高可用軟件：keepalived
負(fù)載均衡：nginx/lvs/haproxy
web服務(wù)器：nginx/apache
數(shù)據(jù)庫：MySQL/MongoDB/Oracle
存儲：NFS/FastdFS/GFS/MFS
備份：Rsync+定時(shí)任務(wù)
實(shí)時(shí)復(fù)制：Rsync+inotify/sersync
緩存：Redis/Memcached
秘密通道：Open×××/×××
跳板機(jī)：Shell/JumpServer/CreazyEYE/GateONE
批量管理：Ansible/SaltStack/Pssh
監(jiān)控：Zabbix/Nagios+cacti
網(wǎng)站的更新過程（代碼上線流程）：辦公室測試環(huán)境-線上測試環(huán)境-線上環(huán)境
1.從安裝系統(tǒng)開始準(zhǔn)備
安裝虛擬機(jī)過程中添加網(wǎng)卡（網(wǎng)絡(luò)適配器2 NAT）

網(wǎng)絡(luò)適配器2，LAN區(qū)段：172.16.1.0/24

eth0 ip 10.0.0.210 netmask 24
gateway 10.0.0.254
DNS 223.5.5.5

eth1 ip 172.16.1.210 netmask 24

磁盤分區(qū)如下：

安裝包選擇如下：

2.統(tǒng)一網(wǎng)絡(luò)環(huán)境網(wǎng)關(guān)都是 10.0.0.254

本機(jī)我的電腦===>網(wǎng)絡(luò)連接

2.5 服務(wù)器ip地址規(guī)劃服務(wù)器說明外網(wǎng)IP（NAT）內(nèi)網(wǎng)IP（LAN區(qū)段/Host-only）主機(jī)名規(guī)劃
A1-nginx負(fù)載服務(wù)器 01 10.0.0.5/24 172.16.1.5/24 lb01
A1-nginx負(fù)載服務(wù)器 02 10.0.0.6/24 172.16.1.6/24 lb02
B2-nginx web服務(wù)器10.0.0.7/24 172.16.1.7/24 web02
B2-nginx web服務(wù)器10.0.0.8/24 172.16.1.8/24 web01
C3-mysql數(shù)據(jù)庫服務(wù)器10.0.0.51/24 172.16.1.51/24 db01
C1-NFS存儲服務(wù)器10.0.0.31/24 172.16.1.31/24 nfs01
C2-rsync存儲服務(wù)器10.0.0.41/24 172.16.1.41/24 backup
X-管理服務(wù)器10.0.0.61/24 172.16.1.61/24 m01

3.系統(tǒng)優(yōu)化

#所有服務(wù)器模板機(jī)的基本優(yōu)化
cp /etc/hosts{,.bak}
cat >/etc/hosts<<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web02
172.16.1.8 web01
172.16.1.51 db01 db01.etiantian.org
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.61 m01
EOF
#0、更改yum源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
mv /etc/yum.repos.d/epel-testing.repo /etc/yum.repos.d/epel-testing.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
#yum makecache
#1、關(guān)閉selinux
sed -i.bak 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
grep SELINUX=disabled /etc/selinux/config
setenforce 0
getenforce
#2、關(guān)閉iptables
/etc/init.d/iptables stop
/etc/init.d/iptables stop
chkconfig iptables off
#3、精簡開機(jī)自啟動服務(wù)
export LANG=en
chkconfig|egrep -v "crond|sshd|network|rsyslog|sysstat"|awk '{print"chkconfig",$1,"off"}'|bash
chkconfig --list|grep 3:on
#4、提權(quán)oldboy可以sudo
useradd oldboy
echo 123456|passwd --stdin oldboy
\cp /etc/sudoers /etc/sudoers.ori
echo "oldboy ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
visudo -c
#5、英文字符集
cp /etc/sysconfig/i18n /etc/sysconfig/i18n.ori
echo 'LANG="en_US.UTF-8"' >/etc/sysconfig/i18n
source /etc/sysconfig/i18n
echo $LANG
#6、時(shí)間同步
echo '#time sync by lidao at 2017-03-08' >>/var/spool/cron/root
echo '/5 /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
crontab -l
#8、加大文件描述
echo ' -nofile 65535 ' >>/etc/security/limits.conf
tail -1 /etc/security/limits.conf
#9、內(nèi)核優(yōu)化
cat >>/etc/sysctl.conf<<EOF
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
#以下參數(shù)是對iptables防火墻的優(yōu)化，防火墻不開會提示，可以忽略不理。
net.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_tcp_timeout_established= 180
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
EOF
sysctl -p
#10、安裝其他小軟件
yum install lrzsz nmap tree dos2unix nc telnet sl -y
#11、ssh連接速度慢優(yōu)化
sed -i.bak 's@#UseDNS yes@UseDNS no@g;s@^GSSAPIAuthentication yes@GSSAPIAuthentication no@g' /etc/ssh/sshd_config
/etc/init.d/sshd reload

