自动化备份全网服务器数据平台
任务清单
项目环境搭建
[*] 可以使用iventoy网启安装3台centos7.9服务器
[*] 管理员模式启动iventoy:
[*] https://i-blog.csdnimg.cn/direct/a8a4d7c03ec1402fbadc1c9700e55345.png
[*] https://i-blog.csdnimg.cn/direct/d5ebf7292d6043999515e3ee64d994e5.png
[*] https://i-blog.csdnimg.cn/direct/342198565fad43f4ba097a8d97a4d5eb.png
[*] 【剩下两台机子以此类推】
[*] 按照规划,最小化摆设体系,
[*] 更换yum源:
[*] 删除本来yum源:
[*] rm -rf yum.repos.d/ https://i-blog.csdnimg.cn/direct/a1fc03a0023249599e07f175ff17b564.png
[*] 创建新的:
[*] mkdir/etc/yum.repos.d https://i-blog.csdnimg.cn/direct/c8d027c4a1074c0cbce751722a399bc6.png
[*]
[*] 关闭防火墙
https://i-blog.csdnimg.cn/direct/feda06ec4d4f4a91bf1e7fe21d6a4ea9.png
设置服务器名字:
https://i-blog.csdnimg.cn/direct/c51fe260645042df9dfc6cee059769c8.png
https://i-blog.csdnimg.cn/direct/703c60ded3c749c99e9c0960a6cd6a8e.png
[*] 禁用SELinux
[*] https://i-blog.csdnimg.cn/direct/c2dcc22148994b63966b6b4167eb28c0.png
[*] 确保可以大概联网。
[*] 摆设静态IP:
https://i-blog.csdnimg.cn/direct/3303c3d8d954423d8e26177e1f4001be.png
安装所需软件:
yum install vimtree tar net-tools rsync nfs-utils -y yum install epel-release -y 摆设网站:
yum install nginx -y https://i-blog.csdnimg.cn/direct/24174f88eeef4d7ba32b9fd03ae2bab6.png
https://i-blog.csdnimg.cn/direct/bdf15d2caba643bea59781f655b6543b.png
vim /etc/nginx/nginx.conf https://i-blog.csdnimg.cn/direct/82e786f49a1746dabe44bdbc7d1cbcbf.png
启动nginx:
systemctl start nginx 测试:
https://i-blog.csdnimg.cn/direct/00f64ae85dd84415ae69f567f3bf59a7.png
摆设nfs01:
安装须要软件:
yum install vimtree tar net-tools rsync -y yuminstallrpcbind-y yuminstallnfs-utils-y
创建共享文件包:
mkdir/nfsfile 测试:
echo"welcome to www.openlab.com" > /nfsfile/readme
https://i-blog.csdnimg.cn/direct/941e9fe5224b4675a3857669076bb3f4.png
启动软件:
【牢记启动顺序不可乱】
回到web01:
创建当地挂载目录:
mkdir/web_nfs 挂载:【堕落查看nfs的设定】
mount -t nfs192.168.12.201:/nfsfile/web_nfs
测试:
cd/web_nfs
https://i-blog.csdnimg.cn/direct/6c222a13a79d42a9840d8756eed6e5ca.png
mount https://i-blog.csdnimg.cn/direct/6b816ca1bc1d4fce8d520ad0cf3403ab.png
或者:
https://i-blog.csdnimg.cn/direct/92b24d754c694fc28bad0ef282f3a434.png
backup摆设:
安装须要软件:
yum install vimtree tar net-tools rsync mailx -y https://i-blog.csdnimg.cn/direct/35cbaf5ee3e642d1840a0567a18808c5.png
修改rsync软件的配置:
vim /etc/rsyncd.conf 删掉原有,直接粘贴:
uid = rsync # 用户
gid = rsync # 组
use chroot = no # 程序安全设置
max connections = 200 # 客户端连接数
timeout = 300 # 超时时间
pid file = /var/run/rsyncd.pid # 进程号文件位置
lock file = /var/run/rsync.lock # 进程锁
log file = /var/log/rsyncd.log # 日志文件
fake super = yes # 无需rsync以root身份运行,允许接受数据
path = /backup # 目录
ignore errors # 有错误时忽略
read only = false # 可读可写
list = false # 阻止远程列表
hosts allow = 192.168.88.0/24 # 允许IP
hosts deny = 0.0.0.0/32 # 禁止IP
auth users = rsync # 用于认证的账户
secrets file = /etc/rsync.password # 存放用户和密码的文件 我的:
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log fake super = yes
path = /backup
ignore errors
read only = false
list = false
