架构04 综合练习
准备
主机名 | 角色 | 外网ip | 内网IP |
---|---|---|---|
backup | rsync服务端 | 10.0.0.41 | 172.16.1.41 |
nfs | rsync客户端 nfs服务端 | 10.0.0.31 | 172.16.1.31 |
web01 | nfs客户端 | 10.0.0.7 | 172.16.1.7 |
web02 | nfs客户端 | 10.0.0.8 | 172.16.1.8 |
题目:将web01 和web02 共享存储到nfs 同时将nfs实时更新备份到backup上
nfs服务端 (nfs)
#1.安装服务
[Thu Jul 08 17:06:06 root@nfs ~]
# yum install -y nfs-utils
#2.修改配置文件
[Thu Jul 08 17:14:01 root@nfs ~]
# vim /etc/exports
/data/data_gx 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
#3.创建共享目录
[Thu Jul 08 17:15:24 root@nfs ~]
# mkdir -p /data/data_gx
#4.创建统一用户 wkhs 并且指定其uiD和gid都是666
[Thu Jul 08 17:31:42 root@nfs ~]
# groupadd -g 666 wkhs
# useradd wkhs -u 666 -g 666 -s /sbin/nologin -M
[Thu Jul 08 17:37:25 root@nfs ~]
# id wkhs
uid=666(wkhs) gid=666(wkhs) groups=666(wkhs)
给共享目录授权
Thu Jul 08 18:40:25 root@nfs ~]
# chown wkhs:wkhs /data/data_gx/
#5.启动服务
[Thu Jul 08 17:37:53 root@nfs ~]
# systemctl start nfs-server
# 6.将nfs服务加入开机自启
[Thu Jul 08 17:39:59 root@nfs ~]
# systemctl enable nfs-server
# 7.检查进程
Thu Jul 08 17:40:28 root@nfs ~]
# ps -ef|grep [n]fs
root 7217 2 0 17:39 ? 00:00:00 [nfsd4_callbacks]
root 7223 2 0 17:39 ? 00:00:00 [nfsd]
root 7224 2 0 17:39 ? 00:00:00 [nfsd]
root 7225 2 0 17:39 ? 00:00:00 [nfsd]
root 7226 2 0 17:39 ? 00:00:00 [nfsd]
root 7227 2 0 17:39 ? 00:00:00 [nfsd]
root 7228 2 0 17:39 ? 00:00:00 [nfsd]
root 7229 2 0 17:39 ? 00:00:00 [nfsd]
root 7230 2 0 17:39 ? 00:00:00 [nfsd]
# 8.检查rpcbind端口号
[Thu Jul 08 17:41:06 root@nfs ~]
# netstat -lntup|grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 5706/rpcbind
tcp6 0 0 :::111 :::* LISTEN 5706/rpcbind
udp 0 0 0.0.0.0:111 0.0.0.0:* 5706/rpcbind
udp6 0 0 :::111 :::* 5706/rpcbind
nfs客户端(web01 web02)
# 1.先安装nfs-utils
[Fri Jul 09 00:52:30 root@web01 ~]
# yum install -y nfs-utils
[Fri Jul 09 00:52:22 root@web02 ~]
# yum install -y nfs-utils
# 2.查看挂载点
[Thu Jul 08 17:44:24 root@web01 ~]
# showmount -e 172.16.1.31
Export list for 172.16.1.31:
/data/data_gx 172.16.1.0/24
# 3.创建一个用户上传数据的目录
Thu Jul 08 17:45:56 root@web01 ~]
# mkdir -p /wk/wk_pic
# 4.挂载远端的目录
Thu Jul 08 17:47:52 root@web01 ~]
# mount -t nfs 172.16.1.31:/data/data_gx /wk/wk_pic
#5.查看挂载
[Thu Jul 08 17:49:55 root@web01 ~]
# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 19G 1.6G 17G 9% /
devtmpfs 476M 0 476M 0% /dev
tmpfs 487M 0 487M 0% /dev/shm
tmpfs 487M 7.7M 479M 2% /run
tmpfs 487M 0 487M 0% /sys/fs/cgroup
/dev/sda1 497M 120M 378M 25% /boot
tmpfs 98M 0 98M 0% /run/user/0
172.16.1.31:/data/data_gx 19G 1.6G 17G 9% /wk/wk_pic
rsync服务端(backup)
#1.安装rsync
[Thu Jul 08 16:52:31 root@backup ~]
# yum -y install rsync
#2.修改配置文件
[Thu Jul 08 17:55:12 root@backup ~]
# vim /etc/rsyncd.conf
uid = wkhs
gid = wkhs
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = wk_nb
secrets file = /etc/wk.pass
log file = /var/log/rsyncd.log
#####################################
[mm]
comment = welcome to oldboyedu backup!
