diff --git a/content/en/docs/Administratorguide/audit-logs.md b/content/en/docs/Administratorguide/audit-logs.md deleted file mode 100644 index 2631d1712b3e52420ff0aa7b9c1e3d77b144fbdd..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/audit-logs.md +++ /dev/null @@ -1,6 +0,0 @@ -# Audit Logs - -After the audit function is enabled, a large number of audit logs will be generated, which occupy large storage space. You can customize an audit log maintenance policy based on the size of available storage space. - -For details, see "Database Security Management \> Configuring Database Audit \> Maintaining Audit Logs" in the _Developer Guide_. - diff --git a/content/en/docs/Administratorguide/backup-and-restoration.md b/content/en/docs/Administratorguide/backup-and-restoration.md index be708caf992a6c76c1f3d14c7cc4780e5eb54b23..e8104ae81a5f6dba8f65c57e5d1922f5240d20cc 100644 --- a/content/en/docs/Administratorguide/backup-and-restoration.md +++ b/content/en/docs/Administratorguide/backup-and-restoration.md @@ -1,9 +1,1452 @@ -# Backup and Restoration - -- **[Overview](overview.md)** - -- **[Physical Backup and Restoration](physical-backup-and-restoration.md)** - -- **[Logical Backup and Restoration](logical-backup-and-restoration.md)** - - +# Backup and Restoration + + + +- [Overview](#overviewa-nameen-us_topic_0242215084a) +- [Physical Backup and Restoration](#physical-backup-and-restorationa-nameen-us_topic_0242218789a) + - [gs\_basebackup](#gs\_basebackupa-nameen-us_topic_0250273516a) +- [Logical Backup and Restoration](#logical-backup-and-restorationa-nameen-us_topic_0242218810a) + - [gs\_dump](#gs\_dumpa-nameen-us_topic_0250273517a) + - [gs\_dumpall](#gs\_dumpalla-nameen-us_topic_0250273518a) + - [gs\_restore](#gs\_restorea-nameen-us_topic_0250273519a) + + + + +## Overview + +For database security purposes, openGauss provides two backup types, multiple backup and restoration solutions, and data reliability assurance mechanisms. + +Backup and restoration can be logically or physically performed. + +- Logical backup and restoration: backs up data by logically exporting data. This method can dump data that is backed up at a certain time point, and restore data only to this backup point. A logical backup does not back up data processed between failure occurrence and the last backup. It applies to scenarios where data rarely changes. Such data damaged due to misoperation can be quickly restored using a logical backup. To restore all the data in a database through logical backup, rebuild a database and import the backup data. Logical backup is not recommended for databases requiring high data availability because it takes a long time for data restoration. Logical backup is a major approach to migrate and transfer data because it can be performed on any platform. +- Physical backup and restoration: copies physical files in the unit of disk blocks from the primary node to the standby node to back up a database. A database can be restored using backup files, such as data files and archive log files. Physical backup is usually used for full backup, quickly backing up and restoring data with low costs if properly planned. + + The two data backup and restoration solutions supported by openGauss are as follows. Methods for restoring data in case of an exception differ for different backup and restoration solutions. + + **Table 1** Comparison between logical and physical backup and restoration + + + + + + + + + + + + + + + + + + +

Backup Type

+

Application Scenario

+

Media

+

Advantage and Disadvantage

+

Logical backup and restoration

+

Small volume of data needs to be processed.

+

Currently, it is used for the backup and restoration of one or more tables.

+
  • Disk
  • SSD
+

Backing up a small amount of data (for specified objects) is efficient and flexible.

+

For a large volume of data, backup requires a long period of time.

+

Physical backup and restoration

+

Huge volume of data needs to be processed. It is mainly used for full backup and restoration as well as the backup and restoration of all WAL archive and run logs in the database.

+

Backing up a huge amount of data is efficient.

+
+ + While backing up and restoring data, take the following aspects into consideration: + + - Whether the impact of data backup on services is acceptable + - Database restoration efficiency + + To minimize the impact of database faults, try to minimize the restoration duration, achieving the highest restoration efficiency. + + - Data restorability + + Minimize data loss after the database is invalidated. + + - Database restoration cost + + There are many factors that need to be considered while you select a backup policy on the live network, such as backup objects, data volume, and network configuration. [Table 2](#en-us_topic_0237088826_en-us_topic_0100209712_table1179095017218) lists available backup policies and applicable scenarios for each backup policy. + + **Table 2** Backup policies and scenarios + + + + + + + + + + + + + + + + + + + +

Backup Policy

+

Key Performance Factor

+

Typical Data Volume

+

Performance Specifications

+

Cluster backup

+
  • Data amount
  • Network configuration
+

Data volume: PB level

+

Object quantity: about 1 million

+

Backup:

+
  • Data transfer rate on each host: 80 Mbit/s (NBU/EISOO+Disk)
  • Disk I/O rate (SSD/HDD): about 90%
+

Table backup

+
  • Schema where the table to be backed up resides
  • Network configuration (NBU)
+

Data volume: 10 TB level

+

Backup: depends on query performance rate and I/O rate

+
NOTE:

For multi-table backup, the backup time is calculated as follows:

+ 
Total time = Number of tables x Starting time + Total data volume/Data backup speed
+

In the preceding information:

+
  • The starting time of a disk is about 5s. The starting time of an NBU is longer than that of a disk (depending on the NBU deployment).
  • The data backup speed is about 50 MB/s on a single node. (The speed is evaluated based on the backup of a 1 GB table from a physical host to a local disk.)
+

The smaller the table is, the lower the backup performance will be.

+
+
+ + +## Physical Backup and Restoration + + +### gs\_basebackup + +#### Background + +After openGauss is deployed, problems and exceptions may occur during database running. **gs\_basebackup**, provided by openGauss, is used to perform basic physical backup. **gs\_basebackup** copies the binary files of the database on the server using a replication protocol. To remotely execute **gs\_basebackup**, you need to use the system administrator account. **gs\_basebackup** supports only hot backup and does not support compressed backup. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>- **gs\_basebackup** supports only full backup. +>- **gs\_basebackup** supports only hot backup and does not support compressed backup. +>- **gs\_basebackup** cannot back up tablespaces containing absolute paths on the same server. This is because the absolute path is unique on the same machine, and brings about conflicts. However, it can back up tablespaces containing absolute paths on different machines. +>- If the functions of incremental checkpoint and dual-write are enabled, **gs\_basebackup** also backs up dual-write files. +>- If the **pg\_xlog** directory is a soft link, no soft link is created during backup. Data is directly backed up to the **pg\_xlog** directory in the destination path. + +#### Prerequisites + +- The openGauss database can be connected. Link replication is enabled in **pg\_hba.conf**, and at least one **max\_wal\_senders** is configured and available. +- During the restoration, backup files exist in the backup directory on all the nodes. If backup files are lost on any node, copy them to it from another node. + +#### Syntax + +- Display help information. + + ``` + gs_basebackup -? | --help + ``` + +- Display version information. + + ``` + gs_basebackup -V | --version + ``` + + +#### Parameter Description + +The **gs\_basebackup** tool can use the following types of parameters: + +- -D directory + + Directory for storing backup files. This parameter is mandatory. + + +- Common parameters + - -c, --checkpoint=fast|spread + + Sets the checkpoint mode to **fast** or **spread** \(default\). + + - -l, --label=LABEL + + Adds tags for the backup. + + - -P, --progress + + Enables the progress report. + + - -v, --verbose + + Enables the verbose mode. + + - -V, --version + + Prints the version and exits. + + - -?, --help + + Displays **gs\_basebackup** command parameters. + + +- Connection parameters + - -h, --host=HOSTNAME + + Specifies the host name of the machine on which the server is running or the directory for the Unix-domain socket. + + - -p, --port=PORT + + Specifies the port number of the database server. + + You can modify the default port number using this parameter. + + - -U, --username=USERNAME + + Specifies the user that connects to the database. + + - -s, --status-interval=INTERVAL + + Specifies the time for sending status packets to the server, in seconds. + + - -w,--no-password + + Never issues a password prompt. + + - -W, --password + + Issues a password prompt when the **-U** parameter is used to connect to a local or remote database. + + + +#### Example + +``` +gs_basebackup -D /home/test/trunk/install/data/backup -h 127.0.0.1 -p 21233 +INFO: The starting position of the xlog copy of the full build is: 0/1B800000. The slot minimum LSN is: 0/1B800000. +``` + +#### Restoring Data from Backup Files + +If a database is faulty, restore it from backup files. **gs\_basebackup** backs up the database in binary mode. Therefore, you can directly copy and replace the original files or start the database on the backup database. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>- If the current database instance is running, a port conflict may occur when you start the database from the backup file. In this case, you need to modify the port parameter in the configuration file or specify a port when starting the database. +>- If the current backup file is a primary/standby database, you may need to modify the replication connections between the master and slave databases. That is, **replconninfo1** and **replconninfo2** in the **postgre.conf** file. + +To restore the original database, perform the following steps: + +1. Stop the database server. For details, see _Administrator Guide_. +2. Copy the original database and all tablespaces to another location for future use. +3. Delete all or part of the files from the original database. +4. Use the database system user rights to restore the required database files from the backup. +5. If a link file exists in the database, modify the link file so that it can be linked to the correct file. +6. Restart the database server and check the database content to ensure that the database is restored to the required status. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>- Incremental restoration from backup files is not supported. +>- After the restoration, check that the link file in the database is linked to the correct file. + +## Logical Backup and Restoration + + +### gs\_dump + +#### Background + +gs\_dump, provided by openGauss, is used to export database information. You can export a database or its objects \(such as schemas, tables, and views\). The database can be the default postgres database or a user-specified database. + +**gs\_dump** is executed by OS user **omm**. + +When **gs\_dump** is used to export data, other users can still access \(read and write\) openGauss databases. + +**gs\_dump** can export complete, consistent data. For example, if **gs\_dump** is started to export database A at T1, data of the database at that time point will be exported, and modifications on the database after that time point will not be exported. + +**gs\_dump** can export database information to a plain-text SQL script file or archive file. + +- Plain-text SQL script: It contains the SQL statements required to restore the database. You can use [**gsql**](en-us_topic_0249632261.md) to execute the SQL script. With only a little modification, the SQL script can rebuild a database on other hosts or database products. +- Archive file: It contains data required to restore the database. It can be a tar-, directory-, or custom-format archive. For details, see [Table 1](#en-us_topic_0249632271_en-us_topic_0237152335_en-us_topic_0058967678_t17db29a12e7342cfbf02b2f6e50ff1a5). The export result must be used with [**gs\_restore**](gs_restore.md#EN-US_TOPIC_0250273519) to restore the database. The system allows users to select or even to sort the content to be imported. + +#### Functions + +**gs\_dump** can create export files in four formats, which are specified by **-F** or **--format=**, as listed in [Table 1](#en-us_topic_0249632271_en-us_topic_0237152335_en-us_topic_0058967678_t17db29a12e7342cfbf02b2f6e50ff1a5). + +**Table 1** Formats of exported files + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Format

+

Value of -F

+

Description

+

Suggestion

+

Corresponding Import Tool

+

Plain-text

+

p

+

A plain-text script file containing SQL statements and commands. The commands can be executed on gsql, a command line terminal, to recreate database objects and load table data.

+

You are advised to use plain-text exported files for small databases.

+

Before using gsql to restore database objects, you can use a text editor to edit the plain-text export file as required.

+

Custom

+

c

+

A binary file that allows the restoration of all or selected database objects from an exported file.

+

You are advised to use custom-format archive files for medium or large database.

+

You can use gs_restore to import database objects from a custom-format archive.

+

Directory

+

d

+

A directory containing directory files and the data files of tables and BLOB objects.

+

-

+

.tar

+

t

+

A tar-format archive that allows the restoration of all or selected database objects from an exported file. It cannot be further compressed and has an 8-GB limitation on the size of a single table.

+

-

+
+ +>![](public_sys-resources/icon-note.gif) **NOTE:** +>To reduce the size of an exported file, you can use **gs\_dump** to compress it to a plain-text file or custom-format file. By default, a plain-text file is not compressed when generated. When a custom-format archive is generated, a medium level of compression is applied by default. Archived exported files cannot be compressed using **gs\_dump**. When a plain-text file is exported in compressed mode, **gsql** fails to import data objects. + +#### Precautions + +Do not modify an exported file or its content. Otherwise, restoration may fail. + +To ensure the data consistency and integrity, **gs\_dump** acquires a share lock on a table to be dumped. If another transaction has acquired a share lock on the table, **gs\_dump** waits until this lock is released and then locks the table for dumping. If the table cannot be locked within the specified time, the dump fails. You can customize the timeout duration to wait for lock release by specifying the **--lock-wait-timeout** parameter. + +#### Syntax + +``` +gs_dump [OPTION]... [DBNAME] +``` + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>_DBNAME_ does not follow a short or long option. It specifies the database to be connected. +>For example: +>Specify _DBNAME_ without a **-d** option preceding it. +>``` +>gs_dump -p port_number postgres -f dump1.sql +>``` +>or +>``` +>export PGDATABASE=postgres +>``` +>``` +> gs_dump -p port_number -f dump1.sql +>``` +>Environment variable: _PGDATABASE_ + +#### Parameter Description + +Common parameters + +- -f, --file=FILENAME + + Sends the output to the specified file or directory. If this parameter is omitted, the standard output is generated. If the output format is **\(-F c/-F d/-F t\)**, the **-f** parameter must be specified. If the value of the **-f** parameter contains a directory, the current user must have the read and write permissions on the directory, and the directory cannot be an existing one. + +- -F, --format=c|d|t|p + + Selects the exported file format. The format can be: + + - **p|plain**: Generates a text SQL script file. This is the default value. + - **c|custom**: Outputs a custom-format archive as a directory to be used as the input of **gs\_restore**. This is the most flexible output format in which users can manually select it and reorder the archived items during restoration. An archive in this format is compressed by default. + - **d|directory**: Creates a directory containing directory files and the data files of tables and BLOBs. + - **t|tar**: Outputs a .tar archive as the input of **gs\_restore**. The .tar format is compatible with the directory format. Extracting a .tar archive generates a valid directory-format archive. However, the .tar archive cannot be further compressed and has an 8-GB limitation on the size of a single table. The order of table data items cannot be changed during restoration. + + A .tar archive can be used as input of **gsql**. + + +- -v, --verbose + + Specifies the verbose mode. If it is specified, **gs\_dump** writes detailed object comments and the number of startups/stops to the dump file, and progress messages to standard error. + +- -V, --version + + Prints the **gs\_dump** version and exits. + +- -Z, --compress=0-9 + + Specifies the used compression level. + + Value range: 0-9 + + - **0** indicates no compression. + - **1** indicates that the compression ratio is the lowest and processing speed the fastest. + - **9** indicates that the compression ratio is the highest and processing speed the slowest. + + For the custom-format archive, this option specifies the compression level of a single table data segment. By default, data is compressed at a medium level. The plain-text and .tar archive formats do not support compression currently. + +- --lock-wait-timeout=TIMEOUT + + Do not keep waiting to obtain shared table locks since the beginning of the dump. Consider it as failed if you are unable to lock a table within the specified time. The timeout period can be specified in any of the formats accepted by **SET statement\_timeout**. + +- -?, --help + + Displays help about **gs\_dump** parameters and exits. + + +Dump parameters: + +- -a, --data-only + + Generates only the data, not the schema \(data definition\). Dump the table data, big objects, and sequence values. + +- -b, --blobs + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- -c, --clean + + Before writing the command of creating database objects into the backup file, writes the command of clearing \(deleting\) database objects to the backup files. \(If no objects exist in the target database, **gs\_restore** probably displays some error information.\) + + This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. + +- -C, --create + + The backup file content starts with the commands of creating the database and connecting to the created database. \(If the command script is executed in this mode, you can specify any database to run the command for creating a database. The data is restored to the created database instead of the specified database.\) + + This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. + +- -E, --encoding=ENCODING + + Creates a dump file in the specified character set encoding. By default, the dump file is created in the database encoding. \(Alternatively, you can set the environment variable **PGCLIENTENCODING** to the required dump encoding.\) + +- -n, --schema=SCHEMA + + Dumps only schemas matching the schema names. This option contains the schema and all its contained objects. If this option is not specified, all non-system schemas in the target database will be dumped. Multiple schemas can be selected by specifying multiple **-n** options. The schema parameter is interpreted as a pattern according to the same rules used by the **\\d** command of **gsql**. Therefore, multiple schemas can also be selected by writing wildcard characters in the pattern. When you use wildcard characters, quote the pattern to prevent the shell from expanding the wildcard characters. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- If **-n** is specified, **gs\_dump** does not dump any other database objects which the selected schemas might depend upon. Therefore, there is no guarantee that the results of a specific-schema dump can be automatically restored to an empty database. + >- If **-n** is specified, the non-schema objects are not dumped. + + Multiple schemas can be dumped. Entering **-n **_schemaname_ multiple times dumps multiple schemas. + + For example: + + ``` + gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -n sch1 -n sch2 + ``` + + In the preceding example, **sch1** and **sch2** are dumped. + +- -N, --exclude-schema=SCHEMA + + Does not dump any schemas matching the schemas pattern. The pattern is interpreted according to the same rules as for **-n**. **-N** can be specified multiple times to exclude schemas matching any of the specified patterns. + + When both **-n** and **-N** are specified, the schemas that match at least one **-n** option but no **-N** is dumped. If **-N** is specified and **-n** is not, the schemas matching **-N** are excluded from what is normally dumped. + + Dump allows you to exclude multiple schemas during dumping. + + Specify **-N exclude schema name** to exclude multiple schemas during dumping. + + For example: + + ``` + gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -N sch1 -N sch2 + ``` + + In the preceding example, **sch1** and **sch2** will be excluded during the dumping. + +- -o, --oids + + Dumps object identifiers \(OIDs\) as parts of the data in each table. Use this option if your application references the OID columns in some way. If the preceding situation does not occur, do not use this parameter. + +- -O, --no-owner + + Do not output commands to set ownership of objects to match the original database. By default, **gs\_dump** issues the **ALTER OWNER** or **SET SESSION AUTHORIZATION** statement to set ownership of created database objects. These statements will fail when the script is running unless it is started by a system administrator \(or the same user that owns all of the objects in the script\). To make a script that can be stored by any user and give the user ownership of all objects, specify **-O**. + + This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. + +- -s, --schema-only + + Dumps only the object definition \(schema\) but not data. + +- -S, --sysadmin=NAME + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- -t, --table=TABLE + + Specifies a list of tables, views, sequences, or foreign tables to be dumped. You can use multiple **-t** parameters or wildcard characters to specify tables. + + When you use wildcard characters, quote patterns to prevent the shell from expanding the wildcard characters. + + The **-n** and **-N** options have no effect when **-t** is used, because tables selected by using **-t** will be dumped regardless of those options. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- The number of **-t** parameters must be less than or equal to 100. + >- If the number of **-t** parameters is greater than 100, you are advised to use the **--include-table-file** parameter to replace some **-t** parameters. + >- If **-t** is specified, **gs\_dump** does not dump any other database objects which the selected tables might depend upon. Therefore, there is no guarantee that the results of a specific-table dump can be automatically restored to an empty database. + >- **-t tablename** only dumps visible tables in the default search path. **-t '\*.tablename'** dumps _tablename_ tables in all the schemas of the dumped database. **-t schema.table** dumps tables in a specific schema. + >- **-t tablename** does not export trigger information from a table. + + For example: + + ``` + gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -t schema1.table1 -t schema2.table2 + ``` + + In the preceding example, **schema1.table1** and **schema2.table2** are dumped. + +- --include-table-file=FILENAME + + Specifies the table file to be dumped. + +- -T, --exclude-table=TABLE + + Specifies a list of tables, views, sequences, or foreign tables not to be dumped. You can use multiple **-T** parameters or wildcard characters to specify tables. + + When **-t** and **-T** are input, the object will be stored in **-t** list not **-T** table object. + + For example: + + ``` + gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -T table1 -T table2 + ``` + + In the preceding example, **table1** and **table2** are excluded from the dumping. + +- --exclude-table-file=FILENAME + + Specifies the table files that do not need to be dumped. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >Same as **--include-table-file**, the content format of this parameter is as follows: + >schema1.table1 + >schema2.table2 + >...... + +- -x, --no-privileges|--no-acl + + Prevents the dumping of access permissions \(grant/revoke commands\). + +- --binary-upgrade + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --binary-upgrade-usermap="USER1=USER2" + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --column-inserts|--attribute-inserts + + Exports data by running the **INSERT** command with explicit column names **\{INSERT INTO table \(column, ...\) VALUES ...\}**. This will cause a slow restoration. However, since this option generates an independent command for each row, an error in reloading a row causes only the loss of the row rather than the entire table content. + +- --disable-dollar-quoting + + Disables the use of dollar sign \($\) for function bodies, and forces them to be quoted using the SQL standard string syntax. + +- --disable-triggers + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --exclude-table-data=TABLE + + Does not dump data that matches any of table patterns. The pattern is interpreted according to the same rules as for **-t**. + + **--exclude-table-data** can be entered more than once to exclude tables matching any of several patterns. When you need the specified table definition rather than data in the table, this option is helpful. + + To exclude data of all tables in the database, see [--schema-only](#en-us_topic_0249632271_en-us_topic_0237152335_en-us_topic_0059777770_l35ed3d5a093e42ab8fc945dd3ca80ecd). + +- --inserts + + Dumps data by the **INSERT** statement \(rather than **COPY**\). This will cause a slow restoration. + + However, since this option generates an independent command for each row, an error in reloading a row causes only the loss of the row rather than the entire table content. The restoration may fail if you rearrange the column order. The **--column-inserts** option is unaffected against column order changes, though even slower. + +- --no-security-labels + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --no-tablespaces + + Does not issue commands to select tablespaces. All the objects will be created during restoration, no matter which tablespace is selected when using this option. + + This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. + +- --no-unlogged-table-data + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --non-lock-table + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --include-alter-table + + Dumps deleted columns of tables. This option records deleted columns. + +- --quote-all-identifiers + + Forcibly quotes all identifiers. This parameter is useful when you dump a database for migration to a later version, in which additional keywords may be introduced. + +- --section=SECTION + + Specifies dumped name sections \(pre-data, data, or post-data\). + +- --serializable-deferrable + + Uses a serializable transaction for the dump to ensure that the used snapshot is consistent with later database status. Perform this operation at a time point in the transaction flow, at which everything is normal. This ensures successful transaction and avoids serialization failures of other transactions, which requires serialization again. + + This option has no benefits for disaster recovery. During the upgrade of the original database, loading a database copy as a report or loading other shared read-only dump is helpful. If the option does not exist, dump reveals a status which is different from the submitted sequence status of any transaction. + + This option will make no difference if there are no active read-write transactions when **gs\_dump** is started. If the read-write transactions are in active status, the dump start time will be delayed for an uncertain period. + +- --use-set-session-authorization + + Specifies that the standard SQL **SET SESSION AUTHORIZATION** command rather than **ALTER OWNER** is returned to ensure the object ownership. This makes dumping more standard. However, if a dump file contains objects that have historical problems, restoration may fail. A dump using **SET SESSION AUTHORIZATION** requires the system administrator permissions, whereas **ALTER OWNER** requires lower permissions. + +- --with-encryption=AES128 + + Specifies that dumping data needs to be encrypted using AES128. + +- --with-key=KEY + + Specifies that the key length of AES128 must be 16 bytes. + +- --include-depend-objs + + Includes information about the objects that depend on the specified object in the backup result. This parameter takes effect only if the **-t** or **--include-table-file** parameter is specified. + +- --exclude-self + + Excludes information about the specified object from the backup result. This parameter takes effect only if the **-t** or **--include-table-file** parameter is specified. + +- --dont-overwrite-file + + The existing files in plain-text, .tar, and custom formats will be overwritten. This option is not used for the directory format. + + For example: + + Assume that the **backup.sql** file exists in the current directory. If you specify **-f backup.sql** in the input command, and the **backup.sql** file is generated in the current directory, the original file will be overwritten. + + If the backup file already exists and **--dont-overwrite-file** is specified, an error will be reported with the message that the dump file exists. + + ``` + gs_dump -p port_number postgres -f backup.sql -F plain --dont-overwrite-file + ``` + + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>- The **-s/--schema-only** and **-a/--data-only** parameters do not coexist. +>- The **-c/--clean** and **-a/--data-only** parameters do not coexist. +>- **--inserts/--column-inserts** and **-o/--oids** do not coexist, because **OIDS** cannot be set using the **INSERT** statement. +>- **--role** must be used in conjunction with **--rolepassword**. +>- **--binary-upgrade-usermap** must be used in conjunction with **--binary-upgrade**. +>- **--include-depend-objs** or **--exclude-self** takes effect only when **-t** or **--include-table-file** is specified. +>- **--exclude-self** must be used in conjunction with **--include-depend-objs**. + +Connection parameters: + +- -h, --host=HOSTNAME + + Specifies the host name. If the value begins with a slash \(/\), it is used as the directory for the UNIX domain socket. The default value is taken from the **PGHOST** environment variable \(if available\). Otherwise, a Unix domain socket connection is attempted. + + This parameter is used only for defining names of the hosts outside openGauss. The names of the hosts inside openGauss must be 127.0.0.1. + + Example: _host name_ + + Environment variable: **PGHOST** + +- -p, --port=PORT + + Specifies the host port number. If the thread pool function is enabled, you are advised to use **pooler port**, that is, the host port number plus 1. + + Environment variable: **PGPORT** + +- -U, --username=NAME + + Specifies the username of the host to be connected. + + If the username of the host to be connected is not specified, the system administrator is used by default. + + Environment variable: **PGUSER** + +- -w, --no-password + + Never issues a password prompt. The connection attempt fails if the host requires password verification and the password is not provided in other ways. This parameter is useful in batch jobs and scripts in which no user password is required. + +- -W, --password=PASSWORD + + Specifies the user password for connection. If the host uses the trust authentication policy, the administrator does not need to enter the **-W** option. If the **-W** option is not provided and you are not a system administrator, the Dump Restore tool will ask you to enter a password. + +- --role=ROLENAME + + Specifies a role name to be used for creating the dump. If this option is selected, the **SET ROLE** command will be issued after the database is connected to **gs\_dump**. It is useful when the authenticated user \(specified by **-U**\) lacks the permissions required by **gs\_dump**. It allows the user to switch to a role with the required permissions. Some installations have a policy against logging in directly as a super administrator. This option allows dumping data without violating the policy. + +- --rolepassword=ROLEPASSWORD + + Specifies the password for a role. + + +#### Notice + +If any local additions need to be added to the template1 database in openGauss, restore the output of **gs\_dump** into an empty database with caution. Otherwise, you are likely to obtain errors due to duplicate definitions of the added objects. To create an empty database without any local additions, copy data from template0 rather than template1. Example: + +``` +CREATE DATABASE foo WITH TEMPLATE template0; +``` + +The .tar file size must be smaller than 8 GB. \(This is the .tar file format limitations.\) The total size of a .tar archive and any of the other output formats are not limited, except possibly by the OS. + +The dump file generated by **gs\_dump** does not contain the statistics used by the optimizer to make execution plans. Therefore, you are advised to run **ANALYZE** after restoring from a dump file to ensure optimal performance. The dump file does not contain any **ALTER DATABASE ... SET** commands. These settings are dumped by **gs\_dumpall**, along with database users and other installation settings. + +#### Examples + +Use **gs\_dump** to dump a database as a SQL text file or a file in other formats. + +In the following examples, **Bigdata@123** indicates the password for the database user. **backup/MPPDB\_backup.sql** indicates an exported file where **backup** indicates the relative path of the current directory. **37300** indicates the port number of the database server. **postgres** indicates the name of the database to be accessed. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>Before exporting files, ensure that the directory exists and you have the read and write permissions on the directory. + +Example 1: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup.sql** file is in plain-text format. + +``` +gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup.sql -p 37300 postgres -F p +gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: The total objects number is 356. +gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: [100.00%] 356 objects have been dumped. +gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: dump database postgres successfully +gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: total time: 1274 ms +``` + +Use **gsql** to import data from the exported plain-text file. + +Example 2: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup.tar** file is in .tar format. + +``` +gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup.tar -p 37300 postgres -F t +gs_dump[port='37300'][postgres][2018-06-27 10:02:24]: The total objects number is 1369. +gs_dump[port='37300'][postgres][2018-06-27 10:02:53]: [100.00%] 1369 objects have been dumped. +gs_dump[port='37300'][postgres][2018-06-27 10:02:53]: dump database postgres successfully +gs_dump[port='37300'][postgres][2018-06-27 10:02:53]: total time: 50086 ms +``` + +Example 3: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup.dmp** file is in custom format. + +``` +gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup.dmp -p 37300 postgres -F c +gs_dump[port='37300'][postgres][2018-06-27 10:05:40]: The total objects number is 1369. +gs_dump[port='37300'][postgres][2018-06-27 10:06:03]: [100.00%] 1369 objects have been dumped. +gs_dump[port='37300'][postgres][2018-06-27 10:06:03]: dump database postgres successfully +gs_dump[port='37300'][postgres][2018-06-27 10:06:03]: total time: 36620 ms +``` + +Example 4: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup** file is in directory format. + +``` +gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup -p 37300 postgres -F d +gs_dump[port='37300'][postgres][2018-06-27 10:16:04]: The total objects number is 1369. +gs_dump[port='37300'][postgres][2018-06-27 10:16:23]: [100.00%] 1369 objects have been dumped. +gs_dump[port='37300'][postgres][2018-06-27 10:16:23]: dump database postgres successfully +gs_dump[port='37300'][postgres][2018-06-27 10:16:23]: total time: 33977 ms +``` + +Example 5: Use **gs\_dump** to export the information of the postgres database, excluding the information of the table specified in the **/home/MPPDB\_temp.sql** file. The exported **MPPDB\_backup.sql** file is in plain-text format. + +``` +gs_dump -U omm -W Bigdata@123 -p 37300 postgres --exclude-table-file=/home/MPPDB_temp.sql -f backup/MPPDB_backup.sql +gs_dump[port='37300'][postgres][2018-06-27 10:37:01]: The total objects number is 1367. +gs_dump[port='37300'][postgres][2018-06-27 10:37:22]: [100.00%] 1367 objects have been dumped. +gs_dump[port='37300'][postgres][2018-06-27 10:37:22]: dump database postgres successfully +gs_dump[port='37300'][postgres][2018-06-27 10:37:22]: total time: 37017 ms +``` + +Example 6: Use **gs\_dump** to export only the information about the views that depend on the **testtable** table. Create another **testtable** table, and then restore the views that depend on it. + +- Back up only the views that depend on the **testtable** table. + + ``` + gs_dump -s -p 37300 postgres -t PUBLIC.testtable --include-depend-objs --exclude-self -f backup/MPPDB_backup.sql -F p + gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: The total objects number is 331. + gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: [100.00%] 331 objects have been dumped. + gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: dump database postgres successfully + gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: total time: 327 ms + ``` + +- Change the name of the **testtable** table. + + ``` + gsql -p 37300 postgres -r -c "ALTER TABLE PUBLIC.testtable RENAME TO testtable_bak;" + ``` + +- Create another **testtable** table. + + ``` + CREATE TABLE PUBLIC.testtable(a int, b int, c int); + ``` + +- Restore the views for the new **testtable** table. + + ``` + gsql -p 37300 postgres -r -f backup/MPPDB_backup.sql + ``` + + +#### Helpful Links + +[gs\_dumpall](gs_dumpall.md#EN-US_TOPIC_0250273518) and [gs\_restore](gs_restore.md#EN-US_TOPIC_0250273519) + +### gs\_dumpall + +#### Background + +**gs\_dumpall**, provided by openGauss, is used to export all openGauss database information, including data of the default database postgres, user-defined databases, and common global objects of all openGauss databases. + +**gs\_dumpall** is executed by OS user **omm**. + +When **gs\_dumpall** is used to export data, other users can still access \(read and write\) openGauss databases. + +**gs\_dumpall** can export complete, consistent data. For example, if **gs\_dumpall** is started to export openGauss database at T1, data of the database at that time point will be exported, and modifications on the database after that time point will not be exported. + +**gs\_dumpall** exports all openGauss databases in two parts: + +- **gs\_dumpall** exports all global objects, including information about database users and groups, tablespaces, and attributes \(for example, global access permissions\). +- **gs\_dumpall** invokes **gs\_dump** to export SQL scripts from each openGauss database, which contain all the SQL statements required to restore databases. + +The exported files are both plain-text SQL scripts. Use [gsql](en-us_topic_0085031848.md) to execute them to restore openGauss databases. + +#### Precautions + +- Do not modify an exported file or its content. Otherwise, restoration may fail. +- To ensure the data consistency and integrity, **gs\_dumpall** acquires a share lock on a table to be dumped. If another transaction has acquired a share lock on the table, **gs\_dumpall** waits until this lock is released and then locks the table for dumping. If the table cannot be locked within the specified time, the dump fails. You can customize the timeout duration to wait for lock release by specifying the **--lock-wait-timeout** parameter. +- During an export, **gs\_dumpall** reads all tables in a database. Therefore, you need to connect to the database as an openGauss administrator to export a complete file. When you use **gsql** to execute SQL scripts, cluster administrator permissions are also required to add users and user groups, and create databases. + +#### Syntax + +``` +gs_dumpall [OPTION]... +``` + +#### Parameter Description + +Common parameters: + +- -f, --filename=FILENAME + + Sends the output to the specified file. If this parameter is omitted, the standard output is generated. + +- -v, --verbose + + Specifies the verbose mode. If it is specified, **gs\_dumpall** writes detailed object comments and number of startups/stops to the dump file, and progress messages to standard error. + +- -V, --version + + Prints the _gs\_dumpall_ version and exits. + +- --lock-wait-timeout=TIMEOUT + + Do not keep waiting to obtain shared table locks at the beginning of the dump. Consider it as failed if you are unable to lock a table within the specified time. The timeout period can be specified in any of the formats accepted by **SET statement\_timeout**. + +- -?, --help + + Displays help about **gs\_dumpall** parameters and exits. + + +Dump parameters: + +- -a, --data-only + + Dumps only the data, not the schema \(data definition\). + +- -c, --clean + + Runs SQL statements to delete databases before rebuilding them. Statements for dumping roles and tablespaces are added. + +- -g, --globals-only + + Dumps only global objects \(roles and tablespaces\) but no databases. + +- -o, --oids + + Dumps object identifiers \(OIDs\) as parts of the data in each table. Use this parameter if your application references the OID columns in some way. If the preceding situation does not occur, do not use this parameter. + +- -O, --no-owner + + Do not output commands to set ownership of objects to match the original database. By default, **gs\_dumpall** issues the **ALTER OWNER** or **SET SESSION AUTHORIZATION** command to set ownership of created schema objects. These statements will fail when the script is running unless it is started by a system administrator \(or the same user that owns all of the objects in the script\). To make a script that can be stored by any user and give the user ownership of all objects, specify **-O**. + +- -r, --roles-only + + Dumps only roles but not databases or tablespaces. + +- -s, --schema-only + + Dumps only the object definition \(schema\) but not data. + +- -S, --sysadmin=NAME + + Name of the system administrator during the dump. + +- -t, --tablespaces-only + + Dumps only tablespaces but not databases or roles. + +- -x, --no-privileges + + Prevents the dumping of access permissions \(grant/revoke commands\). + +- --column-inserts|--attribute-inserts + + Exports data by running the **INSERT** command with explicit column names **\{INSERT INTO table \(column, ...\) VALUES ...\}**. This will cause a slow restoration. However, since this option generates an independent command for each row, an error in reloading a row causes only the loss of the row rather than the entire table content. + +- --disable-dollar-quoting + + Disables the use of dollar sign \($\) for function bodies, and forces them to be quoted using the SQL standard string syntax. + +- --disable-triggers + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --inserts + + Dumps data by the **INSERT** statement \(rather than **COPY**\). This will cause a slow restoration. The restoration may fail if you rearrange the column order. The **--column-inserts** option is unaffected against column order changes, though even slower. + +- --no-security-labels + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --no-tablespaces + + Does not generate output statements to create tablespaces or select tablespaces for objects. All the objects will be created during the restoration process, no matter which tablespace is selected when using this option. + +- --no-unlogged-table-data + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --quote-all-identifiers + + Forcibly quotes all identifiers. This parameter is useful when you dump a database for migration to a later version, in which additional keywords may be introduced. + +- --dont-overwrite-file + + Does not overwrite the current file. + +- --use-set-session-authorization + + Specifies that the standard SQL **SET SESSION AUTHORIZATION** command rather than **ALTER OWNER** is returned to ensure the object ownership. This makes dumping more standard. However, if a dump file contains objects that have historical problems, restoration may fail. A dump using **SET SESSION AUTHORIZATION** requires the system administrator rights, whereas **ALTER OWNER** requires lower permissions. + +- --with-encryption=AES128 + + Specifies that dumping data needs to be encrypted using AES128. + +- --with-key=KEY + + Specifies that the key length of AES128 must be 16 bytes. + +- --include-templatedb + + Includes template databases during the dump. + +- --binary-upgrade + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --binary-upgrade-usermap="USER1=USER2" + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --tablespaces-postfix + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --parallel-jobs + + Specifies the number of concurrent backup processes. The value range is 1-1000. + + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>- The **-g/--globals-only** and **-r/--roles-only** parameters do not coexist. +>- The **-g/--globals-only** and **-t/--tablespaces-only** parameters do not coexist. +>- The **-r/--roles-only** and **-t/--tablespaces-only** parameters do not coexist. +>- The **-s/--schema-only** and **-a/--data-only** parameters do not coexist. +>- The **-r/--roles-only** and **-a/--data-only** parameters do not coexist. +>- The **-t/--tablespaces-only** and **-a/--data-only** parameters do not coexist. +>- The **-g/--globals-only** and **-a/--data-only** parameters do not coexist. +>- **--tablespaces-postfix** must be used in conjunction with **--binary-upgrade**. +>- **--binary-upgrade-usermap** must be used in conjunction with **--binary-upgrade**. +>- **--parallel-jobs** must be used in conjunction with **-f/--file**. + +Connection parameters: + +- -h, --host + + Specifies the host name. If the value begins with a slash \(/\), it is used as the directory for the UNIX domain socket. The default value is taken from the PGHOST environment \(if variable\). Otherwise, a Unix domain socket connection is attempted. + + This parameter is used only for defining names of the hosts outside openGauss. The names of the hosts inside openGauss must be 127.0.0.1. + + Environment Variable: _PGHOST_ + +- -l, --database + + Specifies the name of the database connected to dump all objects and discover other databases to be dumped. If this parameter is not specified, the **postgres** database will be used. If the **postgres** database does not exist, **template1** will be used. + +- -p, --port + + TCP port or the local Unix-domain socket file extension on which the server is listening for connections. The default value is the _PGPORT_ environment variable. + + If the thread pool function is enabled, you are advised to use **pooler port**, that is, the listening port number plus 1. + + Environment variable: _PGPORT_ + +- -U, --username + + Specifies the user name to connect to. + + Environment variable: _PGUSER_ + +- -w, --no-password + + Never issues a password prompt. The connection attempt fails if the host requires password verification and the password is not provided in other ways. This parameter is useful in batch jobs and scripts in which no user password is required. + +- -W, --password + + Specifies the user password for connection. If the host uses the trust authentication policy, the administrator does not need to enter the **-W** option. If the **-W** option is not provided and you are not a system administrator, the Dump Restore tool will ask you to enter a password. + +- --role + + Specifies a role name to be used for creating the dump. This option causes **gs\_dumpall** to issue the **SET ROLE** statement after connecting to the database. It is useful when the authenticated user \(specified by **-U**\) lacks the permissions required by the **gs\_dumpall**. It allows the user to switch to a role with the required permissions. Some installations have a policy against logging in directly as a system administrator. This option allows dumping data without violating the policy. + +- --rolepassword + + Specifies the password of the specific role. + + +#### Notice + +**gs\_dumpall** internally invokes **gs\_dump**. For details about the diagnosis information, see [gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517). + +Once **gs\_dumpall** is restored, run ANALYZE on each database so that the optimizer can provide useful statistics. + +**gs\_dumpall** requires all needed tablespace directories to exit before the restoration. Otherwise, database creation will fail if the databases are in non-default locations. + +#### Examples + +Use **gs\_dumpall** to export all openGauss databases at a time. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>**gs\_dumpall** supports only plain-text format export. Therefore, only **gsql** can be used to restore a file exported using **gs\_dumpall**. + +``` +gs_dumpall -f backup/bkp2.sql -p 37300 +gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:09]: The total objects number is 2371. +gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:35]: [100.00%] 2371 objects have been dumped. +gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:46]: dump database dbname='postgres' successfully +gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:46]: total time: 55567 ms +gs_dumpall[port='37300'][2018-06-27 09:55:46]: dumpall operation successful +gs_dumpall[port='37300'][2018-06-27 09:55:46]: total time: 56088 ms +``` + +#### Helpful Links + +[gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517), [gs\_restore](gs_restore.md#EN-US_TOPIC_0250273519) + +### gs\_restore + +#### Background + +**gs\_restore**, provided by openGauss, is used to import data that was exported using **gs\_dump**. It can also be used to import files exported by **gs\_dump**. + +**gs\_restore** is executed by OS user **omm**. + +It has the following functions: + +- Importing data to the database + + If a database is specified, data is imported to the database. For parallel import, the password for connecting to the database is required. + +- Importing data to the script file + + If the database storing imported data is not specified, a script containing the SQL statement to recreate the database is created and written to a file or standard output. This script output is equivalent to the plain text output format of **gs\_dump**. + + +#### Command Format + +``` +gs_restore [OPTION]... FILE +``` + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>- **FILE** does not have a short or long parameter. It is used to specify the location for the archive files. +>- The **dbname** or **-l** parameter is required as prerequisites. Users cannot enter **dbname** and **-l** parameters at the same time. +>- **gs\_restore** incrementally imports data by default. To prevent data exceptions caused by multiple import operations, you are advised to use the **-c** parameter during the import. Before recreating database objects, delete the database objects that already exist in the database to be restored. +>- There is no option to control log printing. To hide logs, redirect the logs to the log file. If a large amount of table data needs to be restored, the table data will be restored in batches. Therefore, the log indicating that the table data has been imported is generated for multiple times. + +#### Parameter Description + +Common parameters + +- -d, --dbname=NAME + + Connects to the **dbname** database and imports data to the database. + +- -f, --file=FILENAME + + Specifies the output file for the generated script, or uses the output file in the list specified using **-l**. + + The default is the standard output. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >**-f** cannot be used in conjunction with **-d**. + +- -F, --format=c|d|t + + Specifies the format of the archive. The format does not need to be specified because the _gs\_restore_ determines the format automatically. + + Value range: + + - **c/custom**: The archive form is the customized format in [gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517). + - **d/directory**: The archive form is a directory archive format. + - **t/tar**: The archive form is a .tar archive format. + +- -l, --list + + Lists the forms of the archive. The operation output can be used for the input of the **-L** parameter. If filtering parameters, such as **-n** or **-t**, are used together with **-l**, they will restrict the listed items. + +- -v, --verbose + + Specifies the verbose mode. + +- -V, --version + + Prints the **gs\_restore** version and exits. + +- -?, --help + + Displays help information about the parameters of **gs\_restore** and exits. + + +Parameters for importing data + +- -a, -data-only + + Imports only the data, not the schema \(data definition\). **gs\_restore** incrementally imports data. + +- -c, --clean + + Cleans \(deletes\) existing database objects in the database to be restored before recreating them. + +- -C, --create + + Creates the database before importing data to it. \(When this parameter is used, the database specified by **-d** is used to issue the initial **CREATE DATABASE** command. All data is imported to the created database.\) + +- -e, --exit-on-error + + Exits if an error occurs when you send the SQL statement to the database. If you do not exit, the commands will still be sent and error information will be displayed when the import ends. + +- -I, --index=NAME + + Imports only the definition of the specified index. Multiple indexes can be imported. Enter **-I**_ index_ multiple times to import multiple indexes. + + For example: + + ``` + gs_restore -h host_name -p port_number -d postgres -I Index1 -I Index2 backup/MPPDB_backup.tar + ``` + + In this example, _Index1_ and _Index2_ will be imported. + +- -j, --jobs=NUM + + Specifies the number of concurrent, the most time-consuming jobs of **gs\_restore** \(such as loading data, creating indexes, or creating constraints\). This parameter can greatly reduce the time to import a large database to a server running on a multiprocessor machine. + + Each job is one process or one thread, depending on the OS; and uses a separate connection to the server. + + The optimal value for this option depends on the server hardware setting, the client, the network, the number of CPU cores, and disk settings. It is recommended that the parameter be set to the number of CPU cores on the server. In addition, a larger value can also lead to faster import in many cases. However, an overly large value will lead to decreased performance because of thrashing. + + This parameter supports custom-format archives only. The input file must be a regular file \(not the pipe file\). This parameter can be ignored when you select the script method rather than connect to a database server. In addition, multiple jobs cannot be used in conjunction with the **--single-transaction** parameter. + +- -L, --use-list=FILENAME + + Imports only archive elements that are listed in **list-file** and imports them in the order that they appear in the file. If filtering parameters, such as **-n** or **-t**, are used in conjunction with **-L**, they will further limit the items to be imported. + + **list-file** is normally created by editing the output of a previous **-l** parameter. File lines can be moved or removed, and can also be commented out by placing a semicolon \(;\) at the beginning of the row. An example is provided in this document. + +- -n, --schema=NAME + + Restores only objects that are listed in schemas. + + This parameter can be used in conjunction with the **-t** parameter to import a specific table. + + Entering **-n **_schemaname_ multiple times can import multiple schemas. + + For example: + + ``` + gs_restore -h host_name -p port_number -d postgres -n sch1 -n sch2 backup/MPPDB_backup.tar + ``` + + In this example, **sch1** and **sch2** will be imported. + +- -O, --no-owner + + Do not output commands to set ownership of objects to match the original database. By default, **gs\_restore** issues the **ALTER OWNER** or **SET SESSION AUTHORIZATION** statement to set ownership of created schema elements. Unless the system administrator or the user who has all the objects in the script initially accesses the database. Otherwise, the statement will fail. Any user name can be used for the initial connection using **-O**, and this user will own all the created objects. + +- -P, --function=NAME\(args\) + + Imports only listed functions. You need to correctly spell the function name and the parameter based on the contents of the dump file in which the function exists. + + Entering **-P** alone means importing all function-name\(args\) functions in a file. Entering **-P** with **-n** means importing the function-name\(args\) functions in a specified schema. Entering **-P** multiple times and using **-n** once means that all imported functions are in the **-n** schema by default. + + You can enter **-n schema-name -P 'function-name\(args\)'** multiple times to import functions in specified schemas. + + For example: + + ``` + gs_restore -h host_name -p port_number -d postgres -n test1 -P 'Func1(integer)' -n test2 -P 'Func2(integer)' backup/MPPDB_backup.tar + ``` + + In this example, both **Func1 \(i integer\)** in the **test1** schema and **Func2 \(j integer\)** in the **test2** schema will be imported. + +- -s, --schema-only + + Imports only schemas \(data definitions\), instead of data \(table content\). The current sequence value will not be imported. + +- -S, --sysadmin=NAME + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- -t, --table=NAME + + Imports only listed table definitions or data, or both. This parameter can be used in conjunction with the **-n** parameter to specify a table object in a schema. When **-n** is not entered, the default schema is PUBLIC. Entering **-n **_schemaname_** -t **_tablename_ multiple times can import multiple tables in a specified schema. + + For example: + + Import **table1** in the **PUBLIC** schema. + + ``` + gs_restore -h host_name -p port_number -d postgres -t table1 backup/MPPDB_backup.tar + ``` + + Import **test1** in the **test1** schema and **test2** in the **test2** schema. + + ``` + gs_restore -h host_name -p port_number -d postgres -n test1 -t test1 -n test2 -t test2 backup/MPPDB_backup.tar + ``` + + Import **table1** in the **PUBLIC** schema and **test1** in the **test1** schema. + + ``` + gs_restore -h host_name -p port_number -d postgres -n PUBLIC -t table1 -n test1 -t table1 backup/MPPDB_backup.tar + ``` + + >![](public_sys-resources/icon-notice.gif) **NOTICE:** + >**-t** does not support the **schema\_name.table\_name** input format. + +- -T, --trigger=NAME + + This parameter is reserved for extension. + +- -x, --no-privileges/--no-acl + + Prevents the import of access permissions \(**GRANT**/**REVOKE** commands\). + +- -1, --single-transaction + + Executes import as a single transaction \(that is, commands are wrapped in **BEGIN**/**COMMIT**\). + + This parameter ensures that either all the commands are completed successfully or no application is changed. This parameter means **--exit-on-error**. + +- --disable-triggers + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --no-data-for-failed-tables + + By default, table data will be imported even if the statement to create a table fails \(for example, the table already exists\). Data in such table is skipped using this parameter. This operation is useful if the target database already contains the desired table contents. + + This parameter takes effect only when you import data directly into a database, not when you output SQL scripts. + +- --no-security-labels + + Specifies a reserved port for function expansion. This parameter is not recommended. + +- --no-tablespaces + + Tablespaces excluding specified ones All objects will be created during the import process no matter which tablespace is selected when using this option. + +- --section=SECTION + + Imports the listed sections \(such as pre-data, data, or post-data\). + +- --use-set-session-authorization + + Is used for plain-text backup. + + Outputs the **SET SESSION AUTHORIZATION** statement instead of the **ALTER OWNER** statement to determine object ownership. This parameter makes dump more standards-compatible. If the records of objects in exported files are referenced, import may fail. Only administrators can use the **SET SESSION AUTHORIZATION** statement to dump data, and the administrators must manually change and verify the passwords of exported files by referencing the **SET SESSION AUTHORIZATION** statement before import. The **ALTER OWNER** statement requires lower permissions. + +- --with-key=KEY + + Specifies that the key length of AES128 must be 16 bytes. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >If the dump is encrypted, enter the **--with-key=KEY** parameter in the **gs\_restore** command. If it is not entered, you will receive an error message. + >Enter the same key while entering the dump. + >When the dump format is **c** or **t**, the dumped content has been processed, and therefore the input is not restricted by the encryption. + + +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>- If any local additions need to be added to the template1 database during the installation, restore the output of **gs\_restore** into an empty database with caution. Otherwise, you are likely to obtain errors due to duplicate definitions of the added objects. To create an empty database without any local additions, copy data from template0 rather than template1. Example: +>``` +>CREATE DATABASE foo WITH TEMPLATE template0; +>``` +>- **gs\_restore** cannot import large objects selectively. For example, it can only import the objects of a specified table. If an archive contains large objects, all large objects will be imported, or none of them will be restored if they are excluded by using **-L**, **-t**, or other parameters. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>1. The **-d/--dbname** and **-f/--file** parameters do not coexist. +>2. The **-s/--schema-only** and **-a/--data-only** parameters do not coexist. +>3. The **-c/--clean** and **-a/--data-only** parameters do not coexist. +>4. When **--single-transaction** is used, **-j/--jobs** must be a single job. +>5. **--role** must be used in conjunction with **--rolepassword**. + +Connection parameters: + +- -h, --host=HOSTNAME + + Specifies the host name. If the value begins with a slash \(/\), it is used as the directory for the UNIX domain socket. The default value is taken from the _PGHOST_ environment variable. If it is not set, a UNIX domain socket connection is attempted. + + This parameter is used only for defining names of the hosts outside openGauss. The names of the hosts inside openGauss must be 127.0.0.1. + +- -p, --port=PORT + + TCP port or the local Unix-domain socket file extension on which the server is listening for connections. The default value is the _PGPORT_ environment variable. + + If the thread pool function is enabled, you are advised to use **pooler port**, that is, the listening port number plus 1. + +- -U, --username=NAME + + Specifies the user name to connect to. + +- -w, --no-password + + Never issues a password prompt. The connection attempt fails if the host requires password verification and the password is not provided in other ways. This parameter is useful in batch jobs and scripts in which no user password is required. + +- -W, --password=PASSWORD + + User password for database connection. If the host uses the trust authentication policy, the administrator does not need to enter the **-W** parameter. If the **-W** parameter is not provided and you are not a system administrator, **gs\_restore** will ask you to enter a password. + +- --role=ROLENAME + + Specifies a role name for the import operation. If this parameter is selected, the **SET ROLE** statement will be issued after **gs\_restore** connects to the database. It is useful when the authenticated user \(specified by **-U**\) lacks the permissions required by **gs\_restore**. This parameter allows the user to switch to a role with the required permissions. Some installations have a policy against logging in directly as the initial user. This parameter allows data to be imported without violating the policy. + +- --rolepassword=ROLEPASSWORD + + Role password. + + +#### Example + +Special case: Execute the **gsql** tool. Run the following commands to import the **MPPDB\_backup.sql** file in the export folder \(in plain-text format\) generated by **gs\_dump**/**gs\_dumpall** to the **postgres** database: + +``` +gsql -d postgres -p 5432 -W Bigdata@123 -f /home/omm/test/MPPDB_backup.sql +SET +SET +SET +SET +SET +ALTER TABLE +ALTER TABLE +ALTER TABLE +ALTER TABLE +ALTER TABLE +CREATE INDEX +CREATE INDEX +CREATE INDEX +SET +CREATE INDEX +REVOKE +REVOKE +GRANT +GRANT +total time: 30476 ms +``` + +**gs\_restore** is used to import the files exported by **gs\_dump**. + +Example 1: Execute the **gs\_restore** tool to import the exported **MPPDB\_backup.dmp** file \(custom format\) to the **postgres** database. + +``` +gs_restore -W Bigdata@123 backup/MPPDB_backup.dmp -p 5432 -d postgres +gs_restore: restore operation successful +gs_restore: total time: 13053 ms +``` + +Example 2: Execute the **gs\_restore** tool to import the exported **MPPDB\_backup.tar** file \(.tar format\) to the **postgres** database. + +``` +gs_restore backup/MPPDB_backup.tar -p 5432 -d postgres +gs_restore[2017-07-21 19:16:26]: restore operation successful +gs_restore[2017-07-21 19:16:26]: total time: 21203 ms +``` + +Example 3: Execute the **gs\_restore** tool to import the exported **MPPDB\_backup** file \(directory format\) to the **postgres** database. + +``` +gs_restore backup/MPPDB_backup -p 5432 -d postgres +gs_restore[2017-07-21 19:16:26]: restore operation successful +gs_restore[2017-07-21 19:16:26]: total time: 21003 ms +``` + +Example 4: Execute the **gs\_restore** tool and run the following commands to import the **MPPDB\_backup.dmp** file \(in custom format\). Specifically, import all the object definitions and data in the **PUBLIC** schema. Existing objects are deleted from the target database before the import. If an existing object references to an object in another schema, you need to manually delete the referenced object first. + +``` +gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -c -n PUBLIC +gs_restore: [archiver (db)] Error while PROCESSING TOC: +gs_restore: [archiver (db)] Error from TOC entry 313; 1259 337399 TABLE table1 gaussdba +gs_restore: [archiver (db)] could not execute query: ERROR: cannot drop table table1 because other objects depend on it +DETAIL: view t1.v1 depends on table table1 +HINT: Use DROP ... CASCADE to drop the dependent objects too. + Command was: DROP TABLE public.table1; +``` + +Manually delete the referenced object and create it again after the import is complete. + +``` +gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -c -n PUBLIC +gs_restore[2017-07-21 19:16:26]: restore operation successful +gs_restore[2017-07-21 19:16:26]: total time: 2203 ms +``` + +Example 5: Execute the **gs\_restore** tool and run the following commands to import the **MPPDB\_backup.dmp** file \(in custom format\). Specifically, import only the definition of **table1** in the **PUBLIC** schema. + +``` +gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -c -s -n PUBLIC -t table1 +gs_restore[2017-07-21 19:16:26]: restore operation successful +gs_restore[2017-07-21 19:16:26]: total time: 21000 ms +``` + +Example 6: Execute the **gs\_restore** tool and run the following commands to import the **MPPDB\_backup.dmp** file \(in custom format\). Specifically, import only the data of **table1** in the **PUBLIC** schema. + +``` +gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -a -n PUBLIC -t table1 +gs_restore[2017-07-21 19:16:26]: restore operation successful +gs_restore[2017-07-21 19:16:26]: total time: 20203 ms +``` + +#### Helpful Links + +[gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517) and [gs\_dumpall](gs_dumpall.md#EN-US_TOPIC_0250273518) + + \ No newline at end of file diff --git a/content/en/docs/Administratorguide/check-method-0.md b/content/en/docs/Administratorguide/check-method-0.md deleted file mode 100644 index 09d7f31a8a25fbf69510a8734ff72862d9776d92..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/check-method-0.md +++ /dev/null @@ -1,350 +0,0 @@ -# Check Method - -Use the **gs\_check** tool provided by openGauss to check the openGauss health status. - -## Precautions - -- Only user **root** is authorized to check new nodes added during cluster scale-out. In other cases, the check can be performed only by user **omm**. -- Parameter **-i** or **-e** must be set. **-i** specifies a single item to be checked, and **-e** specifies an inspection scenario where multiple items will be checked. -- If **-i** is not set to a **root** item or no such items are contained in the check item list of the scenario specified by **-e**, you do not need to enter the name or password of user **root**. -- You can run **--skip-root-items** to skip **root** items. -- Check the consistency between the new node and existing nodes. Run the **gs\_check** command on an existing node and specify the **--hosts** parameter. The IP address of the new node needs to be written into the **hosts** file. - -## Procedure - -Method 1: - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to check the openGauss database status: - - ``` - gs_check -i CheckClusterState - ``` - - In the command, **-i** indicates the check item and is case-sensitive. The format is **-i CheckClusterState**, **-i CheckCPU** or **-i CheckClusterState,CheckCPU**. - - Checkable items are listed in "Server Tools \> gs\_check \> openGauss status checks" in the _openGauss Tool Reference_. You can create a check item as needed. - - -Method 2: - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to check the openGauss database health status: - - ``` - gs_check -e inspect - ``` - - In the command, **-e** indicates the inspection scenario and is case-sensitive. The format is **-e inspect** or **-e upgrade**. - - The inspection scenarios include **inspect** \(routine inspection\), **upgrade** \(inspection before upgrade\), **expand** \(inspection before cluster scale-out\), **binary\_upgrade** \(inspection before in-place upgrade\), and **health** \(health inspection\). You can create an inspection scenario as needed. - - -Method 3: - -1. Log in as the OS user **omm** to the primary node of the database. -2. Copy the inspection tool **gs\_check** and the **inspection** directory to all new hosts. -3. Write the IP addresses of the new hosts into the **ipListFile** file and separate the IP addresses with line feeds. -4. Run the following command to check the new nodes before cluster scale-out: - - ``` - gs_check -e expand_new_node --hosts ipListFile - ``` - - **-e** must be set to **expand\_new\_node**, indicating inspection before cluster scale-out. - - -The openGauss inspection is performed to check openGauss status during openGauss running or to check the environment and conditions before critical operations, such as upgrade or scale-out. For details about the inspection items and scenarios, see "Server Tools \> gs\_check \> openGauss status checks" in the _openGauss Tool Reference_. - -## Examples - -Check result of a single item: - -``` -perfadm@lfgp000700749:/opt/huawei/perfadm/tool/script> gs_check -i CheckCPU -Parsing the check items config file successfully -Distribute the context file to remote hosts successfully -Start to health check for the cluster. Total Items:1 Nodes:3 - -Checking... [=========================] 1/1 -Start to analysis the check result -CheckCPU....................................OK -The item run on 3 nodes. success: 3 - -Analysis the check result successfully -Success. All check items run completed. Total:1 Success:1 Failed:0 -For more information please refer to /opt/huawei/wisequery/script/gspylib/inspection/output/CheckReport_201902193704661604.tar.gz -``` - -Local execution result: - -``` -perfadm@lfgp000700749:/opt/huawei/perfadm/tool/script> gs_check -i CheckCPU -L - -2017-12-29 17:09:29 [NAM] CheckCPU -2017-12-29 17:09:29 [STD] Check the CPU usage of the host. If the value of idle is greater than 30% and the value of iowait is less than 30%, this item passes the check. Otherwise, this item fails the check. -2017-12-29 17:09:29 [RST] OK - -2017-12-29 17:09:29 [RAW] -Linux 4.4.21-69-default (lfgp000700749) 12/29/17 _x86_64_ - -17:09:24 CPU %user %nice %system %iowait %steal %idle -17:09:25 all 0.25 0.00 0.25 0.00 0.00 99.50 -17:09:26 all 0.25 0.00 0.13 0.00 0.00 99.62 -17:09:27 all 0.25 0.00 0.25 0.13 0.00 99.37 -17:09:28 all 0.38 0.00 0.25 0.00 0.13 99.25 -17:09:29 all 1.00 0.00 0.88 0.00 0.00 98.12 -Average: all 0.43 0.00 0.35 0.03 0.03 99.17 -``` - -Check result of a scenario: - -``` -[perfadm@SIA1000131072 Check]$ gs_check -e inspect -Parsing the check items config file successfully -The below items require root privileges to execute:[CheckBlockdev CheckIOrequestqueue CheckIOConfigure CheckCheckMultiQueue CheckFirewall CheckSshdService CheckSshdConfig CheckCrondService CheckNoCheckSum CheckSctpSeProcMemory CheckBootItems CheckFilehandle CheckNICModel CheckDropCache] -Please enter root privileges user[root]:root -Please enter password for user[root]: -Please enter password for user[root] on the node[10.244.57.240]: -Check root password connection successfully -Distribute the context file to remote hosts successfully -Start to health check for the cluster. Total Items:59 Nodes:2 - -Checking... [ ] 21/59 -Checking... [=========================] 59/59 -Start to analysis the check result -CheckClusterState...........................OK -The item run on 2 nodes. success: 2 - -CheckDBParams...............................OK -The item run on 1 nodes. success: 1 - -CheckDebugSwitch............................OK -The item run on 2 nodes. success: 2 - -CheckDirPermissions.........................OK -The item run on 2 nodes. success: 2 - -CheckReadonlyMode...........................OK -The item run on 1 nodes. success: 1 - -CheckEnvProfile.............................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -GAUSSHOME /usr1/gaussdb/app -LD_LIBRARY_PATH /usr1/gaussdb/app/lib -PATH /usr1/gaussdb/app/bin - - -CheckBlockdev...............................OK -The item run on 2 nodes. success: 2 - -CheckCurConnCount...........................OK -The item run on 1 nodes. success: 1 - -CheckCursorNum..............................OK -The item run on 1 nodes. success: 1 - -CheckPgxcgroup..............................OK -The item run on 1 nodes. success: 1 - -CheckDiskFormat.............................OK -The item run on 2 nodes. success: 2 - -CheckSpaceUsage.............................OK -The item run on 2 nodes. success: 2 - -CheckInodeUsage.............................OK -The item run on 2 nodes. success: 2 - -CheckSwapMemory.............................OK -The item run on 2 nodes. success: 2 - -CheckLogicalBlock...........................OK -The item run on 2 nodes. success: 2 - -CheckIOrequestqueue.....................WARNING -The item run on 2 nodes. warning: 2 -The warning[host240,host157] value: -On device (vdb) 'IO Request' RealValue '256' ExpectedValue '32768' -On device (vda) 'IO Request' RealValue '256' ExpectedValue '32768' - -CheckMaxAsyIOrequests.......................OK -The item run on 2 nodes. success: 2 - -CheckIOConfigure............................OK -The item run on 2 nodes. success: 2 - -CheckMTU....................................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -1500 - -CheckPing...................................OK -The item run on 2 nodes. success: 2 - -CheckRXTX...................................NG -The item run on 2 nodes. ng: 2 -The ng[host240,host157] value: -NetWork[eth0] -RX: 256 -TX: 256 - - -CheckNetWorkDrop............................OK -The item run on 2 nodes. success: 2 - -CheckMultiQueue.............................OK -The item run on 2 nodes. success: 2 - -CheckEncoding...............................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -LANG=en_US.UTF-8 - -CheckFirewall...............................OK -The item run on 2 nodes. success: 2 - -CheckKernelVer..............................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -3.10.0-957.el7.x86_64 - -CheckMaxHandle..............................OK -The item run on 2 nodes. success: 2 - -CheckNTPD...................................OK -host240: NTPD service is running, 2020-06-02 17:00:28 -host157: NTPD service is running, 2020-06-02 17:00:06 - - -CheckOSVer..................................OK -host240: The current OS is centos 7.6 64bit. -host157: The current OS is centos 7.6 64bit. - - -CheckSysParams..........................WARNING -The item run on 2 nodes. warning: 2 -The warning[host240,host157] value: -Warning reason: variable 'net.ipv4.tcp_retries1' RealValue '3' ExpectedValue '5'. -Warning reason: variable 'net.ipv4.tcp_syn_retries' RealValue '6' ExpectedValue '5'. -Warning reason: variable 'net.sctp.path_max_retrans' RealValue '5' ExpectedValue '10'. -Warning reason: variable 'net.sctp.max_init_retransmits' RealValue '8' ExpectedValue '10'. - - -CheckTHP....................................OK -The item run on 2 nodes. success: 2 - -CheckTimeZone...............................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -+0800 - -CheckCPU....................................OK -The item run on 2 nodes. success: 2 - -CheckSshdService............................OK -The item run on 2 nodes. success: 2 - -CheckSshdConfig.........................WARNING -The item run on 2 nodes. warning: 2 -The warning[host240,host157] value: - -Warning reason: UseDNS parameter is not set; expected: no - -CheckCrondService...........................OK -The item run on 2 nodes. success: 2 - -CheckStack..................................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -8192 - -CheckNoCheckSum.............................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -Nochecksum value is N,Check items pass. - -CheckSysPortRange...........................OK -The item run on 2 nodes. success: 2 - -CheckMemInfo................................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -totalMem: 31.260929107666016G - -CheckHyperThread............................OK -The item run on 2 nodes. success: 2 - -CheckTableSpace.............................OK -The item run on 1 nodes. success: 1 - -CheckSctpService............................OK -The item run on 2 nodes. success: 2 - -CheckSysadminUser...........................OK -The item run on 1 nodes. success: 1 - -CheckGUCConsistent..........................OK -All DN instance guc value is consistent. - -CheckMaxProcMemory..........................OK -The item run on 1 nodes. success: 1 - -CheckBootItems..............................OK -The item run on 2 nodes. success: 2 - -CheckHashIndex..............................OK -The item run on 1 nodes. success: 1 - -CheckPgxcRedistb............................OK -The item run on 1 nodes. success: 1 - -CheckNodeGroupName..........................OK -The item run on 1 nodes. success: 1 - -CheckTDDate.................................OK -The item run on 1 nodes. success: 1 - -CheckDilateSysTab...........................OK -The item run on 1 nodes. success: 1 - -CheckKeyProAdj..............................OK -The item run on 2 nodes. success: 2 - -CheckProStartTime.......................WARNING -host157: -STARTED COMMAND -Tue Jun 2 16:57:18 2020 /usr1/dmuser/dmserver/metricdb1/server/bin/gaussdb --single_node -D /usr1/dmuser/dmb1/data -p 22204 -Mon Jun 1 16:15:15 2020 /usr1/gaussdb/app/bin/gaussdb -D /usr1/gaussdb/data/dn1 -M standby - - -CheckFilehandle.............................OK -The item run on 2 nodes. success: 2 - -CheckRouting................................OK -The item run on 2 nodes. success: 2 - -CheckNICModel...............................OK -The item run on 2 nodes. success: 2 (consistent) -The success on all nodes value: -version: 1.0.0 -model: Red Hat, Inc. Virtio network device - - -CheckDropCache..........................WARNING -The item run on 2 nodes. warning: 2 -The warning[host240,host157] value: -No DropCache process is running - -CheckMpprcFile..............................NG -The item run on 2 nodes. ng: 2 -The ng[host240,host157] value: -There is no mpprc file - -Analysis the check result successfully -Failed. All check items run completed. Total:59 Success:52 Warning:5 NG:2 -For more information please refer to /usr1/gaussdb/tool/script/gspylib/inspection/output/CheckReport_inspect611.tar.gz - -``` - diff --git a/content/en/docs/Administratorguide/check-method-2.md b/content/en/docs/Administratorguide/check-method-2.md deleted file mode 100644 index 91c4f5576886cfe7d5910dee77a6a09db1b78b7a..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/check-method-2.md +++ /dev/null @@ -1,40 +0,0 @@ -# Check Method - -Use the **gs\_checkperf** tool provided by openGauss to check hardware performance. - -## Prerequisites - -- openGauss is running properly. -- Services are running properly on the database. - -## Procedure - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to check the openGauss database performance: - - ``` - gs_checkperf - ``` - - -For details about performance statistical items, see "Server Tools \> gs\_checkperf \> Performance Check Items" in the _openGauss Tool Reference_. - -## Examples - -Simple performance statistical result is displayed on the screen as follows: - -``` -gs_checkperf -i pmk -U omm -Cluster statistics information: - Host CPU busy time ratio : 1.43 % - MPPDB CPU time % in busy time : 1.88 % - Shared Buffer Hit ratio : 99.96 % - In-memory sort ratio : 100.00 % - Physical Reads : 4 - Physical Writes : 25 - DB size : 70 MB - Total Physical writes : 25 - Active SQL count : 2 - Session count : 3 -``` - diff --git a/content/en/docs/Administratorguide/check-method.md b/content/en/docs/Administratorguide/check-method.md deleted file mode 100644 index 8af1051f9843214bd9e2ba427553b8f366e6bdc0..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/check-method.md +++ /dev/null @@ -1,60 +0,0 @@ -# Check Method - -Use the **gs\_checkos** tool provided by openGauss to check the OS status. - -## Prerequisites - -- The hardware and network are working properly. -- The trust relationship of user **root** among the hosts is normal. -- Only user **root** is authorized to run the **gs\_checkos** command. - -## Procedure - -1. Log in to a server as user **root**. -2. Run the following command to check OS parameters of servers where the openGauss nodes are deployed: - - ``` - gs_checkos -i A - ``` - - Check the OS parameters to ensure that openGauss has passed the pre-installation check and can efficiently operate after it is installed. For details about the check items, see "Server Tools \> gs\_checkos" in the _openGauss Tool Reference_. - - -## Examples - -Before running the **gs\_checkos** command, execute pre-processing scripts by running **gs\_preinstall** to prepare the environment. The following uses parameter **A** as an example: - -``` -gs_checkos -i A -Checking items: - A1. [ OS version status ] : Normal - A2. [ Kernel version status ] : Normal - A3. [ Unicode status ] : Normal - A4. [ Time zone status ] : Normal - A5. [ Swap memory status ] : Normal - A6. [ System control parameters status ] : Normal - A7. [ File system configuration status ] : Normal - A8. [ Disk configuration status ] : Normal - A9. [ Pre-read block size status ] : Normal - A10.[ IO scheduler status ] : Normal - A11.[ Network card configuration status ] : Normal - A12.[ Time consistency status ] : Warning - A13.[ Firewall service status ] : Normal - A14.[ THP service status ] : Normal -Total numbers:14. Abnormal numbers:0. Warning number:1. -``` - -The following uses parameter **B** as an example: - -``` -gs_checkos -i B -Setting items: - B1. [ Set system control parameters ] : Normal - B2. [ Set file system configuration value ] : Normal - B3. [ Set pre-read block size value ] : Normal - B4. [ Set IO scheduler value ] : Normal - B5. [ Set network card configuration value ] : Normal - B6. [ Set THP service ] : Normal -Total numbers:6. Abnormal numbers:0. Warning number:0. -``` - diff --git a/content/en/docs/Administratorguide/checking-and-deleting-logs.md b/content/en/docs/Administratorguide/checking-and-deleting-logs.md deleted file mode 100644 index 02282653e4c236ff9534db4b3f2103a35faaf732..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-and-deleting-logs.md +++ /dev/null @@ -1,11 +0,0 @@ -# Checking and Deleting Logs - -You are advised to check OS logs and database run logs monthly for monitoring system status and troubleshooting, and to delete database run logs monthly for saving disk space. - -- **[Checking OS Logs](checking-os-logs.md)** - -- **[Checking openGauss Run Logs](checking-opengauss-run-logs.md)** - -- **[Cleaning Run Logs](cleaning-run-logs.md)** - - diff --git a/content/en/docs/Administratorguide/checking-database-performance.md b/content/en/docs/Administratorguide/checking-database-performance.md deleted file mode 100644 index 408f5983f430e389f289b27cb6d7a28529cef2e6..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-database-performance.md +++ /dev/null @@ -1,7 +0,0 @@ -# Checking Database Performance - -- **[Check Method](check-method-2.md)** - -- **[Exception Handling](exception-handling-3.md)** - - diff --git a/content/en/docs/Administratorguide/checking-opengauss-health-status.md b/content/en/docs/Administratorguide/checking-opengauss-health-status.md deleted file mode 100644 index df4c446b6b46efd8a2d75ef489e18bb606ac5c5a..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-opengauss-health-status.md +++ /dev/null @@ -1,7 +0,0 @@ -# Checking openGauss Health Status - -- **[Check Method](check-method-0.md)** - -- **[Exception Handling](exception-handling-1.md)** - - diff --git a/content/en/docs/Administratorguide/checking-opengauss-run-logs.md b/content/en/docs/Administratorguide/checking-opengauss-run-logs.md deleted file mode 100644 index 00d7433b0a123999c949af40a52c75712d92cf1c..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-opengauss-run-logs.md +++ /dev/null @@ -1,111 +0,0 @@ -# Checking openGauss Run Logs - -A database can still run when errors occur during the execution of some operations. However, data may be inconsistent before and after the error occurrences. Therefore, you are advised to monthly check openGauss run logs to detect potential problems in time. - -## Prerequisites - -- The host used for collecting logs is running properly, and the network connection is normal. Database installation users trust each other. -- An OS tool \(for example, **gstack**\) that the log collection tool requires has been installed. If it is not installed, an error message is displayed, and this collection item is skipped. - -## Procedure - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to collect database logs: - - ``` - gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" - ``` - - In the command, **20160616 01:01** indicates the start time of the log and **20160616 23:59** indicates the end time of the log. - -3. Based on command output in [2](#en-us_topic_0237088806_en-us_topic_0059778412_l87490fc259434bc6ac7800ec9881a6ab), access the related log collection directory, decompress collected database logs, and check these logs. - - Assume that collected logs are stored in **/opt/gaussdb/tmp/gaussdba\_mppdb/collector\_20160726\_105158.tar.gz**. - - ``` - tar -xvzf /opt/gaussdb/tmp/gaussdba_mppdb/collector_20160726_105158.tar.gz - cd /opt/gaussdb/tmp/gaussdba_mppdb/collector_20160726_105158 - ``` - - -## Examples - -- Run the **gs\_collector** command together with parameters **--begin-time** and **--end-time**: - - ``` - gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" - ``` - - If information similar to the following is displayed, the logs have been archived: - - ``` - Successfully collected files - All results are stored in /tmp/gaussdba_mppdb/collector_20160616_175615.tar.gz. - ``` - -- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-h**: - - ``` - gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -h plat2 - ``` - - If information similar to the following is displayed, the logs have been archived: - - ``` - Successfully collected files - All results are stored in /tmp/gaussdba_mppdb/collector_20160616_190225.tar.gz. - ``` - -- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-f**: - - ``` - gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -f /opt/software/gaussdb/output - ``` - - If information similar to the following is displayed, the logs have been archived: - - ``` - Successfully collected files - All results are stored in /opt/software/gaussdb/output/collector_20160616_190511.tar.gz. - ``` - -- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **--keyword**: - - ``` - gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" --keyword="os" - ``` - - If information similar to the following is displayed, the logs have been archived: - - ``` - Successfully collected files. - All results are stored in /tmp/gaussdba_mppdb/collector_20160616_190836.tar.gz. - ``` - -- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-o**: - - ``` - gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -o /opt/software/gaussdb/output - ``` - - If information similar to the following is displayed, the logs have been archived: - - ``` - Successfully collected files. - All results are stored in /opt/software/gaussdb/output/collector_20160726_113711.tar.gz. - ``` - -- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-l** \(the file name extension must be .log\): - - ``` - gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -l /opt/software/gaussdb/logfile.log - ``` - - If information similar to the following is displayed, the logs have been archived: - - ``` - Successfully collected files. - All results are stored in /opt/software/gaussdb/output/collector_20160726_113711.tar.gz. - ``` - - diff --git a/content/en/docs/Administratorguide/checking-os-logs.md b/content/en/docs/Administratorguide/checking-os-logs.md deleted file mode 100644 index d8142987b5ecfd2261f14f7a16002a5be6335edc..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-os-logs.md +++ /dev/null @@ -1,14 +0,0 @@ -# Checking OS Logs - -You are advised to monthly check OS logs to detect and prevent potential OS problems. - -## Procedure - -Run the following command to check OS log files: - -``` -vim /var/log/messages -``` - -\(Pay attention to words like **kernel**, **error**, and **fatal** in logs generated within the last month and handle the problems based on the alarm information.\) - diff --git a/content/en/docs/Administratorguide/checking-os-parameters.md b/content/en/docs/Administratorguide/checking-os-parameters.md deleted file mode 100644 index 6e70e6b96faf4fcb207979c8c2d6f1f9c0716410..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-os-parameters.md +++ /dev/null @@ -1,7 +0,0 @@ -# Checking OS Parameters - -- **[Check Method](check-method.md)** - -- **[Exception Handling](exception-handling.md)** - - diff --git a/content/en/docs/Administratorguide/checking-the-number-of-application-connections.md b/content/en/docs/Administratorguide/checking-the-number-of-application-connections.md deleted file mode 100644 index ea50291be88a088391bb4c450727f4d058191ab5..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-the-number-of-application-connections.md +++ /dev/null @@ -1,126 +0,0 @@ -# Checking the Number of Application Connections - -If the number of connections between applications and the database exceeds the maximum value, new connections cannot be established. You are advised to daily check the number of connections, release idle connections in time, or increase the allowed maximum number of connections. - -## Procedure - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to connect to the database: - - ``` - gsql -d postgres -p 8000 - ``` - - **postgres** is the name of the database to be connected, and **8000** is the port number of the database primary node. - - If information similar to the following is displayed, the connection succeeds: - - ``` - gsql ((openGauss 1.0 build 290d125f) compiled at 2020-05-08 02:59:43 commit 2143 last mr 131 - Non-SSL connection (SSL connection is recommended when requiring high-security) - Type "help" for help. - - postgres=# - ``` - -3. Run the following SQL statement to check the number of connections: - - ``` - postgres=# SELECT count(*) FROM (SELECT pg_stat_get_backend_idset() AS backendid) AS s; - ``` - - Information similar to the following is displayed. **2** indicates that two applications are connected to the database. - - ``` - count - ------- - 2 - (1 row) - ``` - -4. View the allowed maximum connections. - - ``` - postgres=# SHOW max_connections; - ``` - - Information similar to the following is displayed. **200** indicates the currently allowed maximum number of connections. - - ``` - max_connections - ----------------- - 200 - (1 row) - ``` - - -## Exception Handling - -If the number of connections in the command output is close to the value of **max\_connections** of the database, delete existing connections or change the upper limit based on site requirements. - -1. Run the following SQL statement to view information about connections whose **state** is set to **idle**, and **state\_change** column is not updated for a long time. - - ``` - postgres=# SELECT * FROM pg_stat_activity where state='idle' order by state_change; - ``` - - Information similar to the following is displayed: - - ``` - datid | datname | pid | usesysid | usename | application_name | client_addr - | client_hostname | client_port | backend_start | xact_start | quer - y_start | state_change | waiting | enqueue | state | resource_pool - | query - -------+----------+-----------------+----------+----------+------------------+--------------- - -+-----------------+-------------+-------------------------------+------------+-------------- - -----------------+-------------------------------+---------+---------+-------+--------------- - +---------------------------------------------- - 13626 | postgres | 140390162233104 | 10 | gaussdba | | - | | -1 | 2016-07-15 14:08:59.474118+08 | | 2016-07-15 14 - :09:04.496769+08 | 2016-07-15 14:09:04.496975+08 | f | | idle | default_pool - | select count(group_name) from pgxc_group; - 13626 | postgres | 140390132872976 | 10 | gaussdba | cn_5002 | 10.180.123.163 - | | 48614 | 2016-07-15 14:11:16.014871+08 | | 2016-07-15 14 - :21:17.346045+08 | 2016-07-15 14:21:17.346095+08 | f | | idle | default_pool - | SET SESSION AUTHORIZATION DEFAULT;RESET ALL; - (2 rows) - ``` - -2. Release idle connections. - - Check each connection and release them after obtaining approval from the users of the connections. Run the following SQL command to release a connection using **pid** obtained in the previous step: - - ``` - postgres=# SELECT pg_terminate_backend(140390132872976); - ``` - - Information similar to the following is displayed: - - ``` - postgres=# SELECT pg_terminate_backend(140390132872976); - pg_terminate_backend - ---------------------- - t - (1 row) - ``` - - If no connections can be released, go to the next step. - -3. Increase the maximum number of connections. - - ``` - gs_guc set -D /gaussdb/data/dbnode -c "max_connections= 800" - ``` - - **800** is the new maximum value. - -4. Restart database services to make the new settings take effect. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >The restart results in operation interruption. Properly plan the restart to avoid affecting users. - - ``` - gs_om -t stop && gs_om -t start - ``` - - diff --git a/content/en/docs/Administratorguide/checking-time-consistency.md b/content/en/docs/Administratorguide/checking-time-consistency.md deleted file mode 100644 index f79fd1ea5c9235e1ca60a79936a34799e42724c7..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/checking-time-consistency.md +++ /dev/null @@ -1,46 +0,0 @@ -# Checking Time Consistency - -Database transaction consistency is guaranteed by a logical clock and is not affected by OS time. However, OS time inconsistency will lead to problems, such as abnormal backend O&M and monitoring functions. Therefore, you are advised to monthly check time consistency among nodes. - -## Procedure - -1. Log in as the OS user **omm** to any host in the GaussDB Kernel cluster. -2. Create a configuration file containing information about nodes in the cluster. - - ``` - vim /tmp/mpphosts - ``` - - Add the host name of each node. - - ``` - plat1 - plat2 - plat3 - ``` - -3. Save the configuration file. - - ``` - :wq! - ``` - -4. Run the following command and write the time on each node into the **/tmp/sys\_ctl-os1.log** file: - - ``` - for ihost in `cat /tmp/mpphosts`; do ssh -n -q $ihost "hostname;date"; done > /tmp/sys_ctl-os1.log - ``` - -5. Check time consistency between the nodes based on the command output. The time difference should not exceed 30s. - - ``` - cat /tmp/sys_ctl-os1.log - plat1 - Thu Feb 9 16:46:38 CST 2017 - plat2 - Thu Feb 9 16:46:49 CST 2017 - plat3 - Thu Feb 9 16:46:14 CST 2017 - ``` - - diff --git a/content/en/docs/Administratorguide/cleaning-run-logs.md b/content/en/docs/Administratorguide/cleaning-run-logs.md deleted file mode 100644 index 0ac2ab0d99ef6bde80d62afc529e90e271540a83..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/cleaning-run-logs.md +++ /dev/null @@ -1,25 +0,0 @@ -# Cleaning Run Logs - -A large number of run logs will be generated during database running and occupy huge disk space. You are advised to delete expired run logs and retain logs generated within one month. - -## Procedure - -1. Log in as the OS user **omm** to any host in the GaussDB Kernel cluster. -2. Clean logs. - 1. Back up logs generated over one month ago to other disks. - 2. Access the directory where logs are stored. - - ``` - cd $GAUSSLOG - ``` - - 3. Access the corresponding sub-directory and run the following command to delete logs generated one month ago: - - ``` - rm log name - ``` - - The naming convention of a log file is **postgresql-**_year_-_month_-_day_**\_HHMMSS**. - - - diff --git a/content/en/docs/Administratorguide/data-security-maintenance-suggestions.md b/content/en/docs/Administratorguide/data-security-maintenance-suggestions.md deleted file mode 100644 index 838e8440de6472133ebc55c2d2830d1dcac1b9c6..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/data-security-maintenance-suggestions.md +++ /dev/null @@ -1,23 +0,0 @@ -# Data Security Maintenance Suggestions - -To ensure data security in GaussDB Kernel and prevent accidents, such as data loss and illegal data access, read this section carefully. - -## Preventing Data Loss - -You are advised to plan routine physical backup and store backup files in a reliable medium. If a serious error occurs in the system, you can use the backup files to restore the system to the state at the backup point. - -## Preventing Illegal Data Access - -- You are advised to manage database users based on their permission hierarchies. A database administrator creates users and grants permissions to the users based on service requirements to ensure users properly access the database. -- You are advised to deploy GaussDB Kernel servers and clients \(or applications developed based on the client library\) in trusted internal networks. If the servers and clients must be deployed in an untrusted network, enable SSL encryption before services are started to ensure data transmission security. Note that enabling the SSL encryption function compromises database performance. - -## Preventing System Logs from Leaking Personal Data - -- Delete personal data before sending debug logs to others for analysis. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >The log level **log\_min\_messages** is set to **DEBUG**_x_ \(_x_ indicates the debug level and the value ranges from 1 to 5\). The information recorded in debug logs may contain personal data. - -- Delete personal data before sending system logs to others for analysis. If the execution of a SQL statement fails, the error SQL statement will be recorded in a system log by default. SQL statements may contain personal data. -- Set **log\_min\_error\_statement** to **PANIC** to prevent error SQL statements from being recorded in system logs. However, once the function is disabled, it is difficult to locate fault causes if faults occur. - diff --git a/content/en/docs/Administratorguide/exception-handling-1.md b/content/en/docs/Administratorguide/exception-handling-1.md deleted file mode 100644 index 841adc2dce7150a3cb7ac211c7fd6b69ee7ba37c..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/exception-handling-1.md +++ /dev/null @@ -1,370 +0,0 @@ -# Exception Handling - -Troubleshoot exceptions detected in the inspection by following instructions in this section. - -**Table 1** Check of openGauss running status - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Check Item

