Fung's DBA World

DBA knowledge,standing on the shoulders of giants.

11gr2 RAC SCAN DNS Configuration

March 25, 2014

11gr2中RAC SCAN DNS简单配置,环境: 11.2.0.4+OEL5.8 x64

简单描述一下11gr2中引进的SCAN概念。SCAN全称为Single Client Access Name,顾名思义,客户端可以通过一个SCAN NAME就可以访问RAC。在此之前,客户端访问RAC都是通过VIP,如果RAC节点很多,那么在客户端TNS配置中就要写很多IP地址,最重要的是,如果增加或者减少RAC节点,相应的客户端TNS配置也要修改,为了增加可扩展性及灵活性,Oracle在11gr2推出了SCAN这个概念。

SCAN是以虚拟主机名形式出现,可以通过DNS,Oracle本身自带的GNS(Grid Name Serveice)或者hosts文件解析,最大支持3个IP解析,而hosts文件解析则只能解析一个IP。同时SCAN IP地址需和公网、VIP网段一致。Oracle强烈建议不使用hosts文件解析SCAN,但其实在现实生产环境中,大部分都是使用hosts解析的。但如果使用hosts解析的话,在安装的结尾会接到Cluster Verification Utility Failed的错误,详情请查询MOS:Note: 887471.1。为了高可用性及可扩展性,Oracle推荐DNS中解析方式为轮询模式(Round Robin)。

Grid Infrastructure在各个节点启用本地监听LISTENER去监听本地VIP,同时启用SCAN监听(最少一个,最多三个)去监听SCAN VIPs,11gr2默认设置local_listner为本地监听,remote_listener为SCAN监听。

SCAN IP与原有的VIP是紧密连接在一起的,当客户端请求访问时,SCAN监听根据LBA算法转发给对应实例的local LISTENER,最终还是由VIP对客户端提供服务。因此,在一个多节点的RAC中,同一个SCAN VIP有可能分布在多个节点,或者同一节点。在sqlnet.ora配置中,同时也要保证一点要有easy connect naming method存在,即添加参数NAMES.DIRECTORY_PATH=(tnsnames,ezconnect)。

以下DNS Server为节点1,纯粹为了测试,生产环境不建议这样操作,因为如果节点1宕机了,SCAN就无法解析了。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[root@node1:/root]# cat /etc/hosts 
# Do not remove the following line, or various programs 
# that require network functionality will fail. 
127.0.0.1 localhost.localdomain localhost 
#public IP 
192.168.56.101 node1.oraclema.com node1 
192.168.56.102 node2.oraclema.com node2``` 

 #priv 
10.10.10.101 node1-prv 
10.10.10.102 node2-prv 

 #Virtual IP 
192.168.56.103 node1-vip.oraclema.com node1-vip 
192.168.56.104 node2-vip.oraclema.com node2-vip 

 #SCAN 
#192.168.56.110 racdb-scan.oraclema.com racdb-scan 
#192.168.56.111 racdb-scan.oraclema.com racdb-scan 
#192.168.56.112 racdb-scan.oraclema.com racdb-scan 
以上node1为DNS服务器。
1
2
3
4
5
6
7
8
9
10
[root@node1:/root]# yum install -y bind bind-chroot bind-utils caching-nameserver 
[root@node1:/root]# cd /var/named/chroot/etc/ 
[root@node1:/var/named/chroot/etc]# ll 
total 16 
-rw-r--r-- 1 root root 405 Jan 22 12:25 localtime 
-rw-r----- 1 root named 1230 Dec 20 2011 named.caching-nameserver.conf 
-rw-r----- 1 root named 955 Dec 20 2011 named.rfc1912.zones 
-rw-r----- 1 root named 113 Mar 24 16:57 rndc.key 
[root@node1:/var/named/chroot/etc]# cp -p named.caching-nameserver.conf named.conf 
[root@node1:/var/named/chroot/etc]# cp -p named.rfc1912.zones named.zones
修改配置文件,修改完后如下所示:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
[root@node1:/var/named/chroot/etc]# cat named.conf  
// 
// named.caching-nameserver.conf 
// 
// Provided by Red Hat caching-nameserver package to configure the 
// ISC BIND named(8) DNS server as a caching only nameserver  
// (as a localhost DNS resolver only).  
// 
// See /usr/share/doc/bind*/sample/ for example named configuration files. 
// 
// DO NOT EDIT THIS FILE - use system-config-bind or an editor 
// to create named.conf - edits to this file will be lost on  
// caching-nameserver package upgrade. 
// 
options {   
        listen-on port 53 { any; };   
        listen-on-v6 port 53 { ::1; };   
        directory       "/var/named";   
        dump-file       "/var/named/data/cache_dump.db";   
        statistics-file "/var/named/data/named_stats.txt";   
        memstatistics-file "/var/named/data/named_mem_stats.txt";   
   