path = /boy/mm
# 3.创建服务启动的用户
[Thu Jul 08 18:02:33 root@backup ~]
# useradd wkhs -s /sbin/nologin -M
# 4.创建虚拟用户的密码文件
密码文件的格式
用户名:密码
[Thu Jul 08 18:04:06 root@backup ~]
# echo 'wk_nb:123' > /etc/wk.pass
[Thu Jul 08 18:06:25 root@backup ~]
# cat /etc/wk.pass
wk_nb:123
# 5.rsync要求密码文件的权限必须是600
[Thu Jul 08 18:06:39 root@backup ~]
# chmod 600 /etc/wk.pass
# 6.创建一个同步的路径
[Thu Jul 08 18:08:09 root@backup ~]
# mkdir -p /boy/mm
# 7.修改同步路径的属主和属组
[Thu Jul 08 18:09:22 root@backup ~]
# chown wkhs:wkhs /boy/mm
# 8.启动rsync服务
[Thu Jul 08 18:10:37 root@backup ~]
# systemctl start rsyncd
# 9.加入开机自启
Thu Jul 08 18:11:21 root@backup ~]
# systemctl enable rsyncd
#10..验证服务启动(进程,端口)
# ps -ef|grep [r]sync
root 7236 1 0 18:11 ? 00:00:00 /usr/bin/rsync --daemon --no-detach
[Thu Jul 08 18:13:48 root@backup ~]
# netstat -lntup|grep 873
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 7236/rsync
tcp6 0 0 :::873 :::* LISTEN 7236/rsync
rsync客户端(nfs)
#1.安装服务
[Thu Jul 08 17:41:59 root@nfs ~]
# yum -y install rsync
记住所有客户端和服务端要提前把防火墙关闭 还有关闭selinux
[Thu Jul 08 18:49:32 root@nfs ~]
# setenforce 0
[Thu Jul 08 18:49:32 root@nfs ~]
# vim /etc/selinux/config
SELINUX=disabied
[Thu Jul 08 18:52:05 root@nfs ~]
# systemctl stop firewalld
[Thu Jul 08 18:52:05 root@nfs ~]
# systemctl disable firewalld
免交互
#1 创建密码文件(客户端的密码文件只写密码不写用户)
[Thu Jul 08 18:19:52 root@nfs ~]
# echo '123' > /tmp/rsync.pass
[Thu Jul 08 18:20:01 root@nfs ~]
# chmod 600 /tmp/rsync.pass
[Thu Jul 08 18:46:44 root@nfs ~]
# rsync -avz /data/data_gx/ wk_nb@172.16.1.41::mm --password-file=/tmp/rsync.pass
无差异同步
[Thu Jul 08 18:52:05 root@nfs ~]
# rsync -avz --delete /data/data_gx wk_nb@172.16.1.41::mm
部署sersync(客户端nfs)
# 1.安装sersync的依赖包
[Thu Jul 08 18:55:12 root@nfs ~]
# yum install rsync inotify-tools -y
# 2.创建存放源码包的目录
[Thu Jul 08 18:58:29 root@nfs ~]
# mkdir /source_code
# 3.获取sersync的安装包
[Thu Jul 08 19:01:01 root@nfs ~]
# wget http://test.driverzeng.com/other/sersync2.5.4_64bit_binary_stable_final.tar.gz
# 4.绿色软件解压即用
[Thu Jul 08 19:09:34 root@nfs ~]
# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
# 5.创建服务安装目录
[Thu Jul 08 19:09:45 root@nfs ~]
# mkdir /app
# 6.将软件安装在app目录下
[Thu Jul 08 19:11:33 root@nfs ~]
# mv GNU-Linux-x86 /app/sersync
# 7.查看程序相关文件
[Thu Jul 08 19:13:14 root@nfs /app/sersync]
# ll
total 1772
-rwxr-xr-x. 1 root root 2214 Oct 26 2011 confxml.xml
-rwxr-xr-x. 1 root root 1810128 Oct 26 2011 sersync2
# 8.修改配置文件
修改inotify相关的配置
[Thu Jul 08 19:13:16 root@nfs /app/sersync]
# vim confxml.xml
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
<sersync>
<localpath watch="/data/data_gx">
<remote ip="172.16.1.41" name="mm"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="wk_nb" passwordfile="/tmp/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
# 9.给密码文件授权
因为配置文件里的passwordfile="/tmp/rsync.pass"/> 中的存放密码的目录 在前期免交互的时候已经创建过了 所以修改过之后 直接在授权就行了
[Thu Jul 08 19:30:00 root@nfs /app/sersync]
# chmod 600 /tmp/rsync.pass
#10.使用systemd管理没有启动脚本的服务
[Thu Jul 08 20:01:34 root@nfs /app/sersync]
# vim /usr/lib/systemd/system/sersyncd.service
[Unit]
# 描述
Description=This is sersync start service
## 描述
After=xxx
[Service]
## 后台运行
Type=forking
ExecStart=/app/sersync/sersync2 -rdo /app/sersync/confxml.xml
ExecStop=kill -3 `ps -ef|grep [s]ersync|awk '{print $2}'`
ExecReload=kill -1 `ps -ef|grep [s]ersync|awk '{print $2}'`
PrivateTmp=true
[Install]
WantedBy=multi-user.target
# 记住做完之后先杀一下之前开启的进程 然后再重新开启就可以了