目錄
rsync nfs 實時同步,實戰
一、部署rsync服務端(backup)
1)安裝rsync
[root@backup ~]# yum install -y rsync
2)配置rsync
[root@backup ~]# vim /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
[nfs]
comment = welcome to oldboyedu backup!
path = /data
3)創建系統用戶(www),為了和web nfs統一
[root@backup ~]# groupadd www -g 666
[root@backup ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
4)創建虛擬的認證用戶和密碼文件並授權
[root@backup ~]# echo 'rsync_backup:123' > /etc/rsync.passwd
[root@backup ~]# chmod 600 /etc/rsync.passwd
5)創建目錄
[root@backup ~]# mkdir /backup /data
[root@backup ~]# chown -R www.www /backup/ /data/
#檢查
[root@backup ~]# ll -d /backup/ /data/
drwxr-xr-x 2 www www 6 Aug 7 16:56 /backup/
drwxr-xr-x 2 www www 6 Aug 7 16:56 /data/
6)啟動rsync服務並加入開機自啟
[root@backup ~]# systemctl start rsyncd
[root@backup ~]# systemctl enable rsyncd
二、部署rsync客戶端(nfs,web01)
1)安裝rsync
[root@nfs ~]# yum install -y rsync
[root@web01 ~]# yum install -y rsync
2)免密碼方式
#方式一:
[root@nfs ~]# echo '123' > /etc/rsync.pass
[root@nfs ~]# chmod 600 /etc/rsync.pass
[root@web01 ~]# echo '123' > /etc/rsync.pass
[root@web01 ~]# chmod 600 /etc/rsync.pass
[root@nfs ~]# rsync -avz /etc/passwd rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.pass
#方式二(推薦):
[root@nfs ~]# export RSYNC_PASSWORD=123
[root@web01 ~]# export RSYNC_PASSWORD=123
[root@nfs ~]# rsync -avz /etc/passwd rsync_backup@172.16.1.41::backup
三、部署web代碼(web01)
1)安裝httpd和php
[root@web01 ~]# yum install -y httpd php
2)創建用戶
[root@web01 ~]# groupadd www -g 666
[root@web01 ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
創建目錄
[root@web01 ~]# mkdir /data
[root@web01 ~]# chown -R www.www /data/
3)修改配置文件
[root@web01 ~]# vim /etc/httpd/conf/httpd.conf
User www
Group www
4)啟動httpd並加入開機自啟
[root@web01 ~]# systemctl start httpd
[root@web01 ~]# systemctl enable httpd
#檢查
[root@web01 ~]# netstat -lntup|grep 80
tcp6 0 0 :::80 :::* LISTEN 10427/httpd
#檢查啟動用戶
[root@web01 ~]# ps -ef|grep httpd
root 10427 1 0 17:09 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10428 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10429 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10430 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10431 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10432 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5)部署代碼,將代碼上傳至httpd的站點目錄
#查找站點目錄
[root@web01 ~]# rpm -ql httpd|grep html
/var/www/html
#進入站點目錄,上傳代碼
[root@web01 ~]# cd /var/www/html/
[root@web01 html]# rz windows-提交作業代碼.zip
#安裝unzip
[root@web01 html]# yum install -y unzip
#解壓代碼
[root@web01 html]# unzip windows-提交作業代碼.zip
Archive: windows-提交作業代碼.zip
inflating: 1.png
inflating: 2.png
inflating: 3.png
inflating: bg.jpg
inflating: index.html
inflating: info.php
inflating: upload_file.php
#授權
[root@web01 html]# chown -R www.www /var/www/html/
#修改用戶上傳文件的目錄
[root@web01 html]# vim upload_file.php
$wen="/var/www/html/upload";
打開瀏覽器訪問:提交作業
四、NFS服務端部署(nfs)
1)安裝nfs和rpcbind
[root@nfs ~]# yum install -y nfs-utils rpcbind
2)配置nfs
[root@nfs ~]# vim /etc/exports
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
3)創建www用戶(uid和gid是666的用戶)
[root@nfs ~]# groupadd www -g 666
[root@nfs ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
4)創建共享目錄/data並授權
[root@nfs ~]# mkdir /data
[root@nfs ~]# chown -R www.www /data/
5)啟動服務並加入開機自啟
[root@nfs ~]# systemctl start rpcbind nfs-server
[root@nfs ~]# systemctl enable rpcbind nfs-server
6)檢查nfs
#檢查文件
[root@nfs ~]# cat /var/lib/nfs/etab
/data 172.16.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=666,anongid=666,sec=sys,rw,secure,root_squash,all_squash)
