FTP
修改ftp用户的家目录
#查看ftp用户的信息
[root@centos8 ~]#getent passwd ftp
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
#创建新的ftp用户家目录
[root@centos8 ~]#mkdir /data/ftproot && touch /data/ftproot/ftproot.txt
#修改ftp用户家目录
[root@centos8 ~]#usermod -d /data/ftproot ftp
#验证
[root@centos8 ~]#getent passwd ftp
ftp:x:14:50:FTP User:/data/ftproot:/sbin/nologin
NFS
#使修改后的配置文件生效
exportfs -r
#查看当前生效的nfs配置
exportfs -v
#查询远程主机上可挂载的目录
showmount
#nfs共享文件授权nobody用户读写权限
setfacl -m u:bobody:rwx /data/nfs1
#清除某个文件夹的facl权限
setfacl -b /data/nfsdir1
samba
C/S服务架构
#服务端
[root@samba-server ~]#yum install -y samba
[root@samba-server ~]#systemctl enable --now smb
#客户端
[root@centos8 ~]#yum install samba-client
#列出samba服务器中共享的文件夹
[root@centos8 ~]#smbclient -L 10.0.0.5
Enter SAMBA\root's password:
Anonymous login successful
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
IPC$ IPC IPC Service (Samba 4.14.5)
SMB1 disabled -- no workgroup available
[root@centos8 ~]#
常用配置及测试
创建用户
[root@samba-server ~]#useradd smb1
[root@samba-server ~]#smbpasswd -a smb1
New SMB password:
Retype new SMB password:
Added user smb1.
[root@samba-server ~]#pdbedit -L
smb1:2004:
#使用smb1用户进行登录
[root@samba-client ~]#smbclient //10.0.0.5/share -U smb1%123456
Try "help" to get a list of possible commands.
smb: \>
为用户创建单独的配置文件
[root@samba-server ~]#vim /etc/samba/smb.conf
[global]
config file=/etc/samba/conf.d/%U
[root@samba-server ~]#cat /etc/samba/conf.d/smb1
[share] #共享名称
path=/data/smbshare #共享路径
[root@samba-server ~]#cat /etc/samba/conf.d/smb2
[share] #共享名称
path=/data/smbshare2 #共享路径
[root@samba-server ~]#touch /data/smbshare/smb1.txt
[root@samba-server ~]#touch /data/smbshare2/smb2.txt
#测试
[root@samba-client ~]#smbclient //10.0.0.5/share -U smb1%123456
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Fri Feb 11 14:43:34 2022
.. D 0 Fri Feb 11 14:43:48 2022
a.txt N 0 Fri Feb 11 13:03:06 2022
b.txt A 6 Fri Feb 11 13:07:28 2022
smb1.txt N 0 Fri Feb 11 14:43:34 2022
52403200 blocks of size 1024. 51379384 blocks available
smb: \> exit
[root@samba-client ~]#smbclient //10.0.0.5/share -U smb2%123456
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Fri Feb 11 14:51:32 2022
.. D 0 Fri Feb 11 14:43:48 2022
smb2.txt N 0 Fri Feb 11 14:51:32 2022
52403200 blocks of size 1024. 51379384 blocks available
smb: \> exit
自动挂载
#安装cifs文件系统
[root@samba-client ~]#yum install cifs-utils -y
#将挂载信息写入fstab文件 注意fstab文件中写的挂载路径是samba的共享名称显示出来的sharename那一列,不是共享路径
[root@samba-client ~]#smbclient -L 10.0.0.5
Enter SAMBA\root's password:
Anonymous login successful
Sharename Type Comment
--------- ---- -------
print$ Disk Printer Drivers
share Disk
IPC$ IPC IPC Service (Samba 4.14.5)
SMB1 disabled -- no workgroup available
#正确的挂载写法
[root@samba-client ~]#vim /etc/fstab
//10.0.0.5/share /mnt/share cifs username=smb1,password=123456 0 0
fstab文件中配置了samba中的挂载路径会报错
#错误的挂载路径
[root@samba-client ~]#cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Mon Jun 14 08:25:42 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
UUID=eda5adf8-10e2-447a-964b-9e8692e24ff5 / xfs defaults 0 0
UUID=b671de56-1b95-422d-9664-1b2d7bebdff6 /boot ext4 defaults 1 2
UUID=9f3f8277-ef8c-4658-bb23-5b78315ce233 /data xfs defaults 0 0
UUID=13c716a5-5665-4d29-bad0-e8b92af044d4 none swap defaults 0 0
//10.0.0.5/smbshare /mnt/share cifs username=smb1,password=123456 0 0
[root@web1 ~]#mount -a
mount error(2): No such file or directory
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
[root@web1 ~]#dmesg
[11198.047841] CIFS: Attempting to mount //10.0.0.5/smbshare
[11198.047851] No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3 (or SMB2.1) specify vers=1.0 on mount.
