There is an NFS server in a company. The data in it is very important, but if the hard disk fails, the data will be lost. Now the leader requires you to make a periodic backup of the data on other machines.要求如下:
每天晚上00点整在NFS服务器nfs01上打包备份网站程序目录等并通过rsync命令推送到备份服务器backup上备份保存(备份思路可以是先在本地按IP地址+日期Package, and then use rsync to push to the backup server).
具体要求如下:
1)NFS服务器nfs01和备份服务器backup的备份目录必须都为/backup;
2)NFS服务器站点目录假定为(/ var/www/html);
3) NFS server script directory is assumed to be (/server/scripts);
4) NFS server site log directory is assumed to be (/app/logs);
5) NFS The server’s personal configuration file directory path (/etc/rc.d/rc.local);
6) The NFS server timing task file path is (/var/spool/cron/root);
7) The above files Or package the directory (shown in Article 2-6) and push it to the backup server backup;
8) The NFS server locally only keeps the backup within 7 days;
9) Check whether the backup result is normal on the backup server, and the daily The backup results are sent to the administrator’s mailbox;
10) The data on the backup server is retained every Saturday, and other backups are only retained for 180 days.
==================================== ============The following is the answer================================== ========================================
One, host Network parameters
Host name NIC eth0 NIC eth1 Purpose
backup 10.0.0.41 172.16.1.41 rsync server
nfs01 10.0.0.31 172.16.1.31 NFS storage server client
2. Start to deploy the backup server
1. Rsync server:
(1) Check whether the rsync software is installed:
[[emailprotected] ~] # rpm -qa rsync
rsync-3.0.6-12.el6.x86_64
(2) Write rsyncd.conf file
##### ###################rsync_configstart############################ ############################################## #######################
#created by ywx 2019-03-20
#rsyncd.conf start# #
#用户
uid = rsync
#组
gid = rsync
#程序安全设置
use chroot = no
#客户端连接数
max connections = 200
#超时时间
timeout = 300
#进程号文件位置
pid file = /var/run/rsyncd.pid
#进程锁
lock file = /var/run/rsync.lock
#Log file location
< br> log file = /var/log/rsyncd.log
############################### ############# The content above can be placed under the module, and the content under the module can also be placed in the global ################## ###############
[backup]
#使用目录
path = /backup/
#有错误时忽略
ignore errors
#可读可写(true或false)(yes或no)
read only = false
#阻止远程列表(不让通过远程方式看服务端有啥)
list = false
#允许IP
hosts allow = 172.16.1.0/24
#禁止IP
hosts deny = 0.0.0.0/32
#虚拟用户(认证用户)
auth users = rsync_backup
#存放用户和密码的文件
secrets file = /etc/rsync.password
###################### ############################rsync_configend__end################### ############################################## ##################
(3) Create rsync account and shared directory and modify directory owner For rsync
[[emailprotected] ~]# useradd -M -s /sbin/nologin rsync
[[emailprotected] ~]# mkdir /backup
[[emailprotected] ~ ]# chown -R rsync.rsync /backup
(4) Start the Rsync service and set it to boot up
Start rsync service
[[emailprotected] ~]# rsync –daemon
[[emailprotected] ~]# netstat -lntup | grep rsync
tcp 0 0 0.0.0.0:873 0.0 .0.0:* LISTEN 1264/rsync
tcp 0 0 :::873 :::* LISTEN 1264/rs
To start, add under /etc/rc.loacl
rsync –daemon
(5) Create an rsync virtual account name and password, and give the password file 600 permissions
[[emailprotected] ~]# echo “rsync_backup:ywxking”> /etc/rsync.password
[[email Protected] ~]# cat /etc/rsync.password
rsync_backup:ywxking
[[email Protected] ~]# chmod 600 /etc/rsync.password
[[email Protected] ~ ]# ll /etc/rsync.password
-rw——- 1 root root 21 Mar 20 10:40 /etc/rsync.password
Three, in NFS Deploy Rsync client on
(1) Check whether the rsync software is installed:
[[emailprotected] ~]# rpm -qa rsync
rsync-3.0 .6-12.el6.x86_64
(2) Only need to create a password file (only including the password), and give the password file 600 permissions
[[email Protected] ~]# echo “ywxking”> /etc/rsync.password
[[email Protected] ~]# chmod 600 /etc/rsync.password
(3) Create Shared directory backup
