MODOP – Partie 2 – HA Proxy pour le Cluster minIO

Aucun commentaire

Constitution du Cluster

  • node-minio-h01
  • node-minio-h02

Spécification des 2 nodes HA minIO

  • IP : 10.100.0.47 à 10.100.48
  • IP virtuelle : 10.100.49 
  • DNS VIP : cluster-minio.house.cpb
  • vCPU : 2
  • RAM : 2Go
  • Disque : 8Go (Système)
  • OS : RockyLinux 8

1. Installation des prérequis ( 2 nodes)

Mise à jour

[root@node-minio-h0x ~]# dnf -y update

Installation des middlewares

[root@node-minio-h0x ~]# dnf install dnf-utils epel-release net-tools nmap curl wget tar -y

Désactiver SELinux

[root@node-minio-h0x ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@node-minio-h0x ~]# setenforce 0

Synchroniser DateTime sur le fuseau de PARIS

[root@node-minio-h0x ~]# timedatectl set-timezone Europe/Paris
[root@node-minio-h0x ~]# timedatectl

Intégration des Hosts au DNS

[root@node-minio-s01 ~]# for i in {1..2} ; do nslookup node-minio-h0${i} ; done

[root@node-minio-s01 ~]# nslookup cluster-minio.house.cpb

Règle de Firewall

[root@node-minio-h0x ~]# firewall-cmd --remove-service={dhcpv6-client,cockpit} --permanent && firewall-cmd --reload
[root@node-minio-h0x ~]# firewall-cmd --add-port={9000,9001}/tcp --permanent && firewall-cmd --reload

2. Installation du « heartbeat » keepAlive (2 nodes)

Installation des binaires

[root@node-minio-h0x ~]# dnf search keepalive

[root@node-minio-h0x ~]# dnf install keepalived –y
[root@node-minio-h0x ~]# dnf -y install ipvsadm

Chargement du module ip_vs

[root@node-minio-h0x ~]# modprobe ip_vs
[root@node-minio-h0x ~]# lsmod |grep ip_vs

Configuration KeepAlive

[root@node-minio-h0x ~]# mv /etc/keepalived/keepalived.conf{,-old}

Node-minio-h01

[root@node-minio-h01 ~]# vi /etc/keepalived/keepalived.conf

! /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
 notification_email {
 chris@house.cpb
 }
 notification_email_from chris@house.cpb
 smtp_server localhost
 smtp_connect_timeout 30
 }

vrrp_instance VI_1 {
 state MASTER
 interface ens18
 virtual_router_id 100
 priority 200
 authentication {
 auth_type PASS
 auth_pass chris@2024
 }

 virtual_ipaddress {
 10.100.0.49/16 dev ens18
 }
}

Node-minio-h02

[root@node-minio-h02 ~]# vi /etc/keepalived/keepalived.conf

! /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
chris@house.cpb
}
 notification_email_from chris@house.cpb
 smtp_server localhost
 smtp_connect_timeout 30
}

vrrp_instance VI_1 {
 state BACKUP
 interface ens18
 virtual_router_id 100
 priority 199
authentication {
 auth_type PASS
 auth_pass chris@2024
}

virtual_ipaddress {
10.100.0.49/16 dev ens18
}
}

Ajout prérequis keepalived

[root@node-minio-h0x ~]# echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
[root@node-minio-h0x ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1

Ajout règles Firewall « vrrp » et « HaProxy »

[root@node-minio-h0x ~]# firewall-cmd --add-rich-rule='rule protocol value="vrrp" accept' --permanent --zone=public
[root@node-minio-h0x ~]# firewall-cmd --add-port=7000/tcp --permanent
[root@node-minio-h0x ~]# firewall-cmd --reload
[root@node-minio-h01 ~]# firewall-cmd --list-all

Lancement du service

Node-minio-h01

[root@node-minio-h01 ~]# systemctl start --now keepalived
[root@node-minio-h01 ~]# systemctl enable keepalived
[root@node-minio-h01 ~]# systemctl status keepalived

[root@node-minio-h01 ~]# ip a show ens18

Node-minio-h02

[root@node-minio-h02 ~]# systemctl start --now keepalived
[root@node-minio-h02 ~]# systemctl enable keepalived
[root@node-minio-h02 ~]# systemctl status keepalived

[root@node-minio-h02 ~]# ip a show ens18

Check « HeartBeat »

Désactivons le master « node-minio-h01 » portant la VIP via la priorité la plus haute.

