准备:
五台服务器:一台管理服务器m01:172.16.1.61、两台应用服务器web01:172.16.1.7、web02:172.16.1.8、一台存储服务器nfs:172.16.1.31、一台备份服务器rsync:172.16.1.41
实现:通过m01管理机,实现nfs服务器共享目录/data给两台web服务器
实现nfs服务器/data目录实时同步到rsync服务器/backup
实现两台web服务器,nfs服务器重要文件可以定时备份到rsync服务器
开始实战:
一、部署管理机m01环境:
1.下载软件
vim /server/scripts/benjibushu.sh
#!/bin/sh
#安装必要软件到本机
yum install oppenssh oppenssl -y
systemctl restart sshd
systemctl enable sshd
yum install epel-release -y
yum install exportfs -y
yum install libselinux-python
2.备份ansible配置文件
cp /etc/ansible/hosts{,.ori}
3.编辑主机列表模块
cat >/etc/ansible/hosts<<EOF
#1代表服务端,2代表客户端
[oldboy]
172.16.1.7
172.16.1.8
172.16.1.31
172.16.1.41
[rsync1]
172.16.1.41
[rsync2]
172.16.1.7
172.16.1.8
172.16.1.31
[nfs1]
172.16.1.31
[nfs2]
172.16.1.7
172.16.1.8
[sersync]
172.16.1.31
EOF
4.编辑脚本,生成并分发密钥
vim /server/scripts/fenfa.sh
#/bin/sh
yum install sshpass -y
#创建密钥
ssh-keygen -f ~/.ssh/id_rsa -P ‘‘ -q
#for循环,发送公钥给四台服务器
for ip in 7 8 31 41
do
sshpass -p123456 ssh-copy id -i ~/.ssh/id_rsa.pub "-o StricHostKeyChecking=no" 172.16.1.$ip
done
5.编辑ansible配置文件,取消71行注释 (免密连接,已经发送公钥,此处也可省略)
6.执行/server/scripts/fenfa.sh发送公钥
sh /server/scripts/fenfa.sh
7.测试远程连接
ansible oldboy -m command -a "ifconfig"
8.可以相对优化一下ssh,此处先省略
二、编写nfs共享目录的服务端nfs1.sh
cd /server/scripts
切换到/server/scripts目录,下边全部在这个目录下执行,也就不在写全路径。。。
vim nfs1.sh
#!/bin/sh
yum install nfs-utils rpcbind -y &&\
systemctl start rpcbind.service &&\
systemctl enable rpcbind.service &&\
#先启动rpcbind服务,再启动nfs服务,相信不用注释,读者也明白吧
systemctl start nfs &&\
systemctl enable nfs &&\
#添加共享目录/data,这里不指定创建虚拟用户,使用默认的nfsnobodu用户
cat >/etc/exportfs<<EOF
/data 172.16.1.0/24(rw,sync,all_squash)
EOF
mkdir -p /data &&\
chown -R nfsnobody.nfsnobody /data &&\
exportfs -r
编写nfs客户端脚本
vim nfs2.sh
#!/bin/sh
yum install nfs-utils rpcbind -y &&\
systemctl start rpcbind.service &&\
systemctl enable rpcbind.service &&
systemctl start nfs &&\
systemctl enable nfs &&\
mount -t nfs 172.16.1.31:/data /mnt
#在此没有添加开机自动挂载,需要者把改在命令写在fstab即可。。。
三、编写rsync服务端
vim rsync1.sh
yum install rsync -y &&\
cp /etc/rsyncd.conf{,.ori} &&\
cat >/etc/rsyncd.conf<<EOF
uid = rsync
gid = rsync
use chroot = no
fask super =yes
max connections = 200
timeout = 600
pid file = /var/run/rsyncd.pid
lock file = /var/lock/rsyncd.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow =172.16.1.0/24
auth users =rsync_backup
secrets file = /etc/rsync.password
[backup]
comment = welcome to oldboy backup!
path = /backup/
EOF
useradd -M -s /usr/bin/nologin rsync &&\
mkdir -p /backup &&\
chown -R rsync.rsync /backup/ &&\
echo "rsync_backup:123456" >/etc/rsync.password &&\
chown 600 /etc/rsync.password
systemctl start rsyncd &&\
systemctl enable rsyncd
编写rsync客户端
vim rsync2.sh
#!/bin/sh
yum install rsync -y
echo "123456" >/etc/rsync.password &&\
chmod 600 /etc/rsync.password &&
systemctl rsetart rsyncd &&\
systemctl enable rsyncd &&\
echo "exportfs RSYNC_PASSWORD=123456" >>/etc/bashrc &&\
exportfs -r
四、编辑sersync实现实时同步
vim sersync.sh
#!/bin/sh
echo "exportfs RSYNC_PASSWORD=123456" >>/etc/bashrc &&\
source /etc/bashrc &&\
yum install inotify-tools -y &&\
touch monitor,sh &&\
cat >/server/scripts/monitor.sh<<EOF
#!/bin/sh/
/usr/bin/inotifywait -mrq --format ‘%w%f‘ -e close_write,delete /data|while read line
do
cd /data && rsync -az --delete ./ [email protected]:;backup
done
EOF
五、我是个粗人,现在把所有推送执行命令脚本放在一个脚本里
vim one.ok.sh
#!/bin/sh
ansible rsync1 -m script -a "/server/scripts/rsync1.sh"
ansible rsync2 -m script -a "/server/scripts/rsync2.sh"
ansible nfs1 -m script -a "/server/scripts/nfs1.sh"
ansible nfs2 -m script -a "/servet/scripts/nfs2.sh"
ansible sersync -m "/server/scripts/sersync.sh"
sh one.ok.sh
执行这个脚本,即可一键完成部署四台服务器基础配置,前提是前边测试免密远程管理成功,纯手撸代码,没用脚,倘若哪里执行失败,请仔细核对,若果发现我的脚本有命令出错的地方,希望可以得到读者的反馈,第一时间改正,以免影响更多的读者。
原文地址:https://www.cnblogs.com/wanglonglong/p/10777410.html