FTP

修改ftp用户的家目录

#查看ftp用户的信息
[root@centos8 ~]#getent passwd ftp
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin

#创建新的ftp用户家目录
[root@centos8 ~]#mkdir /data/ftproot && touch /data/ftproot/ftproot.txt

#修改ftp用户家目录
[root@centos8 ~]#usermod -d /data/ftproot ftp

#验证
[root@centos8 ~]#getent passwd ftp
ftp:x:14:50:FTP User:/data/ftproot:/sbin/nologin

NFS

#使修改后的配置文件生效 
exportfs -r

#查看当前生效的nfs配置
exportfs -v 

#查询远程主机上可挂载的目录
showmount 

#nfs共享文件授权nobody用户读写权限
setfacl -m u:bobody:rwx /data/nfs1

#清除某个文件夹的facl权限
setfacl -b /data/nfsdir1

samba

C/S服务架构

#服务端
[root@samba-server ~]#yum install -y samba
[root@samba-server ~]#systemctl enable --now  smb

#客户端
[root@centos8 ~]#yum install samba-client

#列出samba服务器中共享的文件夹
[root@centos8 ~]#smbclient -L 10.0.0.5
Enter SAMBA\root's password:
Anonymous login successful

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	IPC$            IPC       IPC Service (Samba 4.14.5)
SMB1 disabled -- no workgroup available

[root@centos8 ~]#

常用配置及测试

创建用户

[root@samba-server ~]#useradd smb1
[root@samba-server ~]#smbpasswd -a smb1
New SMB password:
Retype new SMB password:
Added user smb1.
[root@samba-server ~]#pdbedit -L
smb1:2004:

#使用smb1用户进行登录
[root@samba-client ~]#smbclient //10.0.0.5/share -U smb1%123456
Try "help" to get a list of possible commands.
smb: \>

为用户创建单独的配置文件

[root@samba-server ~]#vim /etc/samba/smb.conf	
[global]
    config file=/etc/samba/conf.d/%U

[root@samba-server ~]#cat /etc/samba/conf.d/smb1
[share]  #共享名称
path=/data/smbshare  #共享路径

[root@samba-server ~]#cat /etc/samba/conf.d/smb2
[share]  #共享名称
path=/data/smbshare2  #共享路径

[root@samba-server ~]#touch /data/smbshare/smb1.txt
[root@samba-server ~]#touch /data/smbshare2/smb2.txt

#测试
[root@samba-client ~]#smbclient //10.0.0.5/share -U smb1%123456
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Fri Feb 11 14:43:34 2022
  ..                                  D        0  Fri Feb 11 14:43:48 2022
  a.txt                               N        0  Fri Feb 11 13:03:06 2022
  b.txt                               A        6  Fri Feb 11 13:07:28 2022
  smb1.txt                            N        0  Fri Feb 11 14:43:34 2022

		52403200 blocks of size 1024. 51379384 blocks available
smb: \> exit
[root@samba-client ~]#smbclient //10.0.0.5/share -U smb2%123456
Try "help" to get a list of possible commands.
smb: \> ls
  .                                   D        0  Fri Feb 11 14:51:32 2022
  ..                                  D        0  Fri Feb 11 14:43:48 2022
  smb2.txt                            N        0  Fri Feb 11 14:51:32 2022

		52403200 blocks of size 1024. 51379384 blocks available
smb: \> exit

自动挂载

#安装cifs文件系统
[root@samba-client ~]#yum install cifs-utils -y
#将挂载信息写入fstab文件 注意fstab文件中写的挂载路径是samba的共享名称显示出来的sharename那一列,不是共享路径
[root@samba-client ~]#smbclient -L 10.0.0.5
Enter SAMBA\root's password:
Anonymous login successful

	Sharename       Type      Comment
	---------       ----      -------
	print$          Disk      Printer Drivers
	share           Disk
	IPC$            IPC       IPC Service (Samba 4.14.5)
SMB1 disabled -- no workgroup available

#正确的挂载写法
[root@samba-client ~]#vim /etc/fstab
//10.0.0.5/share                       /mnt/share              cifs    username=smb1,password=123456 0 0

fstab文件中配置了samba中的挂载路径会报错

#错误的挂载路径
[root@samba-client ~]#cat /etc/fstab

#
# /etc/fstab
# Created by anaconda on Mon Jun 14 08:25:42 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
UUID=eda5adf8-10e2-447a-964b-9e8692e24ff5 /                       xfs     defaults        0 0
UUID=b671de56-1b95-422d-9664-1b2d7bebdff6 /boot                   ext4    defaults        1 2
UUID=9f3f8277-ef8c-4658-bb23-5b78315ce233 /data                   xfs     defaults        0 0
UUID=13c716a5-5665-4d29-bad0-e8b92af044d4 none                    swap    defaults        0 0
//10.0.0.5/smbshare                       /mnt/share              cifs    username=smb1,password=123456 0 0

