目录
rsync nfs 实时同步,实战
一、部署rsync服务端(backup)
1)安装rsync
[root@backup ~]# yum install -y rsync
2)配置rsync
[root@backup ~]# vim /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
[nfs]
comment = welcome to oldboyedu backup!
path = /data
3)创建系统用户(www),为了和web nfs统一
[root@backup ~]# groupadd www -g 666
[root@backup ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
4)创建虚拟的认证用户和密码文件并授权
[root@backup ~]# echo 'rsync_backup:123' > /etc/rsync.passwd
[root@backup ~]# chmod 600 /etc/rsync.passwd
5)创建目录
[root@backup ~]# mkdir /backup /data
[root@backup ~]# chown -R www.www /backup/ /data/
#检查
[root@backup ~]# ll -d /backup/ /data/
drwxr-xr-x 2 www www 6 Aug 7 16:56 /backup/
drwxr-xr-x 2 www www 6 Aug 7 16:56 /data/
6)启动rsync服务并加入开机自启
[root@backup ~]# systemctl start rsyncd
[root@backup ~]# systemctl enable rsyncd
二、部署rsync客户端(nfs,web01)
1)安装rsync
[root@nfs ~]# yum install -y rsync
[root@web01 ~]# yum install -y rsync
2)免密码方式
#方式一:
[root@nfs ~]# echo '123' > /etc/rsync.pass
[root@nfs ~]# chmod 600 /etc/rsync.pass
[root@web01 ~]# echo '123' > /etc/rsync.pass
[root@web01 ~]# chmod 600 /etc/rsync.pass
[root@nfs ~]# rsync -avz /etc/passwd rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.pass
#方式二(推荐):
[root@nfs ~]# export RSYNC_PASSWORD=123
[root@web01 ~]# export RSYNC_PASSWORD=123
[root@nfs ~]# rsync -avz /etc/passwd rsync_backup@172.16.1.41::backup
三、部署web代码(web01)
1)安装httpd和php
[root@web01 ~]# yum install -y httpd php
2)创建用户
[root@web01 ~]# groupadd www -g 666
[root@web01 ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
创建目录
[root@web01 ~]# mkdir /data
[root@web01 ~]# chown -R www.www /data/
3)修改配置文件
[root@web01 ~]# vim /etc/httpd/conf/httpd.conf
User www
Group www
4)启动httpd并加入开机自启
[root@web01 ~]# systemctl start httpd
[root@web01 ~]# systemctl enable httpd
#检查
[root@web01 ~]# netstat -lntup|grep 80
tcp6 0 0 :::80 :::* LISTEN 10427/httpd
#检查启动用户
[root@web01 ~]# ps -ef|grep httpd
root 10427 1 0 17:09 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10428 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10429 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10430 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10431 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10432 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5)部署代码,将代码上传至httpd的站点目录
#查找站点目录
[root@web01 ~]# rpm -ql httpd|grep html
/var/www/html
#进入站点目录,上传代码
[root@web01 ~]# cd /var/www/html/
[root@web01 html]# rz windows-提交作业代码.zip
#安装unzip
[root@web01 html]# yum install -y unzip
#解压代码
[root@web01 html]# unzip windows-提交作业代码.zip
Archive: windows-提交作业代码.zip
inflating: 1.png
inflating: 2.png
inflating: 3.png
inflating: bg.jpg
inflating: index.html
inflating: info.php
inflating: upload_file.php
#授权
[root@web01 html]# chown -R www.www /var/www/html/
#修改用户上传文件的目录
[root@web01 html]# vim upload_file.php
$wen="/var/www/html/upload";
打开浏览器访问:提交作业
四、NFS服务端部署(nfs)
1)安装nfs和rpcbind
[root@nfs ~]# yum install -y nfs-utils rpcbind
2)配置nfs
[root@nfs ~]# vim /etc/exports
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
3)创建www用户(uid和gid是666的用户)
[root@nfs ~]# groupadd www -g 666
[root@nfs ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
4)创建共享目录/data并授权
[root@nfs ~]# mkdir /data
[root@nfs ~]# chown -R www.www /data/
5)启动服务并加入开机自启
[root@nfs ~]# systemctl start rpcbind nfs-server
[root@nfs ~]# systemctl enable rpcbind nfs-server
6)检查nfs
#检查文件
[root@nfs ~]# cat /var/lib/nfs/etab
/data 172.16.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=666,anongid=666,sec=sys,rw,secure,root_squash,all_squash)
#检查端口
