4.1实时同步
背景:
之前我们通过rsync+定时任务实现定时备份/同步.
对于NFS我们需要进行实时同步解决单点问题
4.2 实时同步工具选型
4.3 Lsyncd部署与使用
机器清单:
存储服务器nfs:172.16.1.31:
作为lsyncd服务端,部署lsyncd实时同步服务,共享目录监控/data/目录,一旦目录有更新就将目录里的内容推送到backup服务器
备份服务器backup:172.16.1.41:
作为rsync服务端,共享/nfsbackup/,模块名字也是nfsbackup,实时备份nfs机器上的此目录
❌本实验只用于nfs机器向backup单向推送数据的实时同步,如果想实现双向实时同步需要在backup服务器上也配置一个lsyncd服务,在nfs上也配置一个rsync服务,设置模块/data/用于接收backup服务器传输的数据
1) 准备lsyncd环境-rsync服务端与客户端
1. 修改rsyncd配置文件
[nfsbackup]
comment = nfsbackup
path = /nfsbackup
2. 准备共享目录与修改权限
3. 客户端(nfs服务器)创建密码文件
echo 1 > /etc/rsync.client
4. nfs机器上测试,传输数据到backup的nfsbackup模块
rsync -av /etc/hostname
rsync_backup@backup::nfsbackup –password-file=/etc/rsync.client
2) lsyncd配置详解
部署流程参考:同步神器-Lsyncd
系统依赖目录: /lib64 /usr/lib64
查看依赖命令:ldconfig -p 查看系统已有依赖
由于麒麟系统更新了原本centos的依赖,导致yum安装的lsyncd无法使用,故这里使用编译安装方式
关于编译安装的本质:
./configure #根据配置生成Makefile文件,用于提供给make使用,gcc,cc编译指令.
#lsync使用cmake生成Makefile
①安装依赖yum install -y cmake lua-devel
②解压代码,进入代码目录cmake . (读取当前目录,替代了./configure)
③make -j `nproc` #调用Makefile里面的指令进行编译. 生成二进制文件(命令),执行后当前目录出现lsyncd的命令.-j表示使用多个核心进行编译,`nproc`表示获取系统核心数
④make install #创建lsyncd的目录,复制文件,配置. 收尾工作
3) systemctl配置书写
未来参考系统中其他服务即可sshd,crond,nginx
/usr/lib/systemd/system/xxxx.service 我们自己创建,服务安装后创建都在这里.
/etc/systemd/system/xxx.service 系统安装后自带位置.
4) lsyncd服务的systemctl文件
cat >/usr/lib/systemd/system/lsyncd.service<<EOF
[Unit]
Description=Live Syncing (Mirror) Daemon
[Service]
Type=simple
ExecStart=/usr/local/bin/lsyncd -nodaemon /etc/lsyncd.conf
ExecStop=pkill lsyncd
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target
EOF
#书写或修改systemctl文件后要执行 如下指令,让系统重新读取systemctl配置.
systemctl daemon-reload
温馨提示:如果ExecStart/ExecStop/ExecRestart对应的指令较为复杂,或者调用变量. 需要书写脚本
比如execstoppkill需要服务的pid,使用脚本获取即可
/etc/init.d/lsyncd {start|stop|restart}
#/bin/bash
#desc: 服务管理脚本.