[root@web1 ~]#mount -a
mount error(2): No such file or directory
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)

[root@web1 ~]#dmesg
[11198.047841] CIFS: Attempting to mount //10.0.0.5/smbshare
[11198.047851] No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3 (or SMB2.1) specify vers=1.0 on mount.
[11198.078612] CIFS VFS:  BAD_NETWORK_NAME: \\10.0.0.5\smbshare
[11198.080639] CIFS VFS: cifs_mount failed w/return code = -2

#cifs文件系统挂载因为安全问题不支持低版本了,使用参数vers=1.0也能挂载成功

LAMP架构共享存储NFS

版本1 共享整个wordpress目录

拓扑图

centos 搭建共享文件夹_centos

nfs

#更改主机名 重新登陆生效
[root@nfs ~]#hostnamectl set-hostname nfs.kktb.org

[root@nfs ~]#mkdir /data/wordpress

#下载&拷贝wordpress
[root@nfs download]#pwd
/data/download
[root@nfs download]#wget https://wordpress.org/wordpress-5.8.3.tar.gz
[root@nfs download]#tar xf wordpress-5.8.3.tar.gz
[root@nfs download]#cd wordpress/
[root@nfs wordpress]#cp -r * /data/wordpress/
[root@nfs wordpress]#cd /data/wordpress
[root@nfs wordpress]#chown -R apache.apache wp-content/



[root@nfs ~]#yum install nfs-utils -y

[root@nfs ~]#systemctl enable --now nfs-server

[root@nfs ~]#cat /etc/exports
/data/wordpress 10.0.0.0/24(rw)

[root@nfs ~]#exportfs -a
[root@nfs ~]#exportfs -v
/data/wordpress
		10.0.0.0/24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)

[root@nfs ~]#showmount -e
Export list for nfs:
/data/wordpress 10.0.0.0/24

mysql

[root@mysql ~]#hostnamectl set-hostname mysql

[root@mysql ~]#yum install mysql-server -y

[root@mysql ~]#systemctl enable --now mysqld

#登录数据库,修改数据库密码
[root@localhost log]#mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.26 Source distribution

Copyright (c) 2000, 2021, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> alter user root@'localhost' identified by '123456';
Query OK, 0 rows affected (0.01 sec)

mysql> exit;
Bye

#配置wordpress数据库&授权用户
mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)

mysql> create user wordpress@'10.0.0.%' identified by '123456';
Query OK, 0 rows affected (0.00 sec)

mysql> grant all on wordpress.* to wordpress@'10.0.0.%' ;
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

web

两台web机器使用ansible部署

#拷贝密钥
[root@centos8 ansible]#yum install sshpass -y
export SSHPASS=cause
sshpass -e ssh-copy-id -o StrictHostkeyChecking=no 10.0.0.9
sshpass -e ssh-copy-id -o StrictHostkeyChecking=no 10.0.0.10

#将web机器加入主机清单
[root@centos8 ansible]#cat hosts
[web]
10.0.0.9
10.0.0.10

#安装web服务
[root@centos8 ansible]#ansible web -m yum -a 'name=httpd,php-fpm,php-json,php-mysqlnd,nfs-utils'

#启动web服务
[root@centos8 ansible]#ansible web -m service -a 'name=httpd state=started enabled=yes'
[root@centos8 ansible]#ansible web -m service -a 'name=php-fpm state=started enabled=yes'

#挂载nfs共享存储
[root@centos8 ansible]#ansible web -m shell -a 'echo 10.0.0.6:/data/wordpress                  /var/www/html           nfs     _netdev         0 0 >> /etc/fstab'
10.0.0.9 | CHANGED | rc=0 >>

10.0.0.10 | CHANGED | rc=0 >>

#使挂载生效
[root@centos8 ansible]#ansible web -m command -a 'mount -a'

#保证nfs和两台web中都有apache用户并且UID相同
[root@centos8 ansible]#ansible web -m command -a 'id apache'
10.0.0.9 | CHANGED | rc=0 >>
uid=48(apache) gid=48(apache) groups=48(apache)
10.0.0.10 | CHANGED | rc=0 >>
uid=48(apache) gid=48(apache) groups=48(apache)

