Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Deployment of Oracle RAC in VMware vsphere platform (II, NTP configuration and SSH trust)

2025-03-30 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Share

Shulou(Shulou.com)06/01 Report--

NTP configuration

Two nodes check to see if ntp is installed

Rpm-Q ntp

/ / install yum-y install ntp if not installed /

Systemctl enable ntpd systemctl enable ntpd.service setting Boot Boot ntp

Systemctl start ntpd starts ntp

Systemctl status ntpd View ntp status

-racdb1 is configured as a NTP server and client-

Vi / etc/ntp.conf

# when an external time server is not available, use local time as the time service

Server 127.127.1.0

Fudge 127.127.1.0 stratum 10

# allow synchronization time for other machines in the private network. If this constraint is not added, all IP are allowed to access the local synchronization service by default.

Restrict 192.168.61.0 mask 255.255.255.0 nomodify notrap

# configuration and upstream standard time synchronization

Server 101.201.72.121 # China National time Service Center

Server 133.100.11.8 # Japan [Fukuoka University]

Server 3.cn.pool.ntp.org

Server 1.asia.pool.ntp.org

Server 3.asia.pool.ntp.org

# allow upper-layer time server to actively modify local time

Restrict 101.201.72.121 nomodify notrap noquery

Restrict 133.100.11.8 nomodify notrap noquery

Restrict 3.cn.pool.ntp.org nomodify notrap noquery

Restrict 1.asia.pool.ntp.org nomodify notrap noquery

Restrict 3.asia.pool.ntp.org nomodify notrap noquery

Vi / etc/sysconfig/ntpd

# this option is used to automatically calibrate the system clock and hardware clock

SYNC_HWCLOCK=yes

OPTIONS= "- x-u ntp:ntp-p / var/run/ntpd.pid"

Restart systemctl restart ntpd after you finish

Ntpq-p view NTP servers on the network

There is a process of ntpstat synchronization, which will be executed in a few minutes. The synchronization will be considered successful only when the figure below appears.

-racdb2 is configured as a NTP client-

Vi / etc/ntp.conf

Add:

# allow the racdb1 ntp server to actively modify the local time

Restrict 192.168.61.219 nomodify notrap noquery

# set racdb1 as the ntp server

Server 192.168.61.219

Vi / etc/sysconfig/ntpd

# this option is used to automatically calibrate the system clock and hardware clock

SYNC_HWCLOCK=yes

OPTIONS= "- x-u ntp:ntp-p / var/run/ntpd.pid"

Systemctl restart ntpd restarts the ntp service

Ntpq-p check that the NTP server in the network is racdb1

Systemctl enable ntpd

Systemctl enable ntpd.service setting Boot Boot ntp

Set up the SSH trust relationship to ensure the interoperability between the two nodes

During the installation of grid Infrastructure, oracle universal installer (oui) must be able to automatically copy to all rac nodes as grid. Here we configure ssh trust relationship on each node, so that oracle and grid users can access each node without entering a password.

-configure oracle user ssh trust relationship

-racdb1 configure oracle user ssh trust relationship-

Su-oracle

Mkdir / .ssh

Chmod 755 ~. Ssh

/ usr/bin/ssh-keygen-t rsa

/ usr/bin/ssh-keygen-t dsa

Configure key file synchronization. Racdb1 aggregates authentication files id_rsa.pub and id_dsa.pub into a total authentication file authorized_keys,authorized_keys remotely copies to racdb2

Cd / .ssh

Cat ~ / .ssh/id_rsa.pub > > authorized_keys

Cat ~ / .ssh/id_dsa.pub > > authorized_keys

Go to oracledb2 and change to the directory created by oracle user, and then copy it with racdb1.

[root@racdb2 rules.d] # su-oracle

[oracle@racdb2] $mkdir ~ / .ssh

[oracle@racdb2] $chmod 755 ~ / .ssh

Racdb1 copies files to racdb2

Scp authorized_keys racdb2:~/.ssh/

-racdb2 configure oracle user ssh trust relationship-

Check to see the authorized_keys copied by racdb1

/ usr/bin/ssh-keygen-t rsa

/ usr/bin/ssh-keygen-t dsa

Configure key file synchronization. Racdb2 aggregates authentication files id_rsa.pub and id_dsa.pub into a total authentication file authorized_keys,authorized_keys, which is remotely copied to racdb1.

Cd / .ssh

Cat ~ / .ssh/id_rsa.pub > > authorized_keys

Cat ~ / .ssh/id_dsa.pub > > authorized_keys

Scp authorized_keys racdb1:~/.ssh/

Test on racdb1. You don't have to enter a password to be successful.

Ssh racdb1 date

Ssh racdb2 date

Ssh racdb1-priv date

Ssh racdb2-priv date

Test on racdb2. You don't have to enter a password to be successful.

Ssh racdb1 date

Ssh racdb2 date

Ssh racdb1-priv date

Ssh racdb2-priv date

-configure grid user ssh trust relationship-

-racdb1 configure grid user ssh trust relationship-

Su-grid

Mkdir / .ssh

Chmod 755 ~. Ssh

/ usr/bin/ssh-keygen-t rsa

/ usr/bin/ssh-keygen-t dsa

Configure key file synchronization. Racdb1 aggregates authentication files id_rsa.pub and id_dsa.pub into a total authentication file authorized_keys,authorized_keys, which is remotely copied to racdb2.

Cd / .ssh

Cat ~ / .ssh/id_rsa.pub > > authorized_keys

Cat ~ / .ssh/id_dsa.pub > > authorized_keys

Racdb1 copies files to racdb2

Scp authorized_keys racdb2:~/.ssh/

-racdb2 configure grid user ssh trust relationship-

Check to see the authorized_keys copied by racdb1

/ usr/bin/ssh-keygen-t rsa

/ usr/bin/ssh-keygen-t dsa

Configure key file synchronization. Racdb2 aggregates authentication files id_rsa.pub and id_dsa.pub into a total authentication file authorized_keys,authorized_keys, which is remotely copied to racdb1.

Cd / .ssh/

Cat ~ / .ssh/id_rsa.pub > > authorized_keys

Cat ~ / .ssh/id_dsa.pub > > authorized_keys

Scp authorized_keys racdb1:~/.ssh/

Test on racdb1. You don't have to enter a password to be successful.

Ssh racdb1 date

Ssh racdb2 date

Ssh racdb1-priv date

Ssh racdb2-priv date

Test on racdb2. You don't have to enter a password to be successful.

Ssh racdb1 date

Ssh racdb2 date

Ssh racdb1-priv date

Ssh racdb2-priv date

Will be updated later

Learning and communication QQ group 76552012, this article is original, if you need to reprint, please contact QQ group

Https://blog.csdn.net/ai74le/article/details/89437178, the CSDN blog for this article

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Database

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report