table of Contents
rsync + ssh synchronization: Remote Synchronization
inotify real-time synchronization
Custom answer file: the beginning of the comment line deleted
From the structure of the primary DNS server
Data Backup master server, single point of failure to solve
rsync synchronous operation
Basic use rsync
- Command usage: rsync [options] source directory target directory
- Synchronous replication differences:
Copy: copy the complete source to destination
Sync: incremental copy, just change the transmission process (when the first transmission will automatically remember checksum value of the source and destination directories and transfers only the value of each subsequent changes)
- rsync options:
-a: archive mode, the equivalent of -rlptgoD
-n: test the synchronization process, not the actual modification
-v: show operational details
-z: enable the transmission process compression / decompression
--delete: Delete the target folder unnecessary documents
Rsync command is executed, if not behind the source directory /, the default directory itself and the directory contents transmitted together to the destination directory
rsync command only a single direction, multi-target data out of their own data
[root@svr7 ~]# mkdir /nsd01 /todir
[root@svr7 ~]# cp /etc/passwd /etc/shadow /nsd01
[root@svr7 ~]# ls /nsd01
passwd shadow
[root@svr7 ~]# rsync -av /nsd01 /todir
sending incremental file list
nsd01/
nsd01/passwd
nsd01/shadow
[root@svr7 ~]# rsync -av /nsd01/ /todir
sending incremental file list
./
passwd
shadow
[root@svr7 ~]# rsync --delete -av --delete /nsd01/ /todir
sending incremental file list
deleting nsd01/shadow
deleting nsd01/passwd
deleting nsd01/
./
[root@svr7 ~]# ls /todir
passwd shadow
[root@svr7 ~]# touch /nsd01/1.txt
[root@svr7 ~]# rsync --delete -av --delete /nsd01/ /todir
sending incremental file list
deleting nsd01/shadow
deleting nsd01/passwd
deleting nsd01/
./
1.txt
[root@svr7 ~]# ls /todir
1.txt passwd shadow
rsync + ssh synchronization: Remote Synchronization
- Ssh server resource list
rsync user @ host: remote directory /
- To keep pace with a remote ssh directory
Downstream (download): rsync [....] user @ host: remote directory local directory
Upstream (upload): rsync [....] Local directory user @ host: remote directory
[root@svr7 ~]# rsync -av --delete /todir/ [email protected]:/opt
[root@pc207 ~]# ls /opt
1.txt passwd shadow
[root@svr7 ~]# touch /todir/3.txt
[root@svr7 ~]# rsync -av --delete /todir/ [email protected]:/opt
[root@pc207 ~]# ls /opt
1.txt 3.txt passwd shadow
[root@svr7 ~]# touch /todir/4.txt
[root@svr7 ~]# rsync -av --delete /todir/ [email protected]:/opt
[root@pc207 ~]# ls /opt
1.txt 3.txt 4.txt passwd shadow
Real-time synchronization
- Virtual Machine A: generate a public key and a private key, cancel password authentication
[root@svr7 ~]# ssh-keygen #一路回车 Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:w7qmLC4X9KOR0jsTYe9bmNfHey23UPOPdJ2OnlTZxKw [email protected] The key's randomart image is: +---[RSA 2048]----+ | | | o | | +| | + . oo| | + = S Eo.| |. * +o o o ..oo| | . Bo.+ . o .o..+| |. B..o.. . .+o*o.| | +.+++. ...*oo.| +----[SHA256]-----+ [root@svr7 ~]# ls /root/.ssh authorized_keys id_rsa(私钥) id_rsa.pub(公钥) known_hosts(记录曾经远程管理过的机器)
- The public key is passed to the other side
[root@svr7 ~]# ssh-copy-id [email protected] [root@pc207 ~]# ls /root/.ssh authorized_keys (别的机器传递过来的公钥) [root@svr7 ~]# rsync -av --delete /todir/ [email protected]:/opt
inotify real-time synchronization
Inotity-tools installation tools, monitor the directory content
- 1. real machine uploads the data to the virtual machine A
[student@room9pc01 ~]$ ls /linux-soft/
01 02 03 04 05
[student@room9pc01 ~]$ ls /linux-soft/01
Cobbler.zip tools.tar.gz
[student@room9pc01 ~]$ scp /linux-soft/01/tools.tar.gz [email protected]:/tmp
tools.tar.gz 100% 766KB 2.3MB/s 00:00
- 2. Check whether a successful upload virtual machine A
[root@svr7 ~]# ls /tmp #查看tmp目录下是否有该压缩包(虚拟机)
systemd-private-8baf54c5b1c04ba3a5f3525818b9c081-chronyd.service-Jon8iZ tools.tar.gz
systemd-private-b4e3a5aa0fe14eb493d2b5bed82bbce7-chronyd.service-1X4Kli
[root@svr7 ~]# tar -xf /tmp/tools.tar.gz -C / #将源码包释放到根
[root@svr7 ~]# ls /
bin dev home lib64 mnt opt root sbin sys todir tpdir var
