本文为云贝教育 刘峰 原创,请尊重知识产权,转发请注明出处,不接受任何抄袭、演绎和未经注明出处的转载。
一、概述
Oracle Grid Naming Service (GNS) 是Oracle Grid Infrastructure的一个重要组件,它提供了一种集中式的命名服务,主要用于简化集群环境中的网络配置管理,特别是在Oracle RAC(Real Application Clusters)和Oracle ASM(Automatic Storage Management)环境中。本文将详细介绍Oracle GNS的概念、功能、配置步骤以及其在企业级部署中的优势。
二、Oracle GNS 简介
Oracle GNS 是一种基于DNS(Domain Name System)技术的服务,它允许集群中的节点使用动态分配的IP地址,同时通过提供一个单一的、易管理的命名空间来简化网络资源的定位。GNS通过集成DNS服务器和DHCP(Dynamic Host Configuration Protocol)服务器的功能,实现了动态域名解析和IP地址分配,使得集群节点能够自动注册和更新它们的网络配置信息。
主要功能
- 动态DNS服务:GNS允许集群节点动态注册其主机名和IP地址到DNS系统中,无需手动配置DNS记录。这大大减少了管理开销,并提高了集群的灵活性。
- 集成DHCP服务:GNS作为DHCP服务器,可以为集群节点自动分配IP地址,这些地址与预先定义好的DNS域名关联,简化了网络配置。
- 虚拟IP地址管理:GNS支持虚拟IP(VIP)地址的分配和管理,这对于Oracle RAC等需要高可用性配置的应用至关重要,因为VIP可以在节点故障时快速切换到其他活动节点。
- 简化网络架构:通过使用GNS,可以实现单一的网络命名空间,所有集群资源(包括数据库实例、监听器、ASM实例等)都可通过统一的域名访问,降低了网络复杂度。
三、配置步骤
3.1 配置Oracle GNS关键步骤:
1. 安装Oracle Grid Infrastructure:首先,需要在至少一台服务器上安装Oracle Grid Infrastructure软件,选择包含GNS选项的安装类型。
2. 配置GNS网络参数:在Grid Infrastructure配置向导中,指定GNS使用的域名、DNS服务器地址、以及GNS使用的子网和IP地址范围。
3. 创建GNS区域:通过Grid Infrastructure Configuration Assistant (GIAC) 创建GNS区域,包括定义DNS反向查找区域。
4. 配置节点的网络接口:确保所有集群节点都配置了正确的网络设置,能够与GNS服务器通信,并能接受DHCP提供的IP地址。
5. 验证配置:通过检查DNS解析和节点之间的通信,确保GNS服务正确无误地运行。
3.2 配置Oracle GNS规则
1)RAC IP规划
2)GNS服务器规划
3.3 DNS配置
配置文件说明
- bind的主配置文件是/etc/named.conf
- 区域类型配置文件是/etc/named.rfc1912.zones
- 区域配置文件在/var/named/下
3.3.1 安装DNS
yum源请读者自行配置
yum install bind-libs bind bind-utils
rpm -qa | grep "^bind"
3.3.2 配置DNS的bind主配置文件
bind的主配置文件是/etc/named.conf
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
//这里必须注释掉原来的file,重新加上file
zone "." IN {
type hint;
// file "named.ca";
file "/dev/null";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
3.3.3 配置DNS的正反向解析Zone
修改Zone 文件:/etc/named.rfc1912.zones, 添加正向解析和反向解析的Zone 定义
[root@edbjr2p1 named]# # vi /etc/named.rfc1912.zones
--配置正向解析Zone
zone "example.com" IN { // Zone名字可自取
type master;
file "example.com.zone"; // Zone file 名可自取
allow-update{ none; };
};
--配置反向解析Zone
zone "2.168.192.in-addr.arpa" IN { // 反向Zone ,IP反转后缀需要加in-addr.arp,下同
type master;
file "2.168.192.local"; // Zone File名可自取,下同
allow-update{ none; };
};
zone "3.168.192.in-addr.arpa" IN { // 该方向用于解析私有IP1
type master;
file "3.168.192.local";
allow-update{ none; };
};
zone "4.168.192.in-addr.arpa" IN { // 该方向用于解析私有IP2
type master;
file "4.168.192.local";
allow-update{ none; };
};
zone "5.168.192.in-addr.arpa" IN { // 该方向用于解析私有IP3
type master;
file "5.168.192.local";
allow-update{ none; };
};
3.3.4 配置DNS的正向解析的区域文件
1)创建文件
touch /var/named/example.com.zone
chgrp named /var/named/example.com.zone
2) /var/named/example.com.zone配置以下内容
vi /var/named/example.com.zone
--内容如下
$TTL 3D
@ IN SOA dnsserver.example.com. root.example.com. (
42 ; serial (d.adams)
3H ; refresh
15M ; retry
1W ; expiry
1D) ; minimum
IN NS dnsserver.example.com.
