第二十七天作业
0 使用软件画一个服务器架构图 压缩包架构图案例可以模仿画一个 熟悉使用画图软件
1 .使用守护进程方式同步网站目录/html/www目录到 备份服务器上写出 操作笔记 方便工作使用
模版机制作配置
1. 模板机优化配置---hosts文件配置
\cp /etc/hosts{,.bak}
cat >/etc/hosts<<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web01
172.16.1.8 web02
172.16.1.9 web03
172.16.1.51 db01
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.61 m01
EOF
2. 模板机优化配置---更改yum源
#更改yum源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y wget
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
PS:yum repolist 列出yum源信息;讲解什么是epel源
3. 模板机优化配置---关闭selinux
#关闭selinux
sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
grep SELINUX=disabled /etc/selinux/config
setenforce 0
getenforce
4. 模板机优化配置---关闭iptables
#关闭iptables centos7
systemctl stop firewalld
systemctl disable firewalld
systemctl status firewalld
5. 模板机优化配置---提权oldboy可以sudo (可选配置)
#提权oldboy可以sudo(可选配置)
useradd oldboy
echo 123456|passwd --stdin oldboy
\cp /etc/sudoers /etc/sudoers.ori
echo "oldboy ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
tail -1 /etc/sudoers
visudo -c
6. 模板机优化配置---英文字符集
#英文字符集
localectl set-locale LANG="en_US.UTF-8"
7. 模板机优化配置---时间同步
#时间同步
yum install -y ntpdate
echo '#time sync by lidao at 2017-03-08' >>/var/spool/cron/root
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
crontab -l
8. 模板机优化配置---加大文件描述
yum install -y lsof
lsof -i:22
#加大文件描述
echo '* - nofile 65536' >>/etc/security/limits.conf
tail -1 /etc/security/limits.conf
说明:
一个服务程序运行起来,会打开相应的文件
crond定时任务服务---systemctl start crond --- 打开相应文件
/var/spool/cron/root --- 加载打开配置文件
/var/log/cron --- 加载打开日志文件
9. 模板机优化配置---安装其他小软件
#安装其他小软件
yum install lrzsz nmap tree dos2unix nc telnet wget lsof ntpdate bash-completion bash-completion-extras -y
10. 模板机优化配置---ssh连接速度慢优化
#ssh连接速度慢优化
sed -i.bak 's@#UseDNS yes@UseDNS no@g;s@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g' /etc/ssh/sshd_config
systemctl restart sshd
具体演示过程
[root@node-5 ~]# \cp /etc/hosts{,.bak}
[root@node-5 ~]# cat >/etc/hosts<<EOF
> 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
> ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
> 172.16.1.5 lb01
> 172.16.1.6 lb02
> 172.16.1.7 web01
> 172.16.1.8 web02
> 172.16.1.9 web03
> 172.16.1.51 db01
> 172.16.1.31 nfs01
> 172.16.1.41 backup
> 172.16.1.61 m01
> EOF
[root@node-5 ~]# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
mv: overwrite ‘/etc/yum.repos.d/CentOS-Base.repo.backup’? y
[root@node-5 ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2523 100 2523 0 0 6658 0 --:--:-- --:--:-- --:--:-- 6674
[root@node-5 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
--2024-03-21 16:39:34-- http://mirrors.aliyun.com/repo/epel-7.repo
Resolving mirrors.aliyun.com (mirrors.aliyun.com)... 222.186.18.237, 171.15.36.238, 119.96.90.212, ...
Connecting to mirrors.aliyun.com (mirrors.aliyun.com)|222.186.18.237|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 664 [application/octet-stream]
Saving to: ‘/etc/yum.repos.d/epel.repo’
100%[=================================================================>] 664 --.-K/s in 0.001s
2024-03-21 16:39:35 (815 KB/s) - ‘/etc/yum.repos.d/epel.repo’ saved [664/664]
[root@node-5 ~]# sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
[root@node-5 ~]# grep SELINUX=disabled /etc/selinux/config
SELINUX=disabled
[root@node-5 ~]# setenforce 0
setenforce: SELinux is disabled
[root@node-5 ~]# getenforce
Disabled
[root@node-5 ~]# systemctl stop firewalld
[root@node-5 ~]# systemctl disable firewalld
[root@node-5 ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
Active: inactive (dead)
Mar 21 16:40:08 node-5 systemd[1]: Stopped firewalld - dynamic firewall daemon.
