Tutorial: Create SQL Cluster(FCI) on RHEL

-

 



In the Windows world, SQL Server integrates into Windows Server Failover Cluster (WSFC) natively, and we have a dedicated installation for SQL Server Cluster. However, on Linux, you need to install standalone SQL Server instance in the nodes first, and then configure the instance as a SQL Server cluster instance.



I use SQL Server 2019 with RHEL 8.x in this tutorial, but it is possible to use SQL Server 2017 in RHEL 7.x or RHEL 8 to configure FCI.


Here is the step by step Video

 

Topology

 

 

 

 

 

1.ISCSI target server configuration

 

1. The two highlighted two disks will be the used as Shared Storage.

 

 

sdc is for the database files in /var/opt/mssql/data

sdd is for the user databases files. If all your databases are stored /var/opt/mssql/data, feel free to ignore all the steps link to device sdd.

 

2.Run fdisk to create partition.

fdisk /dev/sdc

fdisk /dev/sdd

 

Run lsblk again

 

 

3.Install targetcli package.

yum -y install targetcli

 

 

4.Run targetcli to create ISCSI target server.

I created two ACLs entries for the node1 and node2:

iqn.2020-08.com.contoso:node1

iqn.2020-08.com.contoso:node2

I’m not going to dig into the targetcli command, please review this article for detail.

 

And I have following iscsi settings:

5.Run following bash command to expose tcp port 3260

firewall-cmd --add-port=3260/tcp --permanent

firewall-cmd --reload

          

 

6. Enable and restart the target service.

systemctl enable target.service

systemctl restart target.service

 

2.ISCSI initiator configuration.

 

Choose one of the servers that will participate in the FCI configuration. It does not matter which one. I use node1 in this tutorial. Please note, All the steps in this section are performed in node1, unless stated otherwise.

 

1.Install iscsi-initiator-utils  in all nodes.

sudo yum install iscsi-initiator-utils -y

 

2.Edit the /etc/iscsi/initiatorname.iscsi , replace the existing value with following keywords, the one I used in step 4 of section[ISCSI target server configuration]

InitiatorName=iqn.2020-08.com.contoso:node1

         

 

3.Discover iSCSI disk of the target.

iscsiadm -m discovery -t st -p <ip of iscsi target server>

Here is the command in this tutorial.

iscsiadm -m discovery -t st -p 10.1.0.8

         

 

 

 

5. (Optional step)After the discovery below database is updated.

ls -l /var/lib/iscsi/nodes

 

6.Make the connection to iscsi target.

iscsiadm --mode node --targetname iqn.2020-08.com.contoso:servers  --login

 

7. (Optional step)After logging in, a session with the iSCSI target is established.

iscsiadm --mode node -P 1

 

8. (Optional step)If you review the messages file, you will see following keywords

sudo grep "Attached SCSI" /var/log/messages

Aug  6 01:38:21 localhost kernel: sd 3:0:1:0: [sdb] Attached SCSI disk

Aug  6 01:38:21 localhost kernel: sd 2:0:0:0: [sda] Attached SCSI disk

Aug  6 04:26:01 localhost kernel: sd 6:0:0:0: [sdc] Attached SCSI disk

Aug  6 04:26:01 localhost kernel: sd 6:0:0:1: [sdd] Attached SCSI disk

 

 

9.Create physical volumes on the iSCSI disks.

sudo pvcreate    /dev/sdc

sudo pvcreate   /dev/sdd

10.Create volume groups  ‘FCIDataVG1’ and ‘FCIDataVG2’ on the iSCSI disk.

sudo vgcreate FCIDataVG1     /dev/sdc

sudo vgcreate FCIDataVG2     /dev/sdd


11. Create logical name for the two groups. Run following commands in node1.

sudo lvcreate -L599G   -n FCIDataLV1 FCIDataVG1

sudo lvcreate -L499G   -n FCIDataLV2 FCIDataVG2 

 

Check the device


 

 

12. Format the logical volume with a supported filesystem.

sudo mkfs.xfs /dev/FCIDataVG1/FCIDataLV1

sudo mkfs.xfs /dev/FCIDataVG2/FCIDataLV2

 

13.Repeat the step1~step6 in rest of the nodes.

Please note,

1)Do not do step6 in rest of node2 before step12 is completed in node1. Else you maybe not able to failover.

2)All the steps but step 2 are exactly same. Here is the value for node2

 

3)After the step6 is executed in rest of the nodes, you will see the same devices as node1.

Here is a screenshot of node2 after step 6 is executed.

 

 

3.SQL Server configuration.

Please note, All the steps in section are performed in node1, unless stated otherwise.