[11198.078612] CIFS VFS: BAD_NETWORK_NAME: \\10.0.0.5\smbshare
[11198.080639] CIFS VFS: cifs_mount failed w/return code = -2
#cifs文件系统挂载因为安全问题不支持低版本了,使用参数vers=1.0也能挂载成功
LAMP架构共享存储NFS
版本1 共享整个wordpress目录
拓扑图
nfs
#更改主机名 重新登陆生效
[root@nfs ~]#hostnamectl set-hostname nfs.kktb.org
[root@nfs ~]#mkdir /data/wordpress
#下载&拷贝wordpress
[root@nfs download]#pwd
/data/download
[root@nfs download]#wget https://wordpress.org/wordpress-5.8.3.tar.gz
[root@nfs download]#tar xf wordpress-5.8.3.tar.gz
[root@nfs download]#cd wordpress/
[root@nfs wordpress]#cp -r * /data/wordpress/
[root@nfs wordpress]#cd /data/wordpress
[root@nfs wordpress]#chown -R apache.apache wp-content/
[root@nfs ~]#yum install nfs-utils -y
[root@nfs ~]#systemctl enable --now nfs-server
[root@nfs ~]#cat /etc/exports
/data/wordpress 10.0.0.0/24(rw)
[root@nfs ~]#exportfs -a
[root@nfs ~]#exportfs -v
/data/wordpress
10.0.0.0/24(sync,wdelay,hide,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)
[root@nfs ~]#showmount -e
Export list for nfs:
/data/wordpress 10.0.0.0/24
mysql
[root@mysql ~]#hostnamectl set-hostname mysql
[root@mysql ~]#yum install mysql-server -y
[root@mysql ~]#systemctl enable --now mysqld
#登录数据库,修改数据库密码
[root@localhost log]#mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.26 Source distribution
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> alter user root@'localhost' identified by '123456';
Query OK, 0 rows affected (0.01 sec)
mysql> exit;
Bye
#配置wordpress数据库&授权用户
mysql> create database wordpress;
Query OK, 1 row affected (0.00 sec)
mysql> create user wordpress@'10.0.0.%' identified by '123456';
Query OK, 0 rows affected (0.00 sec)
mysql> grant all on wordpress.* to wordpress@'10.0.0.%' ;
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
web
两台web机器使用ansible部署
#拷贝密钥
[root@centos8 ansible]#yum install sshpass -y
export SSHPASS=cause
sshpass -e ssh-copy-id -o StrictHostkeyChecking=no 10.0.0.9
sshpass -e ssh-copy-id -o StrictHostkeyChecking=no 10.0.0.10
#将web机器加入主机清单
[root@centos8 ansible]#cat hosts
[web]
10.0.0.9
10.0.0.10
#安装web服务
[root@centos8 ansible]#ansible web -m yum -a 'name=httpd,php-fpm,php-json,php-mysqlnd,nfs-utils'
#启动web服务
[root@centos8 ansible]#ansible web -m service -a 'name=httpd state=started enabled=yes'
[root@centos8 ansible]#ansible web -m service -a 'name=php-fpm state=started enabled=yes'
#挂载nfs共享存储
[root@centos8 ansible]#ansible web -m shell -a 'echo 10.0.0.6:/data/wordpress /var/www/html nfs _netdev 0 0 >> /etc/fstab'
10.0.0.9 | CHANGED | rc=0 >>
10.0.0.10 | CHANGED | rc=0 >>
#使挂载生效
[root@centos8 ansible]#ansible web -m command -a 'mount -a'
#保证nfs和两台web中都有apache用户并且UID相同
[root@centos8 ansible]#ansible web -m command -a 'id apache'
10.0.0.9 | CHANGED | rc=0 >>
uid=48(apache) gid=48(apache) groups=48(apache)
10.0.0.10 | CHANGED | rc=0 >>
uid=48(apache) gid=48(apache) groups=48(apache)
版本2 只共享上传目录
php解析交由web服务器进行解析,nfs只共享用户上传文件目录
拓扑图
web
使用ansible部署
#下载wordpress文件
[root@centos8 ansible]#ansible web -m get_url -a 'url=https://wordpress.org/wordpress-5.8.3.tar.gz dest=/root/'
10.0.0.9 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum_dest": null,
"checksum_src": "3be7ed4dc6f46fe98271b974c88153640e95ad49",
