^-^
NFS和备份服务
  1. Rsync服务端部署
    1. 概览
    2. 文件
      1. tasks
      2. handlers
      3. templates
      4. files
      5. vars
  2. Rsync客户端定时备份部署
    1. 概览
    2. 文件
      1. tasks
      2. files
  3. NFS部署+Sersync实时备份部署
    1. 概览
    2. 文件(nfs_deploy)
      1. tasks
      2. handlers
      3. templates
      4. vars
    3. 文件(real_time_backup)
      1. tasks
      2. handlers
      3. files
      4. templates
      5. vars

Rsync服务端部署

概览

入口文件

1
2
3
4
5
6
7
8
9
---

- name: rsync_deploy
  hosts: backup
  remote_user: dengpangpang
  become: true
  become_method: sudo
  roles:
    - rsync_deploy

角色目录结构

1
2
3
4
5
6
7
8
9
10
11
12
|root@m01 rsync_deploy|$ tree -F
.
├── files/
│   └── rsyncd.password
├── handlers/
│   └── main.yml
├── tasks/
│   └── main.yml
├── templates/
│   └── rsyncd.conf.j2
└── vars/
    └── main.yml

文件

tasks

main.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
---

- name: Install rsync
  yum: name=rsync state=present

- name: Create rsync user and group
  user:
    name: "{{ rsync_user }}"
    comment: rsync_user
    group: "{{ rsync_group }}"
    create_home: false
    state: present

- name: Create backup and nfs data directory
  file: 
    path: "{{ item }}"
    owner: "{{ rsync_user }}"
    group: "{{ rsync_group }}"
    state: directory
  loop: 
    - "{{ web_backup_dir }}"
    - "{{ nfs_data_dir }}"

- name: Distribute rysncd conf
  template:
    src: rsyncd.conf.j2
    dest: /etc/rsyncd.conf
  notify:
    - restart rsyncd

- name: Distribute rsync password_file
  copy:
    src: rsyncd.password
    dest: /etc/rsyncd.password
    mode: '600'
  notify:
    - restart rsyncd

- name: Start rsyncd
  service: name=rsyncd enabled=true state=started

handlers

main.yml

1
2
3
4
5
---

- name: restart rsyncd
  service: name=rsyncd state=restarted

templates

rsyncd.conf.j2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 uid = rsync
 gid = rsync
 read only = false
 fake super = yes
 max connections = 200
 pid file = /var/run/rsyncd.pid
 exclude = lost+found/
 timeout = 900
 log file = /var/log/rsyncd.log
 secrets file = /etc/rsyncd.password
 lock file = /var/run/rsyncd.lock
 auth users = rsync
# dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2

{# 用于web服务器定时备份 #}
[{{ rsync_web_backup_module }}]
	path = {{ web_backup_dir }}
	comment = web backup dir
	
{# 用于nfs服务器实时备份 #}
[{{ rsync_nfs_data_module }}]
	path = {{ nfs_data_dir }}
	comment = nfs backup dir

files

rsyncd.password

1
rsync:123456

vars

main.yml

1
2
3
4
5
6
rsync_web_backup_module: web_backup
rsync_nfs_data_module: nfs_data
web_backup_dir: /backup
nfs_data_dir: /data
rsync_user: rsync
rsync_group: rsync

Rsync客户端定时备份部署

概览

入口文件

1
2
3
4
5
6
7
8
9
10
---

- name: client_backup
  hosts: web
  remote_user: dengpangpang
  become: true
  become_method: sudo
  roles:
    - client_backup

角色目录结构

1
2
3
4
5
6
7
8
|root@m01 client_backup|$ tree -F
.
├── files/
│   ├── backup.sh
│   └── rsyncd.password
├── tasks/
    └── main.yml

文件

tasks

main.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
---

- name: Install rysnc
  yum: name=rsync state=present

- name: Distribute rsync password file
  copy: 
    src: rsyncd.password
    dest: /etc/rsyncd.password
    mode: '600'

