This article has participated in the activity of “New person creation Ceremony”, and started the road of digging gold creation together.
Disclaimer: This article is the original version of “Operation and Maintenance home”, please indicate the source of reprint, more content please pay attention to the public account “Operation and maintenance home”.
keynote
The purpose of this paper is to solve the problem of directory difference between two servers, that is, any content can be written or deleted from the specified directory on two servers A and B, and will be synchronized to the other server, that is, to achieve file storage and high availability of reading.
The environment
Server information:
Node - "2.168.93.139 2.168.93.140 node - the childrenCopy the codeUsername and Password:
root/666666
Copy the codeSync directory:
/home/jier
Copy the codeVIP address:
192.168.93.200
Copy the codeSoftware covered by this document:
rsync
lsyncd
keepalived
sftp
Copy the codepreparation
Disable the firewall and Selinux on both servers.
[root@localhost jier]# systemctl stop firewalld.service [root@localhost jier]# systemctl disable firewalld.service Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@localhost jier]# setenforce 0 # SELINUX=disabled [root@localhost jier]# vim /etc/selinux/config [root@localhost jier]# iptables -fCopy the codeDeploy Rsync
PS: Install the node on both Node-1 and Node-2.
1.1 install rsync
PS: Rsync is installed on all Linux servers by default. If rsync is not installed, run the following command to install it.
The RPM - qa | grep rsync # check rsync install yum - y install rsync xinetd # if not please follow the ordersCopy the code1.2 Creating a User
PS: I am using the root user here, so I do not create one. The specific operation process can be configured based on the actual situation.
[root@loaclhost ~]# userAdd user name # Create user name [root@loaclhost ~]# passwd User name # Configure password for userCopy the code1.3 Creating related Directories
[root@localhost ~]# mkdir -pv /root/rsync/log mkdir The directory "/root/rsync/log" has been created [root@localhost ~]# mkdir -pv /home/jier mkdir: the directory "/home/jier" has been created [root@localhost ~]#Copy the code1.4 Modifying the Rsync Configuration File
Path: / etc/rsyncd. Conf
PS: hosts allow specifies the IP address that node-1 writes to node-2, and node-2 writes to Node-1.
Uid = root gid = root # lock directory use chroot = no # Max connections = 10000 # port = 873 lock file = /root/rsync/rsync.lock log file = /root/rsync/log/rsyncd.log motd file = /root/rsync/rsyncd.motd pid file = Read only = no # Module name [ceshi] # specified directory path = /home/jier # Read only = no # Authorized user auth Users = root # authorized IP hosts allow = 192.168.93.140/32 # Authorized user password secrets file = /root/.rsync_server.passwdCopy the code1.5 Create and authorize a Password file
[root@localhost ~]# vim /root/.rsync_server.passwd root:666666 :wq [root@localhost ~]# chmod 600 /root/.rsync_client.passwd 666666 :wqCopy the code1.6 Starting the Service
/ root @ localhost ~ # rsync daemon/root @ localhost ~ # - netstat tunlp | grep TCP 873 0 0 0.0.0.0:873 0.0.0.0: * LISTEN 2320/rsync tcp6 0 0 :::873 :::* LISTEN 2320/rsync [root@localhost ~]#Copy the code1.7 Testing the installation result
[root@localhost jier]# cd /home/jier/
[root@localhost jier]# echo 111 > 1.txt
[root@localhost jier]# rsync -avzcR --port=873 --password-file=/root/.rsync_client.passwd 1.txt [email protected]::ceshi
sending incremental file list
1.txt
sent 108 bytes received 35 bytes 95.33 bytes/sec
total size is 4 speedup is 0.03
[root@localhost jier]#
Copy the codeLog in to the directory of another server to view the information.
[root@localhost jier]# pwd
/home/jier
[root@localhost jier]# ls
1.txt
[root@localhost jier]# cat 1.txt
111
[root@localhost jier]#
Copy the codeDeploy lsyncd
2.1 installation lsyncd
PS: Install the node on both Node-1 and Node-2.
