本篇目錄結構:
在rac1 和rac2 2個節點上分别執行如下語句:
[root@rac01 ~]# service iptables stop
[root@rac01 ~]# chkconfig iptables off
[root@rac01 ~]# chkconfig iptables --list
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
chkconfig iptables off ---永久
service iptables stop ---臨時
/etc/init.d/iptables status ----會得到一系列資訊,說明防火牆開着。
/etc/rc.d/init.d/iptables stop ----------關閉防火牆
#vi /etc/sysconfig/network
HOSTNAME=rac1
# hostname rac1
Rac 2 上同樣執行
hosts檔案:
[grid@rac1 ~]$ more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
#Public IP
192.168.59.135 rac1
192.168.59.136 rac2
#Private IP
192.168.116.133 rac1-priv
192.168.116.134 rac2-priv
#Virtual IP
192.168.59.137 rac1-vip
192.168.59.138 rac2-vip
#Scan IP
192.168.59.139 rac-scan
[root@rac01 ~]# vi /etc/sysctl.conf
# for oracle 11g
fs.aio-max-nr = 1048576
fs.file-max = 6815744
kernel.shmall = 2147483648
kernel.shmmax = 68719476736
kernel.shmmni = 4096
kernel.sem = 250 32000 100 128
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048586
使修改參數立即生效:
[root@rac01 ~]# /sbin/sysctl -p
[root@rac01 ~]# vi /etc/security/limits.conf
grid soft nproc 2047
grid hard nproc 16384
grid soft nofile 1024
grid hard nofile 65536
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
[root@rac01 ~]# vi /etc/pam.d/login
session required pam_limits.so
[root@rac01 ~]# vi /etc/profile
if [ $USER = "oracle" ] || [ $USER = "grid" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384 -n 65536
fi
umask 022
[root@rac01 ~]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
getsebool
getsebool: SELinux is disabled
root 使用者雙節點運作:
gird時間同步所需要的設定(11gR2新增檢查項)
#Network Time Protocol Setting
/sbin/service ntpd stop
mv /etc/ntp.conf /etc/ntp.conf.bak (這時候oracle會自動啟用自己的NTP服務)
[root@node1 ~]# service ntpd status
ntpd is stopped
[root@node1 ~]# chkconfig ntpd stop
[root@node1 ~]# cat /etc/ntp
ntp/ ntp.conf
[root@node1 ~]# cp /etc/ntp.conf /etc/ntp.conf.bak
[root@node1 ~]# rm -rf /etc/ntp.conf
[root@node1 ~]#
解決方法:
例如:為了将/dev/shm的大小增加到1GB,修改/etc/fstab的這行:預設的:
none /dev/shm tmpfs defaults 0 0
改成:
none /dev/shm tmpfs defaults,size=1024m 0 0
size參數也可以用G作機關:size=1G。
或者使用指令: mount -o remount,size=4G /dev/shm
重新mount /dev/shm使之生效:
# mount -o remount /dev/shm
或者:
# umount /dev/shm
# mount -a
馬上可以用"df -h"指令檢查變化。
groupadd -g 501 oinstall
groupadd -g 502 dba
groupadd -g 503 oper
groupadd -g 504 asmadmin
groupadd -g 505 asmoper
groupadd -g 506 asmdba
useradd -g oinstall -G dba,asmdba,oper oracle
useradd -g oinstall -G asmadmin,asmdba,asmoper,oper,dba grid
為oracle和grid使用者設密碼:
[root@rac01 ~]# passwd oracle
[root@rac01 ~]# passwd grid
檢查:
[root@ora1 ~]# id oracle
uid=501(oracle) gid=501(oinstall) groups=501(oinstall),502(dba),503(oper),506(asmdba)
[root@ora1 ~]# id grid
uid=502(grid) gid=501(oinstall)
groups=501(oinstall),502(dba),503(oper),504(asmadmin),505(asmoper),506(asmdba)
? GRID 軟體的 ORACLE_HOME 不能是 ORACLE_BASE 的子目錄
--在2個節點均建立,root使用者下建立目錄:
mkdir -p /u01/app/oracle
mkdir -p /u01/app/grid
mkdir -p /u01/app/11.2.0/grid
chown -R grid:oinstall /u01/app/grid
chown -R grid:oinstall /u01/app/11.2.0
chown -R oracle:oinstall /u01/app/oracle