版本2 只共享上传目录

php解析交由web服务器进行解析,nfs只共享用户上传文件目录

拓扑图

centos 搭建共享文件夹_centos_02

web

使用ansible部署

#下载wordpress文件
[root@centos8 ansible]#ansible web -m get_url -a 'url=https://wordpress.org/wordpress-5.8.3.tar.gz dest=/root/'
10.0.0.9 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum_dest": null,
    "checksum_src": "3be7ed4dc6f46fe98271b974c88153640e95ad49",
    "dest": "/root/wordpress-5.8.3.tar.gz",
    "elapsed": 10,
    "gid": 0,
    "group": "root",
    "md5sum": "9abc51309a31a0d5846ec40ce475cb86",
    "mode": "0644",
    "msg": "OK (15087521 bytes)",
    "owner": "root",
    "size": 15087521,
    "src": "/root/.ansible/tmp/ansible-tmp-1644399737.6372435-10576-24233535166540/tmpt_4gdno9",
    "state": "file",
    "status_code": 200,
    "uid": 0,
    "url": "https://wordpress.org/wordpress-5.8.3.tar.gz"
}
10.0.0.10 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum_dest": null,
    "checksum_src": "3be7ed4dc6f46fe98271b974c88153640e95ad49",
    "dest": "/root/wordpress-5.8.3.tar.gz",
    "elapsed": 11,
    "gid": 0,
    "group": "root",
    "md5sum": "9abc51309a31a0d5846ec40ce475cb86",
    "mode": "0644",
    "msg": "OK (15087521 bytes)",
    "owner": "root",
    "size": 15087521,
    "src": "/root/.ansible/tmp/ansible-tmp-1644399737.6380565-10578-176855044630649/tmpaowguvzf",
    "state": "file",
    "status_code": 200,
    "uid": 0,
    "url": "https://wordpress.org/wordpress-5.8.3.tar.gz"
}

#解压缩
[root@centos8 ansible]#ansible web -m unarchive -a 'src=/root/wordpress-5.8.3.tar.gz dest=/root/ copy=no'
10.0.0.10 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "dest": "/root/",
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar",
            "--extract",
            "-C",
            "/root/",
            "-z",
            "-f",
            "/root/wordpress-5.8.3.tar.gz"
        ],
        "err": "",
        "out": "",
        "rc": 0
    },
    "gid": 0,
    "group": "root",
    "handler": "TgzArchive",
    "mode": "0550",
    "owner": "root",
    "size": 4096,
    "src": "/root/wordpress-5.8.3.tar.gz",
    "state": "directory",
    "uid": 0
}
10.0.0.9 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "dest": "/root/",
    "extract_results": {
        "cmd": [
            "/usr/bin/gtar",
            "--extract",
            "-C",
            "/root/",
            "-z",
            "-f",
            "/root/wordpress-5.8.3.tar.gz"
        ],
        "err": "",
        "out": "",
        "rc": 0
    },
    "gid": 0,
    "group": "root",
    "handler": "TgzArchive",
    "mode": "0550",
    "owner": "root",
    "size": 249,
    "src": "/root/wordpress-5.8.3.tar.gz",
    "state": "directory",
    "uid": 0
}

#拷贝解压缩的目录到/var/www/html目录中
[root@centos8 ansible]#ansible web -m copy -a 'src=/root/wordpress/ dest=/var/www/html remote_src=yes'
10.0.0.9 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": null,
    "dest": "/var/www/html",
    "gid": 0,
    "group": "root",
    "md5sum": null,
    "mode": "0755",
    "owner": "root",
    "size": 4096,
    "src": "/root/wordpress/",
    "state": "directory",
    "uid": 0
}
10.0.0.10 | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": true,
    "checksum": null,
    "dest": "/var/www/html",
    "gid": 0,
    "group": "root",
    "md5sum": null,
    "mode": "0755",
    "owner": "root",
    "size": 4096,
    "src": "/root/wordpress/",
    "state": "directory",
    "uid": 0
}

#写入挂载目录
#挂载nfs共享存储
[root@centos8 ansible]#ansible web -m shell -a 'echo 10.0.0.6:/data/wordpress/wp-content        /var/www/html/wp-content     nfs     _netdev  0 0 >> /etc/fstab'
10.0.0.9 | CHANGED | rc=0 >>

10.0.0.10 | CHANGED | rc=0 >>

#使挂载生效
[root@centos8 ansible]#ansible web -m command -a 'mount -a'