[root@nfs ~]# netstat -lntup|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp6 0 0 :::111 :::* LISTEN 1/systemd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp6 0 0 :::111 :::* 1/systemd
#检查进程
[root@nfs ~]# ps -ef|grep -E '(nfs|rpcbind)'
rpc 8081 1 0 17:27 ? 00:00:00 /sbin/rpcbind -w
root 8140 2 0 17:27 ? 00:00:00 [nfsd4_callbacks]
root 8146 2 0 17:27 ? 00:00:00 [nfsd]
root 8147 2 0 17:27 ? 00:00:00 [nfsd]
root 8148 2 0 17:27 ? 00:00:00 [nfsd]
root 8149 2 0 17:27 ? 00:00:00 [nfsd]
root 8150 2 0 17:27 ? 00:00:00 [nfsd]
root 8151 2 0 17:27 ? 00:00:00 [nfsd]
root 8152 2 0 17:27 ? 00:00:00 [nfsd]
root 8153 2 0 17:27 ? 00:00:00 [nfsd]
五、部署nfs备胎服务端(nfs)
1)安装nfs和rpcbind
[root@nfs ~]# yum install -y nfs-utils rpcbind
2)配置nfs
[root@nfs ~]# vim /etc/exports
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
3)启动服务并加入开机自启
[root@nfs ~]# systemctl start rpcbind nfs-server
[root@nfs ~]# systemctl enable rpcbind nfs-server
4)检查nfs
#检查文件
[root@nfs ~]# cat /var/lib/nfs/etab
/data 172.16.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=666,anongid=666,sec=sys,rw,secure,root_squash,all_squash)
#检查端口
[root@nfs ~]# netstat -lntup|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp6 0 0 :::111 :::* LISTEN 1/systemd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp6 0 0 :::111 :::* 1/systemd
#检查进程
[root@nfs ~]# ps -ef|grep -E '(nfs|rpcbind)'
rpc 8081 1 0 17:27 ? 00:00:00 /sbin/rpcbind -w
root 8140 2 0 17:27 ? 00:00:00 [nfsd4_callbacks]
root 8146 2 0 17:27 ? 00:00:00 [nfsd]
root 8147 2 0 17:27 ? 00:00:00 [nfsd]
root 8148 2 0 17:27 ? 00:00:00 [nfsd]
root 8149 2 0 17:27 ? 00:00:00 [nfsd]
root 8150 2 0 17:27 ? 00:00:00 [nfsd]
root 8151 2 0 17:27 ? 00:00:00 [nfsd]
root 8152 2 0 17:27 ? 00:00:00 [nfsd]
root 8153 2 0 17:27 ? 00:00:00 [nfsd]
六、部署nfs的客户端web01(web01)
1)安装nfs和rpcbind
[root@web01 ~]# yum install -y nfs-utils rpcbind
2)只启动rpcbind
[root@web01 ~]# systemctl start rpcbind
[root@web01 ~]# systemctl enable rpcbind
3)查看可挂载点
[root@web01 ~]# showmount -e 172.16.1.31
Export list for 172.16.1.31:
/data 172.16.1.0/24
[root@web01 ~]# showmount -e 172.16.1.41
Export list for 172.16.1.41:
/data 172.16.1.0/24
4)挂载前,要保证数据一致
[root@web01 ~]# scp -r /var/www/html/upload/ 172.16.1.31:/data (输入的是root的密码)
[root@nfs ~]# chown -R www.www /data/
5)挂载nfs的服务端
[root@web01 ~]# mount -t nfs 172.16.1.31:/data /var/www/html/upload
七、backup实时同步nfs的data目录
编辑脚本
[root@nfs ~]# vim rsync.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
export RSYNC_PASSWORD=123
mkdir -p ${BD}/${S}
tar zcf /backup/${S}/conf.tar.gz /etc/passwd &>/dev/null
md5sum /backup/${S}/conf.tar.gz > /backup/res1.txt
find ${BD} -type d -mtime +7|xargs rm -fr
~
[root@web01 ~]# vim rsync.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
export RSYNC_PASSWORD=123
mkdir -p ${BD}/${S}
tar zcf /backup/${S}/conf.tar.gz /etc/passwd &>/dev/null
md5sum /backup/${S}/conf.tar.gz > /backup/res2.txt
find ${BD} -type d -mtime +7|xargs rm -fr
八、定时任务并发邮件
1.服务端部署rsync,用于接收客户端推送过来的备份数据
2.服务端需要每天校验客户端推送过来的数据是否完整
3.服务端需要每天校验的结果通知给管理员
[root@backup ~]# yum install -y mailx
#安装mailx
yum install -y mailx
#配置mail.rc
vim /etc/mail.rc
Shift + g
set from=861962063@qq.com
set smtp=smtps://smtp.qq.com:465
set smtp-auth-user=861962063@qq.com
set smtp-auth-passwordyfwapjxcfwnobfhh
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/
4.服务端仅保留6个月的备份数据,其余的全部删除 check_md5.sh
[root@backup ~]# vim check_md5.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
md5sum -c /backup/res*.txt|mail -s "${D}:校验结果" 861962063@qq.com
find ${BD} -type d -mtime +180|xargs rm -fr
