数据的实时同步
在生产环境,有时会需要两台主机的特定目录实现实时同步。比如,将NFS共享目录的数据文件,自动实时同步到备份服务器特定目录中
1.#首先创建个文件夹
[root@ubuntu2004 ~]#mkdir /etc/exports.d
[root@ubuntu2004 ~]#vim /etc/exports.d/text.exports
/data/nfsdir2 *(rw)
[root@ubuntu2004 ~]#exportfs -r
exportfs: /etc/exports [1]: Neither 'subtree_check' or 'no_subtree_check' specified for export "*:/data/nfsdir1".
Assuming default behaviour ('no_subtree_check').
NOTE: this default has changed since nfs-utils version 1.0.x
exportfs: /etc/exports.d/text.exports [1]: Neither 'subtree_check' or 'no_subtree_check' specified for export "*:/data/nfsdir2".
Assuming default behaviour ('no_subtree_check').
NOTE: this default has changed since nfs-utils version 1.0.x
[root@ubuntu2004 ~]#exportfs -v
/data/nfsdir1 (rw,wdelay,no_root_squash,no_subtree_check,sec=sys,rw,secure,no_root_squash,no_all_squash)
/data/nfsdir2 (rw,wdelay,root_squash,no_subtree_check,sec=sys,rw,secure,root_squash,no_all_squash)
如果是项目的话就是一个项目一个
#查看
[root@ubuntu2004 ~]#ls /etc/exports.d/
text.exports
[root@ubuntu2004 ~]#grep -i inotify /boot/config-5.4.0-132-generic
CONFIG_INOTIFY_USER=y
2.用inotify可以根据工具内核给我们发通知
[root@ubuntu2004 ~]#ls -l /proc/sys/fs/inotify
总用量 0
-rw-r--r-- 1 root root 0 11月 20 16:03 max_queued_events
-rw-r--r-- 1 root root 0 11月 20 16:03 max_user_instances
-rw-r--r-- 1 root root 0 11月 20 16:03 max_user_watches
3.#监控事件队列最大长度
[root@ubuntu2004 ~]#cat /proc/sys/fs/inotify/max_queued_events
16384
4.#每个用户创建inotify实例最大值
[root@ubuntu2004 ~]#cat /proc/sys/fs/inotify/max_user_instances
128
5.#可以监视的文件的总数量(inotifywait 单进程)
[root@ubuntu2004 ~]#cat /proc/sys/fs/inotify/max_user_watches
8192
范例:
[root@data-centos8 ~]#vim /etc/sysctl.conf
fs.inotify.max_queued_events=66666
fs.inotify.max_user_watches=100000
[root@centos8 ~]#sysctl -p
fs.inotify.max_queued_events = 66666
fs.inotify.max_user_watches = 100000
[root@centos8 ~]#cat /proc/sys/fs/inotify/*
66666
128
100000
inotify-tools工具
安装inotify-tools:基于epel源
[root@data-centos8 ~]# yum -y install inotify-tools
[root@data-ubuntu2004]#apt -y install inotify-tools
监控一个事件
[root@ubuntu2004 ~]# mkdir /data/www -p
[root@ubuntu2004 ~]#inotifywait /data/www
Setting up watches.
Watches established.
/data/www/ CREATE f1.txt
#持续前台监控
inotifywait -mrq /data/www --exclude=".*.swx|.swp"
/data/www/ OPEN f1.txt
/data/www/ ACCESS f1.txt
/data/www/ CLOSE_NOWRITE,CLOSE f1.txt
#持续后台监控,并记录日志
inotifywait -o /root/inotify.log -drq /data/www --timefmt "%Y-%m-%d %H:%M:%S" --
format "%T %w%f event: %e"
#持续前台监控特定事件
inotifywait -mrq /data/www --timefmt "%F %H:%M:%S" --format "%T %w%f event:
%;e" -e create,delete,moved_to,close_write,attrib
rsync 服务
范例:两种格式访问 rsync daemon 服务
1.#在备份服务器启动 rsync 进程
[root@backup-centos8 ~]#rsync --daemon
Failed to parse config file: /etc/rsyncd.conf
[root@backup-centos8 ~]#touch /etc/rsyncd.conf
[root@backup-centos8 ~]#rsync --daemon
[root@backup-centos8 ~]#ss -ntlp|grep rsync
LISTEN 0 5 0.0.0.0:873 0.0.0.0:*
users:(("rsync",pid=2921,fd=4))
LISTEN 0 5 [::]:873 [::]:*
users:(("rsync",pid=2921,fd=5))
[root@backup-centos8 ~]#cat /etc/rsyncd.conf
[backup]
path = /data/backup/
read only = no #指定可读写,默认只读
2.#指定目录给nobody权限,默认用户以nobody访问此目录
[root@backup-centos8 ~]#setfacl -m u:nobody:rwx /data/backup/
3.#查看rsync服务器的模块名称
[root@data-centos8 ~]#rsync rsync://backup-serverbackup
[root@data-centos8 ~]#rsync backup-server::backup