[root@node-5 ~]# useradd oldboy
[root@node-5 ~]# echo 123456|passwd --stdin oldboy
Changing password for user oldboy.
passwd: all authentication tokens updated successfully.
[root@node-5 ~]# \cp /etc/sudoers /etc/sudoers.ori
[root@node-5 ~]# echo "oldboy ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
[root@node-5 ~]# tail -1 /etc/sudoers
oldboy ALL=(ALL) NOPASSWD: ALL
[root@node-5 ~]# visudo -c
/etc/sudoers: parsed OK
[root@node-5 ~]# localectl set-locale LANG="en_US.UTF-8"
[root@node-5 ~]# yum install -y ntpdate
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/2): epel/x86_64/updateinfo | 1.0 MB 00:00:02
(2/2): epel/x86_64/primary_db | 7.0 MB 00:00:15
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Package ntpdate-4.2.6p5-29.el7.centos.2.x86_64 already installed and latest version
Nothing to do
[root@node-5 ~]# echo '#time sync by lidao at 2017-03-08' >>/var/spool/cron/root
[root@node-5 ~]# echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
[root@node-5 ~]# crontab -l
*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1
#time sync by lidao at 2017-03-08
*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1
[root@node-5 ~]# yum install -y lsof
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package lsof.x86_64 0:4.87-6.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
lsof x86_64 4.87-6.el7 base 331 k
Transaction Summary
===========================================================================================================
Install 1 Package
Total download size: 331 k
Installed size: 927 k
Downloading packages:
lsof-4.87-6.el7.x86_64.rpm | 331 kB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : lsof-4.87-6.el7.x86_64 1/1
Verifying : lsof-4.87-6.el7.x86_64 1/1
Installed:
lsof.x86_64 0:4.87-6.el7
Complete!
[root@node-5 ~]# lsof -i:22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1082 root 3u IPv4 16641 0t0 TCP *:ssh (LISTEN)
sshd 1082 root 4u IPv6 16643 0t0 TCP *:ssh (LISTEN)
sshd 2187 root 3u IPv4 18255 0t0 TCP 10.0.1.105:ssh->10.0.1.1:10721 (ESTABLISHED)
[root@node-5 ~]# echo '* - nofile 65536' >>/etc/security/limits.conf
[root@node-5 ~]# tail -1 /etc/security/limits.conf
* - nofile 65536
[root@node-5 ~]# yum install lrzsz nmap tree dos2unix nc telnet wget lsof ntpdate bash-completion bash-completion-extras -y
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Package lrzsz-0.12.20-36.el7.x86_64 already installed and latest version
Package dos2unix-6.0.3-7.el7.x86_64 already installed and latest version
Package wget-1.14-18.el7_6.1.x86_64 already installed and latest version
Package lsof-4.87-6.el7.x86_64 already installed and latest version
Package ntpdate-4.2.6p5-29.el7.centos.2.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package bash-completion.noarch 1:2.1-8.el7 will be installed
---> Package bash-completion-extras.noarch 1:2.1-11.el7 will be installed
---> Package nmap.x86_64 2:6.40-19.el7 will be installed
---> Package nmap-ncat.x86_64 2:6.40-19.el7 will be installed
---> Package telnet.x86_64 1:0.17-66.el7 will be installed
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
bash-completion noarch 1:2.1-8.el7 base 87 k
bash-completion-extras noarch 1:2.1-11.el7 epel 123 k
nmap x86_64 2:6.40-19.el7 base 3.9 M
nmap-ncat x86_64 2:6.40-19.el7 base 206 k
telnet x86_64 1:0.17-66.el7 updates 64 k
tree x86_64 1.6.0-10.el7 base 46 k
Transaction Summary
===========================================================================================================
Install 6 Packages
