回复
#冲刺创作新星# Active-Passive Disaster Recovery 原创
GabrielWu
发布于 2022-10-10 10:24
浏览
0收藏
DR-OLVM安装
参照Oracle Linux 7安装,进行Oracle Linux 7 minimal安装
参照OLVM安装,安装Oracle Linux Virtualization Manager
DR-KVM Host安装
参照Oracle Linux 7安装,进行Oracle Linux 7 minimal安装
参照KVM Host安装,配置KVM环境
DR群集配置
OLVM添加KVM Host
参照添加KVM Host,将KVM加入到群集中
网络配置
参照创建Logical Network,创建逻辑网络
Ansible安装配置
参照Oracle Linux 7安装,进行Oracle Linux 7 minimal安装
Ansible engine安装
yum groupinstall "Development tools" -y
rpm -ivh https://mirrors.tuna.tsinghua.edu.cn/epel/epel-release-latest-7.noarch.rpm
yum install ansible -yAnsible 配置定义
修改配置文件,/etc/ansible/ansible.cfg
[defaults]
# some basic default values...
inventory = /etc/ansible/hosts
# library_path = /usr/share/my_modules/
remote_tmp = $HOME/.ansible/tmp
pattern = *
forks = 5
poll_interval = 15
sudo_user = root
#ask_sudo_pass = True
#ask_pass = True
transport = smart
remote_port = 22
module_lang = C
gathering = implicit
host_key_checking = False
log_path = /var/log/ansible.log
system_warnings = False
roles_path = /etc/ansible/roles
# set plugin path directories here, separate with colons
action_plugins = /usr/share/ansible/plugins/action
become_plugins = /usr/share/ansible/plugins/become
cache_plugins = /usr/share/ansible/plugins/cache
callback_plugins = /usr/share/ansible/plugins/callback
connection_plugins = /usr/share/ansible/plugins/connection
lookup_plugins = /usr/share/ansible/plugins/lookup
inventory_plugins = /usr/share/ansible/plugins/inventory
vars_plugins = /usr/share/ansible/plugins/vars
filter_plugins = /usr/share/ansible/plugins/filter
test_plugins = /usr/share/ansible/plugins/test
terminal_plugins = /usr/share/ansible/plugins/terminal
strategy_plugins = /usr/share/ansible/plugins/strategy
fact_caching = memory
[accelerate]
accelerate_port = 5099
accelerate_timeout = 30
accelerate_connect_timeout = 5.0
# The daemon timeout is measured in minutes. This time is measured
# from the last activity to the accelerate daemon.
accelerate_daemon_timeout = 30安装ovirt角色
ansible-galaxy install oVirt.ovirt-ansible-roles -p /usr/share/ansible/roles/
ansible-galaxy install oVirt.infra -p /usr/share/ansible/roles/检查安装结果
[root@ansible ansible]# ansible-galaxy list
# /root/.ansible/roles
# /usr/share/ansible/roles
- oVirt.ovirt-ansible-roles, 1.2.3
- ovirt.cluster-upgrade, 1.2.3
- ovirt.disaster-recovery, 1.3.0
- ovirt.engine-setup, 1.2.4
- ovirt.image-template, 1.2.2
- ovirt.infra, 1.2.2
- ovirt.manageiq, 1.2.1
- ovirt.repositories, 1.2.5
- ovirt.vm-infra, 1.2.3
- ovirt.v2v-conversion-host, v1.9.1
- ovirt.hosted_engine_setup, 1.0.34
- ovirt.shutdown_env, 1.1.0
- oVirt.infra, 1.2.2
# /etc/ansible/roles安装python3等依赖包
yum install python3 libcurl-devel python3-devel libxslt-devel openssl \
python-pip python-devel.x86_64 -y
export PYCURL_SSL_LIBRARY=nss
pip3 install pycurl ovirt-engine-sdk-python pyyaml
pip install ovirt-engine-sdk-python生成mapping file
生成olvm mapping file
编辑变量文件,/usr/share/ansible/roles/ovirt.disaster-recovery/files/olvm.conf
[log]
log_file=/tmp/ovirt-dr-{}.log
log_level=DEBUG
[generate_vars]
site=https://ol7-olvm/ovirt-engine/api