chmod -R 775 /u01
mkdir -p /u01/app/oraInventory
chown -R grid:oinstall /u01/app/oraInventory
chmod -R 775 /u01/app/oraInventory
修改gird、oracle使用者的.bash_profile檔案,以oracle賬号登陸,編輯.bash_profile
或者在root直接編輯:
vi /home/oracle/.bash_profile
vi /home/grid/.bash_profile
--------Oracle User----切換到Oracle使用者下------
[root@rhel_linux_asm ~]# su - oracle
[oracle@rhel_linux_asm ~]$ vi ~/.bash_profile
export ORACLE_SID=rac1
export ORACLE_BASE=/u01/app/oracle
export ORACLE_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1
export LD_LIBRARY_PATH=$ORACLE_HOME/lib
export NLS_DATE_FORMAT="yyyy-mm-dd HH24:MI:SS"
export TMP=/tmp
export TMPDIR=$TMP
export PATH=$PATH:$ORACLE_HOME/bin
--------Grid User-----切換到grid使用者下-----
[grid@rhel_linux_asm ~]$ vim .bash_profile
export ORACLE_SID=+ASM1
export ORACLE_BASE=/u01/app/grid
export ORACLE_HOME=/u01/app/11.2.0/grid
export PATH=$ORACLE_HOME/bin:$PATH
注意:另外一台資料庫執行個體名須做相應修改:
Oracle:export ORACLE_SID=rac2
grid:export ORACLE_SID=+ASM2
依據官方文檔要求,Red Hat Enterprise Linux 5須安裝如下軟體包
binutils-2.17.50.0.6
compat-libstdc++-33-3.2.3
compat-libstdc++-33-3.2.3(32 位)
elfutils-libelf-0.125
elfutils-libelf-devel-0.125
elfutils-libelf-devel-static-0.125
gcc-4.1.2
gcc-c++-4.1.2
glibc-2.5-24
glibc-2.5-24(32 位)
glibc-common-2.5
glibc-devel-2.5
glibc-devel-2.5(32 位)
glibc-headers-2.5
ksh-20060214
libaio-0.3.106
libaio-0.3.106(32 位)
libaio-devel-0.3.106
libaio-devel-0.3.106(32 位)
libgcc-4.1.2
libgcc-4.1.2(32 位)
libstdc++-4.1.2
libstdc++-4.1.2(32 位)
libstdc++-devel 4.1.2
make-3.81
sysstat-7.0.2
unixODBC-2.2.11
unixODBC-2.2.11(32 位)
unixODBC-devel-2.2.11
unixODBC-devel-2.2.11(32 位)
一般情況下除了compat的一些包沒有安裝外,其他的包都已經安裝了,可以使用rpm –qa |grep 指令進行查詢,注意一定要與作業系統版本相符
rpm -qa | grep binutils-
rpm -qa | grep compat-libstdc++-
rpm -qa | grep elfutils-libelf-
rpm -qa | grep elfutils-libelf-devel-
rpm -qa | grep glibc-
rpm -qa | grep glibc-common-
rpm -qa | grep glibc-devel-
rpm -qa | grep gcc-
rpm -qa | grep gcc-c++-
rpm -qa | grep libaio-
rpm -qa | grep libaio-devel-
rpm -qa | grep libgcc-
rpm -qa | grep libstdc++-
rpm -qa | grep libstdc++-devel-
rpm -qa | grep make-
rpm -qa | grep sysstat-
rpm -qa | grep unixODBC-
rpm -qa | grep unixODBC-devel-
rpm -ivh compat-libstdc++-33-3.2.3-69.el6.i686.rpm --force --nodeps
rpm -ivh unixODBC-* --force --nodeps
rhel6 還應該安裝一個包:compat-libcap1-1.10-1.x86_64.rpm
chkconfig autofs off
chkconfig acpid off
chkconfig sendmail off
chkconfig cups-config-daemon off
chkconfig cpus off
chkconfig xfs off
chkconfig lm_sensors off
chkconfig gpm off
chkconfig openibd off
chkconfig pcmcia off
chkconfig cpuspeed off
chkconfig nfslock off
chkconfig ip6tables off
chkconfig rpcidmapd off
chkconfig apmd off
chkconfig sendmail off
chkconfig arptables_jf off
chkconifg microcode_ctl off
chkconfig rpcgssd off
chkconfig ntpd off
雖然在安裝軟體的過程中,oracle 會自動配置 SSH 對等性,建議在安裝軟體之前手工配置。
以oracle身份在每個節點執行
為ssh和scp建立連接配接,檢驗是否存在:
ls -l /usr/local/bin/ssh
ls -l /usr/local/bin/scp
不存在則建立
/bin/ln -s /usr/bin/ssh /usr/local/bin/ssh
/bin/ln -s /usr/bin/scp /usr/local/bin/scp
[root@rac01 ~]# /bin/ln -s /usr/bin/ssh /usr/local/bin/ssh
