一鍵部署nfs、rsync、sersync 項目代碼: 鏈接:https://pan.baidu.com/s/13I0BBAYsdK-KmPekZ5VpdA 提取碼:u2tw --來自百度網盤超級會員V6的分享 目錄結構 [root@m01 /ansible/roles]# tree -F . ├─ ...
一鍵部署nfs、rsync、sersync
項目代碼:
鏈接:https://pan.baidu.com/s/13I0BBAYsdK-KmPekZ5VpdA
提取碼:u2tw
--來自百度網盤超級會員V6的分享
目錄結構
[root@m01 /ansible/roles]# tree -F
.
├── fenfa.sh #分發秘鑰腳本
├── group_vars/ #主機組變數
│ └── all/
│ └── main.yml
├── hosts #hosts文件
├── nfs-client/
│ ├── files/
│ ├── handlers/
│ ├── tasks/
│ │ └── main.yml
│ └── templates/
├── nfs-server/
│ ├── files/
│ ├── handlers/
│ │ └── main.yml
│ ├── tasks/
│ │ └── main.yml
│ └── templates/
│ └── exports.j2
├── rsync-client/
│ ├── files/
│ ├── handlers/
│ ├── tasks/
│ │ └── main.yml
│ └── templates/
│ ├── back-conf.j2
│ └── rsync.j2
├── rsync-server/
│ ├── files/
│ ├── handlers/
│ │ └── main.yml
│ ├── tasks/
│ │ └── main.yml
│ └── templates/
│ └── rsyncd.j2
├── sersync-client/
│ ├── files/
│ ├── handlers/
│ ├── tasks/
│ │ └── main.yml
│ └── templates/
├── sersync-server/
│ ├── files/
│ │ └── sersync2.5.4_64bit_binary_stable_final.tar.gz
│ ├── handlers/
│ ├── tasks/
│ │ └── main.yml
│ └── templates/
│ └── confxml.j2*
└── top.yml #啟動文件
fenfa.sh文件內容
[root@m01 /ansible/roles]# cat fenfa.sh
#!/bin/bash
#author: wh
#version: v2
#desc: 一鍵創建秘鑰對 分發秘鑰對
#1.vars
pass=1 #伺服器的密碼
ips="172.16.1.7 172.16.1.31 172.16.1.41"
. /etc/init.d/functions
#1.4 判斷是否聯網或是否可以使用yum
#1.5 加入判斷sshpass命令是否存在,如果不存在則安裝
#2.創建秘鑰對
if [ -f ~/.ssh/id_rsa ] ;then
echo "已經創建過秘鑰對"
else
echo "正在創建秘鑰對...."
ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' &>/dev/null
if [ $? -eq 0 ];then
action "密鑰創建成功" /bin/true
else
action "密鑰創建失敗" /bin/false
fi
fi
#3.通過迴圈發送公鑰
for ip in $ips
do
sshpass -p${pass} ssh-copy-id -i ~/.ssh/id_rsa.pub -oStrictHostKeyChecking=no $ip &>/dev/null
if [ $? -eq 0 ];then
action "$ip 公鑰分發 成功" /bin/true
else
action "$ip 公鑰分發 失敗" /bin/false
fi
done
hosts文件內容
[root@m01 /ansible/roles]# cat hosts
[web]
172.16.1.7
[nfs]
172.16.1.31
[backup]
172.16.1.41
啟動文件top.yml文件內容
[root@m01 /ansible/roles]# cat top.yml
- hosts: nfs
roles:
- role: nfs-server
- role: rsync-client
- role: sersync-server
- hosts: backup
roles:
- role: rsync-server
- role: rsync-client
- role: sersync-client
- hosts: web
roles:
- role: rsync-client
- role: nfs-client
主機組變數文件內容
[root@m01 /ansible/roles]# cat group_vars/all/main.yml
#nfs的用戶
nfs_user: nfsnobody
#nfs的共用的掛載目錄
nfs_dir: /data
#nfs配置的共用目錄
nfs_server_dir: "172.16.1.31:/data"
#web掛載nfs的目錄
web_nfs_dir: /upload
#rsync用戶
rsync_user: rsync
#rsync認證用戶
rsync_auth_user: rsync_backup
#rsync服務端ip
rsync_server_ip: 172.16.1.41
#rsync備份配置文件的模板
rsync_module_name: backup
#rsync的備份共用目錄
rsync_dir: /backup
#rsync密碼文件
rsync_client_pass_dir: /etc/rsync.client
#rsync的密碼
rsync_auth_password: 1
#sersync的nfs實時同步模塊
sersync_module_name: nfsbackup
#sersync的nfs實時同步目錄
sersync_dir: /nfsbackup
nfs客戶端文件內容
[root@m01 /ansible/roles]# cat nfs-client/tasks/main.yml
- name: 安裝nfs-utils
yum:
name: nfs-utils
state: present
- name: 掛載目錄
mount:
src: "{{ nfs_server_dir }}"
path: "{{ web_nfs_dir }}"
fstype: nfs
state: mounted
nfs服務端文件內容
[root@m01 /ansible/roles]# cat nfs-server/tasks/main.yml
- name: 安裝rpcbind,nfs-utils
yum:
name: "{{ item }}"
state: present
loop:
- rpcbind
- nfs-utils
- name: 創建共用目錄,修改屬主屬組
file:
path: "{{ nfs_dir }}"
state: directory
owner: "{{ nfs_user }}"
group: "{{ nfs_user }}"
- name: 修改配置文件
template:
src: exports.j2
dest: /etc/exports
backup: yes
notify:
- 重載nfs
- name: 啟動rpcbind,nfs
systemd:
name: "{{ item }}"
enabled: yes
state: started
loop:
- rpcbind
- nfs
[root@m01 /ansible/roles]# cat nfs-server/handlers/main.yml
- name: 重載nfs
systemd:
name: nfs
state: reloaded
[root@m01 /ansible/roles]# cat nfs-server/templates/exports.j2
{{ nfs_dir }} 172.16.1.0/24(rw)
rsync客戶端文件內容
[root@m01 /ansible/roles]# cat rsync-client/tasks/main.yml
- name: 安裝rsync
yum:
name: rsync
state: present
- name: 創建腳本目錄
file:
path: /server/scripts