"dest": "/root/wordpress-5.8.3.tar.gz",
"elapsed": 10,
"gid": 0,
"group": "root",
"md5sum": "9abc51309a31a0d5846ec40ce475cb86",
"mode": "0644",
"msg": "OK (15087521 bytes)",
"owner": "root",
"size": 15087521,
"src": "/root/.ansible/tmp/ansible-tmp-1644399737.6372435-10576-24233535166540/tmpt_4gdno9",
"state": "file",
"status_code": 200,
"uid": 0,
"url": "https://wordpress.org/wordpress-5.8.3.tar.gz"
}
10.0.0.10 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum_dest": null,
"checksum_src": "3be7ed4dc6f46fe98271b974c88153640e95ad49",
"dest": "/root/wordpress-5.8.3.tar.gz",
"elapsed": 11,
"gid": 0,
"group": "root",
"md5sum": "9abc51309a31a0d5846ec40ce475cb86",
"mode": "0644",
"msg": "OK (15087521 bytes)",
"owner": "root",
"size": 15087521,
"src": "/root/.ansible/tmp/ansible-tmp-1644399737.6380565-10578-176855044630649/tmpaowguvzf",
"state": "file",
"status_code": 200,
"uid": 0,
"url": "https://wordpress.org/wordpress-5.8.3.tar.gz"
}
#解压缩
[root@centos8 ansible]#ansible web -m unarchive -a 'src=/root/wordpress-5.8.3.tar.gz dest=/root/ copy=no'
10.0.0.10 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/root/",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/root/",
"-z",
"-f",
"/root/wordpress-5.8.3.tar.gz"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TgzArchive",
"mode": "0550",
"owner": "root",
"size": 4096,
"src": "/root/wordpress-5.8.3.tar.gz",
"state": "directory",
"uid": 0
}
10.0.0.9 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"dest": "/root/",
"extract_results": {
"cmd": [
"/usr/bin/gtar",
"--extract",
"-C",
"/root/",
"-z",
"-f",
"/root/wordpress-5.8.3.tar.gz"
],
"err": "",
"out": "",
"rc": 0
},
"gid": 0,
"group": "root",
"handler": "TgzArchive",
"mode": "0550",
"owner": "root",
"size": 249,
"src": "/root/wordpress-5.8.3.tar.gz",
"state": "directory",
"uid": 0
}
#拷贝解压缩的目录到/var/www/html目录中
[root@centos8 ansible]#ansible web -m copy -a 'src=/root/wordpress/ dest=/var/www/html remote_src=yes'
10.0.0.9 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": null,
"dest": "/var/www/html",
"gid": 0,
"group": "root",
"md5sum": null,
"mode": "0755",
"owner": "root",
"size": 4096,
"src": "/root/wordpress/",
"state": "directory",
"uid": 0
}
10.0.0.10 | CHANGED => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": true,
"checksum": null,
"dest": "/var/www/html",
"gid": 0,
"group": "root",
"md5sum": null,
"mode": "0755",
"owner": "root",
"size": 4096,
"src": "/root/wordpress/",
"state": "directory",
"uid": 0
}
#写入挂载目录
#挂载nfs共享存储
[root@centos8 ansible]#ansible web -m shell -a 'echo 10.0.0.6:/data/wordpress/wp-content /var/www/html/wp-content nfs _netdev 0 0 >> /etc/fstab'
10.0.0.9 | CHANGED | rc=0 >>
10.0.0.10 | CHANGED | rc=0 >>
#使挂载生效
[root@centos8 ansible]#ansible web -m command -a 'mount -a'
#查看是否生效
[root@centos8 ansible]#ansible web -m command -a 'df'
10.0.0.9 | CHANGED | rc=0 >>
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 979052 0 979052 0% /dev
tmpfs 998116 0 998116 0% /dev/shm
tmpfs 998116 17136 980980 2% /run
tmpfs 998116 0 998116 0% /sys/fs/cgroup
/dev/sda2 10475520 1883156 8592364 18% /
/dev/sda3 5232640 129064 5103576 3% /data
/dev/sda1 999320 134884 795624 15% /boot