#檢查端口
[root@nfs ~]# netstat -lntup|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp6 0 0 :::111 :::* LISTEN 1/systemd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp6 0 0 :::111 :::* 1/systemd
#檢查進程
[root@nfs ~]# ps -ef|grep -E '(nfs|rpcbind)'
rpc 8081 1 0 17:27 ? 00:00:00 /sbin/rpcbind -w
root 8140 2 0 17:27 ? 00:00:00 [nfsd4_callbacks]
root 8146 2 0 17:27 ? 00:00:00 [nfsd]
root 8147 2 0 17:27 ? 00:00:00 [nfsd]
root 8148 2 0 17:27 ? 00:00:00 [nfsd]
root 8149 2 0 17:27 ? 00:00:00 [nfsd]
root 8150 2 0 17:27 ? 00:00:00 [nfsd]
root 8151 2 0 17:27 ? 00:00:00 [nfsd]
root 8152 2 0 17:27 ? 00:00:00 [nfsd]
root 8153 2 0 17:27 ? 00:00:00 [nfsd]
五、部署nfs備胎服務端(nfs)
1)安裝nfs和rpcbind
[root@nfs ~]# yum install -y nfs-utils rpcbind
2)配置nfs
[root@nfs ~]# vim /etc/exports
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
3)啟動服務並加入開機自啟
[root@nfs ~]# systemctl start rpcbind nfs-server
[root@nfs ~]# systemctl enable rpcbind nfs-server
4)檢查nfs
#檢查文件
[root@nfs ~]# cat /var/lib/nfs/etab
/data 172.16.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=666,anongid=666,sec=sys,rw,secure,root_squash,all_squash)
#檢查端口
[root@nfs ~]# netstat -lntup|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp6 0 0 :::111 :::* LISTEN 1/systemd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp6 0 0 :::111 :::* 1/systemd
#檢查進程
[root@nfs ~]# ps -ef|grep -E '(nfs|rpcbind)'
rpc 8081 1 0 17:27 ? 00:00:00 /sbin/rpcbind -w
root 8140 2 0 17:27 ? 00:00:00 [nfsd4_callbacks]
root 8146 2 0 17:27 ? 00:00:00 [nfsd]
root 8147 2 0 17:27 ? 00:00:00 [nfsd]
root 8148 2 0 17:27 ? 00:00:00 [nfsd]
root 8149 2 0 17:27 ? 00:00:00 [nfsd]
root 8150 2 0 17:27 ? 00:00:00 [nfsd]
root 8151 2 0 17:27 ? 00:00:00 [nfsd]
root 8152 2 0 17:27 ? 00:00:00 [nfsd]
root 8153 2 0 17:27 ? 00:00:00 [nfsd]
六、部署nfs的客戶端web01(web01)
1)安裝nfs和rpcbind
[root@web01 ~]# yum install -y nfs-utils rpcbind
2)只啟動rpcbind
[root@web01 ~]# systemctl start rpcbind
[root@web01 ~]# systemctl enable rpcbind
3)查看可掛載點
[root@web01 ~]# showmount -e 172.16.1.31
Export list for 172.16.1.31:
/data 172.16.1.0/24
[root@web01 ~]# showmount -e 172.16.1.41
Export list for 172.16.1.41:
/data 172.16.1.0/24
4)掛載前,要保證數據一致
[root@web01 ~]# scp -r /var/www/html/upload/ 172.16.1.31:/data (輸入的是root的密碼)
[root@nfs ~]# chown -R www.www /data/
5)掛載nfs的服務端
[root@web01 ~]# mount -t nfs 172.16.1.31:/data /var/www/html/upload
七、backup實時同步nfs的data目錄
編輯腳本
[root@nfs ~]# vim rsync.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
export RSYNC_PASSWORD=123
mkdir -p ${BD}/${S}
tar zcf /backup/${S}/conf.tar.gz /etc/passwd &>/dev/null
md5sum /backup/${S}/conf.tar.gz > /backup/res1.txt
find ${BD} -type d -mtime +7|xargs rm -fr
~
[root@web01 ~]# vim rsync.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
export RSYNC_PASSWORD=123
mkdir -p ${BD}/${S}
tar zcf /backup/${S}/conf.tar.gz /etc/passwd &>/dev/null
md5sum /backup/${S}/conf.tar.gz > /backup/res2.txt
find ${BD} -type d -mtime +7|xargs rm -fr
八、定時任務並發郵件
1.服務端部署rsync,用於接收客戶端推送過來的備份數據
2.服務端需要每天校驗客戶端推送過來的數據是否完整
3.服務端需要每天校驗的結果通知給管理員
[root@backup ~]# yum install -y mailx
#安裝mailx
yum install -y mailx
#配置mail.rc
vim /etc/mail.rc
Shift + g
set from=861962063@qq.com
set smtp=smtps://smtp.qq.com:465
set smtp-auth-user=861962063@qq.com
set smtp-auth-passwordyfwapjxcfwnobfhh
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/
4.服務端僅保留6個月的備份數據,其余的全部刪除 check_md5.sh
[root@backup ~]# vim check_md5.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