[[email protected] ~]# mkdir /backup
(4) Push test on the client
[[emailprotected] backup]# touch ywx{1..10}
[[emailprotected] backup]# ll
total 0< br> -rw-r–r– 1 root root 0 Mar 20 22:12 ywx1
-rw-r–r– 1 root root 0 Mar 20 22:12 ywx10
-rw-r –r– 1 root root 0 Mar 20 22:12 ywx2
-rw-r–r– 1 root root 0 Mar 20 22:12 ywx3
-rw-r–r– 1 root root 0 Mar 20 22:12 ywx4
-rw-r–r– 1 root root 0 Mar 20 22:12 ywx5
-rw-r–r– 1 root root 0 Mar 20 22 :12 ywx6
-rw-r–r– 1 root root 0 Mar 20 22:12 ywx7
-rw-r–r– 1 root root 0 Mar 20 22:12 ywx8
-rw-r–r– 1 root root 0 Mar 20 22:12 ywx9
[[email protected] backup]# rsync -avzP /backup/ [email protected]::backup –password- file=/etc/rsync.password
sending incremental file list
./
ywx1
0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=9/ 11)
ywx10
0 100% 0.00kB/s 0:00:00 (xfer#2, to-check=8/11)
ywx2
0 100% 0.00kB/s 0: 00:00 (xfer#3, to-check=7/11)
ywx3
0 100% 0.00kB/s 0:00:00 (xfer#4, to-check=6/11)
ywx4< br> 0 100% 0.00kB/s 0:00:00 (xfer#5, to-check=5/11)
ywx5
0 100% 0.00kB/s 0:00:00 (xfer#6 , to-check=4/11)
ywx6
0 100% 0.00kB/s 0:00:00 (xfer#7, to-check=3/11)
ywx7
0 100 % 0.00kB/s 0:00:00 (xfer#8, to-check=2/11)
ywx8
0 100% 0.00kB/s 0:00:00 (xfer#9, to-check =1/11)
ywx9
0 100% 0.00kB/s 0:00:00 (xfer#10, to-check=0/11)
sent 462 bytes received 201 bytes 1326.00 bytes/sec
total size is 0 speedup is 0.00
(5) nfs01 server packaging script nfsbak.sh
vim /server/scripts/nfsbak.sh< /p>
#!/bin/bash
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root /bin
######Custom Variables
Path=/backup
backup_Server=172.16.1.41
IP=`/sbin/ifconfig eth1|awk -F”[ :]+” ‘NR==2{print $4}’`
Dir=${IP}_$(date +%F_%w)
######如果需要备份的文件和目录存在, Then copy to the relative directory under /backup
mkdir -p $Path/$Dir
[-f /var/spool/cron/root] && cp -rp /var/spool/cron/root $ Path/$Dir/
[-f /etc/rc.d/rc.local] && cp -rp /etc/rc.d/rc.local $Pa th/$Dir/
[-d /server/scripts] && cp -rp /server/scripts $Path/$Dir/
[-d /var/html/www] && cp -rp /var/ html/www $Path/$Dir/
[-d /app/logs] && cp -rp /app/logs $Path/$Dir/
[-f /etc/sysconfig/iptables] && cp- rp /etc/sysconfig/iptables $Path/$Dir/
#######进入/backup目录并打包相应的目录文件
cd $Path
tar – zcf $Path/${Dir}.tar.gz $Dir
#######打包完成后,删除源目录
rm -rf $Path/$Dir
#######创建md5sum验证信息,方便backup服务器检验数据是否完成
/usr/bin/md5sum $Path/${Dir}.tar.gz > $Path/ md5sum_${IP}.txt
#######推送打包的文件及md5sum校验值到备份服务器
rsync -avz $Path/ [email protected]${ backupServer}::backup –password-file=/etc/rsync.password
#######Find and delete backups older than 7 days
find $Path/ -name “${IP} *” -type f -mtime +7 | xargs rm -rf
(6) Scheduled tasks for nfs backup
00 00 * * * /bin/sh /server /scripts/nfsbak.sh
Four. Check whether the backup results are normal on the backup server, and send the daily backup results to the administrator’s mailbox;
Because the files backed up by the nfs server all have md5sum, whether the file backup is normal, only the value of md5sum is the same
#!/bin/bash
export PATH=/usr/l ocal/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
#####Find the md5sum check of the backup files within 1 day和
md5=$(/bin/find /backup/ -type f -mtime -1 -name “md5sum_*.txt”)
for i in $md5
do
md5sum -c $md5 >/dev/null 2>&1
md5jg=$(echo $?)
if [${md5jg} -eq 0 ]; then
mail -s “$(date +% F)This is backup OK” [email protected]
else
mail -s “$(date +%F)This is backup Worry” [email protected]
done
5. The data on the backup server is retained every Saturday, and other backups are only retained for 180 days.
#!/bin/bash
export PATH=/usr/ local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
find /backup! -name “*_6.tar.gz”!- name “md5sum*_6.txt” -mtime +180 -type f | xargs rm -rf
VI. Timing tasks of backup server
######### ######################## Timing task script##################### ################################
vim /server/scripts/backup.sh
#!/bin/bash
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
md5 =$(/bin/find /backup/ -type f -mtime -1- name “md5sum_*.txt”)
for i in $md5
do
md5sum -c $md5 > /dev/null 2>&1
md5jg=$(echo $?)