4.學(xué)會克隆虛擬機(jī)
!!!!!!!!!!
克隆前準(zhǔn)備
1清2刪
1清

/etc/udev/rules.d/70-persistent-net.rules

2刪
sed -ri '/UUID|HWADDR/d' /etc/sysconfig/network-scripts/ifcfg-eth*

修改IP地址、修改主機(jī)名、重啟網(wǎng)卡
sed -i '/IPADDR/s#210$#31#g' /etc/sysconfig/network-scripts/ifcfg-eth*
vi /etc/sysconfig/network
/etc/init.d/network restart
20180526 完成

Rsync 的企業(yè)工作場景說明

1.）定時(shí)備份
1.1.生產(chǎn)場景集群架構(gòu)服務(wù)器備份方案項(xiàng)目
借助cron+rsync把所有客戶服務(wù)器數(shù)據(jù)同步到備份服務(wù)器

1.針對公司重要數(shù)據(jù)備份混亂狀況和領(lǐng)導(dǎo)提出備份全網(wǎng)數(shù)據(jù)的解決方案。
2.通過本地打包備份，然后rsync結(jié)合inotify應(yīng)用把全網(wǎng)數(shù)據(jù)統(tǒng)一備份到一個(gè)固定存儲服務(wù)器，然后在存儲服務(wù)器上通過腳本檢查并報(bào)警管理員備份結(jié)果。
3.定期將IDC機(jī)房的數(shù)據(jù)備份公司的內(nèi)部不服務(wù)器，防止機(jī)房地震及火災(zāi)問題導(dǎo)致數(shù)據(jù)丟失。

Rsync的工作方式：
最常用的：以守護(hù)進(jìn)程（socket）的方式傳輸數(shù)據(jù)（這個(gè)是rsync自身的重要功能）。
一般用推送

2.）實(shí)時(shí)復(fù)制

本地?cái)?shù)據(jù)傳輸模式（local-only mode）
/oldboy/ 與 /oldboy
/oldboy 表示oldboy目錄及oldboy目錄下面的內(nèi)容
/oldboy/ 只表示oldboy目錄下面的內(nèi)容
rsync /etc/hosts /opt/
rsync -avz /etc /opt/
--delete 復(fù)制的時(shí)候保持目標(biāo)與源目錄的內(nèi)容一模一樣
例子：# rsync -avz --delete /opt/ /tmp/

通過遠(yuǎn)程shell進(jìn)行數(shù)據(jù)傳輸
scp命令
例子：# scp -rP 22 /etc/ 172.16.1.31:/tmp
rsync命令 -v 詳細(xì)模式輸出 -z 傳輸時(shí)進(jìn)行壓縮 -a 以遞歸方式傳輸文件，并保持所有文件屬性

例子：# rsync -avz /etc/sysconfig 172.16.1.31:/tmp/ （推送，用的最多）

--bwlimit=RATE limit socket I/O bandwidth（案例：某DBA做數(shù)據(jù)同步，帶寬占滿，導(dǎo)致用戶無法訪問網(wǎng)站）

rsync服務(wù)端backup配置

[root@backup ~]# mkdir /backup
[root@backup ~]# useradd -s /sbin/nologin -M rsync
[root@backup ~]# chown -R rsync.rsync /backup
[root@backup ~]# ls -ld /backup
drwxr-xr-x 2 rsync rsync 4096 Jan 18 23:18 /backup
[root@backup ~]# echo 'rsync_backup:123456' >/etc/rsync.password
[root@backup ~]# cat /etc/rsync.password
rsync_backup:123456
[root@backup ~]# chmod 600 /etc/rsync.password
[root@backup ~]# ll /etc/rsync.password
-rw------- 1 root root 20 Jan 18 23:32 /etc/rsync.password