 

 

1.Run following queries to create login used by pacemaker

       CREATE LOGIN [sqlpackmaker] with PASSWORD= N'YourStrongP@ssword1'

ALTER SERVER ROLE [sysadmin] ADD MEMBER [sqlpackmaker]

 

2.Drop the default server name and create a new server name. The new server name is SQL Virutal name.

exec sp_dropserver node1

go

exec sp_addserver 'sqlvirtualname1','local'

 

3. Restart SQL Server to take effect.

sudo systemctl stop mssql-server

sudo systemctl restart  mssql-server

 

4.Run following queries to check change.

select @@servername, SERVERPROPERTY('ComputernamephysicalNetBIOS')

 

5.Stop SQL Server in all nodes(node1,node2 ).

sudo systemctl stop mssql-server

 

6.Copy the /var/opt/mssql/secrets/machine-key of node1 to node2.

 

 

7.Create temporary directories to store the SQL Server data and log files.

mkdir /var/opt/mssql/tempdir

mkdir /var/opt/mssql/tempuserdata

 

8.Copy the SQL Server data and log files to the temporary directories.

cp /var/opt/mssql/data/*               /var/opt/mssql/tempdir/

cp /var/opt/mssql/userdata/*      /var/opt/mssql/tempuserdata/

 

 

 

9.Delete the files from the existing SQL Server data directory in node1.

rm -f /var/opt/mssql/data/*

rm -f /var/opt/mssql/userdata/*

 

10.Mount the iSCSI logical volume in the SQL Server data folder.

mount /dev/<VolumeGroupName>/<LogicalVolumeName>   <FolderName>

 

Here are the commands in this tutorial.

mount /dev/FCIDataVG1/FCIDataLV1 /var/opt/mssql/data

mount /dev/FCIDataVG2/FCIDataLV2 /var/opt/mssql/userdata


 

11.Change the owner of the mount to mssql.

chown mssql:mssql /var/opt/mssql/data

chown mssql:mssql /var/opt/mssql/userdata

 

12.Change ownership of the group of the mount to mssql.

           chgrp mssql /var/opt/mssql/data

           chgrp mssql /var/opt/mssql/userdata

13.Copy the files from temp folders back to /var/opt/mssql/data and /var/opt/mssql/userdata.

cp /var/opt/mssql/tempdir/* /var/opt/mssql/data

cp /var/opt/mssql/tempuserdata/* /var/opt/mssql/userdata

 

14.Check the two temp folders and make sure the files are copied.

 

15. Change ownership of files to mssql.

chown mssql:mssql /var/opt/mssql/data/*

chown mssql:mssql /var/opt/mssql/userdata/*

 

16.Configure auto mount to make the OS mount the devices automatically.

1) makeGet the UUID. Please downdown the UUID ,TYPE and directory

blkid /dev/FCIDataVG1/FCIDataLV1

blkid /dev/FCIDataVG2/FCIDataLV2 

 

2).Edit /etc/fstab to configure auto mount in node1,node2.

Here is a screenshot in node1.

Please review this article for more detail

 

 

4.Cluster configuration.

 

1.Edit /etc/hosts to speicfy the node and ips in node1 and node1. Do the same thing in node1 and node2

2.Create a file to store the SQL Server username and password for the Pacemaker login. Run the following command in node1 and node2 (The same login name and password specified in step 1 of section [SQL Server configuration]

 

sudo touch /var/opt/mssql/secrets/passwd

sudo echo 'sqlpackmaker' >> /var/opt/mssql/secrets/passwd

sudo echo 'YourStrongP@ssword1' >> /var/opt/mssql/secrets/passwd

sudo chown root:root /var/opt/mssql/secrets/passwd

sudo chmod 600 /var/opt/mssql/secrets/passwd

 

 

3.On both cluster nodes, open the Pacemaker firewall ports. To open these ports with firewalld, run the following command in node 1 and node2

sudo firewall-cmd --permanent --add-service=high-availability

sudo firewall-cmd --reload

 

7.Install Pacemaker packages in node 1 and node2

sudo yum install pacemaker pcs fence-agents-all resource-agents

 

8.Set the password for the default user that is created when installing Pacemaker and Corosync packages. Use the same password in node 1 and node2

sudo passwd hacluster

 

9.To allow nodes to rejoin the cluster after the reboot, enable and start pcsd service and Pacemaker. Run the following command in node 1 and node2

sudo systemctl enable pcsd

sudo systemctl start pcsd

sudo systemctl enable pacemaker

 

10.Create the cluster. Run following command in node1. The password should be as same as the one in step 8.

sudo pcs host auth  node1 node2 

sudo pcs cluster setup  sqlcluster  node1 node2

sudo pcs cluster start --all

sudo pcs cluster enable --all

11.Disable the stonith-enabled for test purpose. Run following command in node1.