//dns解析
dnsserver IN A 192.168.2.200
//rac public ip解析
host03 IN A 192.168.2.203
host04 IN A 192.168.2.204
//rac private ip解析
host03-priv IN A 192.168.3.1
host03-priv IN A 192.168.4.1
host03-priv IN A 192.168.5.1
host04-priv IN A 192.168.3.2
host04-priv IN A 192.168.4.2
host04-priv IN A 192.168.5.2
$ORIGIN example.com.
@ IN NS gnsserver.example.com
//gns解析
gnsserver.example.com IN A 192.168.2.199
这里可以一个私网IP对应多个IP地址
3.3.5 配置DNS的反向解析的区域文件
在/var/named 目录下创建反向解析的区域文件
1)配置PUBLIC IP
[root@edbjr2p1 named]# touch /var/named/2.168.192.local
[root@edbjr2p1 named]# chgrp named /var/named/2.168.192.local
[root@edbjr2p1 named]# vi /var/named/2.168.192.local
--添加如下内容:
$TTL 3D
@ IN SOA dnsserver.example.com. root.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400) ; Minimum
IN NS dnsserver.example.com.
200 IN PTR dnserver.example.com.
199 IN PTR gnsserver.example.com.
203 IN PTR host03.example.com.
204 IN PTR host04.example.com.
2)配置PRIVATE 解析
[root@edbjr2p1 named]# touch /var/named/3.168.192.local
[root@edbjr2p1 named]# chgrp named /var/named/3.168.192.local
[root@edbjr2p1 named]# vi /var/named/3.168.192.local
--添加如下内容:
$TTL 3D
@ IN SOA dnsserver.example.com. root.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400) ; Minimum
IN NS dnsserver.example.com.
200 IN PTR dnserver.example.com.
199 IN PTR gnsserver.example.com.
1 IN PTR host03-priv.example.com.
2 IN PTR host04-priv.example.com.
[root@edbjr2p1 named]# cat 4.168.192.local
$TTL 3D
@ IN SOA dnsserver.example.com. root.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400) ; Minimum
IN NS dnsserver.example.com.
200 IN PTR dnserver.example.com.
199 IN PTR gnsserver.example.com.
1 IN PTR host03-priv.example.com.
2 IN PTR host04-priv.example.com.
host03-priv.example.com. 解析为192.168.4.1
host03-priv.example.com. 解析为192.168.4.2
[root@edbjr2p1 named]# cat 5.168.192.local
$TTL 3D
@ IN SOA dnsserver.example.com. root.example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400) ; Minimum
IN NS dnsserver.example.com.
200 IN PTR dnserver.example.com.
199 IN PTR gnsserver.example.com.
1 IN PTR host03-priv.example.com.
2 IN PTR host04-priv.example.com.
3.3.6 配置DNS的反向解析的区域文件
[root@edbjr2p1 named]# named-checkzone 2.168.192.local /var/named/2.168.192.local
zone 2.168.192.local/IN: loaded serial 1997022700
OK
[root@edbjr2p1 named]#
[root@edbjr2p1 named]#
[root@edbjr2p1 named]#
[root@edbjr2p1 named]# named-checkzone 3.168.192.local /var/named/3.168.192.local
zone 3.168.192.local/IN: loaded serial 1997022700
OK
[root@edbjr2p1 named]#
[root@edbjr2p1 named]# named-checkzone 4.168.192.local /var/named/4.168.192.local
zone 4.168.192.local/IN: loaded serial 1997022700
OK
[root@edbjr2p1 named]#
[root@edbjr2p1 named]# named-checkzone 5.168.192.local /var/named/5.168.192.local
zone 5.168.192.local/IN: loaded serial 1997022700
OK
3.4 域名解析配置
GNS管理机
[root@edbjr2p1 named]# cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.2.200
RAC1节点
[root@host03 network-scripts]# cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.2.200
RAC2节点
[root@host04 network-scripts]# cat /etc/resolv.conf
# Generated by NetworkManager
search example.com
nameserver 192.168.2.200
3.5 nslookup命令检查
1)检查公网
[root@edbjr2p1 named]# nslookup host03.example.com
Server: 192.168.2.200
Address: 192.168.2.200#53
Name: host03.example.com
Address: 192.168.2.203
[root@edbjr2p1 named]# nslookup host04.example.com
Server: 192.168.2.200
Address: 192.168.2.200#53
Name: host04.example.com
Address: 192.168.2.204
2)检查私网
[root@edbjr2p1 named]# nslookup host04-priv.example.com
Server: 192.168.2.200
Address: 192.168.2.200#53
Name: host04-priv.example.com
Address: 192.168.4.2
Name: host04-priv.example.com
Address: 192.168.3.2
Name: host04-priv.example.com
Address: 192.168.5.2
[root@edbjr2p1 named]# nslookup host03-priv.example.com
Server: 192.168.2.200
Address: 192.168.2.200#53
Name: host03-priv.example.com
Address: 192.168.3.1
Name: host03-priv.example.com
Address: 192.168.5.1
Name: host03-priv.example.com
Address: 192.168.4.1
3.6 配置DNS SCAN解析
以scan解析名:cluster01-scan.cluster01.example.com为例
3.6.1 配置正向解析
[root@edbjr2p1 named]# cat example.com.zone
$TTL 3D
@ IN SOA dnsserver.example.com. root.example.com. (
42 ; serial (d.adams)
3H ; refresh
15M ; retry
1W ; expiry
1D) ; minimum
IN NS dnsserver.example.com.
