1 实时同步应用场景
- 通过rsync+定时任务实现定时备份/同步
- 对于NFS我们需要进行实时同步
2 实时同步工具选型
|
实时同步工具 |
特点 | 选型 |
|
inotify工具+脚本 |
inotify监控指定的目录,监控 目录下是否有变化,显示变化了的文件. 通过rsync服务端与客户端传送,书写脚本. |
不推荐,有性能问题. |
|
sersync服务 |
国产开源,sersync集成了inotify监控功能和rsync推送的功能. |
可以使用,二进制安装,性能较高,inotify的根本问题没有解决. 很久没有更新了. |
|
lsyncd服务 |
集成inotify和rsync |
性能好,yum安装,更新及时,配置简单 |
|
drbd |
基于磁盘的block(磁盘分区)级别的数据同步,备节点不可用. |
一般用于数据量巨大TB,PB或数据库. |
3 Lsyncd极速上手指南
|
角色 |
说明 | 共享目录 |
|
backup服务器(172.16.1.67) |
rsync服务端 | 共享/nfsbackup/ |
|
nfs01服务器(172.16.1.68) |
部署lsyncd实时同步服务 | 监控/data/ |
|
web01服务器(172.16.1.69) |
挂载nfs01服务器目录 |
lsync服务使用流程
1. 先准备rsync服务与客户端
2. 部署,配置lsyncd服务
3. 测试3.1 准备lsyncd环境-rsync服务端与客户端
# 1. 修改rsyncd配置文件
[nfsbackup]
comment = nfsbackup
path = /nfsbackup
# 2. 准备共享目录与修改权限
# 3. 客户端(nfs服务器)创建密码文件
# 4. nfs机器上测试,传输数据到backup的nfsbackup模块
rsync -av /etc/hostname rsync_backup@backup::nfsbackup --password-file=/etc/rsync.client3.2 lsyncd部署
#在哪台机器部署? nfs01
#1.安装
yum install -y lsyncd
#2.检查
rpm -qa |grep lsyncd
#3.配置3.3 lsync配置详解
/etc/lsyncd.conf配置详解,lua语言,注释--表示注释
配置整体2个部分
settings全局配置部分.pid文件,日志文件.
sync部分用于指定rsync命令和intofiy的选项.
[root@nfs01 ~ ]# grep -v '\-\-' /etc/lsyncd.conf
settings {
logfile = "/var/log/lsyncd.log",
pidfile = "/var/run/lsyncd.pid",
statusFile = "/var/log/lsyncd.status",
nodaemon = true,
maxProcesses = 2
}
sync {
default.rsync,
source = "/data/",
target = "[email protected]::nfsbackup",
delay = 15,
delete = true,
rsync = {
binary = "/usr/bin/rsync",
archive = true,
compress = true,
password_file = "/etc/rsync.client"
}
}--全局部分主要配置lsyncd服务,日志,pid文件.
settings {
--※※※※※日志文件,主要查看日志文件.
logfile = "/var/log/lsyncd.log",
--pid文件
pidfile = "/var/run/lsyncd.pid",
--服务状态文件
statusFile = "/var/log/lsyncd.status",
--改为非守护进程模式,默认.rsync命令,lsyncd
nodaemon = true,
--控制最多用于传输数据的进程数量 rsync进程数(最大)
--※※※※※根据cpu核心数来 一致或2倍
maxProcesses = 2
}
--配置rsync命令,rsync服务端与客户端模式
--sync部分可以有多个.
sync {
--指定rsync工作模式
default.rsync,
--※※※※※ 指定lsyncd监控目录,源目录
source = "/data/",
--※※※※※ 指定目标 rsync服务端 用户名@ip地址::模块名字
target = "[email protected]::nfsbackup",
--※※※※※ 每隔15秒同步一次.