boot etc lib media nsd01 proc run srv tmp tools usr
[root@svr7 ~]# ls /tools
inotify-tools-3.13.tar.gz other
- 3.tar unpack
[root@svr7 ~]# tar -xf /tools/inotify-tools-3.13.tar.gz -C /usr/local/
[root@svr7 ~]# ls /usr/local/
bin etc games include inotify-tools-3.13 lib lib64 libexec sbin share src
- 4. Compile Source Package Installation
1) software download gcc and make
[root@svr7 ~]# yum -y install gcc make
2) ./ configure configuration, specify the installation directory / function module option
[root@svr7 ~]# cd /usr/local/inotify-tools-3.13/
[root@svr7 inotify-tools-3.13]# ./configure
3) make the compiler to generate an executable binary file
[root@svr7 inotify-tools-3.13]# make
4) make install to install, copy the files to the installation directory compiled
[root@svr7 inotify-tools-3.13]# make install
[root@svr7 inotify-tools-3.13]# ls /usr/local/bin/inotifywait
/usr/local/bin/inotifywait #查看是否有该程序
inotifywait monitoring
- Basic Usage
inotifywait [options] target folder
- Common command options
-m: continuous monitoring (does not exit after capturing an event)
-r: recursive monitoring, including subdirectories and files
-q: Information reducing screen output
-e: Specifies the monitor modify.move.create.delete.attrib events such categories
III. Writing a shell script
Solve repetitive cycle operation
for loop: There are number of cycles for writing
while loop: for an unlimited number of write cycles
[root@svr7 ~]# vim /root/rsync.sh
#!/bin/bash
while inotifywait -rqq /todir/
do
rsync -a --delete /todir/ [email protected]:/opt
done
[root@svr7 ~]# chmod +x /root/rsync.sh
[root@svr7 ~]# /root/rsync.sh &
[1] 6113
[root@svr7 ~]# jobs -l
[1]+ 6113 运行中 /root/rsync.sh &
cobbler installed platform
Premise: the establishment of a virtual machine that supports graphical
1. Operating system: CentOs7.5
2. Memory size: 2G
3. Disk space: 50G
4. Virtual Network type: private1
5. Package Selection "Server with a GUI"
6. Select the partition "Automatic Partitioning"
7. The administrator root password 1
8. Create a regular user lisi, password 1
cobbler Profile
basic concepts:
- cobbler is a fast network system deployment tools
- Centralized management services required, such as DHCP.DNS.TFTP.WEB
- Internal cobbler integrates a mirror version of the file collection
- Ks internal cobbler integrates an answer file warehouse
- provided further comprising a cobbler yum source management, web interface management, the API interfaces, power management functions
Installed step
- A. CentOs with a virtual machine
- Second, the virtual machine settings firewall trusted, selinux set loose mode, IP address 192.168.4.123/24, host name cobbler.tedu.cn, build yum source:
[root@cobbler ~]# cd /etc/yum.repos.d/
[root@cobbler yum.repos.d]# mkdir repo
[root@cobbler yum.repos.d]# mv *.repo repo
[root@cobbler yum.repos.d]# ls
repo
[root@cobbler yum.repos.d]# vim zz.repo
[aaa]
name=sss
baseurl=ftp://192.168.4.254/centos-1804
enabled=1
gpgcheck=0
[root@cobbler yum.repos.d]# yum repolist
- III. Cobbler.zip transmitted using a real machine scp packet to the virtual machine 192.168.4.123
[student@room9pc01 ~]$ scp /home/student/桌面/cobbler.zip [email protected]:/root
- IV. To build a platform installed cobbler
cobbler overview of the software, service management dhcp.TFTP.web
Free import image and answer file ks
- Unzip the package cobbler.zip
[root@cobbler ~]# yum -y install unzip [root@cobbler ~]# unzip /root/cobbler.zip -d / [root@cobbler ~]# ls /cobbler cobbler_boot.tar.gz cobbler_rpm.zip cobbler_web.png [root@cobbler ~]# unzip /cobbler/cobbler_rpm.zip -d /opt [root@cobbler ~]# ls /opt/cobbler/ cobbler-2.8.2-1.el7.x86_64.rpm python-cheetah-2.4.4-5.el7.centos.x86_64.rpm cobbler-web-2.8.2-1.el7.noarch.rpm python-django-bash-completion-1.6.11.6-16.el7.noarch.rpm dhclient-4.2.5-58.el7.centos.1.x86_64.rpm python-markdown-2.4.1-2.el7.noarch.rpm libyaml-0.1.4-11.el7_0.x86_64.rpm python-pillow-2.0.0-19.gitd1c6db8.el7.x86_64.rpm mod_wsgi-3.4-12.el7_0.x86_64.rpm python-pygments-1.4-10.el7.noarch.rpm python2-django-1.6.11.6-16.el7.noarch.rpm PyYAML-3.10-11.el7.x86_64.rpm python2-simplejson-3.10.0-1.el7.x86_64.rpm tftp-server-5.2-13.el7.x86_64.rpm
- V. cobbler main installation. Kit etc.