hosts allow = 192.168.12.0/24
hosts deny = 0.0.0.0/32
auth users = rsync
secrets file = /etc/rsync.password
~ 账户的新建和备份目录新建:
useradd -M -s /sbin/nologin rsync mkdir /backup https://i-blog.csdnimg.cn/direct/80d36ece46a3442f8d41e4d23393ad0c.png
https://i-blog.csdnimg.cn/direct/f00acaa7bdab432e826e0f679223a3f9.png
递归:
chown -R rsync /backup 启动并开机启动:
systemctl enable --now rsyncd https://i-blog.csdnimg.cn/direct/88aa93e545dd4dcfb4683d21b27baf5f.png
检查:
https://i-blog.csdnimg.cn/direct/9915d602c49a4003aee458abfeb15bd3.png
密码配置:
建立密码文件:
echo "rsync:rsync123" > /etc/rsync.password https://i-blog.csdnimg.cn/direct/c80710a05ffa4da0886310e2fe34e913.png
权限:
chmod 600 /etc/rsync.password https://i-blog.csdnimg.cn/direct/f9904d72ab5d471e84dd2a4b84d6132b.png
配置备份脚本
web01:
rpm -q rsync
https://i-blog.csdnimg.cn/direct/1ccf41df691144b98220c72ce6a71ede.png
tree /www https://i-blog.csdnimg.cn/direct/f1343f7f489943e290c34b7c2ed1cc84.png
新建备份目录:
mkdir/backup 新建备份脚本:
mkdir -p/server/scripts
vim/server/scripts/backup.sh #!/bin/bash
# Date:2025-2-19
# Author:Andy
# Mail:andy@126.com
# Function: Regularly backup data from web servers
# Version: V1.0
Date=$(date +%F_Week0%w) # 定义时间方式
Host_IP=$(ifconfig ens32 | awk '/inet / {print $2}')# 获取IP,注意网卡名
Backup_Dir="/backup/" # 本地备份路径
Backup_Server_IP=192.168.12.202 # 备份服务器的IP
# 创建指定目录和IP的目录
[ ! -d $Backup_Dir/$Host_IP ] && mkdir -p $Backup_Dir/$Host_IP
# 输出提示信息
echo ${Date} ${Host_IP} start backup ......
Date=$(date +%F_Week0%w) # 定义时间方式
Host_IP=$(ifconfig ens32 | awk '/inet / {print $2}')# 获取IP,注意网卡名
Backup_Dir="/backup/" # 本地备份路径
Backup_Server_IP=192.168.12.202 # 备份服务器的IP
# 创建指定目录和IP的目录
[ ! -d $Backup_Dir/$Host_IP ] && mkdir -p $Backup_Dir/$Host_IP
# 输出提示信息
echo ${Date} ${Host_IP} start backup ......
# 把备份推送到备份服务器
rsync -az $Backup_Dir rsync@${Backup_Server_IP}::backup --password-file=/etc/rsync.password
# 删除7天以前的所有本地备份数据
find ${Backup_Dir:-/tmp} -type f -name "*.tar.gz" -a -name "*flag*" -mtime +7|xargs rm -f
echo "Local backup successful, the backup files have been pushed to the backup server"
# vim/server/scripts/backup.sh
# cat/server/scripts/backup.sh
#!/bin/bash
# Date:2025-4-11
# Author:Andy
# Mail:andy@126.com
# Function: Regularly backup data from web servers
# Version: V1.0
Date=$(date +%F_Week0%w) # 定义时间方式
Host_IP=$(ifconfig ens32 | awk '/inet / {print $2}')# 获取IP,注意网卡名
Backup_Dir="/backup/" # 本地备份路径
Backup_Server_IP=192.168.12.202 # 备份服务器的IP
# 创建指定目录和IP的目录
[ ! -d $Backup_Dir/$Host_IP ] && mkdir -p $Backup_Dir/$Host_IP
# 输出提示信息
echo ${Date} ${Host_IP} start backup ......
Date=$(date +%F_Week0%w) # 定义时间方式
Host_IP=$(ifconfig ens32 | awk '/inet / {print $2}')# 获取IP,注意网卡名
Backup_Dir="/backup/" # 本地备份路径
Backup_Server_IP=192.168.12.202 # 备份服务器的IP
# 创建指定目录和IP的目录
[ ! -d $Backup_Dir/$Host_IP ] && mkdir -p $Backup_Dir/$Host_IP
# 输出提示信息
echo ${Date} ${Host_IP} start backup ......