delay = 15,
--rsync命令的 --delete 选项
delete = true,
-- 配置rsync命令位置,rsync命令选项,
rsync = {
-- 命令位置
binary = "/usr/bin/rsync",
-- rsync命令的 -a选项
archive = true,
-- rsync命令的 -z选项 压缩
compress = true,
-- ※※※※※配置rsync--password-file密码文件
password_file = "/etc/rsync.client"
}
}|
lsyncd中rsync模式 |
说明 |
|
default.rsync⭐ ⭐ ⭐ ⭐ ⭐ |
使用rsync守护进程模式 |
|
dsfalut.direct |
直接模式,本地模式rsync当前cp,mv |
|
default.rsyncssh |
通过ssh通道方式连接,rsync命令2个节点,需要配置密钥认证 |
官方文档:https://lsyncd.github.io/lsyncd/
3.4 启动lsyncd服务与测试
配置文件
settings {
logfile = "/var/log/lsyncd.log",
pidfile = "/var/run/lsyncd.pid",
statusFile = "/var/log/lsyncd.status",
nodaemon = true,
maxProcesses = 3
}
sync {
default.rsync,
source = "/data/",
target = "[email protected]::backup",
delay = 15,
delete = true,
rsync = {
binary = "/usr/bin/rsync",
archive = true,
compress = true,
password_file = "/etc/rsync.client"
}
}启动lsyncd
systemctl enable lsyncd
systemctl start lsyncd
systemctl status lsyncd
ps -ef |grep lsyncd检查与测试
3.6 麒麟sp2部署(编译安装lsyncd过程)
麒麟sp2系统 需要编译安装lsyncd 部署流程参考:https://www.yuque.com/lidao996/sre/ri259i7194d82258?singleDoc#
关于编译安装的本质:
./configure #cmake . #根据配置生成Makefile文件,用于提供给make使
用,gcc,cc编译指令.
#lsync使用cmake生成Makefile
make #调用Makefile里面的指令进行编译. 生成二进制文件.
make install #创建目录,复制文件,配置. 收尾工作.systemctl配置书写
未来参考系统中其他服务即可sshd,crond,nginx
/usr/lib/systemd/system/xxxx.service 我们自己创建,服务安装后创建都在这里.
/etc/systemd/system/xxx.service 系统安装后自带|
systemctl .service文件组成 |
说明 | 具体的指令 |
|
[Unit] |
基本信息注释 服务依赖关系 |
Description After 在指定服务启动后在启动当前服务 |
| [Service] |
类型(判断服务运行方法) 用于指定服务开启命令 服务的关闭命令 服务的重启命令 服务自动重启 ...这里可以是具体命令或脚本 |
Type默认是Simple,一般用simple,forking或notify,需要测试 ExecStart= ExecStop= ExecRestart= ExecReload(如果服务支持) |
|
[Install] |
内容基本固定用于指定运行级别 |
WantedBy=multi-user.target |
lsyncd服务的systemctl文件
lsyncd.service
cat >/usr/lib/systemd/system/lsyncd.service<<EOF
[Unit]
Description=Live Syncing (Mirror) Daemon
[Service]
Type=simple
ExecStart=/usr/local/bin/lsyncd -nodaemon /etc/lsyncd.conf
ExecStop=pkill lsyncd
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target
EOF
#书写或修改systemctl文件后要执行 如下指令,让系统重新读取systemctl配置.
systemctl daemon-reload
温馨提示:如果ExecStart/ExecStop/ExecRestart对应的指令较为复杂,或者调用变量. 需要书写脚本
/etc/init.d/lsyncd {start|stop|restart}
服务管理脚本
#!/bin/bash
#desc: 服务管理脚本.