[root@localhost ~]# yum -y install epel-release # yum -y install epel-release # [root@localhost ~]# yum -y install lsyncd # yum -y install lsyncdCopy the code2.2 Lsyncd Configuration file
PS: You need to debug on both Nodes.
settings { logfile ="/var/log/lsyncd/lsyncd.log", statusFile ="/var/log/lsyncd/lsyncd.status", inotifyMode = "CloseWrite or Modify", maxProcesses = 7, -- nodaemon =true, } sync { default.rsync, Source =" /home/jier", target =" [email protected]::ceshi", delete="running", exclude = {".*", ".tmp"}, delay = 1, rsync = { binary = "/usr/bin/rsync", archive = true, compress = true, verbose = true, password_file = "/root/.rsync_client.passwd", _extra = {"--bwlimit=200"} } }Copy the codeParameter Description:
Logfile: defines a logfile. StatusFile: defines a statusFile. Nodaemon =no: disables the daemon mode. The interval at which lsyncd state is written to the statusFile above. Default: 10 seconds inotifyMode: Specifies the events monitored by inotify. The default is CloseWrite. It can also be Modify or CloseWrite or Modify maxProcesses: the maximum number of synchronized processes. Rysnc processes, which can be synchronized at any time without delays, must be processed by maxProcesses = 8. These processes can be synchronized at any time without delays. Define synchronization parameters rsync, rsyncssh, and direct in three modes: default.rsync: To synchronize files between local directories, use rsync to achieve remote rsync in SSH mode or connect to the remote Rsyncd process in daemon mode. Default. direct: To synchronize files between local directories, run cp and rm to back up differential files. Source: Indicates the source directory to be synchronized. The absolute path is used. Target: specifies the destination address: / TMP /dest: Local directory synchronization, can be used to direct and rsync mode 192.168.93.140: / home/jier: synchronous to the remote server directory, and can be used for rsync rsyncssh mode 192.168.93.140: : ceshi: Init: This is an optimization option. If init = false, only files that have changed since the process started will be synchronized. The original directory will not be synchronized even if there are differences. The default value is true delay: indicates the delay time of cumulative events waiting for rsync. The default value is 15 seconds (a maximum of 1000 events that cannot be combined). That is, changes in the monitored directory within 15 seconds are accumulated to rsync to avoid frequent synchronization. (Mergable means that the same file has been modified twice within 15s and only the latest file is synchronized at the end.) Exclude options. Specify the LIST file to exclude, for example, excludeFrom = "/etc/lsyncd.exclude". Exclude = LIST for simple exclusion. The exclusion rule is written a little differently than in the native rsync, which is simpler: any part of the monitor path that matches a text is excluded. For example, /bin/foo/bar can match rule foo if the rule begins with a slash /, then match all if the rule ends with a slash. Matches any character, but not / * matches 0 or more characters, but not / ** matches 0 or more characters, which can be/delete to keep target in full sync with Souce, Lsyncd defaults to delete = true to allow synchronous deletion. Bwlimit: indicates the speed limit in KB /s, the same as rsync (this important option is not listed in the documentation). Compress: Compress transmission the default value is true. Consider setting it to false for local directory synchronization as a trade-off between bandwidth and CPU load. Perms: reserved file permissions by default.Copy the code2.3 start lsyncd
[root@localhost ~]# systemctl start lsyncd [root@localhost ~]# systemctl status lsyncd ● lsyncd.service - Live Syncing (Mirror) Daemon Loaded: loaded (/usr/lib/systemd/system/lsyncd.service; disabled; Vendor PRESET: Disabled) Active: Active (running) since 22022-01-18 09:52:51 CST; 5min ago Main PID: 1772 (lsyncd) CGroup: / system. Slice/lsyncd service └ ─ 1772 / usr/bin/lsyncd nodaemon/etc/lsyncd. Conf January 18 09:52:51 localhost. Localdomain [1]: Started Live Syncing (Mirror) Daemon. 1月 18 09:52:51 localhost. Starting Live Syncing (Mirror) Daemon... 1月 18 09:52:51 localhost. Localhost lsyncd[1772]: Incremental file list 1月 18 09:52:51 localhost. Localdomain lsyncd[1772]: 1月 18 09:52:51 localhost. Localdomain lsyncd[1772]: Sent 171 bytes received 35 bytes 412.00 bytes/ SEC 1月 18 09:52:51 localhost. Localdomain lsyncd[1772]: Total size is 16 speedup is 0.08 1月 18 09:54:03 localhost. Localdomain lsyncd[1772]: Incremental file list 1月 18 09:54:03 localhost. Localdomain lsyncd[1772]: Sent 156 bytes received 12 bytes 336.00 bytes/ SEC 1月 18 09:54:03 localhost. Localdomain lsyncd[1772]: Total size is 11 speedup is 0.07 [root@localhost ~]#Copy the codeVerify that you can create different files in the /home/jier directory on both servers at the same time.