username=admin@internal
password=P@ss0lvm
ca_file=/etc/pki/ovirt-engine/olvm-ca.pem
output_file=/etc/ansible/olvm/olvm_vars.yml
ansible_play=/usr/share/ansible/roles/ovirt.disaster-recovery/examples/dr_play.yml添加hosts
cat > /etc/hosts << EOF
192.168.10.51 ol7-olvm
192.168.10.52 dr-ol7-olvm
EOF拷贝CA证书
mkdir -p /etc/pki/ovirt-engine
rsync -av ol7-olvm:/etc/pki/ovirt-engine/ca.pem /etc/pki/ovirt-engine/olvm-ca.pem
rsync -av dr-ol7-olvm:/etc/pki/ovirt-engine/ca.pem /etc/pki/ovirt-engine/dr-olvm-ca.pem使用脚本生成mapping file,/usr/share/ansible/roles/ovirt.disaster-recovery/files/ovirt-dr
[root@ansible files]# pwd
/usr/share/ansible/roles/ovirt.disaster-recovery/files
[root@ansible files]# ./ovirt-dr generate --conf-file=olvm.confolvm_mapping文件, /etc/ansible/olvm/olvm_vars.yml
---
dr_sites_primary_url: https://ol7-olvm/ovirt-engine/api
dr_sites_primary_username: admin@internal
dr_sites_primary_ca_file: /etc/pki/ovirt-engine/ca.pem
# Please fill in the following properties for the secondary site:
dr_sites_secondary_url: # https://ol7-olvm/ovirt-engine/api
dr_sites_secondary_username: # admin@internal
dr_sites_secondary_ca_file: # /etc/pki/ovirt-engine/ca.pem
dr_import_storages:
- dr_domain_type: iscsi
dr_wipe_after_delete: False
dr_backup: False
dr_critical_space_action_blocker: 5
dr_storage_domain_type: data
dr_warning_low_space: 10
dr_primary_name: data
dr_primary_master_domain: False
dr_primary_dc_name: Default
dr_discard_after_delete: False
dr_domain_id: bcca8438-810f-4932-bf25-d874babd97b1
dr_primary_address: 192.168.10.101
dr_primary_port: 3260
dr_primary_target: ["iqn.2006-01.com.openfiler:olvm-data"]
# Fill in the empty properties related to the secondary site
dr_secondary_name: # data
dr_secondary_master_domain: # False
dr_secondary_dc_name: # Default
dr_secondary_address: # 192.168.10.101
dr_secondary_port: # 3260
# target example: ["target1","target2","target3"]
dr_secondary_target: # ["iqn.2006-01.com.openfiler:olvm-data"]
- dr_domain_type: iscsi
dr_wipe_after_delete: False
dr_backup: False
dr_critical_space_action_blocker: 5
dr_storage_domain_type: data
dr_warning_low_space: 10
dr_primary_name: iso
dr_primary_master_domain: True
dr_primary_dc_name: Default
dr_discard_after_delete: False
dr_domain_id: 7f193505-6922-467e-aeb7-06ee4d9296b6
dr_primary_address: 192.168.10.101
dr_primary_port: 3260
dr_primary_target: ["iqn.2006-01.com.openfiler:olvm-iso"]
# Fill in the empty properties related to the secondary site
dr_secondary_name: # iso
dr_secondary_master_domain: # True
dr_secondary_dc_name: # Default
dr_secondary_address: # 192.168.10.101
dr_secondary_port: # 3260
# target example: ["target1","target2","target3"]
dr_secondary_target: # ["iqn.2006-01.com.openfiler:olvm-iso"]
# Mapping for cluster
dr_cluster_mappings:
- primary_name: Default
# Fill the correlated cluster name in the secondary site for cluster 'Default'
secondary_name: # Default
# Mapping for affinity group
dr_affinity_group_mappings:
# Mapping for affinity label
dr_affinity_label_mappings:
# Mapping for domain
dr_domain_mappings:
