網(wǎng)站集群組成所需服務(wù)器
主機(jī)名 eth0網(wǎng)卡 eth1網(wǎng)卡 服務(wù)簡(jiǎn)介
lb01 10.0.0.5/24 172.16.1.5/24 負(fù)載服務(wù)主
lb02 10.0.0.6/24 172.16.1.6/24 負(fù)載服務(wù)備
web01 10.0.0.7/24 172.16.1.7/24 動(dòng)態(tài)php服務(wù)
web02 10.0.0.8/24 172.16.1.8/24 https訪問(wèn)眷唉、vpn服務(wù)
web03 10.0.0.9/24 172.16.1.9/24 ELK日志分析系統(tǒng)
db01 10.0.0.51/24 172.16.1.51/24 主數(shù)據(jù)庫(kù)服務(wù)
db02 10.0.0.52/24 172.16.1.52/24 從數(shù)據(jù)庫(kù)服務(wù)
nfs01 10.0.0.31/24 172.16.1.31/24 存儲(chǔ)服務(wù)
backup 10.0.0.41/24 172.16.1.41/24 備份服務(wù)
m01 10.0.0.61/24 172.16.1.61/24 管理隘庄、yum、監(jiān)控
m02 10.0.0.62/24 172.16.1.62/24 跳板機(jī)服務(wù)
網(wǎng)站集群各服務(wù)器作用
A.web服務(wù):負(fù)責(zé)處理用戶的請(qǐng)求绞佩,提供網(wǎng)頁(yè)服務(wù)寺鸥,將上傳的數(shù)據(jù)需要放到存儲(chǔ)服務(wù)器上猪钮。涉及核心軟件:Nginx、PHP胆建、Tomcat烤低,NFS、定時(shí)任務(wù)服務(wù)等
B.負(fù)載均衡服務(wù):負(fù)載均衡器笆载,負(fù)責(zé)調(diào)度網(wǎng)站訪問(wèn)請(qǐng)求扑馁,需要2臺(tái)主備服務(wù)器,同時(shí)做高可用凉驻。涉及核心軟件:Nginx和Keepalved
C.數(shù)據(jù)庫(kù)服務(wù):提供bbs腻要、blog、www等文章文本內(nèi)容的存儲(chǔ)和訪問(wèn)涝登。涉及核心軟件:MySQL雄家、MariaDB、PHP等
D.存儲(chǔ)服務(wù):提供blog胀滚、bbs趟济、www等服務(wù)上的共享圖片、視頻咽笼、附件數(shù)據(jù)存儲(chǔ)咙好。涉及核心軟件:NFS
E.備份服務(wù):提供全網(wǎng)數(shù)據(jù)的備份服務(wù),以及異地災(zāi)備褐荷、涉及軟件核心:Rsync服務(wù)
F.實(shí)時(shí)同步服務(wù):提供nfs服務(wù)與rsync服務(wù)實(shí)時(shí)數(shù)據(jù)同步,實(shí)現(xiàn)數(shù)據(jù)無(wú)差別還原與備份嘹悼。涉及核心軟件:sersync
G.管理服務(wù):管理所有服務(wù)器叛甫,包括批量分發(fā)文件、批量執(zhí)行命令杨伙、批量配置服務(wù)其监、跳板機(jī)服務(wù),遠(yuǎn)程撥號(hào)服務(wù)限匣,yum倉(cāng)庫(kù)服務(wù)等抖苦。涉及核心軟件:SSH、Ansible米死、跳板機(jī)等
網(wǎng)站集群架構(gòu)圖及思路
image.png
思路:
該架構(gòu)是以web集群作為始發(fā)點(diǎn)锌历,通過(guò)nginx+PHP相關(guān)服務(wù)搭建出www.oldboy.com、bbs.oldboy.com峦筒、blog.oldboy.com三個(gè)動(dòng)態(tài)頁(yè)面的基礎(chǔ)網(wǎng)站究西,其中www.oldboy.com為https訪問(wèn),用戶再通過(guò)負(fù)載均衡的分配訪問(wèn)到不同的web服務(wù)器上物喷,進(jìn)行瀏覽卤材;當(dāng)有數(shù)據(jù)發(fā)生變化的同時(shí)通過(guò)數(shù)據(jù)庫(kù)的遷移保證動(dòng)態(tài)數(shù)據(jù)信息實(shí)時(shí)同步遮斥,而數(shù)據(jù)庫(kù)服務(wù)器與存儲(chǔ)服務(wù)器保持共享存儲(chǔ)從而達(dá)到靜態(tài)數(shù)據(jù)信息的實(shí)時(shí)同步,再通過(guò)sersync實(shí)時(shí)同步將nfs服務(wù)器與數(shù)據(jù)庫(kù)服務(wù)器中的數(shù)據(jù)備份到rsync服務(wù)器中,最后使用定時(shí)任務(wù)將整個(gè)架構(gòu)中的重要數(shù)據(jù)扇丛、配置文件术吗、腳本信息等進(jìn)行壓縮備份。而內(nèi)部人員可通過(guò)vpn帆精、跳板機(jī)较屿、管理服務(wù)器對(duì)整個(gè)集群架構(gòu)進(jìn)行統(tǒng)一管理,同時(shí)記錄集群日志和實(shí)時(shí)監(jiān)控实幕。
網(wǎng)站集群實(shí)現(xiàn)目標(biāo)
實(shí)現(xiàn)目標(biāo)為吝镣,當(dāng)用戶上傳文本、音頻昆庇、附件等數(shù)據(jù)信息的同時(shí)末贾,做到數(shù)據(jù)庫(kù)、存儲(chǔ)服務(wù)器皆有該數(shù)據(jù)信息整吆,并在定時(shí)任務(wù)后備份服務(wù)器中也存在該數(shù)據(jù)拱撵。
網(wǎng)站集群各服務(wù)器基礎(chǔ)優(yōu)化(模板機(jī))
1.配置解析文件
vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.0.0.5 lb01
10.0.0.6 lb02
10.0.0.7 web01
10.0.0.8 web02
10.0.0.9 web03
10.0.0.31 nfs01
10.0.0.41 backup
10.0.0.51 db01
10.0.0.61 m01
10.0.0.71 zabbix
2.修改主機(jī)名稱和網(wǎng)卡地址(需添加多塊網(wǎng)卡)
修改主機(jī)名稱:
hostnamectl set-hostname 名稱
修改主機(jī)網(wǎng)卡地址:
sed -ri 's#200#ip#g;/UUID|HWADDR/d' /etc/sysconfig/network-scripts/ifcfg-eth[01]
3.更新yum源
a.curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
b.wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
c.rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
d.rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
e.yum clean all
4.關(guān)閉selinux
vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
5.關(guān)閉防火墻
systemctl stop firewalld
systemctl disable firewalld
6.修改為英文字符集
echo 'LANG="en_US.UTF-8"' >/etc/locale.conf
source /etc/locale.conf
echo $LANG
7.時(shí)間同步
ntpdate ntp1.aliyun.com
8.優(yōu)化內(nèi)核
cat >>/etc/sysctl.conf<<EOF
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
EOF
9.加大文件描述符
echo '* - nofile 65535 ' >>/etc/security/limits.conf
10.設(shè)置/tmp權(quán)限為777
chmod 777 /tmp
網(wǎng)站集群架構(gòu)開(kāi)始
1)web01==>LNMP動(dòng)態(tài)網(wǎng)站搭建
A.環(huán)境部署
安裝官方源的nginx服務(wù)
vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
yum install nginx -y
systemctl start nginx
systemctl enable nginx
安裝mariadb數(shù)據(jù)庫(kù)服務(wù)
yum install mariadb-server mariadb -y
systemctl start mariadb.service
systemctl enable mariadb.service
安裝php-fpm
yum remove php-mysql php php-fpm php-common
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum install -y php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd php71w-mcrypt php71w-mbstring php71w-pdo php71w-xml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71w-pecl-redis php71w-pecl-mongodb
vim /etc/php-fpm.d/www.conf
8 user = nginx
10 group = nginx
systemctl start php-fpm
B.搭建blog.oldboy.com
下載指定軟件包:https://cn.wordpress.org/download/
vim /etc/nginx/cond.f/blog.conf
server {
listen 80;
server_name blog.jingjunwei.com blog.oldboy.com;
location / {
root /usr/share/nginx/html/blog;
index index.php index.html;
}
location ~ \.php$ {
root /usr/share/nginx/html/blog;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
systemctl restart nginx
cd /usr/share/nginx/html/
rz -y 選擇軟件包位置,進(jìn)行傳輸
tar xf wordpress-5.2.3-zh_CN.tar.gz
mv wordpress blog
rm -rf wordpress-5.2.3-zh_CN.tar.gz
chown -R nginx. blog/
創(chuàng)建數(shù)據(jù)庫(kù)信息
mysql -uroot -p123456
create database wordpress;
show databases;
grant all on wordpress.* to 'wordpress'@'localhost' identified by '123456';
select user,host from mysql.user;
本地解析hosts
在瀏覽器輸入ip地址按步安裝即可表蝙,輸入對(duì)應(yīng)的數(shù)據(jù)庫(kù)名稱及密碼
www.oldboy.com拴测、bbs.oldboy.com同理
2)web02==>動(dòng)態(tài)網(wǎng)站實(shí)現(xiàn)https訪問(wèn)
vim www.conf
server {
listen 80;
server_name www.oldboy.com;
rewrite ^/(.*)$ https://$host/$1 redirect;
}
server {
listen 443 ssl;
server_name www.oldboy.com;
ssl_certificate server.crt;
ssl_certificate_key server.key;
location / {
root /usr/share/nginx/html/www/install_package;
