table of Contents
- rsync nfs real-time synchronization, combat
- First, the deployment rsync server (backup)
- Second, the deployment of rsync client (nfs, web01)
- Third, the deployment of web codes (web01)
- Four, NFS server deployment (nfs)
- Fifth, the deployment of a spare tire nfs server (nfs)
- Sixth, nfs customers deploy an end web01 (web01)
- Seven, backup real-time synchronization of data directory nfs
- Eight regular task complicated by Mail
- Nine, NFS server deployment sersync real-time synchronization (nfs)
- X. switching the spare backup (web01)
rsync nfs real-time synchronization, combat
First, the deployment rsync server (backup)
1) install rsync
[root@backup ~]# yum install -y rsync
2) Configuration rsync
[root@backup ~]# vim /etc/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
[nfs]
comment = welcome to oldboyedu backup!
path = /data
3) Create a system user (www), order and web nfs unity
[root@backup ~]# groupadd www -g 666
[root@backup ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
4) Create a virtual user authentication and authorization and password file
[root@backup ~]# echo 'rsync_backup:123' > /etc/rsync.passwd
[root@backup ~]# chmod 600 /etc/rsync.passwd
5) Create a directory
[root@backup ~]# mkdir /backup /data
[root@backup ~]# chown -R www.www /backup/ /data/
#检查
[root@backup ~]# ll -d /backup/ /data/
drwxr-xr-x 2 www www 6 Aug 7 16:56 /backup/
drwxr-xr-x 2 www www 6 Aug 7 16:56 /data/
6) start the rsync service and add the boot from Kai
[root@backup ~]# systemctl start rsyncd
[root@backup ~]# systemctl enable rsyncd
Second, the deployment of rsync client (nfs, web01)
1) install rsync
[root@nfs ~]# yum install -y rsync
[root@web01 ~]# yum install -y rsync
2) password-free way
#方式一:
[root@nfs ~]# echo '123' > /etc/rsync.pass
[root@nfs ~]# chmod 600 /etc/rsync.pass
[root@web01 ~]# echo '123' > /etc/rsync.pass
[root@web01 ~]# chmod 600 /etc/rsync.pass
[root@nfs ~]# rsync -avz /etc/passwd [email protected]::backup --password-file=/etc/rsync.pass
#方式二(推荐):
[root@nfs ~]# export RSYNC_PASSWORD=123
[root@web01 ~]# export RSYNC_PASSWORD=123
[root@nfs ~]# rsync -avz /etc/passwd [email protected]::backup
Third, the deployment of web codes (web01)
1) Installation and httpd php
[root@web01 ~]# yum install -y httpd php
2) Create a user
[root@web01 ~]# groupadd www -g 666
[root@web01 ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
创建目录
[root@web01 ~]# mkdir /data
[root@web01 ~]# chown -R www.www /data/
3) modify the configuration file
[root@web01 ~]# vim /etc/httpd/conf/httpd.conf
User www
Group www
4) Start httpd and add the boot from Kai
[root@web01 ~]# systemctl start httpd
[root@web01 ~]# systemctl enable httpd
#检查
[root@web01 ~]# netstat -lntup|grep 80
tcp6 0 0 :::80 :::* LISTEN 10427/httpd
#检查启动用户
[root@web01 ~]# ps -ef|grep httpd
root 10427 1 0 17:09 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10428 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10429 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10430 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10431 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
www 10432 10427 0 17:10 ? 00:00:00 /usr/sbin/httpd -DFOREGROUND
5) deploy code, the code will be uploaded to the site directory httpd
#查找站点目录
[root@web01 ~]# rpm -ql httpd|grep html
/var/www/html
#进入站点目录,上传代码
[root@web01 ~]# cd /var/www/html/
[root@web01 html]# rz windows-提交作业代码.zip
#安装unzip
[root@web01 html]# yum install -y unzip
#解压代码
[root@web01 html]# unzip windows-提交作业代码.zip
Archive: windows-提交作业代码.zip
inflating: 1.png
inflating: 2.png
inflating: 3.png
inflating: bg.jpg
inflating: index.html
inflating: info.php
inflating: upload_file.php
#授权
[root@web01 html]# chown -R www.www /var/www/html/
#修改用户上传文件的目录
[root@web01 html]# vim upload_file.php
$wen="/var/www/html/upload";
Open your browser and go to: submit jobs
Four, NFS server deployment (nfs)
1) Installation and rpcbind nfs
[root@nfs ~]# yum install -y nfs-utils rpcbind
2) Configuration nfs
[root@nfs ~]# vim /etc/exports
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
3) Create a www user (uid and gid are 666 users)
[root@nfs ~]# groupadd www -g 666
[root@nfs ~]# useradd www -u 666 -g 666 -s /sbin/nologin -M
