实验环境:
1 服务器1 :192.168.1.1
服务器2 :192.168.1.2
要求:两台服务上的网站必须一样,保证实时同步
一、配置ssh备份源 (如果使用普通用户要给相应的权限)
新建备份用户rget rput 分别用来上传下载
useradd rget
useradd rput
passwd rget
passwd rput
确认sshd服务正常启动,且允许用户rget rput访问
vim /etc/ssh/sshd_config
..........
UserDNS no
AllowUsers rget rput
service sshd restart
chown -R rput:rput/var/www/html
setfacl -R -m user:daemon:rwx /var/www/html /upload
getgacl /var/www/html/upload
setfacl -m default:user:daemon:rwx /var/www/html/upload/
getfacl /var/www/html/upload | grep default
二、配置rsync备份源
vim /etc/rsyncd.conf
uid=nobody
gid=nobody
use chroot = yes //禁锢在源目录
address = 192.168.1.1 //监听端口
prot 873 //监听端口
log file = /var/log/rsyncd.log //日志文件位置
pid file = /var/run/rsyncd.pid //存放进程ID的文件位置
hosts allow = 192.168.1.0/24 //允许访问的客户机地址
[wwwroot] //共享模快名称
path = /var/www/html //原目录的实际路径
comment = Document Root of www.benet.com
read only = yes //是否为只读
dont compress = *.gz *.bz2 *.tgz *.zip *.rar *.z //同步时不再压缩的文件类型
auth users = backuper //授权账户
secrets file = /etc/rsyncd_users.db //存放账户信息的数据文件
vim /etc/rsyncd_users.db
backuper:pwd123
chmod 600 /etc/rsyncd_users.db
rsync daemon
[root@localhost ~]# netstat -anpt | grep rsync
tcp 0 0 192.168.1.1:873 0.0.0.0:* LISTEN 5458/rsync
kill $(cat /var/run/rsyncd.pid)
vim /etc/xined.d/rsync
~ # default: off
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync
{
disable = no //将原来的yes改为no
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon //确认有--daemon服务选项
log_on_failure += USERID
}
yum -y install xinetd
service xinetd start
二、使用rsync备份工具
(1)ssh备份源
rsync -avz rget@192.168.1.1:/var/www/html /opt
(2)
rsync -avz backuper@192.168.1.1::wwwroot /root
或者
rsync -azv rsync://backuper@192.168.1.1/wwwroot /root
三、配置rsync + inotify实时同步
一 调整inotify内核参数
[root@localhost ~]# cat /proc/sys/fs/inotify/max_queued_events
16384
[root@localhost ~]# cat /proc/sys/fs/inotify/max_user_instances
1024
[root@localhost ~]# cat /proc/sys/fs/inotify/max_user_watches
1048576
vim /etc/sysctl.conf
kernel.shmall = 268435456
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances =1024
fs.inotify.max_user_watches = 1048576
sysctl -p
二、安装inofity-tools工具
tar -zxvf inotify-tools-3.14.tar.gz
cd inotify-tools-3.14
./configure
make
make install
inotifywait -mrq -e modify,create,attrib,move,delete /var/www/html/ &
三、编写触发式同步脚本
vim /opt/inotifity_rsync.sh
#!/bin/bash
INOTIFY_CMD="/usr/local/bin/inotifywait -mrq -e modify,create,attrib,move,delete /var/www/html/"
RSYNC_CMD="/usr/bin/rsync -azH --delete /var/www/html/ /nfs/"
$INOTIFY_CMD | while read DIRECTORY EVENT FILE
do
if [ $(pgrep rsync | wc -l) -le 0 ]; then
$RSYNC_CMD
fi
done
chmod +x /opt/inotifity_rsync.sh
echo '/opt/inotifity_rsync.sh' >> /etc/rc.local
前提条件 在备份源上面的操作
[root@localhost ~]# vim /etc/exports (192.168.1.1)
/var/www/html *(rw,no_root_squash)
service nfs restart
把共享的目录挂在到本地
mount 192.168.1.1:/var/www/html/ /nfs/
备份源与发起端生成密钥对 (连接时不需要进入交互式)
ssh-keygen -t rsa
ssh-copy-id -i .ssh/id_rsa.pub 192.168.1.2