracm/lib:/lib:/usr/lib:/usr/local/lib
export CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib:$ORACLE_HOME/network/jlib
export THREADS_FLAG=native
export TEMP=/tmp
export TMPDIR=/tmp
umask 022

oracle用户的配置文件：

[oracle@racnode1 ~]$ cat .bash_profile
# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
       . ~/.bashrc
fi

# User specific environment and startup programs

PATH=$PATH:$HOME/.local/bin:$HOME/bin

export PATH
export ORACLE_SID=racdb1
export ORACLE_UNQNAME=racdb
export JAVA_HOME=/usr/local/java
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1
export ORACLE_PATH=/u01/app/commom/oracle/sql
export ORACLE_TERM=xterm
export NLS_DATE_FORMAT="DD-MON-YYYY HH24:MI:SS"
export TNS_ADMIN=$ORACLE_HOME/network/admin
export ORA_NLS11=$ORACLE_HOME/nsl/data
export PATH=.:$PATH:${JAVA_HOME}/bin:$ORACLE_HOME/bin
export LD_LIBRARY_PATH=$ORACLE_HOME/lib:$ORACLE_HOME/oracm/lib:/lib:/usr/lib:/usr/local/lib
export CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib:$ORACLE_HOME/network/jlib
export THREADS_FLAG=native
export TEMP=/tmp
export TMPDIR=/tmp
umask 022

分别在两个节点创建目录：

[root@racnode1 ~]# mkdir -p /u01/app/grid
[root@racnode1 ~]# mkdir -p /u01/app/11.2.0/grid
[root@racnode1 ~]# chown -R grid:oinstall /u01
[root@racnode1 ~]# mkdir -p /u01/app/oracle
[root@racnode1 ~]# chown -R oracle:oinstall /u01/app/oracle/
[root@racnode1 ~]# chmod -R 755 /u01
[root@racnode1 ~]# ll /u01
total 0
drwxr-xr-x. 5 grid oinstall 46 Jun  7 10:38 app
[root@racnode1 ~]# ll /u01/app
total 0
drwxr-xr-x. 3 grid   oinstall 18 Jun  7 10:37 11.2.0
drwxr-xr-x. 2 grid   oinstall  6 Jun  7 10:37 grid
drwxr-xr-x. 2 oracle oinstall  6 Jun  7 10:38 oracle

4.配置ssh用户等效性

配置ssh用户等效性，实现节点间无密码访问。
分别在每个节点上建立.ssh目录，并创建密钥。

[root@racnode1 ~]# su - grid
Last login: Fri Jun  7 10:55:11 CST 2019 on pts/0
[grid@racnode1 ~]$ mkdir .ssh
[grid@racnode1 ~]$ chmod 700 .ssh
[grid@racnode1 ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/grid/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/grid/.ssh/id_rsa.
Your public key has been saved in /home/grid/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:BTiknvN1AJTPi7FevbG7gG2Fb1eo6XjSNOXfpIfOVBk grid@racnode1
The key's randomart image is:
+---[RSA 2048]----+
|     o+o.        |
|     .+. .       |
|    .  +. .    E |
|   . .. o+  ..  o|
|    +  +Sooo. ...|
|     oo+o+=o.. ..|
|     .o.+o==...= |
|      ...==. o+ o|
|        .o+o .o. |
+----[SHA256]-----+
[grid@racnode1 ~]$

在其余节点也执行上述命令。
将公钥添加到授权文件中：

[grid@racnode1 ~]$ touch .ssh/authorized_keys
[grid@racnode1 ~]$ ll .ssh
total 8
-rw-r--r-- 1 grid oinstall    0 Jun  7 11:02 authorized_keys
-rw------- 1 grid oinstall 1679 Jun  7 10:58 id_rsa
-rw-r--r-- 1 grid oinstall  395 Jun  7 10:58 id_rsa.pub
[grid@racnode1 ~]$ ssh racnode1 cat ~/.ssh/id_rsa.pub  >> ~/.ssh/authorized_keys
The authenticity of host 'racnode1 (192.168.1.8)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode1,192.168.1.8' (ECDSA) to the list of known hosts.
grid@racnode1's password:
[grid@racnode1 ~]$ ssh racnode2 cat ~/.ssh/id_rsa.pub  >> ~/.ssh/authorized_keys
The authenticity of host 'racnode2 (192.168.1.9)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode2,192.168.1.9' (ECDSA) to the list of known hosts.
grid@racnode2's password:
[grid@racnode1 ~]$ ll .ssh
total 16
-rw-r--r-- 1 grid oinstall  790 Jun  7 11:03 authorized_keys
-rw------- 1 grid oinstall 1679 Jun  7 10:58 id_rsa
-rw-r--r-- 1 grid oinstall  395 Jun  7 10:58 id_rsa.pub
-rw-r--r-- 1 grid oinstall  364 Jun  7 11:03 known_hosts
[grid@racnode1 ~]$ scp .ssh/authorized_keys racnode2:.ssh/authorized_keys
grid@racnode2's password:
authorized_keys                                                                                      100%  790     1.1MB/s   00:00
[grid@racnode1 ~]$ chmod 600 .ssh/authorized_keys