choice=$1
#写几个函数对应start/stop/restart操作,case语句调用函数
function start_lsyncd() { }
function stop_lsyncd() { }
function restart_lsyncd() { }
case “$choice” in
start) start_lsyncd ;;
stop) stop_lsyncd ;;
restart) restart_lsyncd ;;
* ) echo “error “
esac
其他服务service文件
###定时任务服务systemctl配置文件
systemctl cat crond
#/usr/lib/systemd/system/crond.service
[Unit]
Description=Command Scheduler
After=auditd.service nss-user-lookup.target systemd-user-sessions.service time-sync.target ypbind.service autofs.service
[Service]
EnvironmentFile=/etc/sysconfig/crond
ExecStart=/usr/sbin/crond -n $CRONDARGS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=30s
[Install]
WantedBy=multi-user.target
Alias=cron.service
###远程连接服务
systemctl cat sshd
#/usr/lib/systemd/system/sshd.service
[Unit]
Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target sshd-keygen.target
Wants=sshd-keygen.target
[Service]
Type=notify
EnvironmentFile=-/etc/crypto-policies/back-ends/opensshserver.config
EnvironmentFile=-/etc/sysconfig/sshd-permitrootlogin
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY $PERMITROOTLOGIN
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target
####nginx服务
systemctl cat nginx
# /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/usr/sbin/nginx -s reload
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=mixed
PrivateTmp=true
[Install]
WantedBy=multi-user.target
# /usr/lib/systemd/system/nginx.service.d/php-fpm.conf
[Unit]
Wants=php-fpm.service
###nfs服务配置
systemctl cat nfs
# /usr/lib/systemd/system/nfs-server.service
[Unit]
Description=NFS server and services
DefaultDependencies=no
Requires= network.target proc-fs-nfsd.mount
Requires= nfs-mountd.service
Wants=rpcbind.socket network-online.target
Wants=rpc-statd.service nfs-idmapd.service
Wants=rpc-statd-notify.service
Wants=nfsdcld.service
After= network-online.target local-fs.target
After= proc-fs-nfsd.mount rpcbind.socket nfs-mountd.service
After= nfs-idmapd.service rpc-statd.service
After= nfsdcld.service
Before= rpc-statd-notify.service
# GSS services dependencies and ordering
Wants=auth-rpcgss-module.service
After=rpc-gssd.service gssproxy.service rpc-svcgssd.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStartPre=/usr/sbin/exportfs -r
ExecStart=/usr/sbin/rpc.nfsd
ExecStop=/usr/sbin/rpc.nfsd 0
ExecStopPost=/usr/sbin/exportfs -au
ExecStopPost=/usr/sbin/exportfs -f
ExecReload=/usr/sbin/exportfs -r
[Install]
WantedBy=multi-user.target
# /run/systemd/generator/nfs-server.service.d/order-with-mounts.conf
# Automatically generated by nfs-server-generator
[Unit]
RequiresMountsFor=/nfs/pics
RequiresMountsFor=/nfsdata
5) lsync配置文件详解
/etc/lsyncd.conf配置详解,lua语言,注释 –表示注释
配置整体2个部分
settings全局配置部分.pid文件,日志文件.
sync部分用于指定rsync命令和intofiy的选项
[root@nfs01 ~/lsyncd-2.3.1]# grep -v ‘\-\-‘
/etc/lsyncd.conf
settings {
logfile = “/var/log/lsyncd.log”,
pidfile = “/var/run/lsyncd.pid”,
statusFile = “/var/log/lsyncd.status”,
nodaemon = true,
maxProcesses = 2
}
sync {
default.rsync,
source = “/data/”,
target =
“rsync_backup@172.16.1.41::nfsbackup”,
delay = 15,
delete = true,
rsync = {
binary = “/usr/bin/rsync”,
archive = true,
compress = true,
password_file = “/etc/rsync.client”
}
}
–全局部分主要配置lsyncd服务,日志,pid文件.
settings {
–※※※※※日志文件,主要查看日志文件.
logfile = “/var/log/lsyncd.log”,
–pid文件
pidfile = “/var/run/lsyncd.pid”,
–服务状态文件
statusFile = “/var/log/lsyncd.status”,
–改为非守护进程模式,默认.rsync命令,lsyncd
nodaemon = true,
–控制最多用于传输数据的进程数量 rsync进程数(最大)
–※※※※※根据cpu核心数来 1,2倍
maxProcesses = 2
}
–配置rsync命令,rsync服务端与客户端模式
–sync部分可以有多个.
sync {
–指定rsync工作模式
default.rsync,
–※※※※※ source指定lsyncd监控目录,源目录
source = “/data/”,
–※※※※※ target指定目标 rsync服务端 用户名@ip地址::模块名字
target = “rsync_backup@172.16.1.41::backup”,
–※※※※※ delay每隔15秒同步一次,数值太低压力大
delay = 15,
–rsync –delete 选项,表示是否同步删除,源目录删除了某文件在目标目录也删除,保持目录一致性
delete = true,
— 配置rsync命令位置,rsync命令选项,
rsync = {
— 命令位置
binary = “/usr/bin/rsync”,
— rsync -a选项
archive = true,
— rsync -z选项 压缩
compress = true,
— ※※※※※配置rsync–password-file密码文件
password_file = “/etc/rsync.client”
}
}
更多选项参考:lsyncd官网文档传送门
6) 启动lsyncd服务与测试
启动lsyncd
systemctl enable lsyncd
systemctl start lsyncd
systemctl status lsyncd
ps -ef |grep lsyncd
检查与测试
nfs端/data/目录touch添加文件,去backup/nfs/backup/目录查看是否传输成功
小结
rsync服务端与客户端并测试.
lsyncd配置文件.启动服务.查看日志.
