每台计算机里面都有一个zsf用户,密码为zsf
web服务器使用nfs服务器的/data目录来做后端存储
rsync对nfs服务器的目录做实时备份,使用sersync+rsync,每天定时备份配置文件,本地保存7天,rsync服务器上保存180天。
使用管理服务器管理所有的设备。分发hosts文件,管理服务器上搭建yum仓库,管理服务器能连接外网,然后集群内所有服务器都在局域网内。
对系统做简单的优化,
所有需要备份的文件都打包到/backup目录下,脚本都存放到/scripts目录下。
需要分发的配置文件都放到/distribution目录下
服务器的优化:
#关闭SELinx and iptables
/usr/sbin/setenforce 0
/bin/sedsed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/selinux/config
/etc/init.d/iptables stop
#优化开机启动项
/sbin/chkconfig --list | grep 3:on |grep -vE "sshd|cront|rsyslog|network" |awk '{print "chkconfig --level 3 "$1" off"}'|bash
1,完成本地yum源的搭建:
mkdir /media/cdrom ;mount /dev/sr0 /media/cdrom
rm -rf /etc/yum.repos.d/*
cat >>/etc/yum.repos.d/centos.repo< [centos_yum] name=centos baseurl=file:///media/cdrom enabled=1 gpgcheck=0 EOF yum clean all yum list yum -y install vsftpd.x86_64 [root@localhost ~]# /etc/init.d/vsftpd start Starting vsftpd for vsftpd: [ OK ] [root@localhost ~]# chkconfig vsftpd on 创建本地rpm包存放的位置 mkdir /var/ftp/yum_packet cd /var/ftp/yum_packet/ cp /media/cdrom/Packages/* ./ yum -y install createrepo.noarch createrepo ./ ######分发/etc/hosts /ect/yum.repo.d/centos.repo###### #个性化设置vim cat >>/root/.vimrc < set ruler set nohlsearch set shiftwidth=2 set tabstop=4 set expandtab set cindent set autoindent syntax on EOF #修改hosts文件 cat >>/etc/hosts< 172.16.1.5 lb01 172.16.1.5 lb02 172.16.1.7 web02 172.16.1.8 web01 172.16.1.51 db01 172.16.1.31 nfs01 172.16.1.41 backup 172.16.1.61 m01 EOF mkdir /distribution cp /root/.vimrc /distribution/vimrc cp /etc/hosts /distribution/hosts #完成ssh的无密码连接 yum -y install expect(未完成) 假设现在已经完成秘钥的分发了。 #写一个分发文件文件的脚本: vim /scripts/file_fen.sh #!/bin/bash #这是一个批量分发文件的脚本 . /etc/init.d/functions function Pan { if [ $? -eq 0 ];then action "172.16.1.$IP分发" /bin/true else action "172.16.1.$IP分发" /bin/false fi } if [ $# -ne 1 ];then echo -e "Usage:/bin/sh /scripts/file_fen.sh host\n" else IP=`echo $1` ssh [email protected].$IP "[ -d /distribution ] || mkdir -p /distribution " >/dev/null 2>&1 ssh [email protected].$IP "rm -rf /distribution/*" /usr/bin/scp /distribution/* [email protected].$IP:/distribution/ >>/dev/null 2>&1 Pan ssh [email protected].$IP "cp /distribution/hosts /etc/hosts" ssh [email protected].$IP "rm -rf /etc/yum.repos.d/* && cp /distribution/centos.repo /etc/yum.repos.d/" ssh [email protected].$IP "[ -d /tools ] || mkdir -p /tools ;cp /distribution/sersync2.5.4_64bit_binary_stable_final.tar .gz /tools/" ssh [email protected].$IP "cp /distribution/vimrc /root/.vimrc" fi #备份的脚本 vim /distribution/backup.sh #!/bin/bash PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin . /etc/init.d/functions Data=`date +"%F" -d "-1 days"` Ip=`ifconfig eth2|awk -F "[ :]+" 'NR==2 {print $4}'` yum -y install rsync.x86_64 >/dev/null 2>&1 echo "password" >/etc/rsync.password chmod 600 /etc/rsync.password [ ! -d /backup/$Ip ] && mkdir -p /backup/$Ip mkdir -p /backup/$Ip/$Data tar -czPf /backup/$Ip/$Data/config.tar.gz /etc /distribution /scripts rsync -az /backup/ [email protected]::backup/ --password-file=/etc/rsync.password #搭建rsync服务: vim /distribution/rsync.sh #!/bin/bash PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin . /etc/init.d/functions #HN=host name HN=backup function Pan { if [ $? -eq 0 ];then action "$Str" /bin/true else action "$Str" /bin/false fi } hostname $HN && \ sed -i "s#HOSTNAME=localhost.localdomain#HOSTNAME=$HN#g" /etc/sysconfig/network Str="更改主机名为$HN" && Pan #安装配置rsync服务,并启动daemon yum -y install rsync.x86_64 >/dev/null 2>&1 rpc -qa rsync >/dev/null 2>&1 Str="安装rsync服务" && Pan cat >/etc/rsyncd.conf< uid = rsync gid = rsync use chroot = no max connections = 200 timeout = 300 pid file = /var/run/rsyncd.pid lock file = /var/run/rsyncd.lock log file = /var/log/rsyncd.log read only = false list = false hosts allow = 172.16.1.0/24 ignore erros [backup] comment="这是一个备份配置文件的目录" path = /backup auth users=rsync_backup secrets file = /etc/rsync.password [nfsdata] comment="这是一个网站存储目录实时备份的目录" path = /nfsdata