dnsserver IN A 192.168.2.200
host03 IN A 192.168.2.203
host04 IN A 192.168.2.204
host03-priv IN A 192.168.3.1
host03-priv IN A 192.168.4.1
host03-priv IN A 192.168.5.1
host04-priv IN A 192.168.3.2
host04-priv IN A 192.168.4.2
host04-priv IN A 192.168.5.2
cluster01-scan.cluster01 IN A 192.168.2.208 //添加的内容,1节点上的IP
cluster01-scan.cluster01 IN A 192.168.2.210 //添加的内容,2节点上的IP
$ORIGIN example.com.
@ IN NS gnsserver.example.com
gnsserver.example.com IN A 192.168.2.199
3.6.2 检查配置
[root@edbjr2p1 named]# nslookup cluster01-scan.cluster01.example.com
Server: 192.168.2.200
Address: 192.168.2.200#53
Name: cluster01-scan.cluster01.example.com
Address: 192.168.2.210
Name: cluster01-scan.cluster01.example.com
Address: 192.168.2.208
[root@edbjr2p1 named]# nslookup cluster01-scan.cluster01
;; Got SERVFAIL reply from 192.168.2.200, trying next server
Server: 192.168.2.200
Address: 192.168.2.200#53
Name: cluster01-scan.cluster01.example.com
Address: 192.168.2.210
Name: cluster01-scan.cluster01.example.com
Address: 192.168.2.208
四、dhpc配置
gns管理机上配置
4.1 安装
yum install dhcp
4.2 配置dhcp
vim /etc/dhcp/dhcpd.conf
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.1;
option subnet-mask 255.255.255.0;
option nis-domain "example.com";
option domain-name "example.com";
option domain-name-servers 192.168.2.200;
option time-offset -18000; # Eastern Standard Time
range dynamic-bootp 192.168.2.205 192.168.2.215;
default-lease-time 21600;
max-lease-time 43200;
五、总结
总之,Oracle GNS是构建高可用性和可扩展性数据库集群不可或缺的一部分,它通过自动化网络配置和管理,为企业的IT基础设施提供了强大的支持。正确配置和利用GNS,可以有效提升数据库服务的稳定性和运维效率。
同时企业级部署带来的优势如下
- 简化运维:通过自动化网络配置管理,显著降低了集群维护的复杂性和人力成本。
- 增强可用性:GNS支持的VIP切换机制有助于提高关键业务系统的持续可用性。
- 灵活性:动态IP分配和自动DNS更新适应了快速变化的IT环境,便于资源的扩展和迁移。
- 标准化:统一的命名规则和网络架构促进了企业内部的标准实践,便于跨部门的协作和管理。
相关文章
【Oracle】Oracle 23AI创建示例库(HR/OE/PM/SH)
【Oracle】Linux x86-64 安装Oracle 23AI指南
【Oracle OCP】Oracle 19c 之配置OracleNet 网络
【Oracle 19c】Oracle 19c RAC修改网络
【Oracle 19c】Oracle 19c 单实例dg+rman+copy方案
【Oracle OCP】外部表
【Oracle OCP】linux 8安装19c单机版
【Oracle OCP】vmware16安装rhel8
【Oracle OCP】RMAN恢复实验
【Oracle OCP】19c 初步了解RMAN