4.4 Lsyncd监控多个目录配置文件:写两个sync块
前提:配置文件中写的target:backup服务器上的模块必须存在
[root@nfs01 /nfsdata]# cat /etc/lsyncd.conf
settings {
logfile = “/var/log/lsyncd.log”,
pidfile = “/var/run/lsyncd.pid”,
statusFile = “/var/log/lsyncd.status”,
nodaemon = true,
maxProcesses = 3
}
--监控/data/目录同步到备份服务器的nfsbackup模块
sync {
default.rsync,
source = “/data/”,
target = “rsync_backup@172.16.1.41::nfsbackup”,
delay = 15,
delete = true,
rsync = {
binary = “/usr/bin/rsync”,
archive = true,
compress = true,
password_file = “/etc/rsync.client”
}
}
--监控/nfsdata/目录同步到备份服务器的backup模块
sync {
default.rsync,
source = “/nfsdata/”,
target = “rsync_backup@172.16.1.41::backup”,
delay = 15,
delete = true,
rsync = {
binary = “/usr/bin/rsync”,
archive = true,
compress = true,
password_file = “/etc/rsync.client”
}
}
查看结果:/var/log/lsyncd.status 看到有2个sync
实时同步案例
5.1 项目背景(解决NFS的单点问题)
我们要给网站存储做个实时同步.
通过对比发现lsyncd符合需求.
通过lsyncd给nfs服务端做个数据实时同步,同步到backup服务器.
5.2 项目架构图/流程
5.3 项目主机规划
5.4 备份服务准备
1) 服务端配置
修改配置文件
创建目录
修改所有者
客户端测试
创建密码文件
在存储服务器推送测试.
5.5 存储服务准备
1) 服务端
1.安装nfs
2.启动rpc和nfs
3.修改配置 (可以加上all_squash)
4.准备共享目录
2) 客户端挂载
0.创建客户端挂载点目录
1. 临时挂载2. 永久
5.6 实时同步服务准备
1) 修改lsyncd.conf配置文件
修改监控的目录
修改rsync服务端的模块
2) 测试
5.7 联调
今日总结
实时同步工具选型
lsyncd服务使用.需要准备好rsync环境.
项目:搭建全新环境(克隆新的虚拟机),搭建实时同步项目
课后任务(新环境)
实时同步项目
搭建全网备份项目
进阶要求:使用ubuntu系统配置
ubt补充
7.1 ip地址
root@oldoby-ubt-2204:~# cat /etc/netplan/00-installer-config.yaml
# This is the network config written by ‘subiquity’
network:
ethernets:
eth0:
addresses:
– 10.0.0.207/24
nameservers:
addresses:
– 223.5.5.5
– 223.6.6.6
search: []
routes:
– to: default
via: 10.0.0.2
eth1:
addresses:
– 172.16.1.207/24
version: 2
netplan apply #或重启linux
7.2 服务
#1. apt源
cat /etc/apt/sources.list
# 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释
deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/jammy main restricted universe multiverse
# deb-src
http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy main restricted universe multiverse
deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/jammy-updates main restricted universe multiverse
# deb-src
http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse
deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/jammy-backports main restricted universe multiverse
# deb-src
http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse
# deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/
jammy-security main restricted universe multiverse
# # deb-src
http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-security main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse
# deb-src http://security.ubuntu.com/ubuntu/ jammy-security main restricted universe multiverse
# 预发布软件源,不建议启用
# deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/jammy-proposed main restricted universe multiverse
# # deb-src
http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ jammy-proposed main restricted universe multiverse
#2.生效
apt update
rsync服务
已经安装
手动创建配置文件/etc/rsyncd.conf
systemctl enable rsync
systemclt start rsync
nfs服务
apt install nfs-common nfs-kernel-server
rpcbind #正常使用即可
systemctl enable nfs-kernel-server
systemctl start nfs-kernel-server
lsyncd服务
apt install -y lsyncd
默认没有配置文件手动创建即可.