登录其他节点，修改authorized_keys的属性。

[grid@racnode2 ~]$ ll .ssh
total 12
-rw-r--r--. 1 grid oinstall  790 Jun  7 11:04 authorized_keys
-rw-------. 1 grid oinstall 1679 Jun  7 11:00 id_rsa
-rw-r--r--. 1 grid oinstall  395 Jun  7 11:00 id_rsa.pub
[grid@racnode2 ~]$ chmod 600 .ssh/authorized_keys
[grid@racnode2 ~]$

验证ssh等效性,首先在节点1上验证。

[grid@racnode1 ~]$ ssh racnode1 "date;hostname"
Fri Jun  7 11:10:11 CST 2019
racnode1
[grid@racnode1 ~]$ ssh racnode2 "date;hostname"
Fri Jun  7 11:10:24 CST 2019
racnode2
[grid@racnode1 ~]$

在节点2上验证：

[grid@racnode2 ~]$ ssh racnode1 "date;hostname"
The authenticity of host 'racnode1 (192.168.1.8)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode1,192.168.1.8' (ECDSA) to the list of known hosts.
Fri Jun  7 11:11:13 CST 2019
racnode1
[grid@racnode2 ~]$ ssh racnode2 "date;hostname"
The authenticity of host 'racnode2 (192.168.1.9)' can't be established.
ECDSA key fingerprint is SHA256:kcCK9+LUVd5DkQwxcSV1zOiZxGcwlwpphdaGBiKf5qM.
ECDSA key fingerprint is MD5:35:12:6b:80:64:73:97:4c:dc:94:06:eb:ff:bf:40:3c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'racnode2,192.168.1.9' (ECDSA) to the list of known hosts.
Fri Jun  7 11:11:20 CST 2019
racnode2
[grid@racnode2 ~]$

5.X window 配置

安装过程需要GUI界面，我们使用ssh的X forwarding。如下图在Enable X11 forwarding前打勾。

snap.JPG

重新登陆服务器。
我们配置下X11的显示属性参数。

[grid@racnode1 ~]$ cd ~
[grid@racnode1 ~]$ cat .Xresources
xterm*faceName:DejaVu Sans Mono:antialias=True:pixelsize=18
xterm*faceNameDoublesize:WenQuanYi Zen Hei Sharp:antialias=True:pixelsize=18
Xterm*locale:zh_CN.UTF-8
xterm*termName:xterm-256color
[grid@racnode1 ~]$ xrdb .Xresources

试试xterm的显示。

[grid@racnode1 ~]$ xterm &
[1] 17155
[grid@racnode1 ~]$

snap1.JPG

6.ASMlib安装配置

使用ASMlib直接在块设备上建立文件，不需要设定原始文件。
使用我们配置好的本地yum源。进行安装。

[root@racnode1 ~]# yum install oracleasm

oracleasm-support包和oracleasmlib包需要额外下载.下载地址

安装完成后查询包显示如下：

[root@racnode1 ~]# rpm -aq |grep oracleasm
oracleasm-support-2.1.11-1.el7.x86_64
kmod-oracleasm-2.0.8-22.1.0.1.el7_6.x86_64
oracleasmlib-2.0.12-1.el7.x86_64

初始配置：

[root@racnode1 Packages]# oracleasm configure -i
Configuring the Oracle ASM library driver.

This will configure the on-boot properties of the Oracle ASM library
driver.  The following questions will determine whether the driver is
loaded on boot and what permissions it will have.  The current values
will be shown in brackets ('[]').  Hitting <ENTER> without typing an
answer will keep that current value.  Ctrl-C will abort.

Default user to own the driver interface [grid]: grid
Default group to own the driver interface [asmadmin]: asmadmin
Start Oracle ASM library driver on boot (y/n) [n]: y
Scan for Oracle ASM disks on boot (y/n) [y]: y
Writing Oracle ASM library driver configuration: done

装载ASMLib 驱动

[root@racnode1 Packages]# oracleasm init
Loading module "oracleasm": oracleasm
Configuring "oracleasm" to use device physical block size
Mounting ASMlib driver filesystem: /dev/oracleasm

创建设备：

[root@racnode1 Packages]# oracleasm createdisk CRS /dev/sdd1
Writing disk header: done
Instantiating disk: done
[root@racnode1 Packages]# oracleasm createdisk DATA /dev/sdb1
Writing disk header: done
Instantiating disk: done
[root@racnode1 Packages]# oracleasm createdisk FRA /dev/sdc1
Writing disk header: done
Instantiating disk: done
[root@racnode1 Packages]# oracleasm listdisks
CRS
DATA
FRA