- name: create backup directory
  file:
    path: /backup
    state: directory

- name: Distribute backup script
  copy:
    src: backup.sh
    dest: /server/scripts/
    mode: '755'

- name: Create crontab
  cron: 
    name: timing backup
    job: '/bin/sh /server/scripts/backup.sh &>/dev/null'
    minute: '50'
    hour: '01'
    state: present

files

backup.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/bin/bash
# 本机备份路径
backup="/backup"
# 以主机IP地址命名的文件夹
path="/backup/$(hostname -i)"
# 如果不存在此文件夹则创建文件夹
[ -f $path ] || mkdir -p $path
# 判断是不是周一
if [ $(date +%w -eq 2)];then
    date="$(date +%F -d -1day)_week1"
else
    date="$(date +%F -d -1day)"
fi
# 进入此文件夹
cd $path
# 将配置文件和脚本打包进一个压缩包
tar -cvhf conf_${date}.tar.gz /var/spool/cron/root /etc/rc.d/rc.local  /server/scripts 2>/dev/null
# 将站点目录打包进一个压缩包
tar -cvf www_${date}.tar.gz /var/html/www 2>/dev/null
# 将app日志打包进一个压缩包
tar -cvf logs_${date}.tar.gz /app/logs 2>/dev/null
# 获取所有打包文件的原始指纹
find $path -type f -name "*_${date}.tar.gz" | xargs md5sum > $path/$(hostname -i)_fingerprint_${date}.log
# 推送
rsync -avz $backup/ rsync@backup::backup --password-file=/etc/rsyncd.password
# 删除7天前的备份
find $backup/ -type f -name "*.tar.gz" -mtime +7 -o -name "*.log" -mtime +7 | xargs rm -f

rsyncd.password

1
123456

NFS部署+Sersync实时备份部署

概览

入口文件

1
2
3
4
5
6
7
8
9
10
11
12
|root@m01 ansible|$ cat nfs_and_sersync.yml 

---

- name: nfs and sersync
  hosts: nfs
  remote_user: dengpangpang
  become: true
  become_method: sudo
  roles:
    - nfs_deploy
    - real_time_backup

角色目录结构

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|root@m01 ansible|$ tree -F

 ├── nfs_deploy/
     ├── files/
     ├── handlers/
     │   └── main.yml
     ├── tasks/
     │   └── main.yml
     ├── templates/
     │   └── exports.j2
     └── vars/
         └── main.yml
         
 ├── real_time_backup/
     ├── files/
     │   ├── rsyncd.password
     │   └── sersync2.5.4_64bit_binary_stable_final.tar.gz
     ├── handlers/
     │   └── main.yml
     ├── tasks/
     │   └── main.yml
     ├── templates/
     │   └── confxml.xml.j2
     └── vars/
         └── main.yml

文件(nfs_deploy)

tasks

main.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
---

- name: Install nfs-utils rpcbind
  yum: 
    name: [ 'nfs-utils', 'rpcbind' ] 
    state: present

- name: Create shared directories
  file: 
    path: "{{ item }}"
    owner: nfsnobody
    group: nfsnobody
    state: directory
    recurse: true
  with_items: 
    - "{{ php_static_dir }}"
    - "{{ tomcat_static_dir }}"

- name: Distribute nfs exports
  template:
    src: exports.j2 
    dest: /etc/exports
  notify:
    - reload exports

- name: start rpcbind service
  service: name=rpcbind state=started enabled=true
  
- name: start nfs-server
  service: name=nfs-server state=started enabled=true

handlers

main.yml

1
2
3
4
5
---

- name: reload exports
  command: 'exportfs -r'

templates

exports.j2

1
2
{{ php_static_dir }} {{ ip_segment }}(rw)
{{ tomcat_static_dir }} {{ ip_segment }}(rw)

vars

main.yml

1
2
3
ip_segment: 192.168.110.0/24
php_static_dir: /data/php/
tomcat_static_dir: /data/tomcat/