[root@backup ~]# vim /etc/rsyncd.conf
######rsync_config___start
#created by hkping 15:01 2018-5-27
##rsyncd.conf start##
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
[backup]
path = /backup/
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password

[root@backup /]# rsync --daemon
[root@backup ~]# ps -ef |grep rsync
root 24946 1 0 23:34 ? 00:00:00 rsync --daemonroot 24948 1787 0 23:34 pts/1 00:00:00 grep rsync
[root@backup ~]# ss -lntup |grep rsync
tcp LISTEN 0 5 :::873 ::: users:(("rsync",24946,5))
tcp LISTEN 0 5 :873 : users:(("rsync",24946,4))

客戶端
[root@nfs01 tmp]# echo '123456' > /etc/rsync.password
[root@nfs01 tmp]# chmod 600 /etc/rsync.password
[root@nfs01 tmp]# rsync -avzP /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password
sending incremental file list
sent 26 bytes received 8 bytes 68.00 bytes/sec
total size is 349 speedup is 10.26
[root@nfs01 /]# rsync -avzP --delete /tmp/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password #--delete 無差異同步

更改完/etc/rsyncd.conf配置文件后，重啟rsync --daemon
[root@backup ~]# killall rsync
[root@backup ~]# killall rsync
rsync: no process killed
[root@backup ~]# ps -ef|grep rsync
root 26693 26671 0 19:13 pts/0 00:00:00 grep rsync
[root@backup ~]# rsync --daemon
[root@backup ~]# ps -ef|grep rsync
root 26695 1 0 19:13 ? 00:00:00 rsync --daemon
root 26697 26671 0 19:13 pts/0 00:00:00 grep rsync

rsync配置多個(gè)模塊
[root@backup ~]# cat /etc/rsyncd.conf
######rsync_config___start
#created by oldboy 15:01 2007-6-5
#QQ 31333741 blog:http://oldboy.blog.51cto.com
##rsyncd.conf start##
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password

[backup]
path = /backup/
[nfsbackup]
path = /nfsbackup/

更改完/etc/rsyncd.conf配置文件后，重啟rsync --daemon，新建nfsbackup，更改目錄權(quán)限
[root@backup backup]# killall rsync
rsync: no process killed
[root@backup backup]# ps -ef|grep rsync
root 25681 1844 0 23:21 pts/0 00:00:00 grep rsync
[root@backup backup]# rsync --daemon
[root@backup /]# mkdir -p /nfsbackup
[root@backup /]# chown -R rsync.rsync /nfsbackup/
[root@backup /]# ll -d /nfsbackup/
drwxr-xr-x 2 rsync rsync 4096 May 27 23:35 /nfsbackup/

某公司里有一臺Web服務(wù)器，里面的數(shù)據(jù)很重要，但是如果硬盤壞了，數(shù)據(jù)就會丟失，現(xiàn)在領(lǐng)導(dǎo)要求你把數(shù)據(jù)在其他機(jī)器上做一個(gè)周期性定時(shí)備份。要求如下：每天晚上00點(diǎn)整在Web服務(wù)器A(web01)上打包備份網(wǎng)站程序目錄并通過rsync命令推送到服務(wù)器B(backup)上備份保留（備份思路可以是先在本地按日期打包，然后再利用rsync推到備份服務(wù)器上）。具體要求如下：
1)Web服務(wù)器A和備份服務(wù)器B的備份目錄必須都為/backup。2)Web服務(wù)器站點(diǎn)目錄假定為(/var/www/html)。3)Web服務(wù)器本地僅保留7天內(nèi)的備份。4)備份服務(wù)器上每周六的數(shù)據(jù)都保留，其他備份僅保留180天備份。
5)備份服務(wù)器上檢查備份結(jié)果是否正常，并將每天的備份結(jié)果發(fā)給管理員信箱。
rsync服務(wù)端
[root@backup ~]# killall rsync
[root@backup ~]# killall rsyncrsync
: no process killed
[root@backup ~]# rsync --daemon
[root@backup ~]#[root@backup ~]#[root@backup ~]# ps -ef |grep rsyncroot 26755 1 0 19:45 ? 00:00:00 rsync --daemonroot 26757 26671 0 19:45 pts/0 00:00:00 grep rsync
[root@backup ~]# cat /etc/rsyncd.conf######rsync_config___start#created by oldboy 15:01 2007-6-5 #QQ 31333741 blog:http://oldboy.blog.51cto.com##rsyncd.conf start##uid = rsyncgid = rsyncuse chroot = no max connections = 200 timeout = 300 pid file = /var/run/rsyncd.pidlock file = /var/run/rsync.locklog file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password

