主旨
环境
node-1:192.168.93.139node-2:192.168.93.140
root/666666
/home/jier
192.168.93.200
rsynclsyncdkeepalivedsftp
前期准备
[root@localhost jier]# systemctl stop firewalld.service[root@localhost jier]# systemctl disable firewalld.serviceRemoved symlink etc/systemd/system/multi-user.target.wants/firewalld.service.Removed symlink etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.[root@localhost jier]# setenforce 0# 修改内容SELINUX=disabled[root@localhost jier]# vim etc/selinux/config[root@localhost jier]# iptables -F
一、部署rsync
PS:需要在node-1和node-2两个节点上同时进行安装。
1.1 安装rsync
PS:linux服务器默认都安装了rsync,如果发现没有安装的话,可以使用如下命令进行安装。
rpm -qa|grep rsync # 检查rsync是否安装yum -y install rsync xinetd # 如果没有请执行此命令
1.2 新建用户
PS:由于此处我就是采用root用户,故而不进行创建,具体操作过程根据实际情况进行配置。
[root@loaclhost ~]# useradd 用户名 # 新建用户[root@loaclhost ~]# passwd 用户名 # 给用户配置密码
1.3 新建相关目录
[root@localhost ~]# mkdir -pv root/rsync/logmkdir: 已创建目录 "/root/rsync"mkdir: 已创建目录 "/root/rsync/log"[root@localhost ~]# mkdir -pv home/jiermkdir: 已创建目录 "/home/jier"[root@localhost ~]#
1.4 修改rsync的配置文件
路径:/etc/rsyncd.conf
PS:hosts allow中需要写对方的IP地址,即node-1写node-2的IP地址,node-2写node-1的IP地址。
uid = rootgid = root# 锁死目录use chroot = no# 最大连接数max connections = 10000# 端口号port = 873lock file = root/rsync/rsync.locklog file = root/rsync/log/rsyncd.logmotd file = root/rsync/rsyncd.motdpid file = root/rsync/rsyncd.pid# 可读可写read only = no# 模块名[ceshi]# 指定目录path = home/jier# 可读可写read only = no# 授权用户auth users = root# 授权IPhosts allow = 192.168.93.140/32# 授权用户的密码secrets file = root/.rsync_server.passwd
1.5 创建密码文件,并授权
[root@localhost ~]# vim root/.rsync_server.passwdroot:666666:wq # 保存退出[root@localhost ~]# vim root/.rsync_client.passwd666666:wq # 保存退出[root@localhost ~]# chmod 600 root/.rsync_* # 授权600权限
1.6 启动服务
[root@localhost ~]# rsync --daemon[root@localhost ~]# netstat -tunlp | grep 873tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 2320/rsynctcp6 0 0 :::873 :::* LISTEN 2320/rsync[root@localhost ~]#
1.7 测试安装结果
[root@localhost jier]# cd home/jier/[root@localhost jier]# echo 111 > 1.txt[root@localhost jier]# rsync -avzcR --port=873 --password-file=/root/.rsync_client.passwd 1.txt root@192.168.93.140::ceshisending incremental file list1.txtsent 108 bytes received 35 bytes 95.33 bytes/sectotal size is 4 speedup is 0.03[root@localhost jier]#
登录另一服务器对应目录下进行查看:
[root@localhost jier]# pwd/home/jier[root@localhost jier]# ls1.txt[root@localhost jier]# cat 1.txt111[root@localhost jier]#
二、部署lsyncd
2.1 安装lsyncd
PS:需要在node-1和node-2两个节点上同时进行安装。
[root@localhost ~]# yum -y install epel-release # 因为lsyncd这个软件在epel源中,所以需要先安装相对应的源[root@localhost ~]# yum -y install lsyncd # 安装lsyncd软件
2.2 lsyncd配置文件
PS:需要在node-2和node-2两个节点上同时进行调试。
settings {logfile ="/var/log/lsyncd/lsyncd.log",statusFile ="/var/log/lsyncd/lsyncd.status",inotifyMode = "CloseWrite or Modify",maxProcesses = 7,-- nodaemon =true,}sync {default.rsync,source = "/home/jier",target = "root@192.168.93.140::ceshi",delete="running",exclude = { ".*", ".tmp" },delay = 1,rsync = {binary = "/usr/bin/rsync",archive = true,compress = true,verbose = true,password_file = "/root/.rsync_client.passwd",_extra = {"--bwlimit=200"}}}
参数解释:
settings:全局设置,--表示注释logfile:定义日志文件statusFile:定义状态文件nodaemon=no:表示不启用守护模式,默认statusInterval:将lsyncd的状态写入上面的statusFile的间隔,默认10秒inotifyMode:指定inotify监控的事件,默认是CloseWrite,还可以是Modify或CloseWrite or ModifymaxProcesses:同步进程的最大个数。假如同时有20个文件需要同步,而maxProcesses = 8,则最大能看到有8个rysnc进程maxDelays 累计到多少所监控的事件激活一次同步,即使后面的delay延迟时间还未到sync:定义同步参数rsync、rsyncssh、direct三种模式default.rsync:本地目录间同步,使用rsync,也可以达到使用ssh形式的远程rsync效果,或daemon方式连接远程rsyncd进程default.direct:本地目录间同步,使用cp、rm等命令完成差异文件备份default.rsyncssh:同步到远程主机目录,rsync的ssh模式,需要使用key来认证source:同步的源目录,使用绝对路径target:定义目的地址:/tmp/dest:本地目录同步,可用于direct和rsync模式192.168.93.140:/home/jier:同步到远程服务器目录,可用于rsync和rsyncssh模式192.168.93.140::ceshi :同步到远程服务器目录,用于rsync模式init:这是一个优化选项,当init = false,只同步进程启动以后发生改动事件的文件,原有的目录即使有差异也不会同步。默认是truedelay:累计事件,等待rsync同步延时时间,默认15秒(最大累计到1000个不可合并的事件)。也就是15s内监控目录下发生的改动,会累积到一次rsync同步,避免过于频繁的同步。(可合并的意思是,15s内两次修改了同一文件,最后只同步最新的文件)excludeFrom:排除选项,后面指定排除的列表文件,如excludeFrom = "/etc/lsyncd.exclude",如果是简单的排除,可以使用exclude = LIST。这里的排除规则写法与原生rsync有点不同,更为简单:监控路径里的任何部分匹配到一个文本,都会被排除,例如/bin/foo/bar可以匹配规则foo如果规则以斜线/开头,则从头开始要匹配全部如果规则以/结尾,则要匹配监控路径的末尾?匹配任何字符,但不包括/*匹配0或多个字符,但不包括/**匹配0或多个字符,可以是/delete 为了保持target与souce完全同步,Lsyncd默认会delete = true来允许同步删除。它除了false,还有startup、running值bwlimit:限速,单位kb/s,与rsync相同(这么重要的选项在文档里竟然没有标出);compress:压缩传输默认为true。在带宽与cpu负载之间权衡,本地目录同步可以考虑把它设为false;perms:默认保留文件权限;