Total download size: 4.5 M
Installed size: 17 M
Downloading packages:
(1/6): bash-completion-extras-2.1-11.el7.noarch.rpm | 123 kB 00:00:00
(2/6): bash-completion-2.1-8.el7.noarch.rpm | 87 kB 00:00:00
(3/6): nmap-ncat-6.40-19.el7.x86_64.rpm | 206 kB 00:00:00
(4/6): tree-1.6.0-10.el7.x86_64.rpm | 46 kB 00:00:00
(5/6): telnet-0.17-66.el7.x86_64.rpm | 64 kB 00:00:00
(6/6): nmap-6.40-19.el7.x86_64.rpm | 3.9 MB 00:00:09
-----------------------------------------------------------------------------------------------------------
Total 491 kB/s | 4.5 MB 00:00:09
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 2:nmap-ncat-6.40-19.el7.x86_64 1/6
Installing : 1:bash-completion-2.1-8.el7.noarch 2/6
Installing : 1:bash-completion-extras-2.1-11.el7.noarch 3/6
Installing : 2:nmap-6.40-19.el7.x86_64 4/6
Installing : tree-1.6.0-10.el7.x86_64 5/6
Installing : 1:telnet-0.17-66.el7.x86_64 6/6
Verifying : 1:telnet-0.17-66.el7.x86_64 1/6
Verifying : 1:bash-completion-2.1-8.el7.noarch 2/6
Verifying : 2:nmap-ncat-6.40-19.el7.x86_64 3/6
Verifying : tree-1.6.0-10.el7.x86_64 4/6
Verifying : 1:bash-completion-extras-2.1-11.el7.noarch 5/6
Verifying : 2:nmap-6.40-19.el7.x86_64 6/6
Installed:
bash-completion.noarch 1:2.1-8.el7 bash-completion-extras.noarch 1:2.1-11.el7 nmap.x86_64 2:6.40-19.el7
nmap-ncat.x86_64 2:6.40-19.el7 telnet.x86_64 1:0.17-66.el7 tree.x86_64 0:1.6.0-10.el7
Complete!
[root@node-5 ~]# sed -i.bak 's@#UseDNS yes@UseDNS no@g;s@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g' /etc/ssh/sshd_config
[root@node-5 ~]# systemctl restart sshd
环境:虚拟机
ip :10.0.1.0
网关:10.0.1.2
子网掩码:255.255.255.0
服务端ip:10.0.1.105
客户端ip:10.0.1.120
服务端部署(备份服务器):rsync
第一步:下载安装软件
[root@localhost ~]# yum install -y rsync
第二步:编写配置文件
[root@localhost ~]# vim /etc/rsyncd.conf
uid=rsync
gid=rsync
port=873
fake super = yes
use chroot = no
max connections= 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 10.0.1.0/24
#hosts deny =
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
comment =" welcome to RSYNC backup"
path = /backup
第三步:创建rsync服务虚拟用户
[root@localhost ~]# useradd rsync -M -s /sbin/nologin
第四步:创建rsync服务的认证密码文件并修改权限
[root@localhost ~]# echo "rsync_backup:123456">/etc/rsync.password
[root@localhost ~]# chmod 600 /etc/rsync.password
第五步:创建备份文件所需的目录并修改用户文件的属主和属组
[root@localhost ~]# mkdir /backup
[root@localhost ~]# chown rsync.rsync /backup -R
第六步:启动备份rsync服务
[root@localhost ~]# systemctl start rsyncd
[root@localhost ~]# systemctl enable rsyncd
客户端部署(网站服务器):rsync 配置文件不用改默认即可
第一步:下载安装软件
[root@localhost ~]# yum install -y rsync
第二步:创建一个密码文件
[root@localhost ~]# echo "123456" >/etc/rsync.password
[root@localhost ~]# chmod 600 /etc/rsync.password
第三步:测试用免交互方式同步文件
[root@localhost ~]# rsync -avz /oldboy/* [email protected]::backup --password-file=/etc/rsync.password
具体效果演示
具体实现过程
ip:10.0.1.111
服务端:
[root@web1 ~]# yum install -y rsync
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package rsync.x86_64 0:3.1.2-12.el7_9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
rsync x86_64 3.1.2-12.el7_9 updates 408 k
Transaction Summary
===========================================================================================================
Install 1 Package
Total download size: 408 k
Installed size: 820 k
Downloading packages:
rsync-3.1.2-12.el7_9.x86_64.rpm | 408 kB 00:00:05
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : rsync-3.1.2-12.el7_9.x86_64 1/1
Verifying : rsync-3.1.2-12.el7_9.x86_64 1/1
Installed:
rsync.x86_64 0:3.1.2-12.el7_9
Complete!