-

Abnormal Status

-

Solution

-

CheckClusterState (Checks the openGauss status.)

-

openGauss or openGauss instances are not started.

-

Run the following command to start openGauss and instances:

-
gs_om -t start
-

The status of openGauss or openGauss instances is abnormal.

-

Check the status of hosts and instances. Troubleshoot this issue based on the status information.

-
gs_check -i CheckClusterState
-

CheckDBParams (Checks database parameters.)

-

Database parameters have incorrect values.

-

Use the gs_guc tool to set the parameters to specified values.

-

CheckDebugSwitch (Checks debug logs.)

-

The log level is incorrect.

-

Use the gs_guc tool to set log_min_messages to specified content.

-

CheckDirPermissions (Checks directory permissions.)

-

The permission for a directory is incorrect.

-

Change the directory permission to a specified value (750 or 700).

-
chmod 750 DIR
-

CheckReadonlyMode (Checks the read-only mode.)

-

The read-only mode is enabled.

-

Verify that the usage of the disk where database nodes are located does not exceed the threshold (60% by default) and no other O&M operations are performed.

-
gs_check -i CheckDataDiskUsage
-ps ux
-

Use the gs_guc tool to disable the read-only mode of openGauss.

-
gs_guc reload -N all -I all -c 'default_transaction_read_only = off' 
-gs_guc reload -N all -I all -c 'default_transaction_read_only = off'
-

CheckEnvProfile (Checks environment variables.)

-

Environment variables are inconsistent.

-

Update the environment variable information.

-

CheckBlockdev (Checks pre-read blocks.)

-

The size of a pre-read block is not 16384 KB.

-

Use the gs_checkos tool to set the size of the pre-read block to 16384 KB and write the setting into the auto-startup file.

-
gs_checkos -i B3
-

CheckCursorNum (Checks the number of cursors.)

-

The number of cursors fails to be checked.

-

Check whether the database is properly connected and whether the openGauss status is normal.

-

CheckPgxcgroup (Checks the data redistribution status.)

-

There are pgxc_group tables that have not been redistributed.

-

Proceed with the redistribution.

-
gs_expand, gs_shrink
-

CheckDiskFormat (Checks disk configurations.)

-

Disk configurations are inconsistent between nodes.

-

Configure disk specifications to be consistent between nodes.

-

CheckSpaceUsage (Checks the disk space usage.)

-

Disk space is insufficient.

-

Clear or expand the disk for the directory.

-

CheckInodeUsage (Checks the disk index usage.)

-

Disk indexes are insufficient.

-

Clear or expand the disk for the directory.

-

CheckSwapMemory (Checks the swap memory.)

-

The swap memory is greater than the physical memory.

-

Reduce or disable the swap memory.

-

CheckLogicalBlock (Checks logical blocks.)

-

The size of a logical block is not 512 KB.

-

Use the gs_checkos tool to set the size of the logical block to 512 KB and write the setting into the auto-startup file.

-
gs_checkos -i B4
-

CheckIOrequestqueue (Checks I/O requests.)

-

The requested I/O is not 32768.

-

Use the gs_checkos tool to set the requested I/O to 32768 and write the setting into the auto-startup file.

-
gs_checkos -i B4
-

CheckCurConnCount (Checks the number of current connections.)

-

The number of current connections exceeds 90% of the allowed maximum number of connections.

-

Break idle primary database node connections.

-

CheckMaxAsyIOrequests (Checks the maximum number of asynchronous requests.)

-

The maximum number of asynchronous requests is less than 104857600 or (Number of database instances on the current node x 1048576).

-

Use the gs_checkos tool to set the maximum number of asynchronous requests to the larger one between 104857600 and (Number of database instances on the current node x 1048576).

-
gs_checkos -i B4
-

CheckMTU (Checks MTU values.)

-

MTU values are inconsistent between nodes.

-

Set the MTU value on each node to 1500 or 8192.

-
ifconfig eth* MTU 1500
-

CheckIOConfigure (Checks I/O configurations.)

-

The I/O mode is not deadline.

-

Use the gs_checkos tool to set the I/O mode to deadline and write the setting into the auto-startup file.

-
gs_checkos -i B4
-

CheckRXTX (Checks the RX/TX value.)

-

The NIC RX/TX value is not 4096.

-

Use the checkos tool to set the NIC RX/TX value to 4096 for openGauss.

-
gs_checkos -i B5
-

CheckPing (Checks whether the network connection is normal.)

-

There are openGauss IP addresses that cannot be pinged.

-

Check the network settings, network status, and firewall status between the abnormal IP addresses.

-

CheckNetWorkDrop (Checks the network packet loss rate.)

-

The network packet loss rate is greater than 1%.

-

Check the network load and status between the corresponding IP addresses.

-

CheckMultiQueue (Checks the NIC multi-queue function.)

-

Multiqueue is not enabled for the NIC, and NIC interruptions are not bound to different CPU cores.

-

Enable multiqueue for the NIC, and bind NIC interruptions to different CPU cores.

-

CheckEncoding (Checks the encoding format.)

-

Encoding formats are inconsistent between nodes.

-

Write the same encoding format into /etc/profile for each node.

-
echo "export LANG=XXX" >> /etc/profile
-

CheckActQryCount (Checks the archiving mode.)

-

The archiving mode is enabled, and the archiving directory is not under the primary database node directory.

-

Disable archiving mode or set the archiving directory to be under the primary database node directory.

-

CheckFirewall (Checks the firewall.)

-

The firewall is enabled.

-

Disable the firewall.

-
redHat(CentOS)7.x: systemctl status firewalld.service
-redHat(CentOS)6.x: service iptables down
-SuSE: SuSEfirewall2 down
-

CheckKernelVer (Checks kernel versions.)

-

Kernel versions are inconsistent between nodes.

-

Use the gs_replace tool to replace the nodes whose kernel version is inconsistent with that of others.

-
gs_replace
-

CheckMaxHandle (Checks the maximum number of file handles.)

-

The maximum number of handles is less than 1000000.

-

Set the soft and hard limits in the 91-nofile.conf or 90-nofile.conf file to 1000000.

-
gs_checkos -i B2
-

CheckNTPD (Checks the time synchronization service.)

-

The NTPD service is disabled or the time difference is greater than 1 minute.

-

Enable the NTPD service and set the time to be consistent.

-

CheckOSVer (Checks OS versions.)

-

Certain OSs are not supported or the OSs are not in the same hybrid list.

-

Use gs_replace to replace abnormal nodes with those supported by OSs or those in the same hybrid list.

-
gs_replace
-

CheckSysParams (Checks OS parameters.)

-

OS parameter settings do not meet requirements.

-

Use the gs_checkos tool or manually set parameters to values meeting requirements.

-
gs_checkos -i B1
-vim /etc/sysctl.conf
-

CheckTHP (Checks the THP service.)

-

The THP service is disabled.

-

Use the gs_checkos to enable the THP service.

-
gs_checkos -i B6
-

CheckTimeZone (Checks time zones.)

-

Time zones are inconsistent between nodes.

-

Set time zones to be consistent between nodes.

-
cp /usr/share/zoneinfo/$primary time zone/$secondary time zone /etc/localtime
-

CheckCPU (Checks the CPU.)

-

CPU usage is high or I/O waiting time is too long.

-

Upgrade CPUs or improve disk performance.

-

CheckSshdService (Checks the SSHD service.)

-

The SSHD service is disabled.

-

Enable the SSHD service and write the setting into the auto-startup file.

-
server sshd start
-echo "server sshd start" >> initFile
-

CheckSshdConfig (Checks SSHD configurations.)

-

The SSHD service is incorrectly configured.

-

Reconfigure the SSHD service.

-
PasswordAuthentication=no;
-MaxStartups=1000;
-UseDNS=yes;
-ClientAliveInterval=10800/ClientAliveInterval=0
-

Restart the service.

-
server sshd start
-

CheckCrondService (Checks the Crond service.)

-

The Crond service is disabled.

-

Install and enable the Crond service.

-

CheckStack (Checks the stack size.)

-

The stack size is less than 3072.

-

Use the gs_checkos tool to set the stack size to 3072 and restart the processes with a smaller stack size.

-
gs_checkos -i B2
-

CheckNoCheckSum (Checks the NoCheckSum parameter.)

-

NoCheckSum is incorrectly set or its value is inconsistent on each node.

-

Set NoCheckSum to a consistent value on each node. If redHat6.4 or redHat6.5 with the NIC binding mode bond0 exists, set NoCheckSum to Y. In other cases, set it to N.

-
echo Y > /sys/module/sctp/parameters/no_checksums
-

CheckSysPortRange (Checks OS port configurations.)

-

OS IP ports are not within the required port range or openGauss ports are within the OS IP port range.

-

Set the OS IP ports within 26000 to 65535 and set the openGauss ports beyond the OS IP port range.

-
vim /etc/sysctl.conf
-

CheckMemInfo (Checks the memory information.)

-

Memory sizes are inconsistent between nodes.

-

Use physical memory of the same specifications between nodes.

-

CheckHyperThread (Checks the hyper-threading.)

-

The CPU hyper-threading is disabled.

-

Enable the CPU hyper-threading.

-

CheckTableSpace (Checks tablespaces.)

-

The tablespace path is nested with the openGauss path or nested with the path of another tablespace.

-

Migrate tablespace data to the tablespace with a valid path.

-

CheckSctpService (Checks the SCTP service.)

-

The SCTP service is disabled.

-

Install and enable the SCTP service.

-
modprobe sctp
-
- diff --git a/content/en/docs/Administratorguide/exception-handling-3.md b/content/en/docs/Administratorguide/exception-handling-3.md deleted file mode 100644 index 49c04e5b87fead35ab758f9db1ccc3c8d6104dce..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/exception-handling-3.md +++ /dev/null @@ -1,124 +0,0 @@ -# Exception Handling - -After you use the **gs\_checkperf** tool to check the cluster performance, if the performance is abnormal, troubleshoot the issue by following instructions in this section. - -**Table 1** Cluster-level performance status - - - - - - - - - - - - - - - - - - - - - - - - - -

Abnormal Status

-

Solution

-

High CPU usage of hosts

-

1. Add high-performance CPUs, or replace current CPUs with them.

-

2. Run the top command to check which system processes cause high CPU usage, and run the kill command to stop unused processes.

-
top
-

High CPU usage of GaussDB Kernel

-

1. Add high-performance CPUs, or replace current CPUs with them.

-

2. Run the top command to check which database processes cause high CPU usage, and run the kill command to stop unused processes.

-
top
-

3. Use the gs_expand tool to add new hosts to lower the CPU usage.

-

Low hit ratio of the shared memory

-

1. Expand the memory.

-

2. Run the following command to check the OS configuration file /etc/sysctl.conf and increase the value of kernel.shmmax.

-
vim /etc/sysctl.conf
-

Low in-memory sort ratio

-

Expand the memory.

-

High I/O and disk usage

-

1. Replace current disks with high-performance ones.

-

2. Adjust the data layout to evenly distribute I/O requests to all the physical disks.

-

3. Run VACUUM FULL for the entire database.

-
vacuum full;
-

4. Clean up the disk space.

-

5. Reduce the number of concurrent connections.

-

Transaction statistics

-

Query the pg_stat_activity system catalog to break unnecessary connections.

-
- -**Table 2** Node-level performance status - - - - - - - - - - - - - - - - -

Abnormal Status

-

Solution

-

High CPU usage

-

1. Add high-performance CPUs, or replace current CPUs with them.

-

2. Run the top command to check which system processes cause high CPU usage, and run the kill command to stop unused processes.

-
top
-

High memory usage

-

Expand or clean up the memory.

-

High I/O usage

-

1. Replace current disks with high-performance ones.

-

2. Clean up the disk space.

-

3. Use memory read/write to replace as much disk I/O as possible, putting frequently accessed files or data in the memory.

-
- -**Table 3** Session/process-level performance status - - - - - - - - - - -

Abnormal Status

-

Solution

-

High CPU, memory, and I/O usage

-

Check which processes cause high CPU, memory, or I/O usage. If they are unnecessary processes, kill them; otherwise, analyze the specific cause of high usage. For example, if SQL statement execution occupies much memory, check whether the SQL statements need optimization.

-
- -**Table 4** SSD performance status - - - - - - - - - - -

Abnormal Status

-

Solution

-

SSD read/write fault

-

Run the following command to check whether SSD is faulty. If yes, analyze the specific cause.

-
gs_checkperf -i SSD -U omm
-
- diff --git a/content/en/docs/Administratorguide/exception-handling.md b/content/en/docs/Administratorguide/exception-handling.md deleted file mode 100644 index 995f64323956e2e4ad6d516e0ed81df6924de4d0..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/exception-handling.md +++ /dev/null @@ -1,106 +0,0 @@ -# Exception Handling - -If you use the **gs\_checkos** tool to check the OS and the command output shows **Abnormal**, run the following command to view detailed error information: - -``` -gs_checkos -i A --detail -``` - -The **Abnormal** state cannot be ignored because the OS in this state affects cluster installation. The **Warning** state does not affect cluster installation and thereby can be ignored. - -- If the check result for OS version status \(**A1**\) is **Abnormal**, replace OSs out of the mixed programming scope with those within the scope. -- If the check result for kernel version status \(**A2**\) is **Warning**, the platform kernel versions in the cluster are inconsistent. -- If the check result for Unicode status \(**A3**\) is **Abnormal**, set the same character set for all the hosts. You can add **export LANG=**_unicode_ to the **/etc/profile** file. - - ``` - vim /etc/profile - ``` - -- If the check result for time zone status \(**A4**\) is **Abnormal**, set the same time zone for all the hosts. You can copy the time zone file in the **/usr/share/zoneinfo/** directory as the **/etc/localtime** file. - - ``` - cp /usr/share/zoneinfo/$primary time zone/$secondary time zone /etc/localtime - ``` - -- If the check result for swap memory status \(**A5**\) is **Abnormal**, a possible cause is that the swap memory is larger than the physical memory. You can troubleshoot this issue by reducing the swap memory or increasing the physical memory. -- If the check result for system control parameter status \(**A6**\) is **Abnormal**, troubleshoot this issue in either of the following two ways: - - Run the following command: - - ``` - gs_checkos -i B1 - ``` - - - Modify the **/etc/sysctl.conf** file based on the error message and run **sysctl -p** to make it take effect. - - ``` - vim /etc/sysctl.conf - ``` - - - -- If the check result for file system configuration status \(**A7**\) is **Abnormal**, run the following command to troubleshoot this issue: - - ``` - gs_checkos -i B2 - ``` - -- If the check result for disk configuration status \(**A8**\) is **Abnormal**, set the disk mounting format to **rw,noatime,inode64,allocsize=16m**. - - Run the **man mount** command to mount the XFS parameter: - - ``` - rw,noatime,inode64,allocsize=16m - ``` - - You can also set the XFS parameter in the **/etc/fstab** file. For example: - - ``` - /dev/data /data xfs rw,noatime,inode64,allocsize=16m 0 0 - ``` - -- If the check result for pre-read block size status \(**A9**\) is **Abnormal**, run the following command to troubleshoot this issue: - - ``` - gs_checkos -i B3 - ``` - -- If the check result for I/O scheduling status \(**A10**\) is **Abnormal**, run the following command to troubleshoot this issue: - - ``` - gs_checkos -i B4 - ``` - -- If the check result for NIC configuration status \(**A11**\) is **Warning**, run the following command to troubleshoot this issue: - - ``` - gs_checkos -i B5 - ``` - -- If the check result for time consistency status \(**A12**\) is **Abnormal**, verify that the NTP service has been installed and started and has synchronized time from the NTP clock. -- If the check result for firewall status \(**A13**\) is **Abnormal**, disable the firewall. Run the following commands: - - SUSE: - - ``` - SuSEfirewall2 stop - ``` - - - RedHat7: - - ``` - systemctl disable firewalld - ``` - - - RedHat6: - - ``` - service iptables stop - ``` - - -- If the check result for THP service status \(**A14**\) is **Abnormal**, run the following command to troubleshoot this issue: - - ``` - gs_checkos -i B6 - ``` - - diff --git a/content/en/docs/Administratorguide/generating-configuration-files.md b/content/en/docs/Administratorguide/generating-configuration-files.md index 7e275ff6876da01b8fe0cac49ee64d54f43e0475..12b616a9c8b706872fcc0b01a457a0531596992d 100644 --- a/content/en/docs/Administratorguide/generating-configuration-files.md +++ b/content/en/docs/Administratorguide/generating-configuration-files.md @@ -1,61 +1,61 @@ -# Generating Configuration Files - -## Background - -If a static configuration file is damaged while you use openGauss, openGauss cannot obtain information about the openGauss topology structure and primary/standby relationship, affecting the openGauss function. In this case, you can use the **gs\_om** tool to generate a new static configuration file to replace the damaged file, ensuring normal openGauss running. - -## Prerequisites - -None - -## Procedure - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to generate configuration files in a specified directory on the current host: - - ``` - gs_om -t generateconf -X /opt/software/openGauss/clusterconfig.xml --distribute - ``` - - **/opt/software/openGauss/clusterconfig.xml** is the directory for saving XML configuration files during the openGauss installation. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >1. After the command is executed, the new configuration file storage directory is displayed in the log information. Take a one-primary dual-standby environment as an example. This directory contains three configuration files named by host names. You need to replace the configuration files of corresponding hosts with the three files respectively. - >2. If **--distribute** is not specified, perform [3](#en-us_topic_0237088792_en-us_topic_0059777801_lc1ce55d572e44beea3e47b1b427fae3e) to distribute static configuration files to their corresponding hosts. If **--distribute** is specified, the static configuration files are automatically distributed and you do not need to perform [3](#en-us_topic_0237088792_en-us_topic_0059777801_lc1ce55d572e44beea3e47b1b427fae3e). - -3. \(Optional\) Replace the damaged static configuration files of the three hosts in the **/opt/gaussdb/app/bin** directory. - - Take one host as an example: - - ``` - mv /opt/huawei/wisequery/script/static_config_files/cluster_static_config_SIA1000056771 /opt/gaussdb/app/bin/cluster_static_config - ``` - - -## Examples - -Run the following commands on any of the hosts in openGauss to generate configuration files: - -``` -gs_om -t generateconf -X /opt/software/openGauss/clusterconfig.xml --distribute -Generating static configuration files for all nodes. -Creating temp directory to store static configuration files. -Successfully created the temp directory. -Generating static configuration files. -Successfully generated static configuration files. -Static configuration files for all nodes are saved in /opt/huawei/Bigdata/mppdb/wisequery/script/static_config_files. -Distributing static configuration files to all nodes. -Successfully distributed static configuration files. -``` - -Open the generated configuration file directory that contains three new files. - -``` -cd /opt/huawei/Bigdata/mppdb/wisequery/script/static_config_files -ll -total 456 --rwxr-xr-x 1 omm dbgrp 155648 2016-07-13 15:51 cluster_static_config_plat1 --rwxr-xr-x 1 omm dbgrp 155648 2016-07-13 15:51 cluster_static_config_plat2 --rwxr-xr-x 1 omm dbgrp 155648 2016-07-13 15:51 cluster_static_config_plat3 -``` - +# Generating Configuration Files + +## Background + +If a static configuration file is damaged while you use openGauss, openGauss cannot obtain information about the openGauss topology structure and primary/standby relationship, affecting the openGauss function. In this case, you can use the **gs\_om** tool to generate a new static configuration file to replace the damaged file, ensuring normal openGauss running. + +## Prerequisites + +None + +## Procedure + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to generate configuration files in a specified directory on the current host: + + ``` + gs_om -t generateconf -X /opt/software/openGauss/clusterconfig.xml --distribute + ``` + + **/opt/software/openGauss/clusterconfig.xml** is the directory for saving XML configuration files during the openGauss installation. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >1. After the command is executed, the new configuration file storage directory is displayed in the log information. Take a one-primary dual-standby environment as an example. This directory contains three configuration files named by host names. You need to replace the configuration files of corresponding hosts with the three files respectively. + >2. If **--distribute** is not specified, perform [3](#en-us_topic_0237088792_en-us_topic_0059777801_lc1ce55d572e44beea3e47b1b427fae3e) to distribute static configuration files to their corresponding hosts. If **--distribute** is specified, the static configuration files are automatically distributed and you do not need to perform [3](#en-us_topic_0237088792_en-us_topic_0059777801_lc1ce55d572e44beea3e47b1b427fae3e). + +3. \(Optional\) Replace the damaged static configuration files of the three hosts in the **/opt/gaussdb/app/bin** directory. + + Take one host as an example: + + ``` + mv /opt/huawei/wisequery/script/static_config_files/cluster_static_config_SIA1000056771 /opt/gaussdb/app/bin/cluster_static_config + ``` + + +## Examples + +Run the following commands on any of the hosts in openGauss to generate configuration files: + +``` +gs_om -t generateconf -X /opt/software/openGauss/clusterconfig.xml --distribute +Generating static configuration files for all nodes. +Creating temp directory to store static configuration files. +Successfully created the temp directory. +Generating static configuration files. +Successfully generated static configuration files. +Static configuration files for all nodes are saved in /opt/huawei/Bigdata/mppdb/wisequery/script/static_config_files. +Distributing static configuration files to all nodes. +Successfully distributed static configuration files. +``` + +Open the generated configuration file directory that contains three new files. + +``` +cd /opt/huawei/Bigdata/mppdb/wisequery/script/static_config_files +ll +total 456 +-rwxr-xr-x 1 omm dbgrp 155648 2016-07-13 15:51 cluster_static_config_plat1 +-rwxr-xr-x 1 omm dbgrp 155648 2016-07-13 15:51 cluster_static_config_plat2 +-rwxr-xr-x 1 omm dbgrp 155648 2016-07-13 15:51 cluster_static_config_plat3 +``` + diff --git a/content/en/docs/Administratorguide/gs_basebackup.md b/content/en/docs/Administratorguide/gs_basebackup.md deleted file mode 100644 index e9841be0eaae8c610fae5ddec6e4992d0b286af2..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/gs_basebackup.md +++ /dev/null @@ -1,125 +0,0 @@ -# gs\_basebackup - -## Background - -After openGauss is deployed, problems and exceptions may occur during database running. **gs\_basebackup**, provided by openGauss, is used to perform basic physical backup. **gs\_basebackup** copies the binary files of the database on the server using a replication protocol. To remotely execute **gs\_basebackup**, you need to use the system administrator account. **gs\_basebackup** supports only hot backup and does not support compressed backup. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->- **gs\_basebackup** supports only full backup. ->- **gs\_basebackup** supports only hot backup and does not support compressed backup. ->- **gs\_basebackup** cannot back up tablespaces containing absolute paths on the same server. This is because the absolute path is unique on the same machine, and brings about conflicts. However, it can back up tablespaces containing absolute paths on different machines. ->- If the functions of incremental checkpoint and dual-write are enabled, **gs\_basebackup** also backs up dual-write files. ->- If the **pg\_xlog** directory is a soft link, no soft link is created during backup. Data is directly backed up to the **pg\_xlog** directory in the destination path. - -## Prerequisites - -- The openGauss database can be connected. Link replication is enabled in **pg\_hba.conf**, and at least one **max\_wal\_senders** is configured and available. -- During the restoration, backup files exist in the backup directory on all the nodes. If backup files are lost on any node, copy them to it from another node. - -## Syntax - -- Display help information. - - ``` - gs_basebackup -? | --help - ``` - -- Display version information. - - ``` - gs_basebackup -V | --version - ``` - - -## Parameter Description - -The **gs\_basebackup** tool can use the following types of parameters: - -- -D directory - - Directory for storing backup files. This parameter is mandatory. - - -- Common parameters - - -c, --checkpoint=fast|spread - - Sets the checkpoint mode to **fast** or **spread** \(default\). - - - -l, --label=LABEL - - Adds tags for the backup. - - - -P, --progress - - Enables the progress report. - - - -v, --verbose - - Enables the verbose mode. - - - -V, --version - - Prints the version and exits. - - - -?, --help - - Displays **gs\_basebackup** command parameters. - - -- Connection parameters - - -h, --host=HOSTNAME - - Specifies the host name of the machine on which the server is running or the directory for the Unix-domain socket. - - - -p, --port=PORT - - Specifies the port number of the database server. - - You can modify the default port number using this parameter. - - - -U, --username=USERNAME - - Specifies the user that connects to the database. - - - -s, --status-interval=INTERVAL - - Specifies the time for sending status packets to the server, in seconds. - - - -w,--no-password - - Never issues a password prompt. - - - -W, --password - - Issues a password prompt when the **-U** parameter is used to connect to a local or remote database. - - - -## Example - -``` -gs_basebackup -D /home/test/trunk/install/data/backup -h 127.0.0.1 -p 21233 -INFO: The starting position of the xlog copy of the full build is: 0/1B800000. The slot minimum LSN is: 0/1B800000. -``` - -## Restoring Data from Backup Files - -If a database is faulty, restore it from backup files. **gs\_basebackup** backs up the database in binary mode. Therefore, you can directly copy and replace the original files or start the database on the backup database. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->- If the current database instance is running, a port conflict may occur when you start the database from the backup file. In this case, you need to modify the port parameter in the configuration file or specify a port when starting the database. ->- If the current backup file is a primary/standby database, you may need to modify the replication connections between the master and slave databases. That is, **replconninfo1** and **replconninfo2** in the **postgre.conf** file. - -To restore the original database, perform the following steps: - -1. Stop the database server. For details, see _Administrator Guide_. -2. Copy the original database and all tablespaces to another location for future use. -3. Delete all or part of the files from the original database. -4. Use the database system user rights to restore the required database files from the backup. -5. If a link file exists in the database, modify the link file so that it can be linked to the correct file. -6. Restart the database server and check the database content to ensure that the database is restored to the required status. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->- Incremental restoration from backup files is not supported. ->- After the restoration, check that the link file in the database is linked to the correct file. - diff --git a/content/en/docs/Administratorguide/gs_dump.md b/content/en/docs/Administratorguide/gs_dump.md deleted file mode 100644 index 6a9654b93e81b35c3d93c110ea62a46dc715dd4f..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/gs_dump.md +++ /dev/null @@ -1,561 +0,0 @@ -# gs\_dump - -## Background - -gs\_dump, provided by openGauss, is used to export database information. You can export a database or its objects \(such as schemas, tables, and views\). The database can be the default postgres database or a user-specified database. - -**gs\_dump** is executed by OS user **omm**. - -When **gs\_dump** is used to export data, other users can still access \(read and write\) openGauss databases. - -**gs\_dump** can export complete, consistent data. For example, if **gs\_dump** is started to export database A at T1, data of the database at that time point will be exported, and modifications on the database after that time point will not be exported. - -**gs\_dump** can export database information to a plain-text SQL script file or archive file. - -- Plain-text SQL script: It contains the SQL statements required to restore the database. You can use gsql to execute the SQL script. With only a little modification, the SQL script can rebuild a database on other hosts or database products. -- Archive file: It contains data required to restore the database. It can be a tar-, directory-, or custom-format archive. For details, see [Table 1](#en-us_topic_0249632271_en-us_topic_0237152335_en-us_topic_0058967678_t17db29a12e7342cfbf02b2f6e50ff1a5). The export result must be used with [**gs\_restore**](gs_restore.md#EN-US_TOPIC_0250273519) to restore the database. The system allows users to select or even to sort the content to be imported. - -## Functions - -**gs\_dump** can create export files in four formats, which are specified by **-F** or **--format=**, as listed in [Table 1](#en-us_topic_0249632271_en-us_topic_0237152335_en-us_topic_0058967678_t17db29a12e7342cfbf02b2f6e50ff1a5). - -**Table 1** Formats of exported files - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Format

-

Value of -F

-

Description

-

Suggestion

-

Corresponding Import Tool

-

Plain-text

-

p

-

A plain-text script file containing SQL statements and commands. The commands can be executed on gsql, a command line terminal, to recreate database objects and load table data.

-

You are advised to use plain-text exported files for small databases.

-

Before using gsql to restore database objects, you can use a text editor to edit the plain-text export file as required.

-

Custom

-

c

-

A binary file that allows the restoration of all or selected database objects from an exported file.

-

You are advised to use custom-format archive files for medium or large database.

-

You can use gs_restore to import database objects from a custom-format archive.

-

Directory

-

d

-

A directory containing directory files and the data files of tables and BLOB objects.

-

-

-

.tar

-

t

-

A tar-format archive that allows the restoration of all or selected database objects from an exported file. It cannot be further compressed and has an 8-GB limitation on the size of a single table.

-

-

-
- ->![](public_sys-resources/icon-note.gif) **NOTE:** ->To reduce the size of an exported file, you can use **gs\_dump** to compress it to a plain-text file or custom-format file. By default, a plain-text file is not compressed when generated. When a custom-format archive is generated, a medium level of compression is applied by default. Archived exported files cannot be compressed using **gs\_dump**. When a plain-text file is exported in compressed mode, **gsql** fails to import data objects. - -## Precautions - -Do not modify an exported file or its content. Otherwise, restoration may fail. - -To ensure the data consistency and integrity, **gs\_dump** acquires a share lock on a table to be dumped. If another transaction has acquired a share lock on the table, **gs\_dump** waits until this lock is released and then locks the table for dumping. If the table cannot be locked within the specified time, the dump fails. You can customize the timeout duration to wait for lock release by specifying the **--lock-wait-timeout** parameter. - -## Syntax - -``` -gs_dump [OPTION]... [DBNAME] -``` - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->_DBNAME_ does not follow a short or long option. It specifies the database to be connected. ->For example: ->Specify _DBNAME_ without a **-d** option preceding it. ->``` ->gs_dump -p port_number postgres -f dump1.sql ->``` ->or ->``` ->export PGDATABASE=postgres ->``` ->``` -> gs_dump -p port_number -f dump1.sql ->``` ->Environment variable: _PGDATABASE_ - -## Parameter Description - -Common parameters - -- -f, --file=FILENAME - - Sends the output to the specified file or directory. If this parameter is omitted, the standard output is generated. If the output format is **\(-F c/-F d/-F t\)**, the **-f** parameter must be specified. If the value of the **-f** parameter contains a directory, the current user must have the read and write permissions on the directory, and the directory cannot be an existing one. - -- -F, --format=c|d|t|p - - Selects the exported file format. The format can be: - - - **p|plain**: Generates a text SQL script file. This is the default value. - - **c|custom**: Outputs a custom-format archive as a directory to be used as the input of **gs\_restore**. This is the most flexible output format in which users can manually select it and reorder the archived items during restoration. An archive in this format is compressed by default. - - **d|directory**: Creates a directory containing directory files and the data files of tables and BLOBs. - - **t|tar**: Outputs a .tar archive as the input of **gs\_restore**. The .tar format is compatible with the directory format. Extracting a .tar archive generates a valid directory-format archive. However, the .tar archive cannot be further compressed and has an 8-GB limitation on the size of a single table. The order of table data items cannot be changed during restoration. - - A .tar archive can be used as input of **gsql**. - - -- -v, --verbose - - Specifies the verbose mode. If it is specified, **gs\_dump** writes detailed object comments and the number of startups/stops to the dump file, and progress messages to standard error. - -- -V, --version - - Prints the **gs\_dump** version and exits. - -- -Z, --compress=0-9 - - Specifies the used compression level. - - Value range: 0-9 - - - **0** indicates no compression. - - **1** indicates that the compression ratio is the lowest and processing speed the fastest. - - **9** indicates that the compression ratio is the highest and processing speed the slowest. - - For the custom-format archive, this option specifies the compression level of a single table data segment. By default, data is compressed at a medium level. The plain-text and .tar archive formats do not support compression currently. - -- --lock-wait-timeout=TIMEOUT - - Do not keep waiting to obtain shared table locks since the beginning of the dump. Consider it as failed if you are unable to lock a table within the specified time. The timeout period can be specified in any of the formats accepted by **SET statement\_timeout**. - -- -?, --help - - Displays help about **gs\_dump** parameters and exits. - - -Dump parameters: - -- -a, --data-only - - Generates only the data, not the schema \(data definition\). Dump the table data, big objects, and sequence values. - -- -b, --blobs - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- -c, --clean - - Before writing the command of creating database objects into the backup file, writes the command of clearing \(deleting\) database objects to the backup files. \(If no objects exist in the target database, **gs\_restore** probably displays some error information.\) - - This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. - -- -C, --create - - The backup file content starts with the commands of creating the database and connecting to the created database. \(If the command script is executed in this mode, you can specify any database to run the command for creating a database. The data is restored to the created database instead of the specified database.\) - - This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. - -- -E, --encoding=ENCODING - - Creates a dump file in the specified character set encoding. By default, the dump file is created in the database encoding. \(Alternatively, you can set the environment variable **PGCLIENTENCODING** to the required dump encoding.\) - -- -n, --schema=SCHEMA - - Dumps only schemas matching the schema names. This option contains the schema and all its contained objects. If this option is not specified, all non-system schemas in the target database will be dumped. Multiple schemas can be selected by specifying multiple **-n** options. The schema parameter is interpreted as a pattern according to the same rules used by the **\\d** command of **gsql**. Therefore, multiple schemas can also be selected by writing wildcard characters in the pattern. When you use wildcard characters, quote the pattern to prevent the shell from expanding the wildcard characters. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- If **-n** is specified, **gs\_dump** does not dump any other database objects which the selected schemas might depend upon. Therefore, there is no guarantee that the results of a specific-schema dump can be automatically restored to an empty database. - >- If **-n** is specified, the non-schema objects are not dumped. - - Multiple schemas can be dumped. Entering **-n **_schemaname_ multiple times dumps multiple schemas. - - For example: - - ``` - gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -n sch1 -n sch2 - ``` - - In the preceding example, **sch1** and **sch2** are dumped. - -- -N, --exclude-schema=SCHEMA - - Does not dump any schemas matching the schemas pattern. The pattern is interpreted according to the same rules as for **-n**. **-N** can be specified multiple times to exclude schemas matching any of the specified patterns. - - When both **-n** and **-N** are specified, the schemas that match at least one **-n** option but no **-N** is dumped. If **-N** is specified and **-n** is not, the schemas matching **-N** are excluded from what is normally dumped. - - Dump allows you to exclude multiple schemas during dumping. - - Specify **-N exclude schema name** to exclude multiple schemas during dumping. - - For example: - - ``` - gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -N sch1 -N sch2 - ``` - - In the preceding example, **sch1** and **sch2** will be excluded during the dumping. - -- -o, --oids - - Dumps object identifiers \(OIDs\) as parts of the data in each table. Use this option if your application references the OID columns in some way. If the preceding situation does not occur, do not use this parameter. - -- -O, --no-owner - - Do not output commands to set ownership of objects to match the original database. By default, **gs\_dump** issues the **ALTER OWNER** or **SET SESSION AUTHORIZATION** statement to set ownership of created database objects. These statements will fail when the script is running unless it is started by a system administrator \(or the same user that owns all of the objects in the script\). To make a script that can be stored by any user and give the user ownership of all objects, specify **-O**. - - This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. - -- -s, --schema-only - - Dumps only the object definition \(schema\) but not data. - -- -S, --sysadmin=NAME - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- -t, --table=TABLE - - Specifies a list of tables, views, sequences, or foreign tables to be dumped. You can use multiple **-t** parameters or wildcard characters to specify tables. - - When you use wildcard characters, quote patterns to prevent the shell from expanding the wildcard characters. - - The **-n** and **-N** options have no effect when **-t** is used, because tables selected by using **-t** will be dumped regardless of those options. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- The number of **-t** parameters must be less than or equal to 100. - >- If the number of **-t** parameters is greater than 100, you are advised to use the **--include-table-file** parameter to replace some **-t** parameters. - >- If **-t** is specified, **gs\_dump** does not dump any other database objects which the selected tables might depend upon. Therefore, there is no guarantee that the results of a specific-table dump can be automatically restored to an empty database. - >- **-t tablename** only dumps visible tables in the default search path. **-t '\*.tablename'** dumps _tablename_ tables in all the schemas of the dumped database. **-t schema.table** dumps tables in a specific schema. - >- **-t tablename** does not export trigger information from a table. - - For example: - - ``` - gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -t schema1.table1 -t schema2.table2 - ``` - - In the preceding example, **schema1.table1** and **schema2.table2** are dumped. - -- --include-table-file=FILENAME - - Specifies the table file to be dumped. - -- -T, --exclude-table=TABLE - - Specifies a list of tables, views, sequences, or foreign tables not to be dumped. You can use multiple **-T** parameters or wildcard characters to specify tables. - - When **-t** and **-T** are input, the object will be stored in **-t** list not **-T** table object. - - For example: - - ``` - gs_dump -h host_name -p port_number postgres -f backup/bkp_shl2.sql -T table1 -T table2 - ``` - - In the preceding example, **table1** and **table2** are excluded from the dumping. - -- --exclude-table-file=FILENAME - - Specifies the table files that do not need to be dumped. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >Same as **--include-table-file**, the content format of this parameter is as follows: - >schema1.table1 - >schema2.table2 - >...... - -- -x, --no-privileges|--no-acl - - Prevents the dumping of access permissions \(grant/revoke commands\). - -- --binary-upgrade - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --binary-upgrade-usermap="USER1=USER2" - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --column-inserts|--attribute-inserts - - Exports data by running the **INSERT** command with explicit column names **\{INSERT INTO table \(column, ...\) VALUES ...\}**. This will cause a slow restoration. However, since this option generates an independent command for each row, an error in reloading a row causes only the loss of the row rather than the entire table content. - -- --disable-dollar-quoting - - Disables the use of dollar sign \($\) for function bodies, and forces them to be quoted using the SQL standard string syntax. - -- --disable-triggers - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --exclude-table-data=TABLE - - Does not dump data that matches any of table patterns. The pattern is interpreted according to the same rules as for **-t**. - - **--exclude-table-data** can be entered more than once to exclude tables matching any of several patterns. When you need the specified table definition rather than data in the table, this option is helpful. - - To exclude data of all tables in the database, see [--schema-only](#en-us_topic_0249632271_en-us_topic_0237152335_en-us_topic_0059777770_l35ed3d5a093e42ab8fc945dd3ca80ecd). - -- --inserts - - Dumps data by the **INSERT** statement \(rather than **COPY**\). This will cause a slow restoration. - - However, since this option generates an independent command for each row, an error in reloading a row causes only the loss of the row rather than the entire table content. The restoration may fail if you rearrange the column order. The **--column-inserts** option is unaffected against column order changes, though even slower. - -- --no-security-labels - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --no-tablespaces - - Does not issue commands to select tablespaces. All the objects will be created during restoration, no matter which tablespace is selected when using this option. - - This parameter is used only for the plain-text format. For the archive format, you can specify the option when using **gs\_restore**. - -- --no-unlogged-table-data - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --non-lock-table - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --include-alter-table - - Dumps deleted columns of tables. This option records deleted columns. - -- --quote-all-identifiers - - Forcibly quotes all identifiers. This parameter is useful when you dump a database for migration to a later version, in which additional keywords may be introduced. - -- --section=SECTION - - Specifies dumped name sections \(pre-data, data, or post-data\). - -- --serializable-deferrable - - Uses a serializable transaction for the dump to ensure that the used snapshot is consistent with later database status. Perform this operation at a time point in the transaction flow, at which everything is normal. This ensures successful transaction and avoids serialization failures of other transactions, which requires serialization again. - - This option has no benefits for disaster recovery. During the upgrade of the original database, loading a database copy as a report or loading other shared read-only dump is helpful. If the option does not exist, dump reveals a status which is different from the submitted sequence status of any transaction. - - This option will make no difference if there are no active read-write transactions when **gs\_dump** is started. If the read-write transactions are in active status, the dump start time will be delayed for an uncertain period. - -- --use-set-session-authorization - - Specifies that the standard SQL **SET SESSION AUTHORIZATION** command rather than **ALTER OWNER** is returned to ensure the object ownership. This makes dumping more standard. However, if a dump file contains objects that have historical problems, restoration may fail. A dump using **SET SESSION AUTHORIZATION** requires the system administrator permissions, whereas **ALTER OWNER** requires lower permissions. - -- --with-encryption=AES128 - - Specifies that dumping data needs to be encrypted using AES128. - -- --with-key=KEY - - Specifies that the key length of AES128 must be 16 bytes. - -- --include-depend-objs - - Includes information about the objects that depend on the specified object in the backup result. This parameter takes effect only if the **-t** or **--include-table-file** parameter is specified. - -- --exclude-self - - Excludes information about the specified object from the backup result. This parameter takes effect only if the **-t** or **--include-table-file** parameter is specified. - -- --dont-overwrite-file - - The existing files in plain-text, .tar, and custom formats will be overwritten. This option is not used for the directory format. - - For example: - - Assume that the **backup.sql** file exists in the current directory. If you specify **-f backup.sql** in the input command, and the **backup.sql** file is generated in the current directory, the original file will be overwritten. - - If the backup file already exists and **--dont-overwrite-file** is specified, an error will be reported with the message that the dump file exists. - - ``` - gs_dump -p port_number postgres -f backup.sql -F plain --dont-overwrite-file - ``` - - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->- The **-s/--schema-only** and **-a/--data-only** parameters do not coexist. ->- The **-c/--clean** and **-a/--data-only** parameters do not coexist. ->- **--inserts/--column-inserts** and **-o/--oids** do not coexist, because **OIDS** cannot be set using the **INSERT** statement. ->- **--role** must be used in conjunction with **--rolepassword**. ->- **--binary-upgrade-usermap** must be used in conjunction with **--binary-upgrade**. ->- **--include-depend-objs** or **--exclude-self** takes effect only when **-t** or **--include-table-file** is specified. ->- **--exclude-self** must be used in conjunction with **--include-depend-objs**. - -Connection parameters: - -- -h, --host=HOSTNAME - - Specifies the host name. If the value begins with a slash \(/\), it is used as the directory for the UNIX domain socket. The default value is taken from the **PGHOST** environment variable \(if available\). Otherwise, a Unix domain socket connection is attempted. - - This parameter is used only for defining names of the hosts outside openGauss. The names of the hosts inside openGauss must be 127.0.0.1. - - Example: _host name_ - - Environment variable: **PGHOST** - -- -p, --port=PORT - - Specifies the host port number. If the thread pool function is enabled, you are advised to use **pooler port**, that is, the host port number plus 1. - - Environment variable: **PGPORT** - -- -U, --username=NAME - - Specifies the username of the host to be connected. - - If the username of the host to be connected is not specified, the system administrator is used by default. - - Environment variable: **PGUSER** - -- -w, --no-password - - Never issues a password prompt. The connection attempt fails if the host requires password verification and the password is not provided in other ways. This parameter is useful in batch jobs and scripts in which no user password is required. - -- -W, --password=PASSWORD - - Specifies the user password for connection. If the host uses the trust authentication policy, the administrator does not need to enter the **-W** option. If the **-W** option is not provided and you are not a system administrator, the Dump Restore tool will ask you to enter a password. - -- --role=ROLENAME - - Specifies a role name to be used for creating the dump. If this option is selected, the **SET ROLE** command will be issued after the database is connected to **gs\_dump**. It is useful when the authenticated user \(specified by **-U**\) lacks the permissions required by **gs\_dump**. It allows the user to switch to a role with the required permissions. Some installations have a policy against logging in directly as a super administrator. This option allows dumping data without violating the policy. - -- --rolepassword=ROLEPASSWORD - - Specifies the password for a role. - - -## Notice - -If any local additions need to be added to the template1 database in openGauss, restore the output of **gs\_dump** into an empty database with caution. Otherwise, you are likely to obtain errors due to duplicate definitions of the added objects. To create an empty database without any local additions, copy data from template0 rather than template1. Example: - -``` -CREATE DATABASE foo WITH TEMPLATE template0; -``` - -The .tar file size must be smaller than 8 GB. \(This is the .tar file format limitations.\) The total size of a .tar archive and any of the other output formats are not limited, except possibly by the OS. - -The dump file generated by **gs\_dump** does not contain the statistics used by the optimizer to make execution plans. Therefore, you are advised to run **ANALYZE** after restoring from a dump file to ensure optimal performance. The dump file does not contain any **ALTER DATABASE ... SET** commands. These settings are dumped by **gs\_dumpall**, along with database users and other installation settings. - -## Examples - -Use **gs\_dump** to dump a database as a SQL text file or a file in other formats. - -In the following examples, **Bigdata@123** indicates the password for the database user. **backup/MPPDB\_backup.sql** indicates an exported file where **backup** indicates the relative path of the current directory. **37300** indicates the port number of the database server. **postgres** indicates the name of the database to be accessed. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->Before exporting files, ensure that the directory exists and you have the read and write permissions on the directory. - -Example 1: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup.sql** file is in plain-text format. - -``` -gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup.sql -p 37300 postgres -F p -gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: The total objects number is 356. -gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: [100.00%] 356 objects have been dumped. -gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: dump database postgres successfully -gs_dump[port='37300'][postgres][2018-06-27 09:49:17]: total time: 1274 ms -``` - -Use **gsql** to import data from the exported plain-text file. - -Example 2: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup.tar** file is in .tar format. - -``` -gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup.tar -p 37300 postgres -F t -gs_dump[port='37300'][postgres][2018-06-27 10:02:24]: The total objects number is 1369. -gs_dump[port='37300'][postgres][2018-06-27 10:02:53]: [100.00%] 1369 objects have been dumped. -gs_dump[port='37300'][postgres][2018-06-27 10:02:53]: dump database postgres successfully -gs_dump[port='37300'][postgres][2018-06-27 10:02:53]: total time: 50086 ms -``` - -Example 3: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup.dmp** file is in custom format. - -``` -gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup.dmp -p 37300 postgres -F c -gs_dump[port='37300'][postgres][2018-06-27 10:05:40]: The total objects number is 1369. -gs_dump[port='37300'][postgres][2018-06-27 10:06:03]: [100.00%] 1369 objects have been dumped. -gs_dump[port='37300'][postgres][2018-06-27 10:06:03]: dump database postgres successfully -gs_dump[port='37300'][postgres][2018-06-27 10:06:03]: total time: 36620 ms -``` - -Example 4: Use **gs\_dump** to export the full information of the postgres database. The exported **MPPDB\_backup** file is in directory format. - -``` -gs_dump -U omm -W Bigdata@123 -f backup/MPPDB_backup -p 37300 postgres -F d -gs_dump[port='37300'][postgres][2018-06-27 10:16:04]: The total objects number is 1369. -gs_dump[port='37300'][postgres][2018-06-27 10:16:23]: [100.00%] 1369 objects have been dumped. -gs_dump[port='37300'][postgres][2018-06-27 10:16:23]: dump database postgres successfully -gs_dump[port='37300'][postgres][2018-06-27 10:16:23]: total time: 33977 ms -``` - -Example 5: Use **gs\_dump** to export the information of the postgres database, excluding the information of the table specified in the **/home/MPPDB\_temp.sql** file. The exported **MPPDB\_backup.sql** file is in plain-text format. - -``` -gs_dump -U omm -W Bigdata@123 -p 37300 postgres --exclude-table-file=/home/MPPDB_temp.sql -f backup/MPPDB_backup.sql -gs_dump[port='37300'][postgres][2018-06-27 10:37:01]: The total objects number is 1367. -gs_dump[port='37300'][postgres][2018-06-27 10:37:22]: [100.00%] 1367 objects have been dumped. -gs_dump[port='37300'][postgres][2018-06-27 10:37:22]: dump database postgres successfully -gs_dump[port='37300'][postgres][2018-06-27 10:37:22]: total time: 37017 ms -``` - -Example 6: Use **gs\_dump** to export only the information about the views that depend on the **testtable** table. Create another **testtable** table, and then restore the views that depend on it. - -- Back up only the views that depend on the **testtable** table. - - ``` - gs_dump -s -p 37300 postgres -t PUBLIC.testtable --include-depend-objs --exclude-self -f backup/MPPDB_backup.sql -F p - gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: The total objects number is 331. - gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: [100.00%] 331 objects have been dumped. - gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: dump database postgres successfully - gs_dump[port='37300'][postgres][2018-06-15 14:12:54]: total time: 327 ms - ``` - -- Change the name of the **testtable** table. - - ``` - gsql -p 37300 postgres -r -c "ALTER TABLE PUBLIC.testtable RENAME TO testtable_bak;" - ``` - -- Create another **testtable** table. - - ``` - CREATE TABLE PUBLIC.testtable(a int, b int, c int); - ``` - -- Restore the views for the new **testtable** table. - - ``` - gsql -p 37300 postgres -r -f backup/MPPDB_backup.sql - ``` - - -## Helpful Links - -[gs\_dumpall](gs_dumpall.md#EN-US_TOPIC_0250273518) and [gs\_restore](gs_restore.md#EN-US_TOPIC_0250273519) - diff --git a/content/en/docs/Administratorguide/gs_dumpall.md b/content/en/docs/Administratorguide/gs_dumpall.md deleted file mode 100644 index 08aa6b1c8a1102c2e986f863da56668e7d3bd6e6..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/gs_dumpall.md +++ /dev/null @@ -1,253 +0,0 @@ -# gs\_dumpall - -## Background - -**gs\_dumpall**, provided by openGauss, is used to export all openGauss database information, including data of the default database postgres, user-defined databases, and common global objects of all openGauss databases. - -**gs\_dumpall** is executed by OS user **omm**. - -When **gs\_dumpall** is used to export data, other users can still access \(read and write\) openGauss databases. - -**gs\_dumpall** can export complete, consistent data. For example, if **gs\_dumpall** is started to export openGauss database at T1, data of the database at that time point will be exported, and modifications on the database after that time point will not be exported. - -**gs\_dumpall** exports all openGauss databases in two parts: - -- **gs\_dumpall** exports all global objects, including information about database users and groups, tablespaces, and attributes \(for example, global access permissions\). -- **gs\_dumpall** invokes **gs\_dump** to export SQL scripts from each openGauss database, which contain all the SQL statements required to restore databases. - -The exported files are both plain-text SQL scripts. Use [gsql](en-us_topic_0085031848.md) to execute them to restore openGauss databases. - -## Precautions - -- Do not modify an exported file or its content. Otherwise, restoration may fail. -- To ensure the data consistency and integrity, **gs\_dumpall** acquires a share lock on a table to be dumped. If another transaction has acquired a share lock on the table, **gs\_dumpall** waits until this lock is released and then locks the table for dumping. If the table cannot be locked within the specified time, the dump fails. You can customize the timeout duration to wait for lock release by specifying the **--lock-wait-timeout** parameter. -- During an export, **gs\_dumpall** reads all tables in a database. Therefore, you need to connect to the database as an openGauss administrator to export a complete file. When you use **gsql** to execute SQL scripts, cluster administrator permissions are also required to add users and user groups, and create databases. - -## Syntax - -``` -gs_dumpall [OPTION]... -``` - -## Parameter Description - -Common parameters: - -- -f, --filename=FILENAME - - Sends the output to the specified file. If this parameter is omitted, the standard output is generated. - -- -v, --verbose - - Specifies the verbose mode. If it is specified, **gs\_dumpall** writes detailed object comments and number of startups/stops to the dump file, and progress messages to standard error. - -- -V, --version - - Prints the _gs\_dumpall_ version and exits. - -- --lock-wait-timeout=TIMEOUT - - Do not keep waiting to obtain shared table locks at the beginning of the dump. Consider it as failed if you are unable to lock a table within the specified time. The timeout period can be specified in any of the formats accepted by **SET statement\_timeout**. - -- -?, --help - - Displays help about **gs\_dumpall** parameters and exits. - - -Dump parameters: - -- -a, --data-only - - Dumps only the data, not the schema \(data definition\). - -- -c, --clean - - Runs SQL statements to delete databases before rebuilding them. Statements for dumping roles and tablespaces are added. - -- -g, --globals-only - - Dumps only global objects \(roles and tablespaces\) but no databases. - -- -o, --oids - - Dumps object identifiers \(OIDs\) as parts of the data in each table. Use this parameter if your application references the OID columns in some way. If the preceding situation does not occur, do not use this parameter. - -- -O, --no-owner - - Do not output commands to set ownership of objects to match the original database. By default, **gs\_dumpall** issues the **ALTER OWNER** or **SET SESSION AUTHORIZATION** command to set ownership of created schema objects. These statements will fail when the script is running unless it is started by a system administrator \(or the same user that owns all of the objects in the script\). To make a script that can be stored by any user and give the user ownership of all objects, specify **-O**. - -- -r, --roles-only - - Dumps only roles but not databases or tablespaces. - -- -s, --schema-only - - Dumps only the object definition \(schema\) but not data. - -- -S, --sysadmin=NAME - - Name of the system administrator during the dump. - -- -t, --tablespaces-only - - Dumps only tablespaces but not databases or roles. - -- -x, --no-privileges - - Prevents the dumping of access permissions \(grant/revoke commands\). - -- --column-inserts|--attribute-inserts - - Exports data by running the **INSERT** command with explicit column names **\{INSERT INTO table \(column, ...\) VALUES ...\}**. This will cause a slow restoration. However, since this option generates an independent command for each row, an error in reloading a row causes only the loss of the row rather than the entire table content. - -- --disable-dollar-quoting - - Disables the use of dollar sign \($\) for function bodies, and forces them to be quoted using the SQL standard string syntax. - -- --disable-triggers - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --inserts - - Dumps data by the **INSERT** statement \(rather than **COPY**\). This will cause a slow restoration. The restoration may fail if you rearrange the column order. The **--column-inserts** option is unaffected against column order changes, though even slower. - -- --no-security-labels - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --no-tablespaces - - Does not generate output statements to create tablespaces or select tablespaces for objects. All the objects will be created during the restoration process, no matter which tablespace is selected when using this option. - -- --no-unlogged-table-data - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --quote-all-identifiers - - Forcibly quotes all identifiers. This parameter is useful when you dump a database for migration to a later version, in which additional keywords may be introduced. - -- --dont-overwrite-file - - Does not overwrite the current file. - -- --use-set-session-authorization - - Specifies that the standard SQL **SET SESSION AUTHORIZATION** command rather than **ALTER OWNER** is returned to ensure the object ownership. This makes dumping more standard. However, if a dump file contains objects that have historical problems, restoration may fail. A dump using **SET SESSION AUTHORIZATION** requires the system administrator rights, whereas **ALTER OWNER** requires lower permissions. - -- --with-encryption=AES128 - - Specifies that dumping data needs to be encrypted using AES128. - -- --with-key=KEY - - Specifies that the key length of AES128 must be 16 bytes. - -- --include-templatedb - - Includes template databases during the dump. - -- --binary-upgrade - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --binary-upgrade-usermap="USER1=USER2" - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --tablespaces-postfix - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --parallel-jobs - - Specifies the number of concurrent backup processes. The value range is 1-1000. - - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->- The **-g/--globals-only** and **-r/--roles-only** parameters do not coexist. ->- The **-g/--globals-only** and **-t/--tablespaces-only** parameters do not coexist. ->- The **-r/--roles-only** and **-t/--tablespaces-only** parameters do not coexist. ->- The **-s/--schema-only** and **-a/--data-only** parameters do not coexist. ->- The **-r/--roles-only** and **-a/--data-only** parameters do not coexist. ->- The **-t/--tablespaces-only** and **-a/--data-only** parameters do not coexist. ->- The **-g/--globals-only** and **-a/--data-only** parameters do not coexist. ->- **--tablespaces-postfix** must be used in conjunction with **--binary-upgrade**. ->- **--binary-upgrade-usermap** must be used in conjunction with **--binary-upgrade**. ->- **--parallel-jobs** must be used in conjunction with **-f/--file**. - -Connection parameters: - -- -h, --host - - Specifies the host name. If the value begins with a slash \(/\), it is used as the directory for the UNIX domain socket. The default value is taken from the PGHOST environment \(if variable\). Otherwise, a Unix domain socket connection is attempted. - - This parameter is used only for defining names of the hosts outside openGauss. The names of the hosts inside openGauss must be 127.0.0.1. - - Environment Variable: _PGHOST_ - -- -l, --database - - Specifies the name of the database connected to dump all objects and discover other databases to be dumped. If this parameter is not specified, the **postgres** database will be used. If the **postgres** database does not exist, **template1** will be used. - -- -p, --port - - TCP port or the local Unix-domain socket file extension on which the server is listening for connections. The default value is the _PGPORT_ environment variable. - - If the thread pool function is enabled, you are advised to use **pooler port**, that is, the listening port number plus 1. - - Environment variable: _PGPORT_ - -- -U, --username - - Specifies the user name to connect to. - - Environment variable: _PGUSER_ - -- -w, --no-password - - Never issues a password prompt. The connection attempt fails if the host requires password verification and the password is not provided in other ways. This parameter is useful in batch jobs and scripts in which no user password is required. - -- -W, --password - - Specifies the user password for connection. If the host uses the trust authentication policy, the administrator does not need to enter the **-W** option. If the **-W** option is not provided and you are not a system administrator, the Dump Restore tool will ask you to enter a password. - -- --role - - Specifies a role name to be used for creating the dump. This option causes **gs\_dumpall** to issue the **SET ROLE** statement after connecting to the database. It is useful when the authenticated user \(specified by **-U**\) lacks the permissions required by the **gs\_dumpall**. It allows the user to switch to a role with the required permissions. Some installations have a policy against logging in directly as a system administrator. This option allows dumping data without violating the policy. - -- --rolepassword - - Specifies the password of the specific role. - - -## Notice - -**gs\_dumpall** internally invokes **gs\_dump**. For details about the diagnosis information, see [gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517). - -Once **gs\_dumpall** is restored, run ANALYZE on each database so that the optimizer can provide useful statistics. - -**gs\_dumpall** requires all needed tablespace directories to exit before the restoration. Otherwise, database creation will fail if the databases are in non-default locations. - -## Examples - -Use **gs\_dumpall** to export all openGauss databases at a time. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->**gs\_dumpall** supports only plain-text format export. Therefore, only **gsql** can be used to restore a file exported using **gs\_dumpall**. - -``` -gs_dumpall -f backup/bkp2.sql -p 37300 -gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:09]: The total objects number is 2371. -gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:35]: [100.00%] 2371 objects have been dumped. -gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:46]: dump database dbname='postgres' successfully -gs_dump[port='37300'][dbname='postgres'][2018-06-27 09:55:46]: total time: 55567 ms -gs_dumpall[port='37300'][2018-06-27 09:55:46]: dumpall operation successful -gs_dumpall[port='37300'][2018-06-27 09:55:46]: total time: 56088 ms -``` - -## Helpful Links - -[gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517), [gs\_restore](gs_restore.md#EN-US_TOPIC_0250273519) - diff --git a/content/en/docs/Administratorguide/gs_restore.md b/content/en/docs/Administratorguide/gs_restore.md deleted file mode 100644 index 16aff6327c0c5920106c2e4e968c679bbb1c0556..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/gs_restore.md +++ /dev/null @@ -1,387 +0,0 @@ -# gs\_restore - -## Background - -**gs\_restore**, provided by openGauss, is used to import data that was exported using **gs\_dump**. It can also be used to import files exported by **gs\_dump**. - -**gs\_restore** is executed by OS user **omm**. - -It has the following functions: - -- Importing data to the database - - If a database is specified, data is imported to the database. For parallel import, the password for connecting to the database is required. - -- Importing data to the script file - - If the database storing imported data is not specified, a script containing the SQL statement to recreate the database is created and written to a file or standard output. This script output is equivalent to the plain text output format of **gs\_dump**. - - -## Command Format - -``` -gs_restore [OPTION]... FILE -``` - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->- **FILE** does not have a short or long parameter. It is used to specify the location for the archive files. ->- The **dbname** or **-l** parameter is required as prerequisites. Users cannot enter **dbname** and **-l** parameters at the same time. ->- **gs\_restore** incrementally imports data by default. To prevent data exceptions caused by multiple import operations, you are advised to use the **-c** parameter during the import. Before recreating database objects, delete the database objects that already exist in the database to be restored. ->- There is no option to control log printing. To hide logs, redirect the logs to the log file. If a large amount of table data needs to be restored, the table data will be restored in batches. Therefore, the log indicating that the table data has been imported is generated for multiple times. - -## Parameter Description - -Common parameters - -- -d, --dbname=NAME - - Connects to the **dbname** database and imports data to the database. - -- -f, --file=FILENAME - - Specifies the output file for the generated script, or uses the output file in the list specified using **-l**. - - The default is the standard output. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >**-f** cannot be used in conjunction with **-d**. - -- -F, --format=c|d|t - - Specifies the format of the archive. The format does not need to be specified because the _gs\_restore_ determines the format automatically. - - Value range: - - - **c/custom**: The archive form is the customized format in [gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517). - - **d/directory**: The archive form is a directory archive format. - - **t/tar**: The archive form is a .tar archive format. - -- -l, --list - - Lists the forms of the archive. The operation output can be used for the input of the **-L** parameter. If filtering parameters, such as **-n** or **-t**, are used together with **-l**, they will restrict the listed items. - -- -v, --verbose - - Specifies the verbose mode. - -- -V, --version - - Prints the **gs\_restore** version and exits. - -- -?, --help - - Displays help information about the parameters of **gs\_restore** and exits. - - -Parameters for importing data - -- -a, -data-only - - Imports only the data, not the schema \(data definition\). **gs\_restore** incrementally imports data. - -- -c, --clean - - Cleans \(deletes\) existing database objects in the database to be restored before recreating them. - -- -C, --create - - Creates the database before importing data to it. \(When this parameter is used, the database specified by **-d** is used to issue the initial **CREATE DATABASE** command. All data is imported to the created database.\) - -- -e, --exit-on-error - - Exits if an error occurs when you send the SQL statement to the database. If you do not exit, the commands will still be sent and error information will be displayed when the import ends. - -- -I, --index=NAME - - Imports only the definition of the specified index. Multiple indexes can be imported. Enter **-I**_ index_ multiple times to import multiple indexes. - - For example: - - ``` - gs_restore -h host_name -p port_number -d postgres -I Index1 -I Index2 backup/MPPDB_backup.tar - ``` - - In this example, _Index1_ and _Index2_ will be imported. - -- -j, --jobs=NUM - - Specifies the number of concurrent, the most time-consuming jobs of **gs\_restore** \(such as loading data, creating indexes, or creating constraints\). This parameter can greatly reduce the time to import a large database to a server running on a multiprocessor machine. - - Each job is one process or one thread, depending on the OS; and uses a separate connection to the server. - - The optimal value for this option depends on the server hardware setting, the client, the network, the number of CPU cores, and disk settings. It is recommended that the parameter be set to the number of CPU cores on the server. In addition, a larger value can also lead to faster import in many cases. However, an overly large value will lead to decreased performance because of thrashing. - - This parameter supports custom-format archives only. The input file must be a regular file \(not the pipe file\). This parameter can be ignored when you select the script method rather than connect to a database server. In addition, multiple jobs cannot be used in conjunction with the **--single-transaction** parameter. - -- -L, --use-list=FILENAME - - Imports only archive elements that are listed in **list-file** and imports them in the order that they appear in the file. If filtering parameters, such as **-n** or **-t**, are used in conjunction with **-L**, they will further limit the items to be imported. - - **list-file** is normally created by editing the output of a previous **-l** parameter. File lines can be moved or removed, and can also be commented out by placing a semicolon \(;\) at the beginning of the row. An example is provided in this document. - -- -n, --schema=NAME - - Restores only objects that are listed in schemas. - - This parameter can be used in conjunction with the **-t** parameter to import a specific table. - - Entering **-n **_schemaname_ multiple times can import multiple schemas. - - For example: - - ``` - gs_restore -h host_name -p port_number -d postgres -n sch1 -n sch2 backup/MPPDB_backup.tar - ``` - - In this example, **sch1** and **sch2** will be imported. - -- -O, --no-owner - - Do not output commands to set ownership of objects to match the original database. By default, **gs\_restore** issues the **ALTER OWNER** or **SET SESSION AUTHORIZATION** statement to set ownership of created schema elements. Unless the system administrator or the user who has all the objects in the script initially accesses the database. Otherwise, the statement will fail. Any user name can be used for the initial connection using **-O**, and this user will own all the created objects. - -- -P, --function=NAME\(args\) - - Imports only listed functions. You need to correctly spell the function name and the parameter based on the contents of the dump file in which the function exists. - - Entering **-P** alone means importing all function-name\(args\) functions in a file. Entering **-P** with **-n** means importing the function-name\(args\) functions in a specified schema. Entering **-P** multiple times and using **-n** once means that all imported functions are in the **-n** schema by default. - - You can enter **-n schema-name -P 'function-name\(args\)'** multiple times to import functions in specified schemas. - - For example: - - ``` - gs_restore -h host_name -p port_number -d postgres -n test1 -P 'Func1(integer)' -n test2 -P 'Func2(integer)' backup/MPPDB_backup.tar - ``` - - In this example, both **Func1 \(i integer\)** in the **test1** schema and **Func2 \(j integer\)** in the **test2** schema will be imported. - -- -s, --schema-only - - Imports only schemas \(data definitions\), instead of data \(table content\). The current sequence value will not be imported. - -- -S, --sysadmin=NAME - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- -t, --table=NAME - - Imports only listed table definitions or data, or both. This parameter can be used in conjunction with the **-n** parameter to specify a table object in a schema. When **-n** is not entered, the default schema is PUBLIC. Entering **-n **_schemaname_** -t **_tablename_ multiple times can import multiple tables in a specified schema. - - For example: - - Import **table1** in the **PUBLIC** schema. - - ``` - gs_restore -h host_name -p port_number -d postgres -t table1 backup/MPPDB_backup.tar - ``` - - Import **test1** in the **test1** schema and **test2** in the **test2** schema. - - ``` - gs_restore -h host_name -p port_number -d postgres -n test1 -t test1 -n test2 -t test2 backup/MPPDB_backup.tar - ``` - - Import **table1** in the **PUBLIC** schema and **test1** in the **test1** schema. - - ``` - gs_restore -h host_name -p port_number -d postgres -n PUBLIC -t table1 -n test1 -t table1 backup/MPPDB_backup.tar - ``` - - >![](public_sys-resources/icon-notice.gif) **NOTICE:** - >**-t** does not support the **schema\_name.table\_name** input format. - -- -T, --trigger=NAME - - This parameter is reserved for extension. - -- -x, --no-privileges/--no-acl - - Prevents the import of access permissions \(**GRANT**/**REVOKE** commands\). - -- -1, --single-transaction - - Executes import as a single transaction \(that is, commands are wrapped in **BEGIN**/**COMMIT**\). - - This parameter ensures that either all the commands are completed successfully or no application is changed. This parameter means **--exit-on-error**. - -- --disable-triggers - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --no-data-for-failed-tables - - By default, table data will be imported even if the statement to create a table fails \(for example, the table already exists\). Data in such table is skipped using this parameter. This operation is useful if the target database already contains the desired table contents. - - This parameter takes effect only when you import data directly into a database, not when you output SQL scripts. - -- --no-security-labels - - Specifies a reserved port for function expansion. This parameter is not recommended. - -- --no-tablespaces - - Tablespaces excluding specified ones All objects will be created during the import process no matter which tablespace is selected when using this option. - -- --section=SECTION - - Imports the listed sections \(such as pre-data, data, or post-data\). - -- --use-set-session-authorization - - Is used for plain-text backup. - - Outputs the **SET SESSION AUTHORIZATION** statement instead of the **ALTER OWNER** statement to determine object ownership. This parameter makes dump more standards-compatible. If the records of objects in exported files are referenced, import may fail. Only administrators can use the **SET SESSION AUTHORIZATION** statement to dump data, and the administrators must manually change and verify the passwords of exported files by referencing the **SET SESSION AUTHORIZATION** statement before import. The **ALTER OWNER** statement requires lower permissions. - -- --with-key=KEY - - Specifies that the key length of AES128 must be 16 bytes. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >If the dump is encrypted, enter the **--with-key=KEY** parameter in the **gs\_restore** command. If it is not entered, you will receive an error message. - >Enter the same key while entering the dump. - >When the dump format is **c** or **t**, the dumped content has been processed, and therefore the input is not restricted by the encryption. - - ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->- If any local additions need to be added to the template1 database during the installation, restore the output of **gs\_restore** into an empty database with caution. Otherwise, you are likely to obtain errors due to duplicate definitions of the added objects. To create an empty database without any local additions, copy data from template0 rather than template1. Example: ->``` ->CREATE DATABASE foo WITH TEMPLATE template0; ->``` ->- **gs\_restore** cannot import large objects selectively. For example, it can only import the objects of a specified table. If an archive contains large objects, all large objects will be imported, or none of them will be restored if they are excluded by using **-L**, **-t**, or other parameters. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->1. The **-d/--dbname** and **-f/--file** parameters do not coexist. ->2. The **-s/--schema-only** and **-a/--data-only** parameters do not coexist. ->3. The **-c/--clean** and **-a/--data-only** parameters do not coexist. ->4. When **--single-transaction** is used, **-j/--jobs** must be a single job. ->5. **--role** must be used in conjunction with **--rolepassword**. - -Connection parameters: - -- -h, --host=HOSTNAME - - Specifies the host name. If the value begins with a slash \(/\), it is used as the directory for the UNIX domain socket. The default value is taken from the _PGHOST_ environment variable. If it is not set, a UNIX domain socket connection is attempted. - - This parameter is used only for defining names of the hosts outside openGauss. The names of the hosts inside openGauss must be 127.0.0.1. - -- -p, --port=PORT - - TCP port or the local Unix-domain socket file extension on which the server is listening for connections. The default value is the _PGPORT_ environment variable. - - If the thread pool function is enabled, you are advised to use **pooler port**, that is, the listening port number plus 1. - -- -U, --username=NAME - - Specifies the user name to connect to. - -- -w, --no-password - - Never issues a password prompt. The connection attempt fails if the host requires password verification and the password is not provided in other ways. This parameter is useful in batch jobs and scripts in which no user password is required. - -- -W, --password=PASSWORD - - User password for database connection. If the host uses the trust authentication policy, the administrator does not need to enter the **-W** parameter. If the **-W** parameter is not provided and you are not a system administrator, **gs\_restore** will ask you to enter a password. - -- --role=ROLENAME - - Specifies a role name for the import operation. If this parameter is selected, the **SET ROLE** statement will be issued after **gs\_restore** connects to the database. It is useful when the authenticated user \(specified by **-U**\) lacks the permissions required by **gs\_restore**. This parameter allows the user to switch to a role with the required permissions. Some installations have a policy against logging in directly as the initial user. This parameter allows data to be imported without violating the policy. - -- --rolepassword=ROLEPASSWORD - - Role password. - - -## Example - -Special case: Execute the **gsql** tool. Run the following commands to import the **MPPDB\_backup.sql** file in the export folder \(in plain-text format\) generated by **gs\_dump**/**gs\_dumpall** to the **postgres** database: - -``` -gsql -d postgres -p 5432 -W Bigdata@123 -f /home/omm/test/MPPDB_backup.sql -SET -SET -SET -SET -SET -ALTER TABLE -ALTER TABLE -ALTER TABLE -ALTER TABLE -ALTER TABLE -CREATE INDEX -CREATE INDEX -CREATE INDEX -SET -CREATE INDEX -REVOKE -REVOKE -GRANT -GRANT -total time: 30476 ms -``` - -**gs\_restore** is used to import the files exported by **gs\_dump**. - -Example 1: Execute the **gs\_restore** tool to import the exported **MPPDB\_backup.dmp** file \(custom format\) to the **postgres** database. - -``` -gs_restore -W Bigdata@123 backup/MPPDB_backup.dmp -p 5432 -d postgres -gs_restore: restore operation successful -gs_restore: total time: 13053 ms -``` - -Example 2: Execute the **gs\_restore** tool to import the exported **MPPDB\_backup.tar** file \(.tar format\) to the **postgres** database. - -``` -gs_restore backup/MPPDB_backup.tar -p 5432 -d postgres -gs_restore[2017-07-21 19:16:26]: restore operation successful -gs_restore[2017-07-21 19:16:26]: total time: 21203 ms -``` - -Example 3: Execute the **gs\_restore** tool to import the exported **MPPDB\_backup** file \(directory format\) to the **postgres** database. - -``` -gs_restore backup/MPPDB_backup -p 5432 -d postgres -gs_restore[2017-07-21 19:16:26]: restore operation successful -gs_restore[2017-07-21 19:16:26]: total time: 21003 ms -``` - -Example 4: Execute the **gs\_restore** tool and run the following commands to import the **MPPDB\_backup.dmp** file \(in custom format\). Specifically, import all the object definitions and data in the **PUBLIC** schema. Existing objects are deleted from the target database before the import. If an existing object references to an object in another schema, you need to manually delete the referenced object first. - -``` -gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -c -n PUBLIC -gs_restore: [archiver (db)] Error while PROCESSING TOC: -gs_restore: [archiver (db)] Error from TOC entry 313; 1259 337399 TABLE table1 gaussdba -gs_restore: [archiver (db)] could not execute query: ERROR: cannot drop table table1 because other objects depend on it -DETAIL: view t1.v1 depends on table table1 -HINT: Use DROP ... CASCADE to drop the dependent objects too. - Command was: DROP TABLE public.table1; -``` - -Manually delete the referenced object and create it again after the import is complete. - -``` -gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -c -n PUBLIC -gs_restore[2017-07-21 19:16:26]: restore operation successful -gs_restore[2017-07-21 19:16:26]: total time: 2203 ms -``` - -Example 5: Execute the **gs\_restore** tool and run the following commands to import the **MPPDB\_backup.dmp** file \(in custom format\). Specifically, import only the definition of **table1** in the **PUBLIC** schema. - -``` -gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -c -s -n PUBLIC -t table1 -gs_restore[2017-07-21 19:16:26]: restore operation successful -gs_restore[2017-07-21 19:16:26]: total time: 21000 ms -``` - -Example 6: Execute the **gs\_restore** tool and run the following commands to import the **MPPDB\_backup.dmp** file \(in custom format\). Specifically, import only the data of **table1** in the **PUBLIC** schema. - -``` -gs_restore backup/MPPDB_backup.dmp -p 5432 -d postgres -e -a -n PUBLIC -t table1 -gs_restore[2017-07-21 19:16:26]: restore operation successful -gs_restore[2017-07-21 19:16:26]: total time: 20203 ms -``` - -## Helpful Links - -[gs\_dump](gs_dump.md#EN-US_TOPIC_0250273517) and [gs\_dumpall](gs_dumpall.md#EN-US_TOPIC_0250273518) - diff --git a/content/en/docs/Administratorguide/log-overview.md b/content/en/docs/Administratorguide/log-overview.md deleted file mode 100644 index 21b096e1a596a61cf7ff731d7190c31deb21950a..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/log-overview.md +++ /dev/null @@ -1,55 +0,0 @@ -# Log Overview - -During database running, a large number of logs are generated, including write-ahead logs \(WALs, also called Xlogs\) for ensuring database security and reliability and run logs and operation logs for daily database maintenance. If the database is faulty, you can refer to these logs to locate the fault and restore the database. - -## Log Type - -The following table describes details about log types. - -**Table 1** Log types - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Type

-

Description

-

System log

-

Logs generated during database running. They are used to record abnormal process information.

-

Operation log

-

Logs generated when a client tool (such as gs_guc) is operating databases.

-

Trace log

-

Logs generated after the database debug switch is enabled. They are used to analyze database exceptions.

-

Black box log

-

Logs generated when the database system breaks down. You can analyze the process context when the fault occurs based on the heap and stack information in the logs to facilitate fault locating. A black box dumps stack, heap, and register information about processes and threads when a system breaks down.

-

Audit log

-

Logs used to record some of the database user operations after the database audit function is enabled.

-

WAL

-

Logs used to restore a damaged database. They are also called redo logs. You are advised to routinely back up WALs.

-

Performance log

-

Logs used to record the status of physical resources and the performance of access to external resources (such as disks, OBS and Hadoop clusters).

-
- diff --git a/content/en/docs/Administratorguide/log-reference.md b/content/en/docs/Administratorguide/log-reference.md index 5445c73bb0b3e7bfc4b3bf61c4c900929fcf2bae..9e76242128ea4b73084564b78a52a976d2dd30ed 100644 --- a/content/en/docs/Administratorguide/log-reference.md +++ b/content/en/docs/Administratorguide/log-reference.md @@ -1,15 +1,168 @@ -# Log Reference - -- **[Log Overview](log-overview.md)** - -- **[System Logs](system-logs.md)** - -- **[Operation Logs](operation-logs.md)** - -- **[Audit Logs](audit-logs.md)** - -- **[WALs](wals.md)** - -- **[Performance Logs](performance-logs.md)** - - +# Log Reference + +## Log Overview + +During database running, a large number of logs are generated, including write-ahead logs \(WALs, also called Xlogs\) for ensuring database security and reliability and run logs and operation logs for daily database maintenance. If the database is faulty, you can refer to these logs to locate the fault and restore the database. + +**Log Type** + +The following table describes details about log types. + +**Table 1** Log types + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Type

+

Description

+

System log

+

Logs generated during database running. They are used to record abnormal process information.

+

Operation log

+

Logs generated when a client tool (such as gs_guc) is operating databases.

+

Trace log

+

Logs generated after the database debug switch is enabled. They are used to analyze database exceptions.

+

Black box log

+

Logs generated when the database system breaks down. You can analyze the process context when the fault occurs based on the heap and stack information in the logs to facilitate fault locating. A black box dumps stack, heap, and register information about processes and threads when a system breaks down.

+

Audit log

+

Logs used to record some of the database user operations after the database audit function is enabled.

+

WAL

+

Logs used to restore a damaged database. They are also called redo logs. You are advised to routinely back up WALs.

+

Performance log

+

Logs used to record the status of physical resources and the performance of access to external resources (such as disks, OBS and Hadoop clusters).

+
+ +## System Logs + +System logs include those generated by database nodes when openGauss is running, and those generated when openGauss is deployed. If an error occurs during openGauss running, you can locate the cause and troubleshoot it based on system logs. + +**Log Storage Directory** + +Run logs of database nodes are stored in the corresponding folders in the **/var/log/gaussdb/**_username_**/pg\_log** directory. + +Logs generated during OM openGauss installation and uninstallation are stored in the **/var/log/gaussdb/**_username_**/om** directory. + +**Log Naming Rules** + +The name format of database node run logs is: + +**postgresql-**_creation time_**.log** + +By default, a new log file is generated at 0:00 every day, or when the latest log file exceeds 16 MB or a database instance \(database node\) is restarted. + +**Log Content Description** + +Content of a line in a database node log: + +Date+Time+Time zone+Username+Database name+Session ID+Log level+Log content + +## Operation Logs + +Operation logs are generated when database tools are used by a database administrator or invoked by a cluster. If the cluster is faulty, you can backtrack user operations on the database and reproduce the fault based on the operation logs. + +**Log Storage Directory** + +The default path is _$GAUSSLOG_**/bin**. If the environmental variable _$GAUSSLOG_ does not exist or its value is empty, the log information generated for a tool will be displayed, but not recorded in the log file of the tool. + +The default value of _$GAUSSLOG_ is **/var/log/gaussdb/**_username_. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>If a database is deployed using the OM script, the log path is **/var/log/gaussdb/**_username_. + +**Log Naming Rules** + +The log file name format is as follows: + +- _tool name_**-**_log creation time_**.log** +- _tool name_**-**_log creation time_**-current.log** + +_tool name_**-**_log creation time_**.log** is a historical log file, and _tool name_**-**_log creation time_**-current.log** is a current log file. + +If the size of a log file exceeds 16 MB, the next time the tool is invoked, the log file is renamed in the historical log file name format, and a new log file is generated at the current time point. + +For example, **gs\_guc-2015-01-16\_183728-current.log** is renamed as **gs\_guc-2015-01-16\_183728.log**, and **gs\_guc-2015-01-17\_142216-current.log** is generated. + +**Maintenance Suggestions** + +You are advised to dump expired logs periodically to save disk space and prevent important logs from being lost. + +## Audit Logs + +After the audit function is enabled, a large number of audit logs will be generated, which occupy large storage space. You can customize an audit log maintenance policy based on the size of available storage space. + +For details, see "Database Security Management \> Configuring Database Audit \> Maintaining Audit Logs" in the _Developer Guide_. + +## WALs + +In a system using write-ahead logs \(WALs or Xlogs\), all data file modifications are written to a log before they are applied. That is, the corresponding log must be written into a permanent memory before a data file is modified. You can use WALs to restore the cluster if the system crashes. + +**Log Storage Directory** + +Take a DN as an example. Its WALs are stored in the **/gaussdb/data/data\_dn****/pg\_xlog** directory. + +**/gaussdb/data/data\_dn** is the data directory of a node in the cluster. + +**Log Naming Rules** + +Log files are saved as segment files. Each segment is 16 MB and is divided into multiple 8 KB pages. The name of a WAL file consists of 24 hexadecimal characters. Each name has three parts, with each part having eight hexadecimal characters. The first part indicates the time line, the second part indicates the log file identifier, and the third part indicates the file segment identifier. A time line starts from 1, and a log file identifier and a file segment identifier start from 0. + +For example, the name of the first transaction log is **000000010000000000000000**. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>The numbers in each part are used in ascending order in succession. Exhausting all available numbers takes a long time, and the numbers will start from zero again after they reach the maximum. + +**Log Content Description** + +The content of WALs depends on the types of recorded transactions. WALs can be used to restore a system after the system breaks down. + +By default, GaussDB Kernel reads WALs for system restoration during each startup. + +**Maintenance Suggestions** + +WALs are important for database restoration. You are advised to routinely back up WALs. + +## Performance Logs + +Performance logs focus on the access performance of external resources. Performance logs are used to record the status of physical resources and the performance of access to external resources \(such as disks, OBS and Hadoop clusters\). When a performance issue occurs, you can locate the cause using performance logs, which greatly improves troubleshooting efficiency. + +**Log Storage Directory** + +The performance logs of database are stored in the directories under _$GAUSSLOG_**/gs\_profile**. + +**Log Naming Rules** + +The name format ofdatabase performance logs is: + +**postgresql-**_creation time_**.prf** + +By default, a new log file is generated at 0:00 every day, or when the latest log file exceeds 20 MB or a database instance \(CN or DN\) is restarted. + +**Log Content Description** + +Content of a line in a database log: + +_Host name_+_Date_+_Time_+_Instance name_+_Thread number_+_Log content_ + diff --git a/content/en/docs/Administratorguide/logical-backup-and-restoration.md b/content/en/docs/Administratorguide/logical-backup-and-restoration.md deleted file mode 100644 index 3831d99f87bcf810dbb00a34004f27e47a235bb7..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/logical-backup-and-restoration.md +++ /dev/null @@ -1,9 +0,0 @@ -# Logical Backup and Restoration - -- **[gs\_dump](gs_dump.md)** - -- **[gs\_dumpall](gs_dumpall.md)** - -- **[gs\_restore](gs_restore.md)** - - diff --git a/content/en/docs/Administratorguide/operation-logs.md b/content/en/docs/Administratorguide/operation-logs.md deleted file mode 100644 index 73ccbac0ddffcb5a7e9ba6527349998c7ac9b214..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/operation-logs.md +++ /dev/null @@ -1,30 +0,0 @@ -# Operation Logs - -Operation logs are generated when database tools are used by a database administrator or invoked by a cluster. If the cluster is faulty, you can backtrack user operations on the database and reproduce the fault based on the operation logs. - -## Log Storage Directory - -The default path is _$GAUSSLOG_**/bin**. If the environmental variable _$GAUSSLOG_ does not exist or its value is empty, the log information generated for a tool will be displayed, but not recorded in the log file of the tool. - -The default value of _$GAUSSLOG_ is **/var/log/gaussdb/**_username_. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->If a database is deployed using the OM script, the log path is **/var/log/gaussdb/**_username_. - -## Log Naming Rules - -The log file name format is as follows: - -- _tool name_**-**_log creation time_**.log** -- _tool name_**-**_log creation time_**-current.log** - -_tool name_**-**_log creation time_**.log** is a historical log file, and _tool name_**-**_log creation time_**-current.log** is a current log file. - -If the size of a log file exceeds 16 MB, the next time the tool is invoked, the log file is renamed in the historical log file name format, and a new log file is generated at the current time point. - -For example, **gs\_guc-2015-01-16\_183728-current.log** is renamed as **gs\_guc-2015-01-16\_183728.log**, and **gs\_guc-2015-01-17\_142216-current.log** is generated. - -## Maintenance Suggestions - -You are advised to dump expired logs periodically to save disk space and prevent important logs from being lost. - diff --git a/content/en/docs/Administratorguide/overview.md b/content/en/docs/Administratorguide/overview.md deleted file mode 100644 index ed658dbb4fb642567d1c2e44d3c9c2447c4431bc..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/overview.md +++ /dev/null @@ -1,103 +0,0 @@ -# Overview - -For database security purposes, openGauss provides two backup types, multiple backup and restoration solutions, and data reliability assurance mechanisms. - -Backup and restoration can be logically or physically performed. - -- Logical backup and restoration: backs up data by logically exporting data. This method can dump data that is backed up at a certain time point, and restore data only to this backup point. A logical backup does not back up data processed between failure occurrence and the last backup. It applies to scenarios where data rarely changes. Such data damaged due to misoperation can be quickly restored using a logical backup. To restore all the data in a database through logical backup, rebuild a database and import the backup data. Logical backup is not recommended for databases requiring high data availability because it takes a long time for data restoration. Logical backup is a major approach to migrate and transfer data because it can be performed on any platform. -- Physical backup and restoration: copies physical files in the unit of disk blocks from the primary node to the standby node to back up a database. A database can be restored using backup files, such as data files and archive log files. Physical backup is usually used for full backup, quickly backing up and restoring data with low costs if properly planned. - - The two data backup and restoration solutions supported by openGauss are as follows. Methods for restoring data in case of an exception differ for different backup and restoration solutions. - - **Table 1** Comparison between logical and physical backup and restoration - - - - - - - - - - - - - - - - - - -

Backup Type

-

Application Scenario

-

Media

-

Advantage and Disadvantage

-

Logical backup and restoration

-

Small volume of data needs to be processed.

-

Currently, it is used for the backup and restoration of one or more tables.

-
  • Disk
  • SSD
-

Backing up a small amount of data (for specified objects) is efficient and flexible.

-

For a large volume of data, backup requires a long period of time.

-

Physical backup and restoration

-

Huge volume of data needs to be processed. It is mainly used for full backup and restoration as well as the backup and restoration of all WAL archive and run logs in the database.

-

Backing up a huge amount of data is efficient.

-
- - While backing up and restoring data, take the following aspects into consideration: - - - Whether the impact of data backup on services is acceptable - - Database restoration efficiency - - To minimize the impact of database faults, try to minimize the restoration duration, achieving the highest restoration efficiency. - - - Data restorability - - Minimize data loss after the database is invalidated. - - - Database restoration cost - - There are many factors that need to be considered while you select a backup policy on the live network, such as backup objects, data volume, and network configuration. [Table 2](#en-us_topic_0237088826_en-us_topic_0100209712_table1179095017218) lists available backup policies and applicable scenarios for each backup policy. - - **Table 2** Backup policies and scenarios - - - - - - - - - - - - - - - - - - - -

Backup Policy

-

Key Performance Factor

-

Typical Data Volume

-

Performance Specifications

-

Cluster backup

-
  • Data amount
  • Network configuration
-

Data volume: PB level

-

Object quantity: about 1 million

-

Backup:

-
  • Data transfer rate on each host: 80 Mbit/s (NBU/EISOO+Disk)
  • Disk I/O rate (SSD/HDD): about 90%
-

Table backup

-
  • Schema where the table to be backed up resides
  • Network configuration (NBU)
-

Data volume: 10 TB level

-

Backup: depends on query performance rate and I/O rate

-
NOTE:

For multi-table backup, the backup time is calculated as follows:

- 
Total time = Number of tables x Starting time + Total data volume/Data backup speed
-

In the preceding information:

-
  • The starting time of a disk is about 5s. The starting time of an NBU is longer than that of a disk (depending on the NBU deployment).
  • The data backup speed is about 50 MB/s on a single node. (The speed is evaluated based on the backup of a 1 GB table from a physical host to a local disk.)
-

The smaller the table is, the lower the backup performance will be.

-
-
- - diff --git a/content/en/docs/Administratorguide/performance-logs.md b/content/en/docs/Administratorguide/performance-logs.md deleted file mode 100644 index 591040a93b3046e69ff6631afb0fffb00cfa7d39..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/performance-logs.md +++ /dev/null @@ -1,22 +0,0 @@ -# Performance Logs - -Performance logs focus on the access performance of external resources. Performance logs are used to record the status of physical resources and the performance of access to external resources \(such as disks, OBS and Hadoop clusters\). When a performance issue occurs, you can locate the cause using performance logs, which greatly improves troubleshooting efficiency. - -## Log Storage Directory - -The performance logs of CNs and DNs are stored in the directories under _$GAUSSLOG_**/gs\_profile**. - -## Log Naming Rules - -The name format of CN and DN performance logs is: - -**postgresql-**_creation time_**.prf** - -By default, a new log file is generated at 0:00 every day, or when the latest log file exceeds 20 MB or a database instance \(CN or DN\) is restarted. - -## Log Content Description - -Content of a line in a CN or DN log: - -_Host name_+_Date_+_Time_+_Instance name_+_Thread number_+_Log content_ - diff --git a/content/en/docs/Administratorguide/physical-backup-and-restoration.md b/content/en/docs/Administratorguide/physical-backup-and-restoration.md deleted file mode 100644 index 79ead2beb92b097a67e951d26dd0458a92dad4f4..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/physical-backup-and-restoration.md +++ /dev/null @@ -1,5 +0,0 @@ -# Physical Backup and Restoration - -- **[gs\_basebackup](gs_basebackup.md)** - - diff --git a/content/en/docs/Administratorguide/querying-status.md b/content/en/docs/Administratorguide/querying-status.md index 2eec11baeb90bb885bd4031c4e2235e769d82267..0664f4799473dee2b79b03e662e3c81b55cb95a7 100644 --- a/content/en/docs/Administratorguide/querying-status.md +++ b/content/en/docs/Administratorguide/querying-status.md @@ -1,44 +1,44 @@ -# Querying Status - -## Background - -You can query the status of openGauss in openGauss. The query result shows whether openGauss or a single host is running properly. - -## Prerequisites - -openGauss has been started. - -## Procedure - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to query the openGauss status: - - ``` - gs_om -t status --detail - ``` - - [Table 1](#en-us_topic_0237088790_table9610118112610) describes parameters in the query result. - - To query the status of instances on a host and the status of other instances which form a primary/secondary relationship with instances on the host, add **-h** to the command. For example: - - ``` - gs_om -t status -h plat2 --detail - ``` - - **plat2** indicates the name of the host to be queried. - - To query the status of instances on the host you logged in to, run the following command: - - ``` - gs_om -t status -h plat1 - ``` - - -## Parameter Description - -**Table 1** Status description - - +# Querying Status + +## Background + +You can query the status of openGauss in openGauss. The query result shows whether openGauss or a single host is running properly. + +## Prerequisites + +openGauss has been started. + +## Procedure + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to query the openGauss status: + + ``` + gs_om -t status --detail + ``` + + [Table 1](#en-us_topic_0237088790_table9610118112610) describes parameters in the query result. + + To query the status of instances on a host and the status of other instances which form a primary/secondary relationship with instances on the host, add **-h** to the command. For example: + + ``` + gs_om -t status -h plat2 --detail + ``` + + **plat2** indicates the name of the host to be queried. + + To query the status of instances on the host you logged in to, run the following command: + + ``` + gs_om -t status -h plat1 + ``` + + +## Parameter Description + +**Table 1** Status description + + -

Field

Description

@@ -83,24 +83,24 @@ openGauss has been started.
- -## Examples - -View openGauss status details, including instance status. - -``` -gs_om -t status --detail -[ Cluster State ] - -cluster_state : Normal -redistributing : No -current_az : AZ_ALL - -[ Datanode State ] - -node node_ip instance state | node node_ip instance state ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- -1 pekpopgsci00235 10.244.62.204 6001 /opt/gaussdb/cluster/data/dn1 P Primary Normal | 2 pekpopgsci00238 10.244.61.81 6002 /opt/gaussdb/cluster/data/dn1 S Standby Normal -``` - + + +## Examples + +View openGauss status details, including instance status. + +``` +gs_om -t status --detail +[ Cluster State ] + +cluster_state : Normal +redistributing : No +current_az : AZ_ALL + +[ Datanode State ] + +node node_ip instance state | node node_ip instance state +------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ +1 pekpopgsci00235 10.244.62.204 6001 /opt/gaussdb/cluster/data/dn1 P Primary Normal | 2 pekpopgsci00238 10.244.61.81 6002 /opt/gaussdb/cluster/data/dn1 S Standby Normal +``` + diff --git a/content/en/docs/Administratorguide/risky-operations.md b/content/en/docs/Administratorguide/risky-operations.md index 1cbca475ed58344534eec9d31cd88864a2361ea6..f5ea911de89610e40e103f548f3c8dc8ddd96630 100644 --- a/content/en/docs/Administratorguide/risky-operations.md +++ b/content/en/docs/Administratorguide/risky-operations.md @@ -1,12 +1,12 @@ -# Risky Operations - -Perform operations strictly following instructions provided in the guide. Do not perform the following risky operations. - -[Table 1](#en-us_topic_0237088894_en-us_topic_0059777750_t725e2ece7f7a4d5f962b2c314e7e836b) describes forbidden operations during routine O&M. - -**Table 1** Forbidden operations - - +# Risky Operations + +Perform operations strictly following instructions provided in the guide. Do not perform the following risky operations. + +[Table 1](#en-us_topic_0237088894_en-us_topic_0059777750_t725e2ece7f7a4d5f962b2c314e7e836b) describes forbidden operations during routine O&M. + +**Table 1** Forbidden operations + + -

Forbidden Operation

Risk

@@ -24,13 +24,13 @@ Perform operations strictly following instructions provided in the guide. Do not
- -[Table 2](#en-us_topic_0237088894_en-us_topic_0059777750_tf7f1e2a0747f496baffa365814127a3c) describes risky operations during routine O&M. - -**Table 2** Risky operations - - + + +[Table 2](#en-us_topic_0237088894_en-us_topic_0059777750_tf7f1e2a0747f496baffa365814127a3c) describes risky operations during routine O&M. + +**Table 2** Risky operations + + -

Category

Risky Operation

@@ -94,5 +94,5 @@ Perform operations strictly following instructions provided in the guide. Do not
- + + diff --git a/content/en/docs/Administratorguide/routine-maintenance-check-items.md b/content/en/docs/Administratorguide/routine-maintenance-check-items.md deleted file mode 100644 index 7068554f25e392eda6a801b32334de83d3d87c39..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/routine-maintenance-check-items.md +++ /dev/null @@ -1,170 +0,0 @@ -# Routine Maintenance Check Items - -## Checking openGauss Status - -openGauss provides tools to check database and instance status, ensuring that databases and instances are running properly to provide data services. - -- Check instance status. - - ``` - gs_check -U omm -i CheckClusterState - ``` - -- Check parameters. - - ``` - postgres=# SHOW parameter_name; - ``` - -- Modify parameters. - - ``` - gs_guc reload -D /gaussdb/data/dbnode -c "paraname=value" - ``` - - -## Checking Lock Information - -The lock mechanism is an important method to ensure data consistency. Information check helps learn database transactions and database running status. - -- Query lock information in the database. - - ``` - postgres=# SELECT * FROM pg_locks; - ``` - -- Query the status of threads waiting to acquire locks. - - ``` - postgres=# SELECT * FROM pg_thread_wait_status WHERE wait_status = 'acquire lock'; - ``` - -- Query the status of events waiting to acquire locks. - - ``` - postgres=# SELECT node_name, thread_name, tid, wait_status, query_id FROM pgxc_thread_wait_status WHERE wait_status = 'acquire lock'; - ``` - -- Kill a system process. - - Search for a system process that is running and run the following command to end the process: - - ``` - ps ux - kill -9 pid - ``` - - -## Collecting Event Statistics - -Long-time running of SQL statements will occupy a lot of system resources. You can check event occurrence time and occupied memory to learn about database running status. - -- Query the time points about an event. - - Run the following command to query the thread start time, transaction start time, SQL start time, and status change time of the event: - - ``` - postgres=# SELECT backend_start,xact_start,query_start,state_change FROM pg_stat_activity; - ``` - -- Query the number of sessions on the current server. - - ``` - postgres=# SELECT count(*) FROM pg_stat_activity; - ``` - -- Collect system-level statistics. - - Run the following command to query information about the session that uses the maximum memory: - - ``` - postgres=# SELECT * FROM pv_session_memory_detail() ORDER BY usedsize desc limit 10; - ``` - - -## Checking Objects - -Tables, indexes, partitions, and constraints are key storage objects of a database. A database administrator needs to routinely maintain key information and these objects. - -- View table details. - - ``` - postgres=# \d+ table_name - ``` - -- Query table statistics. - - ``` - postgres=# SELECT * FROM pg_statistic; - ``` - -- View index details. - - ``` - postgres=# \d+ index_name - ``` - -- Query partitioned table information. - - ``` - postgres=# SELECT * FROM pg_partition; - ``` - -- Collect statistics. - - Run the **ANALYZE** statement to collect related statistics on the database. - - Run the **VACUUM** statement to reclaim space and update statistics. - -- Query constraint information. - - ``` - postgres=# SELECT * FROM pg_constraint; - ``` - - -## Checking an SQL Report - -Run the **EXPLAIN** statement to view execution plans. - -## Backing Up Data - -Never forget to back up data. During the routine work, the backup execution and backup data validity need to be checked to ensure data security and encryption security. - -- Export a specified user. - - ``` - gs_dump dbname -p port -f out.sql -U user_name -W password - ``` - -- Export a schema. - - ``` - gs_dump dbname -p port -n schema_name -f out.sql - ``` - -- Export a table. - - ``` - gs_dump dbname -p port -t table_name -f out.sql - ``` - - -## Checking Basic Information - -Basic information includes versions, components, and patches. Periodic database information checks and records are important for database life cycle management. - -- Check version information. - - ``` - postgres=# SELECT version(); - ``` - -- Check table size and database size. - - ``` - postgres=# SELECT pg_table_size('table_name'); - postgres=# SELECT pg_database_size('database_name'); - ``` - - diff --git a/content/en/docs/Administratorguide/routine-maintenance.md b/content/en/docs/Administratorguide/routine-maintenance.md index 8430ed3e0b7ec87df4fabd459403304c5aa89914..f4a03dd9bbd9d3312bcf445ab053e926bc587b10 100644 --- a/content/en/docs/Administratorguide/routine-maintenance.md +++ b/content/en/docs/Administratorguide/routine-maintenance.md @@ -1,23 +1,1770 @@ -# Routine Maintenance - -- **[Routine Maintenance Check Items](routine-maintenance-check-items.md)** - -- **[Checking OS Parameters](checking-os-parameters.md)** - -- **[Checking openGauss Health Status](checking-opengauss-health-status.md)** - -- **[Checking Database Performance](checking-database-performance.md)** - -- **[Checking and Deleting Logs](checking-and-deleting-logs.md)** - -- **[Checking Time Consistency](checking-time-consistency.md)** - -- **[Checking the Number of Application Connections](checking-the-number-of-application-connections.md)** - -- **[Routinely Maintaining Tables](routinely-maintaining-tables.md)** - -- **[Routinely Recreating an Index](routinely-recreating-an-index.md)** - -- **[Data Security Maintenance Suggestions](data-security-maintenance-suggestions.md)** -To ensure data security in GaussDB Kernel and prevent accidents, such as data loss and illegal data access, read this section carefully. - +# Routine Maintenance + +- **[Routine Maintenance Check Items](routine-maintenance-check-items.md)** + +- **[Checking OS Parameters](checking-os-parameters.md)** + +- **[Checking openGauss Health Status](checking-opengauss-health-status.md)** + +- **[Checking Database Performance](checking-database-performance.md)** + +- **[Checking and Deleting Logs](checking-and-deleting-logs.md)** + +- **[Checking Time Consistency](checking-time-consistency.md)** + +- **[Checking the Number of Application Connections](checking-the-number-of-application-connections.md)** + +- **[Routinely Maintaining Tables](routinely-maintaining-tables.md)** + +- **[Routinely Recreating an Index](routinely-recreating-an-index.md)** + +- **[Data Security Maintenance Suggestions](data-security-maintenance-suggestions.md)** +To ensure data security in GaussDB Kernel and prevent accidents, such as data loss and illegal data access, read this section carefully. + +## Routine Maintenance Check Items + +### Checking openGauss Status + +openGauss provides tools to check database and instance status, ensuring that databases and instances are running properly to provide data services. + +- Check instance status. + + ``` + gs_check -U omm -i CheckClusterState + ``` + +- Check parameters. + + ``` + postgres=# SHOW parameter_name; + ``` + +- Modify parameters. + + ``` + gs_guc reload -D /gaussdb/data/dbnode -c "paraname=value" + ``` + + +### Checking Lock Information + +The lock mechanism is an important method to ensure data consistency. Information check helps learn database transactions and database running status. + +- Query lock information in the database. + + ``` + postgres=# SELECT * FROM pg_locks; + ``` + +- Query the status of threads waiting to acquire locks. + + ``` + postgres=# SELECT * FROM pg_thread_wait_status WHERE wait_status = 'acquire lock'; + ``` + +- Query the status of events waiting to acquire locks. + + ``` + postgres=# SELECT node_name, thread_name, tid, wait_status, query_id FROM pgxc_thread_wait_status WHERE wait_status = 'acquire lock'; + ``` + +- Kill a system process. + + Search for a system process that is running and run the following command to end the process: + + ``` + ps ux + kill -9 pid + ``` + + +### Collecting Event Statistics + +Long-time running of SQL statements will occupy a lot of system resources. You can check event occurrence time and occupied memory to learn about database running status. + +- Query the time points about an event. + + Run the following command to query the thread start time, transaction start time, SQL start time, and status change time of the event: + + ``` + postgres=# SELECT backend_start,xact_start,query_start,state_change FROM pg_stat_activity; + ``` + +- Query the number of sessions on the current server. + + ``` + postgres=# SELECT count(*) FROM pg_stat_activity; + ``` + +- Collect system-level statistics. + + Run the following command to query information about the session that uses the maximum memory: + + ``` + postgres=# SELECT * FROM pv_session_memory_detail() ORDER BY usedsize desc limit 10; + ``` + + +### Checking Objects + +Tables, indexes, partitions, and constraints are key storage objects of a database. A database administrator needs to routinely maintain key information and these objects. + +- View table details. + + ``` + postgres=# \d+ table_name + ``` + +- Query table statistics. + + ``` + postgres=# SELECT * FROM pg_statistic; + ``` + +- View index details. + + ``` + postgres=# \d+ index_name + ``` + +- Query partitioned table information. + + ``` + postgres=# SELECT * FROM pg_partition; + ``` + +- Collect statistics. + + Run the **ANALYZE** statement to collect related statistics on the database. + + Run the **VACUUM** statement to reclaim space and update statistics. + +- Query constraint information. + + ``` + postgres=# SELECT * FROM pg_constraint; + ``` + + +### Checking an SQL Report + +Run the **EXPLAIN** statement to view execution plans. + +### Backing Up Data + +Never forget to back up data. During the routine work, the backup execution and backup data validity need to be checked to ensure data security and encryption security. + +- Export a specified user. + + ``` + gs_dump dbname -p port -f out.sql -U user_name -W password + ``` + +- Export a schema. + + ``` + gs_dump dbname -p port -n schema_name -f out.sql + ``` + +- Export a table. + + ``` + gs_dump dbname -p port -t table_name -f out.sql + ``` + + +### Checking Basic Information + +Basic information includes versions, components, and patches. Periodic database information checks and records are important for database life cycle management. + +- Check version information. + + ``` + postgres=# SELECT version(); + ``` + +- Check table size and database size. + + ``` + postgres=# SELECT pg_table_size('table_name'); + postgres=# SELECT pg_database_size('database_name'); + ``` + + +## Checking OS Parameters + +### Check Method + +Use the **gs\_checkos** tool provided by openGauss to check the OS status. + +**Prerequisites** + +- The hardware and network are working properly. +- The trust relationship of user **root** among the hosts is normal. +- Only user **root** is authorized to run the **gs\_checkos** command. + +**Procedure** + +1. Log in to a server as user **root**. +2. Run the following command to check OS parameters of servers where the openGauss nodes are deployed: + + ``` + gs_checkos -i A + ``` + + Check the OS parameters to ensure that openGauss has passed the pre-installation check and can efficiently operate after it is installed. For details about the check items, see "Server Tools \> gs\_checkos" in the _openGauss Tool Reference_. + + +**Examples** + +Before running the **gs\_checkos** command, execute pre-processing scripts by running **gs\_preinstall** to prepare the environment. The following uses parameter **A** as an example: + +``` +gs_checkos -i A +Checking items: + A1. [ OS version status ] : Normal + A2. [ Kernel version status ] : Normal + A3. [ Unicode status ] : Normal + A4. [ Time zone status ] : Normal + A5. [ Swap memory status ] : Normal + A6. [ System control parameters status ] : Normal + A7. [ File system configuration status ] : Normal + A8. [ Disk configuration status ] : Normal + A9. [ Pre-read block size status ] : Normal + A10.[ IO scheduler status ] : Normal + A11.[ Network card configuration status ] : Normal + A12.[ Time consistency status ] : Warning + A13.[ Firewall service status ] : Normal + A14.[ THP service status ] : Normal +Total numbers:14. Abnormal numbers:0. Warning number:1. +``` + +The following uses parameter **B** as an example: + +``` +gs_checkos -i B +Setting items: + B1. [ Set system control parameters ] : Normal + B2. [ Set file system configuration value ] : Normal + B3. [ Set pre-read block size value ] : Normal + B4. [ Set IO scheduler value ] : Normal + B5. [ Set network card configuration value ] : Normal + B6. [ Set THP service ] : Normal +Total numbers:6. Abnormal numbers:0. Warning number:0. +``` + +### Exception Handling + +If you use the **gs\_checkos** tool to check the OS and the command output shows **Abnormal**, run the following command to view detailed error information: + +``` +gs_checkos -i A --detail +``` + +The **Abnormal** state cannot be ignored because the OS in this state affects cluster installation. The **Warning** state does not affect cluster installation and thereby can be ignored. + +- If the check result for OS version status \(**A1**\) is **Abnormal**, replace OSs out of the mixed programming scope with those within the scope. +- If the check result for kernel version status \(**A2**\) is **Warning**, the platform kernel versions in the cluster are inconsistent. +- If the check result for Unicode status \(**A3**\) is **Abnormal**, set the same character set for all the hosts. You can add **export LANG=**_unicode_ to the **/etc/profile** file. + + ``` + vim /etc/profile + ``` + +- If the check result for time zone status \(**A4**\) is **Abnormal**, set the same time zone for all the hosts. You can copy the time zone file in the **/usr/share/zoneinfo/** directory as the **/etc/localtime** file. + + ``` + cp /usr/share/zoneinfo/$primary time zone/$secondary time zone /etc/localtime + ``` + +- If the check result for swap memory status \(**A5**\) is **Abnormal**, a possible cause is that the swap memory is larger than the physical memory. You can troubleshoot this issue by reducing the swap memory or increasing the physical memory. +- If the check result for system control parameter status \(**A6**\) is **Abnormal**, troubleshoot this issue in either of the following two ways: + - Run the following command: + + ``` + gs_checkos -i B1 + ``` + + - Modify the **/etc/sysctl.conf** file based on the error message and run **sysctl -p** to make it take effect. + + ``` + vim /etc/sysctl.conf + ``` + + + +- If the check result for file system configuration status \(**A7**\) is **Abnormal**, run the following command to troubleshoot this issue: + + ``` + gs_checkos -i B2 + ``` + +- If the check result for disk configuration status \(**A8**\) is **Abnormal**, set the disk mounting format to **rw,noatime,inode64,allocsize=16m**. + + Run the **man mount** command to mount the XFS parameter: + + ``` + rw,noatime,inode64,allocsize=16m + ``` + + You can also set the XFS parameter in the **/etc/fstab** file. For example: + + ``` + /dev/data /data xfs rw,noatime,inode64,allocsize=16m 0 0 + ``` + +- If the check result for pre-read block size status \(**A9**\) is **Abnormal**, run the following command to troubleshoot this issue: + + ``` + gs_checkos -i B3 + ``` + +- If the check result for I/O scheduling status \(**A10**\) is **Abnormal**, run the following command to troubleshoot this issue: + + ``` + gs_checkos -i B4 + ``` + +- If the check result for NIC configuration status \(**A11**\) is **Warning**, run the following command to troubleshoot this issue: + + ``` + gs_checkos -i B5 + ``` + +- If the check result for time consistency status \(**A12**\) is **Abnormal**, verify that the NTP service has been installed and started and has synchronized time from the NTP clock. +- If the check result for firewall status \(**A13**\) is **Abnormal**, disable the firewall. Run the following commands: + - SUSE: + + ``` + SuSEfirewall2 stop + ``` + + - RedHat7: + + ``` + systemctl disable firewalld + ``` + + - RedHat6: + + ``` + service iptables stop + ``` + + +- If the check result for THP service status \(**A14**\) is **Abnormal**, run the following command to troubleshoot this issue: + + ``` + gs_checkos -i B6 + ``` + + +## Checking openGauss Health Status + +### Check Method + +Use the **gs\_check** tool provided by openGauss to check the openGauss health status. + +**Precautions** + +- Only user **root** is authorized to check new nodes added during cluster scale-out. In other cases, the check can be performed only by user **omm**. +- Parameter **-i** or **-e** must be set. **-i** specifies a single item to be checked, and **-e** specifies an inspection scenario where multiple items will be checked. +- If **-i** is not set to a **root** item or no such items are contained in the check item list of the scenario specified by **-e**, you do not need to enter the name or password of user **root**. +- You can run **--skip-root-items** to skip **root** items. +- Check the consistency between the new node and existing nodes. Run the **gs\_check** command on an existing node and specify the **--hosts** parameter. The IP address of the new node needs to be written into the **hosts** file. + +**Procedure** + +Method 1: + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to check the openGauss database status: + + ``` + gs_check -i CheckClusterState + ``` + + In the command, **-i** indicates the check item and is case-sensitive. The format is **-i CheckClusterState**, **-i CheckCPU** or **-i CheckClusterState,CheckCPU**. + + Checkable items are listed in "Server Tools \> gs\_check \> openGauss status checks" in the _openGauss Tool Reference_. You can create a check item as needed. + + +Method 2: + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to check the openGauss database health status: + + ``` + gs_check -e inspect + ``` + + In the command, **-e** indicates the inspection scenario and is case-sensitive. The format is **-e inspect** or **-e upgrade**. + + The inspection scenarios include **inspect** \(routine inspection\), **upgrade** \(inspection before upgrade\), **expand** \(inspection before cluster scale-out\), **binary\_upgrade** \(inspection before in-place upgrade\), and **health** \(health inspection\). You can create an inspection scenario as needed. + + +Method 3: + +1. Log in as the OS user **omm** to the primary node of the database. +2. Copy the inspection tool **gs\_check** and the **inspection** directory to all new hosts. +3. Write the IP addresses of the new hosts into the **ipListFile** file and separate the IP addresses with line feeds. +4. Run the following command to check the new nodes before cluster scale-out: + + ``` + gs_check -e expand_new_node --hosts ipListFile + ``` + + **-e** must be set to **expand\_new\_node**, indicating inspection before cluster scale-out. + + +The openGauss inspection is performed to check openGauss status during openGauss running or to check the environment and conditions before critical operations, such as upgrade or scale-out. For details about the inspection items and scenarios, see "Server Tools \> gs\_check \> openGauss status checks" in the _openGauss Tool Reference_. + +**Examples** + +Check result of a single item: + +``` +perfadm@lfgp000700749:/opt/huawei/perfadm/tool/script> gs_check -i CheckCPU +Parsing the check items config file successfully +Distribute the context file to remote hosts successfully +Start to health check for the cluster. Total Items:1 Nodes:3 + +Checking... [=========================] 1/1 +Start to analysis the check result +CheckCPU....................................OK +The item run on 3 nodes. success: 3 + +Analysis the check result successfully +Success. All check items run completed. Total:1 Success:1 Failed:0 +For more information please refer to /opt/huawei/wisequery/script/gspylib/inspection/output/CheckReport_201902193704661604.tar.gz +``` + +Local execution result: + +``` +perfadm@lfgp000700749:/opt/huawei/perfadm/tool/script> gs_check -i CheckCPU -L + +2017-12-29 17:09:29 [NAM] CheckCPU +2017-12-29 17:09:29 [STD] Check the CPU usage of the host. If the value of idle is greater than 30% and the value of iowait is less than 30%, this item passes the check. Otherwise, this item fails the check. +2017-12-29 17:09:29 [RST] OK + +2017-12-29 17:09:29 [RAW] +Linux 4.4.21-69-default (lfgp000700749) 12/29/17 _x86_64_ + +17:09:24 CPU %user %nice %system %iowait %steal %idle +17:09:25 all 0.25 0.00 0.25 0.00 0.00 99.50 +17:09:26 all 0.25 0.00 0.13 0.00 0.00 99.62 +17:09:27 all 0.25 0.00 0.25 0.13 0.00 99.37 +17:09:28 all 0.38 0.00 0.25 0.00 0.13 99.25 +17:09:29 all 1.00 0.00 0.88 0.00 0.00 98.12 +Average: all 0.43 0.00 0.35 0.03 0.03 99.17 +``` + +Check result of a scenario: + +``` +[perfadm@SIA1000131072 Check]$ gs_check -e inspect +Parsing the check items config file successfully +The below items require root privileges to execute:[CheckBlockdev CheckIOrequestqueue CheckIOConfigure CheckCheckMultiQueue CheckFirewall CheckSshdService CheckSshdConfig CheckCrondService CheckNoCheckSum CheckSctpSeProcMemory CheckBootItems CheckFilehandle CheckNICModel CheckDropCache] +Please enter root privileges user[root]:root +Please enter password for user[root]: +Please enter password for user[root] on the node[10.244.57.240]: +Check root password connection successfully +Distribute the context file to remote hosts successfully +Start to health check for the cluster. Total Items:59 Nodes:2 + +Checking... [ ] 21/59 +Checking... [=========================] 59/59 +Start to analysis the check result +CheckClusterState...........................OK +The item run on 2 nodes. success: 2 + +CheckDBParams...............................OK +The item run on 1 nodes. success: 1 + +CheckDebugSwitch............................OK +The item run on 2 nodes. success: 2 + +CheckDirPermissions.........................OK +The item run on 2 nodes. success: 2 + +CheckReadonlyMode...........................OK +The item run on 1 nodes. success: 1 + +CheckEnvProfile.............................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +GAUSSHOME /usr1/gaussdb/app +LD_LIBRARY_PATH /usr1/gaussdb/app/lib +PATH /usr1/gaussdb/app/bin + + +CheckBlockdev...............................OK +The item run on 2 nodes. success: 2 + +CheckCurConnCount...........................OK +The item run on 1 nodes. success: 1 + +CheckCursorNum..............................OK +The item run on 1 nodes. success: 1 + +CheckPgxcgroup..............................OK +The item run on 1 nodes. success: 1 + +CheckDiskFormat.............................OK +The item run on 2 nodes. success: 2 + +CheckSpaceUsage.............................OK +The item run on 2 nodes. success: 2 + +CheckInodeUsage.............................OK +The item run on 2 nodes. success: 2 + +CheckSwapMemory.............................OK +The item run on 2 nodes. success: 2 + +CheckLogicalBlock...........................OK +The item run on 2 nodes. success: 2 + +CheckIOrequestqueue.....................WARNING +The item run on 2 nodes. warning: 2 +The warning[host240,host157] value: +On device (vdb) 'IO Request' RealValue '256' ExpectedValue '32768' +On device (vda) 'IO Request' RealValue '256' ExpectedValue '32768' + +CheckMaxAsyIOrequests.......................OK +The item run on 2 nodes. success: 2 + +CheckIOConfigure............................OK +The item run on 2 nodes. success: 2 + +CheckMTU....................................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +1500 + +CheckPing...................................OK +The item run on 2 nodes. success: 2 + +CheckRXTX...................................NG +The item run on 2 nodes. ng: 2 +The ng[host240,host157] value: +NetWork[eth0] +RX: 256 +TX: 256 + + +CheckNetWorkDrop............................OK +The item run on 2 nodes. success: 2 + +CheckMultiQueue.............................OK +The item run on 2 nodes. success: 2 + +CheckEncoding...............................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +LANG=en_US.UTF-8 + +CheckFirewall...............................OK +The item run on 2 nodes. success: 2 + +CheckKernelVer..............................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +3.10.0-957.el7.x86_64 + +CheckMaxHandle..............................OK +The item run on 2 nodes. success: 2 + +CheckNTPD...................................OK +host240: NTPD service is running, 2020-06-02 17:00:28 +host157: NTPD service is running, 2020-06-02 17:00:06 + + +CheckOSVer..................................OK +host240: The current OS is centos 7.6 64bit. +host157: The current OS is centos 7.6 64bit. + + +CheckSysParams..........................WARNING +The item run on 2 nodes. warning: 2 +The warning[host240,host157] value: +Warning reason: variable 'net.ipv4.tcp_retries1' RealValue '3' ExpectedValue '5'. +Warning reason: variable 'net.ipv4.tcp_syn_retries' RealValue '6' ExpectedValue '5'. +Warning reason: variable 'net.sctp.path_max_retrans' RealValue '5' ExpectedValue '10'. +Warning reason: variable 'net.sctp.max_init_retransmits' RealValue '8' ExpectedValue '10'. + + +CheckTHP....................................OK +The item run on 2 nodes. success: 2 + +CheckTimeZone...............................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: ++0800 + +CheckCPU....................................OK +The item run on 2 nodes. success: 2 + +CheckSshdService............................OK +The item run on 2 nodes. success: 2 + +CheckSshdConfig.........................WARNING +The item run on 2 nodes. warning: 2 +The warning[host240,host157] value: + +Warning reason: UseDNS parameter is not set; expected: no + +CheckCrondService...........................OK +The item run on 2 nodes. success: 2 + +CheckStack..................................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +8192 + +CheckNoCheckSum.............................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +Nochecksum value is N,Check items pass. + +CheckSysPortRange...........................OK +The item run on 2 nodes. success: 2 + +CheckMemInfo................................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +totalMem: 31.260929107666016G + +CheckHyperThread............................OK +The item run on 2 nodes. success: 2 + +CheckTableSpace.............................OK +The item run on 1 nodes. success: 1 + +CheckSctpService............................OK +The item run on 2 nodes. success: 2 + +CheckSysadminUser...........................OK +The item run on 1 nodes. success: 1 + +CheckGUCConsistent..........................OK +All DN instance guc value is consistent. + +CheckMaxProcMemory..........................OK +The item run on 1 nodes. success: 1 + +CheckBootItems..............................OK +The item run on 2 nodes. success: 2 + +CheckHashIndex..............................OK +The item run on 1 nodes. success: 1 + +CheckPgxcRedistb............................OK +The item run on 1 nodes. success: 1 + +CheckNodeGroupName..........................OK +The item run on 1 nodes. success: 1 + +CheckTDDate.................................OK +The item run on 1 nodes. success: 1 + +CheckDilateSysTab...........................OK +The item run on 1 nodes. success: 1 + +CheckKeyProAdj..............................OK +The item run on 2 nodes. success: 2 + +CheckProStartTime.......................WARNING +host157: +STARTED COMMAND +Tue Jun 2 16:57:18 2020 /usr1/dmuser/dmserver/metricdb1/server/bin/gaussdb --single_node -D /usr1/dmuser/dmb1/data -p 22204 +Mon Jun 1 16:15:15 2020 /usr1/gaussdb/app/bin/gaussdb -D /usr1/gaussdb/data/dn1 -M standby + + +CheckFilehandle.............................OK +The item run on 2 nodes. success: 2 + +CheckRouting................................OK +The item run on 2 nodes. success: 2 + +CheckNICModel...............................OK +The item run on 2 nodes. success: 2 (consistent) +The success on all nodes value: +version: 1.0.0 +model: Red Hat, Inc. Virtio network device + + +CheckDropCache..........................WARNING +The item run on 2 nodes. warning: 2 +The warning[host240,host157] value: +No DropCache process is running + +CheckMpprcFile..............................NG +The item run on 2 nodes. ng: 2 +The ng[host240,host157] value: +There is no mpprc file + +Analysis the check result successfully +Failed. All check items run completed. Total:59 Success:52 Warning:5 NG:2 +For more information please refer to /usr1/gaussdb/tool/script/gspylib/inspection/output/CheckReport_inspect611.tar.gz + +``` + +### Exception Handling + +Troubleshoot exceptions detected in the inspection by following instructions in this section. + +**Table 1** Check of openGauss running status + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Check Item

+

Abnormal Status

+

Solution

+

CheckClusterState (Checks the openGauss status.)

+

openGauss or openGauss instances are not started.

+

Run the following command to start openGauss and instances:

+
gs_om -t start
+

The status of openGauss or openGauss instances is abnormal.

+

Check the status of hosts and instances. Troubleshoot this issue based on the status information.

+
gs_check -i CheckClusterState
+

CheckDBParams (Checks database parameters.)

+

Database parameters have incorrect values.

+

Use the gs_guc tool to set the parameters to specified values.

+

CheckDebugSwitch (Checks debug logs.)

+

The log level is incorrect.

+

Use the gs_guc tool to set log_min_messages to specified content.

+

CheckDirPermissions (Checks directory permissions.)

+

The permission for a directory is incorrect.

+

Change the directory permission to a specified value (750 or 700).

+
chmod 750 DIR
+

CheckReadonlyMode (Checks the read-only mode.)

+

The read-only mode is enabled.

+

Verify that the usage of the disk where database nodes are located does not exceed the threshold (60% by default) and no other O&M operations are performed.

+
gs_check -i CheckDataDiskUsage
+ps ux
+

Use the gs_guc tool to disable the read-only mode of openGauss.

+
gs_guc reload -N all -I all -c 'default_transaction_read_only = off' 
+gs_guc reload -N all -I all -c 'default_transaction_read_only = off'
+

CheckEnvProfile (Checks environment variables.)

+

Environment variables are inconsistent.

+

Update the environment variable information.

+

CheckBlockdev (Checks pre-read blocks.)

+

The size of a pre-read block is not 16384 KB.

+

Use the gs_checkos tool to set the size of the pre-read block to 16384 KB and write the setting into the auto-startup file.

+
gs_checkos -i B3
+

CheckCursorNum (Checks the number of cursors.)

+

The number of cursors fails to be checked.

+

Check whether the database is properly connected and whether the openGauss status is normal.

+

CheckPgxcgroup (Checks the data redistribution status.)

+

There are pgxc_group tables that have not been redistributed.

+

Proceed with the redistribution.

+
gs_expand, gs_shrink
+

CheckDiskFormat (Checks disk configurations.)

+

Disk configurations are inconsistent between nodes.

+

Configure disk specifications to be consistent between nodes.

+

CheckSpaceUsage (Checks the disk space usage.)

+

Disk space is insufficient.

+

Clear or expand the disk for the directory.

+

CheckInodeUsage (Checks the disk index usage.)

+

Disk indexes are insufficient.

+

Clear or expand the disk for the directory.

+

CheckSwapMemory (Checks the swap memory.)

+

The swap memory is greater than the physical memory.

+

Reduce or disable the swap memory.

+

CheckLogicalBlock (Checks logical blocks.)

+

The size of a logical block is not 512 KB.

+

Use the gs_checkos tool to set the size of the logical block to 512 KB and write the setting into the auto-startup file.

+
gs_checkos -i B4
+

CheckIOrequestqueue (Checks I/O requests.)

+

The requested I/O is not 32768.

+

Use the gs_checkos tool to set the requested I/O to 32768 and write the setting into the auto-startup file.

+
gs_checkos -i B4
+

CheckCurConnCount (Checks the number of current connections.)

+

The number of current connections exceeds 90% of the allowed maximum number of connections.

+

Break idle primary database node connections.

+

CheckMaxAsyIOrequests (Checks the maximum number of asynchronous requests.)

+

The maximum number of asynchronous requests is less than 104857600 or (Number of database instances on the current node x 1048576).

+

Use the gs_checkos tool to set the maximum number of asynchronous requests to the larger one between 104857600 and (Number of database instances on the current node x 1048576).

+
gs_checkos -i B4
+

CheckMTU (Checks MTU values.)

+

MTU values are inconsistent between nodes.

+

Set the MTU value on each node to 1500 or 8192.

+
ifconfig eth* MTU 1500
+

CheckIOConfigure (Checks I/O configurations.)

+

The I/O mode is not deadline.

+

Use the gs_checkos tool to set the I/O mode to deadline and write the setting into the auto-startup file.

+
gs_checkos -i B4
+

CheckRXTX (Checks the RX/TX value.)

+

The NIC RX/TX value is not 4096.

+

Use the checkos tool to set the NIC RX/TX value to 4096 for openGauss.

+
gs_checkos -i B5
+

CheckPing (Checks whether the network connection is normal.)

+

There are openGauss IP addresses that cannot be pinged.

+

Check the network settings, network status, and firewall status between the abnormal IP addresses.

+

CheckNetWorkDrop (Checks the network packet loss rate.)

+

The network packet loss rate is greater than 1%.

+

Check the network load and status between the corresponding IP addresses.

+

CheckMultiQueue (Checks the NIC multi-queue function.)

+

Multiqueue is not enabled for the NIC, and NIC interruptions are not bound to different CPU cores.

+

Enable multiqueue for the NIC, and bind NIC interruptions to different CPU cores.

+

CheckEncoding (Checks the encoding format.)

+

Encoding formats are inconsistent between nodes.

+

Write the same encoding format into /etc/profile for each node.

+
echo "export LANG=XXX" >> /etc/profile
+

CheckActQryCount (Checks the archiving mode.)

+

The archiving mode is enabled, and the archiving directory is not under the primary database node directory.

+

Disable archiving mode or set the archiving directory to be under the primary database node directory.

+

CheckFirewall (Checks the firewall.)

+

The firewall is enabled.

+

Disable the firewall.

+
redHat(CentOS)7.x: systemctl status firewalld.service
+redHat(CentOS)6.x: service iptables down
+SuSE: SuSEfirewall2 down
+

CheckKernelVer (Checks kernel versions.)

+

Kernel versions are inconsistent between nodes.

+

Use the gs_replace tool to replace the nodes whose kernel version is inconsistent with that of others.

+
gs_replace
+

CheckMaxHandle (Checks the maximum number of file handles.)

+

The maximum number of handles is less than 1000000.

+

Set the soft and hard limits in the 91-nofile.conf or 90-nofile.conf file to 1000000.

+
gs_checkos -i B2
+

CheckNTPD (Checks the time synchronization service.)

+

The NTPD service is disabled or the time difference is greater than 1 minute.

+

Enable the NTPD service and set the time to be consistent.

+

CheckOSVer (Checks OS versions.)

+

Certain OSs are not supported or the OSs are not in the same hybrid list.

+

Use gs_replace to replace abnormal nodes with those supported by OSs or those in the same hybrid list.

+
gs_replace
+

CheckSysParams (Checks OS parameters.)

+

OS parameter settings do not meet requirements.

+

Use the gs_checkos tool or manually set parameters to values meeting requirements.

+
gs_checkos -i B1
+vim /etc/sysctl.conf
+

CheckTHP (Checks the THP service.)

+

The THP service is disabled.

+

Use the gs_checkos to enable the THP service.

+
gs_checkos -i B6
+

CheckTimeZone (Checks time zones.)

+

Time zones are inconsistent between nodes.

+

Set time zones to be consistent between nodes.

+
cp /usr/share/zoneinfo/$primary time zone/$secondary time zone /etc/localtime
+

CheckCPU (Checks the CPU.)

+

CPU usage is high or I/O waiting time is too long.

+

Upgrade CPUs or improve disk performance.

+

CheckSshdService (Checks the SSHD service.)

+

The SSHD service is disabled.

+

Enable the SSHD service and write the setting into the auto-startup file.

+
server sshd start
+echo "server sshd start" >> initFile
+

CheckSshdConfig (Checks SSHD configurations.)

+

The SSHD service is incorrectly configured.

+

Reconfigure the SSHD service.

+
PasswordAuthentication=no;
+MaxStartups=1000;
+UseDNS=yes;
+ClientAliveInterval=10800/ClientAliveInterval=0
+

Restart the service.

+
server sshd start
+

CheckCrondService (Checks the Crond service.)

+

The Crond service is disabled.

+

Install and enable the Crond service.

+

CheckStack (Checks the stack size.)

+

The stack size is less than 3072.

+

Use the gs_checkos tool to set the stack size to 3072 and restart the processes with a smaller stack size.

+
gs_checkos -i B2
+

CheckNoCheckSum (Checks the NoCheckSum parameter.)

+

NoCheckSum is incorrectly set or its value is inconsistent on each node.

+

Set NoCheckSum to a consistent value on each node. If redHat6.4 or redHat6.5 with the NIC binding mode bond0 exists, set NoCheckSum to Y. In other cases, set it to N.

+
echo Y > /sys/module/sctp/parameters/no_checksums
+

CheckSysPortRange (Checks OS port configurations.)

+

OS IP ports are not within the required port range or openGauss ports are within the OS IP port range.

+

Set the OS IP ports within 26000 to 65535 and set the openGauss ports beyond the OS IP port range.

+
vim /etc/sysctl.conf
+

CheckMemInfo (Checks the memory information.)

+

Memory sizes are inconsistent between nodes.

+

Use physical memory of the same specifications between nodes.

+

CheckHyperThread (Checks the hyper-threading.)

+

The CPU hyper-threading is disabled.

+

Enable the CPU hyper-threading.

+

CheckTableSpace (Checks tablespaces.)

+

The tablespace path is nested with the openGauss path or nested with the path of another tablespace.

+

Migrate tablespace data to the tablespace with a valid path.

+

CheckSctpService (Checks the SCTP service.)

+

The SCTP service is disabled.

+

Install and enable the SCTP service.

+
modprobe sctp
+
+ +## Checking Database Performance + +### Check Method + +Use the **gs\_checkperf** tool provided by openGauss to check hardware performance. + +**Prerequisites** + +- openGauss is running properly. +- Services are running properly on the database. + +**Procedure** + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to check the openGauss database performance: + + ``` + gs_checkperf + ``` + + +For details about performance statistical items, see "Server Tools \> gs\_checkperf \> Performance Check Items" in the _openGauss Tool Reference_. + +**Examples** + +Simple performance statistical result is displayed on the screen as follows: + +``` +gs_checkperf -i pmk -U omm +Cluster statistics information: + Host CPU busy time ratio : 1.43 % + MPPDB CPU time % in busy time : 1.88 % + Shared Buffer Hit ratio : 99.96 % + In-memory sort ratio : 100.00 % + Physical Reads : 4 + Physical Writes : 25 + DB size : 70 MB + Total Physical writes : 25 + Active SQL count : 2 + Session count : 3 +``` + +### Exception Handling + +After you use the **gs\_checkperf** tool to check the cluster performance, if the performance is abnormal, troubleshoot the issue by following instructions in this section. + +**Table 1** Cluster-level performance status + + + + + + + + + + + + + + + + + + + + + + + + + +

Abnormal Status

+

Solution

+

High CPU usage of hosts

+

1. Add high-performance CPUs, or replace current CPUs with them.

+

2. Run the top command to check which system processes cause high CPU usage, and run the kill command to stop unused processes.

+
top
+

High CPU usage of GaussDB Kernel

+

1. Add high-performance CPUs, or replace current CPUs with them.

+

2. Run the top command to check which database processes cause high CPU usage, and run the kill command to stop unused processes.

+
top
+

3. Use the gs_expand tool to add new hosts to lower the CPU usage.

+

Low hit ratio of the shared memory

+

1. Expand the memory.

+

2. Run the following command to check the OS configuration file /etc/sysctl.conf and increase the value of kernel.shmmax.

+
vim /etc/sysctl.conf
+

Low in-memory sort ratio

+

Expand the memory.

+

High I/O and disk usage

+

1. Replace current disks with high-performance ones.

+

2. Adjust the data layout to evenly distribute I/O requests to all the physical disks.

+

3. Run VACUUM FULL for the entire database.

+
vacuum full;
+

4. Clean up the disk space.

+

5. Reduce the number of concurrent connections.

+

Transaction statistics

+

Query the pg_stat_activity system catalog and disconnect unnecessary connections. (Log in to the database and run the postgres=# \d+ pg_stat_activity; command.)

+
+ +**Table 2** Node-level performance status + + + + + + + + + + + + + + + + +

Abnormal Status

+

Solution

+

High CPU usage

+

1. Add high-performance CPUs, or replace current CPUs with them.

+

2. Run the top command to check which system processes cause high CPU usage, and run the kill command to stop unused processes.

+
top
+

High memory usage

+

Expand or clean up the memory.

+

High I/O usage

+

1. Replace current disks with high-performance ones.

+

2. Clean up the disk space.

+

3. Use memory read/write to replace as much disk I/O as possible, putting frequently accessed files or data in the memory.

+
+ +**Table 3** Session/process-level performance status + + + + + + + + + + +

Abnormal Status

+

Solution

+

High CPU, memory, and I/O usage

+

Check which processes cause high CPU, memory, or I/O usage. If they are unnecessary processes, kill them; otherwise, analyze the specific cause of high usage. For example, if SQL statement execution occupies much memory, check whether the SQL statements need optimization.

+
+ +**Table 4** SSD performance status + + + + + + + + + + +

Abnormal Status

+

Solution

+

SSD read/write fault

+

Run the following command to check whether SSD is faulty. If yes, analyze the specific cause.

+
gs_checkperf -i SSD -U omm
+
+ +## Checking and Deleting Logs + +You are advised to check OS logs and database run logs monthly for monitoring system status and troubleshooting, and to delete database run logs monthly for saving disk space. + +### Checking OS Logs + +You are advised to monthly check OS logs to detect and prevent potential OS problems. + +**Procedure** + +Run the following command to check OS log files: + +``` +vim /var/log/messages +``` + +\(Pay attention to words like **kernel**, **error**, and **fatal** in logs generated within the last month and handle the problems based on the alarm information.\) + +### Checking openGauss Run Logs + +A database can still run when errors occur during the execution of some operations. However, data may be inconsistent before and after the error occurrences. Therefore, you are advised to monthly check openGauss run logs to detect potential problems in time. + +**Prerequisites** + +- The host used for collecting logs is running properly, and the network connection is normal. Database installation users trust each other. +- An OS tool \(for example, **gstack**\) that the log collection tool requires has been installed. If it is not installed, an error message is displayed, and this collection item is skipped. + +**Procedure** + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to collect database logs: + + ``` + gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" + ``` + + In the command, **20160616 01:01** indicates the start time of the log and **20160616 23:59** indicates the end time of the log. + +3. Based on command output in [2](#en-us_topic_0237088806_en-us_topic_0059778412_l87490fc259434bc6ac7800ec9881a6ab), access the related log collection directory, decompress collected database logs, and check these logs. + + Assume that collected logs are stored in **/opt/gaussdb/tmp/gaussdba\_mppdb/collector\_20160726\_105158.tar.gz**. + + ``` + tar -xvzf /opt/gaussdb/tmp/gaussdba_mppdb/collector_20160726_105158.tar.gz + cd /opt/gaussdb/tmp/gaussdba_mppdb/collector_20160726_105158 + ``` + + +**Examples** + +- Run the **gs\_collector** command together with parameters **--begin-time** and **--end-time**: + + ``` + gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" + ``` + + If information similar to the following is displayed, the logs have been archived: + + ``` + Successfully collected files + All results are stored in /tmp/gaussdba_mppdb/collector_20160616_175615.tar.gz. + ``` + +- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-h**: + + ``` + gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -h plat2 + ``` + + If information similar to the following is displayed, the logs have been archived: + + ``` + Successfully collected files + All results are stored in /tmp/gaussdba_mppdb/collector_20160616_190225.tar.gz. + ``` + +- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-f**: + + ``` + gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -f /opt/software/gaussdb/output + ``` + + If information similar to the following is displayed, the logs have been archived: + + ``` + Successfully collected files + All results are stored in /opt/software/gaussdb/output/collector_20160616_190511.tar.gz. + ``` + +- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **--keyword**: + + ``` + gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" --keyword="os" + ``` + + If information similar to the following is displayed, the logs have been archived: + + ``` + Successfully collected files. + All results are stored in /tmp/gaussdba_mppdb/collector_20160616_190836.tar.gz. + ``` + +- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-o**: + + ``` + gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -o /opt/software/gaussdb/output + ``` + + If information similar to the following is displayed, the logs have been archived: + + ``` + Successfully collected files. + All results are stored in /opt/software/gaussdb/output/collector_20160726_113711.tar.gz. + ``` + +- Run the **gs\_collector** command together with parameters **--begin-time**, **--end-time**, and **-l** \(the file name extension must be .log\): + + ``` + gs_collector --begin-time="20160616 01:01" --end-time="20160616 23:59" -l /opt/software/gaussdb/logfile.log + ``` + + If information similar to the following is displayed, the logs have been archived: + + ``` + Successfully collected files. + All results are stored in /opt/software/gaussdb/output/collector_20160726_113711.tar.gz. + ``` + + +### Cleaning Run Logs + +A large number of run logs will be generated during database running and occupy huge disk space. You are advised to delete expired run logs and retain logs generated within one month. + +**Procedure** + +1. Log in as the OS user **omm** to any host in the GaussDB Kernel cluster. +2. Clean logs. + 1. Back up logs generated over one month ago to other disks. + 2. Access the directory where logs are stored. + + ``` + cd $GAUSSLOG + ``` + + 3. Access the corresponding sub-directory and run the following command to delete logs generated one month ago: + + ``` + rm log name + ``` + + The naming convention of a log file is **postgresql-**_year_-_month_-_day_**\_HHMMSS**. + + + +## Checking Time Consistency + +Database transaction consistency is guaranteed by a logical clock and is not affected by OS time. However, OS time inconsistency will lead to problems, such as abnormal backend O&M and monitoring functions. Therefore, you are advised to monthly check time consistency among nodes. + +### Procedure + +1. Log in as the OS user **omm** to any host in the GaussDB Kernel cluster. +2. Create a configuration file for recording each cluster node. \(You can specify the _mpphosts_ file directory randomly. It is recommended that the file be stored in the **/tmp** directory.\) + + ``` + vim /tmp/mpphosts + ``` + + Add the host name of each node. + + ``` + plat1 + plat2 + plat3 + ``` + +3. Save the configuration file. + + ``` + :wq! + ``` + +4. Run the following command and write the time on each node into the **/tmp/sys\_ctl-os1.log** file: + + ``` + for ihost in `cat /tmp/mpphosts`; do ssh -n -q $ihost "hostname;date"; done > /tmp/sys_ctl-os1.log + ``` + +5. Check time consistency between the nodes based on the command output. The time difference should not exceed 30s. + + ``` + cat /tmp/sys_ctl-os1.log + plat1 + Thu Feb 9 16:46:38 CST 2017 + plat2 + Thu Feb 9 16:46:49 CST 2017 + plat3 + Thu Feb 9 16:46:14 CST 2017 + ``` + + +## Checking the Number of Application Connections + +If the number of connections between applications and the database exceeds the maximum value, new connections cannot be established. You are advised to daily check the number of connections, release idle connections in time, or increase the allowed maximum number of connections. + +### Procedure + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to connect to the database: + + ``` + gsql -d postgres -p 8000 + ``` + + **postgres** is the name of the database to be connected, and **8000** is the port number of the database primary node. + + If information similar to the following is displayed, the connection succeeds: + + ``` + gsql ((openGauss 1.0 build 290d125f) compiled at 2020-05-08 02:59:43 commit 2143 last mr 131 + Non-SSL connection (SSL connection is recommended when requiring high-security) + Type "help" for help. + + postgres=# + ``` + +3. Run the following SQL statement to check the number of connections: + + ``` + postgres=# SELECT count(*) FROM (SELECT pg_stat_get_backend_idset() AS backendid) AS s; + ``` + + Information similar to the following is displayed. **2** indicates that two applications are connected to the database. + + ``` + count + ------- + 2 + (1 row) + ``` + +4. View the allowed maximum connections. + + ``` + postgres=# SHOW max_connections; + ``` + + Information similar to the following is displayed. **200** indicates the currently allowed maximum number of connections. + + ``` + max_connections + ----------------- + 200 + (1 row) + ``` + + +### Exception Handling + +If the number of connections in the command output is close to the value of **max\_connections** of the database, delete existing connections or change the upper limit based on site requirements. + +1. Run the following SQL statement to view information about connections whose **state** is set to **idle**, and **state\_change** column is not updated for a long time. + + ``` + postgres=# SELECT * FROM pg_stat_activity where state='idle' order by state_change; + ``` + + Information similar to the following is displayed: + + ``` + datid | datname | pid | usesysid | usename | application_name | client_addr + | client_hostname | client_port | backend_start | xact_start | quer + y_start | state_change | waiting | enqueue | state | resource_pool + | query + -------+----------+-----------------+----------+----------+------------------+--------------- + -+-----------------+-------------+-------------------------------+------------+-------------- + -----------------+-------------------------------+---------+---------+-------+--------------- + +---------------------------------------------- + 13626 | postgres | 140390162233104 | 10 | gaussdba | | + | | -1 | 2016-07-15 14:08:59.474118+08 | | 2016-07-15 14 + :09:04.496769+08 | 2016-07-15 14:09:04.496975+08 | f | | idle | default_pool + | select count(group_name) from pgxc_group; + 13626 | postgres | 140390132872976 | 10 | gaussdba | cn_5002 | 10.180.123.163 + | | 48614 | 2016-07-15 14:11:16.014871+08 | | 2016-07-15 14 + :21:17.346045+08 | 2016-07-15 14:21:17.346095+08 | f | | idle | default_pool + | SET SESSION AUTHORIZATION DEFAULT;RESET ALL; + (2 rows) + ``` + +2. Release idle connections. + + Check each connection and release them after obtaining approval from the users of the connections. Run the following SQL command to release a connection using **pid** obtained in the previous step: + + ``` + postgres=# SELECT pg_terminate_backend(140390132872976); + ``` + + Information similar to the following is displayed: + + ``` + postgres=# SELECT pg_terminate_backend(140390132872976); + pg_terminate_backend + ---------------------- + t + (1 row) + ``` + + If no connections can be released, go to the next step. + +3. Increase the maximum number of connections. + + ``` + gs_guc set -D /gaussdb/data/dbnode -c "max_connections= 800" + ``` + + **800** is the new maximum value. + +4. Restart database services to make the new settings take effect. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >The restart results in operation interruption. Properly plan the restart to avoid affecting users. + + ``` + gs_om -t stop && gs_om -t start + ``` + + +## Routinely Maintaining Tables + +To ensure proper database running, after insert and delete operations, you need to routinely run **VACUUM FULL** and **ANALYZE** as appropriate for customer scenarios and update statistics to obtain better performance. + +### Related Concepts + +You need to routinely run **VACUUM**, **VACUUM FULL**, and **ANALYZE** to maintain tables, because: + +- **VACUUM FULL** can be used to reclaim disk space occupied by updated or deleted data and combine small-size data files. +- **VACUUM** can be used to maintain a visualized mapping for each table to track pages that contain arrays visible to other active transactions. A common index scan uses the mapping to obtain the corresponding arrays and check whether the arrays are visible to the current transaction. If the arrays cannot be obtained, capture a batch of arrays to check the visibility. Therefore, updating the visualized mapping of a table can accelerate unique index scans. +- Running **VACUUM** can avoid original data loss caused by duplicate transaction IDs when the number of executed transactions exceeds the database threshold. +- **ANALYZE** can be used to collect statistics on tables in databases. The statistics are stored in the system catalog **PG\_STATISTIC**. Then the query optimizer uses the statistics to work out the most efficient execution plan. + +### Procedure + +1. Run the **VACUUM** or **VACUUM FULL** command to reclaim disk space. + - **VACUUM**: + + Run **VACUUM** for a table. + + ``` + postgres=# VACUUM customer; + ``` + + ``` + VACUUM + ``` + + This statement can be concurrently executed with database operation commands, including **SELECT**, **INSERT**, **UPDATE**, and **DELETE**; excluding **ALTER TABLE**. + + Run **VACUUM** for the table partition. + + ``` + postgres=# VACUUM customer_par PARTITION ( P1 ); + ``` + + ``` + VACUUM + ``` + + - **VACUUM FULL**: + + ``` + postgres=# VACUUM FULL customer; + ``` + + ``` + VACUUM + ``` + + During the command running, exclusive locks need to be added to the table and all other database operations need to be suspended. + +2. Run **ANALYZE** to update statistics. + + ``` + postgres=# ANALYZE customer; + ``` + + ``` + ANALYZE + ``` + + Run **ANALYZE VERBOSE** to update statistics and display table information. + + ``` + postgres=# ANALYZE VERBOSE customer; + ``` + + ``` + ANALYZE + ``` + + You can run **VACUUM ANALYZE** at the same time to optimize the query. + + ``` + postgres=# VACUUM ANALYZE customer; + ``` + + ``` + VACUUM + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >**VACUUM** and **ANALYZE** cause a substantial increase in I/O traffic, which may affect other active sessions. Therefore, you are advised to set the cost-based vacuum delay feature by specifying the **vacuum\_cost\_delay** parameter. For details, see "GUC Parameters \> Resource Consumption \> Cost-based Vacuum Delay" in the _Developer Guide_. + +3. Delete a table. + + ``` + postgres=# DROP TABLE customer; + postgres=# DROP TABLE customer_par; + postgres=# DROP TABLE part; + ``` + + If the following information is displayed, the tables have been deleted: + + ``` + DROP TABLE + ``` + + +### Maintenance Suggestions + +- Routinely run **VACUUM FULL** for large tables. If the database performance deteriorates, run **VACUUM FULL** for the entire database. If the database performance is stable, you are advised to run **VACUUM FULL** monthly. +- Routinely run **VACUUM FULL** on system catalogs, especially **PG\_ATTRIBUTE**. +- Enable automatic vacuum processes \(**AUTOVACUUM**\) in the system. The processes automatically run the **VACUUM** and **ANALYZE** statements to reclaim the record space marked as the deleted state and update statistics in the table. + +## Routinely Recreating an Index + +### Background + +When data deletion is repeatedly performed in the database, index keys will be deleted from the index pages, resulting in index bloat. Recreating an index routinely improves query efficiency. + +The database supports B-tree indexes. Recreating a B-tree index routinely helps improve query efficiency. + +- If a large amount of data is deleted, index keys on the index pages will be deleted. As a result, the number of index pages reduces and index bloat occurs. Recreating an index helps reclaim wasted space. +- In a newly created index, pages with adjacent logical structures tend to have adjacent physical structures. Therefore, a new index achieves a higher access speed than an index that has been updated for multiple times. + +### Methods + +Use either of the following two methods to recreate an index: + +- Run the **DROP INDEX** statement to delete the index and run the **CREATE INDEX** statement to create an index. + + When you delete an index, a temporary exclusive lock is added in the parent table to block related read/write operations. During index creation, the write operation is locked, whereas the read operation is not locked and can use only sequential scans. + +- Run **REINDEX** to recreate an index. + - When you run the **REINDEX TABLE** statement to recreate an index, an exclusive lock is added to block related read/write operations. + - When you run the **REINDEX INTERNAL TABLE** statement to recreate an index for a **desc** table \(such as column-store **cudesc** table\), an exclusive lock is added to block related read/write operations on the table. + + +### Procedure + +Assume the ordinary index **areaS\_idx** exists in the **area\_id** column of the imported table **areaS**. Use either of the following two methods to recreate an index: + +- Run the **DROP INDEX** statement to delete the index and run the **CREATE INDEX** statement to create an index. + 1. Delete the index. + + ``` + postgres=# DROP INDEX areaS_idx; + DROP INDEX + ``` + + 2. Create an index + + ``` + postgres=# CREATE INDEX areaS_idx ON areaS (area_id); + CREATE INDEX + ``` + + +- Run **REINDEX** to recreate an index. + - Run **REINDEX TABLE** to recreate an index. + + ``` + postgres=# REINDEX TABLE areaS; + REINDEX + ``` + + - Run **REINDEX INTERNAL TABLE** to recreate an index for a **desc** table \(such as column-store **cudesc** table\). + + ``` + postgres=# REINDEX INTERNAL TABLE areaS; + REINDEX + ``` + + + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>Before you recreate an index, you can increase the values of **maintenance\_work\_mem** and **psort\_work\_mem** to accelerate the index recreation. + +## Data Security Maintenance Suggestions + +To ensure data security in GaussDB Kernel and prevent accidents, such as data loss and illegal data access, read this section carefully. + +### Preventing Data Loss + +You are advised to plan routine physical backup and store backup files in a reliable medium. If a serious error occurs in the system, you can use the backup files to restore the system to the state at the backup point. + +### Preventing Illegal Data Access + +- You are advised to manage database users based on their permission hierarchies. A database administrator creates users and grants permissions to the users based on service requirements to ensure users properly access the database. +- You are advised to deploy GaussDB Kernel servers and clients \(or applications developed based on the client library\) in trusted internal networks. If the servers and clients must be deployed in an untrusted network, enable SSL encryption before services are started to ensure data transmission security. Note that enabling the SSL encryption function compromises database performance. + +### Preventing System Logs from Leaking Personal Data + +- Delete personal data before sending debug logs to others for analysis. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >The log level **log\_min\_messages** is set to **DEBUG**_x_ \(_x_ indicates the debug level and the value ranges from 1 to 5\). The information recorded in debug logs may contain personal data. + +- Delete personal data before sending system logs to others for analysis. If the execution of a SQL statement fails, the error SQL statement will be recorded in a system log by default. SQL statements may contain personal data. +- Set **log\_min\_error\_statement** to **PANIC** to prevent error SQL statements from being recorded in system logs. However, once the function is disabled, it is difficult to locate fault causes if faults occur. + + \ No newline at end of file diff --git a/content/en/docs/Administratorguide/routinely-maintaining-tables.md b/content/en/docs/Administratorguide/routinely-maintaining-tables.md deleted file mode 100644 index dd0707b646f39d1099074d094c5cf6c3c1539e3b..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/routinely-maintaining-tables.md +++ /dev/null @@ -1,106 +0,0 @@ -# Routinely Maintaining Tables - -To ensure proper database running, after insert and delete operations, you need to routinely run **VACUUM FULL** and **ANALYZE** as appropriate for customer scenarios and update statistics to obtain better performance. - -## Related Concepts - -You need to routinely run **VACUUM**, **VACUUM FULL**, and **ANALYZE** to maintain tables, because: - -- **VACUUM FULL** can be used to reclaim disk space occupied by updated or deleted data and combine small-size data files. -- **VACUUM** can be used to maintain a visualized mapping for each table to track pages that contain arrays visible to other active transactions. A common index scan uses the mapping to obtain the corresponding arrays and check whether the arrays are visible to the current transaction. If the arrays cannot be obtained, capture a batch of arrays to check the visibility. Therefore, updating the visualized mapping of a table can accelerate unique index scans. -- Running **VACUUM** can avoid original data loss caused by duplicate transaction IDs when the number of executed transactions exceeds the database threshold. -- **ANALYZE** can be used to collect statistics on tables in databases. The statistics are stored in the system catalog **PG\_STATISTIC**. Then the query optimizer uses the statistics to work out the most efficient execution plan. - -## Procedure - -1. Run the **VACUUM** or **VACUUM FULL** command to reclaim disk space. - - **VACUUM**: - - Run **VACUUM** for a table. - - ``` - postgres=# VACUUM customer; - ``` - - ``` - VACUUM - ``` - - This statement can be concurrently executed with database operation commands, including **SELECT**, **INSERT**, **UPDATE**, and **DELETE**; excluding **ALTER TABLE**. - - Run **VACUUM** for the table partition. - - ``` - postgres=# VACUUM customer_par PARTITION ( P1 ); - ``` - - ``` - VACUUM - ``` - - - **VACUUM FULL**: - - ``` - postgres=# VACUUM FULL customer; - ``` - - ``` - VACUUM - ``` - - During the command running, exclusive locks need to be added to the table and all other database operations need to be suspended. - -2. Run **ANALYZE** to update statistics. - - ``` - postgres=# ANALYZE customer; - ``` - - ``` - ANALYZE - ``` - - Run **ANALYZE VERBOSE** to update statistics and display table information. - - ``` - postgres=# ANALYZE VERBOSE customer; - ``` - - ``` - ANALYZE - ``` - - You can run **VACUUM ANALYZE** at the same time to optimize the query. - - ``` - postgres=# VACUUM ANALYZE customer; - ``` - - ``` - VACUUM - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >**VACUUM** and **ANALYZE** cause a substantial increase in I/O traffic, which may affect other active sessions. Therefore, you are advised to set the cost-based vacuum delay feature by specifying the **vacuum\_cost\_delay** parameter. For details, see "GUC Parameters \> Resource Consumption \> Cost-based Vacuum Delay" in the _Developer Guide_. - -3. Delete a table. - - ``` - postgres=# DROP TABLE customer; - postgres=# DROP TABLE customer_par; - postgres=# DROP TABLE part; - ``` - - If the following information is displayed, the tables have been deleted: - - ``` - DROP TABLE - ``` - - -## Maintenance Suggestions - -- Routinely run **VACUUM FULL** for large tables. If the database performance deteriorates, run **VACUUM FULL** for the entire database. If the database performance is stable, you are advised to run **VACUUM FULL** monthly. -- Routinely run **VACUUM FULL** on system catalogs, especially **PG\_ATTRIBUTE**. -- Enable automatic vacuum processes \(**AUTOVACUUM**\) in the system. The processes automatically run the **VACUUM** and **ANALYZE** statements to reclaim the record space marked as the deleted state and update statistics in the table. - diff --git a/content/en/docs/Administratorguide/routinely-recreating-an-index.md b/content/en/docs/Administratorguide/routinely-recreating-an-index.md deleted file mode 100644 index 4ad70ca629387dde88ce2f201d5483325431c7d7..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/routinely-recreating-an-index.md +++ /dev/null @@ -1,64 +0,0 @@ -# Routinely Recreating an Index - -## Background - -When data deletion is repeatedly performed in the database, index keys will be deleted from the index pages, resulting in index bloat. Recreating an index routinely improves query efficiency. - -The database supports B-tree indexes. Recreating a B-tree index routinely helps improve query efficiency. - -- If a large amount of data is deleted, index keys on the index pages will be deleted. As a result, the number of index pages reduces and index bloat occurs. Recreating an index helps reclaim wasted space. -- In a newly created index, pages with adjacent logical structures tend to have adjacent physical structures. Therefore, a new index achieves a higher access speed than an index that has been updated for multiple times. - -## Methods - -Use either of the following two methods to recreate an index: - -- Run the **DROP INDEX** statement to delete the index and run the **CREATE INDEX** statement to create an index. - - When you delete an index, a temporary exclusive lock is added in the parent table to block related read/write operations. During index creation, the write operation is locked, whereas the read operation is not locked and can use only sequential scans. - -- Run **REINDEX** to recreate an index. - - When you run the **REINDEX TABLE** statement to recreate an index, an exclusive lock is added to block related read/write operations. - - When you run the **REINDEX INTERNAL TABLE** statement to recreate an index for a **desc** table \(such as column-store **cudesc** table\), an exclusive lock is added to block related read/write operations on the table. - - -## Procedure - -Assume the ordinary index **areaS\_idx** exists in the **area\_id** column of the imported table **areaS**. Use either of the following two methods to recreate an index: - -- Run the **DROP INDEX** statement to delete the index and run the **CREATE INDEX** statement to create an index. - 1. Delete the index. - - ``` - postgres=# DROP INDEX areaS_idx; - DROP INDEX - ``` - - 2. Create an index - - ``` - postgres=# CREATE INDEX areaS_idx ON areaS (area_id); - CREATE INDEX - ``` - - -- Run **REINDEX** to recreate an index. - - Run **REINDEX TABLE** to recreate an index. - - ``` - postgres=# REINDEX TABLE areaS; - REINDEX - ``` - - - Run **REINDEX INTERNAL TABLE** to recreate an index for a **desc** table \(such as column-store **cudesc** table\). - - ``` - postgres=# REINDEX INTERNAL TABLE areaS; - REINDEX - ``` - - - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->Before you recreate an index, you can increase the values of **maintenance\_work\_mem** and **psort\_work\_mem** to accelerate the index recreation. - diff --git a/content/en/docs/Administratorguide/starting-and-stopping-opengauss.md b/content/en/docs/Administratorguide/starting-and-stopping-opengauss.md index f8b5c8c3ecf6aa20f0ef46de7f4b8e554980e2d4..2acc7c26c4e3e9ce78e02ab2ebe32e6500bf4987 100644 --- a/content/en/docs/Administratorguide/starting-and-stopping-opengauss.md +++ b/content/en/docs/Administratorguide/starting-and-stopping-opengauss.md @@ -1,62 +1,62 @@ -# Starting and Stopping openGauss - -## Starting openGauss - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to start openGauss: - - ``` - gs_om -t start - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >An HA cluster must be started in HA mode. If the cluster is started in standalone mode, you need to restore the HA relationship by running the **gs\_ctl build** command. For details about how to use the **gs\_ctl** tool, see the _openGauss Tool Reference_. - - -## Stopping openGauss - -1. Log in as the OS user **omm** to the primary node of the database. -2. Run the following command to stop openGauss: - - ``` - gs_om -t stop - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >For details about how to start and stop nodes and availability zones \(AZs\), see "Server Tools \> gs\_om" in the _openGauss Tool Reference_. - - -## Examples - -Start openGauss: - -``` -gs_om -t start -Starting cluster. -========================================= -========================================= -Successfully started. - -``` - -Stop openGauss: - -``` -gs_om -t stop -Stopping cluster. -========================================= -Successfully stopped cluster. -========================================= -End stop cluster. -``` - -## Troubleshooting - -If starting or stopping openGauss fails, troubleshoot the problem based on log information. For details, see [Log Reference](log-reference.md). - -If the startup fails due to timeout, you can run the following command to set the startup timeout interval, which is 300s by default: - -``` -gs_om -t start --time-out=300 -``` - +# Starting and Stopping openGauss + +## Starting openGauss + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to start openGauss: + + ``` + gs_om -t start + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >An HA cluster must be started in HA mode. If the cluster is started in standalone mode, you need to restore the HA relationship by running the **gs\_ctl build** command. For details about how to use the **gs\_ctl** tool, see the _openGauss Tool Reference_. + + +## Stopping openGauss + +1. Log in as the OS user **omm** to the primary node of the database. +2. Run the following command to stop openGauss: + + ``` + gs_om -t stop + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >For details about how to start and stop nodes and availability zones \(AZs\), see "Server Tools \> gs\_om" in the _openGauss Tool Reference_. + + +## Examples + +Start openGauss: + +``` +gs_om -t start +Starting cluster. +========================================= +========================================= +Successfully started. + +``` + +Stop openGauss: + +``` +gs_om -t stop +Stopping cluster. +========================================= +Successfully stopped cluster. +========================================= +End stop cluster. +``` + +## Troubleshooting + +If starting or stopping openGauss fails, troubleshoot the problem based on log information. For details, see [Log Reference](log-reference.md). + +If the startup fails due to timeout, you can run the following command to set the startup timeout interval, which is 300s by default: + +``` +gs_om -t start --time-out=300 +``` + diff --git a/content/en/docs/Administratorguide/system-logs.md b/content/en/docs/Administratorguide/system-logs.md deleted file mode 100644 index 863e8fb8c2debff6ace376534c2958933a9f867f..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/system-logs.md +++ /dev/null @@ -1,25 +0,0 @@ -# System Logs - -System logs include those generated by database nodes when openGauss is running, and those generated when openGauss is deployed. If an error occurs during openGauss running, you can locate the cause and troubleshoot it based on system logs. - -## Log Storage Directory - -Run logs of database nodes are stored in the corresponding folders in the **/var/log/gaussdb/**_username_**/pg\_log** directory. - -Logs generated during OM openGauss installation and uninstallation are stored in the **/var/log/gaussdb/**_username_**/om** directory. - -## Log Naming Rules - -The name format of database node run logs is: - -**postgresql-**_creation time_**.log** - -By default, a new log file is generated at 0:00 every day, or when the latest log file exceeds 16 MB or a database instance \(database node\) is restarted. - -## Log Content Description - -- Content of a line in a database node log: - - Date+Time+Time zone+Username+Database name+Session ID+Log level+Log content - - diff --git a/content/en/docs/Administratorguide/wals.md b/content/en/docs/Administratorguide/wals.md deleted file mode 100644 index e4dd333b8eb272bc37efbe5382f2f34f8d28da9a..0000000000000000000000000000000000000000 --- a/content/en/docs/Administratorguide/wals.md +++ /dev/null @@ -1,29 +0,0 @@ -# WALs - -In a system using write-ahead logs \(WALs or Xlogs\), all data file modifications are written to a log before they are applied. That is, the corresponding log must be written into a permanent memory before a data file is modified. You can use WALs to restore the cluster if the system crashes. - -## Log Storage Directory - -Take a DN as an example. Its WALs are stored in the **/gaussdb/data/data\_dn****/pg\_xlog** directory. - -**/gaussdb/data/data\_dn** is the data directory of a node in the cluster. - -## Log Naming Rules - -Log files are saved as segment files. Each segment is 16 MB and is divided into multiple 8 KB pages. The name of a WAL file consists of 24 hexadecimal characters. Each name has three parts, with each part having eight hexadecimal characters. The first part indicates the time line, the second part indicates the log file identifier, and the third part indicates the file segment identifier. A time line starts from 1, and a log file identifier and a file segment identifier start from 0. - -For example, the name of the first transaction log is **000000010000000000000000**. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->The numbers in each part are used in ascending order in succession. Exhausting all available numbers takes a long time, and the numbers will start from zero again after they reach the maximum. - -## Log Content Description - -The content of WALs depends on the types of recorded transactions. WALs can be used to restore a system after the system breaks down. - -By default, GaussDB Kernel reads WALs for system restoration during each startup. - -## Maintenance Suggestions - -WALs are important for database restoration. You are advised to routinely back up WALs. - diff --git a/content/en/docs/Quickstart/optional-setting-the-standby-node-to-readable.md b/content/en/docs/Quickstart/(optional)-setting-the-standby-node-to-readable.md similarity index 69% rename from content/en/docs/Quickstart/optional-setting-the-standby-node-to-readable.md rename to content/en/docs/Quickstart/(optional)-setting-the-standby-node-to-readable.md index e6e152b7963afba72c55d64bb3bc9250afae2f09..3c924b4859cdb4e26dc7718408d275a1a2b8435e 100644 --- a/content/en/docs/Quickstart/optional-setting-the-standby-node-to-readable.md +++ b/content/en/docs/Quickstart/(optional)-setting-the-standby-node-to-readable.md @@ -1,10 +1,10 @@ -# \(Optional\) Setting the Standby Node to Readable +# \(Optional\) Setting the Standby Node to Readable Readable standby node is an optional feature. You need to modify the configuration parameters and restart the primary and standby nodes before using this feature. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements. -## Procedure +## Procedure 1. If the openGauss database instance is running on the primary and standby nodes, stop the database instance on both nodes. -2. Open the **postgres.conf** configuration files of the primary and standby nodes based on the corresponding paths in [Table 2](configuring-primary-database-node-information.md#en-us_topic_0249784583_en-us_topic_0241802596_table15838192510429), find the corresponding parameters, and change the parameter values to **wal\_level=hot\_standby**, **hot\_standby = on**, and **hot\_standby\_feedback = on**. +2. Open the **postgres.conf** configuration files of the primary and standby nodes based on the corresponding paths in [Table 2](configuring-primary-database-node-information.md#en-us_topic_0241802596_table15838192510429), find the corresponding parameters, and change the parameter values to **wal\_level=hot\_standby**, **hot\_standby = on**, and **hot\_standby\_feedback = on**. 3. After the modification, start the primary and standby nodes. diff --git a/content/en/docs/Quickstart/configuring-os-parameters.md b/content/en/docs/Quickstart/configuring-os-parameters.md deleted file mode 100644 index fb016c97cd8dd4828f17d1a6fcb32cfa5a78c374..0000000000000000000000000000000000000000 --- a/content/en/docs/Quickstart/configuring-os-parameters.md +++ /dev/null @@ -1,493 +0,0 @@ -# Configuring OS Parameters - -openGauss requires that the OS parameters on every host be set to specified values to ensure system running performance. - -Some of these parameters are set during the openGauss installation environment preparation phase, and these parameters directly affect the running status of the openGauss. You need to manually adjust these parameters only when necessary. You can use the following methods: - -1. Log in to a server as user **root**. -2. Modify the **/etc/sysctl.conf** file. - - For details about how to modify parameters, see [OS Parameters](#en-us_topic_0249784554_en-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section3705271819540). - -3. Run the following command to make the modifications take effect: - - ``` - sysctl -p - ``` - - -## OS Parameters - -**Table 1** OS parameters - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Parameter

-

Description

-

Recommended Value

-

net.ipv4.tcp_max_tw_buckets

-

Specifies the maximum number of TCP/IP connections concurrently remaining in the TIME_WAIT state. If the number of TCP/IP connections concurrently remaining in the TIME_WAIT state exceeds the value of this parameter, the TCP/IP connections in the TIME_WAIT state will be released immediately, and alarm information will be printed.

-

10000

-

net.ipv4.tcp_tw_reuse

-

Reuses sockets whose status is TIME-WAIT for new TCP connections.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

net.ipv4.tcp_tw_recycle

-

Rapidly reclaims sockets whose status is TIME-WAIT in TCP connections.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

net.ipv4.tcp_keepalive_time

-

Specifies how often keep-alive messages are sent through TCP connections when Keep-Alive is enabled.

-

30

-

net.ipv4.tcp_keepalive_probes

-

Specifies the number of keep-alive detection packets sent through a TCP connection before the connection is regarded invalid. The product of the parameter value multiplied by the value of the tcp_keepalive_intvl parameter determines the response timeout after a keep-alive message is sent through a connection.

-

9

-

net.ipv4.tcp_keepalive_intvl

-

Specifies how often a detection packet is re-sent when the previous packets are not acknowledged.

-

30

-

net.ipv4.tcp_retries1

-

Specifies the maximum TCP reattempts during the connection establishment process.

-

5

-

net.ipv4.tcp_syn_retries

-

Specifies the maximum SYN packet reattempts in the TCP.

-

5

-

net.ipv4.tcp_synack_retries

-

Specifies the maximum SYN response packet reattempts in the TCP.

-

5

-

net.sctp.path_max_retrans

-

Specifies the maximum SCTP reattempts.

-

10

-

net.sctp.max_init_retransmits

-

Specifies the maximum INIT packet reattempts in the SCTP.

-

10

-

net.sctp.association_max_retrans

-

Specifies the maximum reattempts of a single logical connection in the SCTP.

-

10

-

net.sctp.hb_interval

-

Specifies the retransmission interval of heartbeat detection packets in the SCTP.

-

30000

-

net.ipv4.tcp_retries2

-

Specifies the number of times that the kernel re-sends data to a connected remote host. A smaller value leads to earlier detection of an invalid connection to the remote host, and the server can quickly release this connection.

-

If "connection reset by peer" is displayed, increase the value of this parameter to avoid the problem.

-

12

-

vm.overcommit_memory

-

Specifies the kernel check method during memory allocation.

-
  • 0: The system accurately calculates the current available memory.
  • 1: The system returns a success message without a kernel check.
  • 2: The system returns a failure message if the memory size you have applied for exceeds the result of the following formula: Total memory size x Value of vm.overcommit_ratio/100 + Total SWAP size.
-

The default value is 2, which is too conservative. The recommended value is 0. If memory usage is high, set this parameter to 1.

-

0

-

net.sctp.sndbuf_policy

-

Specifies the buffer allocation policy on the SCTP sender.

-
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
-

0

-

net.sctp.rcvbuf_policy

-

Specifies the buffer allocation policy on the SCTP receiver.

-
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
-

0

-

net.sctp.sctp_mem

-

Specifies the maximum free memory of the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

-

94500000 915000000 927000000

-

net.sctp.sctp_rmem

-

Specifies the total free memory for receiving data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

-

8192 250000 16777216

-

net.sctp.sctp_wmem

-

Specifies the total free memory for sending data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

-

8192 250000 16777216

-

net.ipv4.tcp_rmem

-

Specifies the free memory in the TCP receiver buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

-

8192 250000 16777216

-

net.ipv4.tcp_wmem

-

Specifies the free memory in the TCP sender buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

-

8192 250000 16777216

-

net.core.wmem_max

-

Specifies the maximum size of the socket sender buffer.

-

21299200

-

net.core.rmem_max

-

Specifies the maximum size of the socket receiver buffer.

-

21299200

-

net.core.wmem_default

-

Specifies the default size of the socket sender buffer.

-

21299200

-

net.core.rmem_default

-

Specifies the default size of the socket receiver buffer.

-

21299200

-

net.ipv4.ip_local_port_range

-

Specifies the range of temporary ports that can be used by a physical server.

-

26000-65535

-

kernel.sem

-

Specifies the kernel semaphore.

-

250 6400000 1000 25600

-

vm.min_free_kbytes

-

Specifies the minimum free physical memory reserved for unexpected page breaks.

-

5% of the total system memory

-

net.core.somaxconn

-

Specifies the maximum length of the listening queue of each port. This is a global parameter.

-

65535

-

net.ipv4.tcp_syncookies

-

Specifies whether to enable SYN cookies to guard the OS against SYN attacks when the SYN waiting queue overflows.

-
  • 0: The SYN cookies are disabled.
  • 1: The SYN cookies are enabled.
-

1

-

net.sctp.addip_enable

-

Specifies whether dynamic address reset of the SCTP is enabled.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

0

-

net.core.netdev_max_backlog

-

Specifies the maximum number of data packets that can be sent to the queue when the rate at which the network device receives data packets is higher than that at which the kernel processes the data packets.

-

65535

-

net.ipv4.tcp_max_syn_backlog

-

Specifies the maximum number of unacknowledged connection requests to be recorded.

-

65535

-

net.ipv4.tcp_fin_timeout

-

Specifies the default timeout duration.

-

60

-

kernel.shmall

-

Specifies the total shared free memory of the kernel.

-

1152921504606846720

-

kernel.shmmax

-

Specifies the maximum value of a shared memory segment.

-

18446744073709551615

-

net.ipv4.tcp_sack

-

Specifies whether selective acknowledgment is enabled. The selective acknowledgment on out-of-order packets can increase system performance. Restricting users to sending only lost packets (for wide area networks) should be enabled, but this will increase CPU usage.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

net.ipv4.tcp_timestamps

-

Specifies whether the TCP timestamp (12 bytes are added in the TCP packet header) enables a more accurate RTT calculation than the retransmission timeout (for details, see RFC 1323) for better performance.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

vm.extfrag_threshold

-

When system memory is insufficient, Linux will score the current system memory fragments. If the score is higher than the value of vm.extfrag_threshold, kswapd triggers memory compaction. When the value of this parameter is close to 1000, the system tends to swap out old pages when processing memory fragments to meet the application requirements. When the value of this parameter is close to 0, the system tends to do memory compaction when processing memory fragments.

-

500

-

vm.overcommit_ratio

-

When the system uses the algorithms where memory usage never exceeds the thresholds, the total memory address space of the system cannot exceed the value of swap+RAM multiplied by the percentage specified by this parameter. When the value of vm.overcommit_memory is set to 2, this parameter takes effect.

-

90

-

/sys/module/sctp/parameters/no_checksums

-

Specifies whether checksum is disabled in SCTP.

-

0

-

MTU

-

Specifies the maximum transmission unit (MTU) for a node NIC. The default value is 1500 in the OS. You can set it to 8192 to improve the performance of sending and receiving data using SCTP.

-

8192

-
- -## File System Parameters - -- soft nofile - - Indicates the soft limit. The number of file handles used by a user can exceed this parameter value. However, an alarm will be reported. - - Recommended value: **1000000** - -- hard nofile - - Indicates the hard limit. The number of file handles used by a user cannot exceed this parameter value. - - Recommended value: **1000000** - -- stack size - - Indicates the thread stack size. - - Recommended value: **3072** - - -## Setting the transparent\_hugepage Service - -By default, openGauss disables the transparent\_hugepage service and this setting is written into the OS startup file. - -## Setting File Handles - -To manually set the number of file handles, run the following commands to modify the involved parameters as user **root**: - -``` -echo "* soft nofile 1000000" >>/etc/security/limits.conf -echo "* hard nofile 1000000" >>/etc/security/limits.conf -``` - -After the modification is complete, restart the OS to make the setting take effect. - -**Table 2** Parameters for setting the number of file handles - - - - - - - - - - - - - - - - - - - -

Parameter

-

Description

-

Automatically Set by Scripts During Pre-Installation

-

Recommended Value

-

* soft nofile

-

Specifies the soft limit on the number of file handles. For example, if this parameter is set to 1000000, any user can open a maximum of 1,000,000 files regardless of how many shells are enabled.

-

Yes

-

1000000

-

* hard nofile

-

Specifies the hard limit. The soft limit must be less than or equal to the hard limit.

-

Yes

-

1000000

-
- -## Setting the Maximum Number of Allowed Processes - -To manually set the maximum number of allowed processes, run the following command to open the configuration file: - -``` -vim /etc/security/limits.d/90-nproc.conf -``` - -Modify the **\* soft nproc** parameter in the file. - -After the modification is complete, restart the OS to make the setting take effect. - -**Table 3** Setting the maximum number of allowed processes - - - - - - - - - - - - - - -

Parameter

-

Description

-

Automatically Set by Scripts During Pre-Installation

-

Recommended Value

-

* soft nproc

-

Specifies the maximum number of processes allowed per user.

-

No

-

60000

-
- -## Setting NIC Parameters - -**Table 4** Setting NIC parameters - - - - - - - - - - - - - - - - - - - -

Parameter

-

Description

-

Automatically Set by Scripts During Pre-Installation

-

Recommended Value

-

rx

-

Specifies the receive queue length for an NIC.

-

Yes

-

4096

-

tx

-

Specifies the transmission queue length for an NIC.

-

Yes

-

4096

-
- ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->- NIC parameters can be configured only for 10GE and larger service NICs, that is, the NIC bound to **backIp1**. ->- The commands for setting NIC parameters are written into the OS startup file only after the parameters are successfully set. Information about command execution failures is recorded in logs on the server. - diff --git a/content/en/docs/Quickstart/creating-an-xml-configuration-file.md b/content/en/docs/Quickstart/creating-an-xml-configuration-file.md index ec20a09231ded1e8df22b97766408daa445b219e..102d6f7e47e85f6792a6509fdbcb28204cc3e5b2 100644 --- a/content/en/docs/Quickstart/creating-an-xml-configuration-file.md +++ b/content/en/docs/Quickstart/creating-an-xml-configuration-file.md @@ -1,4 +1,4 @@ -# Creating an XML Configuration File +# Creating an XML Configuration File Before installing the openGauss, you need to create the **clusterconfig.xml** file. The **clusterconfig.xml** file contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the XML configuration file according to the actual deployment requirements. @@ -6,16 +6,14 @@ The following describes how to create an XML configuration file based on the dep -- [Configuring the Database Name and Directories](#configuring-the-database-name-and-directoriesa-nameen-us_topic_0270171700a) -- [Configuring the Basic Host Information](#configuring-the-basic-host-informationa-nameen-us_topic_0270171701a) -- [Configuring Primary Database Node Information](#configuring-primary-database-node-informationa-nameen-us_topic_0270171702a) - -- [Examples](#examplesa-nameen-us_topic_0270171703a) +- [Configuring the Database Name and Directories](#configuring-the-database-name-and-directoriesa-nameen-us_topic_0249784584a) +- [Configuring the Basic Host Information](#configuring-the-basic-host-informationa-nameen-us_topic_0249784567a) +- [Configuring Primary Database Node Information](#configuring-primary-database-node-informationa-nameen-us_topic_0249784583a) -## Configuring the Database Name and Directories +## Configuring the Database Name and Directories The information in bold is only an example. You can replace it as required. Each line of information is commented out. @@ -55,73 +53,73 @@ The information in bold is only an example. You can replace it as required. Each **Table 1** Parameter description - -

Instance Type

+ + - - - - - - - - - - - - - - - - - - - - -

Instance Type

Parameter

+

Parameter

Description

+

Description

Overall information

+

Overall information

clusterName

+

clusterName

openGauss name.

+

openGauss name.

nodeNames

+

nodeNames

Host name in the openGauss.

+

Host name in the openGauss.

backIp1s

+

backIp1s

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

+

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

gaussdbAppPath

+

gaussdbAppPath

Installation directory of the openGauss program. This directory must meet the following requirements:

-
  • The disk space is greater than 1 GB.
  • This directory is independent of other directories required by the database.
+

Installation directory of the openGauss program. This directory must meet the following requirements:

+
  • The disk space is greater than 1 GB.
  • This directory is independent of other directories required by the database.

gaussdbLogPath

+

gaussdbLogPath

Directory that stores run logs and operation logs of the openGauss. This directory must meet the following requirements:

-
  • You are advised to plan the disk space based on the number of database nodes on the host. Reserve 1 GB space for database nodes and reserve redundant space.
  • This directory is independent of other directories required by the openGauss.
-

This directory is optional. If the directory is not specified, $GAUSSLOG/Installation username will be specified as the log directory by default during openGauss installation.

+

Directory that stores run logs and operation logs of the openGauss. This directory must meet the following requirements:

+
  • You are advised to plan the disk space based on the number of database nodes on the host. Reserve 1 GB space for database nodes and reserve redundant space.
  • This directory is independent of other directories required by the openGauss.
+

This directory is optional. If the directory is not specified, $GAUSSLOG/Installation username will be specified as the log directory by default during openGauss installation.

tmpdbPath

+

tmpdbPath

Directory for storing temporary database files.

-

If tmpdbPath is not set, the file is stored in /opt/huawei/wisequery/perfadm_db by default.

+

Directory for storing temporary database files.

+

If tmpdbPath is not set, the file is stored in /opt/huawei/wisequery/perfadm_db by default.

gaussdbToolPath

+

gaussdbToolPath

Directory for storing openGauss system tools. This directory is used to store tools for mutual trust. This directory must meet the following requirements:

-
  • The disk space is greater than 100 MB.
  • This directory cannot be changed and is independent of other directories required by the database.
-

This directory is optional. If this parameter is not specified, /opt/huawei/wisequery is specified as the database system tool directory by default during openGauss installation.

+

Directory for storing openGauss system tools. This directory is used to store tools for mutual trust. This directory must meet the following requirements:

+
  • The disk space is greater than 100 MB.
  • This directory cannot be changed and is independent of other directories required by the database.
+

This directory is optional. If this parameter is not specified, /opt/huawei/wisequery is specified as the database system tool directory by default during openGauss installation.

corePath

+

corePath

Directory for storing the openGauss core file.

+

Directory for storing the openGauss core file.

clusterType

+

clusterType

openGauss type cluster type. This parameter is optional.

-

single-inst indicates the standalone cluster with one primary node and multiple standby nodes.

+

openGauss type cluster type. This parameter is optional.

+

single-inst indicates the standalone cluster with one primary node and multiple standby nodes.
-## Configuring the Basic Host Information +## Configuring the Basic Host Information >![](public_sys-resources/icon-note.gif) **NOTE:** >Each server must contain the following information. The following uses **node1** as an example. @@ -145,40 +143,40 @@ The information in bold is only an example. You can replace it as required. Each **Table 1** Parameter description - -

Instance Type

+ + - - - - - - - - - - - - - @@ -193,7 +191,7 @@ The information in bold is only an example. You can replace it as required. Each > >``` -## Configuring Primary Database Node Information +## Configuring Primary Database Node Information The information in bold is only an example. You can replace it as required. Each line of information is commented out. @@ -212,47 +210,47 @@ The information in bold is only an example. You can replace it as required. Each **Table 1** Parameter description - -

Instance Type

Parameter

+

Parameter

Description

+

Description

Overall information

+

Overall information

name

+

name

Host name.

+

Host name.

azName

+

azName

AZ name. The value is a character string that cannot contain special characters, for example, AZ1, AZ2, and AZ3.

+

AZ name. The value is a character string that cannot contain special characters, for example, AZ1, AZ2, and AZ3.

azPriority

+

azPriority

AZ priority.

+

AZ priority.

backIp1

+

backIp1

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

+

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

sshIp1

+

sshIp1

External IP address of the SSH reliable channel. If no external network is used, you can leave it empty or set it to the value of backIp1.

+

External IP address of the SSH reliable channel. If no external network is used, you can leave it empty or set it to the value of backIp1.

Instance Type

+ + - - - - - - - - - - - - - - - @@ -260,26 +258,26 @@ The information in bold is only an example. You can replace it as required. Each **Table 2** Database instance data directories - -

Instance Type

Parameter

+

Parameter

Description

+

Description

DBnode

+

DBnode

dataNum

+

dataNum

Number of database nodes to be deployed on the current host.

+

Number of database nodes to be deployed on the current host.

dataPortBase

+

dataPortBase

Basic port number of the database node. The default value is 40000.

+

Basic port number of the database node. The default value is 40000.

dataListenIp1

+

dataListenIp1

IP address being listened on. This address is used to receive requests for connections from other database nodes. If this parameter is not set, the value is determined based on backIp1 of the corresponding host.

-

If a virtual IP address is configured, this parameter can be set to a virtual IP address.

+

IP address being listened on. This address is used to receive requests for connections from other database nodes. If this parameter is not set, the value is determined based on backIp1 of the corresponding host.

+

If a virtual IP address is configured, this parameter can be set to a virtual IP address.

dataHaIp1

+

dataHaIp1

IP address used for communication between the primary and standby database nodes. If this parameter is not set, the value is determined based on backIp of the corresponding host.

-

This parameter can be set to the IP addresses of the hosts where the primary and standby database nodes reside.

+

IP address used for communication between the primary and standby database nodes. If this parameter is not set, the value is determined based on backIp of the corresponding host.

+

This parameter can be set to the IP addresses of the hosts where the primary and standby database nodes reside.

dataNode1

+

dataNode1

Directory for storing data of the database nodes on the current host. It is a data storage directory, and should be on a data disk.

+

Directory for storing data of the database nodes on the current host. It is a data storage directory, and should be on a data disk.

dataNode1_syncNum

+

dataNode1_syncNum

Number of nodes in synchronous mode in the current cluster. This parameter is optional. The value ranges from 0 to the number of standby database nodes.

+

Number of nodes in synchronous mode in the current cluster. This parameter is optional. The value ranges from 0 to the number of standby database nodes.

Instance

+ + - - - - -

Instance

Data Directory

+

Data Directory

Primary database node

+

Primary database node

/opt/huawei/install/data/xxx

-

xxx indicates the name of the current primary database node.

+

/opt/huawei/install/data/xxx

+

xxx indicates the name of the current primary database node.

Standby database node

+

Standby database node

/opt/huawei/install/data/slaveX

-

xxx indicates the name of the current standby database node.

+

/opt/huawei/install/data/slaveX

+

xxx indicates the name of the current standby database node.
-## Examples + \ No newline at end of file diff --git a/content/en/docs/Quickstart/creating-the-required-user-account-and-configuring-the-installation-environment.md b/content/en/docs/Quickstart/creating-the-required-user-account-and-configuring-the-installation-environment.md deleted file mode 100644 index 3c7cd7daa7c65b07ce4df9610ec1362678c5d4af..0000000000000000000000000000000000000000 --- a/content/en/docs/Quickstart/creating-the-required-user-account-and-configuring-the-installation-environment.md +++ /dev/null @@ -1,361 +0,0 @@ -# Creating the Required User Account and Configuring the Installation Environment - -After the clusteropenGauss configuration file is created, you need to run the **gs\_preinstall** script to prepare the account and environment so that you can perform clusteropenGauss installation and management operations with the minimum permission, ensuring system security. - -Executing the **gs\_preinstall** script enables the system to automatically complete the following installation preparations: - -- Sets kernel parameters for the SUSE Linux OS to improve server load performance. The kernel parameters directly affect database running status. Reconfigure them only when necessary. For details about the Linux OS kernel parameter settings in openGauss, see [Configuring OS Parameters](configuring-os-parameters.md#EN-US_TOPIC_0270171707). -- Automatically copies the clusteropenGauss configuration files and installation packages to the same directory on each clusteropenGauss host. -- If the installation user and user group of the clusteropenGauss do not exist, the system automatically creates them. -- Reads the directory information in the clusteropenGauss configuration file, creates the directory, and grants the directory permission to the installation user. - -## Prerequisites - -- You have completed all the tasks described in [Preparing for Installation](preparing-for-installation.md#EN-US_TOPIC_0270171690). - -## Precautions - -- You must check the upper-layer directory permissions to ensure that the user has the read, write, and execution permissions on the installation package and configuration file directory. -- The mapping between each host name and IP address in the XML configuration file must be correct. -- Only user **root** is authorized to run the **gs\_preinstall** command. - -## Procedure - -1. Log in to any host where the clusteropenGauss is to be installed as user **root** and create a directory for storing the installation package as planned. - - ``` - mkdir -p /opt/software/openGauss - chmod 755 -R /opt/software - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- Do not create the directory in the home directory or subdirectory of any openGauss user because you may lack permissions for such directories. - >- The clusteropenGauss user must have the read and write permissions on the **/opt/software/openGauss** directory. - -2. The release package is used as an example. Upload the installation package **openGauss\_x.x.x\_PACKAGES\_RELEASE.tar.gz** and the configuration file **clusterconfig.xml** to the directory created in the previous step. -3. Go to the directory for storing the uploaded software package and decompress the package. - - ``` - cd /opt/software/openGauss - tar -zxvf openGauss_x.x.x_PACKAGES_RELEASE.tar.gz - ``` - - [Table 1](#en-us_topic_0249784578_en-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_te4a9d557337c400c85acff184476a722) describes the contents of the decompressed software package. - - **Table 1** Description about the installation package - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Package Name

-

Description

-

openGauss-x.x.x-openEULER-64bit-ClientTools.tar.gz

-

Used to install the client in the SUSE Linux OS. This software package contains the gsql, dump restore tool, ODBC driver, JDBC driver, and Libpq library.

-

openGauss-x.x.x-openEULER-64bit-Jdbc.tar.gz

-

Used to install the JDBC driver in the SUSE Linux OS.

-

openGauss-x.x.x-openEULER-64bit-Libpq.tar.gz

-

Used to install the libpq library in the SUSE Linux OS.

-

openGauss-x.x.x-openEULER-64bit-Odbc.tar.gz

-

Used to install the ODBC driver in the SUSE Linux OS.

-

openGauss-x.x.x-openEULER-64bit-symbol.tar.gz

-

Provides the support file for debugging and locating database problems.

-

openGauss-x.x.x-openEULER-64bit.tar.gz

-

Used to install the database management system. This software package is the one used for database installation in this document.

-

openGauss-x.x.x-Sslcert.tar.gz

-

Certificate used for client-side server authentication.

-

openGauss-x.x.x-Inspection.tar.gz

-

Used to check the health status of the database.

-
- -4. Decompress the **openGauss-_x.x.x_-openEULER-64bit.tar.gz** package. - - ``` - tar -zxvf openGauss-x.x.x-openEULER-64bit.tar.gz - ``` - - After the installation package is decompressed, the **script** subdirectory is automatically generated in **/opt/software/openGauss**. OM tool scripts such as **gs\_preinstall** are generated in the **script** subdirectory. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- When you execute the **gs\_preinstall** script, plan the directory for storing the clusteropenGauss configuration file, directory for storing software packages, installation directories of programs, and directories of instance data. Common users cannot change the directories after the directories are specified. - >- When you execute the **gs\_preinstall** script to prepare the installation environment, the script automatically copies the clusteropenGauss configuration file and decompressed installation package to the same directory on other servers. - >- Before executing **gs\_preinstall** and establishing mutual trust, check whether the **/etc/profile** file contains error information. If it does, manually rectify the error. - -5. Go to the directory for storing tool scripts. - - ``` - cd /opt/software/openGauss/script - ``` - -6. If the openEuler operating system is used, run the following command to open the **performance.sh** file, comment out **sysctl -w vm.min\_free\_kbytes=112640 &\> /dev/null** using the number sign \(\#\), press **Esc** to enter the command mode, and run the **:wq** command to save the modification and exit. - - ``` - vi /etc/profile.d/performance.sh - ``` - -7. To ensure that the OpenSSL version is correct, load the **lib** library in the installation package before preinstallation. Run the following command. **\{packagePath\}** indicates the path where the installation package is stored. In this example, the path is **/opt/software/openGauss**. - - ``` - export LD_LIBRARY_PATH={packagePath}/script/gspylib/clib:$LD_LIBRARY_PATH - ``` - -8. To ensure successful installation, check whether the values of **hostname** and **/etc/hostname** are the same. During preinstallation, the host name is checked. -9. Execute **gs\_preinstall** to configure the installation environment. If the shared environment is used, add the **--sep-env-file=ENVFILE** parameter to separate environment variables to avoid mutual impact with other users. The environment variable separation file path is specified by users. - - Execute **gs\_preinstall** in interactive mode. During the execution, the mutual trust between users **root** and between clusteropenGauss users is automatically established. - - ``` - ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml - ``` - - **omm** is the database administrator \(also the OS user running the clusteropenGauss\), **dbgrp** is the group name of the OS user running the clusteropenGauss, and **/opt/software/GaussDB\_KernelopenGauss/clusterconfig.xml** is the path of the clusteropenGauss configuration file. During the execution, you need to determine whether to establish mutual trust as prompted and enter the password of user **root** or the clusteropenGauss user. - - - If the mutual trust between users **root** cannot be created, create the **omm** user, perform local preinstallation on each host, and manually create the mutual trust between openGauss users. If the **-L** parameter is specified during preinstallation, manually write the mapping between the host names and IP addresses of all nodes to the **/etc/hosts** file of each host before preinstallation, add **\#Gauss OM IP Hosts Mapping** to the end of each mapping. - 1. Run the following command to configure the installation environment: - - ``` - cd /opt/software/openGauss/script - ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >You need to run this command on each host. - - - - Execute **gs\_preinstall** in non-interactive mode. - 1. Manually establish mutual trust between users **root** and between clusteropenGauss users by following the instructions provided in [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md#EN-US_TOPIC_0270171706). - 2. Run the following command to configure the installation environment: - - ``` - cd /opt/software/openGauss/script - ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- In this mode, ensure that mutual trust has been established between the root users of all nodes and between the openGauss users of the cluster before performing.In this mode, ensure that mutual trust has been established between users **root** and between clusteropenGauss users on each node before executing **gs\_preinstall**. - >- The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. - - - - -## Examples - -Execute the **gs\_preinstall** script. - -``` -plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml -Parsing the configuration file. -Successfully parsed the configuration file. -Installing the tools on the local node. -Successfully installed the tools on the local node. -Are you sure you want to create trust for root (yes/no)? yes -Please enter password for root. -Password: -Creating SSH trust for the root permission user. -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -Successfully created SSH trust for the root permission user. -Setting pssh path -Successfully set core path. -Distributing package. -Begin to distribute package to tool path. -Successfully distribute package to tool path. -Begin to distribute package to package path. -Successfully distribute package to package path. -Successfully distributed package. -Are you sure you want to create the user[omm] and create trust for it (yes/no)? yes -Please enter password for cluster user. -Password: -Please enter password for cluster user again. -Password: -Successfully created [omm] user on all nodes. -Preparing SSH service. -Successfully prepared SSH service. -Installing the tools in the cluster. -Successfully installed the tools in the cluster. -Checking hostname mapping. -Successfully checked hostname mapping. -Creating SSH trust for [omm] user. -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -Successfully created SSH trust for [omm] user. -Checking OS software. -Successfully check os software. -Checking OS version. -Successfully checked OS version. -Creating cluster's path. -Successfully created cluster's path. -Setting SCTP service. -Successfully set SCTP service. -Set and check OS parameter. -Setting OS parameters. -Successfully set OS parameters. -Preparing CRON service. -Successfully prepared CRON service. -Setting user environmental variables. -Successfully set user environmental variables. -Setting the dynamic link library. -Successfully set the dynamic link library. -Setting Core file -Successfully set core path. -Setting pssh path -Successfully set pssh path. -Set ARM Optimization. -No need to set ARM Optimization. -Fixing server package owner. -Setting finish flag. -Successfully set finish flag. -Preinstallation succeeded. -S -``` - -If the passwords of user **root** on the hosts in the cluster are different and cannot be changed to the same one, execute the **gs\_preinstall** script in local installation mode. - -``` -plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml -Parsing the configuration file. -Successfully parsed the configuration file. -Installing the tools on the local node. -Successfully installed the tools on the local node. -Checking OS version. -Successfully checked OS version. -Creating cluster's path. -Successfully created cluster's path. -Setting SCTP service. -Successfully set SCTP service. -Set and check OS parameter. -Setting OS parameters. -Successfully set OS parameters. -Warning: Installation environment contains some warning messages. -Please get more details by "/home/package/r8c00/script/gs_checkos -i A -h SIA1000068990". -Set and check OS parameter completed. -Preparing CRON service. -Successfully prepared CRON service. -Preparing SSH service. -Successfully prepared SSH service. -Setting user environmental variables. -Successfully set user environmental variables. -Configuring alarms on the cluster nodes. -Successfully configured alarms on the cluster nodes. -Setting the dynamic link library. -Successfully set the dynamic link library. -Setting Cgroup. -Successfully set Cgroup. -Setting finish flag. -Successfully set finish flag. -Preinstallation succeeded. -``` - -Execute **gs\_preinstall** in non-interactive mode. - -``` -plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive -Parsing the configuration file. -Successfully parsed the configuration file. -Installing the tools on the local node. -Successfully installed the tools on the local node. -Distributing package. -Begin to distribute package to tool path. -Successfully distribute package to tool path. -Begin to distribute package to package path. -Successfully distribute package to package path. -Successfully distributed package. -Installing the tools in the cluster. -Successfully installed the tools in the cluster. -Checking hostname mapping. -Successfully checked hostname mapping. -Checking OS version. -Successfully checked OS version. -Creating cluster's path. -Successfully created cluster's path. -Setting SCTP service. -Successfully set SCTP service. -Set and check OS parameter. -Setting OS parameters. -Successfully set OS parameters. -Set and check OS parameter completed. -Preparing CRON service. -Successfully prepared CRON service. -Preparing SSH service. -Successfully prepared SSH service. -Setting user environmental variables. -Successfully set user environmental variables. -Configuring alarms on the cluster nodes. -Successfully configured alarms on the cluster nodes. -Setting the dynamic link library. -Successfully set the dynamic link library. -Setting Cgroup. -Successfully set Cgroup. -Set ARM Optimization. -Successfully set ARM Optimization. -Setting finish flag. -Successfully set finish flag. -Preinstallation succeeded. -``` - -## Troubleshooting - -If configuring the installation environment fails, obtain the **gs\_preinstall-YYYY-MM-DD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log** files from the **$GAUSSLOG/om** directory for storing clusteropenGauss logs. Then, locate the problem based on the log information. For example, if the path specified by the **gaussdbLogPath** parameter in the configuration file is **/var/log/gaussdb**, the **$GAUSSLOG/om** path is **/var/log/gaussdb/omm/om**, and the **omm** user is the user running clusteropenGauss. - ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->While the installation user and environment is prepared, user **root** is used to add scheduled tasks for routine inspection and reporting. - diff --git a/content/en/docs/Quickstart/establishing-mutual-trust-manually.md b/content/en/docs/Quickstart/establishing-mutual-trust-manually.md deleted file mode 100644 index 16367936338b044be10415e094f53a0958a785ef..0000000000000000000000000000000000000000 --- a/content/en/docs/Quickstart/establishing-mutual-trust-manually.md +++ /dev/null @@ -1,310 +0,0 @@ -# Establishing Mutual Trust Manually - -During the openGauss installation, you need to perform operations such as running commands and transferring files between hosts in openGauss. Establish mutual trust among the hosts before installing the cluster as a common user. During the execution of the pre-installation script, establish mutual trust between users **root**, then create a common user account, and finally establish mutual trust between common users. - ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->The mutual trust between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** after the installation is complete. - -## Prerequisites - -- The SSH service has been enabled. -- You have verified that SSH ports will not be disabled by firewalls. -- Each host name and IP address have been correctly configured in the XML file. -- Communication among all the hosts is normal. -- If the mutual trust is to be established for common users, the same user needs to be created and password set on each host. -- If the SELinux service is installed and has been started on each host, ensure that the security context of the **/root** directory is set to the default value **system\_u:object\_r:home\_root\_t:s0** and that of the **/home** directory is set to the default value **system\_u:object\_r:admin\_home\_t:s0**, or disable the SELinux service. - - To check the SELinux status, run the **getenforce** command. If the command output is **Enforcing**, SELinux is installed and has been enabled. - - To check the security contexts of the directories, run the following commands: - - ``` - ls -ldZ /root | awk '{print $4}' - ``` - - ``` - ls -ldZ /home | awk '{print $4}' - ``` - - To restore the security contexts of the directories, run the following commands: - - ``` - restorecon -r -vv /home/ - ``` - - ``` - restorecon -r -vv /root/ - ``` - - -## Establishing Mutual Trust Using a Script - -1. Create the file for executing the mutual trust script, and add the IP addresses of all the hosts in the openGauss to the file. - - ``` - plat1:/opt/software/openGauss> vim hostfile - 192.168.0.1 - 192.168.0.2 - 192.168.0.3 - ``` - -2. Execute the script as the user who needs to establish mutual trust with the hosts. -3. Execute the following script to establish mutual trust: - - ``` - plat1:/opt/software/openGauss/script# gs_sshexkey -f /opt/software/hostfile - ``` - - The **/opt/software/hostfile** file contains a list of the hosts. The list provides the IP addresses of all the hosts among which mutual trust needs to be established. - - -## Establishing Mutual Trust Manually - -If the passwords of user **root** on the hosts in the openGauss are different, the **gs\_preinstall** script cannot be used to establish mutual trust. In this case, manually establish mutual trust. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->The following files are generated during establishment of mutual trust: **authorized\_keys**, **id\_rsa**, **id\_rsa.pub**, and **known\_hosts**. Do not delete or corrupt the files. - -The procedure of manually establishing mutual trust is as follows \(**plat1**, **plat2**, and **plat3** are host names\): - -1. Generate a licensed file for user **root** on any host \(referred to as the local host\). Host **plat1** is used as an example. - 1. Generate a key. - - ``` - ssh-keygen -t rsa - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keygen -t rsa - Generating public/private rsa key pair. - Enter file in which to save the key (/root/.ssh/id_rsa): - Created directory '/root/.ssh'. - Enter passphrase (empty for no passphrase): - Enter same passphrase again: - Your identification has been saved in /root/.ssh/id_rsa. - Your public key has been saved in /root/.ssh/id_rsa.pub. - The key fingerprint is: - d5:35:46:33:27:22:09:f0:1e:12:a7:87:fa:33:3f:ab root@plat1 - The key's randomart image is: - +--[ RSA 2048]----+ - | o.o.....O .| - | * .o + * | - | + + . . | - | . + o | - | . S | - | . | - | + | - | +. | - | E.oo | - +-----------------+ - ``` - - 2. Generate the licensed file. - - ``` - cat .ssh/id_rsa.pub >> .ssh/authorized_keys - ``` - - The following is an example: - - ``` - plat1:~ # cat .ssh/id_rsa.pub >> .ssh/authorized_keys - ``` - -2. Obtain the public keys of all the hosts among which mutual trust needs to be established, and write the public keys into the **known\_hosts** file on the local host. This step needs to be performed on the host where Step 1 is performed. You need to obtain the public keys of the **plat1**, **plat2**, and **plat3** hosts. - 1. Obtain the public key of host **plat1**, and write the public key into the **known\_hosts** file on the local host. - - ``` - ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts - # plat1 SSH-2.0-OpenSSH_5.1 - ``` - - 2. Obtain the public key of host **plat2**, and write the public key into the **known\_hosts** file on the local host. - - ``` - ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts - # plat2 SSH-2.0-OpenSSH_5.1 - ``` - - 3. Obtain the public key of host **plat3**, and write the public key into the **known\_hosts** file on the local host. - - ``` - ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts - # plat3 SSH-2.0-OpenSSH_5.1 - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- After being accepted, the public key of a remote host will be saved in the **$HOME/.ssh/known\_hosts** file on the local host. When connecting to the remote host next time, the system can recognize that the public key of the remote host has been saved on the local host and then skip alarms. - >- If the **known\_hosts** file is deleted from the local host, the mutual trust between the local and remote hosts remains valid, but alarms will be reported. To prevent such alarms, set the **StrictHostKeyChecking** parameter in the **/etc/ssh/ssh\_config** file to **no**. - - -3. Send the **known\_hosts** file to all the other hosts except the local host. In this example, send the **known\_hosts** file on host **plat1** to hosts **plat2** and **plat3**. - - 1. Send the **known\_hosts** file to host **plat2**. When **Password:** is displayed, enter the password for logging in to host **plat2**. - - ``` - scp -r .ssh plat2:~ - ``` - - The following is an example: - - ``` - plat1:~ # scp -r .ssh plat2:~ - Password: - authorized_keys 100% 796 0.8KB/s 00:00 - id_rsa 100% 1675 1.6KB/s 00:00 - id_rsa.pub 100% 398 0.4KB/s 00:00 - known_hosts 100% 1089 1.1KB/s 00:00 - ``` - - 2. Send the **known\_hosts** file to host **plat3**. When **Password:** is displayed, enter the password for logging in to host **plat3**. - - ``` - scp -r .ssh plat3:~ - ``` - - The following is an example: - - ``` - plat1:~ # scp -r .ssh plat3:~ - Password: - authorized_keys 100% 796 0.8KB/s 00:00 - id_rsa 100% 1675 1.6KB/s 00:00 - id_rsa.pub 100% 398 0.4KB/s 00:00 - known_hosts 100% 1089 1.1KB/s 00:00 - ``` - -4. Run the **ssh **_Host name_ command to check whether mutual trust has been successfully established. Then, enter **exit**. - - ``` - plat1:~ # ssh plat2 - Last login: Sat Jun 20 14:01:07 2020 - plat2:~ # exit - logout - Connection to plat2 closed. - plat1:~ # - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >If there are more than three hosts, the procedure of manually establishing mutual trust between the hosts is similar to the one in this section. Assume that the host names are **plat1**, **plat2**, **plat3**, ... Firstly, generate a licensed file for user **root** on host **plat1** \(referred to as the local host\). Secondly, obtain the public keys of all the hosts \(**plat1**, **plat2**, **plat3**, ...\) between which mutual trust needs to be established, and write the public keys to the **known\_hosts** file on the local host. Thirdly, send the file from the local host to all the other hosts \(**plat2**, **plat3**, ...\). Finally, verify that mutual trust has been successfully established. - - -## Deleting Mutual Trust Between Users **root** - -The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. - -1. Delete the mutual trust file **/root/.ssh** from each openGauss database node. - - rm –rf \~/.ssh - -2. Check whether the mutual trust is successfully deleted. If the host names cannot be reached from each other through SSH and a mutual trust failure message is displayed, the mutual trust is successfully deleted. - - plat1:\~ \# ssh plat2 - - he authenticity of host ' plssat2 \(plat2\)' can't be established. - - ECDSA key fingerprint is SHA256:Q4DPRedFytsjsJSKf4l2lHKuzVw4prq3bIUCNVKIa7M. - - ECDSA key fingerprint is MD5:e2:77:6c:aa:4c:43:5f:f2:c4:58:ec:d5:53:de:7c:fc. - - Are you sure you want to continue connecting \(yes/no\)? - - -## Examples - -The following is an example describing how to establish mutual trust between users **root**: - -``` -plat1:~ # gs_sshexkey -f /opt/software/hostfile -W Gauss_234 -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -``` - -The following is an example describing how to establish mutual trust between common users: - -``` -gaussdb@plat1:~ > gs_sshexkey -f /opt/software/hostfile -W Gauss_234 -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -``` - -The following is an example describing how to establish mutual trust in security mode. This mode is recommended. Users need to manually enter their passwords as prompted. - -``` -plat1:~ # gs_sshexkey -f /opt/software/hostfile -Please enter password for current user[root]. -Password: -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -``` - diff --git a/content/en/docs/Quickstart/executing-installation.md b/content/en/docs/Quickstart/executing-installation.md index 4587269777011db88ad17245f6bf5213c3ca982d..60e037c70e1f79e7cab57f47b6e67fe61ed58a78 100644 --- a/content/en/docs/Quickstart/executing-installation.md +++ b/content/en/docs/Quickstart/executing-installation.md @@ -1,14 +1,14 @@ -# Executing Installation +# Executing Installation After the openGauss installation environment is prepared by executing the pre-installation script, deploy openGauss based on the installation process. -## Prerequisites +## Prerequisites -- You have successfully executed the **gs\_preinstall** script. that is, you have completed operations described in [Creating the Required User Account and Configuring the Installation Environment](creating-the-required-user-account-and-configuring-the-installation-environment.md#EN-US_TOPIC_0270171705). +- You have successfully executed the **gs\_preinstall** script. that is, you have completed operations described in [Creating the Required User Account and Configuring the Installation Environment](creating-the-required-user-account-and-configuring-the-installation-environment.md). - All the server OSs and networks are functioning properly. - You have checked that the **locale** parameter for each server is set to the same value. For detailed operations, see [Configuring the Locale and Character Set](en-us_topic_0249784576.md). -## Procedure +## Procedure 1. Check whether the installation package and openGauss configuration file exist in the planned path. If they do not exist, perform the preinstallation again to ensure that the preinstallation is successful, and then perform the following steps. 2. Log in to any host of the openGauss and switch to the **omm** user. @@ -49,125 +49,125 @@ After the openGauss installation environment is prepared by executing the pre-in ``` -## Directories Generated After the Installation +## Directories Generated After the Installation -[Table 1](#en-us_topic_0249784555_en-us_topic_0241805806_en-us_topic_0085434626_en-us_topic_0059782015_tdcb4fb0f38a6419099ee2c47d4d0b37f) describes the directories generated after the installation and the files in the directories. +[Table 1](#en-us_topic_0241805806_en-us_topic_0085434626_en-us_topic_0059782015_tdcb4fb0f38a6419099ee2c47d4d0b37f) describes the directories generated after the installation and the files in the directories. **Table 1** Directories generated after the installation - -

No.

+ + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

No.

Directory Description

+

Directory Description

Directory

+

Directory

Subdirectory

+

Subdirectory

Remarks

+

Remarks

1

+

1

openGauss installation directory

+

openGauss installation directory

/opt/opengauss/app

+

/opt/opengauss/app

bin

+

bin

Stores binary files of the database.

+

Stores binary files of the database.

etc

+

etc

Stores the configuration file of the Cgroup tool.

+

Stores the configuration file of the Cgroup tool.

include

+

include

Stores the header file required for running the database.

+

Stores the header file required for running the database.

lib

+

lib

Stores library files of the database.

+

Stores library files of the database.

share

+

share

Stores common files required for database running, such as the configuration file template.

+

Stores common files required for database running, such as the configuration file template.

2

+

2

openGauss data directory

+

openGauss data directory

/opt/gaussdb/data

+

/opt/gaussdb/data

data_dnxxx

+

data_dnxxx

Stores database node data. For the primary node, the directory name is data_dnxxx.

-

For the standby node, the directory name is data_dnSxxx. xxx indicates the database node number.

+

Stores database node data. For the primary node, the directory name is data_dnxxx.

+

For the standby node, the directory name is data_dnSxxx. xxx indicates the database node number.

3

+

3

openGauss log directory

+

openGauss log directory

/opt/opengauss/gaussdb_log/Username

+

/opt/opengauss/gaussdb_log/Username

bin

+

bin

Stores logs of binary programs.

+

Stores logs of binary programs.

gs_profile

+

gs_profile

Stores database kernel performance logs.

+

Stores database kernel performance logs.

om

+

om

Stores OM logs. For example:

-

It contains logs for executing some local scripts, as well as adding and deleting database node interfaces, gs_om interfaces, pre-installation interfaces, and node replacement interfaces.

+

Stores OM logs. For example:

+

It contains logs for executing some local scripts, as well as adding and deleting database node interfaces, gs_om interfaces, pre-installation interfaces, and node replacement interfaces.

pg_audit

+

pg_audit

Stores database audit logs.

+

Stores database audit logs.

pg_log

+

pg_log

Directory for storing run logs of database node instances.

+

Directory for storing run logs of database node instances.

4

+

4

openGauss system tool directory

+

openGauss system tool directory

/opt/opengauss/tool

+

/opt/opengauss/tool

script

+

script

Stores script files for openGauss users to manage openGauss.

+

Stores script files for openGauss users to manage openGauss.

sudo

+

sudo

Stores script files for user root to manage openGauss.

+

Stores script files for user root to manage openGauss.

lib

+

lib

Stores the library files that the binaries in the bin directory depend on.

+

Stores the library files that the binaries in the bin directory depend on.
-## Examples +## Examples Execute the installation. @@ -206,7 +206,7 @@ Successfully started cluster. Successfully installed application. ``` -## Troubleshooting +## Troubleshooting If the installation fails, troubleshoot the problem based on logs in the **gs\_install-YYYY-MM-DD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log** files in the openGauss log directory. diff --git a/content/en/docs/Quickstart/initializing-the-installation-environment.md b/content/en/docs/Quickstart/initializing-the-installation-environment.md index d46f7124e35e122dd02bc4981d40ab5601ac7ea5..45fe88613cd0ac22ed923c94ca506b855dcd7209 100644 --- a/content/en/docs/Quickstart/initializing-the-installation-environment.md +++ b/content/en/docs/Quickstart/initializing-the-installation-environment.md @@ -1,11 +1,1193 @@ -# Initializing the Installation Environment +# Initializing the Installation Environment To ensure the correct installation of the openGauss, you need to configure the host environment first. -- **[Creating the Required User Account and Configuring the Installation Environment](creating-the-required-user-account-and-configuring-the-installation-environment.md)** + + +- [Creating the Required User Account and Configuring the Installation Environment](#creating-the-required-user-account-and-configuring-the-installation-environmenta-nameen-us_topic_0249784578a) + - [Prerequisites](#prerequisitesa-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_s3773af79eeb74c4bae1bd46533cc0cd8a) + - [Precautions](#precautionsa-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_section20734484163420a) + - [Procedure](#procedurea-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_s407f29ab5691456590018c719cf81e9da) + - [Examples](#examplesa-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_section412490911620a) + - [Troubleshooting](#troubleshootinga-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_s51853c2b09e54b12a90e4f8c512a61e4a) +- [Establishing Mutual Trust Manually](#establishing-mutual-trust-manuallya-nameen-us_topic_0249784564a) + - [Prerequisites](#prerequisitesa-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_s88bba380d9334b129eab3023c5399d45a) + - [Establishing Mutual Trust Using a Script](#establishing-mutual-trust-using-a-scripta-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_s8028dd8189914444b059c07d8c8c82dea) + - [Establishing Mutual Trust Manually](#establishing-mutual-trust-manuallya-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_section63620881152125a) + - [Deleting Mutual Trust Between Users **root** ](#deleting-mutual-trust-between-users--root-a-namesection149417461942a) + - [Examples](#examplesa-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_s9928a16b5b7347edbdb587133575483ea) +- [Configuring OS Parameters](#configuring-os-parametersa-nameen-us_topic_0249784554a) + - [OS Parameters](#os-parametersa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section3705271819540a) + - [File System Parameters](#file-system-parametersa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section4118580316369a) + - [Setting the transparent\_hugepage Service](#setting-the-transparent\_hugepage-servicea-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section38366550113020a) + - [Setting File Handles](#setting-file-handlesa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section49556455195442a) + - [Setting the Maximum Number of Allowed Processes](#setting-the-maximum-number-of-allowed-processesa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section65253147151525a) + - [Setting NIC Parameters](#setting-nic-parametersa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section6007556195457a) + + + +## Creating the Required User Account and Configuring the Installation Environment + After the clusteropenGauss configuration file is created, you need to run the **gs\_preinstall** script to prepare the account and environment so that you can perform clusteropenGauss installation and management operations with the minimum permission, ensuring system security. -- **[Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md)** + +Executing the **gs\_preinstall** script enables the system to automatically complete the following installation preparations: + +- Sets kernel parameters for the SUSE Linux OS to improve server load performance. The kernel parameters directly affect database running status. Reconfigure them only when necessary. For details about the Linux OS kernel parameter settings in openGauss, see [Configuring OS Parameters](configuring-os-parameters.md). +- Automatically copies the clusteropenGauss configuration files and installation packages to the same directory on each clusteropenGauss host. +- If the installation user and user group of the clusteropenGauss do not exist, the system automatically creates them. +- Reads the directory information in the clusteropenGauss configuration file, creates the directory, and grants the directory permission to the installation user. + +### Prerequisites + +- You have completed all the tasks described in [Preparing for Installation](preparing-for-installation.md). + +### Precautions + +- You must check the upper-layer directory permissions to ensure that the user has the read, write, and execution permissions on the installation package and configuration file directory. +- The mapping between each host name and IP address in the XML configuration file must be correct. +- Only user **root** is authorized to run the **gs\_preinstall** command. + +### Procedure + +1. Log in to any host where the clusteropenGauss is to be installed as user **root** and create a directory for storing the installation package as planned. + + ``` + mkdir -p /opt/software/openGauss + chmod 755 -R /opt/software + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- Do not create the directory in the home directory or subdirectory of any openGauss user because you may lack permissions for such directories. + >- The clusteropenGauss user must have the read and write permissions on the **/opt/software/openGauss** directory. + +2. The release package is used as an example. Upload the installation package **openGauss\_x.x.x\_PACKAGES\_RELEASE.tar.gz** and the configuration file **clusterconfig.xml** to the directory created in the previous step. +3. Go to the directory for storing the uploaded software package and decompress the package. + + ``` + cd /opt/software/openGauss + tar -zxvf openGauss_x.x.x_PACKAGES_RELEASE.tar.gz + ``` + + [Table 1](#en-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_te4a9d557337c400c85acff184476a722) describes the contents of the decompressed software package. + + **Table 1** Description about the installation package + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Package Name

+

Description

+

openGauss-x.x.x-openEULER-64bit-ClientTools.tar.gz

+

Used to install the client in the SUSE Linux OS. This software package contains the gsql, dump restore tool, ODBC driver, JDBC driver, and Libpq library.

+

openGauss-x.x.x-openEULER-64bit-Jdbc.tar.gz

+

Used to install the JDBC driver in the SUSE Linux OS.

+

openGauss-x.x.x-openEULER-64bit-Libpq.tar.gz

+

Used to install the libpq library in the SUSE Linux OS.

+

openGauss-x.x.x-openEULER-64bit-Odbc.tar.gz

+

Used to install the ODBC driver in the SUSE Linux OS.

+

openGauss-x.x.x-openEULER-64bit-symbol.tar.gz

+

Provides the support file for debugging and locating database problems.

+

openGauss-x.x.x-openEULER-64bit.tar.gz

+

Used to install the database management system. This software package is the one used for database installation in this document.

+

openGauss-x.x.x-Sslcert.tar.gz

+

Certificate used for client-side server authentication.

+

openGauss-x.x.x-Inspection.tar.gz

+

Used to check the health status of the database.

+
+ +4. Decompress the **openGauss-_x.x.x_-openEULER-64bit.tar.gz** package. + + ``` + tar -zxvf openGauss-x.x.x-openEULER-64bit.tar.gz + ``` + + After the installation package is decompressed, the **script** subdirectory is automatically generated in **/opt/software/openGauss**. OM tool scripts such as **gs\_preinstall** are generated in the **script** subdirectory. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- When you execute the **gs\_preinstall** script, plan the directory for storing the clusteropenGauss configuration file, directory for storing software packages, installation directories of programs, and directories of instance data. Common users cannot change the directories after the directories are specified. + >- When you execute the **gs\_preinstall** script to prepare the installation environment, the script automatically copies the clusteropenGauss configuration file and decompressed installation package to the same directory on other servers. + >- Before executing **gs\_preinstall** and establishing mutual trust, check whether the **/etc/profile** file contains error information. If it does, manually rectify the error. + +5. Go to the directory for storing tool scripts. + + ``` + cd /opt/software/openGauss/script + ``` + +6. If the openEuler operating system is used, run the following command to open the **performance.sh** file, comment out **sysctl -w vm.min\_free\_kbytes=112640 &\> /dev/null** using the number sign \(\#\), press **Esc** to enter the command mode, and run the **:wq** command to save the modification and exit. + + ``` + vi /etc/profile.d/performance.sh + ``` + +7. To ensure that the OpenSSL version is correct, load the **lib** library in the installation package before preinstallation. Run the following command. **\{packagePath\}** indicates the path where the installation package is stored. In this example, the path is **/opt/software/openGauss**. + + ``` + export LD_LIBRARY_PATH={packagePath}/script/gspylib/clib:$LD_LIBRARY_PATH + ``` + +8. To ensure successful installation, check whether the values of **hostname** and **/etc/hostname** are the same. During preinstallation, the host name is checked. +9. Execute **gs\_preinstall** to configure the installation environment. If the shared environment is used, add the **--sep-env-file=ENVFILE** parameter to separate environment variables to avoid mutual impact with other users. The environment variable separation file path is specified by users. + - Execute **gs\_preinstall** in interactive mode. During the execution, the mutual trust between users **root** and between clusteropenGauss users is automatically established. + + ``` + ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml + ``` + + **omm** is the database administrator \(also the OS user running the clusteropenGauss\), **dbgrp** is the group name of the OS user running the clusteropenGauss, and **/opt/software/GaussDB\_KernelopenGauss/clusterconfig.xml** is the path of the clusteropenGauss configuration file. During the execution, you need to determine whether to establish mutual trust as prompted and enter the password of user **root** or the clusteropenGauss user. + + - If the mutual trust between users **root** cannot be created, create the **omm** user, perform local preinstallation on each host, and manually create the mutual trust between openGauss users. If the **-L** parameter is specified during preinstallation, manually write the mapping between the host names and IP addresses of all nodes to the **/etc/hosts** file of each host before preinstallation, add **\#Gauss OM IP Hosts Mapping** to the end of each mapping. + 1. Run the following command to configure the installation environment: + + ``` + cd /opt/software/openGauss/script + ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >You need to run this command on each host. + + + - Execute **gs\_preinstall** in non-interactive mode. + 1. Manually establish mutual trust between users **root** and between clusteropenGauss users by following the instructions provided in [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md). + 2. Run the following command to configure the installation environment: + + ``` + cd /opt/software/openGauss/script + ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- In this mode, ensure that mutual trust has been established between the root users of all nodes and between the openGauss users of the cluster before performing.In this mode, ensure that mutual trust has been established between users **root** and between clusteropenGauss users on each node before executing **gs\_preinstall**. + >- The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. + + + + +### Examples + +Execute the **gs\_preinstall** script. + +``` +plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml +Parsing the configuration file. +Successfully parsed the configuration file. +Installing the tools on the local node. +Successfully installed the tools on the local node. +Are you sure you want to create trust for root (yes/no)? yes +Please enter password for root. +Password: +Creating SSH trust for the root permission user. +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +Successfully created SSH trust for the root permission user. +Setting pssh path +Successfully set core path. +Distributing package. +Begin to distribute package to tool path. +Successfully distribute package to tool path. +Begin to distribute package to package path. +Successfully distribute package to package path. +Successfully distributed package. +Are you sure you want to create the user[omm] and create trust for it (yes/no)? yes +Please enter password for cluster user. +Password: +Please enter password for cluster user again. +Password: +Successfully created [omm] user on all nodes. +Preparing SSH service. +Successfully prepared SSH service. +Installing the tools in the cluster. +Successfully installed the tools in the cluster. +Checking hostname mapping. +Successfully checked hostname mapping. +Creating SSH trust for [omm] user. +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +Successfully created SSH trust for [omm] user. +Checking OS software. +Successfully check os software. +Checking OS version. +Successfully checked OS version. +Creating cluster's path. +Successfully created cluster's path. +Setting SCTP service. +Successfully set SCTP service. +Set and check OS parameter. +Setting OS parameters. +Successfully set OS parameters. +Preparing CRON service. +Successfully prepared CRON service. +Setting user environmental variables. +Successfully set user environmental variables. +Setting the dynamic link library. +Successfully set the dynamic link library. +Setting Core file +Successfully set core path. +Setting pssh path +Successfully set pssh path. +Set ARM Optimization. +No need to set ARM Optimization. +Fixing server package owner. +Setting finish flag. +Successfully set finish flag. +Preinstallation succeeded. +S +``` + +If the passwords of user **root** on the hosts in the cluster are different and cannot be changed to the same one, execute the **gs\_preinstall** script in local installation mode. + +``` +plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml +Parsing the configuration file. +Successfully parsed the configuration file. +Installing the tools on the local node. +Successfully installed the tools on the local node. +Checking OS version. +Successfully checked OS version. +Creating cluster's path. +Successfully created cluster's path. +Setting SCTP service. +Successfully set SCTP service. +Set and check OS parameter. +Setting OS parameters. +Successfully set OS parameters. +Warning: Installation environment contains some warning messages. +Please get more details by "/home/package/r8c00/script/gs_checkos -i A -h SIA1000068990". +Set and check OS parameter completed. +Preparing CRON service. +Successfully prepared CRON service. +Preparing SSH service. +Successfully prepared SSH service. +Setting user environmental variables. +Successfully set user environmental variables. +Configuring alarms on the cluster nodes. +Successfully configured alarms on the cluster nodes. +Setting the dynamic link library. +Successfully set the dynamic link library. +Setting Cgroup. +Successfully set Cgroup. +Setting finish flag. +Successfully set finish flag. +Preinstallation succeeded. +``` + +Execute **gs\_preinstall** in non-interactive mode. + +``` +plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive +Parsing the configuration file. +Successfully parsed the configuration file. +Installing the tools on the local node. +Successfully installed the tools on the local node. +Distributing package. +Begin to distribute package to tool path. +Successfully distribute package to tool path. +Begin to distribute package to package path. +Successfully distribute package to package path. +Successfully distributed package. +Installing the tools in the cluster. +Successfully installed the tools in the cluster. +Checking hostname mapping. +Successfully checked hostname mapping. +Checking OS version. +Successfully checked OS version. +Creating cluster's path. +Successfully created cluster's path. +Setting SCTP service. +Successfully set SCTP service. +Set and check OS parameter. +Setting OS parameters. +Successfully set OS parameters. +Set and check OS parameter completed. +Preparing CRON service. +Successfully prepared CRON service. +Preparing SSH service. +Successfully prepared SSH service. +Setting user environmental variables. +Successfully set user environmental variables. +Configuring alarms on the cluster nodes. +Successfully configured alarms on the cluster nodes. +Setting the dynamic link library. +Successfully set the dynamic link library. +Setting Cgroup. +Successfully set Cgroup. +Set ARM Optimization. +Successfully set ARM Optimization. +Setting finish flag. +Successfully set finish flag. +Preinstallation succeeded. +``` + +### Troubleshooting + +If configuring the installation environment fails, obtain the **gs\_preinstall-YYYY-MM-DD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log** files from the **$GAUSSLOG/om** directory for storing clusteropenGauss logs. Then, locate the problem based on the log information. For example, if the path specified by the **gaussdbLogPath** parameter in the configuration file is **/var/log/gaussdb**, the **$GAUSSLOG/om** path is **/var/log/gaussdb/omm/om**, and the **omm** user is the user running clusteropenGauss. + +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>While the installation user and environment is prepared, user **root** is used to add scheduled tasks for routine inspection and reporting. + +## Establishing Mutual Trust Manually + During the openGauss installation, you need to perform operations such as running commands and transferring files between hosts in openGauss. Establish mutual trust among the hosts before installing the cluster as a common user. During the execution of the pre-installation script, establish mutual trust between users **root**, then create a common user account, and finally establish mutual trust between common users. -- **[Configuring OS Parameters](configuring-os-parameters.md)** + +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>The mutual trust between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** after the installation is complete. + +### Prerequisites + +- The SSH service has been enabled. +- You have verified that SSH ports will not be disabled by firewalls. +- Each host name and IP address have been correctly configured in the XML file. +- Communication among all the hosts is normal. +- If the mutual trust is to be established for common users, the same user needs to be created and password set on each host. +- If the SELinux service is installed and has been started on each host, ensure that the security context of the **/root** directory is set to the default value **system\_u:object\_r:home\_root\_t:s0** and that of the **/home** directory is set to the default value **system\_u:object\_r:admin\_home\_t:s0**, or disable the SELinux service. + + To check the SELinux status, run the **getenforce** command. If the command output is **Enforcing**, SELinux is installed and has been enabled. + + To check the security contexts of the directories, run the following commands: + + ``` + ls -ldZ /root | awk '{print $4}' + ``` + + ``` + ls -ldZ /home | awk '{print $4}' + ``` + + To restore the security contexts of the directories, run the following commands: + + ``` + restorecon -r -vv /home/ + ``` + + ``` + restorecon -r -vv /root/ + ``` + + +### Establishing Mutual Trust Using a Script + +1. Create the file for executing the mutual trust script, and add the IP addresses of all the hosts in the openGauss to the file. + + ``` + plat1:/opt/software/openGauss> vim hostfile + 192.168.0.1 + 192.168.0.2 + 192.168.0.3 + ``` + +2. Execute the script as the user who needs to establish mutual trust with the hosts. +3. Execute the following script to establish mutual trust: + + ``` + plat1:/opt/software/openGauss/script# gs_sshexkey -f /opt/software/hostfile + ``` + + The **/opt/software/hostfile** file contains a list of the hosts. The list provides the IP addresses of all the hosts among which mutual trust needs to be established. + + +### Establishing Mutual Trust Manually + +If the passwords of user **root** on the hosts in the openGauss are different, the **gs\_preinstall** script cannot be used to establish mutual trust. In this case, manually establish mutual trust. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>The following files are generated during establishment of mutual trust: **authorized\_keys**, **id\_rsa**, **id\_rsa.pub**, and **known\_hosts**. Do not delete or corrupt the files. + +The procedure of manually establishing mutual trust is as follows \(**plat1**, **plat2**, and **plat3** are host names\): + +1. Generate a licensed file for user **root** on any host \(referred to as the local host\). Host **plat1** is used as an example. + 1. Generate a key. + + ``` + ssh-keygen -t rsa + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keygen -t rsa + Generating public/private rsa key pair. + Enter file in which to save the key (/root/.ssh/id_rsa): + Created directory '/root/.ssh'. + Enter passphrase (empty for no passphrase): + Enter same passphrase again: + Your identification has been saved in /root/.ssh/id_rsa. + Your public key has been saved in /root/.ssh/id_rsa.pub. + The key fingerprint is: + d5:35:46:33:27:22:09:f0:1e:12:a7:87:fa:33:3f:ab root@plat1 + The key's randomart image is: + +--[ RSA 2048]----+ + | o.o.....O .| + | * .o + * | + | + + . . | + | . + o | + | . S | + | . | + | + | + | +. | + | E.oo | + +-----------------+ + ``` + + 2. Generate the licensed file. + + ``` + cat .ssh/id_rsa.pub >> .ssh/authorized_keys + ``` + + The following is an example: + + ``` + plat1:~ # cat .ssh/id_rsa.pub >> .ssh/authorized_keys + ``` + +2. Obtain the public keys of all the hosts among which mutual trust needs to be established, and write the public keys into the **known\_hosts** file on the local host. This step needs to be performed on the host where Step 1 is performed. You need to obtain the public keys of the **plat1**, **plat2**, and **plat3** hosts. + 1. Obtain the public key of host **plat1**, and write the public key into the **known\_hosts** file on the local host. + + ``` + ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts + # plat1 SSH-2.0-OpenSSH_5.1 + ``` + + 2. Obtain the public key of host **plat2**, and write the public key into the **known\_hosts** file on the local host. + + ``` + ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts + # plat2 SSH-2.0-OpenSSH_5.1 + ``` + + 3. Obtain the public key of host **plat3**, and write the public key into the **known\_hosts** file on the local host. + + ``` + ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts + # plat3 SSH-2.0-OpenSSH_5.1 + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- After being accepted, the public key of a remote host will be saved in the **$HOME/.ssh/known\_hosts** file on the local host. When connecting to the remote host next time, the system can recognize that the public key of the remote host has been saved on the local host and then skip alarms. + >- If the **known\_hosts** file is deleted from the local host, the mutual trust between the local and remote hosts remains valid, but alarms will be reported. To prevent such alarms, set the **StrictHostKeyChecking** parameter in the **/etc/ssh/ssh\_config** file to **no**. + + +3. Send the **known\_hosts** file to all the other hosts except the local host. In this example, send the **known\_hosts** file on host **plat1** to hosts **plat2** and **plat3**. + + 1. Send the **known\_hosts** file to host **plat2**. When **Password:** is displayed, enter the password for logging in to host **plat2**. + + ``` + scp -r .ssh plat2:~ + ``` + + The following is an example: + + ``` + plat1:~ # scp -r .ssh plat2:~ + Password: + authorized_keys 100% 796 0.8KB/s 00:00 + id_rsa 100% 1675 1.6KB/s 00:00 + id_rsa.pub 100% 398 0.4KB/s 00:00 + known_hosts 100% 1089 1.1KB/s 00:00 + ``` + + 2. Send the **known\_hosts** file to host **plat3**. When **Password:** is displayed, enter the password for logging in to host **plat3**. + + ``` + scp -r .ssh plat3:~ + ``` + + The following is an example: + + ``` + plat1:~ # scp -r .ssh plat3:~ + Password: + authorized_keys 100% 796 0.8KB/s 00:00 + id_rsa 100% 1675 1.6KB/s 00:00 + id_rsa.pub 100% 398 0.4KB/s 00:00 + known_hosts 100% 1089 1.1KB/s 00:00 + ``` + +4. Run the **ssh **_Host name_ command to check whether mutual trust has been successfully established. Then, enter **exit**. + + ``` + plat1:~ # ssh plat2 + Last login: Sat Jun 20 14:01:07 2020 + plat2:~ # exit + logout + Connection to plat2 closed. + plat1:~ # + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >If there are more than three hosts, the procedure of manually establishing mutual trust between the hosts is similar to the one in this section. Assume that the host names are **plat1**, **plat2**, **plat3**, ... Firstly, generate a licensed file for user **root** on host **plat1** \(referred to as the local host\). Secondly, obtain the public keys of all the hosts \(**plat1**, **plat2**, **plat3**, ...\) between which mutual trust needs to be established, and write the public keys to the **known\_hosts** file on the local host. Thirdly, send the file from the local host to all the other hosts \(**plat2**, **plat3**, ...\). Finally, verify that mutual trust has been successfully established. + + +### Deleting Mutual Trust Between Users **root** + +The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. + +1. Delete the mutual trust file **/root/.ssh** from each openGauss database node. + + rm –rf \~/.ssh + +2. Check whether the mutual trust is successfully deleted. If the host names cannot be reached from each other through SSH and a mutual trust failure message is displayed, the mutual trust is successfully deleted. + + plat1:\~ \# ssh plat2 + + he authenticity of host ' plssat2 \(plat2\)' can't be established. + + ECDSA key fingerprint is SHA256:Q4DPRedFytsjsJSKf4l2lHKuzVw4prq3bIUCNVKIa7M. + + ECDSA key fingerprint is MD5:e2:77:6c:aa:4c:43:5f:f2:c4:58:ec:d5:53:de:7c:fc. + + Are you sure you want to continue connecting \(yes/no\)? + + +### Examples + +The following is an example describing how to establish mutual trust between users **root**: + +``` +plat1:~ # gs_sshexkey -f /opt/software/hostfile -W Gauss_234 +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +``` + +The following is an example describing how to establish mutual trust between common users: + +``` +gaussdb@plat1:~ > gs_sshexkey -f /opt/software/hostfile -W Gauss_234 +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +``` + +The following is an example describing how to establish mutual trust in security mode. This mode is recommended. Users need to manually enter their passwords as prompted. + +``` +plat1:~ # gs_sshexkey -f /opt/software/hostfile +Please enter password for current user[root]. +Password: +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +``` + +## Configuring OS Parameters + openGauss requires that the OS parameters on every host be set to specified values to ensure system running performance. +Some of these parameters are set during the openGauss installation environment preparation phase, and these parameters directly affect the running status of the openGauss. You need to manually adjust these parameters only when necessary. You can use the following methods: + +1. Log in to a server as user **root**. +2. Modify the **/etc/sysctl.conf** file. + + For details about how to modify parameters, see [OS Parameters](#en-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section3705271819540). + +3. Run the following command to make the modifications take effect: + + ``` + sysctl -p + ``` + + +### OS Parameters + +**Table 1** OS parameters + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Parameter

+

Description

+

Recommended Value

+

net.ipv4.tcp_max_tw_buckets

+

Specifies the maximum number of TCP/IP connections concurrently remaining in the TIME_WAIT state. If the number of TCP/IP connections concurrently remaining in the TIME_WAIT state exceeds the value of this parameter, the TCP/IP connections in the TIME_WAIT state will be released immediately, and alarm information will be printed.

+

10000

+

net.ipv4.tcp_tw_reuse

+

Reuses sockets whose status is TIME-WAIT for new TCP connections.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

net.ipv4.tcp_tw_recycle

+

Rapidly reclaims sockets whose status is TIME-WAIT in TCP connections.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

net.ipv4.tcp_keepalive_time

+

Specifies how often keep-alive messages are sent through TCP connections when Keep-Alive is enabled.

+

30

+

net.ipv4.tcp_keepalive_probes

+

Specifies the number of keep-alive detection packets sent through a TCP connection before the connection is regarded invalid. The product of the parameter value multiplied by the value of the tcp_keepalive_intvl parameter determines the response timeout after a keep-alive message is sent through a connection.

+

9

+

net.ipv4.tcp_keepalive_intvl

+

Specifies how often a detection packet is re-sent when the previous packets are not acknowledged.

+

30

+

net.ipv4.tcp_retries1

+

Specifies the maximum TCP reattempts during the connection establishment process.

+

5

+

net.ipv4.tcp_syn_retries

+

Specifies the maximum SYN packet reattempts in the TCP.

+

5

+

net.ipv4.tcp_synack_retries

+

Specifies the maximum SYN response packet reattempts in the TCP.

+

5

+

net.sctp.path_max_retrans

+

Specifies the maximum SCTP reattempts.

+

10

+

net.sctp.max_init_retransmits

+

Specifies the maximum INIT packet reattempts in the SCTP.

+

10

+

net.sctp.association_max_retrans

+

Specifies the maximum reattempts of a single logical connection in the SCTP.

+

10

+

net.sctp.hb_interval

+

Specifies the retransmission interval of heartbeat detection packets in the SCTP.

+

30000

+

net.ipv4.tcp_retries2

+

Specifies the number of times that the kernel re-sends data to a connected remote host. A smaller value leads to earlier detection of an invalid connection to the remote host, and the server can quickly release this connection.

+

If "connection reset by peer" is displayed, increase the value of this parameter to avoid the problem.

+

12

+

vm.overcommit_memory

+

Specifies the kernel check method during memory allocation.

+
  • 0: The system accurately calculates the current available memory.
  • 1: The system returns a success message without a kernel check.
  • 2: The system returns a failure message if the memory size you have applied for exceeds the result of the following formula: Total memory size x Value of vm.overcommit_ratio/100 + Total SWAP size.
+

The default value is 2, which is too conservative. The recommended value is 0. If memory usage is high, set this parameter to 1.

+

0

+

net.sctp.sndbuf_policy

+

Specifies the buffer allocation policy on the SCTP sender.

+
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
+

0

+

net.sctp.rcvbuf_policy

+

Specifies the buffer allocation policy on the SCTP receiver.

+
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
+

0

+

net.sctp.sctp_mem

+

Specifies the maximum free memory of the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

+

94500000 915000000 927000000

+

net.sctp.sctp_rmem

+

Specifies the total free memory for receiving data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

+

8192 250000 16777216

+

net.sctp.sctp_wmem

+

Specifies the total free memory for sending data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

+

8192 250000 16777216

+

net.ipv4.tcp_rmem

+

Specifies the free memory in the TCP receiver buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

+

8192 250000 16777216

+

net.ipv4.tcp_wmem

+

Specifies the free memory in the TCP sender buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

+

8192 250000 16777216

+

net.core.wmem_max

+

Specifies the maximum size of the socket sender buffer.

+

21299200

+

net.core.rmem_max

+

Specifies the maximum size of the socket receiver buffer.

+

21299200

+

net.core.wmem_default

+

Specifies the default size of the socket sender buffer.

+

21299200

+

net.core.rmem_default

+

Specifies the default size of the socket receiver buffer.

+

21299200

+

net.ipv4.ip_local_port_range

+

Specifies the range of temporary ports that can be used by a physical server.

+

26000-65535

+

kernel.sem

+

Specifies the kernel semaphore.

+

250 6400000 1000 25600

+

vm.min_free_kbytes

+

Specifies the minimum free physical memory reserved for unexpected page breaks.

+

5% of the total system memory

+

net.core.somaxconn

+

Specifies the maximum length of the listening queue of each port. This is a global parameter.

+

65535

+

net.ipv4.tcp_syncookies

+

Specifies whether to enable SYN cookies to guard the OS against SYN attacks when the SYN waiting queue overflows.

+
  • 0: The SYN cookies are disabled.
  • 1: The SYN cookies are enabled.
+

1

+

net.sctp.addip_enable

+

Specifies whether dynamic address reset of the SCTP is enabled.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

0

+

net.core.netdev_max_backlog

+

Specifies the maximum number of data packets that can be sent to the queue when the rate at which the network device receives data packets is higher than that at which the kernel processes the data packets.

+

65535

+

net.ipv4.tcp_max_syn_backlog

+

Specifies the maximum number of unacknowledged connection requests to be recorded.

+

65535

+

net.ipv4.tcp_fin_timeout

+

Specifies the default timeout duration.

+

60

+

kernel.shmall

+

Specifies the total shared free memory of the kernel.

+

1152921504606846720

+

kernel.shmmax

+

Specifies the maximum value of a shared memory segment.

+

18446744073709551615

+

net.ipv4.tcp_sack

+

Specifies whether selective acknowledgment is enabled. The selective acknowledgment on out-of-order packets can increase system performance. Restricting users to sending only lost packets (for wide area networks) should be enabled, but this will increase CPU usage.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

net.ipv4.tcp_timestamps

+

Specifies whether the TCP timestamp (12 bytes are added in the TCP packet header) enables a more accurate RTT calculation than the retransmission timeout (for details, see RFC 1323) for better performance.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

vm.extfrag_threshold

+

When system memory is insufficient, Linux will score the current system memory fragments. If the score is higher than the value of vm.extfrag_threshold, kswapd triggers memory compaction. When the value of this parameter is close to 1000, the system tends to swap out old pages when processing memory fragments to meet the application requirements. When the value of this parameter is close to 0, the system tends to do memory compaction when processing memory fragments.

+

500

+

vm.overcommit_ratio

+

When the system uses the algorithms where memory usage never exceeds the thresholds, the total memory address space of the system cannot exceed the value of swap+RAM multiplied by the percentage specified by this parameter. When the value of vm.overcommit_memory is set to 2, this parameter takes effect.

+

90

+

/sys/module/sctp/parameters/no_checksums

+

Specifies whether checksum is disabled in SCTP.

+

0

+

MTU

+

Specifies the maximum transmission unit (MTU) for a node NIC. The default value is 1500 in the OS. You can set it to 8192 to improve the performance of sending and receiving data using SCTP.

+

8192

+
+ +### File System Parameters + +- soft nofile + + Indicates the soft limit. The number of file handles used by a user can exceed this parameter value. However, an alarm will be reported. + + Recommended value: **1000000** + +- hard nofile + + Indicates the hard limit. The number of file handles used by a user cannot exceed this parameter value. + + Recommended value: **1000000** + +- stack size + + Indicates the thread stack size. + + Recommended value: **3072** + + +### Setting the transparent\_hugepage Service + +By default, openGauss disables the transparent\_hugepage service and this setting is written into the OS startup file. + +### Setting File Handles + +To manually set the number of file handles, run the following commands to modify the involved parameters as user **root**: + +``` +echo "* soft nofile 1000000" >>/etc/security/limits.conf +echo "* hard nofile 1000000" >>/etc/security/limits.conf +``` + +After the modification is complete, restart the OS to make the setting take effect. + +**Table 2** Parameters for setting the number of file handles + + + + + + + + + + + + + + + + + + + +

Parameter

+

Description

+

Automatically Set by Scripts During Pre-Installation

+

Recommended Value

+

* soft nofile

+

Specifies the soft limit on the number of file handles. For example, if this parameter is set to 1000000, any user can open a maximum of 1,000,000 files regardless of how many shells are enabled.

+

Yes

+

1000000

+

* hard nofile

+

Specifies the hard limit. The soft limit must be less than or equal to the hard limit.

+

Yes

+

1000000

+
+ +### Setting the Maximum Number of Allowed Processes + +To manually set the maximum number of allowed processes, run the following command to open the configuration file: + +``` +vim /etc/security/limits.d/90-nproc.conf +``` + +Modify the **\* soft nproc** parameter in the file. + +After the modification is complete, restart the OS to make the setting take effect. + +**Table 3** Setting the maximum number of allowed processes + + + + + + + + + + + + + + +

Parameter

+

Description

+

Automatically Set by Scripts During Pre-Installation

+

Recommended Value

+

* soft nproc

+

Specifies the maximum number of processes allowed per user.

+

No

+

60000

+
+ +### Setting NIC Parameters + +**Table 4** Setting NIC parameters + + + + + + + + + + + + + + + + + + + +

Parameter

+

Description

+

Automatically Set by Scripts During Pre-Installation

+

Recommended Value

+

rx

+

Specifies the receive queue length for an NIC.

+

Yes

+

4096

+

tx

+

Specifies the transmission queue length for an NIC.

+

Yes

+

4096

+
+ +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>- NIC parameters can be configured only for 10GE and larger service NICs, that is, the NIC bound to **backIp1**. +>- The commands for setting NIC parameters are written into the OS startup file only after the parameters are successfully set. Information about command execution failures is recorded in logs on the server. + + \ No newline at end of file diff --git a/content/en/docs/Quickstart/installation-process.md b/content/en/docs/Quickstart/installation-process.md index b6a9fccd9a8279d059f8383cd891de77202889af..74f3533c1bf7729d1ced5a16a87ca254927c116b 100644 --- a/content/en/docs/Quickstart/installation-process.md +++ b/content/en/docs/Quickstart/installation-process.md @@ -1,54 +1,54 @@ -# Installation Process +# Installation Process This section describes the openGauss installation process. -[Figure 1](#en-us_topic_0249784563_fig18264185162412) shows the process for installing openGauss. +[Figure 1](#fig18264185162412) shows the process for installing openGauss. -**Figure 1** Installation process +**Figure 1** Installation process ![](figures/installation-process.png "installation-process") **Table 1** Installation process description - -

Step

+ + - - - - - - - - - - - - - diff --git a/content/en/docs/Quickstart/installation-user-and-user-group.md b/content/en/docs/Quickstart/installation-user-and-user-group.md index 947e22354ea0f6bb30c562a2a438a45e28b69a97..c065ca384da3794505512cad8143244fa2c2d737 100644 --- a/content/en/docs/Quickstart/installation-user-and-user-group.md +++ b/content/en/docs/Quickstart/installation-user-and-user-group.md @@ -1,33 +1,33 @@ -# Installation User and User Group +# Installation User and User Group To minimize the installation account permissions during the installation and ensure system running security of openGauss after the installation, the installation scripts automatically create a user-specified installation user and this user will be used as the administrator for subsequent running and maintenance of the openGauss. - -

Step

Description

+

Description

Prepare for installation.

+

Prepare for installation.

Before the openGauss installation, you need to prepare the software and hardware environment and related configurations.

-

This document provides the minimum requirements for the openGauss installation. In the actual installation, plan the installation based on the site requirements.

-

For details, see Preparing for Installation.

+

Before the openGauss installation, you need to prepare the software and hardware environment and related configurations.

+

This document provides the minimum requirements for the openGauss installation. In the actual installation, plan the installation based on the site requirements.

+

For details, see Preparing for Installation.

Obtain and verify an installation package.

+

Obtain and verify an installation package.

You need to download the installation package from the official website and verify the installation package. For details, see Obtaining and Verifying an Installation Package.

+

You need to download the installation package from the official website and verify the installation package. For details, see Obtaining and Verifying an Installation Package.

Configure an XML file.

+

Configure an XML file.

Before installing the openGauss, you need to create a configuration file. The configuration file in the XML format contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the configuration file according to the actual deployment requirements.

-

For details, see Creating an XML Configuration File.

+

Before installing the openGauss, you need to create a configuration file. The configuration file in the XML format contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the configuration file according to the actual deployment requirements.

+

For details, see Creating an XML Configuration File.

Initialize the installation environment.

+

Initialize the installation environment.

To initialize the installation environment, you need to upload the installation package and the XML file, decompress the installation package, and use gs_preinstall to prepare the installation environment.

-

For details, see Initializing the Installation Environment.

+

To initialize the installation environment, you need to upload the installation package and the XML file, decompress the installation package, and use gs_preinstall to prepare the installation environment.

+

For details, see Initializing the Installation Environment.

Execute the installation.

+

Execute the installation.

You need to use gs_install to install the openGauss.

-

For details, see Executing Installation.

+

You need to use gs_install to install the openGauss.

+

For details, see Executing Installation.

Set the standby node to readable.

+

Set the standby node to readable.

This operation is optional. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements.

+

This operation is optional. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements.

User/Group Name

+ + - - - - - - - - diff --git a/content/en/docs/Quickstart/installing-the-opengauss.md b/content/en/docs/Quickstart/installing-the-opengauss.md index 0c6fb45081f2c6169bd3839f66b00b02c62cc86a..50374da05d99d87f4798833f96cfd3dbfa53707c 100644 --- a/content/en/docs/Quickstart/installing-the-opengauss.md +++ b/content/en/docs/Quickstart/installing-the-opengauss.md @@ -1,4 +1,4 @@ -# Installing the openGauss +# Installing the openGauss - **[Creating an XML Configuration File](creating-an-xml-configuration-file.md)** Before installing the openGauss, you need to create the **clusterconfig.xml** file. The **clusterconfig.xml** file contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the XML configuration file according to the actual deployment requirements. @@ -10,6 +10,4 @@ After the openGauss installation environment is prepared by executing the pre-in - **[\(Optional\) Setting the Standby Node to Readable]((optional)-setting-the-standby-node-to-readable.md)** Readable standby node is an optional feature. You need to modify the configuration parameters and restart the primary and standby nodes before using this feature. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements. -- **[Verifying the Installation](verifying-the-installation.md)** - diff --git a/content/en/docs/Quickstart/obtaining-and-verifying-an-installation-package.md b/content/en/docs/Quickstart/obtaining-and-verifying-an-installation-package.md index bc641797c368962e60096b6d11cd3606ce70a6ed..36f3a130f2a7600725a2d2d63f6ad03d005a55a4 100644 --- a/content/en/docs/Quickstart/obtaining-and-verifying-an-installation-package.md +++ b/content/en/docs/Quickstart/obtaining-and-verifying-an-installation-package.md @@ -1,12 +1,12 @@ -# Obtaining and Verifying an Installation Package +# Obtaining and Verifying an Installation Package To prevent network security threats caused by malicious tampering or damage during installation package transfer, verify the integrity of an installation package after obtaining it. Deployment can be started only after the package passes the verification. -## Prerequisites +## Prerequisites You have obtained the openGauss installation package and the signature file. The two must be saved in the same directory, and each package corresponds to a verification file. The signature file is released together with the corresponding software package in .sha256 format. Generally, the file name is the same as the package name. If the name of the installation package is **openGauss-_x.x.x_.x-openEuler-64bit.tar.gz**, the name of the verification file corresponding to this package is **openGauss-_x.x.x_.x-openEuler-64bit.tar.gz.sha256**. -## Procedure +## Procedure 1. Download the installation package of the corresponding platform from the openGauss community. 1. Log in to the openGauss community. diff --git a/content/en/docs/Quickstart/preparing-for-installation.md b/content/en/docs/Quickstart/preparing-for-installation.md index dac810775432fb94559366c9ea05147083e54e00..4517d365455436b436e82917f495fa015598a8ab 100644 --- a/content/en/docs/Quickstart/preparing-for-installation.md +++ b/content/en/docs/Quickstart/preparing-for-installation.md @@ -1,4 +1,4 @@ -# Preparing for Installation +# Preparing for Installation This chapter describes how to prepare and configure the openGauss installation environment. Read this chapter carefully before the installation. Go to chapter "Installing the openGauss" if you have completed the configuration in this chapter. diff --git a/content/en/docs/Quickstart/preparing-the-software-and-hardware-installation-environment.md b/content/en/docs/Quickstart/preparing-the-software-and-hardware-installation-environment.md index 008f4365ba1ef61432ae325ebf2fc716cde18af9..5698e9f0de34b7b10c612619a6af4110a50086a2 100644 --- a/content/en/docs/Quickstart/preparing-the-software-and-hardware-installation-environment.md +++ b/content/en/docs/Quickstart/preparing-the-software-and-hardware-installation-environment.md @@ -1,109 +1,256 @@ -# Preparing the Software and Hardware Installation Environment +# Preparing the Software and Hardware Installation Environment This chapter describes the preparations for the installation. + -- [Software and Hardware Requirements](#software-and-hardware-requirementsa-nameen-us_topic_0270171694a) - - [Hardware Requirements](#hardware-requirementsa-nameen-us_topic_0249784577_en-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_sdd36768784254b8ba03c77c86b831caea) - - [Software Requirements](#software-requirementsa-nameen-us_topic_0249784577_en-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_s3124e90db74142ddaf11e2e8fd69cadba) - - [Software Dependency Requirements](#software-dependency-requirementsa-nameen-us_topic_0249784577_section5459315183816a) -- [Modifying OS Configuration](#modifying-os-configurationa-nameen-us_topic_0270171695a) -- [Setting Remote Login of User root](#setting-remote-login-of-user-roota-nameen-us_topic_0270171696a) +- [Software and Hardware Requirements](#software-and-hardware-requirementsa-nameen-us_topic_0249784577a) + - [Hardware Requirements](#hardware-requirementsa-nameen-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_sdd36768784254b8ba03c77c86b831caea) + - [Software Requirements](#software-requirementsa-nameen-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_s3124e90db74142ddaf11e2e8fd69cadba) + - [Software Dependency Requirements](#software-dependency-requirementsa-namesection5459315183816a) +- [Modifying OS Configuration](#modifying-os-configurationa-nameen-us_topic_0249784574a) + - [Disabling the OS Firewall](#disabling-the-os-firewalla-namesection392211235453a) + - [Setting Character Set Parameters](#setting-character-set-parametersa-namesection13321183394714a) + - [Setting the Time Zone and Time](#setting-the-time-zone-and-timea-namesection399102113483a) + - [Disabling the Swap Memory](#disabling-the-swap-memorya-namesection108571059134820a) + - [Setting the NIC MTU](#setting-the-nic-mtua-namesection111222032174911a) +- [Setting Remote Login of User root](#setting-remote-login-of-user-roota-nameen-us_topic_0249784566a) -## Software and Hardware Requirements +## Software and Hardware Requirements This section describes hardware and software requirements of openGauss. It is recommended that servers to be deployed on openGauss have the same software and hardware configurations. -### Hardware Requirements +### Hardware Requirements -[Table 1](#en-us_topic_0249784577_en-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_t62cd0eed17004265b1b8ad98f302a4bc) describes the minimum hardware requirements of openGauss. When planning the hardware configuration of a product, consider the data scale and expected database response speed. Plan hardware as required. +[Table 1](#en-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_t62cd0eed17004265b1b8ad98f302a4bc) describes the minimum hardware requirements of openGauss. When planning the hardware configuration of a product, consider the data scale and expected database response speed. Plan hardware as required. **Table 1** Hardware requirements - -

User/Group Name

Type

+

Type

Suggestion

+

Suggestion

dbgrp

+

dbgrp

OS

+

OS

You are advised to plan the user group dbgrp independently.

-

This user group is specified by the -G parameter in Initializing the Installation Environment. If this user group does not exist, the installation script automatically creates it. Alternatively, you can create the user group before the installation. User permissions are checked when the gs_preinstall script is executed. The gs_preinstall script automatically grants access and execution permissions on the installation directory and data directory to all users in this user group.

-

Run the following command to create the user group dbgrp:

-
groupadd dbgrp
+

You are advised to plan the user group dbgrp independently.

+

This user group is specified by the -G parameter in Initializing the Installation Environment. If this user group does not exist, the installation script automatically creates it. Alternatively, you can create the user group before the installation. User permissions are checked when the gs_preinstall script is executed. The gs_preinstall script automatically grants access and execution permissions on the installation directory and data directory to all users in this user group.

+

Run the following command to create the user group dbgrp:

+
groupadd dbgrp

omm

+

omm

OS

+

OS

You are advised to plan the user omm for openGauss operation and maintenance.

-

This user is the OS user specified by the -U parameter in Initializing the Installation Environment. If this user exists, delete it or change the initial user. For security purposes, the user group is planned as follows:

-

Group: dbgrp

+

You are advised to plan the user omm for openGauss operation and maintenance.

+

This user is the OS user specified by the -U parameter in Initializing the Installation Environment. If this user exists, delete it or change the initial user. For security purposes, the user group is planned as follows:

+

Group: dbgrp

Hardware

+ + - - - - - - - - -

Hardware

Description

+

Description

Minimum memory

+

Minimum memory

Minimum 32 GB of memory is required for function debugging.

-

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that the memory be greater than 128 GB.

-

Complex queries require much memory but the memory may be insufficient in high-concurrency scenarios. In this case, it is recommended that a large-memory server or load management be used to restrict concurrences on the system.

+

Minimum 32 GB of memory is required for function debugging.

+

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that the memory be greater than 128 GB.

+

Complex queries require much memory but the memory may be insufficient in high-concurrency scenarios. In this case, it is recommended that a large-memory server or load management be used to restrict concurrences on the system.

CPU

+

CPU

Minimum one 8-core 2.0 GHz CPU is required for function debugging.

-

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that one 16-core 2.0 GHz CPU be used.

-

You can set CPUs to hyper-threading or non-hyper-threading mode, but ensure the setting is consistent across all the openGauss nodes.

+

Minimum one 8-core 2.0 GHz CPU is required for function debugging.

+

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that one 16-core 2.0 GHz CPU be used.

+

You can set CPUs to hyper-threading or non-hyper-threading mode, but ensure the setting is consistent across all the openGauss nodes.

Hard disk

+

Hard disk

Hard disks used for installing the openGauss must meet the following requirements:

-
  • At least 1 GB is used to install the openGauss application package.
  • About 300 MB is used for each host to store metadata.
  • More than 70% of available disk space is reserved to store data.
-

You are advised to configure the system disk to RAID 1 and data disk to RAID 5 and plan four groups of RAID 5 data disks for installing openGauss. RAID configuration is not described in this document. You can configure RAID by following instructions in the hardware vendors' manuals or using common methods found on the Internet. Set Disk Cache Policy to Disabled to avoid data loss in an unexpected power-off.

-

openGauss supports using an SSD with the SAS interface and NVMe protocol deployed in RAID mode as the primary storage device of the database.

+

Hard disks used for installing the openGauss must meet the following requirements:

+
  • At least 1 GB is used to install the openGauss application package.
  • About 300 MB is used for each host to store metadata.
  • More than 70% of available disk space is reserved to store data.
+

You are advised to configure the system disk to RAID 1 and data disk to RAID 5 and plan four groups of RAID 5 data disks for installing openGauss. RAID configuration is not described in this document. You can configure RAID by following instructions in the hardware vendors' manuals or using common methods found on the Internet. Set Disk Cache Policy to Disabled to avoid data loss in an unexpected power-off.

+

openGauss supports using an SSD with the SAS interface and NVMe protocol deployed in RAID mode as the primary storage device of the database.

Network requirements

+

Network requirements

Minimum 300 Mbit/s Ethernet is required.

-

You are advised to bond two NICs for redundancy. The configuration is not described in this document. You can configure it by following instructions in the manual provided by the hardware manufacturer or using the methods provided on the Internet.

-

If bonds are configured for the openGauss, ensure the consistency among these bond modes, because inconsistent bond modes may cause openGauss running exceptions.

+

Minimum 300 Mbit/s Ethernet is required.

+

You are advised to bond two NICs for redundancy. The configuration is not described in this document. You can configure it by following instructions in the manual provided by the hardware manufacturer or using the methods provided on the Internet.

+

If bonds are configured for the openGauss, ensure the consistency among these bond modes, because inconsistent bond modes may cause openGauss running exceptions.
-### Software Requirements +### Software Requirements **Table 2** Software requirements - -

Software

+ + - - - - - - - - -

Software

Description

+

Description

Linux OS

+

Linux OS

openEuler 20.3LTS and CentOS 7.6

+

openEuler 20.3LTS and CentOS 7.6

Linux file system

+

Linux file system

It is recommended that the number of remaining inodes be greater than 1.5 billion.

+

It is recommended that the number of remaining inodes be greater than 1.5 billion.

Tools

+

Tools

Huawei JDK 1.8.0 and bzip2

+

Huawei JDK 1.8.0 and bzip2

Python

+

Python

  • openEuler: Python 3.7.X is supported.
  • CentOS: Python 3.6.X is supported.
+
  • openEuler: Python 3.7.X is supported.
  • CentOS: Python 3.6.X is supported.
-### Software Dependency Requirements +### Software Dependency Requirements -[\#EN-US\_TOPIC\_0270171694/en-us\_topic\_0249784577\_table11459151513383](#en-us_topic_0249784577_table11459151513383) lists the software dependency requirements for the openGauss. +[\#EN-US\_TOPIC\_0249784577/table11459151513383](#table11459151513383) lists the software dependency requirements for the openGauss. You are advised to use the default installation packages of the following dependent software in the listed OS installation CD-ROMs or sources. If the following software does not exist, refer to the recommended versions of the software. -## Modifying OS Configuration +## Modifying OS Configuration + +### Disabling the OS Firewall + +To ensure that the openGauss can work properly when the firewall is enabled, related services, protocols, IP addresses, and ports need to be added to the firewall whitelist of each host in the openGauss. + +Take openEuler OS as an example. Assume that the openGauss information is listed in [Table 1](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_table4312170510523). + +**Table 1** Information of openGauss + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Host Name

+

Internal IP Address

+

External IP Address

+

plat1

+

192.168.0.11

+

10.10.0.11

+

plat2

+

192.168.0.12

+

10.10.0.12

+

plat3

+

192.168.0.13

+

10.10.0.13

+

plat4

+

192.168.0.14

+

10.10.0.14

+

Management network

+

-

+

10.10.64.236

+
+ +**Procedure** + +Currently, EulerOS can be installed only when the firewall is disabled. + +1. Check whether the firewall is disabled. + + ``` + systemctl status firewalld + ``` + + If the firewall is not disabled, go to [2](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_li11887129193617). + + If the firewall is disabled, skip [2](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_li11887129193617). + +2. Disable the firewall. + + ``` + systemctl disable firewalld.service + systemctl stop firewalld.service + ``` + +3. Set the value of **SELINUX** in the **/etc/selinux/config** file to **disabled**. + 1. Run the **vim** command to open the **config** file. + + ``` + vim /etc/selinux/config + ``` + + 2. Set the value of **SELINUX** to **disabled**. + + ``` + SELINUX=disabled + ``` + +4. Restart the OS. + + ``` + reboot + ``` + +5. Repeat steps 1 to 3 on other hosts. + +### Setting Character Set Parameters + +Set the same character set for all database nodes. You can add **export LANG=**_Unicode_ in the **/etc/profile** file. + +``` +vim /etc/profile +``` + +### Setting the Time Zone and Time + +Set the same time zone for all database nodes by copying the **/etc/localtime** time zone file to the **/usr/share/zoneinfo/** directory. + +``` +cp /usr/share/zoneinfo/$Locale/$Time zone /etc/localtime +``` + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>_$Locale/$Time zone_ indicates the locale and time zone to be set, for example, **Asia/Shanghai**. + +Run the **date -s** command to set the time of each host to the same time. For example: + +``` +date -s Mon May 11 16:42:11 CST 2020 +``` + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>You can run the **date** command to query the time zone of the host. + +### Disabling the Swap Memory + +Run the **swapoff -a** command on each database node to disable the swap memory. + +``` +swapoff -a +``` + +### Setting the NIC MTU + +Set the NIC MTU value on each database node to the same value. For X86, the recommended MTU value is 1500. For ARM, the recommended MTU value is 8192. + +``` +ifconfig NIC ID mtu Value +``` -## Setting Remote Login of User root +## Setting Remote Login of User root During the openGauss installation, the user **root** is required for remote login. This section describes how to set the user **root** for remote login. diff --git a/content/en/docs/Quickstart/verifying-the-installation.md b/content/en/docs/Quickstart/verifying-the-installation.md index 53956fbbd3183fe9d5a765ed6d93831490f6f0d7..593cd8851dca7227af233f3b8e9d7086106b143b 100644 --- a/content/en/docs/Quickstart/verifying-the-installation.md +++ b/content/en/docs/Quickstart/verifying-the-installation.md @@ -1,14 +1,14 @@ -# Verifying the Installation +# Verifying the Installation Use the **gs\_checkos** tool provided by openGauss to check the OS status. -## Prerequisites +## Prerequisites - The hardware and network are working properly. - The trust relationship of user **root** among the hosts is normal. - Only user **root** is authorized to run the **gs\_checkos** command. -## Procedure +## Procedure 1. Log in to a server as user **root**. 2. Run the following command to check OS parameters of servers where the openGauss nodes are deployed: @@ -20,7 +20,7 @@ Use the **gs\_checkos** tool provided by openGauss to check the OS status. Check the OS parameters to ensure that the openGauss has passed the pre-installation check and can efficiently operate after it is installed. For details about the check items, see "gs\_checkos" in the _Tool Reference_. -## Examples +## Examples Before running the **gs\_checkos** command, execute the **gs\_preinstall** script to prepare the environment. The following uses parameter **A** as an example: diff --git a/content/en/docs/installation/(optional)-setting-the-standby-node-to-readable.md b/content/en/docs/installation/(optional)-setting-the-standby-node-to-readable.md index 6cf8b21e959373a5907b1049660b401e2d5481b9..3c924b4859cdb4e26dc7718408d275a1a2b8435e 100644 --- a/content/en/docs/installation/(optional)-setting-the-standby-node-to-readable.md +++ b/content/en/docs/installation/(optional)-setting-the-standby-node-to-readable.md @@ -1,10 +1,10 @@ -# \(Optional\) Setting the Standby Node to Readable - -Readable standby node is an optional feature. You need to modify the configuration parameters and restart the primary and standby nodes before using this feature. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements. - -## Procedure - -1. If the openGauss database instance is running on the primary and standby nodes, stop the database instance on both nodes. -2. Open the **postgres.conf** configuration files of the primary and standby nodes based on the corresponding paths in [Table 2](configuring-primary-database-node-information.md#en-us_topic_0241802596_table15838192510429), find the corresponding parameters, and change the parameter values to **wal\_level=hot\_standby**, **hot\_standby = on**, and **hot\_standby\_feedback = on**. -3. After the modification, start the primary and standby nodes. - +# \(Optional\) Setting the Standby Node to Readable + +Readable standby node is an optional feature. You need to modify the configuration parameters and restart the primary and standby nodes before using this feature. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements. + +## Procedure + +1. If the openGauss database instance is running on the primary and standby nodes, stop the database instance on both nodes. +2. Open the **postgres.conf** configuration files of the primary and standby nodes based on the corresponding paths in [Table 2](configuring-primary-database-node-information.md#en-us_topic_0241802596_table15838192510429), find the corresponding parameters, and change the parameter values to **wal\_level=hot\_standby**, **hot\_standby = on**, and **hot\_standby\_feedback = on**. +3. After the modification, start the primary and standby nodes. + diff --git a/content/en/docs/installation/checking-the-health-status.md b/content/en/docs/installation/checking-the-health-status.md deleted file mode 100644 index 6e2a5f3487630f4b77bbf19d1a5227d216641580..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/checking-the-health-status.md +++ /dev/null @@ -1,61 +0,0 @@ -# Checking the Health Status - -Use the **gs\_checkos** tool provided by openGauss to check the OS status. - -## Prerequisites - -- The hardware and network are working properly. -- The trust relationship of user **root** among the hosts is normal. -- Only user **root** is authorized to run the **gs\_checkos** command. - -## Procedure - -1. Log in to a server as user **root**. -2. Run the following command to check OS parameters of servers where the openGauss nodes are deployed: - - ``` - gs_checkos -i A - ``` - - Check the OS parameters to ensure that the openGauss has passed the pre-installation check and can efficiently operate after it is installed. For details about the check items, see "gs\_checkos" in the _Tool Reference_. - - -## Examples - -Before running the **gs\_checkos** command, execute the **gs\_preinstall** script to prepare the environment. The following uses parameter **A** as an example: - -``` -gs_checkos -i A -Checking items: - A1. [ OS version status ] : Normal - A2. [ Kernel version status ] : Normal - A3. [ Unicode status ] : Normal - A4. [ Time zone status ] : Normal - A5. [ Swap memory status ] : Normal - A6. [ System control parameters status ] : Normal - A7. [ File system configuration status ] : Normal - A8. [ Disk configuration status ] : Normal - A9. [ Pre-read block size status ] : Normal - A10.[ IO scheduler status ] : Normal - A11.[ Network card configuration status ] : Normal - A12.[ Time consistency status ] : Warning - A13.[ Firewall service status ] : Normal - A14.[ THP service status ] : Normal -Total numbers:14. Abnormal numbers:0. Warning number:1. -``` - -The following uses parameter **B** as an example: - -``` -gs_checkos -i B -Setting items: - B1. [ Set system control parameters ] : Normal - B2. [ Set file system configuration value ] : Normal - B3. [ Set pre-read block size value ] : Normal - B4. [ Set IO scheduler value ] : Normal - B5. [ Set network card configuration value ] : Normal - B6. [ Set THP service ] : Normal - B7. [ Set RemoveIPC value ] : Normal -Total numbers:6. Abnormal numbers:0. Warning number:0. -``` - diff --git a/content/en/docs/installation/completing-the-installation.md b/content/en/docs/installation/completing-the-installation.md deleted file mode 100644 index 21f478aa1cb11cc9dce0beb4c76722316edc6c06..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/completing-the-installation.md +++ /dev/null @@ -1 +0,0 @@ -This document describes how to complete installing openGauss. diff --git a/content/en/docs/installation/configuration-file-for-primary-secondary-deployment.md b/content/en/docs/installation/configuration-file-for-primary-secondary-deployment.md deleted file mode 100644 index 62cd054b5b71988f4054c790a9c67981f6bf98f6..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/configuration-file-for-primary-secondary-deployment.md +++ /dev/null @@ -1,47 +0,0 @@ -# Configuration File for Primary/Secondary Deployment - -``` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -``` - diff --git a/content/en/docs/installation/configuration-file-for-single-instance-deployment.md b/content/en/docs/installation/configuration-file-for-single-instance-deployment.md deleted file mode 100644 index 8658653eb2109c9ffcb459a81531159f465188a7..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/configuration-file-for-single-instance-deployment.md +++ /dev/null @@ -1,37 +0,0 @@ -# Configuration File for Single-Instance Deployment - -``` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -``` - diff --git a/content/en/docs/installation/configurations-during-installation.md b/content/en/docs/installation/configurations-during-installation.md deleted file mode 100644 index 22ceb37c12ec9a2c20992d04a9427fb45f9b2078..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/configurations-during-installation.md +++ /dev/null @@ -1 +0,0 @@ -This document describes configurations during installing openGauss. diff --git a/content/en/docs/installation/configuring-os-parameters.md b/content/en/docs/installation/configuring-os-parameters.md deleted file mode 100644 index 3aad3fa1825b09cb23d6dc733ad5dac83ac692a8..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/configuring-os-parameters.md +++ /dev/null @@ -1,503 +0,0 @@ -# Configuring OS Parameters - -openGauss requires that the OS parameters on every host be set to specified values to ensure system running performance. - -Some of these parameters are set during the openGauss installation environment preparation phase, and these parameters directly affect the running status of the openGauss. You need to manually adjust these parameters only when necessary. You can use the following methods: - -1. Log in to a server as user **root**. -2. Modify the **/etc/sysctl.conf** file. - - For details about how to modify parameters, see [OS Parameters](#en-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section3705271819540). - -3. Run the following command to make the modifications take effect: - - ``` - sysctl -p - ``` - - -## OS Parameters - -**Table 1** OS parameters - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Parameter

-

Description

-

Recommended Value

-

net.ipv4.tcp_max_tw_buckets

-

Specifies the maximum number of TCP/IP connections concurrently remaining in the TIME_WAIT state. If the number of TCP/IP connections concurrently remaining in the TIME_WAIT state exceeds the value of this parameter, the TCP/IP connections in the TIME_WAIT state will be released immediately, and alarm information will be printed.

-

10000

-

net.ipv4.tcp_tw_reuse

-

Reuses sockets whose status is TIME-WAIT for new TCP connections.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

net.ipv4.tcp_tw_recycle

-

Rapidly reclaims sockets whose status is TIME-WAIT in TCP connections.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

net.ipv4.tcp_keepalive_time

-

Specifies how often keep-alive messages are sent through TCP connections when Keep-Alive is enabled.

-

30

-

net.ipv4.tcp_keepalive_probes

-

Specifies the number of keep-alive detection packets sent through a TCP connection before the connection is regarded invalid. The product of the parameter value multiplied by the value of the tcp_keepalive_intvl parameter determines the response timeout after a keep-alive message is sent through a connection.

-

9

-

net.ipv4.tcp_keepalive_intvl

-

Specifies how often a detection packet is re-sent when the previous packets are not acknowledged.

-

30

-

net.ipv4.tcp_retries1

-

Specifies the maximum TCP reattempts during the connection establishment process.

-

5

-

net.ipv4.tcp_syn_retries

-

Specifies the maximum SYN packet reattempts in the TCP.

-

5

-

net.ipv4.tcp_synack_retries

-

Specifies the maximum SYN response packet reattempts in the TCP.

-

5

-

net.sctp.path_max_retrans

-

Specifies the maximum SCTP reattempts.

-

10

-

net.sctp.max_init_retransmits

-

Specifies the maximum INIT packet reattempts in the SCTP.

-

10

-

net.sctp.association_max_retrans

-

Specifies the maximum reattempts of a single logical connection in the SCTP.

-

10

-

net.sctp.hb_interval

-

Specifies the retransmission interval of heartbeat detection packets in the SCTP.

-

30000

-

net.ipv4.tcp_retries2

-

Specifies the number of times that the kernel re-sends data to a connected remote host. A smaller value leads to earlier detection of an invalid connection to the remote host, and the server can quickly release this connection.

-

If "connection reset by peer" is displayed, increase the value of this parameter to avoid the problem.

-

12

-

vm.overcommit_memory

-

Specifies the kernel check method during memory allocation.

-
  • 0: The system accurately calculates the current available memory.
  • 1: The system returns a success message without a kernel check.
  • 2: The system returns a failure message if the memory size you have applied for exceeds the result of the following formula: Total memory size x Value of vm.overcommit_ratio/100 + Total SWAP size.
-

The default value is 2, which is too conservative. The recommended value is 0. If memory usage is high, set this parameter to 1.

-

0

-

net.sctp.sndbuf_policy

-

Specifies the buffer allocation policy on the SCTP sender.

-
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
-

0

-

net.sctp.rcvbuf_policy

-

Specifies the buffer allocation policy on the SCTP receiver.

-
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
-

0

-

net.sctp.sctp_mem

-

Specifies the maximum free memory of the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

-

94500000 915000000 927000000

-

net.sctp.sctp_rmem

-

Specifies the total free memory for receiving data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

-

8192 250000 16777216

-

net.sctp.sctp_wmem

-

Specifies the total free memory for sending data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

-

8192 250000 16777216

-

net.ipv4.tcp_rmem

-

Specifies the free memory in the TCP receiver buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

-

8192 250000 16777216

-

net.ipv4.tcp_wmem

-

Specifies the free memory in the TCP sender buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

-

8192 250000 16777216

-

net.core.wmem_max

-

Specifies the maximum size of the socket sender buffer.

-

21299200

-

net.core.rmem_max

-

Specifies the maximum size of the socket receiver buffer.

-

21299200

-

net.core.wmem_default

-

Specifies the default size of the socket sender buffer.

-

21299200

-

net.core.rmem_default

-

Specifies the default size of the socket receiver buffer.

-

21299200

-

net.ipv4.ip_local_port_range

-

Specifies the range of temporary ports that can be used by a physical server.

-

26000-65535

-

kernel.sem

-

Specifies the kernel semaphore.

-

250 6400000 1000 25600

-

vm.min_free_kbytes

-

Specifies the minimum free physical memory reserved for unexpected page breaks.

-

5% of the total system memory

-

net.core.somaxconn

-

Specifies the maximum length of the listening queue of each port. This is a global parameter.

-

65535

-

net.ipv4.tcp_syncookies

-

Specifies whether to enable SYN cookies to guard the OS against SYN attacks when the SYN waiting queue overflows.

-
  • 0: The SYN cookies are disabled.
  • 1: The SYN cookies are enabled.
-

1

-

net.sctp.addip_enable

-

Specifies whether dynamic address reset of the SCTP is enabled.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

0

-

net.core.netdev_max_backlog

-

Specifies the maximum number of data packets that can be sent to the queue when the rate at which the network device receives data packets is higher than that at which the kernel processes the data packets.

-

65535

-

net.ipv4.tcp_max_syn_backlog

-

Specifies the maximum number of unacknowledged connection requests to be recorded.

-

65535

-

net.ipv4.tcp_fin_timeout

-

Specifies the default timeout duration.

-

60

-

kernel.shmall

-

Specifies the total shared free memory of the kernel.

-

1152921504606846720

-

kernel.shmmax

-

Specifies the maximum value of a shared memory segment.

-

18446744073709551615

-

net.ipv4.tcp_sack

-

Specifies whether selective acknowledgment is enabled. The selective acknowledgment on out-of-order packets can increase system performance. Restricting users to sending only lost packets (for wide area networks) should be enabled, but this will increase CPU usage.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

net.ipv4.tcp_timestamps

-

Specifies whether the TCP timestamp (12 bytes are added in the TCP packet header) enables a more accurate RTT calculation than the retransmission timeout (for details, see RFC 1323) for better performance.

-
  • 0: This function is disabled.
  • 1: This function is enabled.
-

1

-

vm.extfrag_threshold

-

When system memory is insufficient, Linux will score the current system memory fragments. If the score is higher than the value of vm.extfrag_threshold, kswapd triggers memory compaction. When the value of this parameter is close to 1000, the system tends to swap out old pages when processing memory fragments to meet the application requirements. When the value of this parameter is close to 0, the system tends to do memory compaction when processing memory fragments.

-

500

-

vm.overcommit_ratio

-

When the system uses the algorithms where memory usage never exceeds the thresholds, the total memory address space of the system cannot exceed the value of swap+RAM multiplied by the percentage specified by this parameter. When the value of vm.overcommit_memory is set to 2, this parameter takes effect.

-

90

-

/sys/module/sctp/parameters/no_checksums

-

Specifies whether checksum is disabled in SCTP.

-

0

-

MTU

-

Specifies the maximum transmission unit (MTU) for a node NIC. The default value is 1500 in the OS. You can set it to 8192 to improve the performance of sending and receiving data using SCTP.

-

8192

-
- -## File System Parameters - -- soft nofile - - Indicates the soft limit. The number of file handles used by a user can exceed this parameter value. However, an alarm will be reported. - - Recommended value: **1000000** - -- hard nofile - - Indicates the hard limit. The number of file handles used by a user cannot exceed this parameter value. - - Recommended value: **1000000** - -- stack size - - Indicates the thread stack size. - - Recommended value: **3072** - - -## Setting the transparent\_hugepage Service - -By default, openGauss disables the transparent\_hugepage service and this setting is written into the OS startup file. - -## Setting File Handles - -To manually set the number of file handles, run the following commands to modify the involved parameters as user **root**: - -``` -echo "* soft nofile 1000000" >>/etc/security/limits.conf -echo "* hard nofile 1000000" >>/etc/security/limits.conf -``` - -After the modification is complete, restart the OS to make the setting take effect. - -**Table 2** Parameters for setting the number of file handles - - - - - - - - - - - - - - - - - - - -

Parameter

-

Description

-

Automatically Set by Scripts During Pre-Installation

-

Recommended Value

-

* soft nofile

-

Specifies the soft limit on the number of file handles. For example, if this parameter is set to 1000000, any user can open a maximum of 1,000,000 files regardless of how many shells are enabled.

-

Yes

-

1000000

-

* hard nofile

-

Specifies the hard limit. The soft limit must be less than or equal to the hard limit.

-

Yes

-

1000000

-
- -## Setting the Maximum Number of Allowed Processes - -To manually set the maximum number of allowed processes, run the following command to open the configuration file: - -``` -vim /etc/security/limits.d/90-nproc.conf -``` - -Modify the **\* soft nproc** parameter in the file. - -After the modification is complete, restart the OS to make the setting take effect. - -**Table 3** Setting the maximum number of allowed processes - - - - - - - - - - - - - - -

Parameter

-

Description

-

Automatically Set by Scripts During Pre-Installation

-

Recommended Value

-

* soft nproc

-

Specifies the maximum number of processes allowed per user.

-

No

-

60000

-
- -## Setting NIC Parameters - -**Table 4** Setting NIC parameters - - - - - - - - - - - - - - - - - - - - - - - - -

Parameter

-

Description

-

Automatically Set by Scripts During Pre-Installation

-

Recommended Value

-

rx

-

Specifies the receive queue length for an NIC.

-

Yes

-

4096

-

tx

-

Specifies the transmission queue length for an NIC.

-

Yes

-

4096

-

mtu

-

Specifies the maximum transmission unit for an NIC.

-

Yes

-

x86: 1500

-

ARM: 8192

-
- ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->- NIC parameters can be configured only for 10GE and larger service NICs, that is, the NIC bound to **backIp1**. ->- The commands for setting NIC parameters are written into the OS startup file only after the parameters are successfully set. Information about command execution failures is recorded in logs on the server. - diff --git a/content/en/docs/installation/configuring-primary-database-node-information.md b/content/en/docs/installation/configuring-primary-database-node-information.md deleted file mode 100644 index 6e5d5a6733578d43bff42f5b07a5111a0a0ef103..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/configuring-primary-database-node-information.md +++ /dev/null @@ -1,90 +0,0 @@ -# Configuring Primary Database Node Information - -The information in bold is only an example. You can replace it as required. Each line of information is commented out. - -**Configure the following information for the primary database node:** - -``` - - - - - - - - -``` - -**Table 1** Parameter description - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Instance Type

-

Parameter

-

Description

-

DBnode

-

dataNum

-

Number of database nodes to be deployed on the current host.

-

dataPortBase

-

Basic port number of the database node. The default value is 40000.

-

dataListenIp1

-

IP address being listened on. This address is used to receive requests for connections from other database nodes. If this parameter is not set, the value is determined based on backIp1 of the corresponding host.

-

If a virtual IP address is configured, this parameter can be set to a virtual IP address.

-

dataHaIp1

-

IP address used for communication between the primary and standby database nodes. If this parameter is not set, the value is determined based on backIp of the corresponding host.

-

This parameter can be set to the IP addresses of the hosts where the primary and standby database nodes reside.

-

dataNode1

-

Directory for storing data of the database nodes on the current host. It is a data storage directory, and should be on a data disk.

-

dataNode1_syncNum

-

Number of nodes in synchronous mode in the current cluster. This parameter is optional. The value ranges from 0 to the number of standby database nodes.

-
- -**Table 2** Database instance data directories - - - - - - - - - - - - - -

Instance

-

Data Directory

-

Primary database node

-

/opt/huawei/install/data/xxx

-

xxx indicates the name of the current primary database node.

-

Standby database node

-

/opt/huawei/install/data/slaveX

-

slaveX indicates the name of the current standby database node.

-
- - diff --git a/content/en/docs/installation/configuring-the-basic-host-information.md b/content/en/docs/installation/configuring-the-basic-host-information.md deleted file mode 100644 index 5e7adf431614e212d68463ceff85eca7c1a20ca1..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/configuring-the-basic-host-information.md +++ /dev/null @@ -1,72 +0,0 @@ -# Configuring the Basic Host Information - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->Each server must contain the following information. The following uses **node1** as an example. - -The information in bold is only an example. You can replace it as required. Each line of information is commented out. - -``` - - - - - - - - - - - - -``` - -**Table 1** Parameter description - - - - - - - - - - - - - - - - - - - - - - - - -

Instance Type

-

Parameter

-

Description

-

Overall information

-

name

-

Host name.

-

azName

-

AZ name. The value is a character string that cannot contain special characters, for example, AZ1, AZ2, and AZ3.

-

azPriority

-

AZ priority.

-

backIp1

-

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

-

sshIp1

-

External IP address of the SSH reliable channel. If no external network is used, you can leave it empty or set it to the value of backIp1.

-
- ->![](public_sys-resources/icon-note.gif) **NOTE:** ->Only one IP address can be configured for all IP parameters \(including **backIp**, **sshIp**, and **listenIp**\) in the configuration file. Excessive IP addresses are ignored. ->For example, you can configure **backIp1** and **backIp2** in the XML configuration file as follows: ->When the file is parsed, only **backIp1** takes effect. ->``` -> -> ->``` - diff --git a/content/en/docs/installation/configuring-the-locale-and-character-set.md b/content/en/docs/installation/configuring-the-locale-and-character-set.md deleted file mode 100644 index 1645733501f85021cf2a516c38b5f1299756685d..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/configuring-the-locale-and-character-set.md +++ /dev/null @@ -1,119 +0,0 @@ -# Configuring the Locale and Character Set - -This section details two important parameters **locale** and **character set** which are controlled by specifying related initialization GUC parameters during installation. - -## Concepts - -Locale: - -- A locale involves culture-related issues \(such as letters, sequences, and digit formats\) considered in applications. -- A locale will be initialized when you run the **gs\_install** script to initialize a database. By default, the database is initialized by **gs\_install** based on the default OS locale. If the default OS locale is the same as the planned one, you do not need to set **locale** during database initialization. - -Character set \(encoding\): - -- openGauss supports GBK, UTF-8, and Latin1 encoding. -- A character set will be initialized when you run the **gs\_install** script to initialize a database. By default, the database is initialized by **gs\_install** based on the character set corresponding to the default OS locale. When creating a database, you can modify the default character set. Different character sets can be set for different databases. - -## Planning Rules and Methods - -- Plan character sets by referring to rules and methods listed in [Table 1](#en-us_topic_0241805810_en-us_topic_0085434664_en-us_topic_0059782037_table4528029520399). - - **Table 1** Character set - - - - - - - - - - - - - - - - - - -

Character Set

-

Planning Rule

-

Method

-

GBK

-

A two-byte Chinese character set with fixed-length encoding is used when the database requires only Chinese characters, handles a large amount of data, and requires high performance. For the openGauss, the Chinese character set can only be GBK.

-
  • During database installation, specify the -E initialization parameter.
  • When you use an SQL statement to create a database, specify the ENCODING parameter.
-

For details, see Examples.

-

UTF-8

-

A Unicode character set is used when an application processes various characters or releases processing results in countries or regions using different languages. For the openGauss, the Unicode character set can only be UTF-8.

-

Latin1

-

The Latin1 character set is used when a database supports only ASCII characters as well as Western European, Greek, Thai, Arabic, and Hebrew characters.

-
- - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- Character set names are case-insensitive, for example, the following values are supported by openGauss: **gbk** and **GBK**; **UTF-8**, **UTF8**, **uft8**, and **utf-8**; and **Latine1** and **latine1**. - >- If no character set is specified during installation, the default character set SQL\_ASCII is used. For details about how to specify a character set during installation, see [Examples](#en-us_topic_0241805810_en-us_topic_0085434664_en-us_topic_0059782037_sa523d6a2a09c4cf29d503e2175747721). - -- Plan a locale by performing the following steps: - 1. Check the locale that matches the specified character set \(for example, UTF-8\). - - ``` - locale -a |grep utf8 - ``` - - Information similar to the following is displayed, where **en\_US.utf8** indicates that the en\_US locale supports the UTF-8 encoding format. - - ``` - ...... - en_SG.utf8 - en_US.utf8 - ...... - ``` - - 2. Set a locale when initializing a database. For details, see [Examples](#en-us_topic_0241805810_en-us_topic_0085434664_en-us_topic_0059782037_sa523d6a2a09c4cf29d503e2175747721). - - -## Examples - -Example 1: During the database initialization, set the character set to **UTF-8** and the locale to **zh\_CN.UTF-8**. - -``` -gs_initdb -E UTF-8 --locale=zh_CN.UTF-8 /opt/gaussdb/data/data_n1 --nodename dn1 -w "Bigdata@123" -``` - -**/opt/gaussdb/data/data\_n1** is the database node directory after the installation, and the database user password is **Bigdata@123**. - -Information similar to the following is displayed: - -``` -The files belonging to this database system will be owned by user "xlnha". -This user must also own the server process. - -The database cluster will be initialized with locale "zh_CN.UTF-8". -gs_initdb: could not find suitable text search configuration for locale "zh_CN.UTF-8" -The default text search configuration will be set to "simple". - -fixing permissions on existing directory /opt/gaussdb/data1 ... ok -creating subdirectories ... ok -selecting default max_connections ... 100 -selecting default shared_buffers ... 32MB -creating configuration files ... ok -...... -``` - -Example 2: When using an SQL statement to create a database, set the character set to **GBK**. - -``` -gsql -d postgres -p 1255 -``` - -``` -postgres=# CREATE DATABASE mydb WITH ENCODING 'GBK' template = template0; -``` - -Information similar to the following is displayed: - -``` -CREATE DATABASE -``` - diff --git a/content/en/docs/installation/creating-a-configuration-file.md b/content/en/docs/installation/creating-a-configuration-file.md deleted file mode 100644 index ff9db252ed561c1f5a101639ff725a3070c030eb..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/creating-a-configuration-file.md +++ /dev/null @@ -1,15 +0,0 @@ -# Creating a Configuration File - -Before installing the openGauss, you need to create a configuration file. The configuration file in the XML format contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the configuration file according to the actual deployment requirements. - -The following describes how to create an XML configuration file based on the deployment solution of one primary node and one standby node. - -- **[Configuring the Database Name and Directories](configuring-the-database-name-and-directories.md)** - -- **[Configuring the Basic Host Information](configuring-the-basic-host-information.md)** - -- **[Configuring Primary Database Node Information](configuring-primary-database-node-information.md)** - -- **[Examples](examples.md)** - - diff --git a/content/en/docs/installation/configuring-the-database-name-and-directories.md b/content/en/docs/installation/creating-an-xml-configuration-file.md similarity index 40% rename from content/en/docs/installation/configuring-the-database-name-and-directories.md rename to content/en/docs/installation/creating-an-xml-configuration-file.md index 1c19e471b5451cf427ec5762506268d2838ac354..102d6f7e47e85f6792a6509fdbcb28204cc3e5b2 100644 --- a/content/en/docs/installation/configuring-the-database-name-and-directories.md +++ b/content/en/docs/installation/creating-an-xml-configuration-file.md @@ -1,106 +1,283 @@ -# Configuring the Database Name and Directories - -The information in bold is only an example. You can replace it as required. Each line of information is commented out. - -``` - - - - - - - - - - - - - - - - - - - - - - - -``` - ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->- The **/opt/huawei/install/om** directory is used to store tools for mutual trust. To avoid permission problems, do not store instance data in the directory. ->- The installation and data directories must be empty or do not exist. Otherwise, the installation may fail. ->- When configuring database instances, ensure that the configured directories are not coupled with each other. This means that the configured directories must not be associated with each other. If any directory is deleted, the other directories will not be deleted accordingly. For example, **gaussdbAppPath** is **/opt/huawei/install/app** and **gaussdbLogPath** is **/opt/huawei/install/app/omm**. If the directory specified by **gaussdbAppPath** is deleted, that specified by **gaussdbLogPath** will also be deleted, causing unexpected problems. ->- If the installation script is required to automatically create installation users, ensure that the configured directories are not coupled with the default user directories created by the system. ->- The openGauss and instance paths cannot contain double backslashes \(\\\\\) or the following characters: |;&$<\>\`'\\"\{\}\(\)\[\]\~\*? ->- When configuring the database node name, run the **hostname** command to obtain the host name of the database node and replace **node1** and **node2** in the example with the obtained host name. - -**Table 1** Parameter description - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Instance Type

-

Parameter

-

Description

-

Overall information

-

clusterName

-

openGauss name.

-

nodeNames

-

Host name in the openGauss.

-

backIp1s

-

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

-

gaussdbAppPath

-

Installation directory of the openGauss program. This directory must meet the following requirements:

-
  • The disk space is greater than 1 GB.
  • This directory is independent of other directories required by the database.
-

gaussdbLogPath

-

Directory that stores run logs and operation logs of the openGauss. This directory must meet the following requirements:

-
  • You are advised to plan the disk space based on the number of database nodes on the host. Reserve 1 GB space for database nodes and reserve redundant space.
  • This directory is independent of other directories required by the openGauss.
-

This directory is optional. If the directory is not specified, $GAUSSLOG/Installation username will be specified as the log directory by default during openGauss installation.

-

tmpdbPath

-

Directory for storing temporary database files.

-

If tmpdbPath is not set, the file is stored in /opt/huawei/wisequery/perfadm_db by default.

-

gaussdbToolPath

-

Directory for storing openGauss system tools. This directory is used to store tools for mutual trust. This directory must meet the following requirements:

-
  • The disk space is greater than 100 MB.
  • This directory cannot be changed and is independent of other directories required by the database.
-

This directory is optional. If this parameter is not specified, /opt/huawei/wisequery is specified as the database system tool directory by default during openGauss installation.

-

corePath

-

Directory for storing the openGauss core file.

-

clusterType

-

openGauss type cluster type. This parameter is optional.

-

single-inst indicates the standalone cluster with one primary node and multiple standby nodes.

-
- +# Creating an XML Configuration File + +Before installing the openGauss, you need to create the **clusterconfig.xml** file. The **clusterconfig.xml** file contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the XML configuration file according to the actual deployment requirements. + +The following describes how to create an XML configuration file based on the deployment solution of one primary node and one standby node. + + + +- [Configuring the Database Name and Directories](#configuring-the-database-name-and-directoriesa-nameen-us_topic_0249784584a) +- [Configuring the Basic Host Information](#configuring-the-basic-host-informationa-nameen-us_topic_0249784567a) +- [Configuring Primary Database Node Information](#configuring-primary-database-node-informationa-nameen-us_topic_0249784583a) + + + + +## Configuring the Database Name and Directories + +The information in bold is only an example. You can replace it as required. Each line of information is commented out. + +``` + + + + + + + + + + + + + + + + + + + + + + + +``` + +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>- The **/opt/huawei/install/om** directory is used to store tools for mutual trust. To avoid permission problems, do not store instance data in the directory. +>- The installation and data directories must be empty or do not exist. Otherwise, the installation may fail. +>- When configuring database instances, ensure that the configured directories are not coupled with each other. This means that the configured directories must not be associated with each other. If any directory is deleted, the other directories will not be deleted accordingly. For example, **gaussdbAppPath** is **/opt/huawei/install/app** and **gaussdbLogPath** is **/opt/huawei/install/app/omm**. If the directory specified by **gaussdbAppPath** is deleted, that specified by **gaussdbLogPath** will also be deleted, causing unexpected problems. +>- If the installation script is required to automatically create installation users, ensure that the configured directories are not coupled with the default user directories created by the system. +>- The openGauss and instance paths cannot contain double backslashes \(\\\\\) or the following characters: |;&$<\>\`'\\"\{\}\(\)\[\]\~\*? +>- When configuring the database node name, run the **hostname** command to obtain the host name of the database node and replace **node1** and **node2** in the example with the obtained host name. + +**Table 1** Parameter description + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Instance Type

+

Parameter

+

Description

+

Overall information

+

clusterName

+

openGauss name.

+

nodeNames

+

Host name in the openGauss.

+

backIp1s

+

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

+

gaussdbAppPath

+

Installation directory of the openGauss program. This directory must meet the following requirements:

+
  • The disk space is greater than 1 GB.
  • This directory is independent of other directories required by the database.
+

gaussdbLogPath

+

Directory that stores run logs and operation logs of the openGauss. This directory must meet the following requirements:

+
  • You are advised to plan the disk space based on the number of database nodes on the host. Reserve 1 GB space for database nodes and reserve redundant space.
  • This directory is independent of other directories required by the openGauss.
+

This directory is optional. If the directory is not specified, $GAUSSLOG/Installation username will be specified as the log directory by default during openGauss installation.

+

tmpdbPath

+

Directory for storing temporary database files.

+

If tmpdbPath is not set, the file is stored in /opt/huawei/wisequery/perfadm_db by default.

+

gaussdbToolPath

+

Directory for storing openGauss system tools. This directory is used to store tools for mutual trust. This directory must meet the following requirements:

+
  • The disk space is greater than 100 MB.
  • This directory cannot be changed and is independent of other directories required by the database.
+

This directory is optional. If this parameter is not specified, /opt/huawei/wisequery is specified as the database system tool directory by default during openGauss installation.

+

corePath

+

Directory for storing the openGauss core file.

+

clusterType

+

openGauss type cluster type. This parameter is optional.

+

single-inst indicates the standalone cluster with one primary node and multiple standby nodes.

+
+ +## Configuring the Basic Host Information + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>Each server must contain the following information. The following uses **node1** as an example. + +The information in bold is only an example. You can replace it as required. Each line of information is commented out. + +``` + + + + + + + + + + + + +``` + +**Table 1** Parameter description + + + + + + + + + + + + + + + + + + + + + + + + +

Instance Type

+

Parameter

+

Description

+

Overall information

+

name

+

Host name.

+

azName

+

AZ name. The value is a character string that cannot contain special characters, for example, AZ1, AZ2, and AZ3.

+

azPriority

+

AZ priority.

+

backIp1

+

Intranet IP address of the host in the backend storage network. All the openGauss hosts communicate with each other on this network.

+

sshIp1

+

External IP address of the SSH reliable channel. If no external network is used, you can leave it empty or set it to the value of backIp1.

+
+ +>![](public_sys-resources/icon-note.gif) **NOTE:** +>Only one IP address can be configured for all IP parameters \(including **backIp**, **sshIp**, and **listenIp**\) in the configuration file. Excessive IP addresses are ignored. +>For example, you can configure **backIp1** and **backIp2** in the XML configuration file as follows: +>When the file is parsed, only **backIp1** takes effect. +>``` +> +> +>``` + +## Configuring Primary Database Node Information + +The information in bold is only an example. You can replace it as required. Each line of information is commented out. + +**Configure the following information for the primary database node:** + +``` + + + + + + + + +``` + +**Table 1** Parameter description + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Instance Type

+

Parameter

+

Description

+

DBnode

+

dataNum

+

Number of database nodes to be deployed on the current host.

+

dataPortBase

+

Basic port number of the database node. The default value is 40000.

+

dataListenIp1

+

IP address being listened on. This address is used to receive requests for connections from other database nodes. If this parameter is not set, the value is determined based on backIp1 of the corresponding host.

+

If a virtual IP address is configured, this parameter can be set to a virtual IP address.

+

dataHaIp1

+

IP address used for communication between the primary and standby database nodes. If this parameter is not set, the value is determined based on backIp of the corresponding host.

+

This parameter can be set to the IP addresses of the hosts where the primary and standby database nodes reside.

+

dataNode1

+

Directory for storing data of the database nodes on the current host. It is a data storage directory, and should be on a data disk.

+

dataNode1_syncNum

+

Number of nodes in synchronous mode in the current cluster. This parameter is optional. The value ranges from 0 to the number of standby database nodes.

+
+ +**Table 2** Database instance data directories + + + + + + + + + + + + + +

Instance

+

Data Directory

+

Primary database node

+

/opt/huawei/install/data/xxx

+

xxx indicates the name of the current primary database node.

+

Standby database node

+

/opt/huawei/install/data/slaveX

+

xxx indicates the name of the current standby database node.

+
+ + \ No newline at end of file diff --git a/content/en/docs/installation/creating-the-required-user-account-and-configuring-the-installation-environment.md b/content/en/docs/installation/creating-the-required-user-account-and-configuring-the-installation-environment.md deleted file mode 100644 index 99a925129de01420cc89998b09ccc77dd56150ab..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/creating-the-required-user-account-and-configuring-the-installation-environment.md +++ /dev/null @@ -1,361 +0,0 @@ -# Creating the Required User Account and Configuring the Installation Environment - -After the openGauss configuration file is created, you need to run the **gs\_preinstall** script to prepare the account and environment so that you can perform openGauss installation and management operations with the minimum permission, ensuring system security. - -Executing the **gs\_preinstall** script enables the system to automatically complete the following installation preparations: - -- Sets kernel parameters for the SUSE Linux OS to improve server load performance. The kernel parameters directly affect database running status. Reconfigure them only when necessary. For details about the Linux OS kernel parameter settings in openGauss, see [Configuring OS Parameters](configuring-os-parameters.md). -- Automatically copies the openGauss configuration files and installation packages to the same directory on each openGauss host. -- If the installation user and user group of the openGauss do not exist, the system automatically creates them. -- Reads the directory information in the openGauss configuration file, creates the directory, and grants the directory permission to the installation user. - -## Prerequisites - -- You have completed all the tasks described in [Preparing for Installation](preparing-for-installation.md). - -## Precautions - -- You must check the upper-layer directory permissions to ensure that the user has the read, write, and execution permissions on the installation package and configuration file directory. -- The mapping between each host name and IP address in the XML configuration file must be correct. -- Only user **root** is authorized to run the **gs\_preinstall** command. - -## Procedure - -1. Log in to any host where the openGauss is to be installed as user **root** and create a directory for storing the installation package as planned. - - ``` - mkdir -p /opt/software/openGauss - chmod 755 -R /opt/software - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- Do not create the directory in the home directory or subdirectory of any openGauss user because you may lack permissions for such directories. - >- The openGauss user must have the read and write permissions on the **/opt/software/openGauss** directory. - -2. The release package is used as an example. Upload the installation package **openGauss\_x.x.x\_PACKAGES\_RELEASE.tar.gz** and the configuration file **clusterconfig.xml** to the directory created in the previous step. -3. Go to the directory for storing the uploaded software package and decompress the package. - - ``` - cd /opt/software/openGauss - tar -zxvf openGauss_x.x.x_PACKAGES_RELEASE.tar.gz - ``` - - [Table 1](#en-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_te4a9d557337c400c85acff184476a722) describes the contents of the decompressed software package. - - **Table 1** Description about the installation package - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Package Name

-

Description

-

openGauss-x.x.x-openEULER-64bit-ClientTools.tar.gz

-

Used to install the client in the SUSE Linux OS. This software package contains the gsql, dump restore tool, ODBC driver, JDBC driver, and Libpq library.

-

openGauss-x.x.x-openEULER-64bit-Jdbc.tar.gz

-

Used to install the JDBC driver in the SUSE Linux OS.

-

openGauss-x.x.x-openEULER-64bit-Libpq.tar.gz

-

Used to install the libpq library in the SUSE Linux OS.

-

openGauss-x.x.x-openEULER-64bit-Odbc.tar.gz

-

Used to install the ODBC driver in the SUSE Linux OS.

-

openGauss-x.x.x-openEULER-64bit-symbol.tar.gz

-

Provides the support file for debugging and locating database problems.

-

openGauss-x.x.x-openEULER-64bit.tar.gz

-

Used to install the database management system. This software package is the one used for database installation in this document.

-

openGauss-x.x.x-Sslcert.tar.gz

-

Certificate used for client-side server authentication.

-

openGauss-x.x.x-Inspection.tar.gz

-

Used to check the health status of the database.

-
- -4. Decompress the **openGauss-_x.x.x_-openEULER-64bit.tar.gz** package. - - ``` - tar -zxvf openGauss-x.x.x-openEULER-64bit.tar.gz - ``` - - After the installation package is decompressed, the **script** subdirectory is automatically generated in **/opt/software/openGauss**. OM tool scripts such as **gs\_preinstall** are generated in the **script** subdirectory. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- When you execute the **gs\_preinstall** script, plan the directory for storing the openGauss configuration file, directory for storing software packages, installation directories of programs, and directories of instance data. Common users cannot change the directories after the directories are specified. - >- When you execute the **gs\_preinstall** script to prepare the installation environment, the script automatically copies the openGauss configuration file and decompressed installation package to the same directory on other servers. - >- Before executing **gs\_preinstall** and establishing mutual trust, check whether the **/etc/profile** file contains error information. If it does, manually rectify the error. - -5. Go to the directory for storing tool scripts. - - ``` - cd /opt/software/openGauss/script - ``` - -6. If the openEuler operating system is used, run the following command to open the **performance.sh** file, comment out **sysctl -w vm.min\_free\_kbytes=112640 &\> /dev/null** using the number sign \(\#\), press **Esc** to enter the command mode, and run the **:wq** command to save the modification and exit. - - ``` - vi /etc/profile.d/performance.sh - ``` - -7. To ensure that the OpenSSL version is correct, load the **lib** library in the installation package before preinstallation. Run the following command. **\{packagePath\}** indicates the path where the installation package is stored. In this example, the path is **/opt/software/openGauss**. - - ``` - export LD_LIBRARY_PATH={packagePath}/script/gspylib/clib:$LD_LIBRARY_PATH - ``` - -8. To ensure successful installation, check whether the values of **hostname** and **/etc/hostname** are the same. During preinstallation, the host name is checked. -9. Execute **gs\_preinstall** to configure the installation environment. If the shared environment is used, add the **--sep-env-file=ENVFILE** parameter to separate environment variables to avoid mutual impact with other users. The environment variable separation file path is specified by users. - - Execute **gs\_preinstall** in interactive mode. During the execution, the mutual trust between users **root** and between openGauss users is automatically established. - - ``` - ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml - ``` - - **omm** is the database administrator \(also the OS user running the openGauss\), **dbgrp** is the group name of the OS user running the openGauss, and **/opt/software/openGauss/clusterconfig.xml** is the path of the openGauss configuration file. During the execution, you need to determine whether to establish mutual trust as prompted and enter the password of user **root** or the openGauss user. - - - If the mutual trust between users **root** cannot be created, create the **omm** user, perform local preinstallation on each host, and manually create the mutual trust between openGauss users. If the **-L** parameter is specified during preinstallation, manually write the mapping between the host names and IP addresses of all nodes to the **/etc/hosts** file of each host before preinstallation, add **\#Gauss OM IP Hosts Mapping** to the end of each mapping. - 1. Run the following command to configure the installation environment: - - ``` - cd /opt/software/openGauss/script - ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >You need to run this command on each host. - - - - Execute **gs\_preinstall** in non-interactive mode. - 1. Manually establish mutual trust between users **root** and between openGauss users by following the instructions provided in [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md). - 2. Run the following command to configure the installation environment: - - ``` - cd /opt/software/openGauss/script - ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- In this mode, ensure that mutual trust has been established between the root users of all nodes and between the openGauss users of the cluster before performing.In this mode, ensure that mutual trust has been established between users **root** and between openGauss users on each node before executing **gs\_preinstall**. - >- The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. - - - - -## Examples - -Execute the **gs\_preinstall** script. - -``` -plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml -Parsing the configuration file. -Successfully parsed the configuration file. -Installing the tools on the local node. -Successfully installed the tools on the local node. -Are you sure you want to create trust for root (yes/no)? yes -Please enter password for root. -Password: -Creating SSH trust for the root permission user. -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -Successfully created SSH trust for the root permission user. -Setting pssh path -Successfully set core path. -Distributing package. -Begin to distribute package to tool path. -Successfully distribute package to tool path. -Begin to distribute package to package path. -Successfully distribute package to package path. -Successfully distributed package. -Are you sure you want to create the user[omm] and create trust for it (yes/no)? yes -Please enter password for cluster user. -Password: -Please enter password for cluster user again. -Password: -Successfully created [omm] user on all nodes. -Preparing SSH service. -Successfully prepared SSH service. -Installing the tools in the cluster. -Successfully installed the tools in the cluster. -Checking hostname mapping. -Successfully checked hostname mapping. -Creating SSH trust for [omm] user. -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -Successfully created SSH trust for [omm] user. -Checking OS software. -Successfully check os software. -Checking OS version. -Successfully checked OS version. -Creating cluster's path. -Successfully created cluster's path. -Setting SCTP service. -Successfully set SCTP service. -Set and check OS parameter. -Setting OS parameters. -Successfully set OS parameters. -Preparing CRON service. -Successfully prepared CRON service. -Setting user environmental variables. -Successfully set user environmental variables. -Setting the dynamic link library. -Successfully set the dynamic link library. -Setting Core file -Successfully set core path. -Setting pssh path -Successfully set pssh path. -Set ARM Optimization. -No need to set ARM Optimization. -Fixing server package owner. -Setting finish flag. -Successfully set finish flag. -Preinstallation succeeded. -S -``` - -If the passwords of user **root** on the hosts in the cluster are different and cannot be changed to the same one, execute the **gs\_preinstall** script in local installation mode. - -``` -plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml -Parsing the configuration file. -Successfully parsed the configuration file. -Installing the tools on the local node. -Successfully installed the tools on the local node. -Checking OS version. -Successfully checked OS version. -Creating cluster's path. -Successfully created cluster's path. -Setting SCTP service. -Successfully set SCTP service. -Set and check OS parameter. -Setting OS parameters. -Successfully set OS parameters. -Warning: Installation environment contains some warning messages. -Please get more details by "/home/package/r8c00/script/gs_checkos -i A -h SIA1000068990". -Set and check OS parameter completed. -Preparing CRON service. -Successfully prepared CRON service. -Preparing SSH service. -Successfully prepared SSH service. -Setting user environmental variables. -Successfully set user environmental variables. -Configuring alarms on the cluster nodes. -Successfully configured alarms on the cluster nodes. -Setting the dynamic link library. -Successfully set the dynamic link library. -Setting Cgroup. -Successfully set Cgroup. -Setting finish flag. -Successfully set finish flag. -Preinstallation succeeded. -``` - -Execute **gs\_preinstall** in non-interactive mode. - -``` -plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive -Parsing the configuration file. -Successfully parsed the configuration file. -Installing the tools on the local node. -Successfully installed the tools on the local node. -Distributing package. -Begin to distribute package to tool path. -Successfully distribute package to tool path. -Begin to distribute package to package path. -Successfully distribute package to package path. -Successfully distributed package. -Installing the tools in the cluster. -Successfully installed the tools in the cluster. -Checking hostname mapping. -Successfully checked hostname mapping. -Checking OS version. -Successfully checked OS version. -Creating cluster's path. -Successfully created cluster's path. -Setting SCTP service. -Successfully set SCTP service. -Set and check OS parameter. -Setting OS parameters. -Successfully set OS parameters. -Set and check OS parameter completed. -Preparing CRON service. -Successfully prepared CRON service. -Preparing SSH service. -Successfully prepared SSH service. -Setting user environmental variables. -Successfully set user environmental variables. -Configuring alarms on the cluster nodes. -Successfully configured alarms on the cluster nodes. -Setting the dynamic link library. -Successfully set the dynamic link library. -Setting Cgroup. -Successfully set Cgroup. -Set ARM Optimization. -Successfully set ARM Optimization. -Setting finish flag. -Successfully set finish flag. -Preinstallation succeeded. -``` - -## Troubleshooting - -If configuring the installation environment fails, obtain the **gs\_preinstall-YYYY-MM-DD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log** files from the **$GAUSSLOG/om** directory for storing openGauss logs. Then, locate the problem based on the log information. For example, if the path specified by the **gaussdbLogPath** parameter in the configuration file is **/var/log/gaussdb**, the **$GAUSSLOG/om** path is **/var/log/gaussdb/omm/om**, and the **omm** user is the user running openGauss. - ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->While the installation user and environment is prepared, user **root** is used to add scheduled tasks for routine inspection and reporting. - diff --git a/content/en/docs/installation/deleting-cluster-configurations.md b/content/en/docs/installation/deleting-cluster-configurations.md deleted file mode 100644 index 105bd31f90fc678fceaa844ed34a1ac7a0e7d93d..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/deleting-cluster-configurations.md +++ /dev/null @@ -1,92 +0,0 @@ -# Deleting Cluster Configurations - -After the openGauss is uninstalled, execute the **gs\_postuninstall** script to delete configurations from all servers in the openGauss if you do not need to re-deploy the openGauss using these configurations. These configurations are made by the **gs\_preinstall** script. - -## Prerequisites - -- The openGauss uninstallation task has been successfully executed. -- User **root** is trustworthy and available. -- Only user **root** is authorized to run the **gs\_postuninstall** command. - -## Procedure - -1. Log in to the openGauss server as user **root**. -2. Check whether the mutual trust has been established between the users **root**. If not, manually establish the mutual trust. For details, see [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md). - - Run the **ssh **_Host name_ command to check whether mutual trust has been successfully established. Then, enter **exit**. - - ``` - plat1:~ # ssh plat2 - Last login: Tue Jan 5 10:28:18 2016 from plat1 - Huawei's internal systems must only be used for conducting Huawei's business or for purposes authorized by Huawei management.Use is subject to audit at any time by Huawei management. - plat2:~ # exit - logout - Connection to plat2 closed. - plat1:~ # - ``` - -3. Go to the following path: - - ``` - cd /opt/software/openGauss/script - ``` - -4. Run the **gs\_postuninstall** command to clear the environment. If the cluster is installed in environment variable separation mode, run the **source** command to obtain the environment variable separation file **ENVFILE**. - - ``` - ./gs_postuninstall -U omm -X /opt/software/openGauss/clusterconfig.xml --delete-user --delete-group - ``` - - Alternatively, locally use the **gs\_postuninstall** tool to clear each openGauss node. - - ``` - ./gs_postuninstall -U omm -X /opt/software/openGauss/clusterconfig.xml --delete-user --delete-group -L - ``` - - **omm** is the name of the OS user who runs the openGauss, and the path of the openGauss configuration file is **/opt/software/openGauss/clusterconfig.xml**. - - If the cluster is installed in environment variable separation mode, delete the environment variable separation parameter **ENV** obtained by running the **source** command. - - unset MPPDB\_ENV\_SEPARATE\_PATH - -5. Delete the mutual trust between the users **root** on each openGauss database node. For details, see [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md). - -## Examples - -Clear the host environment. - -``` -gs_postuninstall -U omm -X /opt/software/openGauss/clusterconfig.xml --delete-user -Parsing the configuration file. -Successfully parsed the configuration file. -Check log file path. -Successfully checked log file path. -Checking unpreinstallation. -Successfully checked unpreinstallation. -Deleting Cgroup. -Successfully deleted Cgroup. -Deleting the instance's directory. -Successfully deleted the instance's directory. -Deleting the installation directory. -Successfully deleted the installation directory. -Deleting the temporary directory. -Successfully deleted the temporary directory. -Deleting remote OS user. -Successfully deleted remote OS user. -Deleting software packages and environmental variables of other nodes. -Successfully deleted software packages and environmental variables of other nodes. -Deleting logs of other nodes. -Successfully deleted logs of other nodes. -Deleting software packages and environmental variables of the local node. -Successfully deleted software packages and environmental variables of the local nodes. -Deleting local OS user. -Successfully deleted local OS user. -Deleting local node's logs. -Successfully deleted local node's logs. -Successfully cleaned environment. -``` - -## Troubleshooting - -If the configuration deletion fails, locate faults by following the log information provided in the _$GAUSSLOG_**/om/gs\_postuninstall-**_YYYY_**-**_MM_**-**_DD_**\_**_HHMMSS_**.log** file. - diff --git a/content/en/docs/installation/disabling-the-os-firewall.md b/content/en/docs/installation/disabling-the-os-firewall.md deleted file mode 100644 index 455724cb604961831c3804384d4e7e275f96610d..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/disabling-the-os-firewall.md +++ /dev/null @@ -1,97 +0,0 @@ -# Disabling the OS Firewall - -To ensure that the openGauss can work properly when the firewall is enabled, related services, protocols, IP addresses, and ports need to be added to the firewall whitelist of each host in the openGauss. - -Take openEuler OS as an example. Assume that the openGauss information is listed in [Table 1](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_table4312170510523). - -**Table 1** Information of openGauss - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Host Name

-

Internal IP Address

-

External IP Address

-

plat1

-

192.168.0.11

-

10.10.0.11

-

plat2

-

192.168.0.12

-

10.10.0.12

-

plat3

-

192.168.0.13

-

10.10.0.13

-

plat4

-

192.168.0.14

-

10.10.0.14

-

Management network

-

-

-

10.10.64.236

-
- -## Procedure - -Currently, EulerOS can be installed only when the firewall is disabled. - -1. Check whether the firewall is disabled. - - ``` - systemctl status firewalld - ``` - - If the firewall is not disabled, go to [2](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_li11887129193617). - - If the firewall is disabled, skip [2](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_li11887129193617). - -2. Disable the firewall. - - ``` - systemctl disable firewalld.service - systemctl stop firewalld.service - ``` - -3. Set the value of **SELINUX** in the **/etc/selinux/config** file to **disabled**. - 1. Run the **vim** command to open the **config** file. - - ``` - vim /etc/selinux/config - ``` - - 2. Set the value of **SELINUX** to **disabled**. - - ``` - SELINUX=disabled - ``` - -4. Restart the OS. - - ``` - reboot - ``` - -5. Repeat steps 1 to 3 on other hosts. - diff --git a/content/en/docs/installation/disabling-the-swap-memory.md b/content/en/docs/installation/disabling-the-swap-memory.md deleted file mode 100644 index aadc1ecbe585bdc55c097b06bd83b5626194aa3e..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/disabling-the-swap-memory.md +++ /dev/null @@ -1,8 +0,0 @@ -# Disabling the Swap Memory - -Run the **swapoff -a** command on each database node to disable the swap memory. - -``` -swapoff -a -``` - diff --git a/content/en/docs/installation/establishing-mutual-trust-manually.md b/content/en/docs/installation/establishing-mutual-trust-manually.md deleted file mode 100644 index 62546c1328b15df6dcca0b7a53b10d3b8dfb387b..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/establishing-mutual-trust-manually.md +++ /dev/null @@ -1,310 +0,0 @@ -# Establishing Mutual Trust Manually - -During the openGauss installation, you need to perform operations such as running commands and transferring files between hosts in openGauss. Establish mutual trust among the hosts before installing the cluster as a common user. During the execution of the pre-installation script, establish mutual trust between users **root**, then create a common user account, and finally establish mutual trust between common users. - ->![](public_sys-resources/icon-notice.gif) **NOTICE:** ->The mutual trust between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** after the installation is complete. - -## Prerequisites - -- The SSH service has been enabled. -- You have verified that SSH ports will not be disabled by firewalls. -- Each host name and IP address have been correctly configured in the XML file. -- Communication among all the hosts is normal. -- If the mutual trust is to be established for common users, the same user needs to be created and password set on each host. -- If the SELinux service is installed and has been started on each host, ensure that the security context of the **/root** directory is set to the default value **system\_u:object\_r:home\_root\_t:s0** and that of the **/home** directory is set to the default value **system\_u:object\_r:admin\_home\_t:s0**, or disable the SELinux service. - - To check the SELinux status, run the **getenforce** command. If the command output is **Enforcing**, SELinux is installed and has been enabled. - - To check the security contexts of the directories, run the following commands: - - ``` - ls -ldZ /root | awk '{print $4}' - ``` - - ``` - ls -ldZ /home | awk '{print $4}' - ``` - - To restore the security contexts of the directories, run the following commands: - - ``` - restorecon -r -vv /home/ - ``` - - ``` - restorecon -r -vv /root/ - ``` - - -## Establishing Mutual Trust Using a Script - -1. Create the file for executing the mutual trust script, and add the IP addresses of all the hosts in the openGauss to the file. - - ``` - plat1:/opt/software/hostfile> vim hostfile - 192.168.0.1 - 192.168.0.2 - 192.168.0.3 - ``` - -2. Execute the script as the user who needs to establish mutual trust with the hosts. -3. Execute the following script to establish mutual trust: - - ``` - plat1:/opt/software/openGauss/script# ./gs_sshexkey -f /opt/software/hostfile - ``` - - The **/opt/software/hostfile** file contains a list of the hosts. The list provides the IP addresses of all the hosts among which mutual trust needs to be established. - - -## Establishing Mutual Trust Manually - -If the passwords of user **root** on the hosts in the openGauss are different, the **gs\_preinstall** script cannot be used to establish mutual trust. In this case, manually establish mutual trust. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->The following files are generated during establishment of mutual trust: **authorized\_keys**, **id\_rsa**, **id\_rsa.pub**, and **known\_hosts**. Do not delete or corrupt the files. - -The procedure of manually establishing mutual trust is as follows \(**plat1**, **plat2**, and **plat3** are host names\): - -1. Generate a licensed file for user **root** on any host \(referred to as the local host\). Host **plat1** is used as an example. - 1. Generate a key. - - ``` - ssh-keygen -t rsa - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keygen -t rsa - Generating public/private rsa key pair. - Enter file in which to save the key (/root/.ssh/id_rsa): - Created directory '/root/.ssh'. - Enter passphrase (empty for no passphrase): - Enter same passphrase again: - Your identification has been saved in /root/.ssh/id_rsa. - Your public key has been saved in /root/.ssh/id_rsa.pub. - The key fingerprint is: - d5:35:46:33:27:22:09:f0:1e:12:a7:87:fa:33:3f:ab root@plat1 - The key's randomart image is: - +--[ RSA 2048]----+ - | o.o.....O .| - | * .o + * | - | + + . . | - | . + o | - | . S | - | . | - | + | - | +. | - | E.oo | - +-----------------+ - ``` - - 2. Generate the licensed file. - - ``` - cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys - ``` - - The following is an example: - - ``` - plat1:~ # cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys - ``` - -2. Obtain the public keys of all the hosts among which mutual trust needs to be established, and write the public keys into the **known\_hosts** file on the local host. This step needs to be performed on the host where Step 1 is performed. You need to obtain the public keys of the **plat1**, **plat2**, and **plat3** hosts. - 1. Obtain the public key of host **plat1**, and write the public key into the **known\_hosts** file on the local host. - - ``` - ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts - # plat1 SSH-2.0-OpenSSH_5.1 - ``` - - 2. Obtain the public key of host **plat2**, and write the public key into the **known\_hosts** file on the local host. - - ``` - ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts - # plat2 SSH-2.0-OpenSSH_5.1 - ``` - - 3. Obtain the public key of host **plat3**, and write the public key into the **known\_hosts** file on the local host. - - ``` - ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts - ``` - - The following is an example: - - ``` - plat1:~ # ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts - # plat3 SSH-2.0-OpenSSH_5.1 - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- After being accepted, the public key of a remote host will be saved in the **$HOME/.ssh/known\_hosts** file on the local host. When connecting to the remote host next time, the system can recognize that the public key of the remote host has been saved on the local host and then skip alarms. - >- If the **known\_hosts** file is deleted from the local host, the mutual trust between the local and remote hosts remains valid, but alarms will be reported. To prevent such alarms, set the **StrictHostKeyChecking** parameter in the **/etc/ssh/ssh\_config** file to **no**. - - -3. Send the **known\_hosts** file to all the other hosts except the local host. In this example, send the **known\_hosts** file on host **plat1** to hosts **plat2** and **plat3**. - - 1. Send the **known\_hosts** file to host **plat2**. When **Password:** is displayed, enter the password for logging in to host **plat2**. - - ``` - scp -r ~/.ssh plat2:~ - ``` - - The following is an example: - - ``` - plat1:~ # scp -r ~/.ssh plat2:~ - Password: - authorized_keys 100% 796 0.8KB/s 00:00 - id_rsa 100% 1675 1.6KB/s 00:00 - id_rsa.pub 100% 398 0.4KB/s 00:00 - known_hosts 100% 1089 1.1KB/s 00:00 - ``` - - 2. Send the **known\_hosts** file to host **plat3**. When **Password:** is displayed, enter the password for logging in to host **plat3**. - - ``` - scp -r ~/.ssh plat3:~ - ``` - - The following is an example: - - ``` - plat1:~ # scp -r ~/.ssh plat3:~ - Password: - authorized_keys 100% 796 0.8KB/s 00:00 - id_rsa 100% 1675 1.6KB/s 00:00 - id_rsa.pub 100% 398 0.4KB/s 00:00 - known_hosts 100% 1089 1.1KB/s 00:00 - ``` - -4. Run the **ssh **_Host name_ command to check whether mutual trust has been successfully established. Then, enter **exit**. - - ``` - plat1:~ # ssh plat2 - Last login: Sat Jun 20 14:01:07 2020 - plat2:~ # exit - logout - Connection to plat2 closed. - plat1:~ # - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >If there are more than three hosts, the procedure of manually establishing mutual trust between the hosts is similar to the one in this section. Assume that the host names are **plat1**, **plat2**, **plat3**, ... Firstly, generate a licensed file for user **root** on host **plat1** \(referred to as the local host\). Secondly, obtain the public keys of all the hosts \(**plat1**, **plat2**, **plat3**, ...\) between which mutual trust needs to be established, and write the public keys to the **known\_hosts** file on the local host. Thirdly, send the file from the local host to all the other hosts \(**plat2**, **plat3**, ...\). Finally, verify that mutual trust has been successfully established. - - -## Deleting Mutual Trust Between Users **root** - -The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. - -1. Delete the mutual trust file **/root/.ssh** from each openGauss database node. - - rm –rf \~/.ssh - -2. Check whether the mutual trust is successfully deleted. If the host names cannot be reached from each other through SSH and a mutual trust failure message is displayed, the mutual trust is successfully deleted. - - plat1:\~ \# ssh plat2 - - he authenticity of host ' plssat2 \(plat2\)' can't be established. - - ECDSA key fingerprint is SHA256:Q4DPRedFytsjsJSKf4l2lHKuzVw4prq3bIUCNVKIa7M. - - ECDSA key fingerprint is MD5:e2:77:6c:aa:4c:43:5f:f2:c4:58:ec:d5:53:de:7c:fc. - - Are you sure you want to continue connecting \(yes/no\)? - - -## Examples - -The following is an example describing how to establish mutual trust between users **root**: - -``` -plat1:~ # gs_sshexkey -f /opt/software/hostfile -W Gauss_234 -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -``` - -The following is an example describing how to establish mutual trust between common users: - -``` -gaussdb@plat1:~ > gs_sshexkey -f /opt/software/hostfile -W Gauss_234 -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Successfully created the local key files. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -``` - -The following is an example describing how to establish mutual trust in security mode. This mode is recommended. Users need to manually enter their passwords as prompted. - -``` -plat1:~ # gs_sshexkey -f /opt/software/hostfile -Please enter password for current user[root]. -Password: -Checking network information. -All nodes in the network are Normal. -Successfully checked network information. -Creating SSH trust. -Creating the local key file. -Appending local ID to authorized_keys. -Successfully appended local ID to authorized_keys. -Updating the known_hosts file. -Successfully updated the known_hosts file. -Appending authorized_key on the remote node. -Successfully appended authorized_key on all remote node. -Checking common authentication file content. -Successfully checked common authentication content. -Distributing SSH trust file to all node. -Successfully distributed SSH trust file to all node. -Verifying SSH trust on all hosts. -Successfully verified SSH trust on all hosts. -Successfully created SSH trust. -``` - diff --git a/content/en/docs/installation/examples.md b/content/en/docs/installation/examples.md deleted file mode 100644 index bfb2aaec46fb94a0dada5ea3e8434b491380a5ae..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/examples.md +++ /dev/null @@ -1,7 +0,0 @@ -# Examples - -- **[Configuration File for Single-Instance Deployment](configuration-file-for-single-instance-deployment.md)** - -- **[Configuration File for Primary/Secondary Deployment](configuration-file-for-primary-secondary-deployment.md)** - - diff --git a/content/en/docs/installation/executing-installation.md b/content/en/docs/installation/executing-installation.md index 7f7bfb3eccc487769c69398471cf149e31a304b8..60e037c70e1f79e7cab57f47b6e67fe61ed58a78 100644 --- a/content/en/docs/installation/executing-installation.md +++ b/content/en/docs/installation/executing-installation.md @@ -1,61 +1,61 @@ -# Executing Installation - -After the openGauss installation environment is prepared by executing the pre-installation script, deploy openGauss based on the installation process. - -## Prerequisites - -- You have successfully executed the **gs\_preinstall** script. that is, you have completed operations described in [Creating the Required User Account and Configuring the Installation Environment](creating-the-required-user-account-and-configuring-the-installation-environment.md). -- All the server OSs and networks are functioning properly. -- You have checked that the **locale** parameter for each server is set to the same value. For detailed operations, see [Configuring the Locale and Character Set](configuring-the-locale-and-character-set.md). - -## Procedure - -1. Check whether the installation package and openGauss configuration file exist in the planned path. If they do not exist, perform the preinstallation again to ensure that the preinstallation is successful, and then perform the following steps. -2. Log in to any host of the openGauss and switch to the **omm** user. - - ``` - su - omm - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >- **omm** indicates the user specified by the **-U** parameter in the **gs\_preinstall** script. - >- You need to execute the **gs\_install** script as user **omm** specified in the **gs\_preinstall** script. Otherwise, an execution error will be reported. - -3. Use **gs\_install** to install the openGauss. If the cluster is installed in environment variable separation mode, run the **source** command to obtain the environment variable separation file **ENVFILE**. - - ``` - gs_install -X /opt/software/openGauss/script/clusterconfig.xml - ``` - - /opt/software/openGauss/script/clusterconfig.xml is the path of the openGauss configuration file. During the execution, you need to enter the database password as prompted. The password must meet complexity requirements. To ensure that you can use the database properly, remember the entered database password. - - The password must meet the following complexity requirements: - - - Contain at least eight characters. - - Cannot be the same as the username, the current password \(ALTER\), or the current password in an inverted sequence. - - Contain at least three of the following: uppercase characters \(A to Z\), lowercase characters \(a to z\), digits \(0 to 9\), and other characters \(limited to \~!@\#$%^&\*\(\)-\_=+\\|\[\{\}\];:,<.\>/?\). - - The SSL certificate is generated during the installation. The certificate is stored in _\{gaussdbAppPath\}_**/share/sslcert/om**, where _\{gaussdbAppPath\}_ is the program installation directory specified in the openGauss configuration file of the cluster. - - Two files are generated under the log file path: **gs\_install-YYYY-MMDD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log**. - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >When you manually execute the **gs\_install** script, the script does not automatically start the openGauss after the configuration completes if **--autostart** is **no**. You can run the **gs\_om -t start** command to manually start it. - -4. After the installation is successful, manually delete the trust between users **root** on the host, that is, delete the mutual trust file on each openGauss database node. - - ``` - rm –rf ~/.ssh - ``` - - -## Directories Generated After the Installation - -[Table 1](#en-us_topic_0241805806_en-us_topic_0085434626_en-us_topic_0059782015_tdcb4fb0f38a6419099ee2c47d4d0b37f) describes the directories generated after the installation and the files in the directories. - -**Table 1** Directories generated after the installation - - +# Executing Installation + +After the openGauss installation environment is prepared by executing the pre-installation script, deploy openGauss based on the installation process. + +## Prerequisites + +- You have successfully executed the **gs\_preinstall** script. that is, you have completed operations described in [Creating the Required User Account and Configuring the Installation Environment](creating-the-required-user-account-and-configuring-the-installation-environment.md). +- All the server OSs and networks are functioning properly. +- You have checked that the **locale** parameter for each server is set to the same value. For detailed operations, see [Configuring the Locale and Character Set](en-us_topic_0249784576.md). + +## Procedure + +1. Check whether the installation package and openGauss configuration file exist in the planned path. If they do not exist, perform the preinstallation again to ensure that the preinstallation is successful, and then perform the following steps. +2. Log in to any host of the openGauss and switch to the **omm** user. + + ``` + su - omm + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- **omm** indicates the user specified by the **-U** parameter in the **gs\_preinstall** script. + >- You need to execute the **gs\_install** script as user **omm** specified in the **gs\_preinstall** script. Otherwise, an execution error will be reported. + +3. Use **gs\_install** to install the openGauss. If the cluster is installed in environment variable separation mode, run the **source** command to obtain the environment variable separation file **ENVFILE**. + + ``` + gs_install -X /opt/software/openGauss/script/clusterconfig.xml + ``` + + /opt/software/openGauss/script/clusterconfig.xml is the path of the openGauss configuration file. During the execution, you need to enter the database password as prompted. The password must meet complexity requirements. To ensure that you can use the database properly, remember the entered database password. + + The password must meet the following complexity requirements: + + - Contain at least eight characters. + - Cannot be the same as the username, the current password \(ALTER\), or the current password in an inverted sequence. + - Contain at least three of the following: uppercase characters \(A to Z\), lowercase characters \(a to z\), digits \(0 to 9\), and other characters \(limited to \~!@\#$%^&\*\(\)-\_=+\\|\[\{\}\];:,<.\>/?\). + + The SSL certificate is generated during the installation. The certificate is stored in _\{gaussdbAppPath\}_**/share/sslcert/om**, where _\{gaussdbAppPath\}_ is the program installation directory specified in the openGauss configuration file of the cluster. + + Two files are generated under the log file path: **gs\_install-YYYY-MMDD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log**. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >When you manually execute the **gs\_install** script, the script does not automatically start the openGauss after the configuration completes if **--autostart** is **no**. You can run the **gs\_om -t start** command to manually start it. + +4. After the installation is successful, manually delete the trust between users **root** on the host, that is, delete the mutual trust file on each openGauss database node. + + ``` + rm –rf ~/.ssh + ``` + + +## Directories Generated After the Installation + +[Table 1](#en-us_topic_0241805806_en-us_topic_0085434626_en-us_topic_0059782015_tdcb4fb0f38a6419099ee2c47d4d0b37f) describes the directories generated after the installation and the files in the directories. + +**Table 1** Directories generated after the installation + + - + + + -

No.

Directory Description

@@ -149,60 +149,64 @@ After the openGauss installation environment is prepared by executing the pre-in

/opt/opengauss/tool

script

+

script

Stores script files for openGauss users to manage openGauss.

sudo

+

Stores script files for user root to manage openGauss.

+

lib

Stores the library files that the binaries in the bin directory depend on.
- - -## Examples - -Execute the installation. - -``` -omm@plat1:~> gs_install -X /opt/software/openGauss/script/clusterconfig.xml -Parsing the configuration file. -Check preinstall on every node. -Successfully checked preinstall on every node. -Creating the backup directory. -Successfully created the backup directory. -begin deploy.. -Installing the cluster. -begin prepare Install Cluster.. -Checking the installation environment on all nodes. -begin install Cluster.. -Installing applications on all nodes. -Successfully installed APP. -begin init Instance.. -encrypt ciper and rand files for database. -Please enter password for database: -Please repeat for database: -begin to create CA cert files -The sslcert will be generated in /opt/gaussdb/cluster/app/share/sslcert/om -Cluster installation is completed. -Configuring. -Deleting instances from all nodes. -Successfully deleted instances from all nodes. -Checking node configuration on all nodes. -Initializing instances on all nodes. -Updating instance configuration on all nodes. -Check consistence of memCheck and coresCheck on DN nodes. -Successful check consistence of memCheck and coresCheck on all nodes. -Configuring pg_hba on all nodes. -Configuration is completed. -Successfully started cluster. -Successfully installed application. -``` - -## Troubleshooting - -If the installation fails, troubleshoot the problem based on logs in the **gs\_install-YYYY-MM-DD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log** files in the openGauss log directory. - +
+ +## Examples + +Execute the installation. + +``` +omm@plat1:~> gs_install -X /opt/software/openGauss/script/clusterconfig.xml +Parsing the configuration file. +Check preinstall on every node. +Successfully checked preinstall on every node. +Creating the backup directory. +Successfully created the backup directory. +begin deploy.. +Installing the cluster. +begin prepare Install Cluster.. +Checking the installation environment on all nodes. +begin install Cluster.. +Installing applications on all nodes. +Successfully installed APP. +begin init Instance.. +encrypt ciper and rand files for database. +Please enter password for database: +Please repeat for database: +begin to create CA cert files +The sslcert will be generated in /opt/gaussdb/cluster/app/share/sslcert/om +Cluster installation is completed. +Configuring. +Deleting instances from all nodes. +Successfully deleted instances from all nodes. +Checking node configuration on all nodes. +Initializing instances on all nodes. +Updating instance configuration on all nodes. +Check consistence of memCheck and coresCheck on DN nodes. +Successful check consistence of memCheck and coresCheck on all nodes. +Configuring pg_hba on all nodes. +Configuration is completed. +Successfully started cluster. +Successfully installed application. +``` + +## Troubleshooting + +If the installation fails, troubleshoot the problem based on logs in the **gs\_install-YYYY-MM-DD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log** files in the openGauss log directory. + diff --git a/content/en/docs/installation/executing-uninstallation.md b/content/en/docs/installation/executing-uninstallation.md deleted file mode 100644 index 4f0e09a3f05bc730eb0bd2ea666ccc8eda95c955..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/executing-uninstallation.md +++ /dev/null @@ -1,54 +0,0 @@ -# Executing Uninstallation - -The openGauss provides an uninstallation script to help users uninstall the openGauss. - -## Procedure - -1. Log in as the OS user **omm** to the primary node of the database. -2. Execute the **gs\_uninstall** script to uninstall the openGauss. - - ``` - gs_uninstall --delete-data - ``` - - Alternatively, locally uninstall each node of the openGauss. - - ``` - gs_uninstall --delete-data -L - ``` - - -## Examples - -Execute the **gs\_uninstall** script to uninstall the openGauss. - -``` -gs_uninstall --delete-data -Checking uninstallation. -Successfully checked uninstallation. -Stopping the cluster. -Successfully stopped the cluster. -Successfully deleted instances. -Uninstalling application. -Successfully uninstalled application. -Uninstallation succeeded. -``` - -Execute the **gs\_uninstall** script to perform single-node uninstallation. - -``` -gs_uninstall --delete-data -Checking uninstallation. -Successfully checked uninstallation. -Stopping the cluster. -Successfully stopped the cluster. -Successfully deleted instances. -Uninstalling application. -Successfully uninstalled application. -Uninstallation succeeded. -``` - -## Troubleshooting - -If the uninstallation fails, locate faults by following the log information provided in the _$GAUSSLOG_**/om/gs\_uninstall-**_YYYY_**-**_MM_**-**_DD_**\_**_HHMMSS_**.log** file. - diff --git a/content/en/docs/installation/initial-configuration.md b/content/en/docs/installation/initial-configuration.md deleted file mode 100644 index 436aa51eab8371f48e94c11c6030781ff5a72011..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/initial-configuration.md +++ /dev/null @@ -1,7 +0,0 @@ -# Initial Configuration - -After the installation is complete, you can configure GUC parameters, locale, and character sets to ensure that the openGauss running is stable. - -- **[Configuring the Locale and Character Set](configuring-the-locale-and-character-set.md)** -This section details two important parameters **locale** and **character set** which are controlled by specifying related initialization GUC parameters during installation. - diff --git a/content/en/docs/Quickstart/initializing-the-database.md b/content/en/docs/installation/initializing-the-database.md similarity index 78% rename from content/en/docs/Quickstart/initializing-the-database.md rename to content/en/docs/installation/initializing-the-database.md index 4cae0abc256d7f3eabe7e502627e05582684046d..78a7addcee212c9bd9b0d59b25d79bc45554ce29 100644 --- a/content/en/docs/Quickstart/initializing-the-database.md +++ b/content/en/docs/installation/initializing-the-database.md @@ -1,4 +1,4 @@ -# Initializing the Database +# Initializing the Database Use SQL to create a database. diff --git a/content/en/docs/installation/initializing-the-installation-environment.md b/content/en/docs/installation/initializing-the-installation-environment.md index cda831d0672bfa28ad641fe77cbf7d82236d8299..45fe88613cd0ac22ed923c94ca506b855dcd7209 100644 --- a/content/en/docs/installation/initializing-the-installation-environment.md +++ b/content/en/docs/installation/initializing-the-installation-environment.md @@ -1,11 +1,1193 @@ -# Initializing the Installation Environment - -To ensure the correct installation of the openGauss, you need to configure the host environment first. - -- **[Creating the Required User Account and Configuring the Installation Environment](creating-the-required-user-account-and-configuring-the-installation-environment.md)** -After the openGauss configuration file is created, you need to run the **gs\_preinstall** script to prepare the account and environment so that you can perform openGauss installation and management operations with the minimum permission, ensuring system security. -- **[Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md)** -During the openGauss installation, you need to perform operations such as running commands and transferring files between hosts in openGauss. Establish mutual trust among the hosts before installing the cluster as a common user. During the execution of the pre-installation script, establish mutual trust between users **root**, then create a common user account, and finally establish mutual trust between common users. -- **[Configuring OS Parameters](configuring-os-parameters.md)** -openGauss requires that the OS parameters on every host be set to specified values to ensure system running performance. - +# Initializing the Installation Environment + +To ensure the correct installation of the openGauss, you need to configure the host environment first. + + + +- [Creating the Required User Account and Configuring the Installation Environment](#creating-the-required-user-account-and-configuring-the-installation-environmenta-nameen-us_topic_0249784578a) + - [Prerequisites](#prerequisitesa-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_s3773af79eeb74c4bae1bd46533cc0cd8a) + - [Precautions](#precautionsa-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_section20734484163420a) + - [Procedure](#procedurea-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_s407f29ab5691456590018c719cf81e9da) + - [Examples](#examplesa-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_section412490911620a) + - [Troubleshooting](#troubleshootinga-nameen-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_s51853c2b09e54b12a90e4f8c512a61e4a) +- [Establishing Mutual Trust Manually](#establishing-mutual-trust-manuallya-nameen-us_topic_0249784564a) + - [Prerequisites](#prerequisitesa-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_s88bba380d9334b129eab3023c5399d45a) + - [Establishing Mutual Trust Using a Script](#establishing-mutual-trust-using-a-scripta-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_s8028dd8189914444b059c07d8c8c82dea) + - [Establishing Mutual Trust Manually](#establishing-mutual-trust-manuallya-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_section63620881152125a) + - [Deleting Mutual Trust Between Users **root** ](#deleting-mutual-trust-between-users--root-a-namesection149417461942a) + - [Examples](#examplesa-nameen-us_topic_0241805804_en-us_topic_0085434625_en-us_topic_0059782039_s9928a16b5b7347edbdb587133575483ea) +- [Configuring OS Parameters](#configuring-os-parametersa-nameen-us_topic_0249784554a) + - [OS Parameters](#os-parametersa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section3705271819540a) + - [File System Parameters](#file-system-parametersa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section4118580316369a) + - [Setting the transparent\_hugepage Service](#setting-the-transparent\_hugepage-servicea-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section38366550113020a) + - [Setting File Handles](#setting-file-handlesa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section49556455195442a) + - [Setting the Maximum Number of Allowed Processes](#setting-the-maximum-number-of-allowed-processesa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section65253147151525a) + - [Setting NIC Parameters](#setting-nic-parametersa-nameen-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section6007556195457a) + + + +## Creating the Required User Account and Configuring the Installation Environment + +After the clusteropenGauss configuration file is created, you need to run the **gs\_preinstall** script to prepare the account and environment so that you can perform clusteropenGauss installation and management operations with the minimum permission, ensuring system security. + +Executing the **gs\_preinstall** script enables the system to automatically complete the following installation preparations: + +- Sets kernel parameters for the SUSE Linux OS to improve server load performance. The kernel parameters directly affect database running status. Reconfigure them only when necessary. For details about the Linux OS kernel parameter settings in openGauss, see [Configuring OS Parameters](configuring-os-parameters.md). +- Automatically copies the clusteropenGauss configuration files and installation packages to the same directory on each clusteropenGauss host. +- If the installation user and user group of the clusteropenGauss do not exist, the system automatically creates them. +- Reads the directory information in the clusteropenGauss configuration file, creates the directory, and grants the directory permission to the installation user. + +### Prerequisites + +- You have completed all the tasks described in [Preparing for Installation](preparing-for-installation.md). + +### Precautions + +- You must check the upper-layer directory permissions to ensure that the user has the read, write, and execution permissions on the installation package and configuration file directory. +- The mapping between each host name and IP address in the XML configuration file must be correct. +- Only user **root** is authorized to run the **gs\_preinstall** command. + +### Procedure + +1. Log in to any host where the clusteropenGauss is to be installed as user **root** and create a directory for storing the installation package as planned. + + ``` + mkdir -p /opt/software/openGauss + chmod 755 -R /opt/software + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- Do not create the directory in the home directory or subdirectory of any openGauss user because you may lack permissions for such directories. + >- The clusteropenGauss user must have the read and write permissions on the **/opt/software/openGauss** directory. + +2. The release package is used as an example. Upload the installation package **openGauss\_x.x.x\_PACKAGES\_RELEASE.tar.gz** and the configuration file **clusterconfig.xml** to the directory created in the previous step. +3. Go to the directory for storing the uploaded software package and decompress the package. + + ``` + cd /opt/software/openGauss + tar -zxvf openGauss_x.x.x_PACKAGES_RELEASE.tar.gz + ``` + + [Table 1](#en-us_topic_0241805803_en-us_topic_0085434653_en-us_topic_0059781995_te4a9d557337c400c85acff184476a722) describes the contents of the decompressed software package. + + **Table 1** Description about the installation package + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Package Name

+

Description

+

openGauss-x.x.x-openEULER-64bit-ClientTools.tar.gz

+

Used to install the client in the SUSE Linux OS. This software package contains the gsql, dump restore tool, ODBC driver, JDBC driver, and Libpq library.

+

openGauss-x.x.x-openEULER-64bit-Jdbc.tar.gz

+

Used to install the JDBC driver in the SUSE Linux OS.

+

openGauss-x.x.x-openEULER-64bit-Libpq.tar.gz

+

Used to install the libpq library in the SUSE Linux OS.

+

openGauss-x.x.x-openEULER-64bit-Odbc.tar.gz

+

Used to install the ODBC driver in the SUSE Linux OS.

+

openGauss-x.x.x-openEULER-64bit-symbol.tar.gz

+

Provides the support file for debugging and locating database problems.

+

openGauss-x.x.x-openEULER-64bit.tar.gz

+

Used to install the database management system. This software package is the one used for database installation in this document.

+

openGauss-x.x.x-Sslcert.tar.gz

+

Certificate used for client-side server authentication.

+

openGauss-x.x.x-Inspection.tar.gz

+

Used to check the health status of the database.

+
+ +4. Decompress the **openGauss-_x.x.x_-openEULER-64bit.tar.gz** package. + + ``` + tar -zxvf openGauss-x.x.x-openEULER-64bit.tar.gz + ``` + + After the installation package is decompressed, the **script** subdirectory is automatically generated in **/opt/software/openGauss**. OM tool scripts such as **gs\_preinstall** are generated in the **script** subdirectory. + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- When you execute the **gs\_preinstall** script, plan the directory for storing the clusteropenGauss configuration file, directory for storing software packages, installation directories of programs, and directories of instance data. Common users cannot change the directories after the directories are specified. + >- When you execute the **gs\_preinstall** script to prepare the installation environment, the script automatically copies the clusteropenGauss configuration file and decompressed installation package to the same directory on other servers. + >- Before executing **gs\_preinstall** and establishing mutual trust, check whether the **/etc/profile** file contains error information. If it does, manually rectify the error. + +5. Go to the directory for storing tool scripts. + + ``` + cd /opt/software/openGauss/script + ``` + +6. If the openEuler operating system is used, run the following command to open the **performance.sh** file, comment out **sysctl -w vm.min\_free\_kbytes=112640 &\> /dev/null** using the number sign \(\#\), press **Esc** to enter the command mode, and run the **:wq** command to save the modification and exit. + + ``` + vi /etc/profile.d/performance.sh + ``` + +7. To ensure that the OpenSSL version is correct, load the **lib** library in the installation package before preinstallation. Run the following command. **\{packagePath\}** indicates the path where the installation package is stored. In this example, the path is **/opt/software/openGauss**. + + ``` + export LD_LIBRARY_PATH={packagePath}/script/gspylib/clib:$LD_LIBRARY_PATH + ``` + +8. To ensure successful installation, check whether the values of **hostname** and **/etc/hostname** are the same. During preinstallation, the host name is checked. +9. Execute **gs\_preinstall** to configure the installation environment. If the shared environment is used, add the **--sep-env-file=ENVFILE** parameter to separate environment variables to avoid mutual impact with other users. The environment variable separation file path is specified by users. + - Execute **gs\_preinstall** in interactive mode. During the execution, the mutual trust between users **root** and between clusteropenGauss users is automatically established. + + ``` + ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml + ``` + + **omm** is the database administrator \(also the OS user running the clusteropenGauss\), **dbgrp** is the group name of the OS user running the clusteropenGauss, and **/opt/software/GaussDB\_KernelopenGauss/clusterconfig.xml** is the path of the clusteropenGauss configuration file. During the execution, you need to determine whether to establish mutual trust as prompted and enter the password of user **root** or the clusteropenGauss user. + + - If the mutual trust between users **root** cannot be created, create the **omm** user, perform local preinstallation on each host, and manually create the mutual trust between openGauss users. If the **-L** parameter is specified during preinstallation, manually write the mapping between the host names and IP addresses of all nodes to the **/etc/hosts** file of each host before preinstallation, add **\#Gauss OM IP Hosts Mapping** to the end of each mapping. + 1. Run the following command to configure the installation environment: + + ``` + cd /opt/software/openGauss/script + ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >You need to run this command on each host. + + + - Execute **gs\_preinstall** in non-interactive mode. + 1. Manually establish mutual trust between users **root** and between clusteropenGauss users by following the instructions provided in [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md). + 2. Run the following command to configure the installation environment: + + ``` + cd /opt/software/openGauss/script + ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- In this mode, ensure that mutual trust has been established between the root users of all nodes and between the openGauss users of the cluster before performing.In this mode, ensure that mutual trust has been established between users **root** and between clusteropenGauss users on each node before executing **gs\_preinstall**. + >- The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. + + + + +### Examples + +Execute the **gs\_preinstall** script. + +``` +plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml +Parsing the configuration file. +Successfully parsed the configuration file. +Installing the tools on the local node. +Successfully installed the tools on the local node. +Are you sure you want to create trust for root (yes/no)? yes +Please enter password for root. +Password: +Creating SSH trust for the root permission user. +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +Successfully created SSH trust for the root permission user. +Setting pssh path +Successfully set core path. +Distributing package. +Begin to distribute package to tool path. +Successfully distribute package to tool path. +Begin to distribute package to package path. +Successfully distribute package to package path. +Successfully distributed package. +Are you sure you want to create the user[omm] and create trust for it (yes/no)? yes +Please enter password for cluster user. +Password: +Please enter password for cluster user again. +Password: +Successfully created [omm] user on all nodes. +Preparing SSH service. +Successfully prepared SSH service. +Installing the tools in the cluster. +Successfully installed the tools in the cluster. +Checking hostname mapping. +Successfully checked hostname mapping. +Creating SSH trust for [omm] user. +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +Successfully created SSH trust for [omm] user. +Checking OS software. +Successfully check os software. +Checking OS version. +Successfully checked OS version. +Creating cluster's path. +Successfully created cluster's path. +Setting SCTP service. +Successfully set SCTP service. +Set and check OS parameter. +Setting OS parameters. +Successfully set OS parameters. +Preparing CRON service. +Successfully prepared CRON service. +Setting user environmental variables. +Successfully set user environmental variables. +Setting the dynamic link library. +Successfully set the dynamic link library. +Setting Core file +Successfully set core path. +Setting pssh path +Successfully set pssh path. +Set ARM Optimization. +No need to set ARM Optimization. +Fixing server package owner. +Setting finish flag. +Successfully set finish flag. +Preinstallation succeeded. +S +``` + +If the passwords of user **root** on the hosts in the cluster are different and cannot be changed to the same one, execute the **gs\_preinstall** script in local installation mode. + +``` +plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -L -X /opt/software/openGauss/clusterconfig.xml +Parsing the configuration file. +Successfully parsed the configuration file. +Installing the tools on the local node. +Successfully installed the tools on the local node. +Checking OS version. +Successfully checked OS version. +Creating cluster's path. +Successfully created cluster's path. +Setting SCTP service. +Successfully set SCTP service. +Set and check OS parameter. +Setting OS parameters. +Successfully set OS parameters. +Warning: Installation environment contains some warning messages. +Please get more details by "/home/package/r8c00/script/gs_checkos -i A -h SIA1000068990". +Set and check OS parameter completed. +Preparing CRON service. +Successfully prepared CRON service. +Preparing SSH service. +Successfully prepared SSH service. +Setting user environmental variables. +Successfully set user environmental variables. +Configuring alarms on the cluster nodes. +Successfully configured alarms on the cluster nodes. +Setting the dynamic link library. +Successfully set the dynamic link library. +Setting Cgroup. +Successfully set Cgroup. +Setting finish flag. +Successfully set finish flag. +Preinstallation succeeded. +``` + +Execute **gs\_preinstall** in non-interactive mode. + +``` +plat1:/opt/software/openGauss/script # ./gs_preinstall -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml --non-interactive +Parsing the configuration file. +Successfully parsed the configuration file. +Installing the tools on the local node. +Successfully installed the tools on the local node. +Distributing package. +Begin to distribute package to tool path. +Successfully distribute package to tool path. +Begin to distribute package to package path. +Successfully distribute package to package path. +Successfully distributed package. +Installing the tools in the cluster. +Successfully installed the tools in the cluster. +Checking hostname mapping. +Successfully checked hostname mapping. +Checking OS version. +Successfully checked OS version. +Creating cluster's path. +Successfully created cluster's path. +Setting SCTP service. +Successfully set SCTP service. +Set and check OS parameter. +Setting OS parameters. +Successfully set OS parameters. +Set and check OS parameter completed. +Preparing CRON service. +Successfully prepared CRON service. +Preparing SSH service. +Successfully prepared SSH service. +Setting user environmental variables. +Successfully set user environmental variables. +Configuring alarms on the cluster nodes. +Successfully configured alarms on the cluster nodes. +Setting the dynamic link library. +Successfully set the dynamic link library. +Setting Cgroup. +Successfully set Cgroup. +Set ARM Optimization. +Successfully set ARM Optimization. +Setting finish flag. +Successfully set finish flag. +Preinstallation succeeded. +``` + +### Troubleshooting + +If configuring the installation environment fails, obtain the **gs\_preinstall-YYYY-MM-DD\_HHMMSS.log** and **gs\_local-YYYY-MM-DD\_HHMMSS.log** files from the **$GAUSSLOG/om** directory for storing clusteropenGauss logs. Then, locate the problem based on the log information. For example, if the path specified by the **gaussdbLogPath** parameter in the configuration file is **/var/log/gaussdb**, the **$GAUSSLOG/om** path is **/var/log/gaussdb/omm/om**, and the **omm** user is the user running clusteropenGauss. + +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>While the installation user and environment is prepared, user **root** is used to add scheduled tasks for routine inspection and reporting. + +## Establishing Mutual Trust Manually + +During the openGauss installation, you need to perform operations such as running commands and transferring files between hosts in openGauss. Establish mutual trust among the hosts before installing the cluster as a common user. During the execution of the pre-installation script, establish mutual trust between users **root**, then create a common user account, and finally establish mutual trust between common users. + +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>The mutual trust between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** after the installation is complete. + +### Prerequisites + +- The SSH service has been enabled. +- You have verified that SSH ports will not be disabled by firewalls. +- Each host name and IP address have been correctly configured in the XML file. +- Communication among all the hosts is normal. +- If the mutual trust is to be established for common users, the same user needs to be created and password set on each host. +- If the SELinux service is installed and has been started on each host, ensure that the security context of the **/root** directory is set to the default value **system\_u:object\_r:home\_root\_t:s0** and that of the **/home** directory is set to the default value **system\_u:object\_r:admin\_home\_t:s0**, or disable the SELinux service. + + To check the SELinux status, run the **getenforce** command. If the command output is **Enforcing**, SELinux is installed and has been enabled. + + To check the security contexts of the directories, run the following commands: + + ``` + ls -ldZ /root | awk '{print $4}' + ``` + + ``` + ls -ldZ /home | awk '{print $4}' + ``` + + To restore the security contexts of the directories, run the following commands: + + ``` + restorecon -r -vv /home/ + ``` + + ``` + restorecon -r -vv /root/ + ``` + + +### Establishing Mutual Trust Using a Script + +1. Create the file for executing the mutual trust script, and add the IP addresses of all the hosts in the openGauss to the file. + + ``` + plat1:/opt/software/openGauss> vim hostfile + 192.168.0.1 + 192.168.0.2 + 192.168.0.3 + ``` + +2. Execute the script as the user who needs to establish mutual trust with the hosts. +3. Execute the following script to establish mutual trust: + + ``` + plat1:/opt/software/openGauss/script# gs_sshexkey -f /opt/software/hostfile + ``` + + The **/opt/software/hostfile** file contains a list of the hosts. The list provides the IP addresses of all the hosts among which mutual trust needs to be established. + + +### Establishing Mutual Trust Manually + +If the passwords of user **root** on the hosts in the openGauss are different, the **gs\_preinstall** script cannot be used to establish mutual trust. In this case, manually establish mutual trust. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>The following files are generated during establishment of mutual trust: **authorized\_keys**, **id\_rsa**, **id\_rsa.pub**, and **known\_hosts**. Do not delete or corrupt the files. + +The procedure of manually establishing mutual trust is as follows \(**plat1**, **plat2**, and **plat3** are host names\): + +1. Generate a licensed file for user **root** on any host \(referred to as the local host\). Host **plat1** is used as an example. + 1. Generate a key. + + ``` + ssh-keygen -t rsa + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keygen -t rsa + Generating public/private rsa key pair. + Enter file in which to save the key (/root/.ssh/id_rsa): + Created directory '/root/.ssh'. + Enter passphrase (empty for no passphrase): + Enter same passphrase again: + Your identification has been saved in /root/.ssh/id_rsa. + Your public key has been saved in /root/.ssh/id_rsa.pub. + The key fingerprint is: + d5:35:46:33:27:22:09:f0:1e:12:a7:87:fa:33:3f:ab root@plat1 + The key's randomart image is: + +--[ RSA 2048]----+ + | o.o.....O .| + | * .o + * | + | + + . . | + | . + o | + | . S | + | . | + | + | + | +. | + | E.oo | + +-----------------+ + ``` + + 2. Generate the licensed file. + + ``` + cat .ssh/id_rsa.pub >> .ssh/authorized_keys + ``` + + The following is an example: + + ``` + plat1:~ # cat .ssh/id_rsa.pub >> .ssh/authorized_keys + ``` + +2. Obtain the public keys of all the hosts among which mutual trust needs to be established, and write the public keys into the **known\_hosts** file on the local host. This step needs to be performed on the host where Step 1 is performed. You need to obtain the public keys of the **plat1**, **plat2**, and **plat3** hosts. + 1. Obtain the public key of host **plat1**, and write the public key into the **known\_hosts** file on the local host. + + ``` + ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keyscan -t rsa plat1 >> ~/.ssh/known_hosts + # plat1 SSH-2.0-OpenSSH_5.1 + ``` + + 2. Obtain the public key of host **plat2**, and write the public key into the **known\_hosts** file on the local host. + + ``` + ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keyscan -t rsa plat2 >> ~/.ssh/known_hosts + # plat2 SSH-2.0-OpenSSH_5.1 + ``` + + 3. Obtain the public key of host **plat3**, and write the public key into the **known\_hosts** file on the local host. + + ``` + ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts + ``` + + The following is an example: + + ``` + plat1:~ # ssh-keyscan -t rsa plat3 >> ~/.ssh/known_hosts + # plat3 SSH-2.0-OpenSSH_5.1 + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >- After being accepted, the public key of a remote host will be saved in the **$HOME/.ssh/known\_hosts** file on the local host. When connecting to the remote host next time, the system can recognize that the public key of the remote host has been saved on the local host and then skip alarms. + >- If the **known\_hosts** file is deleted from the local host, the mutual trust between the local and remote hosts remains valid, but alarms will be reported. To prevent such alarms, set the **StrictHostKeyChecking** parameter in the **/etc/ssh/ssh\_config** file to **no**. + + +3. Send the **known\_hosts** file to all the other hosts except the local host. In this example, send the **known\_hosts** file on host **plat1** to hosts **plat2** and **plat3**. + + 1. Send the **known\_hosts** file to host **plat2**. When **Password:** is displayed, enter the password for logging in to host **plat2**. + + ``` + scp -r .ssh plat2:~ + ``` + + The following is an example: + + ``` + plat1:~ # scp -r .ssh plat2:~ + Password: + authorized_keys 100% 796 0.8KB/s 00:00 + id_rsa 100% 1675 1.6KB/s 00:00 + id_rsa.pub 100% 398 0.4KB/s 00:00 + known_hosts 100% 1089 1.1KB/s 00:00 + ``` + + 2. Send the **known\_hosts** file to host **plat3**. When **Password:** is displayed, enter the password for logging in to host **plat3**. + + ``` + scp -r .ssh plat3:~ + ``` + + The following is an example: + + ``` + plat1:~ # scp -r .ssh plat3:~ + Password: + authorized_keys 100% 796 0.8KB/s 00:00 + id_rsa 100% 1675 1.6KB/s 00:00 + id_rsa.pub 100% 398 0.4KB/s 00:00 + known_hosts 100% 1089 1.1KB/s 00:00 + ``` + +4. Run the **ssh **_Host name_ command to check whether mutual trust has been successfully established. Then, enter **exit**. + + ``` + plat1:~ # ssh plat2 + Last login: Sat Jun 20 14:01:07 2020 + plat2:~ # exit + logout + Connection to plat2 closed. + plat1:~ # + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >If there are more than three hosts, the procedure of manually establishing mutual trust between the hosts is similar to the one in this section. Assume that the host names are **plat1**, **plat2**, **plat3**, ... Firstly, generate a licensed file for user **root** on host **plat1** \(referred to as the local host\). Secondly, obtain the public keys of all the hosts \(**plat1**, **plat2**, **plat3**, ...\) between which mutual trust needs to be established, and write the public keys to the **known\_hosts** file on the local host. Thirdly, send the file from the local host to all the other hosts \(**plat2**, **plat3**, ...\). Finally, verify that mutual trust has been successfully established. + + +### Deleting Mutual Trust Between Users **root** + +The mutual trust established between users **root** may incur security risks. You are advised to delete the mutual trust between users **root** immediately after the installation is complete. + +1. Delete the mutual trust file **/root/.ssh** from each openGauss database node. + + rm –rf \~/.ssh + +2. Check whether the mutual trust is successfully deleted. If the host names cannot be reached from each other through SSH and a mutual trust failure message is displayed, the mutual trust is successfully deleted. + + plat1:\~ \# ssh plat2 + + he authenticity of host ' plssat2 \(plat2\)' can't be established. + + ECDSA key fingerprint is SHA256:Q4DPRedFytsjsJSKf4l2lHKuzVw4prq3bIUCNVKIa7M. + + ECDSA key fingerprint is MD5:e2:77:6c:aa:4c:43:5f:f2:c4:58:ec:d5:53:de:7c:fc. + + Are you sure you want to continue connecting \(yes/no\)? + + +### Examples + +The following is an example describing how to establish mutual trust between users **root**: + +``` +plat1:~ # gs_sshexkey -f /opt/software/hostfile -W Gauss_234 +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +``` + +The following is an example describing how to establish mutual trust between common users: + +``` +gaussdb@plat1:~ > gs_sshexkey -f /opt/software/hostfile -W Gauss_234 +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Successfully created the local key files. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +``` + +The following is an example describing how to establish mutual trust in security mode. This mode is recommended. Users need to manually enter their passwords as prompted. + +``` +plat1:~ # gs_sshexkey -f /opt/software/hostfile +Please enter password for current user[root]. +Password: +Checking network information. +All nodes in the network are Normal. +Successfully checked network information. +Creating SSH trust. +Creating the local key file. +Appending local ID to authorized_keys. +Successfully appended local ID to authorized_keys. +Updating the known_hosts file. +Successfully updated the known_hosts file. +Appending authorized_key on the remote node. +Successfully appended authorized_key on all remote node. +Checking common authentication file content. +Successfully checked common authentication content. +Distributing SSH trust file to all node. +Successfully distributed SSH trust file to all node. +Verifying SSH trust on all hosts. +Successfully verified SSH trust on all hosts. +Successfully created SSH trust. +``` + +## Configuring OS Parameters + +openGauss requires that the OS parameters on every host be set to specified values to ensure system running performance. + +Some of these parameters are set during the openGauss installation environment preparation phase, and these parameters directly affect the running status of the openGauss. You need to manually adjust these parameters only when necessary. You can use the following methods: + +1. Log in to a server as user **root**. +2. Modify the **/etc/sysctl.conf** file. + + For details about how to modify parameters, see [OS Parameters](#en-us_topic_0241805805_en-us_topic_0085434661_en-us_topic_0059782062_section3705271819540). + +3. Run the following command to make the modifications take effect: + + ``` + sysctl -p + ``` + + +### OS Parameters + +**Table 1** OS parameters + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Parameter

+

Description

+

Recommended Value

+

net.ipv4.tcp_max_tw_buckets

+

Specifies the maximum number of TCP/IP connections concurrently remaining in the TIME_WAIT state. If the number of TCP/IP connections concurrently remaining in the TIME_WAIT state exceeds the value of this parameter, the TCP/IP connections in the TIME_WAIT state will be released immediately, and alarm information will be printed.

+

10000

+

net.ipv4.tcp_tw_reuse

+

Reuses sockets whose status is TIME-WAIT for new TCP connections.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

net.ipv4.tcp_tw_recycle

+

Rapidly reclaims sockets whose status is TIME-WAIT in TCP connections.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

net.ipv4.tcp_keepalive_time

+

Specifies how often keep-alive messages are sent through TCP connections when Keep-Alive is enabled.

+

30

+

net.ipv4.tcp_keepalive_probes

+

Specifies the number of keep-alive detection packets sent through a TCP connection before the connection is regarded invalid. The product of the parameter value multiplied by the value of the tcp_keepalive_intvl parameter determines the response timeout after a keep-alive message is sent through a connection.

+

9

+

net.ipv4.tcp_keepalive_intvl

+

Specifies how often a detection packet is re-sent when the previous packets are not acknowledged.

+

30

+

net.ipv4.tcp_retries1

+

Specifies the maximum TCP reattempts during the connection establishment process.

+

5

+

net.ipv4.tcp_syn_retries

+

Specifies the maximum SYN packet reattempts in the TCP.

+

5

+

net.ipv4.tcp_synack_retries

+

Specifies the maximum SYN response packet reattempts in the TCP.

+

5

+

net.sctp.path_max_retrans

+

Specifies the maximum SCTP reattempts.

+

10

+

net.sctp.max_init_retransmits

+

Specifies the maximum INIT packet reattempts in the SCTP.

+

10

+

net.sctp.association_max_retrans

+

Specifies the maximum reattempts of a single logical connection in the SCTP.

+

10

+

net.sctp.hb_interval

+

Specifies the retransmission interval of heartbeat detection packets in the SCTP.

+

30000

+

net.ipv4.tcp_retries2

+

Specifies the number of times that the kernel re-sends data to a connected remote host. A smaller value leads to earlier detection of an invalid connection to the remote host, and the server can quickly release this connection.

+

If "connection reset by peer" is displayed, increase the value of this parameter to avoid the problem.

+

12

+

vm.overcommit_memory

+

Specifies the kernel check method during memory allocation.

+
  • 0: The system accurately calculates the current available memory.
  • 1: The system returns a success message without a kernel check.
  • 2: The system returns a failure message if the memory size you have applied for exceeds the result of the following formula: Total memory size x Value of vm.overcommit_ratio/100 + Total SWAP size.
+

The default value is 2, which is too conservative. The recommended value is 0. If memory usage is high, set this parameter to 1.

+

0

+

net.sctp.sndbuf_policy

+

Specifies the buffer allocation policy on the SCTP sender.

+
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
+

0

+

net.sctp.rcvbuf_policy

+

Specifies the buffer allocation policy on the SCTP receiver.

+
  • 0: The buffer is allocated by connection.
  • 1: The buffer is allocated by association.
+

0

+

net.sctp.sctp_mem

+

Specifies the maximum free memory of the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

+

94500000 915000000 927000000

+

net.sctp.sctp_rmem

+

Specifies the total free memory for receiving data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

+

8192 250000 16777216

+

net.sctp.sctp_wmem

+

Specifies the total free memory for sending data in the kernel SCTP stack. Three memory size ranges in the unit of page are provided: min, default, and max. If the value is max, packet loss occurs.

+

8192 250000 16777216

+

net.ipv4.tcp_rmem

+

Specifies the free memory in the TCP receiver buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

+

8192 250000 16777216

+

net.ipv4.tcp_wmem

+

Specifies the free memory in the TCP sender buffer. Three memory size ranges in the unit of page are provided: min, default, and max.

+

8192 250000 16777216

+

net.core.wmem_max

+

Specifies the maximum size of the socket sender buffer.

+

21299200

+

net.core.rmem_max

+

Specifies the maximum size of the socket receiver buffer.

+

21299200

+

net.core.wmem_default

+

Specifies the default size of the socket sender buffer.

+

21299200

+

net.core.rmem_default

+

Specifies the default size of the socket receiver buffer.

+

21299200

+

net.ipv4.ip_local_port_range

+

Specifies the range of temporary ports that can be used by a physical server.

+

26000-65535

+

kernel.sem

+

Specifies the kernel semaphore.

+

250 6400000 1000 25600

+

vm.min_free_kbytes

+

Specifies the minimum free physical memory reserved for unexpected page breaks.

+

5% of the total system memory

+

net.core.somaxconn

+

Specifies the maximum length of the listening queue of each port. This is a global parameter.

+

65535

+

net.ipv4.tcp_syncookies

+

Specifies whether to enable SYN cookies to guard the OS against SYN attacks when the SYN waiting queue overflows.

+
  • 0: The SYN cookies are disabled.
  • 1: The SYN cookies are enabled.
+

1

+

net.sctp.addip_enable

+

Specifies whether dynamic address reset of the SCTP is enabled.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

0

+

net.core.netdev_max_backlog

+

Specifies the maximum number of data packets that can be sent to the queue when the rate at which the network device receives data packets is higher than that at which the kernel processes the data packets.

+

65535

+

net.ipv4.tcp_max_syn_backlog

+

Specifies the maximum number of unacknowledged connection requests to be recorded.

+

65535

+

net.ipv4.tcp_fin_timeout

+

Specifies the default timeout duration.

+

60

+

kernel.shmall

+

Specifies the total shared free memory of the kernel.

+

1152921504606846720

+

kernel.shmmax

+

Specifies the maximum value of a shared memory segment.

+

18446744073709551615

+

net.ipv4.tcp_sack

+

Specifies whether selective acknowledgment is enabled. The selective acknowledgment on out-of-order packets can increase system performance. Restricting users to sending only lost packets (for wide area networks) should be enabled, but this will increase CPU usage.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

net.ipv4.tcp_timestamps

+

Specifies whether the TCP timestamp (12 bytes are added in the TCP packet header) enables a more accurate RTT calculation than the retransmission timeout (for details, see RFC 1323) for better performance.

+
  • 0: This function is disabled.
  • 1: This function is enabled.
+

1

+

vm.extfrag_threshold

+

When system memory is insufficient, Linux will score the current system memory fragments. If the score is higher than the value of vm.extfrag_threshold, kswapd triggers memory compaction. When the value of this parameter is close to 1000, the system tends to swap out old pages when processing memory fragments to meet the application requirements. When the value of this parameter is close to 0, the system tends to do memory compaction when processing memory fragments.

+

500

+

vm.overcommit_ratio

+

When the system uses the algorithms where memory usage never exceeds the thresholds, the total memory address space of the system cannot exceed the value of swap+RAM multiplied by the percentage specified by this parameter. When the value of vm.overcommit_memory is set to 2, this parameter takes effect.

+

90

+

/sys/module/sctp/parameters/no_checksums

+

Specifies whether checksum is disabled in SCTP.

+

0

+

MTU

+

Specifies the maximum transmission unit (MTU) for a node NIC. The default value is 1500 in the OS. You can set it to 8192 to improve the performance of sending and receiving data using SCTP.

+

8192

+
+ +### File System Parameters + +- soft nofile + + Indicates the soft limit. The number of file handles used by a user can exceed this parameter value. However, an alarm will be reported. + + Recommended value: **1000000** + +- hard nofile + + Indicates the hard limit. The number of file handles used by a user cannot exceed this parameter value. + + Recommended value: **1000000** + +- stack size + + Indicates the thread stack size. + + Recommended value: **3072** + + +### Setting the transparent\_hugepage Service + +By default, openGauss disables the transparent\_hugepage service and this setting is written into the OS startup file. + +### Setting File Handles + +To manually set the number of file handles, run the following commands to modify the involved parameters as user **root**: + +``` +echo "* soft nofile 1000000" >>/etc/security/limits.conf +echo "* hard nofile 1000000" >>/etc/security/limits.conf +``` + +After the modification is complete, restart the OS to make the setting take effect. + +**Table 2** Parameters for setting the number of file handles + + + + + + + + + + + + + + + + + + + +

Parameter

+

Description

+

Automatically Set by Scripts During Pre-Installation

+

Recommended Value

+

* soft nofile

+

Specifies the soft limit on the number of file handles. For example, if this parameter is set to 1000000, any user can open a maximum of 1,000,000 files regardless of how many shells are enabled.

+

Yes

+

1000000

+

* hard nofile

+

Specifies the hard limit. The soft limit must be less than or equal to the hard limit.

+

Yes

+

1000000

+
+ +### Setting the Maximum Number of Allowed Processes + +To manually set the maximum number of allowed processes, run the following command to open the configuration file: + +``` +vim /etc/security/limits.d/90-nproc.conf +``` + +Modify the **\* soft nproc** parameter in the file. + +After the modification is complete, restart the OS to make the setting take effect. + +**Table 3** Setting the maximum number of allowed processes + + + + + + + + + + + + + + +

Parameter

+

Description

+

Automatically Set by Scripts During Pre-Installation

+

Recommended Value

+

* soft nproc

+

Specifies the maximum number of processes allowed per user.

+

No

+

60000

+
+ +### Setting NIC Parameters + +**Table 4** Setting NIC parameters + + + + + + + + + + + + + + + + + + + +

Parameter

+

Description

+

Automatically Set by Scripts During Pre-Installation

+

Recommended Value

+

rx

+

Specifies the receive queue length for an NIC.

+

Yes

+

4096

+

tx

+

Specifies the transmission queue length for an NIC.

+

Yes

+

4096

+
+ +>![](public_sys-resources/icon-notice.gif) **NOTICE:** +>- NIC parameters can be configured only for 10GE and larger service NICs, that is, the NIC bound to **backIp1**. +>- The commands for setting NIC parameters are written into the OS startup file only after the parameters are successfully set. Information about command execution failures is recorded in logs on the server. + + \ No newline at end of file diff --git a/content/en/docs/installation/installation-overview.md b/content/en/docs/installation/installation-overview.md index eefe966ff692e06bd686e06487a2f4c2f9b608e1..38444e79766ff40698c418ec961347fbf39603aa 100644 --- a/content/en/docs/installation/installation-overview.md +++ b/content/en/docs/installation/installation-overview.md @@ -1,9 +1,9 @@ -# Installation Overview - -openGauss can be deployed in standalone or in standalone HA mode. In standalone mode, multiple database instances can be deployed on a single host. However, this mode is not recommended for data security purposes. In the standalone HA deployment mode, one primary server and at least one standby server are supported, and a maximum of four standby servers are supported. - -Both of the standalone deployment and standalone HA deployment support a simple mode and a compatible mode. In simple mode, you can install an openGauss database and use it properly. The compatible mode is an enhancement of the simple mode. After compatible packages are installed, openGauss offers compatibility with the API names of mainstream databases. - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->When the openGauss provides scripts for installation, only one database system can be deployed on a single physical machine. If you need to deploy multiple database systems on a single physical machine, you are advised to install the database systems using the CLI instead of using the installation script provided by the openGauss. - +# Installation Overview + +openGauss can be deployed in standalone or in standalone HA mode. In standalone mode, multiple database instances can be deployed on a single host. However, this mode is not recommended for data security purposes. In the standalone HA deployment mode, one primary server and at least one standby server are supported, and a maximum of four standby servers are supported. + +Both of the standalone deployment and standalone HA deployment support a simple mode and a compatible mode. In simple mode, you can install an openGauss database and use it properly. The compatible mode is an enhancement of the simple mode. After compatible packages are installed, openGauss offers compatibility with the API names of mainstream databases. + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>When the openGauss provides scripts for installation, only one database system can be deployed on a single physical machine. If you need to deploy multiple database systems on a single physical machine, you are advised to install the database systems using the CLI instead of using the installation script provided by the openGauss. + diff --git a/content/en/docs/installation/installation-process.md b/content/en/docs/installation/installation-process.md index c15b976cf3c6268dfa1885531809d6860e88bc38..74f3533c1bf7729d1ced5a16a87ca254927c116b 100644 --- a/content/en/docs/installation/installation-process.md +++ b/content/en/docs/installation/installation-process.md @@ -1,15 +1,15 @@ -# Installation Process - -This section describes the openGauss installation process. - -[Figure 1](#fig18264185162412) shows the process for installing openGauss. - -**Figure 1** Installation process - - -**Table 1** Installation process description - - +# Installation Process + +This section describes the openGauss installation process. + +[Figure 1](#fig18264185162412) shows the process for installing openGauss. + +**Figure 1** Installation process +![](figures/installation-process.png "installation-process") + +**Table 1** Installation process description + + -

Step

Description

@@ -31,7 +31,7 @@ This section describes the openGauss installation process.

Configure an XML file.

Before installing the openGauss, you need to create a configuration file. The configuration file in the XML format contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the configuration file according to the actual deployment requirements.

-

For details, see Creating a Configuration File.

+

For details, see Creating an XML Configuration File.

Initialize the installation environment.

@@ -52,5 +52,5 @@ This section describes the openGauss installation process.
- +
+ diff --git a/content/en/docs/installation/installation-user-and-user-group.md b/content/en/docs/installation/installation-user-and-user-group.md index f2f7aa4356f707473b42abeeb339f2d304d8fa83..c065ca384da3794505512cad8143244fa2c2d737 100644 --- a/content/en/docs/installation/installation-user-and-user-group.md +++ b/content/en/docs/installation/installation-user-and-user-group.md @@ -1,8 +1,8 @@ -# Installation User and User Group - -To minimize the installation account permissions during the installation and ensure system running security of openGauss after the installation, the installation scripts automatically create a user-specified installation user and this user will be used as the administrator for subsequent running and maintenance of the openGauss. - - +# Installation User and User Group + +To minimize the installation account permissions during the installation and ensure system running security of openGauss after the installation, the installation scripts automatically create a user-specified installation user and this user will be used as the administrator for subsequent running and maintenance of the openGauss. + + -

User/Group Name

Type

@@ -31,7 +31,7 @@ To minimize the installation account permissions during the installation and ens
- -During the openGauss installation, when **gs\_install** is executed, a database user **omm** with the same name as the installation user is created. This user has the highest operation permissions on the database. The initial password of this user is specified by the user. - +
+ +During the openGauss installation, when **gs\_install** is executed, a database user **omm** with the same name as the installation user is created. This user has the highest operation permissions on the database. The initial password of this user is specified by the user. + diff --git a/content/en/docs/installation/installing-the-opengauss.md b/content/en/docs/installation/installing-the-opengauss.md index 2e6ea5c0c5ef564fad894c6f7ad2078134446ec4..50374da05d99d87f4798833f96cfd3dbfa53707c 100644 --- a/content/en/docs/installation/installing-the-opengauss.md +++ b/content/en/docs/installation/installing-the-opengauss.md @@ -1,11 +1,13 @@ -# Installing the openGauss - -- **[Creating a Configuration File](creating-a-configuration-file.md)** -Before installing the openGauss, you need to create a configuration file. The configuration file in the XML format contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the configuration file according to the actual deployment requirements. -- **[Initializing the Installation Environment](initializing-the-installation-environment.md)** -To ensure the correct installation of the openGauss, you need to configure the host environment first. -- **[Executing Installation](executing-installation.md)** -After the openGauss installation environment is prepared by executing the pre-installation script, deploy openGauss based on the installation process. -- **[\(Optional\) Setting the Standby Node to Readable]((optional)-setting-the-standby-node-to-readable.md)** -Readable standby node is an optional feature. You need to modify the configuration parameters and restart the primary and standby nodes before using this feature. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements. - +# Installing the openGauss + +- **[Creating an XML Configuration File](creating-an-xml-configuration-file.md)** +Before installing the openGauss, you need to create the **clusterconfig.xml** file. The **clusterconfig.xml** file contains the information about the server where the openGauss is deployed, installation path, IP address, and port number. This file is used to guide how to deploy the openGauss. You need to configure the XML configuration file according to the actual deployment requirements. +- **[Initializing the Installation Environment](initializing-the-installation-environment.md)** +To ensure the correct installation of the openGauss, you need to configure the host environment first. +- **[Executing Installation](executing-installation.md)** +After the openGauss installation environment is prepared by executing the pre-installation script, deploy openGauss based on the installation process. +- **[Initializing the Database](initializing-the-database.md)** + +- **[\(Optional\) Setting the Standby Node to Readable]((optional)-setting-the-standby-node-to-readable.md)** +Readable standby node is an optional feature. You need to modify the configuration parameters and restart the primary and standby nodes before using this feature. After the readable standby node function is enabled, the standby node is readable, meeting data consistency requirements. + diff --git a/content/en/docs/installation/modifying-os-configuration.md b/content/en/docs/installation/modifying-os-configuration.md deleted file mode 100644 index 1f748d74b3d7d87860c0d945bafac6e3c9bbd260..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/modifying-os-configuration.md +++ /dev/null @@ -1,13 +0,0 @@ -# Modifying OS Configuration - -- **[Disabling the OS Firewall](disabling-the-os-firewall.md)** -To ensure that the openGauss can work properly when the firewall is enabled, related services, protocols, IP addresses, and ports need to be added to the firewall whitelist of each host in the openGauss. -- **[Setting Character Set Parameters](setting-character-set-parameters.md)** - -- **[Setting the Time Zone and Time](setting-the-time-zone-and-time.md)** - -- **[Disabling the Swap Memory](disabling-the-swap-memory.md)** - -- **[Setting the NIC MTU](setting-the-nic-mtu.md)** - - diff --git a/content/en/docs/installation/obtaining-and-verifying-an-installation-package.md b/content/en/docs/installation/obtaining-and-verifying-an-installation-package.md index c1533fd997bd74c60e02de777a21e6985b92d83e..36f3a130f2a7600725a2d2d63f6ad03d005a55a4 100644 --- a/content/en/docs/installation/obtaining-and-verifying-an-installation-package.md +++ b/content/en/docs/installation/obtaining-and-verifying-an-installation-package.md @@ -1,55 +1,55 @@ -# Obtaining and Verifying an Installation Package - -To prevent network security threats caused by malicious tampering or damage during installation package transfer, verify the integrity of an installation package after obtaining it. Deployment can be started only after the package passes the verification. - -## Prerequisites - -You have obtained the openGauss installation package and the signature file. The two must be saved in the same directory, and each package corresponds to a verification file. The signature file is released together with the corresponding software package in .sha256 format. Generally, the file name is the same as the package name. If the name of the installation package is **openGauss-_x.x.x_.x-openEuler-64bit.tar.gz**, the name of the verification file corresponding to this package is **openGauss-_x.x.x_.x-openEuler-64bit.tar.gz.sha256**. - -## Procedure - -1. Download the installation package of the corresponding platform from the openGauss community. - 1. Log in to the openGauss community. - 2. Click **Download**. - 3. Decompress the downloaded package. - -2. Verify the installation package. - 1. Decompress the installation package and check whether the installation directory and files are complete. Run the following commands in the directory where the installation package is stored: - - ``` - tar -zxvf openGauss-x.x.x-openEuler-64bit.tar.gz - ls -1 - ``` - - Run the **ls** command and information similar to the following is displayed. **openGauss-_x.x.x_-openEuler-64bit.tar.gz** in the **packages** directory indicates the database installation package. During the **openGauss-_x.x.x_** installation process, SHA256 authentication is automatically performed for the database installation program. - - ``` - total 577M - -rw-r--r-- 1 root root 36 Jun 15 11:46 bepkit_env.conf - drwxr-xr-x 14 root root 4.0K Jun 15 11:46 lib - -rw-r--r-- 1 root root 65 Jun 15 11:46 openGauss-x.x.x-openEuler-64bit.sha256 - -rwxr-xr-x 1 root root 214M Jun 15 11:46 openGauss-x.x.x-openEuler-64bit-symbol.tar.gz - -rw-r--r-- 1 root root 47M Jun 15 11:46 openGauss-x.x.x-openEuler-64bit.tar.bz2 - -rw-r--r-- 1 root root 53M Jun 15 11:46 openGauss-x.x.x-openEuler-64bit.tar.gz - -rw------- 1 root root 265M Jun 18 15:50 openGauss-x.x.x_PACKAGES_RELEASE.tar.gz - drwxr-xr-x 5 root root 4.0K Jun 15 11:46 script - -rw-r--r-- 1 root root 32 Jun 15 11:46 version.cfg - - ``` - - 2. Go to the scripts directory, start the openGauss installation, and observe whether the installation is successful. - - During the installation, the installation package automatically uses the SHA256 file to verify the integrity of the installation program. - - If information similar to the following is displayed, verification of the database installation package fails, causing the openGauss installation failure. - - ``` - Error: The sha256 value is different! - Bin file a4ebce0b6052723b1f386928e4d820fa2 - sha256 file 4ebce0b6052723b1f386928e4d820fa2 - ``` - - If no error is displayed, the installation program is correct and has not been illegally modified. - - - +# Obtaining and Verifying an Installation Package + +To prevent network security threats caused by malicious tampering or damage during installation package transfer, verify the integrity of an installation package after obtaining it. Deployment can be started only after the package passes the verification. + +## Prerequisites + +You have obtained the openGauss installation package and the signature file. The two must be saved in the same directory, and each package corresponds to a verification file. The signature file is released together with the corresponding software package in .sha256 format. Generally, the file name is the same as the package name. If the name of the installation package is **openGauss-_x.x.x_.x-openEuler-64bit.tar.gz**, the name of the verification file corresponding to this package is **openGauss-_x.x.x_.x-openEuler-64bit.tar.gz.sha256**. + +## Procedure + +1. Download the installation package of the corresponding platform from the openGauss community. + 1. Log in to the openGauss community. + 2. Click **Download**. + 3. Decompress the downloaded package. + +2. Verify the installation package. + 1. Decompress the installation package and check whether the installation directory and files are complete. Run the following commands in the directory where the installation package is stored: + + ``` + tar -zxvf openGauss-x.x.x-openEuler-64bit.tar.gz + ls -1 + ``` + + Run the **ls** command and information similar to the following is displayed. **openGauss-_x.x.x_-openEuler-64bit.tar.gz** in the **packages** directory indicates the database installation package. During the **openGauss-_x.x.x_** installation process, SHA256 authentication is automatically performed for the database installation program. + + ``` + total 577M + -rw-r--r-- 1 root root 36 Jun 15 11:46 bepkit_env.conf + drwxr-xr-x 14 root root 4.0K Jun 15 11:46 lib + -rw-r--r-- 1 root root 65 Jun 15 11:46 openGauss-x.x.x-openEuler-64bit.sha256 + -rwxr-xr-x 1 root root 214M Jun 15 11:46 openGauss-x.x.x-openEuler-64bit-symbol.tar.gz + -rw-r--r-- 1 root root 47M Jun 15 11:46 openGauss-x.x.x-openEuler-64bit.tar.bz2 + -rw-r--r-- 1 root root 53M Jun 15 11:46 openGauss-x.x.x-openEuler-64bit.tar.gz + -rw------- 1 root root 265M Jun 18 15:50 openGauss-x.x.x_PACKAGES_RELEASE.tar.gz + drwxr-xr-x 5 root root 4.0K Jun 15 11:46 script + -rw-r--r-- 1 root root 32 Jun 15 11:46 version.cfg + + ``` + + 2. Go to the scripts directory, start the openGauss installation, and observe whether the installation is successful. + + During the installation, the installation package automatically uses the SHA256 file to verify the integrity of the installation program. + + If information similar to the following is displayed, verification of the database installation package fails, causing the openGauss installation failure. + + ``` + Error: The sha256 value is different! + Bin file a4ebce0b6052723b1f386928e4d820fa2 + sha256 file 4ebce0b6052723b1f386928e4d820fa2 + ``` + + If no error is displayed, the installation program is correct and has not been illegally modified. + + + diff --git a/content/en/docs/installation/preparing-for-installation.md b/content/en/docs/installation/preparing-for-installation.md index c3d9f19421cac297ed0afe289d251191c9276bbf..4517d365455436b436e82917f495fa015598a8ab 100644 --- a/content/en/docs/installation/preparing-for-installation.md +++ b/content/en/docs/installation/preparing-for-installation.md @@ -1,13 +1,13 @@ -# Preparing for Installation - -This chapter describes how to prepare and configure the openGauss installation environment. Read this chapter carefully before the installation. Go to chapter "Installing the openGauss" if you have completed the configuration in this chapter. - -- **[Installation Process](installation-process.md)** -This section describes the openGauss installation process. -- **[Obtaining and Verifying an Installation Package](obtaining-and-verifying-an-installation-package.md)** -To prevent network security threats caused by malicious tampering or damage during installation package transfer, verify the integrity of an installation package after obtaining it. Deployment can be started only after the package passes the verification. -- **[Preparing the Software and Hardware Installation Environment](preparing-the-software-and-hardware-installation-environment.md)** -This chapter describes the preparations for the installation. -- **[Installation User and User Group](installation-user-and-user-group.md)** -To minimize the installation account permissions during the installation and ensure system running security of openGauss after the installation, the installation scripts automatically create a user-specified installation user and this user will be used as the administrator for subsequent running and maintenance of the openGauss. - +# Preparing for Installation + +This chapter describes how to prepare and configure the openGauss installation environment. Read this chapter carefully before the installation. Go to chapter "Installing the openGauss" if you have completed the configuration in this chapter. + +- **[Installation Process](installation-process.md)** +This section describes the openGauss installation process. +- **[Obtaining and Verifying an Installation Package](obtaining-and-verifying-an-installation-package.md)** +To prevent network security threats caused by malicious tampering or damage during installation package transfer, verify the integrity of an installation package after obtaining it. Deployment can be started only after the package passes the verification. +- **[Preparing the Software and Hardware Installation Environment](preparing-the-software-and-hardware-installation-environment.md)** +This chapter describes the preparations for the installation. +- **[Installation User and User Group](installation-user-and-user-group.md)** +To minimize the installation account permissions during the installation and ensure system running security of openGauss after the installation, the installation scripts automatically create a user-specified installation user and this user will be used as the administrator for subsequent running and maintenance of the openGauss. + diff --git a/content/en/docs/installation/preparing-the-software-and-hardware-installation-environment.md b/content/en/docs/installation/preparing-the-software-and-hardware-installation-environment.md index 67d5212defac6c92c263fefd2ef396212259cdd6..5698e9f0de34b7b10c612619a6af4110a50086a2 100644 --- a/content/en/docs/installation/preparing-the-software-and-hardware-installation-environment.md +++ b/content/en/docs/installation/preparing-the-software-and-hardware-installation-environment.md @@ -1,11 +1,313 @@ -# Preparing the Software and Hardware Installation Environment - -This chapter describes the preparations for the installation. - -- **[Software and Hardware Requirements](software-and-hardware-requirements.md)** -This section describes hardware and software requirements of openGauss. It is recommended that servers to be deployed on openGauss have the same software and hardware configurations. -- **[Modifying OS Configuration](modifying-os-configuration.md)** - -- **[Setting Remote Login of User root](setting-remote-login-of-user-root.md)** -During the openGauss installation, the user **root** is required for remote login. This section describes how to set the user **root** for remote login. - +# Preparing the Software and Hardware Installation Environment + +This chapter describes the preparations for the installation. + + + +- [Software and Hardware Requirements](#software-and-hardware-requirementsa-nameen-us_topic_0249784577a) + - [Hardware Requirements](#hardware-requirementsa-nameen-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_sdd36768784254b8ba03c77c86b831caea) + - [Software Requirements](#software-requirementsa-nameen-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_s3124e90db74142ddaf11e2e8fd69cadba) + - [Software Dependency Requirements](#software-dependency-requirementsa-namesection5459315183816a) +- [Modifying OS Configuration](#modifying-os-configurationa-nameen-us_topic_0249784574a) + - [Disabling the OS Firewall](#disabling-the-os-firewalla-namesection392211235453a) + - [Setting Character Set Parameters](#setting-character-set-parametersa-namesection13321183394714a) + - [Setting the Time Zone and Time](#setting-the-time-zone-and-timea-namesection399102113483a) + - [Disabling the Swap Memory](#disabling-the-swap-memorya-namesection108571059134820a) + - [Setting the NIC MTU](#setting-the-nic-mtua-namesection111222032174911a) +- [Setting Remote Login of User root](#setting-remote-login-of-user-roota-nameen-us_topic_0249784566a) + + + +## Software and Hardware Requirements + +This section describes hardware and software requirements of openGauss. It is recommended that servers to be deployed on openGauss have the same software and hardware configurations. + +### Hardware Requirements + +[Table 1](#en-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_t62cd0eed17004265b1b8ad98f302a4bc) describes the minimum hardware requirements of openGauss. When planning the hardware configuration of a product, consider the data scale and expected database response speed. Plan hardware as required. + +**Table 1** Hardware requirements + + + + + + + + + + + + + + + + + + + +

Hardware

+

Description

+

Minimum memory

+

Minimum 32 GB of memory is required for function debugging.

+

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that the memory be greater than 128 GB.

+

Complex queries require much memory but the memory may be insufficient in high-concurrency scenarios. In this case, it is recommended that a large-memory server or load management be used to restrict concurrences on the system.

+

CPU

+

Minimum one 8-core 2.0 GHz CPU is required for function debugging.

+

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that one 16-core 2.0 GHz CPU be used.

+

You can set CPUs to hyper-threading or non-hyper-threading mode, but ensure the setting is consistent across all the openGauss nodes.

+

Hard disk

+

Hard disks used for installing the openGauss must meet the following requirements:

+
  • At least 1 GB is used to install the openGauss application package.
  • About 300 MB is used for each host to store metadata.
  • More than 70% of available disk space is reserved to store data.
+

You are advised to configure the system disk to RAID 1 and data disk to RAID 5 and plan four groups of RAID 5 data disks for installing openGauss. RAID configuration is not described in this document. You can configure RAID by following instructions in the hardware vendors' manuals or using common methods found on the Internet. Set Disk Cache Policy to Disabled to avoid data loss in an unexpected power-off.

+

openGauss supports using an SSD with the SAS interface and NVMe protocol deployed in RAID mode as the primary storage device of the database.

+

Network requirements

+

Minimum 300 Mbit/s Ethernet is required.

+

You are advised to bond two NICs for redundancy. The configuration is not described in this document. You can configure it by following instructions in the manual provided by the hardware manufacturer or using the methods provided on the Internet.

+

If bonds are configured for the openGauss, ensure the consistency among these bond modes, because inconsistent bond modes may cause openGauss running exceptions.

+
+ +### Software Requirements + +**Table 2** Software requirements + + + + + + + + + + + + + + + + + + + +

Software

+

Description

+

Linux OS

+

openEuler 20.3LTS and CentOS 7.6

+

Linux file system

+

It is recommended that the number of remaining inodes be greater than 1.5 billion.

+

Tools

+

Huawei JDK 1.8.0 and bzip2

+

Python

+
  • openEuler: Python 3.7.X is supported.
  • CentOS: Python 3.6.X is supported.
+
+ +### Software Dependency Requirements + +[\#EN-US\_TOPIC\_0249784577/table11459151513383](#table11459151513383) lists the software dependency requirements for the openGauss. + +You are advised to use the default installation packages of the following dependent software in the listed OS installation CD-ROMs or sources. If the following software does not exist, refer to the recommended versions of the software. + +## Modifying OS Configuration + +### Disabling the OS Firewall + +To ensure that the openGauss can work properly when the firewall is enabled, related services, protocols, IP addresses, and ports need to be added to the firewall whitelist of each host in the openGauss. + +Take openEuler OS as an example. Assume that the openGauss information is listed in [Table 1](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_table4312170510523). + +**Table 1** Information of openGauss + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Host Name

+

Internal IP Address

+

External IP Address

+

plat1

+

192.168.0.11

+

10.10.0.11

+

plat2

+

192.168.0.12

+

10.10.0.12

+

plat3

+

192.168.0.13

+

10.10.0.13

+

plat4

+

192.168.0.14

+

10.10.0.14

+

Management network

+

-

+

10.10.64.236

+
+ +**Procedure** + +Currently, EulerOS can be installed only when the firewall is disabled. + +1. Check whether the firewall is disabled. + + ``` + systemctl status firewalld + ``` + + If the firewall is not disabled, go to [2](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_li11887129193617). + + If the firewall is disabled, skip [2](#en-us_topic_0241802566_en-us_topic_0085434636_en-us_topic_0059782018_li11887129193617). + +2. Disable the firewall. + + ``` + systemctl disable firewalld.service + systemctl stop firewalld.service + ``` + +3. Set the value of **SELINUX** in the **/etc/selinux/config** file to **disabled**. + 1. Run the **vim** command to open the **config** file. + + ``` + vim /etc/selinux/config + ``` + + 2. Set the value of **SELINUX** to **disabled**. + + ``` + SELINUX=disabled + ``` + +4. Restart the OS. + + ``` + reboot + ``` + +5. Repeat steps 1 to 3 on other hosts. + +### Setting Character Set Parameters + +Set the same character set for all database nodes. You can add **export LANG=**_Unicode_ in the **/etc/profile** file. + +``` +vim /etc/profile +``` + +### Setting the Time Zone and Time + +Set the same time zone for all database nodes by copying the **/etc/localtime** time zone file to the **/usr/share/zoneinfo/** directory. + +``` +cp /usr/share/zoneinfo/$Locale/$Time zone /etc/localtime +``` + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>_$Locale/$Time zone_ indicates the locale and time zone to be set, for example, **Asia/Shanghai**. + +Run the **date -s** command to set the time of each host to the same time. For example: + +``` +date -s Mon May 11 16:42:11 CST 2020 +``` + +>![](public_sys-resources/icon-note.gif) **NOTE:** +>You can run the **date** command to query the time zone of the host. + +### Disabling the Swap Memory + +Run the **swapoff -a** command on each database node to disable the swap memory. + +``` +swapoff -a +``` + +### Setting the NIC MTU + +Set the NIC MTU value on each database node to the same value. For X86, the recommended MTU value is 1500. For ARM, the recommended MTU value is 8192. + +``` +ifconfig NIC ID mtu Value +``` + +## Setting Remote Login of User root + +During the openGauss installation, the user **root** is required for remote login. This section describes how to set the user **root** for remote login. + +1. Modify the **PermitRootLogin** configuration to enable remote login of user **root**. + 1. Open the **sshd\_config** file. + + ``` + vim /etc/ssh/sshd_config + ``` + + 2. Modify permissions of user **root** using either of the following methods: + - Comment out **PermitRootLogin no**. + + ``` + #PermitRootLogin no + ``` + + - Set the value of **PermitRootLogin** to **yes**. + + ``` + PermitRootLogin yes + ``` + + 3. Run the **:wq** command to save the modification and exit. + +2. Modify the **Banner** configuration to delete the welcome information displayed when you connect to the system. The welcome information affects the return result of remote operations during the installation. + 1. Open the **sshd\_config** file. + + ``` + vim /etc/ssh/sshd_config + ``` + + 2. Comment out the line where **Banner** is located. + + ``` + #Banner XXXX + ``` + + 3. Run the **:wq** command to save the modification and exit. + +3. Run the following command to validate the settings: + + ``` + service sshd restart + ``` + + >![](public_sys-resources/icon-caution.gif) **CAUTION:** + >If **Redirecting to /bin/systemctl restart sshd.service** is displayed, run the **/bin/systemctl restart sshd.service** command. + +4. Re-log in to the system as user **root**. + + ``` + ssh xxx.xxx.xxx.xxx + ``` + + >![](public_sys-resources/icon-note.gif) **NOTE:** + >_xxx.xxx.xxx.xxx_ indicates the IP address of the openGauss installation environment. + + + \ No newline at end of file diff --git a/content/en/docs/installation/setting-character-set-parameters.md b/content/en/docs/installation/setting-character-set-parameters.md deleted file mode 100644 index 000abbf6c2108a1086b426bf1786a75f11c60d5a..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/setting-character-set-parameters.md +++ /dev/null @@ -1,8 +0,0 @@ -# Setting Character Set Parameters - -Set the same character set for all database nodes. You can add **export LANG=**_Unicode_ in the **/etc/profile** file. - -``` -vim /etc/profile -``` - diff --git a/content/en/docs/installation/setting-remote-login-of-user-root.md b/content/en/docs/installation/setting-remote-login-of-user-root.md deleted file mode 100644 index 801758fd01b2a42f500188a3b6fd522eeffe8cd0..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/setting-remote-login-of-user-root.md +++ /dev/null @@ -1,60 +0,0 @@ -# Setting Remote Login of User root - -During the openGauss installation, the user **root** is required for remote login. This section describes how to set the user **root** for remote login. - -1. Modify the **PermitRootLogin** configuration to enable remote login of user **root**. - 1. Open the **sshd\_config** file. - - ``` - vim /etc/ssh/sshd_config - ``` - - 2. Modify permissions of user **root** using either of the following methods: - - Comment out **PermitRootLogin no**. - - ``` - #PermitRootLogin no - ``` - - - Set the value of **PermitRootLogin** to **yes**. - - ``` - PermitRootLogin yes - ``` - - 3. Run the **:wq** command to save the modification and exit. - -2. Modify the **Banner** configuration to delete the welcome information displayed when you connect to the system. The welcome information affects the return result of remote operations during the installation. - 1. Open the **sshd\_config** file. - - ``` - vim /etc/ssh/sshd_config - ``` - - 2. Comment out the line where **Banner** is located. - - ``` - #Banner XXXX - ``` - - 3. Run the **:wq** command to save the modification and exit. - -3. Run the following command to validate the settings: - - ``` - service sshd restart - ``` - - >![](public_sys-resources/icon-caution.gif) **CAUTION:** - >If **Redirecting to /bin/systemctl restart sshd.service** is displayed, run the **/bin/systemctl restart sshd.service** command. - -4. Re-log in to the system as user **root**. - - ``` - ssh xxx.xxx.xxx.xxx - ``` - - >![](public_sys-resources/icon-note.gif) **NOTE:** - >_xxx.xxx.xxx.xxx_ indicates the IP address of the openGauss installation environment. - - diff --git a/content/en/docs/installation/setting-the-nic-mtu.md b/content/en/docs/installation/setting-the-nic-mtu.md deleted file mode 100644 index 9b973cb46846741b3ccdf9043c39c5c793fddd7d..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/setting-the-nic-mtu.md +++ /dev/null @@ -1,8 +0,0 @@ -# Setting the NIC MTU - -Set the NIC MTU value on each database node to the same value. The recommended MTU value is **8192**, and the minimum MTU value is **1500**. - -``` -ifconfig NIC ID mtu Value -``` - diff --git a/content/en/docs/installation/setting-the-time-zone-and-time.md b/content/en/docs/installation/setting-the-time-zone-and-time.md deleted file mode 100644 index ce6a2c994eb14a754ac4d1c55104a90d4ae4c0fb..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/setting-the-time-zone-and-time.md +++ /dev/null @@ -1,20 +0,0 @@ -# Setting the Time Zone and Time - -Set the same time zone for all database nodes by copying the **/etc/localtime** time zone file to the **/usr/share/zoneinfo/** directory. - -``` -cp /usr/share/zoneinfo/$Locale/$Time zone /etc/localtime -``` - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->_$Locale/$Time zone_ indicates the locale and time zone to be set, for example, **Asia/Shanghai**. - -Run the **date -s** command to set the time of each host to the same time. For example: - -``` -date -s Mon May 11 16:42:11 CST 2020 -``` - ->![](public_sys-resources/icon-note.gif) **NOTE:** ->You can run the **date** command to query the time zone of the host. - diff --git a/content/en/docs/installation/software-and-hardware-requirements.md b/content/en/docs/installation/software-and-hardware-requirements.md deleted file mode 100644 index 7991faa19230ad9610cc555b4481e6a4b97ada1e..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/software-and-hardware-requirements.md +++ /dev/null @@ -1,136 +0,0 @@ -# Software and Hardware Requirements - -This section describes hardware and software requirements of openGauss. It is recommended that servers to be deployed on openGauss have the same software and hardware configurations. - -## Hardware Requirements - -[Table 1](#en-us_topic_0241802565_en-us_topic_0085434629_en-us_topic_0059782022_t62cd0eed17004265b1b8ad98f302a4bc) describes the minimum hardware requirements of openGauss. When planning the hardware configuration of a product, consider the data scale and expected database response speed. Plan hardware as required. - -**Table 1** Hardware requirements - - - - - - - - - - - - - - - - - - - -

Hardware

-

Description

-

Minimum memory

-

Minimum 32 GB of memory is required for function debugging.

-

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that the memory be greater than 128 GB.

-

Complex queries require much memory but the memory may be insufficient in high-concurrency scenarios. In this case, it is recommended that a large-memory server or load management be used to restrict concurrences on the system.

-

CPU

-

Minimum one 8-core 2.0 GHz CPU is required for function debugging.

-

In performance tests and commercial deployment, the single-instance deployment is performed. It is recommended that one 16-core 2.0 GHz CPU be used.

-

You can set CPUs to hyper-threading or non-hyper-threading mode, but ensure the setting is consistent across all the openGauss nodes.

-

Hard disk

-

Hard disks used for installing the openGauss must meet the following requirements:

-
  • At least 1 GB is used to install the openGauss application package.
  • About 300 MB is used for each host to store metadata.
  • More than 70% of available disk space is reserved to store data.
-

You are advised to configure the system disk to RAID 1 and data disk to RAID 5 and plan four groups of RAID 5 data disks for installing openGauss. RAID configuration is not described in this document. You can configure RAID by following instructions in the hardware vendors' manuals or using common methods found on the Internet. Set Disk Cache Policy to Disabled to avoid data loss in an unexpected power-off.

-

openGauss supports using an SSD with the SAS interface and NVMe protocol deployed in RAID mode as the primary storage device of the database.

-

Network requirements

-

Minimum 300 Mbit/s Ethernet is required.

-

You are advised to bond two NICs for redundancy. The configuration is not described in this document. You can configure it by following instructions in the manual provided by the hardware manufacturer or using the methods provided on the Internet.

-

If bonds are configured for the openGauss, ensure the consistency among these bond modes, because inconsistent bond modes may cause openGauss running exceptions.

-
- -## Software Requirements - -**Table 2** Software requirements - - - - - - - - - - - - - - - - - - - -

Software

-

Description

-

Linux OS

-

openEuler 20.3LTS and CentOS 7.6

-

Linux file system

-

It is recommended that the number of remaining inodes be greater than 1.5 billion.

-

Tools

-

Huawei JDK 1.8.0 and bzip2

-

Python

-
  • openEuler: Python 3.7.X is supported.
  • CentOS: Python 3.6.X is supported.
-
- -## Software Dependency Requirements - -[Table 3](#table11459151513383) lists the software dependency requirements for the openGauss. - -You are advised to use the default installation packages of the following dependent software in the listed OS installation CD-ROMs or sources. If the following software does not exist, refer to the recommended versions of the software. - -**Table 3** Software dependency requirements - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Software

-

Recommended Version

-

libaio-devel

-

0.3.109-13

-

flex

-

2.5.31 or later

-

bison

-

2.7-4

-

ncurses-devel

-

5.9-13.20130511

-

glibc.devel

-

2.17-111

-

patch

-

2.7.1-10

-

lsb_release

-

4.1

-
- diff --git a/content/en/docs/installation/starting-installation.md b/content/en/docs/installation/starting-installation.md deleted file mode 100644 index 3da14eb9075a0b693479d993f14365eb7be9a775..0000000000000000000000000000000000000000 --- a/content/en/docs/installation/starting-installation.md +++ /dev/null @@ -1 +0,0 @@ -This document describes how to start install openGauss. diff --git a/content/en/docs/installation/uninstalling-the-opengauss.md b/content/en/docs/installation/uninstalling-the-opengauss.md index 48780661b201c34947bf824d8b7d31028d021382..84d7702407169f62b16845829d9b2054354e932b 100644 --- a/content/en/docs/installation/uninstalling-the-opengauss.md +++ b/content/en/docs/installation/uninstalling-the-opengauss.md @@ -1,9 +1,150 @@ -# Uninstalling the openGauss - -The process of uninstalling the openGauss includes uninstalling the openGauss and clearing the environment of the openGauss server. - -- **[Executing Uninstallation](executing-uninstallation.md)** -The openGauss provides an uninstallation script to help users uninstall the openGauss. -- **[Deleting Cluster Configurations](deleting-cluster-configurations.md)** -After the openGauss is uninstalled, execute the **gs\_postuninstall** script to delete configurations from all servers in the openGauss if you do not need to re-deploy the openGauss using these configurations. These configurations are made by the **gs\_preinstall** script. - +# Uninstalling the openGauss + +The process of uninstalling the openGauss includes uninstalling the openGauss and clearing the environment of the openGauss server. + +## Executing Uninstallation + +The openGauss provides an uninstallation script to help users uninstall the openGauss. + +**Procedure** + +1. Log in as the OS user **omm** to the primary node of the database. +2. Execute the **gs\_uninstall** script to uninstall the openGauss. + + ``` + gs_uninstall --delete-data + ``` + + Alternatively, locally uninstall each node of the openGauss. + + ``` + gs_uninstall --delete-data -L + ``` + + +**Examples** + +Execute the **gs\_uninstall** script to uninstall the openGauss. + +``` +gs_uninstall --delete-data +Checking uninstallation. +Successfully checked uninstallation. +Stopping the cluster. +Successfully stopped the cluster. +Successfully deleted instances. +Uninstalling application. +Successfully uninstalled application. +Uninstallation succeeded. +``` + +Execute the **gs\_uninstall** script to perform single-node uninstallation. + +``` +gs_uninstall --delete-data +Checking uninstallation. +Successfully checked uninstallation. +Stopping the cluster. +Successfully stopped the cluster. +Successfully deleted instances. +Uninstalling application. +Successfully uninstalled application. +Uninstallation succeeded. +``` + +**Troubleshooting** + +If the uninstallation fails, locate faults by following the log information provided in the _$GAUSSLOG_**/om/gs\_uninstall-**_YYYY_**-**_MM_**-**_DD_**\_**_HHMMSS_**.log** file. + +## Deleting Cluster Configurations + +After the openGauss is uninstalled, execute the **gs\_postuninstall** script to delete configurations from all servers in the openGauss if you do not need to re-deploy the openGauss using these configurations. These configurations are made by the **gs\_preinstall** script. + +**Prerequisites** + +- The openGauss uninstallation task has been successfully executed. +- User **root** is trustworthy and available. +- Only user **root** is authorized to run the **gs\_postuninstall** command. + +**Procedure** + +1. Log in to the openGauss server as user **root**. +2. Check whether the mutual trust has been established between the users **root**. If not, manually establish the mutual trust. For details, see [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md). + + Run the **ssh **_Host name_ command to check whether mutual trust has been successfully established. Then, enter **exit**. + + ``` + plat1:~ # ssh plat2 + Last login: Tue Jan 5 10:28:18 2016 from plat1 + Huawei's internal systems must only be used for conducting Huawei's business or for purposes authorized by Huawei management.Use is subject to audit at any time by Huawei management. + plat2:~ # exit + logout + Connection to plat2 closed. + plat1:~ # + ``` + +3. Go to the following path: + + ``` + cd /opt/software/openGauss/script + ``` + +4. Run the **gs\_postuninstall** command to clear the environment. If the cluster is installed in environment variable separation mode, run the **source** command to obtain the environment variable separation file **ENVFILE**. + + ``` + ./gs_postuninstall -U omm -X /opt/software/openGauss/cluster_config.xml --delete-user --delete-group + ``` + + Alternatively, locally use the **gs\_postuninstall** tool to clear each openGauss node. + + ``` + ./gs_postuninstall -U omm -X /opt/software/openGauss/cluster_config.xml --delete-user --delete-group -L + ``` + + **omm** is the name of the OS user who runs the openGauss, and the path of the openGauss configuration file is **/opt/software/openGauss/cluster\_config.xml**. + + If the cluster is installed in environment variable separation mode, delete the environment variable separation parameter **ENV** obtained by running the **source** command. + + unset MPPDB\_ENV\_SEPARATE\_PATH + +5. Delete the mutual trust between the users **root** on each openGauss database node. For details, see [Establishing Mutual Trust Manually](establishing-mutual-trust-manually.md). + +**Examples** + +Clear the host environment. + +``` +gs_postuninstall -U omm -X /opt/software/openGauss/cluster_config.xml --delete-user +Parsing the configuration file. +Successfully parsed the configuration file. +Check log file path. +Successfully checked log file path. +Checking unpreinstallation. +Successfully checked unpreinstallation. +Deleting Cgroup. +Successfully deleted Cgroup. +Deleting the instance's directory. +Successfully deleted the instance's directory. +Deleting the installation directory. +Successfully deleted the installation directory. +Deleting the temporary directory. +Successfully deleted the temporary directory. +Deleting remote OS user. +Successfully deleted remote OS user. +Deleting software packages and environmental variables of other nodes. +Successfully deleted software packages and environmental variables of other nodes. +Deleting logs of other nodes. +Successfully deleted logs of other nodes. +Deleting software packages and environmental variables of the local node. +Successfully deleted software packages and environmental variables of the local nodes. +Deleting local OS user. +Successfully deleted local OS user. +Deleting local node's logs. +Successfully deleted local node's logs. +Successfully cleaned environment. +``` + +**Troubleshooting** + +If the configuration deletion fails, locate faults by following the log information provided in the _$GAUSSLOG_**/om/gs\_postuninstall-**_YYYY_**-**_MM_**-**_DD_**\_**_HHMMSS_**.log** file. + diff --git a/content/en/docs/installation/verifying-the-installation.md b/content/en/docs/installation/verifying-the-installation.md index 162406cae14f55c350e4a29e4575b2f46bc3c261..593cd8851dca7227af233f3b8e9d7086106b143b 100644 --- a/content/en/docs/installation/verifying-the-installation.md +++ b/content/en/docs/installation/verifying-the-installation.md @@ -1,5 +1,61 @@ -# Verifying the Installation - -- **[Checking the Health Status](checking-the-health-status.md)** - - +# Verifying the Installation + +Use the **gs\_checkos** tool provided by openGauss to check the OS status. + +## Prerequisites + +- The hardware and network are working properly. +- The trust relationship of user **root** among the hosts is normal. +- Only user **root** is authorized to run the **gs\_checkos** command. + +## Procedure + +1. Log in to a server as user **root**. +2. Run the following command to check OS parameters of servers where the openGauss nodes are deployed: + + ``` + gs_checkos -i A + ``` + + Check the OS parameters to ensure that the openGauss has passed the pre-installation check and can efficiently operate after it is installed. For details about the check items, see "gs\_checkos" in the _Tool Reference_. + + +## Examples + +Before running the **gs\_checkos** command, execute the **gs\_preinstall** script to prepare the environment. The following uses parameter **A** as an example: + +``` +gs_checkos -i A +Checking items: + A1. [ OS version status ] : Normal + A2. [ Kernel version status ] : Normal + A3. [ Unicode status ] : Normal + A4. [ Time zone status ] : Normal + A5. [ Swap memory status ] : Normal + A6. [ System control parameters status ] : Normal + A7. [ File system configuration status ] : Normal + A8. [ Disk configuration status ] : Normal + A9. [ Pre-read block size status ] : Normal + A10.[ IO scheduler status ] : Normal + A11.[ Network card configuration status ] : Normal + A12.[ Time consistency status ] : Warning + A13.[ Firewall service status ] : Normal + A14.[ THP service status ] : Normal +Total numbers:14. Abnormal numbers:0. Warning number:1. +``` + +The following uses parameter **B** as an example: + +``` +gs_checkos -i B +Setting items: + B1. [ Set system control parameters ] : Normal + B2. [ Set file system configuration value ] : Normal + B3. [ Set pre-read block size value ] : Normal + B4. [ Set IO scheduler value ] : Normal + B5. [ Set network card configuration value ] : Normal + B6. [ Set THP service ] : Normal + B7. [ Set RemoveIPC value ] : Normal +Total numbers:6. Abnormal numbers:0. Warning number:0. +``` + diff --git a/content/en/menu/index.md b/content/en/menu/index.md index e9d63005f453e6825c916cbd26da3d90c855296f..12189e142bbe51cab9464823a862f6611c796deb 100644 --- a/content/en/menu/index.md +++ b/content/en/menu/index.md @@ -48,17 +48,18 @@ headless: true - [Installation Process]({{< relref "./docs/Quickstart/installation-process.md" >}}) - [Obtaining and Verifying an Installation Package]({{< relref "./docs/Quickstart/obtaining-and-verifying-an-installation-package.md" >}}) - [Preparing the Software and Hardware Installation Environment]({{< relref "./docs/Quickstart/preparing-the-software-and-hardware-installation-environment.md" >}}) - - [Installation User and User Group]({{< relref "./docs/Quickstart/installation-user-and-user-group.md" >}}) - - [Installing the openGauss]({{< relref "./docs/Quickstart/installing-the-opengauss.md" >}}) - - [Creating an XML Configuration File]({{< relref "./docs/Quickstart/creating-an-xml-configuration-file.md" >}}) - - [Initializing the Installation Environment]({{< relref "./docs/Quickstart/initializing-the-installation-environment.md" >}}) - - [Creating the Required User Account and Configuring the Installation Environment]({{< relref "./docs/Quickstart/creating-the-required-user-account-and-configuring-the-installation-environment.md" >}}) - - [Establishing Mutual Trust Manually]({{< relref "./docs/Quickstart/establishing-mutual-trust-manually.md" >}}) - - [Configuring OS Parameters]({{< relref "./docs/Quickstart/configuring-os-parameters.md" >}}) - - [Executing Installation]({{< relref "./docs/Quickstart/executing-installation.md" >}}) - - [Initializing the Database]({{< relref "./docs/Quickstart/initializing-the-database.md" >}}) - - [\(Optional\) Setting the Standby Node to Readable]({{< relref "./docs/Quickstart/optional-setting-the-standby-node-to-readable.md" >}}) - - [Verifying the Installation]({{< relref "./docs/Quickstart/verifying-the-installation.md" >}}) + - [Installation User and User Group]({{< relref "./docs/Quickstart/installation-user-and-user-group.md" >}}) + - [Preparing for Installation]({{< relref "./docs/Installation/preparing-for-installation.md" >}}) + - [Installation Process]({{< relref "./docs/Installation/installation-process.md" >}}) + - [Obtaining and Verifying an Installation Package]({{< relref "./docs/Installation/obtaining-and-verifying-an-installation-package.md" >}}) + - [Preparing the Software and Hardware Installation Environment]({{< relref "./docs/Installation/preparing-the-software-and-hardware-installation-environment.md" >}}) + - [Installation User and User Group]({{< relref "./docs/Installation/installation-user-and-user-group.md" >}}) + - [Installing the openGauss]({{< relref "./docs/Installation/installing-the-opengauss.md" >}}) + - [Creating an XML Configuration File]({{< relref "./docs/Quickstart/creating-an-xml-configuration-file.md" >}}) + - [Initializing the Installation Environment]({{< relref "./docs/Installation/initializing-the-installation-environment.md" >}}) + - [Executing Installation]({{< relref "./docs/Installation/executing-installation.md" >}}) + - [\(Optional\) Setting the Standby Node to Readable]({{< relref "./docs/Installation/(optional)-setting-the-standby-node-to-readable.md" >}}) + - [Verifying the Installation]({{< relref "./docs/Installation/verifying-the-installation.md" >}}) - [Using openGauss]({{< relref "./docs/Quickstart/using-opengauss.md" >}}) - [Configuring openGauss Parameters]({{< relref "./docs/Quickstart/configuring-opengauss-parameters.md" >}}) - [Using the gsql Client for Connection]({{< relref "./docs/Quickstart/using-the-gsql-client-for-connection.md" >}}) @@ -137,77 +138,23 @@ headless: true - [Installation Process]({{< relref "./docs/Installation/installation-process.md" >}}) - [Obtaining and Verifying an Installation Package]({{< relref "./docs/Installation/obtaining-and-verifying-an-installation-package.md" >}}) - [Preparing the Software and Hardware Installation Environment]({{< relref "./docs/Installation/preparing-the-software-and-hardware-installation-environment.md" >}}) - - [Software and Hardware Requirements]({{< relref "./docs/Installation/software-and-hardware-requirements.md" >}}) - - [Modifying OS Configuration]({{< relref "./docs/Installation/modifying-os-configuration.md" >}}) - - [Disabling the OS Firewall]({{< relref "./docs/Installation/disabling-the-os-firewall.md" >}}) - - [Setting Character Set Parameters]({{< relref "./docs/Installation/setting-character-set-parameters.md" >}}) - - [Setting the Time Zone and Time]({{< relref "./docs/Installation/setting-the-time-zone-and-time.md" >}}) - - [Disabling the Swap Memory]({{< relref "./docs/Installation/disabling-the-swap-memory.md" >}}) - - [Setting the NIC MTU]({{< relref "./docs/Installation/setting-the-nic-mtu.md" >}}) - - [Setting Remote Login of User root]({{< relref "./docs/Installation/setting-remote-login-of-user-root.md" >}}) - [Installation User and User Group]({{< relref "./docs/Installation/installation-user-and-user-group.md" >}}) - [Installing the openGauss]({{< relref "./docs/Installation/installing-the-opengauss.md" >}}) - - [Creating a Configuration File]({{< relref "./docs/Installation/creating-a-configuration-file.md" >}}) - - [Configuring the Database Name and Directories]({{< relref "./docs/Installation/configuring-the-database-name-and-directories.md" >}}) - - [Configuring the Basic Host Information]({{< relref "./docs/Installation/configuring-the-basic-host-information.md" >}}) - - [Configuring Primary Database Node Information]({{< relref "./docs/Installation/configuring-primary-database-node-information.md" >}}) - - [Examples]({{< relref "./docs/Installation/examples.md" >}}) - - [Configuration File for Single-Instance Deployment]({{< relref "./docs/Installation/configuration-file-for-single-instance-deployment.md" >}}) - - [Configuration File for Primary/Secondary Deployment ]({{< relref "./docs/Installation/configuration-file-for-primary-secondary-deployment.md" >}}) + - [Creating a Configuration File]({{< relref "./docs/Installation/creating-an-xml-configuration-file.md" >}}) - [Initializing the Installation Environment]({{< relref "./docs/Installation/initializing-the-installation-environment.md" >}}) - - [Creating the Required User Account and Configuring the Installation Environment]({{< relref "./docs/Installation/creating-the-required-user-account-and-configuring-the-installation-environment.md" >}}) - - [Establishing Mutual Trust Manually]({{< relref "./docs/Installation/establishing-mutual-trust-manually.md" >}}) - - [Configuring OS Parameters]({{< relref "./docs/Installation/configuring-os-parameters.md" >}}) - [Executing Installation]({{< relref "./docs/Installation/executing-installation.md" >}}) - [\(Optional\) Setting the Standby Node to Readable]({{< relref "./docs/Installation/(optional)-setting-the-standby-node-to-readable.md" >}}) - [Verifying the Installation]({{< relref "./docs/Installation/verifying-the-installation.md" >}}) - - [Checking the Health Status]({{< relref "./docs/Installation/checking-the-health-status.md" >}}) - - [Initial Configuration]({{< relref "./docs/Installation/initial-configuration.md" >}}) - - [Configuring the Locale and Character Set]({{< relref "./docs/Installation/configuring-the-locale-and-character-set.md" >}}) - [Uninstalling the openGauss]({{< relref "./docs/Installation/uninstalling-the-opengauss.md" >}}) - - [Executing Uninstallation]({{< relref "./docs/Installation/executing-uninstallation.md" >}}) - - [Deleting Cluster Configurations]({{< relref "./docs/Installation/deleting-cluster-configurations.md" >}}) - [Administrator Guide]({{< relref "./docs/Administratorguide/Administratorguide.md" >}}) - [Starting and Stopping openGauss]({{< relref "./docs/Administratorguide/starting-and-stopping-opengauss.md" >}}) - [Querying Status]({{< relref "./docs/Administratorguide/querying-status.md" >}}) - [Generating Configuration Files]({{< relref "./docs/Administratorguide/generating-configuration-files.md" >}}) - [Routine Maintenance]({{< relref "./docs/Administratorguide/routine-maintenance.md" >}}) - - [Routine Maintenance Check Items]({{< relref "./docs/Administratorguide/routine-maintenance-check-items.md" >}}) - - [Checking OS Parameters]({{< relref "./docs/Administratorguide/checking-os-parameters.md" >}}) - - [Check Method]({{< relref "./docs/Administratorguide/check-method.md" >}}) - - [Exception Handling]({{< relref "./docs/Administratorguide/exception-handling.md" >}}) - - [Checking openGauss Health Status]({{< relref "./docs/Administratorguide/checking-opengauss-health-status.md" >}}) - - [Check Method]({{< relref "./docs/Administratorguide/check-method-0.md" >}}) - - [Exception Handling]({{< relref "./docs/Administratorguide/exception-handling-1.md" >}}) - - [Checking Database Performance]({{< relref "./docs/Administratorguide/checking-database-performance.md" >}}) - - [Check Method]({{< relref "./docs/Administratorguide/check-method-2.md" >}}) - - [Exception Handling]({{< relref "./docs/Administratorguide/exception-handling-3.md" >}}) - - [Checking and Deleting Logs]({{< relref "./docs/Administratorguide/checking-and-deleting-logs.md" >}}) - - [Checking OS Logs]({{< relref "./docs/Administratorguide/checking-os-logs.md" >}}) - - [Checking openGauss Run Logs]({{< relref "./docs/Administratorguide/checking-opengauss-run-logs.md" >}}) - - [Cleaning Run Logs]({{< relref "./docs/Administratorguide/cleaning-run-logs.md" >}}) - - [Checking Time Consistency]({{< relref "./docs/Administratorguide/checking-time-consistency.md" >}}) - - [Checking the Number of Application Connections]({{< relref "./docs/Administratorguide/checking-the-number-of-application-connections.md" >}}) - - [Routinely Maintaining Tables]({{< relref "./docs/Administratorguide/routinely-maintaining-tables.md" >}}) - - [Routinely Recreating an Index]({{< relref "./docs/Administratorguide/routinely-recreating-an-index.md" >}}) - - [Data Security Maintenance Suggestions]({{< relref "./docs/Administratorguide/data-security-maintenance-suggestions.md" >}}) - [Backup and Restoration]({{< relref "./docs/Administratorguide/backup-and-restoration.md" >}}) - - [Overview]({{< relref "./docs/Administratorguide/overview.md" >}}) - - [Physical Backup and Restoration]({{< relref "./docs/Administratorguide/physical-backup-and-restoration.md" >}}) - - [gs\_basebackup]({{< relref "./docs/Administratorguide/gs_basebackup.md" >}}) - - [Logical Backup and Restoration]({{< relref "./docs/Administratorguide/logical-backup-and-restoration.md" >}}) - - [gs\_dump]({{< relref "./docs/Administratorguide/gs_dump.md" >}}) - - [gs\_dumpall]({{< relref "./docs/Administratorguide/gs_dumpall.md" >}}) - - [gs\_restore]({{< relref "./docs/Administratorguide/gs_restore.md" >}}) - [Risky Operations]({{< relref "./docs/Administratorguide/risky-operations.md" >}}) - [Log Reference]({{< relref "./docs/Administratorguide/log-reference.md" >}}) - - [Log Overview]({{< relref "./docs/Administratorguide/log-overview.md" >}}) - - [System Logs]({{< relref "./docs/Administratorguide/system-logs.md" >}}) - - [Operation Logs]({{< relref "./docs/Administratorguide/operation-logs.md" >}}) - - [Audit Logs]({{< relref "./docs/Administratorguide/audit-logs.md" >}}) - - [WALs]({{< relref "./docs/Administratorguide/wals.md" >}}) - - [Performance Logs]({{< relref "./docs/Administratorguide/performance-logs.md" >}}) - [Developer Guide]({{< relref "./docs/Developerguide/Developerguide.md" >}}) - [Overview]({{< relref "./docs/Developerguide/overview-60.md" >}})