[root@rac01 ~]# /bin/ln -s /usr/bin/scp /usr/local/bin/scp
為oracle使用者配置SSH:
生成使用者的公匙和私匙,在每個節點上:
[root@rac01 ~]# su – oracle
[oracle@rac01 ~]# mkdir ~/.ssh
[oracle@rac01 ~]#cd .ssh
[oracle@rac01 ~]# ssh-keygen -t rsa
[oracle@rac01 ~]# ssh-keygen -t dsa
在節點1上,把所有節點的authorized_keys檔案合成一個,再用這個檔案覆寫各個節點.ssh下的同名檔案:
[oracle@rac01 ~]# touch authorized_keys
[oracle@rac01 ~]# ssh rac01 cat /home/oracle/.ssh/id_rsa.pub >> authorized_keys
[oracle@rac01 ~]# ssh rac02 cat /home/oracle/.ssh/id_rsa.pub >> authorized_keys
[oracle@rac01 ~]# ssh rac01 cat /home/oracle/.ssh/id_dsa.pub >> authorized_keys
[oracle@rac01 ~]# ssh rac02 cat /home/oracle/.ssh/id_dsa.pub >> authorized_keys
[oracle@rac01 ~]# scp authorized_keys rac02:/home/oracle/.ssh/
分别在每個節點上執行檢驗操作:
[oracle@rac01 ~]# ssh rac01 date
[oracle@rac01 ~]# ssh rac02 date
[oracle@rac01 ~]# ssh-agent $SHELL
[oracle@rac01 ~]# ssh-add
為grid使用者配置SSH:
在每個節點上:
[root@rac01 ~]# su – grid
[grid@rac01 ~]# mkdir ~/.ssh
[grid@rac01 ~]#cd .ssh
[grid@rac01 ~]# ssh-keygen -t rsa
[grid@rac01 ~]# ssh-keygen -t dsa
在節點1上
:
[grid@rac01 ~]# touch authorized_keys
[grid@rac01 ~]# ssh rac01 cat /home/grid/.ssh/id_rsa.pub >> authorized_keys
[grid@rac01 ~]# ssh rac02 cat /home/grid/.ssh/id_rsa.pub >> authorized_keys
[grid@rac01 ~]# ssh rac01 cat /home/grid/.ssh/id_dsa.pub >> authorized_keys
[grid@rac01 ~]# ssh rac02 cat /home/grid/.ssh/id_dsa.pub >> authorized_keys
[grid@rac01 ~]# scp authorized_keys rac02:/home/grid/.ssh/
分别在每個節點上:
[grid@rac01 ~]# ssh rac01 date
[grid@rac01 ~]# ssh rac02 date
[grid@rac01 ~]# ssh-agent $SHELL
[grid@rac01 ~]# ssh-add
--------------------------------------------------------------------------------------自己:
為Oracle使用者配置SSH:
以oracle身份在每個節點執行以下代碼
su - oracle
mkdir ~/.ssh
cd .ssh
ssh-keygen -t rsa
ssh-keygen -t dsa
cat *rsa.pub >> authorized_keys
cat *dsa.pub >> authorized_keys
然後在rac1下:
ssh rac2 cat /home/oracle/.ssh/authorized_keys >> authorized_keys
scp authorized_keys rac2:/home/oracle/.ssh/
然後分别在每個節點上執行檢驗操作:
ssh rac1 date
ssh rac2 date
ssh-agent $SHELL
ssh-add
以grid身份在每個節點執行
su - grid
cd ~/.ssh
然後在rac1節點下執行:
ssh rac2 cat /home/grid/.ssh/authorized_keys >> authorized_keys
scp authorized_keys rac2:/home/grid/.ssh/
ssh rac1-priv date
ssh rac2-priv date
第二次執行時不再提示輸入密碼,并且可以成功執行指令,則表示 oracle 使用者 SSH 對等性
配置成功,至此,Oracle 使用者 SSH 對等性配置完成!重複上述步驟,以 grid 使用者配置對等性。
注意: 該步驟可以不配置然後在安裝的過程中有如下的界面可以來配置:
root使用者下執行:
A. sed -i 's/OPTIONS/#OPTIONS/g' /etc/sysconfig/ntpd
B.
cat >> /etc/sysconfig/ntpd
OPTIONS="-x -u ntp:ntp -p /var/run/ntpd.pid"
EOF
C.
mv /etc/ntp.conf /etc/ntp.confbak
D.
cat > /etc/ntp.conf
restrict 0.0.0.0 mask 0.0.0.0 nomodify
server 127.127.1.0
fudge 127.127.1.0 stratum 10
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
authenticate no
keys /etc/ntp/keys
A.
sed -i 's/OPTIONS/#OPTIONS/g' /etc/sysconfig/ntpd
cat >> /etc/ntp.conf
restrict default kod nomodify notrap nopeer noquery
restrict 182.168.8.0 mask 255.255.255.0 nomodify notrap
restrict 127.0.0.1
server 182.168.8.61
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
XL
#service ntpd restart
#chkconfig ntpd on