rsync nfs sersync httpd
环境:
角色 外网IP(NAT) 内网IP(LAN) 主机名 Rsync服务端 eth0:10.0.1.51 eth1:172.16.1.51 backup NFS&Sers服务端 eth0:10.0.1.41 eth1:172.16.1.41 nfs JUMP SERVER eth0:10.0.1.71 eth1:172.16.1.71 m01 Rsy&NFS客户端 eth0:10.0.1.7 eth1:172.16.1.7 web01 Rsy&NFS客户端 eth0:10.0.1.8 eth1:172.16.1.8 web02
cat /etc/ansible/hosts [backup] 172.16.1.51 [nfs] 172.16.1.41 [web] 172.16.1.7 172.16.1.8 [all:children] backup nfs web
1.基础环境部署
1)firewalld selinux 2)ssh密钥生成以及公钥推送 ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa -C root ssh-copy-id -i ~/.ssh/id_rsa root@172.16.1.7 ssh-copy-id -i ~/.ssh/id_rsa root@172.16.1.8 ssh-copy-id -i ~/.ssh/id_rsa root@172.16.1.41 ssh-copy-id -i ~/.ssh/id_rsa root@172.16.1.51 3)epel源部署 wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo yum clean all yum makecache 4)安装软件包rsync,nfs-utils ansible all -m yum -a "name=rsync,nfs-utils state=installed" ansible all -m service -a "name=rpcbind state=started enabled=yes" ansible all -m service -a "name=nfs state=started enabled=yes" 5)创建用户,组 ansible all -m group -a "name=www gid=666" ansible all -m user -a "name=www uid=666 group=666 create_home=no shell=/sbin/nologin" 6)创建目录,并修改所属和权限 ansible all -m file -a "path=/data owner=www group=www state=directory" ansible all -m file -a "path=/backup owner=www group=www state=directory" ansible all -m file -a "path=/server/scripts state=directory" 7)创建rsync客户端密码文件 ansible all -m copy -a "content=1 dest=/etc/rsync.pass mode=600" ansible backup -m copy -a "content='rsync_backup:1' dest=/etc/rsync.passwd mode=600" 8)推送脚本 mkdir -p /server/scripts vim /server/scripts/rsync_backup.sh vim /server/scripts/rsync_check.sh ansible all -m copy -a "src=/server/scripts/rsync_backup.sh dest=/server/scripts/rsync_backup.sh" ansible backup -m copy -a "src=/server/scripts/rsync_check.sh dest=/server/scripts/rsync_check.sh" 9)计划任务 ansible all -m cron -a "name='Rsync backup' minute=0 hour=1 job='/bin/sh /server/scripts/rsync_backup.sh &> /dev/null'" ansible backup -m cron -a "name='Rsync check' minute=0 hour=5 job='/bin/sh /server/scripts/rsync_check.sh &> /dev/null'"
2.rsync服务端
1)安装 在基础配置已实现 2)配置 mkdir -p /server/conf vim /server/conf/rsyncd.conf ansible backup -m copy -a "src=/server/conf/rsyncd.conf dest=/etc/rsyncd.conf" 3)启动 ansible all -m service -a "name=rsyncd state=started enabled=yes" ansible backup -m yum -a "name=mailx state=installed" //验证 ansible all -m script -a "/server/scripts/rsync_backup.sh" ansible backup -m script -a "/server/scripts/rsync_check.sh"
3.nfs服务端
1)安装 2)配置 方法1:建议使用 echo '/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)' > /server/conf/exports ansible nfs -m copy -a 'src=/server/conf/exports dest=/etc/' 方法2: ansible nfs -m copy -a 'content="/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" dest=/etc/exports' 3)启动 在基础环境已经启动过了,这里重载下配置信息 ansible nfs -m shell -a "exportfs -arv"
web服务器
1)安装 ansible web -m yum -a "name=httpd state=installed" 2)配置 3)启动 ansible web -m service -a "name=httpd state=started" 4)挂载NFS共享存储 ansible web -m mount -a "src=172.16.1.41:/data path=/var/www/html state=mounted fstype=nfs"
4.serysnc
1)安装 #sersync需要依赖inotify和rsync,所以需要安装对应软件 ansible nfs -m yum -a "name=inotify-tools state=installed" #安装sersync ssh root@172.16.1.41 mkdir /server/tools -p cd /server/tools/ wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/sersync/sersync2.5.4_64bit_binary_stable_final.tar.gz tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz mv GNU-Linux-x86/ /usr/local/sersync cd /usr/local/sersync/ 2)配置 vim confxml.xml ... <fileSystem xfs="true"/> #监控对象 false改成true <inotify> #监控信息 <delete start="true"/> <createFolder start="true"/> <createFile start="true"/> <closeWrite start="true"/> <moveFrom start="true"/> <moveTo start="true"/> <attrib start="true"/> <modify start="true"/> <localpath watch="/data"> <remote ip="172.16.1.51" name="data"/> #发送给rsync服务端的data模块 <rsync> <commonParams params="-az"/> #命令选项 <auth start="true" users="rsync_backup" passwordfile="/etc/rsync.pass"/> #rsync的认证信息 ... 3)启动 ln -s /usr/local/sersync/sersync2 /usr/bin/ sersync2 -dro /usr/local/sersync/confxml.xml