4.#访问rsync服务器的共享目录
#推
[root@data-centos8 ~]#rsync /etc/networks root@backup-server::backup #默认所有用户都映射为nobody用户
[root@data-centos8 ~]#rsync /etc/issue wang@backup-server::backup #默认所有用户都映射为nobody用户
[root@data-centos8 ~]#rsync /etc/passwd backup-server::backup
[root@data-centos8 ~]#rsync /etc/shells rsync://root@backup-server/backup
#拉
[root@data-server ~]#rsync backup-server::backup/* /opt
[root@data-server ~]#rsync rsync://backup-server/backup/* /mnt
以独立服务方式运行rsync并实现验证功能
范例:以独立服务方式运行 rsync
1.#Ubuntu默认提供了service文件
[root@ubuntu2204 ~]#systemctl cat rsync.service
# /lib/systemd/system/rsync.service
[Unit]
Description=fast remote file copy program daemon
ConditionPathExists=/etc/rsyncd.conf
After=network.target
Documentation=man:rsync(1) man:rsyncd.conf(5)
[Service]
ExecStart=/usr/bin/rsync --daemon --no-detach
RestartSec=1
# Citing README.md:
#
# [...] Using ssh is recommended for its security features.
#
# Alternatively, rsync can run in `daemon' mode, listening on a socket.
# This is generally used for public file distribution, [...]
#
# So let's assume some extra security is more than welcome here. We do full
# system protection (which makes /usr, /boot, & /etc read-only) and hide
# devices. To override these defaults, it's best to do so in the drop-in
# directory, often done via `systemctl edit rsync.service`. The file needs
# just the bare minimum of the right [heading] and override values.
# See systemd.unit(5) and search for "drop-in" for full details.
ProtectSystem=full
#ProtectHome=on|off|read-only
PrivateDevices=on
NoNewPrivileges=on
[Install]
WantedBy=multi-user.target
2.#红帽需要安装rsync-daemon包提供service文件
[root@backup-centos8 ~]#dnf -y install rsync-daemon
[root@backup-centos8 ~]#rpm -ql rsync-daemon
/etc/rsyncd.conf
/etc/sysconfig/rsyncd
/usr/lib/systemd/system/rsyncd.service
/usr/lib/systemd/system/rsyncd.socket
/usr/lib/systemd/system/rsyncd@.service
/usr/share/man/man5/rsyncd.conf.5.gz
3.#创建rsync服务器的配置文件
[root@centos8 ~]#vi /etc/rsyncd.conf
uid = root #指定以哪个用户身份访问共享目录,默认为nobody,注意:共享目录需要给此用户权限,否则无法访问
gid = root #指定以哪个组身份访问共享目录,默认为nobody,Ubuntu中为nogroup
#port = 874 可指定非标准端口,默认873/tcp
#use chroot = no
max connections = 0
ignore errors
exclude = lost+found/
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
reverse lookup = no
#hosts allow = 10.0.0.0/24
[backup] #每个模块名对应一个不同的path目录,如果同名后面模块生效
path = /data/backup/
comment = backup dir
read only = no #默认是yes,即只读
auth users = rsyncuser #默认anonymous可以访问rsync服务器
secrets file = /etc/rsync.pas
4.#配置文件内容
[root@ubuntu2204 ~]#cat /etc/rsyncd.conf
uid = root
gid = root
max connections = 0
ignore errors
exclude = lost+found/
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsyncd.lock
reverse lookup = no
[backup]
path = /data/backup/
comment = backup dir
read only = no
auth users = rsyncuser
secrets file = /etc/rsync.pas
5.#服务器端准备目录
[root@backup-centos8 ~]#mkdir -pv /data/backup
6.#服务器端生成验证文件
[root@backup-centos8 ~]#echo "rsyncuser:123456" > /etc/rsync.pas
[root@backup-centos8 ~]#chmod 600 /etc/rsync.pas
7.#服务器端启动rsync服务
[root@backup-centos8 ~]#rsync --daemon #可加入/etc/rc.d/rc.local实现开机启动
[root@backup-centos8 ~]#systemctl start rsyncd #CentOS 7 以上版本
8.#客户端配置密码文件
#也可将密码赋值给环境变量RSYNC_PASSWORD变量,但不安全
#export RSYNC_PASSWORD=123456
[root@data-centos8 ~]#echo "123456" > /etc/rsync.pas