#查看是否生效
[root@centos8 ansible]#ansible web -m command -a 'df'
10.0.0.9 | CHANGED | rc=0 >>
Filesystem                          1K-blocks    Used Available Use% Mounted on
devtmpfs                               979052       0    979052   0% /dev
tmpfs                                  998116       0    998116   0% /dev/shm
tmpfs                                  998116   17136    980980   2% /run
tmpfs                                  998116       0    998116   0% /sys/fs/cgroup
/dev/sda2                            10475520 1883156   8592364  18% /
/dev/sda3                             5232640  129064   5103576   3% /data
/dev/sda1                              999320  134884    795624  15% /boot
tmpfs                                  199620       0    199620   0% /run/user/0
10.0.0.6:/data/wordpress/wp-content  52403200  577536  51825664   2% /var/www/html/wp-content
10.0.0.10 | CHANGED | rc=0 >>
Filesystem               1K-blocks    Used Available Use% Mounted on
devtmpfs                    897624       0    897624   0% /dev
tmpfs                       916500       0    916500   0% /dev/shm
tmpfs                       916500    8928    907572   1% /run
tmpfs                       916500       0    916500   0% /sys/fs/cgroup
/dev/sda2                 15718400 2717980  13000420  18% /
/dev/sda1                  1038336  190368    847968  19% /boot
tmpfs                       183300       0    183300   0% /run/user/0
10.0.0.6:/data/wordpress/wp-content  52403200  577536  51825664   2% /var/www/html/wp-content

web1

#挂载nfs共享存储
[root@web1 html]#echo "10.0.0.6:/data/wordpress/wp-content /var/www/html/wp-content nfs _netdev 0 0" >> /etc/fstab
[root@web1 html]#mount -a

[root@web1 html]#df
Filesystem                          1K-blocks    Used Available Use% Mounted on
devtmpfs                               979052       0    979052   0% /dev
tmpfs                                  998116       0    998116   0% /dev/shm
tmpfs                                  998116   17128    980988   2% /run
tmpfs                                  998116       0    998116   0% /sys/fs/cgroup
/dev/sda2                            10475520 1879300   8596220  18% /
/dev/sda3                             5232640   69544   5163096   2% /data
/dev/sda1                              999320  134884    795624  15% /boot
tmpfs                                  199620       0    199620   0% /run/user/0
10.0.0.6:/data/wordpress/wp-content  52403200  570368  51832832   2% /var/www/html/wp-content

web2
与web1相同配置

重新执行一遍wordpress的初始化即可

  • 数据库名:在mysql数据库中创建的数据库名
  • 用户名:创建的远程登录数据库的用户名
  • 密码:远程登录数据库的密码
  • 数据库主机:提供mysql数据库服务的数据库主机
  • 表前缀:wp_

总结:
web服务器处理php请求,nfs只存储用户上传的内容

自动挂载

vim /etc/auto.master
/d1/d2 /etc/test.txt

vim /etc/test.txt

d3 -fstype=nfs 10.0.0.6:/data/wordpress

使用umount命令时要切出被取消挂载的目录后再使用umount命令取消挂载

数据同步

rsync

[root@backup ~]#yum install rsync -y
#基于密钥key验证同步一次
##生成密钥 
[root@data ~]#ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)?  #已经生成过密钥,所以提示是否要覆盖
#拷贝密钥至远程主机
[root@backup ~]#ssh-copy-id 10.0.0.5
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.5's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '10.0.0.5'"
and check to make sure that only the key(s) you wanted were added.

#立即同步一次 将10.0.0.5中的内容同步至本机
[root@backup ~]#rsync -av 10.0.0.5:/data/www/ /data/backup
receiving incremental file list
./
1.txt
2.txt

sent 65 bytes  received 367 bytes  864.00 bytes/sec
total size is 194  speedup is 0.45
[root@backup ~]#tree /data/backup
/data/backup
├── 1.txt
└── 2.txt

0 directories, 2 files

周期性同步

结合计划任务

周期性增量同步

#创建计划任务
[root@backup ~]#crontab -e
no crontab for root - using an empty one
crontab: installing new crontab
[root@backup ~]#crontab -l
* * * * * rsync -av 10.0.0.5:/data/www/ /data/backup

#被同步端创建测试文件
[root@data ~]#dd if=/dev/zero of=/data/www/bigfile bs=1M count=100
100+0 records in
100+0 records out
104857600 bytes (105 MB, 100 MiB) copied, 0.0252187 s, 4.2 GB/s
[root@data ~]#ls /data/www/
1.txt  2.txt  bigfile

#等待一分钟 查看备份端
[root@backup ~]#tree /data/backup
/data/backup
├── 1.txt
├── 2.txt
└── bigfile

0 directories, 3 files

周期性增量、删除同步

#配置同步端
[root@backup ~]#crontab -e
crontab: installing new crontab
You have new mail in /var/spool/mail/root
[root@backup ~]#crontab -l
* * * * * rsync -av --delete 10.0.0.5:/data/www/ /data/backup

#被同步端删除1.txt
[root@data ~]#rm -rf /data/www/1.txt

#同步端一分钟后查看
[root@backup ~]#tree /data/backup
/data/backup
├── 2.txt
└── bigfile

0 directories, 2 files
You have new mail in /var/spool/mail/root

实时同步(脚本方式)