        // Those options should be used carefully because they disable port   
        // randomization   
        // query-source    port 53;   
        // query-source-v6 port 53;   
   
        allow-query     { any; };   
        allow-query-cache { any; };   
};   
logging {   
        channel default_debug {   
                file "data/named.run";   
                severity dynamic;   
        };   
};   
view localhost_resolver {   
        match-clients      { any; };   
        match-destinations { any; };   
        recursion yes;   
        include "/etc/named.zones";   
}; 
[root@node1:/var/named/chroot/etc]# cat named.zones  
// named.rfc1912.zones: 
// 
// Provided by Red Hat caching-nameserver package  
// 
// ISC BIND named zone configuration for zones recommended by 
// RFC 1912 section 4.1 : localhost TLDs and address zones 
//  
// See /usr/share/doc/bind*/sample/ for example named configuration files. 
// 
zone "." IN { 
        type hint; 
        file "named.ca"; 
}; 

 zone "localdomain" IN { 
        type master; 
        file "localdomain.zone"; 
        allow-update { none; }; 
}; 

 zone "localhost" IN { 
        type master; 
        file "localhost.zone"; 
        allow-update { none; }; 
}; 

 zone "0.0.127.in-addr.arpa" IN { 
        type master; 
        file "named.local"; 
        allow-update { none; }; 
}; 

 zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN { 
        type master; 
        file "named.ip6.local"; 
        allow-update { none; }; 
}; 

 zone "255.in-addr.arpa" IN { 
        type master; 
        file "named.broadcast"; 
        allow-update { none; }; 
}; 

 zone "0.in-addr.arpa" IN { 
        type master; 
        file "named.zero"; 
        allow-update { none; }; 
}; 
#Add new zone 
zone "oraclema.com" IN {   
        type master;   
        file "node1.oraclema.zero";   
        allow-update { none; };   
};   
   
zone "56.168.192.in-addr.arpa" IN {   
        type master;   
        file "56.168.192.local";   
        allow-update { none; };   
}; 
配置正向和反向解析文件:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
[root@node1:/var/named/chroot/etc]# cd ../var/named/ 
[root@node1:/var/named/chroot/var/named]# cp -p named.local 56.168.192.local 
[root@node1:/var/named/chroot/var/named]# cp -p named.zero node1.oraclema.zero 
[root@node1:/var/named/chroot/var/named]# cat node1.oraclema.zero  
$TTL    86400   
@               IN SOA  node1.oraclema.com.      root.oraclema.com. (   
                                        42              ; serial (d. adams)   
                                        3H              ; refresh   
                                        15M             ; retry   
                                        1W              ; expiry   
                                        1D )            ; minimum   
        IN      NS      node1.oraclema.com.   
racdb-scan                       IN A     192.168.56.110 
racdb-scan                       IN A     192.168.56.111 
racdb-scan                       IN A     192.168.56.112 
racdb-scan.oraclema.com          IN A     192.168.56.110 
racdb-scan.oraclema.com          IN A     192.168.56.111 
racdb-scan.oraclema.com          IN A     192.168.56.112 
node1-vip                        IN A     192.168.56.103 
node2-vip                        IN A     192.168.56.104 
node1-vip.oraclema.com           IN A     192.168.56.103 
node2-vip.oraclema.com           IN A     192.168.56.104 
node1                            IN A     192.168.56.101 
node2                            IN A     192.168.56.102 
node1.oraclema.com               IN A     192.168.56.101 
node2.oraclema.com               IN A     192.168.56.102 
[root@node1:/var/named/chroot/var/named]# cat 56.168.192.local  
$TTL    86400   
@       IN      SOA     node1.oraclema.com. root.oraclema.com.  (   
                                      1997022700 ; Serial   
                                      28800      ; Refresh   
                                      14400      ; Retry   
                                      3600000    ; Expire   
                                      86400 )    ; Minimum   
        IN      NS      node1.oraclema.com.   
1        IN      PTR     node1.oraclema.com. 
101      IN      PTR     node1.oraclema.com. 
102      IN      PTR     node2.oraclema.com. 
101      IN      PTR     node1. 
102      IN      PTR     node2. 
110      IN      PTR     racdb-scan.oraclema.com.   
111      IN      PTR     racdb-scan.oraclema.com. 
112      IN      PTR     racdb-scan.oraclema.com.   
110      IN      PTR     racdb-scan.   
111      IN      PTR     racdb-scan.   
112      IN      PTR     racdb-scan.   
102      IN      PTR     node1-vip.   
103      IN      PTR     node2-vip.   
102      IN      PTR     node1-vip.oraclema.com.    
103      IN      PTR     node2-vip.oraclema.com. 
添加/etc/resolv.conf,重启named服务,并且在当前节点测试:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
[root@node1:/root]# cat /etc/resolv.conf 
search oraclema.com 
nameserver 192.168.56.101 
[root@node1:/root]# /etc/init.d/named restart 
Stopping named: .[ OK ] 
Starting named: [ OK ] 
[root@node1:/root]# nslookup racdb-scan 
Server: 192.168.56.101 
Address: 192.168.56.101#53``` 