index index.php index.html;
}
location ~ \.php$ {
root /usr/share/nginx/html/www/install_package;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
3)lb01/lb02==>nginx+keppalived負(fù)載均衡高可用
負(fù)載均衡:
vim /etc/nginx/nginx.com
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
upstream oldboy {
server 172.16.1.7:80;
}
server{
listen 80;
server_name localhost;
location / {
proxy_pass http://oldboy;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_next_upstream error timeout invalid_header http_404;
}
}
}
本地解析10.0.0.5 bbs.oldboy.com blog.oldboy.com
高可用:
負(fù)載均衡環(huán)境準(zhǔn)備
yum install -y keepalived
echo 'net.ipv4.ip_nonlocal_bind = 1' >>/etc/sysctl.conf
sysctl -p
vim /etc/nginx/nginx.conf
server {
listen 10.0.0.3:80;
server_name localhost;
systemctl restart nginx
lb01:
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb01
}
vrrp_instance oldboy {
state MASTER
interface eth0
virtual_router_id 63
priority 110
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
lb02
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id lb02
}
vrrp_instance oldboy {
state BACKUP
interface eth0
virtual_router_id 63
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
systemctl start keepalived.service
本地解析:10.0.0.3
腦裂及nginx服務(wù)停止保證主備轉(zhuǎn)換:
mkdir -p /server/scripts
vim /server/scripts/check_keepalivde.sh
#!/bin/bash
ip a|grep 10.0.0.3 &>/dev/null
if [ $? -eq 0 ]
then
echo "master and backup change"|mail -s "check keepalived server" 13636276656@163.com
fi
crontab -e
* * * * * sh /server/scripts/check_keepalived.sh
vim /server/scripts/check_web.sh
#!/bin/bash
port_info=$(netstat -lntup|grep -w 80|wc -l)
if [ $port_info -eq 0 ]
then
systemctl stop keepalived
fi
chmod +x /server/srcipts/check_web.sh
vim /etc/keepalived/keepalived.conf
vrrp_script check_web {
script "/server/scripts/check_web.sh"
interval 2
weight 2
}
track_script {
check_web
}
4)mariadb==>實(shí)現(xiàn)數(shù)據(jù)庫(kù)遷移
web01服務(wù)器端(bbs、blog)
mysqldump -uroot -p123456 -A > /tmp/mysql_bak.sql
rsync -avz /tmp/mysql_bak.sql 172.16.1.51:/tmp
vim /usr/share/nginx/html/blog/wp-config.php
define('DB_HOST', '172.16.1.51');
vim /usr/share/nginx/html/bbs/config/config_global.php
$_config['db']['1']['dbhost'] = '172.16.1.51';
vim /usr/share/nginx/html/bbs/config/config_ucenter.php
define('UC_DBHOST', '172.16.1.51');
web02服務(wù)器端(www)
mysqldump -uroot -p123456 -A > /tmp/phpcms_bak.sql
rsync -avz /tmp/phpcms_bak.sql 172.16.1.51:/tmp
vim /usr/share/nginx/html/www/install_package/caches/configs/database.php
'hostname' => '172.16.1.51',
數(shù)據(jù)庫(kù)服務(wù)器端
mysql -uroot -p123456 < /tmp/mysql_bak.sql
mysql -uroot -p123456 < /tmp/phpcms_bak.sql
mysql -uroot -p123456
grant all on wordpress.* to 'wordpress'@'172.16.1.%' identified by '123456';
