月度归档:2015年05月

Oracle 11gR2 RAC配置DNS解析SCAN IP

Oracle 11g RAC集群中引入了SCAN(Single Client Access Name)的概念,也就是指集群的单客户端访问名称。SCAN这个特性为客户端提供了单一的主机名,用于访问集群中运行的Oracle数据库。如果您在集群中添加或删除节点,使用SCAN的客户端无需更改自己的TNS配置,无论集群包含哪些节点,SCAN资源及其关联的IP地址提供了一个稳定的名称供客户端进行连接使用。在Oracle 11g Grid安装时即要求为该特性配置DNS解析方式或GNS解析方式,本文描述了安装Oracle 11g Grid时的DNS配置。

关于配置DNS之前的几点说明:
#配置DNS可以使用单独的DNS服务器,也可以直接使用RAC的一个节点来提供DNS解析;
#直接使用某个节点时,容易出现该节点如果宕机将导致SCAN无法解析,客户端无法连接数据库;
#本文仅作演示,使用节点1的Public IP用作DNS Server,不考虑上面描述的情形以及DNS安全性等。
#本文使用DNS将SCAN解析为三个IP地址,分别为:
192.0.2.111
192.0.2.112
192.0.2.113
#DNS的守护进程
/usr/sbin/named   
/usr/sbin/rndc
#DNS的脚本
/etc/init.d/named
#DNS的端口
53 953(tcp udp) 
#DNS的配置文件
/var/named/chroot/etc/named.conf(主配置文件)  
/var/named/chroot/*

1.安装环境
[root@rac1 ~]# cat /etc/issue
Enterprise Linux Enterprise Linux Server release 5.4 (Carthage)
Kernel \r on an \m
[root@rac2 ~]# cat /etc/issue
Enterprise Linux Enterprise Linux Server release 5.4 (Carthage)
Kernel \r on an \m

2.主机节点host信息
[root@rac1 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6

##Public Network
192.0.2.101 rac1.oracle.com rac1   #该地址作为DNS服务器地址
192.0.2.102 rac2.oracle.com rac2
##Public Virtual IP(VIP) addresses
192.0.2.103 rac1-vip.oracle.com rac1-vip
192.0.2.104 rac2-vip.oracle.com rac2-vip
##Private Interconnect
192.168.0.101 rac1-priv.oracle.com rac1-priv
192.168.0.102 rac2-priv.oracle.com rac2-priv

[root@rac2 ~]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1       localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6

##Public Network
192.0.2.101 rac1.oracle.com rac1
192.0.2.102 rac2.oracle.com rac2
##Public Virtual IP(VIP) addresses
192.0.2.103 rac1-vip.oracle.com rac1-vip
192.0.2.104 rac2-vip.oracle.com rac2-vip
##Private Interconnect
192.168.0.101 rac1-priv.oracle.com rac1-priv
192.168.0.102 rac2-priv.oracle.com rac2-priv

3.安装DNS Server(节点1操作)
rpm -ivh bind-9.3.6-16.P1.el5.i386.rpm
rpm -ivh bind-chroot-9.3.6-16.P1.el5.i386.rpm
rpm -ivh caching-nameserver-9.3.6-16.P1.el5.i386.rpm

4.配置DNS Server
关于DNS的配置,分为以下几个步骤:
#a.配置named.conf文件
#b.配置zone文件,包括正向和反向zone文件
#c.配置解析文件resolv.conf
#d.启动DNS服务
#e.验证DNS

a.配置named.conf文件(节点1操作)
[root@rac1 ~]# cd /var/named/chroot/etc/
[root@rac1 etc]# ls -l
total 20
-rw-r–r– 1 root root   405 Apr 12 23:22 localtime
-rw-r—– 1 root named 1230 Sep  3  2009 named.caching-nameserver.conf
-rw-r—– 1 root named 1190 Apr 16 01:21 named.rfc1912.zones
-rw-r—– 1 root named  113 Apr 16 00:22 rndc.key

[root@rac1 etc]# cp -p named.caching-nameserver.conf named.conf #修改named.conf文件,将源文件中的所有localhost以及127.0.0.1修改成any,注意any;前后保留空格
#该文件主要是配置dns监听那些端口以及ip地址并指明相应的名字解析zone文件名named.zones
#下面是修改后的named.conf文件
[root@rac1 etc]# more named.conf 
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver 
// (as a localhost DNS resolver only). 
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE – use system-config-bind or an editor
// to create named.conf – edits to this file will be lost on 
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory       “/var/named”;
        dump-file       “/var/named/data/cache_dump.db”;
        statistics-file “/var/named/data/named_stats.txt”;
        memstatistics-file “/var/named/data/named_mem_stats.txt”;