[root@data-centos8 ~]#chmod 600 /etc/rsync.pas #此为必要项,权限必须修改
9.#查看远程rsync服务器的模块信息
[root@data-server ~]#rsync rsync://rsync服务器IP
backup backup dir
10.#交互式验证查看具体模块内的文件
[root@data-server ~]#rsync rsync://rsyncuser@rsync服务器IP/backup
Password:
11.#非交互式查看共享目录
[root@data-server ~]#rsync --password-file=/etc/rsync.pas
rsync://rsyncuser@rsync服务器IP/backup
12.#客户端测试同步数据
[root@data-centos8 ~]#rsync -avz --delete --password-file=/etc/rsync.pas
/data/www/ rsyncuser@rsync服务器IP::backup
[root@data-centos8 ~]#rsync -avz --delete --password-file=/etc/rsync.pas
rsyncuser@rsync服务器IP::backup /data/www/
inotify+rsync+shell 脚本实现实时数据同步
inotify+rsync+shell 脚本实现实时数据同步
注意: 此脚本执行前先确保两主机初始数据处于同步状态,此脚本实现后续的数据同步
[root@data-centos8 ~]#vim inotify_rsync.sh
#!/bin/bash
SRC='/data/www/' #注意最后的/
DEST='rsyncuser@rsync服务器IP::backup'
#Ubuntu20.04不支持 --password-file=/etc/rsync.pas,可以使用下面的变量实现
export RSYNC_PASSWORD=123456
#rpm -q inotify-tools &> /dev/null ||yum -y install inotify-tools
#rpm -q rsync &> /dev/null || yum -y install rsync
inotifywait -mrq --exclude=".*.swp" --timefmt '%Y-%m-%d %H:%M:%S' --format
'%T %w %f' -e create,delete,moved_to,close_write,attrib ${SRC} |while read DATE
TIME DIR FILE;do
FILEPATH=${DIR}${FILE}
rsync -az --delete $SRC $DEST && echo "At ${TIME} on ${DATE}, file
$FILEPATH was backuped up via rsync" >> /var/log/changelist.log
#rsync -az --delete --password-file=/etc/rsync.pas $SRC $DEST && echo
"At ${TIME} on ${DATE}, file $FILEPATH was backuped up via rsync" >>
/var/log/changelist.log
done
#查看文件传输日志
[root@data-centos8 ~]#tail -f /var/log/changelist.log
sersync 实现实时数据同步
sersync 实现实时数据同步
1.#在数据服务器上下载sersync,并拷贝至相应的目录,设置PATH变量
[root@data-centos8 ~]#wget https://storage.googleapis.com/google-code-archivedownloads/v2/code.google.com/sersync/sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@data-centos8 ~]#tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
[root@data-centos8 ~]#cp -a GNU-Linux-x86 /usr/local/sersync
[root@data-centos8 ~]#echo 'PATH=/usr/local/sersync:$PATH' >
/etc/profile.d/sersync.sh
[root@data-centos8 ~]#source /etc/profile.d/sersync.sh
2.#sersync目录只有两个文件:一个是二进制程序文件,一个是xml格式的配置文件
[root@data-centos8 ~]#ls /usr/local/sersync/
confxml.xml sersync2
3.#确认安装rsync客户端工具
[root@data-centos8 ~]#rpm -q rsync &> /dev/null || dnf -y install rsync
4.#备份sersync配置文件
[root@data-centos8 ~]#cp /usr/local/sersync/confxml.xml{,.bak}
5.#修改sersync配置文件
[root@data-centos8 ~]#vim /usr/local/sersync/confxml.xml
# 是否开启调试模式
#不开启文件过滤功能,当为true时,以下类型的文件将不同步
# 监控事件,默认监控
delete/close_write/moved_from/moved_to/create folder
#修改此行为true,文件属性变化后也会同步
# rsync命令的配置段
#修改此行,需要同步的源目录或文件,建议同步目录
#修改此行,指定备份服务器地址和rsync
daemon的模块名,如果下面开启了ssh start,此时name为远程shell方式运行时的目标目录
# 指定rsync选项
#修改此行为true,指定备份服务器的rsync配置的用户和密码文件
#指定rsync的非标准端口号
#默认使用rsync daemon运行rsync命令,true为使用远程shell模式
#错误重传及日志文件路径
#不开启crontab功能
#不开启crontab定时传输的筛选功能
#####################################以下行不需要修改####################################
6.#创建连接rsynd服务器的用户密码文件,并必须修改权限
[root@data-centos8 ~]#echo 123456 > /etc/rsync.pas
[root@data-centos8 ~]#chmod 600 /etc/rsync.pas
7.#查看帮助
[root@data-centos8 ~]#sersync2 -h
set the system param
execute:echo 50000000 > /proc/sys/fs/inotify/max_user_watches
execute:echo 327679 > /proc/sys/fs/inotify/max_queued_events
parse the command param
_______________________________________________________
参数-d:启用守护进程模式