[root@cobbler ~]# yum -y install dhcp httpd mod_ssl
[root@cobbler ~]# yum -y install /opt/cobbler/*.rpm
[root@cobbler ~]# rpm -q cobbler
cobbler-2.8.2-1.el7.x86_64
cobbler installed deployment
- 1. Install the software cobbler cobbler-web dhcp tftp-server pykickstart httpd
cobbler #cobbler package
cobbler-web #cobbler a web package
pykickstart #cobbler check kickstart answer file syntax error
httpd #dhcp Service
tftp-server #tftp Service
- 2. Configure the cobbler's dhcp
[root@cobbler ~]# vim /etc/cobbler/settings
272 next_server: 192.168.4.123 #设置下一个服务器还为本机
384 server: 192.168.4.123 #设置本机为cobbler服务器
242 manage_dhcp: 1 #设置cobbler管理dhcp服务
292 pxe_just_once: 1 #防止客户端重复安装操作系统
#冒号后面要有空格!!!!!!!!
Boot options: Matching stop
- Hard disk
- CD-ROM device
- U disk
- Network boot
- 3. Configure the dhcp cobbler
[root@cobbler ~]# vim /etc/cobbler/dhcp.template
:%s /旧/新/g #全文替换
:%s /192.168.1/192.168.4/g
- 4. Absolute path to extract the boot files of many cobbler_boot.tar.gz #
[root@cobbler ~]# tar -tf /cobbler/cobbler_boot.tar.gz #查看包里面的内容
[root@cobbler ~]# tar -xPf /cobbler/cobbler_boot.tar.gz #绝对路径释放(选项+P,无需指定释放路径)
[root@cobbler ~]# ls /var/lib/cobbler/loaders/
COPYING.elilo COPYING.yaboot grub-x86_64.efi menu.c32 README
COPYING.syslinux elilo-ia64.efi grub-x86.efi pxelinux.0 yaboot
- 5. Start related services
[root@cobbler ~]# systemctl restart cobblerd
[root@cobbler ~]# systemctl enable cobblerd
[root@cobbler ~]# systemctl restart httpd
[root@cobbler ~]# systemctl enable httpd
[root@cobbler ~]# systemctl restart rsyncd
[root@cobbler ~]# systemctl enable rsyncd
- 6. cobbler sync refresh configuration
[root@cobbler ~]# cobbler sync #检查所有配置是否正确
*** TASK COMPLETE *** #出现此行则证明正确
[root@cobbler ~]# firefox https://192.168.4.123/cobbler_web
用户名:cobbler
密码:cobbler
cobbler application
cobbler import --path = --name = introducing system mount point name (from free)
- Import installation image data
[root@cobbler ~]# mkdir /dvd
[root@cobbler ~]# mount /dev/cdrom /dvd #一定要提前加光驱设备
[root@cobbler ~]# ls /dvd
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
[root@cobbler ~]# cobbler import --path=/dvd --name=Centos7
#cobbler导入的镜像在/var/www/cobbler/ks_mirror
[root@cobbler ~]# cobbler list #查看有哪些系统
distros:
Centos7-x86_64 #安装客户端至少要2G内存
profiles:
Centos7-x86_64
- delete
[root@cobbler ~]# cobbler profile remove --name=centos7-x86_64 #删除菜单信息
[root@cobbler ~]# cobbler distro remove --name=centos7-x86_64 #删除镜像信息
[root@cobbler ~]# umount /dvd
[root@cobbler ~]# mount /dev/cdrom /dvd
mount: /dev/sr0 写保护,将以只读方式挂载
[root@cobbler ~]# ls /dvd
CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7
EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
Custom answer file: the beginning of the comment line deleted
[root@cobbler ~]# yum -y install system-config-kickstart
[root@cobbler ~]# system-config-kickstart #进入图形化界面,生成ks文件
Kickstart file must be stored in the default location: / var / lib / cobbler / kickstarts
[root@cobbler ~]# cobbler list
Modify the kickstart file:
[root@cobbler ~]# cobbler profile edit --name=Centos7 --kickstart=/var/lib/cobbler/kickstarts/自定义.cfg
[root@cobbler ~]# cobbler profile report
[root@cobbler ~]# cobbler sync #同步设置
From the structure of the primary DNS server
Data Backup master server, single point of failure to solve
Prepare three virtual machines: 1 virtual machine A:. Primary DNS server 192.168.4.7
2. VM B: from the DNS server 192.168.4.207
3. Virtual machine C: Client Test 192.168.4.10
Primary DNS server