state: directory
- name: 分發備份腳本
template:
src: back-conf.j2
dest: /server/scripts/back-conf.sh
- name: 分發密碼文件
template:
src: rsync.j2
dest: "{{ rsync_client_pass_dir }}"
mode: 600
- name: 創建定時任務
cron:
name: backup conf
minute: "*/2"
job: sh /server/scripts/back-conf.sh &>/dev/null
state: present
[root@m01 /ansible/roles]# cat rsync-client/templates/back-conf.j2
#!/bin/bash
#author: wh
#desc: 備份配置文件+定時任務+推送到rsync服務端
source /etc/profile
source ~/.bash_profile
#定義變數
ip=`ifconfig|awk 'NR==2{print $2}'`
date=`date +%F`
backup_dir=/backup/${ip}
backup_filename=conf-${date}.tar.gz
#rsync用戶
rsync_authUser={{ rsync_auth_user }}
#rsync密碼文件
rsync_passwdFile={{ rsync_client_pass_dir }}
#服務端ip
rsync_serviceIP={{ rsync_server_ip }}
#備份伺服器備份模塊
rsync_module={{ rsync_module_name }}
#創建備份目錄
mkdir -p ${backup_dir}
#備份
tar zcf ${backup_dir}/${backup_filename} /etc/ /var/spool/cron
#生成md5sum校驗文件
md5sum ${backup_dir}/${backup_filename} > ${backup_dir}/conf.md5
#推送到rsync服務端
rsync -az ${backup_dir} ${rsync_authUser}@${rsync_serviceIP}::${rsync_module} --password-file=${rsync_passwdFile}
#刪除7天之前的備份
rm -f `find ${backup_dir} -type f -name "*.tar.gz" -mtime +7`
[root@m01 /ansible/roles]# cat rsync-client/templates/rsync.j2
{{ rsync_auth_password }}
rsync服務端文件內容
[root@m01 /ansible/roles]# cat rsync-server/tasks/main.yml
- name: 安裝rsync
yum:
name: rsync
state: present
- name: 配置rsync
template:
src: rsyncd.j2
dest: /etc/rsyncd.conf
backup: yes
notify:
- 重啟rsync
- name: 創建用戶
user:
name: "{{ rsync_user }}"
create_home: no
shell: /sbin/nologin
- name: 創建共用目錄,修改屬組屬主 /backup
file:
path: "{{ rsync_dir }}"
state: directory
owner: "{{ rsync_user }}"
group: "{{ rsync_user }}"
- name: 創建密碼文件並寫入密碼修改許可權
lineinfile:
path: /etc/rsync.password
line: "{{ rsync_auth_user }}:{{ rsync_auth_password }}"
create: yes
mode: 600
- name: 啟動rsync
systemd:
name: rsyncd
enabled: yes
state: started
[root@m01 /ansible/roles]# cat rsync-server/handlers/main.yml
- name: 重啟rsync
systemd:
name: rsyncd
state: restarted
[root@m01 /ansible/roles]# cat rsync-server/templates/rsyncd.j2
fake super =yes
uid = rsync
gid = rsync
use chroot = no
max connections = 2000
timeout = 600
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
#hosts allow = 10.0.0.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
#######################################
[{{ rsync_module_name }}]
comment = "備份文件夾"
path = {{ rsync_dir }}
[{{ sersync_module_name }}]
comment = "nfs備份文件夾"
path = {{ sersync_dir }}
sersync客戶端文件內容
[root@m01 /ansible/roles]# cat sersync-server/tasks/main.yml
- name: 創建bin目錄,conf目錄
file:
path: "{{ item }}"
state: directory
loop:
- /app/tools/sersync/bin/
- /app/tools/sersync/conf/
- name: 解壓sersync2.5.4_64bit_binary_stable_final.tar.gz
unarchive:
src: sersync2.5.4_64bit_binary_stable_final.tar.gz
dest: /root/
- name: 移動目錄
shell: "mv /root/GNU-Linux-x86/sersync2 /app/tools/sersync/bin"
- name: 拷貝配置文件
template:
src: confxml.j2
dest: /app/tools/sersync/conf/confxml.xml
backup: yes
- name: 創建快捷方式
file:
path: /bin/sersync2
src: /app/tools/sersync/bin/sersync2
state: link
- name: 啟動sersync
shell: "sersync2 -rdo /app/tools/sersync/conf/confxml.xml"
[root@m01 /ansible/roles]# cat sersync-server/templates/confxml.j2
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="false"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="false"/>
<modify start="false"/>
</inotify>
<sersync>
<localpath watch="{{ nfs_dir }}">
<remote ip="{{ rsync_server_ip }}" name="{{ sersync_module_name }}"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-az"/>
<auth start="true" users="{{ rsync_auth_user }}" passwordfile="{{ rsync_client_pass_dir }}"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
#此文件在百度網盤的鏈接接里,或者從官網下載也行
[root@m01 /ansible/roles]# ll sersync-server/files
total 712
-rw-r--r-- 1 root root 727290 Feb 7 15:27 sersync2.5.4_64bit_binary_stable_final.tar.gz
