A company has an NFS server, which data is important, but if the hard drive is broken, the data will be lost, and now leaders ask you to do a periodic scheduled backup data on other machines. Requirements are as follows:
at night 00 pm every day the whole package backed web application directory, etc. on the NFS server nfs01 and through the rsync command push to save the backup on the backup server backup (Backup idea can be the first packaged by IP address + date locally, and then use rsync pushed to the backup server).
Specific requirements are as follows:
. 1) the NFS server nfs01 and backup server backup backup directory must all / backup;
2) the NFS server site directory is assumed to be (/ var / WWW / HTML); .
3) the NFS server script directory is assumed to be (/ server / scripts); .
4) the NFS server site is assumed to be log directory (/ App / logs); .
5) the NFS server personal profile directory path (/etc/rc.d/rc.local); .
6) path of the NFS file server timer task is (/ var / spool / the cron / the root);
7) above package file or directory (Figure 2-6 bars) is pushed to the backup server backup; . 8)
retain only the NFS server local backup 7 days;
9) the backup server on examination results are normal backup and a daily backup results to the administrator mailbox;
10) to back up server data every Saturday are reserved, the other 180 days of backup only backup.
The following is ================================================ The answer ================================================= ==========================
First, the host network parameters
NIC NIC hostname eth0 eth1 use
backup 10.0.0.41 172.16.1.41 rsync server
nfs01 10.0.0.31 172.16.1.31 NFS storage server clients
Second, begin deploying backup server
1, Rsync server:
(1) Check the rsync software is installed:
[root@backup ~]# rpm -qa rsync
rsync-3.0.6-12.el6.x86_64
(2) the preparation of documents rsyncd.conf
######################## rsync_configstart ######################### ################################################## ############################
#created by YWX 2019-03-20
# rsyncd.conf Start ##
# users
uid = rsync
# group
gid = rsync
# programmatic security settings
use chroot = NO
# client connections
max connections = 200
# timeout
timeout = 300
# file Locations process ID
pid = /var/run/rsyncd.pid file
# process lock
lock file = / var / RUN / rsync.lock
# log file location
log file = /var/log/rsyncd.log
############################ ################ above content may be placed under the module, the contents may be placed in the global module Similarly ############## ##################
[Backup]
# use the directory
path = / backup /
# Ignored when there is an error
the ignore errors
# readable and writable (true or false) (yes or NO)
the Read only = false
# prevent remote list (not to see what's server remotely)
List = false
# allow IP
hosts the allow 172.16.1.0/24 =
# ban IP
hosts deny = 0.0.0.0/32
# virtual users (user authentication)
auth = rsync_backup the users
# store user passwords and file
Secrets file = /etc/rsync.password
###### ############################################# rsync_configend__end #### ################################################## ###################################
(3) create a shared directory and rsync accounts and modify the directory owner to rsync
[root@backup ~]# useradd -M -s /sbin/nologin rsync
[root@backup ~]# mkdir /backup
[root@backup ~]# chown -R rsync.rsync /backup
(4) start Rsync service and is set to boot
Start the rsync service
[root @ Backup ~] # rsync --daemon
[root @ Backup ~] # netstat -lntup | grep rsync
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 1264 / rsync
tcp 0 0 ::: 873 ::: * LISTEN 1264 / rs
boot Add in /etc/rc.loacl
rsync --daemon
(5) create rsync virtual account name and password, and give the password file permissions 600
[root@backup ~]# echo "rsync_backup:ywxking" > /etc/rsync.password
[root@backup ~]# cat /etc/rsync.password
rsync_backup:ywxking
[root@backup ~]# chmod 600 /etc/rsync.password
[root@backup ~]# ll /etc/rsync.password
-rw------- 1 root root 21 Mar 20 10:40 /etc/rsync.password
Third, the deployment Rsync client on NFS
(1) Check the rsync software is installed:
[root@nfs01 ~]# rpm -qa rsync
rsync-3.0.6-12.el6.x86_64
(2) only need to create a password file (containing only the password), and give the password file permissions to 600
[root@nfs01 ~]# echo "ywxking" > /etc/rsync.password
[root@nfs01 ~]# chmod 600 /etc/rsync.password
(3) create a shared directory backup