        // Those options should be used carefully because they disable port
        // randomization
        // query-source    port 53;
        // query-source-v6 port 53;

        allow-query     { any; };
        allow-query-cache { any; };
};
logging {
        channel default_debug {
                file “data/named.run”;
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { any; };
        match-destinations { any; };
        recursion yes;
        include “/etc/named.rfc1912.zones”;
};

b.配置正向解析和反向解析zone(节点1操作)
[root@rac1 etc]# more named.rfc1912.zones 
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package 
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
// 
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone “.” IN {
        type hint;
        file “named.ca”;
};

zone “localdomain” IN {
        type master;
        file “localdomain.zone”;
        allow-update { none; };
};

zone “localhost” IN {
        type master;
        file “localhost.zone”;
        allow-update { none; };
};

zone “0.0.127.in-addr.arpa” IN {
        type master;
        file “named.local”;
        allow-update { none; };
};

zone “0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa” IN
 {
        type master;
        file “named.ip6.local”;
        allow-update { none; };
};

zone “255.in-addr.arpa” IN {
        type master;
        file “named.broadcast”;
        allow-update { none; };
};

zone “0.in-addr.arpa” IN {
        type master;
        file “named.zero”;
        allow-update { none; };
};

zone “oracle.com” IN {
        type master;
        file “oracle.com.zone”;
        allow-update { none; };
};

zone “2.0.192.in-addr.arpa” IN {
        type master;
        file “oracle.com.local”;
        allow-update { none; };
};

# 这里需要注意的是,反向解析从左到右读取IP地址时是以相反的方向解析的,所以需要将IP地址反向排列。这里,192.0.2.*网段的反向解析域名为2.0.192.in-addr.arpa

#利用模板文件创建用于正向解析和反向解析数据库文件(节点1操作)
[root@rac1 ~]# cd /var/named/chroot/var/named
[root@rac1 named]# ls -l
total 44
drwxrwx— 2 named named 4096 Apr 16 01:10 data
-rw-r—– 1 root  named  198 Sep  3  2009 localdomain.zone
-rw-r—– 1 root  named  195 Sep  3  2009 localhost.zone
-rw-r—– 1 root  named  427 Sep  3  2009 named.broadcast
-rw-r—– 1 root  named 1892 Sep  3  2009 named.ca
-rw-r—– 1 root  named  424 Sep  3  2009 named.ip6.local
-rw-r—– 1 root  named  426 Sep  3  2009 named.local
-rw-r—– 1 root  named  427 Sep  3  2009 named.zero
drwxrwx— 2 named named 4096 Jul 27  2004 slaves

[root@rac1 named]# cp -p named.local oracle.com.local
[root@rac1 named]# cp -p named.zero oracle.com.zone 
#下面是修改之后的正向搜索文件,可以将host文件的其他ip对照编辑到正向搜索文件以实现解析
#下面的例子将SCAN IP的参照关系也添加到解析文件
[root@rac1 named]# cat oracle.com.zone 
$TTL    86400
@       IN SOA  oracle.com.     root.oracle.com. (
                                42               ; serial (d. adams)
                                3H               ; refresh
                                15M              ; retry
                                1W               ; expiry
                                1D )             ; minimum

        IN NS           oracle.com.
scan    IN A            192.0.2.111
scan    IN A            192.0.2.112
scan    IN A            192.0.2.113

#创建反向解析数据库文件
[root@rac1 named]# cat oracle.com.local 
$TTL    86400
@       IN      SOA     oracle.com.   root.oracle.com. (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
        IN      NS      oracle.com.
111     IN      PTR     scan.oracle.com.
112     IN      PTR     scan.oracle.com.
113     IN      PTR     scan.oracle.com.
#无论RAC有多少节点SCAN VIP的个数只能有3个
#数字写IP地址的最后一个,如192.0.2.111就写111

c.配置解析文件resolv.conf(所有节点)
[root@rac1 ~]# more /etc/resolv.conf 
search oracle.com
nameserver 192.0.2.101
[root@rac2 ~]# cat /etc/resolv.conf 
search oracle.com
nameserver 192.0.2.101

d.启动DNS Server
[root@rac1 ~]# service named restart
Stopping named:[  OK ]
Starting named:[  OK ]

e.验证DNS配置(所有节点操作)
[root@rac1 ~]# nslookup 192.0.2.111
Server:         192.0.2.101
Address:        192.0.2.101#53

111.2.0.192.in-addr.arpa        name = scan.oracle.com.

[root@rac1 ~]# nslookup 192.0.2.112
Server:         192.0.2.101
Address:        192.0.2.101#53

112.2.0.192.in-addr.arpa        name = scan.oracle.com.

[root@rac1 ~]# nslookup 192.0.2.113
Server:         192.0.2.101
Address:        192.0.2.101#53

113.2.0.192.in-addr.arpa        name = scan.oracle.com.

[root@rac2 ~]# nslookup scan
Server:         192.0.2.101
Address:        192.0.2.101#53

Name:   scan.oracle.com
Address: 192.0.2.111
Name:   scan.oracle.com
Address: 192.0.2.112
Name:   scan.oracle.com
Address: 192.0.2.113

[root@rac2 ~]# nslookup 192.0.2.111
Server:         192.0.2.101
Address:        192.0.2.101#53

111.2.0.192.in-addr.arpa        name = scan.oracle.com.

[root@rac2 ~]# nslookup 192.0.2.112
Server:         192.0.2.101
Address:        192.0.2.101#53

112.2.0.192.in-addr.arpa        name = scan.oracle.com.

[root@rac2 ~]# nslookup 192.0.2.113
Server:         192.0.2.101
Address:        192.0.2.101#53

113.2.0.192.in-addr.arpa        name = scan.oracle.com.

到此DNS配置完成,SCAN IP正反向解析均成功。不过这里DNS采用RAC中的一个节点作为Server,这在生产环境下是不合理的,需要注意。