# 把备份推送到备份服务器
rsync -az $Backup_Dir rsync@${Backup_Server_IP}::backup --password-file=/etc/rsync.password
# 删除7天以前的所有本地备份数据
find ${Backup_Dir:-/tmp} -type f -name "*.tar.gz" -a -name "*flag*" -mtime +7|xargs rm -f
echo "Local backup successful, the backup files have been pushed to the backup server"
客户端建立认证的文件密码如下:
vim /etc/rsync.password https://i-blog.csdnimg.cn/direct/fc4c1ad02ba54ae4ba0da08feb805096.png
权限:
chmod 600 /etc/rsync.password 测试:
bash/server/scripts/backup.sh https://i-blog.csdnimg.cn/direct/b9014b9bc8b2426aab11e15c1a430b08.png
backup:
https://i-blog.csdnimg.cn/direct/9a5c9d84d1d440a2a7f180bf15a7367a.png
nfs01同上
设置定时任务:
web01下载软件:
yuminstallcrontabs 查看crontabs的状态:【一样平常体系中会自带】
https://i-blog.csdnimg.cn/direct/46ea4e6dde014248beeb771e6f979c07.png
设置定时任务:
web01:
编辑crontab文档:
https://i-blog.csdnimg.cn/direct/7bd7a11890a94b52abcea7c4552d33b2.png
nfs01:
同上:
https://i-blog.csdnimg.cn/direct/eea107a2913b4ec6870777f492953056.png
backup:
同上:
https://i-blog.csdnimg.cn/direct/2b6db481c6914146b81ef6038de03fd2.png
邮件设置backup:
创建目录:
mkdir/backup mkdir -p/server/scripts
【
[*] 强制创建多级目录,忽略已存在的情况。
[*] 这是脚本和一样平常操纵中的最佳实践,能有效避免路径缺失导致的错误。
】
进入设置文档:
vim/server/scripts/backup.sh #!/bin/bash
# Date:2025-4-12
# Author:Andy
# Mail:andy@126.com
# Function: Verify the integrity of backup files
# Version: V1.0
Date=$(date +%F_Week0%w)
Backup_Dir="/backup/"
Check_Log="/tmp/bak.log_$(date +%F)"
Admin_Mail=2701964360@qq.com
find $Backup_Dir -type f -name "${Date}.flag"|xargs md5sum -c >> $Check_Log
if [ -n "cat $Check_Log" ]
then
mail -s "$Date backup data info" $Admin_Mail < $Check_Log
else
echo "$Date backup data error,pls check it." > $Check_Log
mail -s "$Date backup data info" $Admin_Mail < $Check_Log
fi
cp $Check_Log{,.ori} && > $Check_Log
配置邮件告警功能:
backup安装发邮件的软件:
yuminstallmailx-y backup配置QQ邮箱ssl证书:
mkdir -p /root/.certs cd/root/.certs echo -n | openssl s_client -connect smtp.qq.com:465 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/.certs/qq.crt
certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt
certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt
certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ./ -i qq.crt 返回该内容为成功:
【Notice: Trust flag u is set automatically if the private key is present.】
https://i-blog.csdnimg.cn/direct/5af641c5a987427eaa8bc2edb2ceaa48.png
配置邮件文件:
vim/etc/mail.rc 修改文档:
set from= @qq.com
set smtp=smtps://smtp.qq.com:465 # ssl端口默认465
set smtp-auth-user= @qq.com
set smtp-auth-password= # 授权码
set smtp-auth=login
set nss-config-dir=/root/.certs/ # 设置证书路径
set ssl-verify=ignore # 启用加密ssl传输in https://i-blog.csdnimg.cn/direct/69cdab10d5964d5387f30e915b81c471.png
授权码:
QQ的授权码申请:
登录QQ邮箱--->打开设置--->进入账号与安全--->选择安全设置----如图选择生成授权码:
https://i-blog.csdnimg.cn/direct/f1671b4f63c84618b5f67c4166ed49a8.png
backup测试邮件:
echo"testmail"|mail-s"testmail" @qq.com https://i-blog.csdnimg.cn/direct/6f4573611ddd41ca8cb99430f150c6b1.png
测试成功:
https://i-blog.csdnimg.cn/direct/9df440d70af1488094beacb84274d92f.png
backup发送邮件:
bash /server/scripts/send_mail.sh 如图所示,则项目成功:
https://i-blog.csdnimg.cn/direct/5e8038b0562a435580475c22e514b363.png
易堕落点:
Web01的备份数据没有备份成功,在backup和web01中的存储备份的文件中没有应出现的数据
如图所示:
https://i-blog.csdnimg.cn/direct/f90392a45ef2414f833f328f98cbc701.png
https://i-blog.csdnimg.cn/direct/13c0c2ed7bb5446989ccf2796fbb4eb8.png
https://i-blog.csdnimg.cn/direct/9a82a028d96145058a7fef07e4e4ad8e.png
办理方案:
发现备份脚本有重复信息,删除备份脚本内容,重新输入并启动。备份文件中出现内容,备份成功。
https://i-blog.csdnimg.cn/direct/d883383dbdc84536bce587d3d37f4f41.png
https://i-blog.csdnimg.cn/direct/a14f1d80ca2646248c5ec390482e5eae.png
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。
页:
[1]