tmpfs 199620 0 199620 0% /run/user/0
10.0.0.6:/data/wordpress/wp-content 52403200 577536 51825664 2% /var/www/html/wp-content
10.0.0.10 | CHANGED | rc=0 >>
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 897624 0 897624 0% /dev
tmpfs 916500 0 916500 0% /dev/shm
tmpfs 916500 8928 907572 1% /run
tmpfs 916500 0 916500 0% /sys/fs/cgroup
/dev/sda2 15718400 2717980 13000420 18% /
/dev/sda1 1038336 190368 847968 19% /boot
tmpfs 183300 0 183300 0% /run/user/0
10.0.0.6:/data/wordpress/wp-content 52403200 577536 51825664 2% /var/www/html/wp-content
web1
#挂载nfs共享存储
[root@web1 html]#echo "10.0.0.6:/data/wordpress/wp-content /var/www/html/wp-content nfs _netdev 0 0" >> /etc/fstab
[root@web1 html]#mount -a
[root@web1 html]#df
Filesystem 1K-blocks Used Available Use% Mounted on
devtmpfs 979052 0 979052 0% /dev
tmpfs 998116 0 998116 0% /dev/shm
tmpfs 998116 17128 980988 2% /run
tmpfs 998116 0 998116 0% /sys/fs/cgroup
/dev/sda2 10475520 1879300 8596220 18% /
/dev/sda3 5232640 69544 5163096 2% /data
/dev/sda1 999320 134884 795624 15% /boot
tmpfs 199620 0 199620 0% /run/user/0
10.0.0.6:/data/wordpress/wp-content 52403200 570368 51832832 2% /var/www/html/wp-content
web2
与web1相同配置
重新执行一遍wordpress的初始化即可
- 数据库名:在mysql数据库中创建的数据库名
- 用户名:创建的远程登录数据库的用户名
- 密码:远程登录数据库的密码
- 数据库主机:提供mysql数据库服务的数据库主机
- 表前缀:wp_
总结:
web服务器处理php请求,nfs只存储用户上传的内容
自动挂载
vim /etc/auto.master
/d1/d2 /etc/test.txt
vim /etc/test.txt
d3 -fstype=nfs 10.0.0.6:/data/wordpress
使用umount命令时要切出被取消挂载的目录后再使用umount命令取消挂载
数据同步
rsync
[root@backup ~]#yum install rsync -y
#基于密钥key验证同步一次
##生成密钥
[root@data ~]#ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? #已经生成过密钥,所以提示是否要覆盖
#拷贝密钥至远程主机
[root@backup ~]#ssh-copy-id 10.0.0.5
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.5's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '10.0.0.5'"
and check to make sure that only the key(s) you wanted were added.
#立即同步一次 将10.0.0.5中的内容同步至本机
[root@backup ~]#rsync -av 10.0.0.5:/data/www/ /data/backup
receiving incremental file list
./
1.txt
2.txt
sent 65 bytes received 367 bytes 864.00 bytes/sec
total size is 194 speedup is 0.45
[root@backup ~]#tree /data/backup
/data/backup
├── 1.txt
└── 2.txt
0 directories, 2 files
周期性同步
结合计划任务
周期性增量同步
#创建计划任务
[root@backup ~]#crontab -e
no crontab for root - using an empty one
crontab: installing new crontab
[root@backup ~]#crontab -l
* * * * * rsync -av 10.0.0.5:/data/www/ /data/backup
#被同步端创建测试文件
[root@data ~]#dd if=/dev/zero of=/data/www/bigfile bs=1M count=100
100+0 records in
100+0 records out
104857600 bytes (105 MB, 100 MiB) copied, 0.0252187 s, 4.2 GB/s
[root@data ~]#ls /data/www/
1.txt 2.txt bigfile
#等待一分钟 查看备份端
[root@backup ~]#tree /data/backup
/data/backup
├── 1.txt
├── 2.txt
└── bigfile
0 directories, 3 files
周期性增量、删除同步
#配置同步端
[root@backup ~]#crontab -e
crontab: installing new crontab
You have new mail in /var/spool/mail/root
[root@backup ~]#crontab -l
* * * * * rsync -av --delete 10.0.0.5:/data/www/ /data/backup
#被同步端删除1.txt
[root@data ~]#rm -rf /data/www/1.txt
#同步端一分钟后查看
[root@backup ~]#tree /data/backup
/data/backup
├── 2.txt
└── bigfile
0 directories, 2 files
You have new mail in /var/spool/mail/root
实时同步(脚本方式)