2.3 启动lsyncd
[root@localhost ~]# systemctl start lsyncd[root@localhost ~]# systemctl status lsyncd● lsyncd.service - Live Syncing (Mirror) DaemonLoaded: loaded (/usr/lib/systemd/system/lsyncd.service; disabled; vendor preset: disabled)Active: active (running) since 二 2022-01-18 09:52:51 CST; 5min agoMain PID: 1772 (lsyncd)CGroup: /system.slice/lsyncd.service└─1772 /usr/bin/lsyncd -nodaemon /etc/lsyncd.conf1月 18 09:52:51 localhost.localdomain systemd[1]: Started Live Syncing (Mirror) Daemon.1月 18 09:52:51 localhost.localdomain systemd[1]: Starting Live Syncing (Mirror) Daemon...1月 18 09:52:51 localhost.localdomain lsyncd[1772]: sending incremental file list1月 18 09:52:51 localhost.localdomain lsyncd[1772]: 22.txt1月 18 09:52:51 localhost.localdomain lsyncd[1772]: sent 171 bytes received 35 bytes 412.00 bytes/sec1月 18 09:52:51 localhost.localdomain lsyncd[1772]: total size is 16 speedup is 0.081月 18 09:54:03 localhost.localdomain lsyncd[1772]: sending incremental file list1月 18 09:54:03 localhost.localdomain lsyncd[1772]: sent 156 bytes received 12 bytes 336.00 bytes/sec1月 18 09:54:03 localhost.localdomain lsyncd[1772]: total size is 11 speedup is 0.07[root@localhost ~]#
验证,可以同时在两台服务器的/home/jier目录下新建不同的文件。
三、keepalived
PS:node-1和node-2上都需要进行如下操作
PS:此程序需要搭配ftp使用,即程序通过调用vip地址(192.168.93.200)来进行调用。
3.1 搭建keepalived
[root@localhost ~]# yum -y install keepalived
3.2 部署监控脚本
[root@localhost ~]# mkdir -pv /home/script/mkdir: 已创建目录 "/home/script/"[root@localhost ~]#[root@localhost ~]# vim /home/script/check_vip.sh#!/bin/baship a | grep 192.168.93.200if [ $? -eq 0 ]; thenPROGRAM=$(ps -ef | grep -w lsyncd | grep -v grep | wc -l)if [ "${PROGRAM}" -eq 0 ];thensystemctl start lsyncdelseecho 1fielsesystemctl stop lsyncdfi[root@localhost ~]# chmod +x /home/script/check_vip.sh[root@localhost ~]#
3.3调整配置
[root@localhost jier]# vim /etc/keepalived/keepalived.conf # 删除原来这个文件中的所有内容! Configuration File for keepalivedglobal_defs {#添加以下参数即可script_user rootenable_script_security}vrrp_script check_vip {script "/home/script/check_vip.sh"interval 1weight 2}vrrp_instance VI_1 {state BACKUPinterface ens33 # 网卡名字,根据实际情况来配置virtual_router_id 9priority 10 # 和另一台服务器需要相差50以上,不可保持一致,可以为90advert_int 1track_script {check_vip}virtual_ipaddress {192.168.93.200}}
3.4 启动服务
[root@localhost jier]# systemctl start keepalived[root@localhost jier]# ps -ef | grep keepalivedroot 44776 1 0 10:41 ? 00:00:00 /usr/sbin/keepalived -Droot 44777 44776 0 10:41 ? 00:00:00 /usr/sbin/keepalived -Droot 44778 44776 0 10:41 ? 00:00:00 /usr/sbin/keepalived -Droot 44816 44024 0 10:41 pts/0 00:00:00 grep --color=auto keepalived[root@localhost jier]# systemctl status keepalived● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)Active: active (running) since 二 2022-01-18 10:41:06 CST; 14s agoProcess: 44775 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)Main PID: 44776 (keepalived)CGroup: /system.slice/keepalived.service├─44776 /usr/sbin/keepalived -D├─44777 /usr/sbin/keepalived -D└─44778 /usr/sbin/keepalived -D1月 18 10:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:16 localhost.localdomain Keepalived_vrrp[44778]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.93.2001月 18 10:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.2001月 18 10:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200[root@localhost jier]#
至此,此搭建文档完毕。
文章转载自运维家,如果涉嫌侵权,请发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
