Shulou(Shulou.com)06/03 Report--

The specific requirements are as follows:

1) the backup directory of all servers must be / backup

2) system configuration files to be backed up include, but are not limited to:

a. Configuration file for scheduled task service (/ var/spool/cron/root) (suitable for web and nfs servers)

b. Self-boot configuration file (/ etc/rc.local) (suitable for web and nfs servers)

c. Directory of daily scripts (/ server/scripts)

d. Configuration file for firewall iptables (/ etc/sysconfig/iptables)

E.

3) the Web server site directory is assumed to be (/ var/html/www)

4) Web server An access log path is assumed to be (/ app/logs)

5) the Web server can keep the backup data for 7 days after packaging (local retention cannot be more than 7 days, because too many hard drives will be full)

6) on the backup server, keep all the copies of the data every Monday, and keep the copies of the data for 6 months.

7) the backup should be saved for the directory according to the private network IP of the backup data server, and the backup files should be saved according to the time name.

8) * need to ensure that the backup data is as complete and correct as possible, check the backup data on the backup server, and send the backup success and failure result information to the system administrator's mailbox.

PS1= "\ [\ e [32bot 1m\] [\ u@\ h\ W]\\ $\ [\ e[ 0m\]" > > / etc/bashrc # # small feature Optimization sed-i.bak 's@#UseDNS yes@UseDNSno@g;s@ ^ GSSAPIAuthentication yes@GSSAPIAuthentication no@g'/etc/ssh/sshd_config/etc/init.d/sshd reload

I. server configuration

01. Check if there is rsync software on the server.

Rpm-qa rsync

02. Start configuration

Vim / etc/rsyncd.confuid = rsyncgid = rsyncuse chroot = nomax connections = 200timeout = 300pid file = / var/run/rsyncd.pidlock file = / var/run/rsync.locklog file = / var/log/rsyncd.logignore errorsread only = nolist = nohosts allow = 10.0.0.0According to 24 # # external network-testing for not preparing the second network card auth users = rsync_backupsecrets file = / etc/ rsync.password [backup] path = / backup

03. Configuration required to build a rsync server

① useadd-s / sbin/nologin-M rsync ② echo "rsync_backup:123456" > > / etc/rsync.password ③ chmod 600 / etc/rsync.password ④ mkdir-p / backup ⑤ chown-R rsync.rsync / backup

04. Start rsync-####xinetd

Ps-ef | grep rsyncrsync-- daemonps-ef | grep rsync

05. Boot self-starting rsync service

Echo "rsync-- daemon" > > / etc/rc.local

II. Client configuration

Create a password file

Vim / etc/rync.password123456 description: the file path where the client stores the password is the same as that of the server, and the password must be the same.

02. Change password file permissions

Chmod 600 / etc/rync.passwordll / etc/rync.password

03. Testing

Rsync-avzP / etc/services rsync_backup@10.0.0.1::backup-- password-file=/etc/rsync.password

Third, the writing of client backup script

Warm note: in the remote connection, clone another window, perform the operation, and copy the tested commands to the script file to be written.

Create / backup backup directory

Mkdir-p / backup/$ (hostname-I | awk'{print $1}')

02. Compress backup data to / backup directory

Cd / & tar zcfh / backup/$ (hostname-I | awk'{print $1}') /\ ifconfig_backup_$ (date +% F_week0%w). Tar.gz var/spool/cron etc/rc.local\ server/scripts etc/sysconfig/iptables

03. Push the backup directory data to the rsync server-the one that pushes must let the rsync server know who did the push.

Rsync-az / backup/$ (hostname-I | awk'{print $1}') rsync_backup@10.0.0.1::backup\-- password-file=/etc/rsync.password

04. Delete backup data from 7 days ago

Find / backup/$ (hostname-I)-type f-mtime + 7 | xargs rm-f

Verify the backed-up data and add the corresponding fingerprint information

Find / backup/$ (hostname-I | awk'{print $1}') /\-type f-name "* $(date +% F_week0%name" * $(date +% F_week0%w) .tar.gz "\ | xargs md5sum > / backup/$ (hostname-I | awk'{print $1}') / falg_$ (date +% F_week0%w). Txt

06. Scripting

#! / bin/bash

IP=$ (hostname-I | awk'{print $1}')

Mkdir-p / backup/$IP & &\

# compress

Cd / & tar zcfh / backup/$IP/ifconfig_backup_$ (date +% F_week0%w). Tar.gz var/spool/cron etc/rc.local server/scripts etc/sysconfig/iptables & &\

# check falg

Find / backup/$IP/-type f-name "* $(date +% F_week0%w) .tar.gz" | xargs md5sum > / backup/$IP/falg_$ (date +% F_week0%w) .txt

# push info

Rsync-az / backup/$IP rsync_backup@10.0.0.1::backup-- password-file=/etc/rsync.password

# clear info

Find / backup/$IP/-type f-mtime + 7 | xargs rm-f

III. Client-side programming of scheduled tasks

Crontab- e#crontab-id:02-backup date00 00 * / bin/bash / server/scripts/backup.sh & > / dev/null

IV. Server-side scripting

01. Verify the integrity of the transmitted data

Cat falg_2017-05-06_week06.txtmd5sum-c falg_2017-05-06_week06.txt

02. Verify the integrity of the current day's data

[root@backup 10.0.0.2] # md5sum-c falg_$ (date +% F_week0%w) .txt

03. Inspection and optimization

[root@backup 10.0.0.2] # find / backup/-type f-name "* $(date +% F_week0%w) .txt"

Push the script to the web server

[root@nfs01 ~] # rsync-avzP / server/scripts/backup.sh root@10.0.0.3:/server/scripts/

05. The web server is pushed to the rsync server

[root@web01 ~] # mkdir-p / app/logs / var/html/www [root@web01 ~] # sh / server/scripts/backup.sh

06. Packing

Cd / & & tar zcfh / backup/$IP/www_backup_$ (date +% F_week0%w). Tar.gz var/html/www & &\ cd / & & tar zcfh / backup/$IP/app_log_backup_$ (date +% F_week0%w) .tar.gz app/logs

07. Mailbox configuration

Set from=

Set smtp=smtp.qq.com

Set smtp-auth-user=

Set smtp-auth-password=

Set smtp-auth=login

Set smtp-use-starttls

Set ssl-verify=ignore

Set nss-config-dir=/etc/pki/nssdb/ & > / dev/null

Set from=17600201416@163.com smtp=smtp.163.com

Set smtp-auth-user=17600201416 smtp-auth-password=sangfor123 smtp-auth=login

08. Scripting on rsync server

Vim / server/scripts/server_backup.sh

Find / backup-type f-name "* $(date +% F_week0%w) .txt" | xargs md5sum-c > / tmp/mails.txt

Mail-s "check data" xxxxxx@qq.com / dev/null

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.