修改SSH端口对Oracle集群的影响
最近连续有客户问我,如果修改SSH,会对oracle RAC有什么影响。这个问题,我也看过资料,对oracle RAC的运行是没有影响的,但是
最近连续有客户问我,如果修改SSH,会对Oracle RAC有什么影响。这个问题,我也看过资料,对oracle RAC的运行是没有影响的,但是“说”是没有力度的。
今天正好相对比较空闲,全程针对SSH进行测试,并将测试过程记录下来,与大家分享一下。
Part I. 测试前状态收集
1. 数据库版本为11.2.0.4的两节点的RAC,分别是node111g 和node211g
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, Real Application Clusters, Automatic Storage Management, OLAP,
Data Mining and Real Application Testing options
2. 集群状态正常
[grid@node111g ~]$ crsctl status res -t
--------------------------------------------------------------------------------
NAME TARGET STATE SERVER STATE_DETAILS
--------------------------------------------------------------------------------
Local Resources
--------------------------------------------------------------------------------
ora.DATA.dg
ONLINE ONLINE node111g
ONLINE ONLINE node211g
ora.DGROUP_01.dg
ONLINE ONLINE node111g
OFFLINE OFFLINE node211g
ora.FRA.dg
ONLINE ONLINE node111g
ONLINE ONLINE node211g
ora.LISTENER.lsnr
ONLINE ONLINE node111g
ONLINE ONLINE node211g
ora.LISTENER_TEST.lsnr
ONLINE ONLINE node111g
ONLINE ONLINE node211g
ora.OCR.dg
ONLINE ONLINE node111g
ONLINE ONLINE node211g
ora.VOTE3D.dg
ONLINE ONLINE node111g
OFFLINE OFFLINE node211g
ora.asm
ONLINE ONLINE node111g Started
ONLINE ONLINE node211g Started
ora.gsd
OFFLINE OFFLINE node111g
OFFLINE OFFLINE node211g
ora.net1.network
ONLINE ONLINE node111g
ONLINE ONLINE node211g
ora.ons
ONLINE ONLINE node111g
ONLINE ONLINE node211g
--------------------------------------------------------------------------------
Cluster Resources
--------------------------------------------------------------------------------
ora.TEST_SCAN1.lsnr
1 ONLINE ONLINE node111g
ora.cvu
1 ONLINE ONLINE node211g
ora.node111g.vip
1 ONLINE ONLINE node111g
ora.node211g.vip
1 ONLINE ONLINE node211g
ora.oc4j
1 ONLINE ONLINE node211g
ora.orcl.db
1 ONLINE ONLINE node111g Open
2 ONLINE ONLINE node211g Open
ora.orcl.romi.svc
1 ONLINE ONLINE node111g
ora.orcl.test.svc
1 ONLINE ONLINE node211g
2 ONLINE ONLINE node111g
ora.scan1.vip
1 ONLINE ONLINE node111g
3. SSH配置文件,默认SSH端口是22,文件有提及,不建议修改默认值,但是!!!我就想改,怎么办呢??
[root@node111g ~]# more /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
......
[root@node111g ~]#
[root@node211g ~]# more /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
Part II 实际修改部分