[root@nfs01 ~]# mkdir /backup
(4) Push-test client
[root@nfs01 backup]# touch ywx{1..10}
[root@nfs01 backup]# ll
total 0
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx1
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx10
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx2
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx3
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx4
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx5
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx6
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx7
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx8
-rw-r--r-- 1 root root 0 Mar 20 22:12 ywx9
[root@nfs01 backup]# rsync -avzP /backup/ [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
./
ywx1
0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=9/11)
ywx10
0 100% 0.00kB/s 0:00:00 (xfer#2, to-check=8/11)
ywx2
0 100% 0.00kB/s 0:00:00 (xfer#3, to-check=7/11)
ywx3
0 100% 0.00kB/s 0:00:00 (xfer#4, to-check=6/11)
ywx4
0 100% 0.00kB/s 0:00:00 (xfer#5, to-check=5/11)
ywx5
0 100% 0.00kB/s 0:00:00 (xfer#6, to-check=4/11)
ywx6
0 100% 0.00kB/s 0:00:00 (xfer#7, to-check=3/11)
ywx7
0 100% 0.00kB/s 0:00:00 (xfer#8, to-check=2/11)
ywx8
0 100% 0.00kB/s 0:00:00 (xfer#9, to-check=1/11)
ywx9
0 100% 0.00kB/s 0:00:00 (xfer#10, to-check=0/11)
sent 462 bytes received 201 bytes 1326.00 bytes/sec
total size is 0 speedup is 0.00
(5) nfs01 server packaging script nfsbak.sh
vim /server/scripts/nfsbak.sh
! # / bin / bash
Export the PATH = / usr / local / sbin: / usr / local / bin: / sbin: / bin: / usr / sbin: / usr / bin: / root / bin
###### from variables defined
the Path = / Backup
backup_server = 172.16.1.41
the IP = `/ sbin / the ifconfig eth1 | awk -F" [:] + " 'NR == 2. 4} {Print $'`
the Dir the IP} = {$ _ $ (DATE F_% W% +)
###### if the files and directories to be backed up exists, is copied to / backup directory in opposite
mkdir -p the Path $ / $ the Dir
[-f / var / spool / the cron / the root ] && -rp CP / var / spool / the cron / the Path the root $ / $ the Dir /
[-f /etc/rc.d/rc.local] && CP -rp the Path /etc/rc.d/rc.local $ / the Dir $ /
[-d / Server / scripts] && -rp CP / Server / scripts the Path $ / $ the Dir /
[-d / var / HTML / WWW] && -rp CP / var / HTML / WWW the Path $ / $ the Dir /
[-d / App / logs] && -rp CP / App / logs the Path $ / $ the Dir /
[-F / etc / sysconfig / iptables] && -rp cp / etc / sysconfig / iptables $ Path / Dir $ /
####### enter / backup directory and package the corresponding directory file
cd $ Path
tar -zcf $ Path / $ {Dir} .tar.gz $ Dir
after packing ####### complete, remove the source directory
RM -rf $ Path / Dir $
####### to create md5sum validation information to facilitate the backup server test whether the data to complete the
/ usr / bin / md5sum the Path $ / $ {} .tar.gz the Dir> $ the Path / md5sum $ {_} .txt the IP
####### and push the packaged file to the backup server verification value md5sum
Path -avz $ rsync / rsync_backup @ $ {} :: backupserver-File backup --password = / etc / rsync.password
####### to find out more than seven days of backup and delete
find $ Path / -name " $ {IP} * "-type f -mtime +7 | xargs rm -rf
Scheduled task (6) nfs backup
00 00 * * * /bin/sh /server/scripts/nfsbak.sh
Fourth, the backup server backup check results are normal, and daily backups of the results to the administrator mailbox;
Because nfs server backup files have come md5sum, so the file backup is normal, just like the value md5sum
#!/bin/bash
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
#####找出1天内的备份文件的md5sum校验和
md5=$(/bin/find /backup/ -type f -mtime -1 -name "md5sum_*.txt")
for i in $md5
do
md5sum -c $md5 >/dev/null 2>&1
md5jg=$(echo $?)
if [ ${md5jg} -eq 0 ];then
mail -s "$(date +%F)This is backup OK" [email protected]
else
mail -s "$(date +%F)This is backup Worry" [email protected]
done
Fifth, the data on the backup server Saturdays are reserved, the other 180 days of backup backs up only
#!/bin/bash
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
find /backup ! -name "*_6.tar.gz" ! -name "md5sum*_6.txt" -mtime +180 -type f | xargs rm -rf
Six regular tasks, backup server
##################################定时任务脚本######################################################
vim /server/scripts/backup.sh
#!/bin/bash
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
md5=$(/bin/find /backup/ -type f -mtime -1 -name "md5sum_*.txt")
for i in $md5
do
md5sum -c $md5 > /dev/null 2>&1
md5jg=$(echo $?)