[root@node-minio-h01 ~]# systemctl stop keepalived
[root@node-minio-h01 ~]# ip a show ens18

[root@node-minio-h02 ~]# journalctl -f -u keepalived

[root@node-minio-h02 ~]# ip a show ens18

3. Installation HaProxy (2 nodes)

Installation des binaires

[root@node-minio-h0x ~]# dnf install -y haproxy

Configuration HaProxy

[root@node-minio-h01 ~]# vi /etc/haproxy/haproxy.cfg

global
 maxconn 100
defaults
 log global
 mode tcp
 retries 2
 timeout client 30m
 timeout connect 4s
 timeout server 30m
 timeout check 5s

listen stats
 mode http
 bind cluster-minio.house.cpb:7000
 stats enable
 stats uri /status
 stats refresh 2s
 stats auth chris:Chris
 stats admin if TRUE

listen Cluster-minio
 bind cluster-minio.house.cpb:9000
 mode tcp
 balance leastconn
 server minio_01 node-minio-s01.house.cpb:9000 check inter 2s
 server minio_02 node-minio-s02.house.cpb:9000 check inter 2s
 server minio_03 node-minio-s03.house.cpb:9000 check inter 2s
 server minio_04 node-minio-s04.house.cpb:9000 check inter 2s
 server minio_05 node-minio-s05.house.cpb:9000 check inter 2s
 server minio_06 node-minio-s06.house.cpb:9000 check inter 2s

listen Service-minio
 bind cluster-minio.house.cpb:9001
 mode tcp
 balance leastconn
 server minio_01 node-minio-s01.house.cpb:9001 check inter 2s
 server minio_02 node-minio-s02.house.cpb:9001 check inter 2s
 server minio_03 node-minio-s03.house.cpb:9001 check inter 2s
 server minio_04 node-minio-s04.house.cpb:9001 check inter 2s
 server minio_05 node-minio-s05.house.cpb:9001 check inter 2s
 server minio_06 node-minio-s06.house.cpb:9001 check inter 2s
[root@node-minio-h01 ~]# haproxy -c -V -f /etc/haproxy/haproxy.cfg

[root@node-minio-h01 ~]# scp /etc/haproxy/haproxy.cfg root@node-minio-h02:/etc/haproxy/haproxy.cfg

Lancement du service

Node-minio-h01

[root@node-minio-h01 ~]# systemctl start haproxy
[root@node-minio-h01 ~]# systemctl enable haproxy
[root@node-minio-h01 ~]# systemctl status haproxy

Node-minio-h02

[root@node-minio-h02 ~]# systemctl start haproxy
[root@node-minio-h02 ~]# systemctl enable haproxy
[root@node-minio-h02 ~]# systemctl status haproxy

Check HaProxy

  • http://cluster-minio.house.cpb:7000/stats

4 .Modification du fichier « /etc/default/minio »

Node-minio-s01

[root@node-minio-s01 ~]# vi /etc/default/minio

# Variable spécifiant les hosts et les volumes par hosts
MINIO_VOLUMES="http://node-minio-s0{1...6}.house.cpb:9000/minio/minio_0{1...4}"

#Paramètre du port de la console
MINIO_OPTS="--console-address :9001"

#Credentials
MINIO_ROOT_USER=minioadmin

MINIO_ROOT_PASSWORD=minioadmin

#Adresse VIP du LoadBalancer
MINIO_SERVER_URL="http://cluster-minio.house.cpb:9000"

Node-minio-s02 à Node-minio-s06

[root@node-minio-s01 ~]# for i in {2..6};do scp /etc/default/minio root@node-minio-s0${i}:/etc/default/minio;done
[root@node-minio-s01 ~]# for i in {1..6};do ssh -t root@node-minio-s0${i} "cat /etc/default/minio |grep MINIO_SERVER_URL";done

Redémarrer le service

[root@node-minio-s01 ~]# for i in {1..6};do ssh -t root@node-minio-s0${i} "systemctl stop minio.service";done

Redémarrer en parallèle les 6 nœuds

[root@node-minio-s01 ~]# systemctl restart minio.service
[root@node-minio-s02 ~]# systemctl restart minio.service
[root@node-minio-s03 ~]# systemctl restart minio.service
[root@node-minio-s04 ~]# systemctl restart minio.service
[root@node-minio-s05 ~]# systemctl restart minio.service
[root@node-minio-s06 ~]# systemctl restart minio.service

Check HaProxy et Cluster minIO

Views: 1

Étiquettes

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *