查看/var/log/secure日志发现rac节点之间相互有很多grid用户的ssh连接,类似
Aug 20 06:08:55 TEST-RAC-DB-02 sshd[51874]: Accepted publickey for grid from 192.168.1.123 port 38241 ssh2: RSA SHA256:xxxxxx
Aug 20 06:08:55 TEST-RAC-DB-02 sshd[51896]: Accepted publickey for grid from 192.168.1.123 port 38242 ssh2: RSA SHA256:xxxxxx
Aug 20 06:08:56 TEST-RAC-DB-02 sshd[51932]: Accepted publickey for grid from 192.168.1.123 port 38243 ssh2: RSA SHA256:xxxxxx
Aug 20 06:08:56 TEST-RAC-DB-02 sshd[51950]: Accepted publickey for grid from 192.168.1.123 port 38244 ssh2: RSA SHA256:xxxxxx
Aug 20 06:08:56 TEST-RAC-DB-02 sshd[51974]: Accepted publickey for grid from 192.168.1.123 port 38245 ssh2: RSA SHA256:xxxxxx
...印象中rac只在安装和安装补丁时需要用到ssh,好奇为啥平时也有这么多ssh连接
经过一番苦逼的搜索,找到了发起ssh连接的原因 —— ora.cvu resource每隔一段时间通过ssh对集群进行监控检查,这是oracle的预期行为,并非异常现象
Frequent sshd Login by Grid User in Cluster Nodes by ora.cvu Resource (文档 ID 1943147.1)
查看cvu日志,根据官方文档,日志文件默认在 $ORACLE_BASE/crsdata/host_name/cvu 目录,文件名为cvutrace.log.0
The CVU trace files are created in the ORACLE_BASE/crsdata/host_name/cvu directory by default. Oracle Database automatically rotates the log files and the most recently created log file has the name cvutrace.log.0. You should remove unwanted log files or archive them to reclaim disk place if needed.
日志中可以看到类似如下信息:
[Worker 1] [ 2017-07-21 18:17:00.677 CST ] [UnixSystem.dorunRemoteExecCmd:3397] Final unix SSH command: /usr/bin/ssh -o FallBackToRsh=no -o PasswordAuthentication=no -o StrictHostKeyChecking=yes -o NumberOfPasswordPrompts=0 TEST-RAC-DB-01 -n /tmp/CVU_12.1.0.2.0_grid/exectask.sh -getver
关于CVU资源详细信息,参考
https://docs.oracle.com/database/121/CWADD/GUID-405E2CE7-D8B0-4D72-8E53-741DB6A8E919.htm#CWADD91382
https://docs.oracle.com/cd/B28359_01/rac.111/b28255/cvu.htm#BEHGEAEH