在其余节点上也完成asmlib的安装和初始化。设备创建这步可以通过scandisks发现。

[root@racnode2 ~]# oracleasm scandisks
Reloading disk partitions: done
Cleaning any stale ASM disks...
Scanning system for ASM disks...
Instantiating disk "DATA"
Instantiating disk "FRA"
Instantiating disk "CRS"
[root@racnode2 ~]# oracleasm listdisks
CRS
DATA
FRA
[root@racnode2 ~]#

下一节，我们准备应用软件的安装。

最后编辑于：2019.06.20 14:32:38

人面猴
序言：七十年代末，一起剥皮案震惊了整个滨河市，随后出现的几起案子，更是在滨河造成了极大的恐慌，老刑警刘岩，带你破解...
沈念sama阅读 199,636评论 5赞 468
死咒
序言：滨河连续发生了三起死亡事件，死亡现场离奇诡异，居然都是意外死亡，警方通过查阅死者的电脑和手机，发现死者居然都...
沈念sama阅读 83,890评论 2赞 376
救了他两次的神仙让他今天三更去死
文/潘晓璐我一进店门，熙熙楼的掌柜王于贵愁眉苦脸地迎上来，“玉大人，你说我怎么就摊上这事。” “怎么了？”我有些...
开封第一讲书人阅读 146,680评论 0赞 330
道士缉凶录：失踪的卖姜人
文/不坏的土叔我叫张陵，是天一观的道长。经常有香客问我，道长，这世上最难降的妖魔是什么？我笑而不...
开封第一讲书人阅读 53,766评论 1赞 271
港岛之恋（遗憾婚礼）
正文为了忘掉前任，我火速办了婚礼，结果婚礼上，老公的妹妹穿的比我还像新娘。我一直安慰自己，他们只是感情好，可当我...
茶点故事阅读 62,665评论 5赞 359
恶毒庶女顶嫁案：这布局不是一般人想出来的
文/花漫我一把揭开白布。她就那样静静地躺着，像睡着了一般。火红的嫁衣衬着肌肤如雪。梳的纹丝不乱的头发上，一...
开封第一讲书人阅读 48,045评论 1赞 276
城市分裂传说
那天，我揣着相机与录音，去河边找鬼。笑死，一个胖子当着我的面吹牛，可吹牛的内容都是我干的。我是一名探鬼主播，决...
沈念sama阅读 37,515评论 3赞 390
双鸳鸯连环套：你想象不到人心有多黑
文/苍兰香墨我猛地睁开眼，长吁一口气：“原来是场噩梦啊……” “哼！你这毒妇竟也来了？” 一声冷哼从身侧响起，我...
开封第一讲书人阅读 36,182评论 0赞 254
万荣杀人案实录
序言：老挝万荣一对情侣失踪，失踪者是张志新（化名）和其女友刘颖，没想到半个月后，有当地人在树林里发现了一具尸体，经...
沈念sama阅读 40,334评论 1赞 294
护林员之死
正文独居荒郊野岭守林人离奇死亡，尸身上长有42处带血的脓包…… 初始之章·张勋以下内容为张勋视角年9月15日...
茶点故事阅读 35,274评论 2赞 317
白月光启示录
正文我和宋清朗相恋三年，在试婚纱的时候发现自己被绿了。大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
茶点故事阅读 37,319评论 1赞 329
活死人
序言：一个原本活蹦乱跳的男人离奇死亡，死状恐怖，灵堂内的尸体忽然破棺而出，到底是诈尸还是另有隐情，我是刑警宁泽，带...
沈念sama阅读 33,002评论 3赞 315
日本核电站爆炸内幕
正文年R本政府宣布，位于F岛的核电站，受9级特大地震影响，放射性物质发生泄漏。R本人自食恶果不足惜，却给世界环境...
茶点故事阅读 38,599评论 3赞 303
男人毒药：我在死后第九天来索命
文/蒙蒙一、第九天我趴在偏房一处隐蔽的房顶上张望。院中可真热闹，春花似锦、人声如沸。这庄子的主人今日做“春日...
开封第一讲书人阅读 29,675评论 0赞 19
一桩弑父案，背后竟有这般阴谋
文/苍兰香墨我抬头看了看天上的太阳。三九已至，却和暖如春，着一层夹袄步出监牢的瞬间，已是汗流浃背。一阵脚步声响...
开封第一讲书人阅读 30,917评论 1赞 255
情欲美人皮
我被黑心中介骗来泰国打工，没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留，地道东北人。一个月前我还...
沈念sama阅读 42,309评论 2赞 345
代替公主和亲
正文我出身青楼，却偏偏与公主长得像，于是被迫代替她去往敌国和亲。传闻我的和亲对象是个残疾皇子，可洞房花烛夜当晚...
茶点故事阅读 41,885评论 2赞 341

基于IP SAN的Oracle 11gR2 RAC构建（三）

基于IP SAN的Oracle 11gR2 RAC构建（三）

目录

1.用户，用户组，目录设置

2.核心参数配置

3.环境变量配置

4.配置ssh用户等效性

5.X window 配置

6.ASMlib安装配置

推荐阅读更多精彩内容