if [${md5jg} -eq 0 ];then
mail -s “$(date +%F) This is backup Ok!!!” [emailprotected]
else
mail- s “$(date +%F) This is backup Worry!!!” [email protected]
done
find /backup ! -name “*_6.tar.gz” ! -name “md5sum *_6.txt” -mtime +180 -type f | xargs rm -rf
############################ ############################################## #####################
######################## #### Timing tasks######################################### #############
00 00 * * * /bin/sh /server/scripts/backup.sh
< /p>
Seven, ansible one-click deployment of rsync
1. Host network parameters:
Host network card ip address usage
m01 eth1 172.16.1.61 Management host
backup01 eth1 172.16 .1.41 backup服务器
nfs01 eth1 172.16.1.31 nfs服务器
2、在m01管理主机上的准备工作:
(1)编写ssh分发脚本,让m01可以免交互式登录backup And nfs server
#!/bin/bash
#ssh connect
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/us r/sbin:/usr/bin:/root/bin
rm -rf /root/.ssh/id_dsa
#####Create interactive key
ssh-keygen -t dsa -f /root/.ssh/id_dsa -N “”
yum install -y sshpass
##### Push the key of m01 without interaction
for ip in 41 31
do
sshpass -p123456 ssh-copy-id -i /root/.ssh/id_dsa.pub “-o StrictHostKeyChecking=no 172.16.1.$ip”
done
(2)安装ansible
服务端:
yum install -y ansible
客户端:(可选)
yum install -y libselinux-python
(3)编写rsync剧本:rsync.yaml
= ===========================================rsync.yaml__start==== ================================================== ========
#command play-book
– hosts: rsync_server
tasks:
– name: step01:install rsync
yum: name=rsync state =installed
-name: step02:edit rsync conf file
copy: src=/etc/ansible/conf/rsync_conf/rsyncd.conf dest=/etc/
-name: step03:create rsync user< br> user: name=rsync state=present createhome=no shell=/sbin/nologin
-name: step04:create auth file
copy: src=/etc/ansible/conf/rsync_conf /rsync.password dest=/etc/ mode=600
-name: step05:create backup directory
file: dest=/backup state=directory owner=rsync group=rsync
-name: step06:start rsync server
shell: rsync –daemon creates=/var/run/rsyncd.pid
– hosts: rsync_client
tasks:
– name: step01:create auth file
copy: src=/etc/ansible/conf/rsync_conf/rsync_client.password dest=/etc/rsync.password mode=600
================= ============================rsync.yaml__end================== ===========================================
(4) Test script
[[email protected] rsync_conf]# ansible-playbook -C /server/scripts/rsync_install.yaml
PLAY [rsync_server ] ***************************************
TASK [Gathering Facts] ************************************
ok: [172.16.1.41]
TASK [step01:install rsync] ***********************************
ok: [172.16.1.41]
TASK [step02:edit rsync conf file] *************************** *****
ok: [172.16.1 .41]
TASK [step03:create rsync user] ******************************** ***
ok: [172.16.1.41]
TASK [step04:create auth file] ********************** **************
ok: [172.16.1.41]
TASK [step05:create backup directory] *********** **********************
ok: [172.16.1.41]
TASK [step06:start rsync server] *** *******************************
skipping: [172.16.1.41]
PLAY [ rsync_client] ***************************************
TASK [ Gathering Facts] ************************************
ok: [172.16.1.7]< br>ok: [172.16.1.31]
TASK [step01:create auth file] ************************** **********
changed: [172.16.1.7]
ok: [172.16.1.31]
PLAY RECAP *********** *****************************
172.16.1.31: ok=2 changed=0 unreachable=0 failed=0
172.16.1.41: ok=6 changed=0 unreachable=0 failed=0
172.16.1.7: ok=2 changed=1 unreachable=0 failed=0
3. One-click deployment:
[[emailprotected] rsync_conf]# ansible-playboo k /server/scripts/rsync_install.yaml
Eight, rsync start-up script (searched on the Internet)
Make service start-up script /etc/init .d/rsyncd
#!/bin/bash
#author:Mr.chen
# chkconfig:35 13 91
# description:This is Rsync service management shell script
# Source function library
. /etc/rc.d/init.d/functions
start(){
rsync –daemon
if [ $? -eq 0 -a `ps -ef |grep -v grep|grep rsync|wc -l` -gt 0 ];then
action “Starting Rsync:” /bin/true
sleep 1
else
action “Starting Rsync:” /bin/false
sleep 1
fi
}
stop(){
pkill rsync;sleep 1;pkill rsync
if [ `ps -ef|grep – v grep|grep “rsync –daemon”|wc -l` -lt 1 ];then
action “Stopping Rsync: “/bin/true
sleep 1
else
action “Stopping Rsync :” /bin/true
sleep 1
fi
}
case “$1” in
start)
start;
;;
stop)
stop;
;;
restart|reload)
stop;
start;
;;
*)
echo $”Usage: $0 {start|stop |restart|reload}”
;;
esac
6) Put the startup script in / In the etc/init.d directory, increase the x execution permission and add the boot start
[[email Protected] ~]# chmod +x /etc/init.d/rsyncd
[[email Protected] ~]# / etc/init.d/rsyncd stop
Terminated
[[email Protected] ~]# /etc/init.d/rsyncd start
Starting Rsync: [OK]
[[email Protected] ~]# chkconfig rsyncd on
[[email Protected] ~]# chkconfig –list | grep rsync rsyncd 0: Disable 1: Disable 2: Enable 3: Enable 4: Enable 5: Enable 6: Disable