auth users=nfs_backup secrets file = /etc/rsync_nfs.password EOF id rsync >/dev/null 2>&1 [ $? -ne 0 ] && /usr/sbin/useradd rsync -s /sbin/nologin -M [ ! -d /backup ] && /bin/mkdir -p /backup /bin/chown -R rsync:rsync /backup /bin/echo "rsync_backup:password" >/etc/rsync.password /bin/chmod 600 /etc/rsync.password [ ! -d /nfsdata ] && /bin/mkdir -p /nfsdata /bin/chown -R rsync:rsync /nfsdata /bin/echo "nfs_backup:nfspassword" >/etc/rsync_nfs.password /bin/chmod 600 /etc/rsync_nfs.password /usr/bin/rsync --daemon > echo "/usr/bin/rsync --daemon" >>/etc/rc.local #配置SMTP第三方邮件服务 /etc/init.d/postfix stop cat >>/etc/mail.rc< set smtp=smtps://smtp.qq.com:465 set smtp-auth-password=dcnhslrkexdbbgbh set smtp-auth=login set ssl-verify=ignore set nss-config-dir=/etc/pki/nssdb/ EOF #nfs服务搭建的配置文件: vim /distribution/nfs.sh #!/bin/bash PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin . /etc/init.d/functions #HN=host name HN=nfs01 function Pan { if [ $? -eq 0 ];then action "$Str" /bin/true else action "$Str" /bin/false fi } hostname $HN && \ sed -i "s#HOSTNAME=localhost.localdomain#HOSTNAME=$HN#g" /etc/sysconfig/network Str="更改主机名为$HN" && Pan yum -y install nfs-utils.x86_64 rpcbind.x86_64 >/dev/null 2>&1 rpm -qa nfs-utils rpcbind >/dev/null 2>&1 Srt="安装NFS服务及组件" && Pan /etc/init.d/rpcbind start >/dev/null 2>&1 && \ /etc/init.d/nfs start >/dev/null 2>&1 Str="启动NFS服务和RPCbind服务" && Pan chkconfig --level 3 rpcbind on && chkconfig --level 3 nfs on >/dev/null 2>&1 Str="把nfs和rpcbind设置成3级别开机自启动" && Pan echo "/data 172.16.1.0/24(rw,sync,root_squash,no_all_squash,anonuid=888,anongid=888)" > /etc/exports id webuser >/dev/null 2>&1 [ $? -ne 0 ] && /usr/sbin/useradd -u 888 webuser -s /sbin/nologin -M [ ! -d /data ] && mkdir -p /data /bin/chown -R webuser:webuser /data exportfs -arv >/dev/null 2>&1 yum -y install rsync.x86_64 >/dev/null 2>&1 rpc -qa rsync >/dev/null 2>&1 Str="安装rsync服务" && Pan cd /tools tar -xzf sersync2.5.4_64bit_binary_stable_final.tar.gz mv GNU-Linux-x86/sersync2 /sbin/sersync [ -d /etc/sersync/ ] || mkdir /etc/sersync/ mv GNU-Linux-x86/confxml.xml /etc/sersync/confxml.xml cd /etc/sersync/ && cp confxml.xml{,.bak} sed -i 's# sed -i 's# sed -i 's# sed -i 's# e="/etc/rsync_nfs.password"/>#g' /etc/sersync/confxml.xml echo "nfspassword" >/etc/rsync_nfs.password chmod 600 /etc/rsync_nfs.password /sbin/sersync -dro /etc/sersync/confxml.xml >/dev/null 2>&1 echo "/sbin/sersync -dro /etc/confxml.xml" >>/etc/rc.local ###web(nfs客户端)#### vim /distribution/web02.sh #!/bin/bash PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin . /etc/init.d/functions #HN=host name HN=web02 function Pan { if [ $? -eq 0 ];then action "$Str" /bin/true else action "$Str" /bin/false fi } hostname $HN && \ sed -i "s#HOSTNAME=localhost.localdomain#HOSTNAME=$HN#g" /etc/sysconfig/network id webuser 2&>1 /dev/null [ $? -ne 0 ] && /usr/sbin/useradd -u 888 webuser -s /sbin/nologin -M yum -y install nfs-utils.x86_64 >/dev/null 2>&1 [ ! -d /mnt/data ] && mkdir -p /mnt/data mount 172.16.1.31:/data -t nfs /mnt/data Str="挂载nfs服务上的/data" && Pan echo "mount 172.16.1.31:/data -t nfs /mnt/data" >>/etc/rc.local vim /scripts/auth_deploy.sh #!/bin/bash . /etc/init.d/functions for i in 41 31 7 do /bin/sh /scripts/file_fen.sh $i ssh [email protected].$i "echo "00 * * * * * /bin/sh /distribution/backup.sh ">>/etc/crontab" ssh [email protected].$i "/bin/sh /distribution/optimization.sh" if [ $i -eq 41 ];then ssh [email protected].$i "/bin/sh /distribution/rsync.sh" echo '##############脚本执行成功,rsync and sersync服务搭建完成#############' fi if [ $i -eq 31 ];then ssh [email protected].$i "/bin/sh /distribution/nfs.sh" && \ echo '##############脚本执行成功,nfs服务搭建完成#############' fi if [ $i -eq 7 ];then ssh [email protected].$i "/bin/sh /distribution/web02.sh" && \ echo '##############脚本执行成功,web02服务搭建完成#############' fi done ############################################## 在管理服务器上执行sh /scripts/auto_deploy.sh,等待执行完成后分别在对应的服务器上检查 在nfs服务器上: 在web服务器上 在rsync服务器上。