[root@web1 ~]# vim /etc/rsyncd.conf
把这一串粘进去
uid=rsync
gid=rsync
port=873
fake super = yes
use chroot = no
max connections= 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 10.0.1.0/24
#hosts deny =
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
comment =" welcome to RSYNC backup"
[root@web1 ~]# useradd rsync -M -s /sbin/nologin
[root@web1 ~]# echo "rsync_backup:123456">/etc/rsync.password
[root@web1 ~]# chmod 600 /etc/rsync.password
[root@web1 ~]# mkdir /backup
[root@web1 ~]# chown rsync.rsync /backup -R
[root@web1 ~]# systemctl start rsyncd
[root@web1 ~]# systemctl enable rsyncd
ln -s '/usr/lib/systemd/system/rsyncd.service' '/etc/systemd/system/multi-user.target.wants/rsyncd.service'
客户端
ip:10.0.1.113
[root@web02 ~]# yum install -y rsync
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package rsync.x86_64 0:3.1.2-12.el7_9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
rsync x86_64 3.1.2-12.el7_9 updates 408 k
Transaction Summary
===========================================================================================================
Install 1 Package
Total download size: 408 k
Installed size: 820 k
Downloading packages:
rsync-3.1.2-12.el7_9.x86_64.rpm | 408 kB 00:00:06
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : rsync-3.1.2-12.el7_9.x86_64 1/1
Verifying : rsync-3.1.2-12.el7_9.x86_64 1/1
Installed:
rsync.x86_64 0:3.1.2-12.el7_9
Complete!
[root@web02 ~]# echo "123456" >/etc/rsync.password
[root@web02 ~]# chmod 600 /etc/rsync.password
[root@web02 ~]# rsync -avz /oldboy/* [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
rsync: change_dir "/oldboy" failed: No such file or directory (2)
sent 24 bytes received 20 bytes 8.00 bytes/sec
total size is 0 speedup is 0.00
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1179) [sender=3.1.2]
[root@web02 ~]# rsync -avz /etc/passwd [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
passwd
sent 559 bytes received 43 bytes 92.62 bytes/sec
total size is 1,070 speedup is 1.78
测试
测试------客户端数据备份到rsync服务器端
客户端
ip:10.0.1.113
第一种方式:输入密码-进行备份
[root@web02 test]# rsync -avz /etc/hosts [email protected]::backup
Password:
sending incremental file list
hosts
sent 215 bytes received 43 bytes 24.57 bytes/sec
total size is 352 speedup is 1.36
第二种方式:不输入密码--指定密码文件
[root@web02 ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
wang:x:1000:1000:wang:/home/wang:/bin/bash
ntp:x:38:38::/etc/ntp:/sbin/nologin
it01:x:1001:1001::/home/it01:/bin/bash
oldboy:x:1002:1002::/home/oldboy:/bin/bash
[root@web02 ~]# rsync -avz /etc/passwd [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
passwd
sent 559 bytes received 43 bytes 92.62 bytes/sec
total size is 1,070 speedup is 1.78
服务端
ip:10.0.1.111
第一种方式:输入密码-进行备份 对应效果
[root@web1 ~]# cd /backup
[root@web1 backup]# ls
[root@web1 backup]# ls
hosts passwd
第二种方式:不输入密码--指定密码文件 对应效果
[root@web1 ~]# cd /backup
[root@web1 backup]# ls
[root@web1 backup]# ls
passwd
[root@web1 backup]# cat passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