[backup]
path = /backup/

[root@backup ~]# ll /etc/rsync.password
-rw------- 1 root root 20 Jan 18 23:32 /etc/rsync.password
[root@backup ~]# cat /etc/rsync.password
rsync_backup:123456
[root@backup ~]# ll /backup/
total 0
[root@backup ~]#

[root@web01 ~]# echo '123456'>/etc/rsync.password
[root@web01 ~]# chmod 600 /etc/rsync.password
[root@web01 ~]# ll /etc/rsync.password
-rw------- 1 root root 7 Jan 19 19:50 /etc/rsync.password
[root@web01 ~]#
[root@web01 ~]#
[root@web01 ~]#
[root@web01 ~]#
[root@web01 ~]# rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup
--password-file=/etc/rsync.password
sending incremental file list
hosts

sent 196 bytes received 27 bytes 446.00 bytes/sectotal size is 349 speedup is 1.57
web01腳本
#backup file && conf
tar zchf /backup/web01-$(date +%F_%w).tar.gz /var/www/html/ /etc/rc.local /var/spool/cron/

#make md5sum
cd /backup/
md5sum web01-$(date +%F_%w).tar.gz >check.log

#rsync file to backup
rsync -avz /backup/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password

#delete 7 day ago
find /backup/ -type f -name "*.tar.gz" -mtime +7|xargs rm

#!/bin/bash
#desc: backup html && conf

Date=$(date +%F_%w)

#backup file && conf
cd / && \
tar zchf /backup/web01-${Date}.tar.gz var/www/html/ etc/rc.local var/spool/cron/

#make md5sum
cd /backup/ && \
md5sum web01-${Date}.tar.gz >check.log

#rsync file to backup
rsync -az /backup/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password

#delete 7 day ago
find /backup/ -type f -name "*.tar.gz" -mtime +7|xargs rm

backup 腳本
[root@backup backup]# cat /server/scripts/check.sh
#!/bin/bash

#del 180 day file keep every 6
find /backup/ -type f -name ".tar.gz" -mtime +180 ! -name "_6.tar.gz"|xargs rm

#check
cd /backup/ && md5sum -c check.log >/backup/result.log
if [ $? -ne 0 ];then

mail -s "md5sum wrong" 918391635@qq.com </backup/result.log
fi
#需要開啟postfix[root@backup backup]# /etc/init.d/postfix startStarting postfix: [ OK ][root@backup backup]# chkconfig postfix on
mail -s "md5sum wrong" kang50055@163.com </etc/hosts
[root@backup backup]# crontab -l |tail -2
#check & send result lee at 2017-01-01
00 03 * /bin/sh /server/scripts/check.sh >/dev/null 2>&1
圖片集合
中小型網(wǎng)站搭建---大酒店https://www.processon.com/view/link/5a5dfca1e4b05a8ff305c36f
老男孩教育-鏈接克隆與完整克隆區(qū)別https://www.processon.com/view/link/5a609837e4b0abe85d60af61
老男孩教育-rsync守護(hù)進(jìn)程模式部署流程https://www.processon.com/view/link/5a60b7f8e4b010a6e7231d10
老男孩教育-全網(wǎng)備份項(xiàng)目邏輯圖https://www.processon.com/view/link/5a61d763e4b05a8ff30e5df7

轉(zhuǎn)載于:https://blog.51cto.com/kang50055/2122282

《新程序員》：云原生和全面數(shù)字化實(shí)踐50位技術(shù)專家共同創(chuàng)作，文字、視頻、音頻交互閱讀

總結(jié)

以上是生活随笔為你收集整理的rsync的配置应用的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。