- primary_name: internal-authz
# Fill in the correlated domain in the secondary site for domain 'internal-authz'
secondary_name: # internal-authz
# Mapping for role
# Fill in any roles which should be mapped between sites.
dr_role_mappings:
- primary_name:
secondary_name:
dr_network_mappings:
- primary_network_name: ovirtmgmt
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# primary_network_dc: Default
primary_profile_name: ovirtmgmt
primary_profile_id: 0000000a-000a-000a-000a-000000000398
# Fill in the correlated vnic profile properties in the secondary site for profile 'ovirtmgmt'
secondary_network_name: # ovirtmgmt
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# secondary_network_dc: Default
secondary_profile_name: # ovirtmgmt
secondary_profile_id: # 0000000a-000a-000a-000a-000000000398
- primary_network_name: vm_public
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# primary_network_dc: Default
primary_profile_name: vm_public
primary_profile_id: a50fa78c-eb82-4f28-89c2-65e1a3c2f190
# Fill in the correlated vnic profile properties in the secondary site for profile 'vm_public'
secondary_network_name: # vm_public
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# secondary_network_dc: Default
secondary_profile_name: # vm_public
secondary_profile_id: # a50fa78c-eb82-4f28-89c2-65e1a3c2f190
# Mapping for external LUN disks
dr_lun_mappings:生成dr-olvm mapping file
编辑变量文件,/usr/share/ansible/roles/ovirt.disaster-recovery/files/dr-olvm.conf
[log]
log_file=/tmp/ovirt-dr-{}.log
log_level=DEBUG
[generate_vars]
site=https://dr-ol7-olvm/ovirt-engine/api
username=admin@internal
password=P@ss0lvm
ca_file=/etc/pki/ovirt-engine/dr-olvm-ca.pem
output_file=/etc/ansible/olvm/dr-olvm_vars.yml
ansible_play=/usr/share/ansible/roles/ovirt.disaster-recovery/examples/dr_play.yml使用脚本生成mapping file,/usr/share/ansible/roles/ovirt.disaster-recovery/files/ovirt-dr
[root@ansible files]# pwd
/usr/share/ansible/roles/ovirt.disaster-recovery/files
[root@ansible files]# ./ovirt-dr generate --conf-file=dr-olvm.confdr-olvm_mapping文件, /etc/ansible/olvm/dr-olvm_vars.yml
---
dr_sites_primary_url: https://dr-ol7-olvm/ovirt-engine/api
dr_sites_primary_username: admin@internal
dr_sites_primary_ca_file: /etc/pki/ovirt-engine/dr-olvm-ca.pem
# Please fill in the following properties for the secondary site:
dr_sites_secondary_url: # https://dr-ol7-olvm/ovirt-engine/api
dr_sites_secondary_username: # admin@internal
dr_sites_secondary_ca_file: # /etc/pki/ovirt-engine/dr-olvm-ca.pem
dr_import_storages:
# Mapping for cluster
dr_cluster_mappings:
- primary_name: Default
# Fill the correlated cluster name in the secondary site for cluster 'Default'
secondary_name: # Default
# Mapping for affinity group
dr_affinity_group_mappings:
# Mapping for affinity label
dr_affinity_label_mappings:
# Mapping for domain
dr_domain_mappings:
- primary_name: internal-authz
# Fill in the correlated domain in the secondary site for domain 'internal-authz'
secondary_name: # internal-authz
# Mapping for role
# Fill in any roles which should be mapped between sites.
dr_role_mappings:
- primary_name:
secondary_name:
dr_network_mappings:
- primary_network_name: ovirtmgmt
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# primary_network_dc: Default
primary_profile_name: ovirtmgmt
primary_profile_id: 0000000a-000a-000a-000a-000000000398
# Fill in the correlated vnic profile properties in the secondary site for profile 'ovirtmgmt'
secondary_network_name: # ovirtmgmt
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# secondary_network_dc: Default
secondary_profile_name: # ovirtmgmt
secondary_profile_id: # 0000000a-000a-000a-000a-000000000398
- primary_network_name: vm_public
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# primary_network_dc: Default
primary_profile_name: vm_public
primary_profile_id: cacf200a-1e3c-4d0f-ba7c-a7e3f8b8b3ce
# Fill in the correlated vnic profile properties in the secondary site for profile 'vm_public'
secondary_network_name: # vm_public
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# secondary_network_dc: Default
secondary_profile_name: # vm_public
secondary_profile_id: # cacf200a-1e3c-4d0f-ba7c-a7e3f8b8b3ce
# Mapping for external LUN disks
dr_lun_mappings:编辑合并dr_secondary部分
mapping_vars文件, /etc/ansible/olvm/mapping_vars.yml
Note:DR逻辑网络需提前配置,iSCSI应提前建好,并且不添加到domain中
---
dr_sites_primary_url: https://ol7-olvm/ovirt-engine/api
dr_sites_primary_username: admin@internal
dr_sites_primary_ca_file: /etc/pki/ovirt-engine/olvm-ca.pem
