RAC 攻击 - Oracle 集群数据库在家/SSH 和 CVU

2. 登录到节点 **collabn2**。作为 **oracle** 用户，确保您可以 ping 互连和公共网络上的两个节点。[oracle@collabn2 ~]$ **ping -c 1 collabn1** PING collabn1 (192.168.78.51) 56(84) bytes of data. **64 bytes from collabn1 (192.168.78.51): **icmp_seq=1 ttl=64 time=0.793 ms [oracle@collabn2 ~]$ **ping -c 1 collabn2** PING collabn2 (192.168.78.52) 56(84) bytes of data. **64 bytes from collabn2 (192.168.78.52): **icmp_seq=1 ttl=64 time=0.024 ms [oracle@collabn2 ~]$ **ping -c 1 collabn1-priv** PING collabn1-priv (172.16.100.51) 56(84) bytes of data. **64 bytes from collabn1-priv (172.16.100.51): **icmp_seq=1 ttl=128 time=0.901 ms [oracle@collabn2 ~]$ **ping -c 1 collabn2-priv** PING collabn2-priv (172.16.100.52) 56(84) bytes of data. **64 bytes from collabn2-priv (172.16.100.52): **icmp_seq=1 ttl=64 time=0.058 ms
3. 存储主机的公钥。您可以使用名为 **ssh-keyscan** 的工具来完成此操作。[oracle@collabn2 .ssh]$ **ssh-keyscan -t rsa collabn1 collabn1-priv collabn2 collabn2-priv >> ~/.ssh/known_hosts** # collabn1 SSH-2.0-OpenSSH_4.3 # collabn1-priv SSH-2.0-OpenSSH_4.3 # collabn2 SSH-2.0-OpenSSH_4.3 # collabn2-priv SSH-2.0-OpenSSH_4.3
4. 测试 ssh 等效性。重要的是没有提示，并且您会自动登录。[oracle@collabn2 .ssh]$ **ssh collabn1** Warning: Permanently added the RSA host key for IP address '192.168.78.51' to the list of known hosts. Last login: Tue Apr 15 16:59:36 2008 from collabn2 [oracle@collabn1 ~]$ **exit** logout Connection to collabn1 closed.
5. 切换到节点 **collabn1**。作为 oracle 用户，确认您可以 ping 两个服务器。然后将 **known_hosts** 文件从 collabn2 复制过来。[oracle@collabn1 ~]$ **ping -c 1 collabn1** PING collabn1 (192.168.78.51) 56(84) bytes of data. **64 bytes from collabn1 (192.168.78.51): **icmp_seq=1 ttl=64 time=0.793 ms [oracle@collabn1 ~]$ **ping -c 1 collabn2** PING collabn2 (192.168.78.52) 56(84) bytes of data. **64 bytes from collabn2 (192.168.78.52): **icmp_seq=1 ttl=64 time=0.024 ms [oracle@collabn1 ~]$ **ping -c 1 collabn1-priv** PING collabn1-priv (172.16.100.51) 56(84) bytes of data. **64 bytes from collabn1-priv (172.16.100.51): **icmp_seq=1 ttl=128 time=0.901 ms [oracle@collabn1 ~]$ **ping -c 1 collabn2-priv** PING collabn2-priv (172.16.100.52) 56(84) bytes of data. **64 bytes from collabn2-priv (172.16.100.52): **icmp_seq=1 ttl=64 time=0.058 ms [oracle@collabn1 ~]$ **scp collabn2:.ssh/known_hosts ~/.ssh/known_hosts** The authenticity of host 'collabn2 (192.168.78.52)' can't be established. RSA key fingerprint is 3f:65:e6:77:af:11:84:56:a4:b9:0f:8b:41:b4:2f:8a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'collabn2,192.168.78.52' (RSA) to the list of known hosts. known_hosts 100% 3146 3.1KB/s 00:00
6. 测试 ssh 等效性。[oracle@collabn1 ~]$ **ssh collabn2** Last login: Tue Apr 15 17:02:29 2008 from collabn2 [oracle@collabn2 ~]$ **exit** logout Connection to collabn2 closed.
7. 您还需要能够登录到自己；测试一下。[oracle@collabn1 ~]$ **ssh collabn1** Last login: Tue Apr 15 17:03:39 2008 from collabn2 [oracle@collabn1 ~]$ **exit** logout Connection to collabn1 closed.
8. 运行 **CLUVFY** 以验证您的硬件和操作系统安装！共享磁盘测试将失败；这是正常的。忽略该错误。collabn1:/home/oracle[RAC1]$ **/mnt/cdrom*/grid/runcluvfy.sh stage -post hwos -n collabn1,collabn2** Performing post-checks for hardware and operating system setup Checking node reachability... Node reachability check passed from node "collabn1" Checking user equivalence... User equivalence check passed for user "oracle" Checking node connectivity... Checking hosts config file... Verification of the hosts config file successful Node connectivity passed for subnet "192.168.78.0" with node(s) collabn2,collabn1 TCP connectivity check passed for subnet "192.168.78.0" Node connectivity passed for subnet "172.16.100.0" with node(s) collabn2,collabn1 TCP connectivity check passed for subnet "172.16.100.0" Interfaces found on subnet "192.168.78.0" that are likely candidates for VIP are: collabn2 eth0:192.168.78.52 collabn1 eth0:192.168.78.51 Interfaces found on subnet "172.16.100.0" that are likely candidates for a private interconnect are: collabn2 eth1:172.16.100.52 collabn1 eth1:172.16.100.51 Node connectivity check passed Check for multiple users with UID value 0 passed Post-check for hardware and operating system setup was successful.

接下来在 ASM 轨道上: 设置 ASMLIB

接下来在共享文件系统轨道上: 设置 OCFS2