文件(real_time_backup)

tasks

main.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
---

- name: Install rysnc
  yum: name=rsync state=present

- name: Distribute rsync password file
  copy: 
    src: rsyncd.password
    dest: /etc/rsyncd.password
    mode: '600'

- name: Create real_time sync directory
  file:
    path: "{{ nfs_data_dir }}"
    state: directory

- name: Create tools directory
  file:
    path: /server/tools/
    recurse: true
    state: directory

- name: Unarchive package
  unarchive:
    src: sersync2.5.4_64bit_binary_stable_final.tar.gz
    dest: /server/tools/

- name: Distribute sersync conf
  template:
    src: confxml.xml.j2
    dest: /server/tools/GNU-Linux-x86/confxml.xml
  notify:
    - start sersync

handlers

main.yml

1
2
3
4
5
---

- name: start sersync
  shell: "/server/tools/GNU-Linux-x86/sersync2 -r -o /server/tools/GNU-Linux-x86/confxml.xml -d"

files

rsyncd.password

1
123456

sersync2.5.4_64bit_binary_stable_final.tar.gz

1
下载地址:https://github.com/wsgzao/sersync/blob/master/sersync2.5.4_64bit_binary_stable_final.tar.gz

templates

confxml.xml.j2 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
    <host hostip="localhost" port="{{ sersync_port }}"></host>
    <debug start="false"/>
    <fileSystem xfs="false"/>
<!--过滤功能,排除指定的文件不进行复制-->
    <filter start="false">
    <exclude expression="(.*)\.svn"></exclude>
    <exclude expression="(.*)\.gz"></exclude>
    <exclude expression="^info/*"></exclude>
    <exclude expression="^static/*"></exclude>
    </filter>
<!--过滤功能结束-->
<!--监控指定事件信息-->
    <inotify>
    <delete start="true"/>
    <createFolder start="true"/>
    <createFile start="false"/>
    <closeWrite start="true"/>
    <moveFrom start="true"/>
    <moveTo start="true"/>
    <attrib start="false"/>
    <modify start="false"/>
    </inotify>
<!--监控指定事件信息结束-->
<!--sersync主要参数配置-->
    <sersync>
    <localpath watch="{{ nfs_data_dir }}">					    <!--监控的本地目录-->
        <remote ip="{{ backup_host_ip }}" name="{{ rsync_nfs_data_module }}"/>	    <!--远程备份服务器的IP和模块名,下面可以添加多台-->
        <!--<remote ip="192.168.8.39" name="tongbu"/>-->
    </localpath>
    <rsync>
        <commonParams params="-artuz"/>					<!--rsync的命令行参数-->
        <auth start="true" users="{{ rsync_user }}" passwordfile="/etc/rsyncd.password"/>	<!--认证用户和密码文件-->
        <userDefinedPort start="false" port="874"/>		<!-- 支持修改端口 -->
        <timeout start="false" time="100"/>				<!-- 超时时间t=100 -->
        <ssh start="false"/>							<!--支持ssh通道-->
    </rsync>
    <failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
    <crontab start="false" schedule="600">				<!--定时任务部分配置-->
        <crontabfilter start="false">
        <exclude expression="*.php"></exclude>
        <exclude expression="info/*"></exclude>
        </crontabfilter>
    </crontab>
    <plugin start="false" name="command"/>
    </sersync>
<!--sersync主要参数配置结束-->
    <plugin name="command">			<!--脚本部分配置-->
    <param prefix="/bin/sh" suffix="" ignoreError="true"/>	<!--prefix /opt/tongbu/mmm.sh suffix-->
    <filter start="false">
        <include expression="(.*)\.php"/>
        <include expression="(.*)\.sh"/>
    </filter>
    </plugin>
</head>

vars

main.yml

1
2
3
4
5
sersync_port: "8008"
rsync_nfs_data_module: nfs_data
backup_host_ip: 192.168.110.142
nfs_data_dir: /data
rsync_user: rsync
2023-12-09 该篇文章被 邓胖胖 打上标签: Ansible剧本 归为分类: 工作笔记