choice=$1
function start_lsyncd() {
}
function stop_lsyncd() {
}
function restart_lsyncd() {
}
case "$choice" in
start) start_lsyncd ;;
stop) stop_lsyncd ;;
restart) restart_lsyncd ;;
* ) echo "error "
esac定时任务服务systemctl配置文件
####定时任务服务systemctl配置文件
systemctl cat crond
# /usr/lib/systemd/system/crond.service
[Unit]
Description=Command Scheduler
After=auditd.service nss-user-lookup.target systemd-usersessions.service time-sync.target ypbind.service
autofs.service
[Service]
EnvironmentFile=/etc/sysconfig/crond
ExecStart=/usr/sbin/crond -n $CRONDARGS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=30s
[Install]
WantedBy=multi-user.target
Alias=cron.service
###远程连接服务
systemctl cat sshd
# /usr/lib/systemd/system/sshd.service
[Unit]
Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
After=network.target sshd-keygen.target
Wants=sshd-keygen.target
[Service]
Type=notify
EnvironmentFile=-/etc/crypto-policies/backends/opensshserver.config
EnvironmentFile=-/etc/sysconfig/sshd-permitrootlogin
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY
$PERMITROOTLOGIN
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target
###nginx服务
systemctl cat nginx
# /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network-online.target remote-fs.target nsslookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists
but has the wrong
# SELinux context. This might happen when running `nginx -t`
from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/usr/sbin/nginx -s reload
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
##nfs服务配置
[root@nfs01 ~/lsyncd-2.3.1]# systemctl cat nfs
# /usr/lib/systemd/system/nfs-server.service
[Unit]
Description=NFS server and services
DefaultDependencies=no
Requires= network.target proc-fs-nfsd.mount
Requires= nfs-mountd.service
Wants=rpcbind.socket network-online.target
Wants=rpc-statd.service nfs-idmapd.service
Wants=rpc-statd-notify.service
Wants=nfsdcld.service
After= network-online.target local-fs.target
After= proc-fs-nfsd.mount rpcbind.socket nfs-mountd.service
After= nfs-idmapd.service rpc-statd.service
After= nfsdcld.service
Before= rpc-statd-notify.service
# GSS services dependencies and ordering
Wants=auth-rpcgss-module.service
After=rpc-gssd.service gssproxy.service rpc-svcgssd.service
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStartPre=/usr/sbin/exportfs -r
ExecStart=/usr/sbin/rpc.nfsd
ExecStop=/usr/sbin/rpc.nfsd 0
ExecStopPost=/usr/sbin/exportfs -au
ExecStopPost=/usr/sbin/exportfs -f
ExecReload=/usr/sbin/exportfs -r
[Install]
WantedBy=multi-user.target
# /run/systemd/generator/nfs-server.service.d/order-withmounts.conf
# Automatically generated by nfs-server-generator
[Unit]
RequiresMountsFor=/nfs/pics
RequiresMountsFor=/nfsdata麒麟sp2部署-完成
4 Lsyncd监控多个目录
cat /etc/lsyncd.conf
[root@nfs01 /data2]# cat /etc/lsyncd.conf
settings {
logfile = "/var/log/lsyncd.log",
pidfile = "/var/run/lsyncd.pid",
statusFile = "/var/log/lsyncd.status",
nodaemon = true,
maxProcesses = 2
}
# 监控/data/目录同步到备份服务器的nfs01backup模块
sync {
default.rsync,
source = "/data/",
target = "rsync_backup@backup::nfs01backup",
delay = 3,
delete = true,
rsync = {
binary = "/usr/bin/rsync",
archive = true,
compress = true,
password_file = "/etc/rsync.client"
}
}
# 监控/data2/目录同步到备份服务器的nfs01backup2模块
sync {
default.rsync,
source = "/data2/",
target = "rsync_backup@backup::nfs01backup2",
delay = 3,
delete = true,
rsync = {
binary = "/usr/bin/rsync",
archive = true,
compress = true,
password_file = "/etc/rsync.client"
}
}查看结果:/var/log/lsyncd.status 看到有2个sync
/var/log/lsyncd.status
[root@nfs01 /var/log]# cat lsyncd.status
Lsyncd status report at Fri Oct 18 16:48:13 2024
Sync1 source=/data/
There are 0 delays
Filtering:
nothing.
Sync2 source=/data2/
There are 0 delays
Filtering:
nothing.
Inotify watching 2 directories
1: /data/
2: /data2/5 实时同步案例
5.1 项目背景
- 我们要给网站存储做个实时同步.
- 通过对比发现lsyncd符合需求.
- 通过lsyncd给nfs服务端做个数据实时同步,同步到backup服务器
5.2 项目架构图
项目流程
1. 准备备份服务器(rsync)服务端与客户端
2. nfs服务(准备共享目录,客户端挂载)
3. 实时同步lsyncd监控指定的nfs目录(先创建好对应的目录)
4. 联调 在web服务器上创建文件,文件应该出现存储和备份上.