tss:x:59:59:Account used by the trousers package to sandbox the tcsd daemon:/dev/null:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
wang:x:1000:1000:wang:/home/wang:/bin/bash
ntp:x:38:38::/etc/ntp:/sbin/nologin
it01:x:1001:1001::/home/it01:/bin/bash
oldboy:x:1002:1002::/home/oldboy:/bin/bash
2 把 /etc/hosts 备份远程服务器/root目录 实战演示
环境:虚拟机
ip :10.0.1.0
网关:10.0.1.2
子网掩码:255.255.255.0
服务端ip:10.0.1.111
客户端ip:10.0.1.113
第一种方法:scp
scp /etc/hosts [email protected]:/root
客户端
[root@web02 ~]# scp /etc/hosts [email protected]:/root
[email protected]'s password:
hosts 100% 352 0.3KB/s 00:00
服务端
[root@web1 ~]# ls
anaconda-ks.cfg hosts html ifcfg-eno16777736 it01
第二种方法:rsync
rsync /etc/host [email protected]:/root
客户端
[root@web02 ~]# rsync /etc/host [email protected]:/root
服务端
[root@web1 ~]# ls
anaconda-ks.cfg hosts html ifcfg-eno16777736 it01
[root@web1 ~]# ls
anaconda-ks.cfg hostname hosts html ifcfg-eno16777736 it01
第三种方法:rsync远程密码推送
linux系统安装部署服务流程:
a 下载安装软件 yum
b 编写配置文件
c 搭建服务环境 备份的目录/目录权限
d 启动服务程序 开机自动启动
e 测试服务功能
服务端部署(备份服务器):rsync
第一步:下载安装软件
[root@localhost ~]# yum install -y rsync
第二步:编写配置文件
[root@localhost ~]# vim /etc/rsyncd.conf
uid=rsync
gid=rsync
port=873
fake super = yes
use chroot = no
max connections= 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 10.0.1.0/24
#hosts deny =
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
comment =" welcome to RSYNC backup"
path = /backup/root
第三步:创建rsync服务虚拟用户
[root@localhost ~]# useradd rsync -M -s /sbin/nologin
第四步:创建rsync服务的认证密码文件并修改权限
[root@localhost ~]# echo "rsync_backup:123456">/etc/rsync.password
[root@localhost ~]# chmod 600 /etc/rsync.password
第五步:创建备份文件所需的目录并修改用户文件的属主和属组
[root@localhost ~]# mkdir /backup
[root@localhost ~]# mkdir root
给文件夹权限你可以给主备份backup目录权限,也可以给把backup root 子目录权限,只不过一般我们直接给主目录权限,直接设置了,不必多此一举
[root@localhost ~]# chown rsync.rsync /backup -R
第六步:启动备份rsync服务
[root@localhost ~]# systemctl start rsyncd
[root@localhost ~]# systemctl enable rsyncd
客户端部署(网站服务器):rsync 配置文件不用改默认即可
第一步:下载安装软件
[root@localhost ~]# yum install -y rsync
第二步:创建一个密码文件
[root@localhost ~]# echo "123456" >/etc/rsync.password
[root@localhost ~]# chmod 600 /etc/rsync.password
第三步:测试用免交互方式同步文件
[root@localhost ~]# rsync -avz /etc/hosts [email protected]::backup --password-file=/etc/rsync.password
具体演示效果(第三种)
服务端
ip:10.0.1.105
[root@node-5 ~]# yum install -y rsync
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package rsync.x86_64 0:3.1.2-12.el7_9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
rsync x86_64 3.1.2-12.el7_9 updates 408 k
Transaction Summary
===========================================================================================================
Install 1 Package
Total download size: 408 k
Installed size: 820 k
Downloading packages:
rsync-3.1.2-12.el7_9.x86_64.rpm | 408 kB 00:00:01
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : rsync-3.1.2-12.el7_9.x86_64 1/1
Verifying : rsync-3.1.2-12.el7_9.x86_64 1/1
Installed:
rsync.x86_64 0:3.1.2-12.el7_9
Complete!