if [ ${md5jg} -eq 0 ];then
mail -s "$(date +%F) This is backup Ok!!!" [email protected]
else
mail -s "$(date +%F) This is backup Worry!!!" [email protected]
done
find /backup ! -name "*_6.tar.gz" ! -name "md5sum*_6.txt" -mtime +180 -type f | xargs rm -rf
################################################## ################################################## #
############################## regular tasks ################# ########################################
00 00 * * * / bin / SH / server / scripts / backup.sh
Seven, ansible a key deployment rsync
1, the host network parameters:
host ip address of the network card use
m01 eth1 172.16.1.61 management host
backup01 eth1 172.16.1.41 backup server
nfs01 eth1 172.16.1.31 nfs server
2, the preparatory work on the m01 management host:
(1) to write the script ssh distribution so you can avoid m01 interactive logon backup and nfs server
# / bin / bash!
# ssh Connect
Export the PATH = / usr / local / sbin: / usr / local / bin: / sbin: / bin: / usr / sbin: / usr / bin: / root / bin
RM -rf /root/.ssh/id_dsa
##### create free interactive key
SSH-keygen -t dsa -f -N /root/.ssh/id_dsa ""
yum install - sshpass Y
##### Free interaction m01 push key
for 41 is 31 is in IP
do
sshpass -p123456 SSH-Copy-ID -i /root/.ssh/id_dsa.pub "-o StrictHostKeyChecking = NO 172.16.1. $ IP "
DONE
(2) mounted ansible
server:
yum the install -Y ansible
客户端:(可选)
yum install -y libselinux-python
(3)编写rsync剧本:rsync.yaml
============================================rsync.yaml__start==============================================================
#command play-book
- hosts: rsync_server
tasks:
- name: step01:install rsync
yum: name=rsync state=installed
- name: step02:edit rsync conf file
copy: src=/etc/ansible/conf/rsync_conf/rsyncd.conf dest=/etc/
- name: step03:create rsync user
user: name=rsync state=present createhome=no shell=/sbin/nologin
- name: step04:create auth file
copy: src=/etc/ansible/conf/rsync_conf/rsync.password dest=/etc/ mode=600
- name: step05:create backup directory
file: dest=/backup state=directory owner=rsync group=rsync
- name: step06:start rsync server
shell: rsync --daemon creates=/var/run/rsyncd.pid
- hosts: rsync_client
tasks:
- name: step01:create auth file
copy: src=/etc/ansible/conf/rsync_conf/rsync_client.password dest=/etc/rsync.password mode=600
============================================rsync.yaml__end==============================================================
(4) test script
[root@ywx rsync_conf]# ansible-playbook -C /server/scripts/rsync_install.yaml
PLAY [rsync_server] ***************************************
TASK [Gathering Facts] ************************************
ok: [172.16.1.41]
TASK [step01:install rsync] ***********************************
ok: [172.16.1.41]
TASK [step02:edit rsync conf file] ********************************
ok: [172.16.1.41]
TASK [step03:create rsync user] ***********************************
ok: [172.16.1.41]
TASK [step04:create auth file] ************************************
ok: [172.16.1.41]
TASK [step05:create backup directory] *********************************
ok: [172.16.1.41]
TASK [step06:start rsync server] **********************************
skipping: [172.16.1.41]
PLAY [rsync_client] ***************************************
TASK [Gathering Facts] ************************************
ok: [172.16.1.7]
ok: [172.16.1.31]
TASK [step01:create auth file] ************************************
changed: [172.16.1.7]
ok: [172.16.1.31]
PLAY RECAP ****************************************
172.16.1.31 : ok=2 changed=0 unreachable=0 failed=0
172.16.1.41 : ok=6 changed=0 unreachable=0 failed=0
172.16.1.7 : ok=2 changed=1 unreachable=0 failed=0
3, a key deployment:
[root@ywx rsync_conf]# ansible-playbook /server/scripts/rsync_install.yaml
Eight, rsync boot from the startup script (online lookup)
制作服务启动脚本/etc/init.d/rsyncd
#!/bin/bash
#author:Mr.chen
# chkconfig:35 13 91
# description:This is Rsync service management shell script
# Source function library
. /etc/rc.d/init.d/functions
start(){
rsync --daemon
if [ $? -eq 0 -a `ps -ef|grep -v grep|grep rsync|wc -l` -gt 0 ];then
action "Starting Rsync:" /bin/true
sleep 1
else
action "Starting Rsync:" /bin/false
sleep 1
fi
}
stop(){
pkill rsync;sleep 1;pkill rsync
if [ `ps -ef|grep -v grep|grep "rsync --daemon"|wc -l` -lt 1 ];then
action "Stopping Rsync: " /bin/true
sleep 1
else
Action "Stopping Rsync:" / bin / to true
SLEEP. 1
Fi
}
Case "$. 1" in
Start)
Start;
;;
STOP)
STOP;
;;
the restart | reload)
STOP;
Start;
;;
*)
echo $ "the Usage: $ {0 start | STOP | restart | reload} "
;;
esac
6) startup script in /etc/init.d directory, and add increasing x execute permission boot
[root @ backup ~] # chmod + x / etc / init. D / the rsyncd
[Backup the root @ ~] STOP # /etc/init.d/rsyncd
terminated
[Backup the root @ ~] # /etc/init.d/rsyncd Start
Starting Rsync: [OK]
[Backup the root @ ~] # rsyncd ON chkconfig
[root @ Backup ~] # chkconfig --list | grep rsync
rsyncd 0: Close 1: Close 2: Enabled 3: Enable 4: Enable 5: 6 Enable: Off