4) Create a shared directory / data and authorization
[root@nfs ~]# mkdir /data
[root@nfs ~]# chown -R www.www /data/
5) to start the service and add the boot from Kai
[root@nfs ~]# systemctl start rpcbind nfs-server
[root@nfs ~]# systemctl enable rpcbind nfs-server
6) Check the nfs
#检查文件
[root@nfs ~]# cat /var/lib/nfs/etab
/data 172.16.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=666,anongid=666,sec=sys,rw,secure,root_squash,all_squash)
#检查端口
[root@nfs ~]# netstat -lntup|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp6 0 0 :::111 :::* LISTEN 1/systemd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp6 0 0 :::111 :::* 1/systemd
#检查进程
[root@nfs ~]# ps -ef|grep -E '(nfs|rpcbind)'
rpc 8081 1 0 17:27 ? 00:00:00 /sbin/rpcbind -w
root 8140 2 0 17:27 ? 00:00:00 [nfsd4_callbacks]
root 8146 2 0 17:27 ? 00:00:00 [nfsd]
root 8147 2 0 17:27 ? 00:00:00 [nfsd]
root 8148 2 0 17:27 ? 00:00:00 [nfsd]
root 8149 2 0 17:27 ? 00:00:00 [nfsd]
root 8150 2 0 17:27 ? 00:00:00 [nfsd]
root 8151 2 0 17:27 ? 00:00:00 [nfsd]
root 8152 2 0 17:27 ? 00:00:00 [nfsd]
root 8153 2 0 17:27 ? 00:00:00 [nfsd]
Fifth, the deployment of a spare tire nfs server (nfs)
1) Installation and rpcbind nfs
[root@nfs ~]# yum install -y nfs-utils rpcbind
2) Configuration nfs
[root@nfs ~]# vim /etc/exports
/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
3) to start the service and add the boot from Kai
[root@nfs ~]# systemctl start rpcbind nfs-server
[root@nfs ~]# systemctl enable rpcbind nfs-server
4) Check the nfs
#检查文件
[root@nfs ~]# cat /var/lib/nfs/etab
/data 172.16.1.0/24(rw,sync,wdelay,hide,nocrossmnt,secure,root_squash,all_squash,no_subtree_check,secure_locks,acl,no_pnfs,anonuid=666,anongid=666,sec=sys,rw,secure,root_squash,all_squash)
#检查端口
[root@nfs ~]# netstat -lntup|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp6 0 0 :::111 :::* LISTEN 1/systemd
udp 0 0 0.0.0.0:111 0.0.0.0:* 1/systemd
udp6 0 0 :::111 :::* 1/systemd
#检查进程
[root@nfs ~]# ps -ef|grep -E '(nfs|rpcbind)'
rpc 8081 1 0 17:27 ? 00:00:00 /sbin/rpcbind -w
root 8140 2 0 17:27 ? 00:00:00 [nfsd4_callbacks]
root 8146 2 0 17:27 ? 00:00:00 [nfsd]
root 8147 2 0 17:27 ? 00:00:00 [nfsd]
root 8148 2 0 17:27 ? 00:00:00 [nfsd]
root 8149 2 0 17:27 ? 00:00:00 [nfsd]
root 8150 2 0 17:27 ? 00:00:00 [nfsd]
root 8151 2 0 17:27 ? 00:00:00 [nfsd]
root 8152 2 0 17:27 ? 00:00:00 [nfsd]
root 8153 2 0 17:27 ? 00:00:00 [nfsd]
Sixth, nfs customers deploy an end web01 (web01)
1) Installation and rpcbind nfs
[root@web01 ~]# yum install -y nfs-utils rpcbind
2) only start rpcbind
[root@web01 ~]# systemctl start rpcbind
[root@web01 ~]# systemctl enable rpcbind
3) View can mount point
[root@web01 ~]# showmount -e 172.16.1.31
Export list for 172.16.1.31:
/data 172.16.1.0/24
[root@web01 ~]# showmount -e 172.16.1.41
Export list for 172.16.1.41:
/data 172.16.1.0/24
4) pre-mounted, to ensure data consistency
[root@web01 ~]# scp -r /var/www/html/upload/ 172.16.1.31:/data (输入的是root的密码)
[root@nfs ~]# chown -R www.www /data/
5) Mount nfs server-side
[root@web01 ~]# mount -t nfs 172.16.1.31:/data /var/www/html/upload
Seven, backup real-time synchronization of data directory nfs
Edit Script
[root@nfs ~]# vim rsync.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
export RSYNC_PASSWORD=123
mkdir -p ${BD}/${S}
tar zcf /backup/${S}/conf.tar.gz /etc/passwd &>/dev/null
md5sum /backup/${S}/conf.tar.gz > /backup/res1.txt
find ${BD} -type d -mtime +7|xargs rm -fr
~
[root@web01 ~]# vim rsync.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
export RSYNC_PASSWORD=123
mkdir -p ${BD}/${S}
tar zcf /backup/${S}/conf.tar.gz /etc/passwd &>/dev/null
md5sum /backup/${S}/conf.tar.gz > /backup/res2.txt
find ${BD} -type d -mtime +7|xargs rm -fr
Eight regular task complicated by Mail
1. server deployment rsync, for receiving client push over backup data
2. Does the server need to check every day to push the client over the data integrity
3. The results of the server needs to be checked every day to notify the administrator
[root@backup ~]# yum install -y mailx
#安装mailx
yum install -y mailx
#配置mail.rc
vim /etc/mail.rc
Shift + g
set [email protected]
set smtp=smtps://smtp.qq.com:465
set [email protected]
set smtp-auth-passwordyfwapjxcfwnobfhh
