Shulou(Shulou.com)06/03 Report--

System version: CentOS 7

Kernel version: 3.10.0-957

Suppose the leader gives you a rsync network backup project.

1. Basic backup requirements

The hostnames of the three known servers are web01, backup and nfs01, respectively. The host information is shown in the following table:

Server description IP (NAT) intranet IP (NAT_LAN) host name nginx web server 10.0.0.7/24172.16.1.7/24web01NFS storage server 10.0.0.31/24172.16.1.31/24nfs01rsync backup server 10.0.0.41/24172.16.1.41/24backup

​ requires that the backup system configuration files, website program directory and access log should be packaged on the Web server at 00:00 sharp every night, and the backup on the backup server backup should be pushed and retained by the rsync command.

Consider and analyze the role of the project and make a brief implementation plan to meet and communicate with the leadership docking verification plan and the departments that need to be docked.

Implementation plan flow

Create a backup directory for the server = / backup==

System configuration files to be backed up

Configuration file for scheduled tasks = = (/ var/spool/cron/root) = = Boot configuration file = = (/ etc/rc.local) = = Firewall iptables configuration file = = (/ etc/sysconfig/iptables) = = directory of daily scripts = = (/ server/scripts) = = web server site directory = = (/ var/html/www) = = web server access log = = (/ app/logs) = = 7 days after the non-backup server is retained and packaged The data backup server retains data within 1 and 180 weeks to ensure that the backup data is as complete and correct as possible. Create a check package locally and verify data integrity on the server. Send the backup data results through = = email== to the system administrator mailbox to configure the server step 1: check the rsync service to see if the rsync service is installed rpm-qa rsync without rsync service install yum install-y rsync create backup directory mkdir / backup part II: edit service profile uid = rsync # virtual user-security Sexual gid = rsyncport = 873 # Port number fake super # masquerade superuser-administrator use chroot = no # Security related parameters max connections = 200 # maximum number of connections timeout = 300 # waiting user time pid file = / var/run/rsyncd.pid # The process number of the running status of the service lock file = / var/run/rsync.lock # combined with max connections to control the maximum number of links log file = / var/log/rsyncd.log # Service running log information ignore errors # ignore simple error messages Ensure transmission efficiency read only = false # specify whether the backup directory is read-only list = false # whether to turn on the list display module information hosts allow = 172.16.1.0 and24 # whitelist information hosts deny = 0.0.0.0Comp32 # blacklist information auth users = rsync_backup # authenticated user name Secrets file = / etc/rsync.password # authenticated user password file [backup] # module information (identifies a directory) comment = "welcome to backup" # module notes path = / backup # module points to the directory part III: create the required 1. Useradd-M-s / sbin/nologin rsync according to the configuration file requirements # create a virtual user 2. Echo "rsync_backup:oldboy123" > / etc/rsync.password # create an authenticated user password 3. Chmod / etc/rsync.password # password file set security permissions ★ 4. Mkdir / backup # create backup data directory 5. Chown rsync.rsync / backup/ # modify the file to belong to the master group to configure the text The specified user 6. Systemctl start rsyncd # starts the service program 7. Systemctl enable rsyncd # sets the service program to boot automatically step 4: configure the mail service 1. Yum install-y mailx2. Vim / etc/mail.rc # add the following. Feel free to locate the set from=QQ number @ qq.com # mailbox. Take QQ as an example. The third party authorization code set smtp-auth=login3 in the set smtp=smtp.qq.comset smtp-auth-user=QQ number @ qq.comset smtp-auth-password=QQ setting. Systemctl restart postfix.service # restart mail service 4. Echo "hello" | mailx-s "test" qq number @ qq.com configuration client step 1: test backup data rsync-avz / etc/hosts rsync_backup@172.16.1.41::backup part 2: create an authenticated user password file chmod / etc/rsync.password # set a security permission for password files rsync-avz / oldboy/ rsync_backup@172.16.1.41::backup-- password-file=/etc/rsync.password # to achieve non-interactive transfer

Write a script

Web website server

Web client script writing: mkdir-p / server/scripts mkdir / etc/sysconfig/iptablesmkdir-p / var/html/www mkdir / app/logs # environment prepares cd / server/scriptsvim webpages backup.shemaking binds bashipballs $(hostname-I) name=$ (hostname) date=$ (date +% Flying% w-d "- 1 day") mkdir-p / backup/$ip# packaged configuration file tar zcnPf / backup/$ip/$ {name} _ config_ ${date} .tar.gz / var/spool/cron/root / etc/rc.local / server/scripts & > / dev/null# packaged site directory tar zcnPf / backup/$ip/$ {name} _ www_$ {date} .tar.gz / var/html/www & > / dev/null# packaged website access log tar zcnPf / backup/$ip/$ {name} _ log_$ {date} .tar.gz / app/logs & > / dev/null# creation Data verification information md5sum $(find / backup/$ip-type f-mmin-15) > / backup/md5_$ {name} .log # upload data to the backup server rsync-avz / backup/ rsync_backup@172.16.1.41::backup-- password-file=/etc/rsync.password# packets find / backup-type f-mtime + 7-delete + 7-delete & > / dev/nullchmod 700 / server/scripts/web_backup.shcrontab- E # add 0 * / bin/bash / server/scripts/web_backup.sh to scheduled tasks

Nfs storage server

Nfs customer single script is written: mkdir-p / server/scripts mkdir / etc/sysconfig/iptablescd / server/scriptsvim nfscustomers backup.shroud packaging configuration file tar zcnPf / backup/$ip/$ {name} _ config_$ {date} .tar.gz / var/spool/cron/root / etc/rc.local / server/scripts & > / dev/null# creation data verification information md5sum $(find / backup/$ip-type f-mmin-15) > / backup/md5_$ {name} .log # upload data to the backup server rsync-avz / backup/ rsync_backup@172.16.1.41::backup-- password-file=/etc/rsync.password# packets find / backup-type f-mtime + 7-delete & > / dev/nullchmod 700 / delete ontology for more than 7 days Server/scripts/nfs_backup.shcrontab-e # adds 0 * / bin/bash / server/scripts/nfs_backup.sh to scheduled tasks

Backup backup server

The backup server script mkdir-p / server/scriptsvim / server _

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.