grant all on ultrax.* to ''root@'172.16.1.%' identified by '123456';
grant all on phpcmsv9.* to 'phpcmsv9'@'172.16.1.%' identified by '123456';
exit
systemctl restart mariadb
5)nfs==>實(shí)現(xiàn)網(wǎng)站上傳數(shù)據(jù)實(shí)時(shí)存儲(chǔ)
web01服務(wù)器
mkdir {/tmp/wordpress_bak府蛇,/tmp/discuz_bak}
mv /usr/share/nginx/html/blog/wp-content/uploads/* /tmp/wordpress_bak
mv /usr/share/nginx/html/bbs/data/attachment/forum/* /tmp/discuz_bak/
mount -t nfs 172.16.1.31:/data/bbs /usr/share/nginx/html/bbs/data/attachment/forum
mount -t nfs 172.16.1.31:/data/blog /usr/share/nginx/html/blog/wp-content/uploads
mv /tmp/wordpress_bak/* /usr/share/nginx/html/blog/wp-content/uploads
mv /tmp/discuz_bak/* /usr/share/nginx/html/bbs/data/attachment/forum
web02服務(wù)器
mkdir /tmp/phpcms_bak
mv /usr/share/nginx/html/www/install_package/uploadfile/poster/* /tmp/phpcms_bak/
mount -t nfs 172.16.1.31:/data/www /usr/share/nginx/html/www/install_package/uploadfile/poster
mv /tmp/phpcms_bak/* /usr/share/nginx/html/www/install_package/uploadfile/poster
nfs服務(wù)器
mkdir -p /data/{bbs,blog,www}
vim /etc/exports
/data/blog 172.16.1.0/24(rw,sync,no_root_squash)
/data/www 172.16.1.0/24(rw,sync,no_root_squash)
/data/bbs 172.16.1.0/24(rw,sync,no_root_squash)
useradd -M -s /sbin/nologin nginx -u 995(與相關(guān)服務(wù)的屬主屬組及uid保持一致)
chown -R nginx. /data
systemctl restart nfs
配置自動(dòng)掛載文件
6)rsync==>定時(shí)任務(wù)實(shí)現(xiàn)與nfs服務(wù)器數(shù)據(jù)備份與還原
backup服務(wù)器端
yum install -y rsync
vim /etc/rsyncd.conf
uid = rsync
gid = rsync
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 300
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup_db]
comment = "backup dir by oldboy"
path = /backup/db/
[backup_nfs]
comment = "backup dir by oldboy"
path = /backup/nfs/
useradd -M -s /sbin/nologin rsync
echo rsync_backup:123456 > /etc/rsync.password
chmod 600 /etc/rsync.password
mkdir /dackup
chown rsync.rsync /dackup
systemctl start rsyncd
nfs服務(wù)器端
yum install -y rsync
echo 123456 >/etc/rsync.password
chmod 600 /etc/rsync.password
nfs服務(wù)器定時(shí)任務(wù)
crontab -e
30 2 * * * /usr/bin/rsync -avz /data/ rsync_backup@172.16.1.41::backup_nfs --password-file=/etc/rsync.password
7)sersync==>實(shí)時(shí)同步數(shù)據(jù)庫(kù)服務(wù)與備份服務(wù)
數(shù)據(jù)庫(kù)服務(wù)
yum install -y lrzsz
mkdir -p /server/tools
rz -y ==>選擇路徑
unzip sersync_installdir_64bit.zip
cd /server/tools/sersync_installdir_64bit
mv sersync/ /usr/local/
vim /usr/local/sersync/conf/confxml.xml
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="false"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="false"/>
<modify start="false"/>
</inotify>
<sersync>
<localpath watch="/var/lib/mysql/">
<remote ip="172.16.1.41" name="backup_db"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="rsync_backup" passwordfile="/etc/rsync.password"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