sudo pcs property set stonith-enabled=false

 

12. Install the FCI resource agent for SQL Server. Run the following commands in node1 and node2

sudo yum install mssql-server-ha

 

13.Create disk resource and this resource belongs to a resource group(RGfci in this demo). Run following command in node1

sudo pcs resource create iSCSIDisk1 Filesystem device="/dev/FCIDataVG1/FCIDataLV1" directory="/var/opt/mssql/data" fstype="xfs" --group fci

sudo pcs resource create iSCSIDisk2 Filesystem device="/dev/FCIDataVG2/FCIDataLV2" directory="/var/opt/mssql/userdata" fstype="xfs" --group fci

 

 

 

14 Create IP resource that will be used by FCI, and this resource belongs to the same resource group created in previous step.

sudo pcs resource create vip2 ocf:heartbeat:IPaddr2 ip=10.1.0.111 nic=eth0  cidr_netmask=24 --group fci

 

15.Create FCI resource. The resource name should be exactly same to the SQL Virtual name created in step 2 in section [SQL Server configuration]

sudo pcs resource create sqlvirtualname1 ocf:mssql:fci   --group fci

 

 

 

 

Failover

===

sudo pcs resource move sqlvirtualname1 <NodeName>

 

Comments

Post a Comment

popular posts

SQL Server Polybase in Failover cluster instance

-
Image
Since SQL Server 2017, you can install Polybase in SQL Server Failover cluster instance. SQL Server Polybase Dms and SQL Server Polybase Engine are created in Failover cluster, mapping to SQL Server Polybase Data Movement and SQL Server Engine respectively.     And following two registers keys are created in all the nodes. Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLPBENGINE$InstanceName Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLPBDMS$SQL19     Here are some cases that cause SQL Server Polybase engine fail to start. 1.TCP/IP Protocol is disabled. 2.Polybase engine service fail to connect SQL Server instance. 3.Polybase engine service account does not have permission to access database [DWConfiguration],[DWDiagnostics] and [DWQueue] 4.T he   SQL Server Polybase engine Roles does not exist in Failover cluster. 1)In this case, you need to manually add the role back to failover cluster...
Read more

Configure multiple-subnet Always On Availability Groups and failover cluster instances by modifying CIB

-
Image
In the Windows world, a Windows Server Failover Cluster (WSFC) natively supports multiple subnets and handles multiple IP addresses via an OR dependency on the IP address. On Linux, there is no OR dependency, but there is a way to achieve a proper multi-subnet natively with Pacemaker, as shown by the following. You cannot do this by simply using the normal Pacemaker command line to modify a resource. You need to modify the cluster information base (CIB). The CIB is an XML file with the Pacemaker configuration. Reference: https://docs.microsoft.com/en-us/sql/linux/sql-server-linux-configure-multiple-subnet?view=sql-server-ver15 Here is an example to create a SQL Server Linux Availability group in 4 nodes in 3 subnets in RHEL 7.6   If you are already familiar with the AG Group setup process, please just jump to step 16. 1.Register your subscription on for all servers (red1,red2,red3 and red4 in this case) subscription-manager register   2.List all available subsc...
Read more

Realcase: Failed to upgrade SQL Server 2016 SP2 CU11. (Installation success or error status: 1648)

-
Image
  One of my customer failed to upgrade SQL Server 2016 SP2 CU11. Here is the troubleshooting steps 1.Check SQL Server setup log(C:\Program Files\Microsoft SQL Server\130\Setup Bootstrap\Log\) Detailed results: Feature: Database Engine Services Status: Failed: see logs for details Reason for failure: An error occurred for a dependency of the feature causing the setup process for the feature to fail. Next Step: Use the following information to resolve the error, and then try the setup process again. Component name: SQL Server Common Files Component error code: 1648 Component log file: C:\Program Files\Microsoft SQL Server\130\Setup Bootstrap\Log\20191217_193009\SQLAG\sql_common_core_Cpu64_1.log Error description: No valid sequence could be found for the set of updates. Error help link: http://go.microsoft.com/fwlink?LinkId=20476...
Read more

How to find SQL Server Replication related jobs and T-SQL statements

-
Image
Verbose log is heavily used   in replication troubleshooting. You need to find the right job to enable to verbose log. However, it's not easy to find the   jobs when you have hundreds replication jobs in one server.     Here is how: 1.Distribution agent Following queries list all the distribution agent jobs, including push subscriptions and pull subscriptions. (You may need add more clause to customize your queries). By default, the SQL Server agent job names equal to the agent names for push subscription, unless you explicitly modify the job names. use distribution---in distributor server if not exists(select 1 from sys.tables where name ='MSreplservers') begin select job.name JobName,a.name AgentName, a.publisher_db,a.publication as publicationName,sp.name as publisherName ,ss.name as subscriber,a.subscriber_db, a.local_job From MSdistribution_agents a inner join sys.servers sp on a.publisher_id=sp.server_id--publisher inner join sys.servers ss...
Read more