[root@node-5 ~]# vim /etc/rsyncd.conf
[root@node-5 ~]# useradd rsync -M -s /sbin/nologin
[root@node-5 ~]# echo "rsync_backup:123456">/etc/rsync.password
[root@node-5 ~]# chmod 600 /etc/rsync.password
[root@node-5 ~]# mkdir /backup/root
mkdir: cannot create directory ‘/backup/root’: No such file or directory
[root@node-5 ~]# mkdir /backup/
[root@node-5 ~]# cd /backup/
[root@node-5 backup]# mkdir /root
mkdir: cannot create directory ‘/root’: File exists
[root@node-5 backup]# ls
[root@node-5 backup]# cd root/
-bash: cd: root/: No such file or directory
[root@node-5 backup]# cd root
-bash: cd: root: No such file or directory
[root@node-5 backup]# cd /root
[root@node-5 ~]# cd /backup/
[root@node-5 backup]# mkdir root
[root@node-5 backup]# ls
root
[root@node-5 backup]# chown rsync.rsync /backup/root/ -R
[root@node-5 backup]# systemctl start rsyncd
[root@node-5 backup]# systemctl enable rsyncd
ln -s '/usr/lib/systemd/system/rsyncd.service' '/etc/systemd/system/multi-user.target.wants/rsyncd.service'
客户端
ip:10.0.1.120
[root@web ~]# yum install -y rsync
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package rsync.x86_64 0:3.1.2-12.el7_9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
rsync x86_64 3.1.2-12.el7_9 updates 408 k
Transaction Summary
===========================================================================================================
Install 1 Package
Total download size: 408 k
Installed size: 820 k
Downloading packages:
rsync-3.1.2-12.el7_9.x86_64.rpm | 408 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : rsync-3.1.2-12.el7_9.x86_64 1/1
Verifying : rsync-3.1.2-12.el7_9.x86_64 1/1
Installed:
rsync.x86_64 0:3.1.2-12.el7_9
Complete!
[root@web ~]# echo "123456" >/etc/rsync.password
[root@web ~]# chmod 600 /etc/rsync.password
测试
客户端
[root@web ~]# rsync -avz /etc/hosts [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
hosts
sent 215 bytes received 43 bytes 516.00 bytes/sec
total size is 352 speedup is 1.36
服务端
[root@node-5 backup]# ls
root
[root@node-5 backup]# cd root/
[root@node-5 root]# ls
hosts
3 排除备份实战演示 写出命令
环境:虚拟机
ip :10.0.1.0
网关:10.0.1.2
子网掩码:255.255.255.0
服务端ip:10.0.1.111
客户端ip:10.0.1.113
服务端部署(备份服务器):rsync
第一步:下载安装软件
[root@localhost ~]# yum install -y rsync
第二步:编写配置文件
[root@localhost ~]# vim /etc/rsyncd.conf
uid=rsync
gid=rsync
port=873
fake super = yes
use chroot = no
max connections= 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 10.0.1.0/24
#hosts deny =
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
comment =" welcome to RSYNC backup"
path = /backup
第三步:创建rsync服务虚拟用户
[root@localhost ~]# useradd rsync -M -s /sbin/nologin
第四步:创建rsync服务的认证密码文件并修改权限
[root@localhost ~]# echo "rsync_backup:123456">/etc/rsync.password
[root@localhost ~]# chmod 600 /etc/rsync.password
第五步:创建备份文件所需的目录并修改用户文件的属主和属组
[root@localhost ~]# mkdir /backup
[root@localhost ~]# chown rsync.rsync /backup -R
第六步:启动备份rsync服务
[root@localhost ~]# systemctl start rsyncd
[root@localhost ~]# systemctl enable rsyncd
客户端部署(网站服务器):rsync 配置文件不用改默认即可
第一步:下载安装软件
[root@localhost ~]# yum install -y rsync
第二步:创建一个密码文件
[root@localhost ~]# echo "123456" >/etc/rsync.password
[root@localhost ~]# chmod 600 /etc/rsync.password
第三步:测试用免交互方式同步文件
[root@localhost ~]# rsync -avz /oldboy/* [email protected]::backup --password-file=/etc/rsync.password
具体实现过程
ip:10.0.1.111
服务端:
[root@web1 ~]# yum install -y rsync
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package rsync.x86_64 0:3.1.2-12.el7_9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
rsync x86_64 3.1.2-12.el7_9 updates 408 k
Transaction Summary
===========================================================================================================
Install 1 Package
Total download size: 408 k
Installed size: 820 k
Downloading packages:
rsync-3.1.2-12.el7_9.x86_64.rpm | 408 kB 00:00:05
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : rsync-3.1.2-12.el7_9.x86_64 1/1
Verifying : rsync-3.1.2-12.el7_9.x86_64 1/1
Installed:
rsync.x86_64 0:3.1.2-12.el7_9
Complete!