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/
4. The server retains only six months of backup data, delete all the rest check_md5.sh
[root@backup ~]# vim check_md5.sh
#!/bin/bash
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin'
H=`hostname`
I=`ifconfig eth1|awk 'NR==2{print $2}'`
D=`date +%F`
S=${H}_${I}_${D}
BD=/backup
md5sum -c /backup/res*.txt|mail -s "${D}:校验结果" [email protected]
find ${BD} -type d -mtime +180|xargs rm -fr
~
Write regular tasks: crontab -e
[root@backup ~]# crontab -l
#校验结果 by:gjy at:20190807
01 00 * * * /bin/sh /root/check_md5.sh &>/dev/null
Editing a scheduled task
[root@web01 ~]# crontab -e
#每天凌晨备份重要数据 By:gjy At:2019-08-07
00 00* * * /bin/sh /root/rsync.sh &>/dev/null
Execute scripts
Nine, NFS server deployment sersync real-time synchronization (nfs)
1) installation relies sersync rsync
andinotify
[root@nfs ~]# yum install -y rsync inotify-tools
2) Download sersync
[root@nfs ~]# wget https://raw.githubusercontent.com/wsgzao/sersync/master/sersync2.5.4_64bit_binary_stable_final.tar.gz
3) deployment sersync
Source Package: generating compiled and installed codecs
Decompression:
[root@nfs ~]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
4) Mobile and renamed
[root@nfs ~]# mv GNU-Linux-x86 /usr/local/sersync
5) Edit the configuration file
[root@nfs ~]# vim /usr/local/sersync/confxml.xml
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
-----------------------------------------------------------------------------------------
<sersync>
#监控的目录,改成/data
<localpath watch="/opt/tongbu">
#推送的IP(backup服务的IP)172.16.1.41 ,name是模块名
<remote ip="127.0.0.1" name="tongbu1"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
#执行rsync的参数改成 -az
<commonParams params="-artuz"/>
#虚拟用户的用户名和密码文件,开启认证start=true rsync_backup /etc/rsync.pass
<auth start="false" users="root" passwordfile="/etc/rsync.pas"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
#设置超时时间
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
#完整配置文件
[root@nfs ~]# cat /usr/local/sersync/confxml.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<localpath watch="/data">
<remote ip="172.16.1.41" name="nfs"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
6) Create a virtual user's password file, and authorized
[root@nfs sersync]# echo '123' > /etc/rsync.pass
[root@nfs sersync]# chmod 600 /etc/rsync.pass
7) Check Help
[root@nfs sersync]# /usr/local/sersync/sersync2 -h
set the system param
execute:echo 50000000 > /proc/sys/fs/inotify/max_user_watches
execute:echo 327679 > /proc/sys/fs/inotify/max_queued_events
parse the command param
_______________________________________________________
参数-d:启用守护进程模式
参数-r:在监控前,将监控目录与远程主机用rsync命令推送一遍
c参数-n: 指定开启守护线程的数量,默认为10个
参数-o:指定配置文件,默认使用confxml.xml文件
参数-m:单独启用其他模块,使用 -m refreshCDN 开启刷新CDN模块
参数-m:单独启用其他模块,使用 -m socket 开启socket模块
参数-m:单独启用其他模块,使用 -m http 开启http模块
不加-m参数,则默认执行同步程序
________________________________________________________________
8) Start sersync
[root@nfs data]# /usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml
X. switching the spare backup (web01)
Single point of failure
1) write a script
[root@web01 ~]# vim nfs.sh
#!/bin/bash
check_nfs=`df -h|grep '/var/www/html/upload'|wc -l`
if [ $check_nfs -eq 0 ];then
showmount -e 172.16.1.31 &>/dev/null
if [ $? -eq 0 ];then
mount -t nfs 172.16.1.31:/data /var/www/html/upload
else
mount -t nfs 172.16.1.41:/data /var/www/html/upload
fi
fi
2). Query the current mount
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.4G 18G 8% /
devtmpfs 476M 0 476M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda1 497M 120M 378M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
172.16.1.31:/data 19G 1.4G 18G 8% /var/www/html/upload
3) uninstall the current mount
[root@web01 ~]# umount /var/www/html/upload
4) Close 172.16.31 of nfs-server service
[root@nfs data]# systemctl stop nfs-server
5) open nfs-server of the service 172.16.41
[root@backup ~]# systemctl start nfs-server
6) execute the script and see the mount
[root@web01 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.4G 18G 8% /
devtmpfs 476M 0 476M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda1 497M 120M 378M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
172.16.1.41:/data 19G 1.4G 18G 8% /var/www/html/upload