参数-r:在监控前,将监控目录与远程主机用rsync命令推送一遍
c参数-n: 指定开启守护线程的数量,默认为10个
参数-o:指定配置文件,默认使用当前工作目录下的confxml.xml文件
参数-m:单独启用其他模块,使用 -m refreshCDN 开启刷新CDN模块
参数-m:单独启用其他模块,使用 -m socket 开启socket模块
参数-m:单独启用其他模块,使用 -m http 开启http模块
不加-m参数,则默认执行同步程序
#以后台方式执行同步
[root@data-centos8 ~]#sersync2 -dro /usr/local/sersync/confxml.xml
set the system param
execute:echo 50000000 > /proc/sys/fs/inotify/max_user_watches
execute:echo 327679 > /proc/sys/fs/inotify/max_queued_events
parse the command param
option: -d run as a daemon
option: -r rsync all the local files to the remote servers before the sersync
work
option: -o config xml name: /usr/local/sersync/confxml.xml
daemon thread num: 10
parse xml config file
host ip : localhost host port: 8008
daemon start,sersync run behind the console
use rsync password-file :
user is rsyncuser
passwordfile is /etc/rsync.pas
config xml parse success
please set /etc/rsyncd.conf max connections=0 Manually
sersync working thread 12 = 1(primary thread) + 1(fail retry thread) +
10(daemon sub threads)
Max threads numbers is: 22 = 12(Thread pool nums) + 10(Sub threads)
please according your cpu ,use -n param to adjust the cpu rate
------------------------------------------
rsync the directory recursivly to the remote servers once
working please wait...
8.#如果同步失败,可以手动执行下面命令,观察过程
[root@data-centos8 ~]# cd /data/www && rsync -artuz -R --delete ./
rsyncuser@backup-server::backup --password-file=/etc/rsync.pas >/dev/null 2>&1
run the sersync:
watch path is: /data/www
________________________________________________________________
9.#sersync支持多实例,也即监控多个目录时,只需分别配置不同配置文件,然后使用sersync2指定对应配置文件运行
[root@data-centos8 ~]#sersync2 -rd -o /etc/sersync.d/nginx.xml
基于远程shell 实现 sersync
1.#不需要配置rsync daemon,只需要配置基于key验证的ssh即可
[root@data-centos8 ~]#ssh-keygen
[root@data-centos8 ~]#ssh-copy-id backup-server
2.#下载sersync,并拷贝至相应的目录,设置PATH变量同5.5.2
#修改sersync配置文件
[root@data-centos8 ~]#cat /usr/local/sersync/confxml.xml
#修改此行为true
#修改此行,指定源数据目录
#修改此行指定备份服务器地址和备份目标目录
#必须修改此行,不启用认证start=false
#修改此行为true,使用远程shell方式的rsync连接方式,无需在目标主机上配置启动rsync daemon服务
#####################################以下行不需要修改####################################
3.#将中间的行可以删除
[root@data-centos8 ~]#sersync2 -dro /usr/local/sersync/confxml.xml
set the system param
execute:echo 50000000 > /proc/sys/fs/inotify/max_user_watches
execute:echo 327679 > /proc/sys/fs/inotify/max_queued_events
parse the command param
option: -d run as a daemon
option: -r rsync all the local files to the remote servers before the sersync
work
option: -o config xml name: /apps/sersync/confxml.xml
daemon thread num: 10
parse xml config file
host ip : localhost host port: 8008
daemon start,sersync run behind the console
config xml parse success
please set /etc/rsyncd.conf max connections=0 Manually
sersync working thread 12 = 1(primary thread) + 1(fail retry thread) +
10(daemon sub threads)
Max threads numbers is: 22 = 12(Thread pool nums) + 10(Sub threads)
please according your cpu ,use -n param to adjust the cpu rate
------------------------------------------
rsync the directory recursivly to the remote servers once
working please wait...
execute command: cd /data/www && rsync -auz -R --delete ./ -e ssh
10.0.0.18:/data/backup >/dev/null 2>&1
run the sersync:
watch path is: /data/www
千里之行,始于足下。每日进步一点终会成功。今天的分享就到这里,谢谢各位大佬围观!