 Name: racdb-scan.oraclema.com 
Address: 192.168.56.110 
Name: racdb-scan.oraclema.com 
Address: 192.168.56.111 
Name: racdb-scan.oraclema.com 
Address: 192.168.56.112 

 [root@node1:/root]# nslookup racdb-scan.oraclema.com 
Server: 192.168.56.101 
Address: 192.168.56.101#53 

 Name: racdb-scan.oraclema.com 
Address: 192.168.56.112 
Name: racdb-scan.oraclema.com 
Address: 192.168.56.110 
Name: racdb-scan.oraclema.com 
Address: 192.168.56.111 

 [root@node1:/root]# nslookup 192.168.56.111 
Server: 192.168.56.101 
Address: 192.168.56.101#53 

111.56.168.192.in-addr.arpa name = racdb-scan. 
111.56.168.192.in-addr.arpa name = racdb-scan.oraclema.com.
Another question: 测试环境原来为hosts解析,scan ip只有一个IP,现在增加了两个,但目前集群仍旧只识别出一个IP,需要对CRS做更新,具体如下,请参考MOS: How to update the IP address of the SCAN VIP resources (ora.scan{n}.vip) (文档 ID 952903.1)
1
2
3
4
[root@node1:/root]# cd /u01/app/11gr2/grid/bin/ 
[root@node1:/u01/app/11gr2/grid/bin]# ./srvctl config scan 
SCAN name: racdb-scan, Network: 1/192.168.56.0/255.255.255.0/eth0 
SCAN VIP name: scan1, IP: /racdb-scan/192.168.56.110
确实只有一个IP在被使用,客户端修改TNS,改用其他SCAN IP无法连通。 停止SCAN及SCAN监听:
1
2
[root@node1:/u01/app/11gr2/grid/bin]# ./srvctl stop scan_listener 
[root@node1:/u01/app/11gr2/grid/bin]# ./srvctl stop scan
刷新SCAN的IP地址:
1
[root@node1:/u01/app/11gr2/grid/bin]# ./srvctl modify scan -n racdb-scan
更新SCAN监听:
1
[root@node1:/u01/app/11gr2/grid/bin]# ./srvctl modify scan_listener –u
查看修改结果状态:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[grid@node1:/home/grid]$ srvctl config scan 
SCAN name: racdb-scan, Network: 1/192.168.56.0/255.255.255.0/eth0 
SCAN VIP name: scan1, IP: /racdb-scan/192.168.56.110 
SCAN VIP name: scan2, IP: /racdb-scan/192.168.56.111 
SCAN VIP name: scan3, IP: /racdb-scan/192.168.56.112 
[grid@node1:/home/grid]$ srvctl start scan 
[grid@node1:/home/grid]$ srvctl start scan_listener 
[grid@node1:/home/grid]$ srvctl status scan 
SCAN VIP scan1 is enabled 
SCAN VIP scan1 is running on node node1 
SCAN VIP scan2 is enabled 
SCAN VIP scan2 is running on node node1 
SCAN VIP scan3 is enabled 
SCAN VIP scan3 is running on node node1 
[grid@node1:/home/grid]$ srvctl status scan_listener 
SCAN Listener LISTENER_SCAN1 is enabled 
SCAN listener LISTENER_SCAN1 is running on node node1 
SCAN Listener LISTENER_SCAN2 is enabled 
SCAN listener LISTENER_SCAN2 is running on node node1 
SCAN Listener LISTENER_SCAN3 is enabled 
SCAN listener LISTENER_SCAN3 is running on node node1 
Important:因为转成DNS解析,因此需要将原有/etc/hosts文件中关于SCAN的信息要MARK掉,默认的解析设置中,是先查找/etc/hosts文件,因此,所作的DNS解析三个IP也就相当于失效了,还是只能解析一个IP。一定要先注释掉/etc/hosts中有关SCAN的相关信息。

Permalink: http://www.oraclema.com/oracle/11gr2-scan-dns.html