5.3 项目主机规划
|
角色 |
主机 | ip | 目录 |
|
web服务器 |
web01 | 10.0.0.69/172.16.1.69 | /mnt (nfs挂载点) |
|
存储服务器 |
nfs01 |
10.0.0.68/172.16.1.68 |
/data www(3999)用户 |
|
备份服务器 |
backup | 10.0.0.67/172.16.1.67 |
共享目录 /nfs01backup/ 模块nfs01backup |
设置hosts解析
cat /etc/hosts
[root@nfs01 /var/log]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.69 web01
172.16.1.70 web02
172.16.1.68 nfs01
172.16.1.67 backup
172.16.1.71 m015.4 备份服务准备
5.4.1 服务端配置
/etc/rsyncd.conf
# 修改配置文件
cat >/etc/rsyncd.conf <<EOF
##rsyncd.conf start##
fake super =yes
uid = rsync
gid = rsync
use chroot = no
max connections = 2000
timeout = 600
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
#hosts allow = 10.0.0.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
#####################################
#[data]
#comment = www by xk 14:18 2024-1-13
#path = /data
[nfs01backup]
comment = www by xk 14:18 2024-1-13
path = /nfs01backup
[nfs01backup2]
comment = www by xk 14:18 2024-1-13
path = /nfs01backup2
EOF
# 创建目录
mkdir -p /nfs01backup
#修改所有者
chown -R rsync.rsync nfs01backup
# 添加用户
useradd -s /sbin/nologin -M rsync
#添加密码
echo 'rsync_backup:Xk123456' > /etc/rsync.password
chmod 600 /etc/rsync.password
# 启动服务
systemctl enable --now rsync
systemctl restart rsync5.4.2 客户端测试
目录&密码
# 创建目录
mkdir -p /data
# 创建密码
echo 'Xk123456' > $secret
chmod 600 $secret5.5 存储服务准备
5.5.1 服务端
server
# 1.安装nfs
yum install -y rpcbind nfs-utils
# 2.启动rpc和nfs
systemctl start rpcbind
systemctl start nfs
# 3.修改配置 (可以加上all_squash)
cat >/etc/exports<<EOF
/nfs01data 172.16.1.0/24(rw,all_squash,anonuid=3999,anongid=3999)
EOF
# 4. 添加用户
groupadd -g 3999 www
useradd -u 3999 -g www -s /sbin/nologin -M www
# 5.准备共享目录
mkdir /data
chown www.www /data5.5.2 客户端挂载
deploy_nfs_client.sh
[root@web01 /server/scripts]# cat deploy_nfs_client.sh
#!/bin/bash
##############################################################
# File Name:deploy_nfs_client.sh
# Version:V1.0
# Author:xk
#
# Desc:
##############################################################
# 部署nfs客户端 deploy nfs_client
backup_ip="$1"
share_data="/data"
mount_point="/mnt"
# 添加用户
groupadd -g 3999 www
useradd -u 3999 -g www -s /sbin/nologin -M www
# 1. 临时挂载
mount -t nfs $backup_ip:$share_data $mount_point
touch $mount_point/1.txt5.6 实时同步服务准备
5.6.1 修改conf配置文件
/etc/lsyncd.conf
[root@nfs01 /server/scripts]# cat /etc/lsyncd.conf
settings {
logfile = "/var/log/lsyncd.log",
pidfile = "/var/run/lsyncd.pid",
statusFile = "/var/log/lsyncd.status",
nodaemon = true,
maxProcesses = 2
}
sync {
default.rsync,
source = "/data/",
target = "rsync_backup@backup::nfs01backup",
delay = 3,
delete = true,
rsync = {
binary = "/usr/bin/rsync",
archive = true,
compress = true,
password_file = "/etc/rsync.client"
}
}5.6.2 其他配置参考(Lsyncd极速上手指南)
5.6.3 测试
在web01服务器/mnt目录下创建文件,先看到nfs01服务器/data目录下有数据,过几秒看到backup服务器/nfs01backup目录下有数据
实时查看数据:watch ls /data/