SQL Server Extents, PFS, GAM, SGAM and IAM and related corruptions

-
Image
  I’m going to start a series of posts talking about SQL Server allocation pages and corruption. Each post will have samples showing how SQL Server use these pages and scenarios of corruption. The first post will talk about the Extents, PFS, GAM, SGAM and IAM and related corruptions, you can find all concepts from following two pages: Pages and Extents Architecture Guide Under the covers: GAM, SGAM, and PFS pages   As there are many concepts and samples, I’m going to discuss the topics in two or three posts.   1.Extents Extents are the basic unit in which space is managed. An extent is eight physically contiguous pages, or 64 KB. This means SQL Server databases have 16 extents per megabyte. SQL Server has two types of extents: ·          Uniform  extents are owned by a single object; all eight pages in the extent can only be used by the owning object. ·          Mixe...
Read more

Tutorial: Add a node to SQL cluster on RHEL

-
Image
  In t his video , I demonstrated how to create a two nodes SQL Cluster instance.   I’m going to show you how to add another node to existing SQL Cluster.   Topology   1.ISCSI target server configuration   1.Add the new node (node3) to the ACLs list. This is the existing setting.     Here are the commands I used.   2. Enable and restart the target service. systemctl enable target.service systemctl restart target.service   2.ISCSI initiator configuration.   Configure ISCSI initiator in the new node (node3)   1.Install iscsi-initiator-utils   in all nodes. sudo yum install iscsi-initiator-utils -y   2.Edit the /etc/iscsi/initiatorname.iscsi , replace the existing value with following keywords, the one I used in step 4 of section[ISCSI target server configuration] InitiatorName=iqn.2020-08.com.contoso:node3             3.Discov...
Read more

SQL Server GAM corruption samples

-
Image
In previous post , we discussed the PFS, GAM and SGAM pages. Today, I’m going show you two related corruptions on these pages.   SQL Server checks the bit in PFS, GAM, SGAM and IAM are checked when new pages are allocated. It guarantees that it does not store data to a wrong page/extent. These pages are crucial to SQL Server, SQL Server considers it as a corruption if they are messed up. I’m going to use the same database I used in previous article . You may restore the   backup  f ile and give it a try. Please note, restoring database will consume some pages and change the PFS, GAM, SGAM and IAM. You may get a different view from my mine.   Let me show you some of the content of GAM and SGAM before the corruption samples. Here are the GAM and SGAM page result: 1.GAM 2.SGAM 3.We can tell that the extent of page(1:352) and extents greater than that have not been allocated. 4.Let’s take a dive into the GAM page. 5.‘ 00000000 00f0 ’ inter...
Read more

You may fail to backup log or restore log after TDE certification/key rotation

-
Image
  When TDE is enabled, all the records written to transaction log files are encrypted as well. During the TDE certification/key rotation, these log records are not touched. On changing certificate/keys, the current active VLF file, which is encrypted by old key, will be closed. New log records will be encrypted by new key and write to next available VLF or a new created VLF. At this stage, the transaction log file has both log records encrypted by old certificate, and the log records encrypted by new certificate. When you do the log backup, the log records that have been encrypted by old certificate, may be decrypted and then encrypted by new certificate to the backup file, or just be flushed to the backup file without doing any decryption/encryption, depending on how you run the log backup. This behavior may cause two different issues if the old certificate is removed. 1. When you do log backup with ‘COMPRESSION+MAXTRANSFERSIZE’ combination , SQL Server will decrypt records, which...
Read more

Password is required when adding a database to AG group if the database has a master key

-
Image
Moved this post from my old blog.   When you are trying add a database having a ‘master key’ to a AG group, you will see the message in SSMS. You can’t move to next step until you put the correct password of the ‘master key’. This is an requirement of SSMS to help you manage SQL Server database master key password in secondary replicas. Why we have this requirement? When a master key is created, it’s encrypted by both password and service master key. create MASTER KEY ENCRYPTION BY PASSWORD = ‘Password1’; This master key will be open automatically when it’s need for decryption or encryption. In this case, it is not necessary to use the ‘OPEN Master Key’ T-SQL statement. However, when a database is first attached or restored to a  new  instance of SQL Server, a copy of the database master key (encrypted by the service master key) is not yet stored in the server. You must use the  OPEN MASTER KEY  statement to decrypt the database master key (DMK). Once the DMK ha...
Read more