cd /usr/local/sersync/bin/
chmod +x sersync
yum install -y rsync
echo 123456 >/etc/rsync.password
chmod 600 /etc/rsync.password
./sersync -dro /usr/local/sersync/conf/confxml.xml
8)ansible==>實(shí)現(xiàn)一鍵化ssh遠(yuǎn)程連接
vim /server/scripts/distribute_key.sh
#!/bin/bash
. /etc/init.d/functions
# 創(chuàng)建秘鑰對(duì)
if [ ! -f /root/.ssh/id_dsa ]
then
ssh-keygen -t dsa -f /root/.ssh/id_dsa -P "" >/dev/null
action "key pair create" /bin/true
else
action "key pair already exists" /bin/false
fi
# 分發(fā)公鑰信息
for ip in 7 31 41 5 6 51 8
do
sshpass -p123456 ssh-copy-id -i ~/.ssh/id_dsa.pub 172.16.1.$ip -o StrictHostKeyChecking=no &>/dev/null
if [ $? -eq 0 ]
then
action "host 172.16.1.$ip pub_key distribute" /bin/true
echo ""
else
action "host 172.16.1.$ip pub_key distribute" /bin/false
echo ""
fi
done
9)rsync全網(wǎng)備份
nfs端:
mkdir -p /server/srcipts
vim backup.sh
#!/bin/bash
Backup_IP=$(hostname -I|awk '{print $NF}')
mkdir -p /backup/$Backup_IP
# 1.
tar zchPf /backup/$Backup_IP/system_backup_$(date +%F_%w).tar.gz /var/spool/cron/root /etc/rc.local /server/scripts /etc/
exports
# 2.
find /backup/ -type f -name "*.tar.gz"|xargs md5sum >/backup/$Backup_IP/finger.txt
# 3.
rsync -az /backup/ rsync_backup@172.16.1.41::backup_backup --password-file=/etc/rsync.password
# 4.
find /backup/ -type f -name "*.tar.gz" -mtime +7 -delete
crontab -e
0 2 * * * /usr/bin/sh /server/scripts/backup.sh
web01端:
mkdir /server/srcipts
vim backup.sh
#!/bin/bash
Backup_IP=$(hostname -I|awk '{print $NF}')
Backuo_html="/usr/share/nginx/html"
Backup_mysql="/var/lib/mysql"
mkdir -p /backup/$Backup_IP
# 1.
tar zchPf /backup/$Backup_IP/web_info_backup_$(date +%F_%w).tar.gz $Backup_html/bbs $Backup_html/blog
tar zchPf /backup/$Backup_IP/web_log_backup_$(date +%F_%w).tar.gz $Backup_mysql/ultrax $Backup_mysql/wordpress
tar zchPf /backup/$Backup_IP/system_backup_$(date +%F_%w).tar.gz /etc/rc.local /server/srcipts /var/spool/cron/root /etc/
nginx/conf.d/bbs.conf /etc/nginx/nginx.conf /etc/nginx/conf.d/blog.conf
# 2.
find /backup/ -type f -name "*.tar.gz"|xargs md5sum >/backup/$Backup_IP/finger.txt
# 3.
rsync -az /backup/ rsync_backup@172.16.1.41::backup_backup --password-file=/etc/rsync.password
# 4.
find /backup/ -type f -name "*.tar.gz" -mtime +7 -delete
echo 123456 > /etc/rsync.password
crontab -e
0 2 * * * /usr/bin/sh /server/scripts/backup.sh
web02端:同理
backup端:
mkdir -p /server/srcipts
vim /server/scripts/backup.sh
#!/bin/bash
# 1.
find /backup/backup/ -type f -name "finger.txt"|xargs md5sum -c >/tmp/check_data.txt
# 2.
find /backup/backup/ -type f -name "*.tar.gz" -mtime +180 ! -iname "*_2.tar.gz" -delete
crontab -e
0 6 * * * /usr/bin/sh /server/scripts/backup.sh