~
编写定时任务:crontab -e
[root@backup ~]# crontab -l
#校验结果 by:gjy at:20190807
01 00 * * * /bin/sh /root/check_md5.sh &>/dev/null
编辑定时任务
[root@web01 ~]# crontab -e
#每天凌晨备份重要数据 By:gjy At:2019-08-07
00 00* * * /bin/sh /root/rsync.sh &>/dev/null
执行脚本
九、NFS服务端部署sersync实时同步(nfs)
1)安装sersync需要依赖rsync
和inotify
[root@nfs ~]# yum install -y rsync inotify-tools
2)下载sersync
[root@nfs ~]# wget https://raw.githubusercontent.com/wsgzao/sersync/master/sersync2.5.4_64bit_binary_stable_final.tar.gz
3)部署sersync
源码包:解压 生成 编译 安装
解压:
[root@nfs ~]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
4)移动并改名
[root@nfs ~]# mv GNU-Linux-x86 /usr/local/sersync
5)编辑配置文件
[root@nfs ~]# vim /usr/local/sersync/confxml.xml
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
-----------------------------------------------------------------------------------------
<sersync>
#监控的目录,改成/data
<localpath watch="/opt/tongbu">
#推送的IP(backup服务的IP)172.16.1.41 ,name是模块名
<remote ip="127.0.0.1" name="tongbu1"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
#执行rsync的参数改成 -az
<commonParams params="-artuz"/>
#虚拟用户的用户名和密码文件,开启认证start=true rsync_backup /etc/rsync.pass
<auth start="false" users="root" passwordfile="/etc/rsync.pas"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
#设置超时时间
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
#完整配置文件
[root@nfs ~]# cat /usr/local/sersync/confxml.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*).svn"></exclude>
<exclude expression="(.*).gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="nfs"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*).php"/>
<include expression="(.*).sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
6)创建虚拟用户的密码文件,并授权
[root@nfs sersync]# echo '123' > /etc/rsync.pass
[root@nfs sersync]# chmod 600 /etc/rsync.pass
7)查看帮助
[root@nfs sersync]# /usr/local/sersync/sersync2 -h
set the system param
execute:echo 50000000 > /proc/sys/fs/inotify/max_user_watches
execute:echo 327679 > /proc/sys/fs/inotify/max_queued_events
parse the command param
_______________________________________________________
参数-d:启用守护进程模式
参数-r:在监控前,将监控目录与远程主机用rsync命令推送一遍
c参数-n: 指定开启守护线程的数量,默认为10个
参数-o:指定配置文件,默认使用confxml.xml文件
参数-m:单独启用其他模块,使用 -m refreshCDN 开启刷新CDN模块
参数-m:单独启用其他模块,使用 -m socket 开启socket模块
参数-m:单独启用其他模块,使用 -m http 开启http模块
不加-m参数,则默认执行同步程序
________________________________________________________________
8)启动sersync
[root@nfs data]# /usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml
十、切换备胎backup(web01)
单点故障
1)编写脚本
[root@web01 ~]# vim nfs.sh
#!/bin/bash
check_nfs=`df -h|grep '/var/www/html/upload'|wc -l`
if [ $check_nfs -eq 0 ];then
showmount -e 172.16.1.31 &>/dev/null
if [ $? -eq 0 ];then
mount -t nfs 172.16.1.31:/data /var/www/html/upload
else
mount -t nfs 172.16.1.41:/data /var/www/html/upload
fi
fi
2). 查询当前挂载
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.4G 18G 8% /
devtmpfs 476M 0 476M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda1 497M 120M 378M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
172.16.1.31:/data 19G 1.4G 18G 8% /var/www/html/upload
3)先卸载当前挂载
[root@web01 ~]# umount /var/www/html/upload
4)关闭172.16.31 的nfs-server服务
[root@nfs data]# systemctl stop nfs-server
5)开启172.16.41 的nfs-server服务
[root@backup ~]# systemctl start nfs-server
6)执行脚本并查看挂载
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.4G 18G 8% /
devtmpfs 476M 0 476M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda1 497M 120M 378M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
172.16.1.41:/data 19G 1.4G 18G 8% /var/www/html/upload