[root@web1 ~]# vim /etc/rsyncd.conf
把这一串粘进去
uid=rsync
gid=rsync
port=873
fake super = yes
use chroot = no
max connections= 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 10.0.1.0/24
#hosts deny =
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
comment =" welcome to RSYNC backup"
[root@web1 ~]# useradd rsync -M -s /sbin/nologin
[root@web1 ~]# echo "rsync_backup:123456">/etc/rsync.password
[root@web1 ~]# chmod 600 /etc/rsync.password
[root@web1 ~]# mkdir /backup
[root@web1 ~]# chown rsync.rsync /backup -R
[root@web1 ~]# systemctl start rsyncd
[root@web1 ~]# systemctl enable rsyncd
ln -s '/usr/lib/systemd/system/rsyncd.service' '/etc/systemd/system/multi-user.target.wants/rsyncd.service'
客户端
ip:10.0.1.113
[root@web02 ~]# yum install -y rsync
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package rsync.x86_64 0:3.1.2-12.el7_9 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================================================
Package Arch Version Repository Size
===========================================================================================================
Installing:
rsync x86_64 3.1.2-12.el7_9 updates 408 k
Transaction Summary
===========================================================================================================
Install 1 Package
Total download size: 408 k
Installed size: 820 k
Downloading packages:
rsync-3.1.2-12.el7_9.x86_64.rpm | 408 kB 00:00:06
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : rsync-3.1.2-12.el7_9.x86_64 1/1
Verifying : rsync-3.1.2-12.el7_9.x86_64 1/1
Installed:
rsync.x86_64 0:3.1.2-12.el7_9
Complete!
[root@web02 ~]# echo "123456" >/etc/rsync.password
[root@web02 ~]# chmod 600 /etc/rsync.password
[root@web02 ~]# rsync -avz /oldboy/* [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
rsync: change_dir "/oldboy" failed: No such file or directory (2)
sent 24 bytes received 20 bytes 8.00 bytes/sec
total size is 0 speedup is 0.00
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1179) [sender=3.1.2]
[root@web02 ~]# rsync -avz /etc/passwd [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
passwd
sent 559 bytes received 43 bytes 92.62 bytes/sec
total size is 1,070 speedup is 1.78
上面步骤我自己都做好了,这里就不做了
排除命令 rsync -avz /data --exclude /data/1.txt [email protected]::backup --password-file=/etc/rsync.password
测试
需求1:备份/data 排除1.txt
客户端
ip:10.0.1.113
[root@web02 ~]# mkdir /data
[root@web02 ~]# cd /data
[root@web02 data]# ls
[root@web02 data]# touch {1..10}.txt
[root@web02 data]# ls
10.txt 1.txt 2.txt 3.txt 4.txt 5.txt 6.txt 7.txt 8.txt 9.txt
[root@web02 data]# rsync -avz /data --exclude /data/1.txt [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
data/
data/10.txt
data/2.txt
data/3.txt
data/4.txt
data/5.txt
data/6.txt
data/7.txt
data/8.txt
data/9.txt
sent 545 bytes received 199 bytes 135.27 bytes/sec
total size is 0 speedup is 0.00
服务端
ip:10.0.1.111
[root@web1 backup]# ls
[root@web1 backup]# ls
data
进当前目录的相对目录
[root@web1 backup]# cd data/
[root@web1 data]# ls
10.txt 2.txt 3.txt 4.txt 5.txt 6.txt 7.txt 8.txt 9.txt
[root@web1 data]# tree
.
├── 10.txt
├── 2.txt
├── 3.txt
├── 4.txt
├── 5.txt
├── 6.txt
├── 7.txt
├── 8.txt
└── 9.txt
0 directories, 9 files
需求2:排除一个目录
rsync -avz /data --exclude /data/test [email protected]::backup --password-file=/etc/rsync.password
客户端
[root@web02 data]# mkdir test
[root@web02 data]# ls
10.txt 1.txt 2.txt 3.txt 4.txt 5.txt 6.txt 7.txt 8.txt 9.txt test
[root@web02 data]# rsync -avz /data --exclude /data/test [email protected]::backup --password-file=/etc/rsync.password
sending incremental file list
data/
data/1.txt
sent 277 bytes received 47 bytes 58.91 bytes/sec
total size is 0 speedup is 0.00
服务端
[root@web1 data]# tree
.
├── 10.txt
├── 1.txt
├── 2.txt
├── 3.txt
├── 4.txt
├── 5.txt
├── 6.txt
├── 7.txt
├── 8.txt
└── 9.txt
0 directories, 10 files