PS: If your business has only new requirements and no deletion action, then this is the end; But if there are deletions, you still need to look at the following.
Third, keepalived
PS: Perform the following operations on node-1 and Node-2
PS: This program needs to be used with FTP, that is, the program is called by calling the VIP address (192.168.93.200).
3.1 build keepalived
[root@localhost ~]# yum -y install keepalived
Copy the code3.2 Deploying monitoring Scripts
[root@localhost ~]# mkdir -pv /home/script/ mkdir: [root@localhost ~]# [root@localhost ~]# vim /home/script/check_VIp.sh #! IP/bin/bash a | grep 192.168.93.200 if [$? - eq 0]; then PROGRAM=$(ps -ef | grep -w lsyncd | grep -v grep | wc -l) if [ "${PROGRAM}" -eq 0 ]; then systemctl start lsyncd else echo 1 fi else systemctl stop lsyncd fi [root@localhost ~]# chmod +x /home/script/check_vip.sh [root@localhost ~]#Copy the code3.3 Adjusting Configurations
[root @ localhost jier] # vim/etc/keepalived/keepalived conf # to delete all the contents in this file! Configuration File for keepalived global_defs {# script_user root enable_script_security} vrrp_script check_vip { script "/home/script/check_vip.sh" interval 1 weight 2 } vrrp_instance VI_1 { state BACKUP interface ens33 # Virtual_router_id 9 Priority 10 # Must be more than 50 different from that of the other server. 90 advert_int 1 track_script {check_vip} virtual_ipaddress {192.168.93.200}}Copy the code3.4 Starting the Service
[root@localhost jier]# systemctl start keepalived [root@localhost jier]# ps -ef | grep keepalived root 44776 1 0 10:41 ? 00:00:00 /usr/sbin/keepalived -D root 44777 44776 0 10:41 ? 00:00:00 /usr/sbin/keepalived -D root 44778 44776 0 10:41 ? 00:00:00 /usr/sbin/keepalived -D root 44816 44024 0 10:41 pts/0 00:00:00 grep --color=auto keepalived [root@localhost Jier]# systemctl status keepalived ● keepalived. Service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; Vendor PRESET: Disabled) Active: Active (running) since 22022-01-18 10:41:06 CST; 14s ago Process: 44775 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 44776 (keepalived) CGroup: / system. Slice/keepalived service ├ ─ 44776 / usr/sbin/keepalived -d ├ ─ 44777 / usr/sbin/keepalived -d └ ─ 44778 /usr/sbin/keepalived_vrrp -d 1月 18 10:41:11 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:11 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:11 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:11 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:16 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:16 localhost. Localdomain Keepalived_vrrp[44778]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.93.200 1月 18 10:41:16 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:16 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:16 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 1月 18 10:41:16 localhost. Localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200 [root@localhost jier]#Copy the codeAt this point, the scaffolding document is complete.