- 1. Install the package:
[root@svr7 ~]# yum -y install bind bind-chroot
- 2. modify the configuration file:
[root@svr7 ~]# cp /etc/named.conf /etc/named.bak
[root@svr7 ~]# vim /etc/named.conf
options {
directory "/var/named";
};
zone "tedu.cn" IN {
type master;
file "tedu.cn.zone";
};
- 3. Establish address database file:
[root@svr7 ~]# cd /var/named
[root@svr7 named]# cp -p named.localhost tedu.cn.zone
[root@svr7 named]# vim tedu.cn.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tedu.cn. NS svr7
svr7 A 192.168.4.7
www A 1.2.3.4
- 4. restart the service:
[root@svr7 named]# systemctl restart named
- 5. Modify the main configuration file, the specified IP address from the server
options {
directory "/var/named";
allow-transfer { 192.168.4.207; }; #指定从服务器IP地址
};
zone "tedu.cn" IN {
type master;
file "tedu.cn.zone";
};
- 6. Modify the address database file is declared
[root@svr7 named]# vim tedu.cn.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tedu.cn. NS svr7
tedu.cn. NS pc207
svr7 A 192.168.4.7
pc207 A 192.168.4.207
www A 1.2.3.4
- 7. Restart the services again
[root@svr7 named]# systemctl restart named
From the DNS server
- 1. Install the package:
[root@pc207 ~]# yum -y install bind bind-chroot
- 2. Modify the main configuration file:
[root@pc207 ~]# vim /etc/named.conf
options {
directory "/var/named";
};
zone "tedu.cn" IN {
type slave;
file "/var/named/slaves/tedu.cn.slave"; #原则named用户对该目录具备写入权限
masters { 192.168.4.7; }; #指定主DNS服务器名字
};
- 3. restart the service:
[root@pc207 ~]# systemctl restart named
[root@pc207 ~]# ls /var/named/slaves
tedu.cn.slave
Client Test
- 1. Specify the DNS server
[root@C ~]# echo nameserver 192.168.4.7 > /etc/resolv.conf
[root@C ~]# echo nameserver 192.168.4.207 >> /etc/resolv.conf
#先写主DNS再写从DNS
- 2. Parse, when the primary DNS server stops, it will automatically find the DNS server to resolve
[root@C ~]# nslookup www.tedu.cn
Server: 192.168.4.7
Address: 192.168.4.7#53
Name: www.tedu.cn
Address: 1.2.3.4
[root@svr7 named]# systemctl stop named
[root@C ~]# nslookup www.tedu.cn
Server: 192.168.4.207
Address: 192.168.4.207#53
Name: www.tedu.cn
Address: 1.2.3.4
Synchronization data from the master DNS server
- 1. Modify the data must be done on the primary DNS server
Address database file content:
(
0; Serial # data version number is the 10 digits
1D; refresh # representative of every other day, from the master data synchronization will
1H; retry # every hour, the retry interval
1W; expire # dead time, one week
3H); minimum # invalid cache records the time, 3 hours
- 2. The version number must be manually modify data, to modify the direction of a large
[root@svr7 named]# vim tedu.cn.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
2019122301 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tedu.cn. NS svr7
tedu.cn. NS pc207
svr7 A 192.168.4.7
pc207 A 192.168.4.207
www A 15.20.25.26
[root@C ~]# nslookup www.tedu.cn
Server: 192.168.4.7
Address: 192.168.4.7#53
Name: www.tedu.cn
Address: 15.20.25.26
-------------------------------------------------------------------------------------------------------
[root@svr7 named]# vim tedu.cn.zone
$TTL 1D
@ IN SOA @ rname.invalid. (
2019122302 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
tedu.cn. NS svr7
tedu.cn. NS pc207
svr7 A 192.168.4.7
pc207 A 192.168.4.207
www A 45.46.50.25
[root@svr7 named]# systemctl restart named
[root@C ~]# nslookup www.tedu.cn
Server: 192.168.4.7
Address: 192.168.4.7#53
Name: www.tedu.cn
Address: 45.46.50.25