# Please fill in the following properties for the secondary site:
dr_sites_secondary_url: https://dr-ol7-olvm/ovirt-engine/api
dr_sites_secondary_username: admin@internal
dr_sites_secondary_ca_file: /etc/pki/ovirt-engine/dr-olvm-ca.pem
dr_import_storages:
- dr_domain_type: iscsi
dr_wipe_after_delete: False
dr_backup: False
dr_critical_space_action_blocker: 5
dr_storage_domain_type: data
dr_warning_low_space: 10
dr_primary_name: data
dr_primary_master_domain: True
dr_primary_dc_name: Default
dr_discard_after_delete: False
dr_domain_id: bcca8438-810f-4932-bf25-d874babd97b1
dr_primary_address: 192.168.10.101
dr_primary_port: 3260
dr_primary_target: ["iqn.2006-01.com.openfiler:olvm-data"]
# Fill in the empty properties related to the secondary site
dr_secondary_name: data
dr_secondary_master_domain: True
dr_secondary_dc_name: Default
dr_secondary_address: 192.168.10.101
dr_secondary_port: 3260
# target example: ["target1","target2","target3"]
dr_secondary_target: ["iqn.2006-01.com.openfiler:dr-olvm-data"]
#- dr_domain_type: iscsi
# dr_wipe_after_delete: False
# dr_backup: False
# dr_critical_space_action_blocker: 5
# dr_storage_domain_type: data
# dr_warning_low_space: 10
# dr_primary_name: iso
# dr_primary_master_domain: False
# dr_primary_dc_name: Default
# dr_discard_after_delete: False
# dr_domain_id: 7f193505-6922-467e-aeb7-06ee4d9296b6
# dr_primary_address: 192.168.10.101
# dr_primary_port: 3260
# dr_primary_target: ["iqn.2006-01.com.openfiler:olvm-iso"]
# # Fill in the empty properties related to the secondary site
# dr_secondary_name: # iso
# dr_secondary_master_domain: # False
# dr_secondary_dc_name: # Default
# dr_secondary_address: # 192.168.10.101
# dr_secondary_port: # 3260
# # target example: ["target1","target2","target3"]
# dr_secondary_target: # ["iqn.2006-01.com.openfiler:olvm-iso"]
# Mapping for cluster
dr_cluster_mappings:
- primary_name: Default
# Fill the correlated cluster name in the secondary site for cluster 'Default'
secondary_name: Default
# Mapping for affinity group
dr_affinity_group_mappings:
# Mapping for affinity label
dr_affinity_label_mappings:
# Mapping for domain
dr_domain_mappings:
- primary_name: internal-authz
# Fill in the correlated domain in the secondary site for domain 'internal-authz'
secondary_name: internal-authz
# Mapping for role
# Fill in any roles which should be mapped between sites.
dr_role_mappings:
- primary_name:
secondary_name:
dr_network_mappings:
- primary_network_name: ovirtmgmt
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# primary_network_dc: Default
primary_profile_name: ovirtmgmt
primary_profile_id: 0000000a-000a-000a-000a-000000000398
# Fill in the correlated vnic profile properties in the secondary site for profile 'ovirtmgmt'
secondary_network_name: ovirtmgmt
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# secondary_network_dc: Default
secondary_profile_name: ovirtmgmt
secondary_profile_id: 0000000a-000a-000a-000a-000000000398
- primary_network_name: vm_public
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# primary_network_dc: Default
primary_profile_name: vm_public
primary_profile_id: a50fa78c-eb82-4f28-89c2-65e1a3c2f190
# Fill in the correlated vnic profile properties in the secondary site for profile 'vm_public'
secondary_network_name: vm_public
# Data Center name is relevant when multiple vnic profiles are maintained.
# please uncomment it in case you have more than one DC.
# secondary_network_dc: Default
secondary_profile_name: vm_public
secondary_profile_id: cacf200a-1e3c-4d0f-ba7c-a7e3f8b8b3ce
# Mapping for external LUN disks
dr_lun_mappings:Failover测试
前提准备
新建密码文件,/etc/ansible/ovirt_password.yml
---
dr_sites_primary_password: P@ss0lvm
dr_sites_secondary_password: P@ss0lvm加密密码文件
[root@ansible ansible]# ansible-vault encrypt ovirt_password.yml
New Vault password:
Confirm New Vault password:
Encryption successful新建failover playbook,/etc/ansible/olvm-failback.yml
---
- name: Failback OLVM
hosts: localhost
connection: local
vars:
dr_target_host: secondary
dr_source_map: primary
vars_files:
- mapping_vars.yml
- ovirt_passwords.yml
roles:
- ovirt.disaster-recoveryDr-Primary操作
配置进入维护模式,仿真故障情况
Ansible主机操作
ansible-playbook olvm-failback.yml --tags "fail_over"检查执行情况
Dr-Secondary检查
相关VM已同步
开机测试,正常运行
Failback测试
Dr-Primary恢复服务
Dr-Secondary操作
配置进入维护模式,确保数据只读
Ansible主机操作
ansible-playbook olvm-failback.yml --tags "fail_back"检查执行情况
Dr-Primary检查
Dr-Secondary写入的数据,已同步到Dr-Primary主机vm中
©著作权归作者所有,如需转载,请注明出处,否则将追究法律责任
分类
已于2022-10-10 10:24:22修改
赞
收藏
回复
相关推荐
