环境准备
| 主机名 |
安装服务 |
wan |
lan |
| web01 |
nfs客户端 |
10.0.0.7 |
172.16.1.7 |
| web02 |
nfs客户端 |
10.0.0.8 |
172.16.1.8 |
| nfs |
nfs服务端 |
10.0.0.9 |
172.16.1.9 |
| backup |
backup服务端 |
10.0.0.41 |
172.16.1.41 |
流程分析
1.安装ansible
2.优化ansible
3.推送公钥
4.开启防火墙
5.开启80 443 873 nfs等端口和服务白名单
6.关闭selinux
7.创建同一的用户
1.安装nfs-utils
2.拷贝nfs配置文件
3.创建共享目录
4.启动nfs服务端
1.在nfs服务端安装sersync
2.拷贝sersync配置文件到nfs服务端
3.nfs服务端配置rsync密码文件
4.启动sersync
主机清单
mkdir /root/ansible/nfs -p &&
vim ansible/nfs/hosts
[web_group]
web01 ansible_ssh_host=172.16.1.7 asible_ssh_user=root ansible_ssh_port=22
web02 ansible_ssh_host=172.16.1.8 asible_ssh_user=root ansible_ssh_port=22
[nfs_group]
nfs ansible_ssh_host=172.16.1.31 asible_ssh_user=root ansible_ssh_port=22
[backup_group]
backup ansible_ssh_host=172.16.1.41 asible_ssh_user=root ansible_ssh_port=22
nfs配置文件
vim /root/ansible/nfs/exports
/wordpress_backup 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
sersync配置文件
[root@nfs ~]# vim /root/ansible/nfs/sersync.conf
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*).svn"></exclude>
<exclude expression="(.*).gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<!-- inotify监控的事件,true为监控,false为不监控 -->
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<!-- 监控的目录和rsync服务器的IP地址,rsync的模块名称 -->
<localpath watch="/data">
<remote ip="172.16.1.41" name="backup"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<!--rsync推送的选项-->
<commonParams params="-az"/>
<!--是否开启认证,认证模块的用户名,用于认证的本地密码配置文件-->
<auth start="true" users="backup" passwordfile="/etc/rsync.passwd"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*).php"/>
<include expression="(.*).sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
yml
vim /root/ansible/nfs/nfs.yml
- hosts: all
tasks:
- name: Install nfs nfs-utils
yum:
name: nfs-utils
state: present
when: ansible_fqdn is match 'nfs*'
- name: Install web nfs-utils
yum:
name: nfs-utils
state: present
when: ansible_fqdn is match 'web*'
- name: content NFS Server
copy:
content: "/data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
"
dest: /etc/exports
owner: root
group: root
mode: 0644
when: ansible_fqdn is match 'nfs*'
- name: Create data Directory
file:
path: "{{ item }}"
state: directory
owner: www
group: www
mode: 0755
recurse: yes
with_items:
- "/data"
- "/data/wordpress"
- "/data/WeCenter"
when: ansible_fqdn is match 'nfs*'
- name: wget rsync
shell: "wget http://test.driverzeng.com/other/sersync2.5.4_64bit_binary_stable_final.tar.gz"
- name: jieya sersync
unarchive:
src: /root/sersync2.5.4_64bit_binary_stable_final.tar.gz
dest: /root
copy: no
when: ansible_fqdn is match 'nfs*'
- name: gaiming
shell: "mv /root/GNU-Linux-x86 /usr/local/sersync"
when: ansible_fqdn is match 'nfs*'
ignore_errors: yes
- name: copy sersync.conf
copy:
src: /root/ansible/nfs/sersync.conf
dest: /usr/local/sersync/confxml.xml
backup: yes
when: ansible_fqdn is match 'nfs*'
- name: Start NFS Server
systemd:
name: nfs-server
state: started
enabled: yes
when: ansible_fqdn is match 'nfs*'
- name: Start NFS Server
systemd:
name: nfs-server
state: started
enabled: yes
when: ansible_fqdn is match 'web*'
- name: content NFS Server
copy:
content: "123
"
dest: /etc/rsync.passwd
owner: root
group: root
mode: 0600
when: ansible_fqdn is match 'nfs*'
- name: start sersync
shell: /usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml
when: ansible_fqdn is match 'nfs*'
- name: Mount NFS Server
mount:
path: /opt
src: 172.16.1.31:/data
fstype: nfs
opts: defaults
state: mounted
when: ansible_fqdn is match 'web*'
执行
1.执行base.yml
[root@m01 ~]# ansible-playbook ansible/base.yml
2.执行rsync.yml
[root@m01 ~]# ansible-playbook ansible/nfs/nfs.yml -i /root/ansible/nfs/hosts