md5sum -c /backup/res*.txt|mail -s "${D}:校驗結果" 861962063@qq.com
find ${BD} -type d -mtime +180|xargs rm -fr
~
編寫定時任務:crontab -e
[root@backup ~]# crontab -l
#校驗結果 by:gjy at:20190807
01 00 * * * /bin/sh /root/check_md5.sh &>/dev/null
編輯定時任務
[root@web01 ~]# crontab -e
#每天凌晨備份重要數據 By:gjy At:2019-08-07
00 00* * * /bin/sh /root/rsync.sh &>/dev/null
執行腳本
九、NFS服務端部署sersync實時同步(nfs)
1)安裝sersync需要依賴rsync和inotify
[root@nfs ~]# yum install -y rsync inotify-tools
2)下載sersync
[root@nfs ~]# wget https://raw.githubusercontent.com/wsgzao/sersync/master/sersync2.5.4_64bit_binary_stable_final.tar.gz
3)部署sersync
源碼包:解壓 生成 編譯 安裝
解壓:
[root@nfs ~]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
4)移動並改名
[root@nfs ~]# mv GNU-Linux-x86 /usr/local/sersync
5)編輯配置文件
[root@nfs ~]# vim /usr/local/sersync/confxml.xml
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
-----------------------------------------------------------------------------------------
<sersync>
#監控的目錄,改成/data
<localpath watch="/opt/tongbu">
#推送的IP(backup服務的IP)172.16.1.41 ,name是模塊名
<remote ip="127.0.0.1" name="tongbu1"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
#執行rsync的參數改成 -az
<commonParams params="-artuz"/>
#虛擬用戶的用戶名和密碼文件,開啟認證start=true rsync_backup /etc/rsync.pass
<auth start="false" users="root" passwordfile="/etc/rsync.pas"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
#設置超時時間
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
#完整配置文件
[root@nfs ~]# cat /usr/local/sersync/confxml.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="nfs"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
6)創建虛擬用戶的密碼文件,並授權
[root@nfs sersync]# echo '123' > /etc/rsync.pass
[root@nfs sersync]# chmod 600 /etc/rsync.pass
7)查看幫助
[root@nfs sersync]# /usr/local/sersync/sersync2 -h
set the system param
execute:echo 50000000 > /proc/sys/fs/inotify/max_user_watches
execute:echo 327679 > /proc/sys/fs/inotify/max_queued_events
parse the command param
_______________________________________________________
參數-d:啟用守護進程模式
參數-r:在監控前,將監控目錄與遠程主機用rsync命令推送一遍
c參數-n: 指定開啟守護線程的數量,默認為10個
參數-o:指定配置文件,默認使用confxml.xml文件
參數-m:單獨啟用其他模塊,使用 -m refreshCDN 開啟刷新CDN模塊
參數-m:單獨啟用其他模塊,使用 -m socket 開啟socket模塊
參數-m:單獨啟用其他模塊,使用 -m http 開啟http模塊
不加-m參數,則默認執行同步程序
________________________________________________________________
8)啟動sersync
[root@nfs data]# /usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml
十、切換備胎backup(web01)
單點故障
1)編寫腳本
[root@web01 ~]# vim nfs.sh
#!/bin/bash
check_nfs=`df -h|grep '/var/www/html/upload'|wc -l`
if [ $check_nfs -eq 0 ];then
showmount -e 172.16.1.31 &>/dev/null
if [ $? -eq 0 ];then
mount -t nfs 172.16.1.31:/data /var/www/html/upload
else
mount -t nfs 172.16.1.41:/data /var/www/html/upload
fi
fi
2). 查詢當前掛載
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.4G 18G 8% /
devtmpfs 476M 0 476M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda1 497M 120M 378M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
172.16.1.31:/data 19G 1.4G 18G 8% /var/www/html/upload
3)先卸載當前掛載
[root@web01 ~]# umount /var/www/html/upload
4)關閉172.16.31 的nfs-server服務
[root@nfs data]# systemctl stop nfs-server
5)開啟172.16.41 的nfs-server服務
[root@backup ~]# systemctl start nfs-server
6)執行腳本並查看掛載
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.4G 18G 8% /
devtmpfs 476M 0 476M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda1 497M 120M 378M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
172.16.1.41:/data 19G 1.4G 18G 8% /var/www/html/upload