剧本实现一键完成搭建web、nfs、backup.

环境准备：五台服务器：web01,web02,nfs,rsync,m01...IP分别是：172.16.1.7，8，31，41，61.

要求实现:nfs共享目录/data给两台web服务器。

        可以全网备份重要文件到rsync_backup

        实时监控nfs，推送到备份服务器rsync。

具体操作如下：：：

1、配置m01管理机：

vim benji.sh

#!/bin/sh

yum install openssh openssl -y &&\

systemctl restart sshd &&\

systemctl enable sshd &&\

yum install epel-release -y &&\

yum install ansible -y

2、创建并分发公钥，实现连接

vim fenfa.sh

#!/bin/sh

for ip in 7 8 31 41

do

  sshpass -p123456 ssh-copy-id -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.$ip

done

3、编辑主机列表，方便批量管理(1是服务端2是客户端)

vim /etc/ansible/hosts

[oldboy]                         

172.16.1.7

172.16.1.8

172.16.1.31

172.16.1.41

[rsync1]

172.16.1.41

[rsync2]

172.16.1.7

172.16.1.8

172.16.1.31

[nfs1]

172.16.1.31

[nfs2]

172.16.1.7

172.16.1.8

[sersync]

172.16.1.31

4、从桌面下载sersync，并解压安装和编辑配置文件

把学习文档里的sersync安装包拖到/server/tools

解压压缩包到当前目录，cd到/server/tools/appliction/sersync/conf

编辑confxml.xml,编辑一些监控的目录和推送的服务器的IP

5、下边命令部分使用copy模块，需要本地先配置好（配置文件）

Rsync服务端配置文件：

uid = rsync

gid = rsync

use chroot = no

fake super = yes

max connections = 200

timeout = 600

pid file = /var/run/rsyncd.pid

lock file = /var/run/rsync.lock

log file = /var/log/rsyncd.log

ignore errors

read only = false

list = false

hosts allow = 172.16.1.0/24

auth users = rsync_backup

secrets file = /etc/rsync.password

[backup]

comment = welcome to oldboyedu backup!

path = /backup/

Sersync安装包及配置文件

简单修改监控的目录和推送的服务器的IP

6、在/etc/ansible下创建yaml目录并写剧本one.yml

mkdir -p /etc/ansible/yaml

vim one.yml

- hosts: nfs1

  tasks:

- name:安装nfs

      yum: name=nfs-utils state=installed

- name:安装rpc

      yum: name=rpcbind state=installed

- name:编辑共享目录

      shell: echo "/data 172.16.1.0/24(rw,async,all_squash)" >/etc/exports

- name:创建共享目录data以及设定权限

      file: name=/data state=directory mode=755 owner=nfsnobody group=nfsnobody

- name:写入密码

      shell: echo 'export RSYNC_PASSWORD=123456' >>/etc/bashrc

      shell: source /etc/bashrc

- name:启动rpc并开机自启动

      systemd: name=rpcbind.service enabled=yes state=restarted

- name:启动nfs并开机自启动

      systemd: name=nfs enabled=yes state=restarted

- name:重新启动nfs

      systemd: name=nfs state=reloaded

#################NFS客户端###############################

- hosts: nfs2

  tasks:

- name:安装nfs和rpc

      yum: name=rpcbind state=installed

- name:安装nfs和rpc

      shell: yum install nfs-utils -y

- name:启动rpc开机自启动

      systemd: name=rpcbind.service enabled=yes state=restarted

- name:启动nfs并开机自启动

      systemd: name=nfs enabled=yes state=restarted

- name:写入挂载目录到fstab

      mount: src='172.16.1.31:/data' path=/mnt fstype=nfs opts=rw state=present

- name:写入挂载

      shell: mount -a

- name:密码写入

      shell: echo 'export RSYNC_PASSWORD=123456' >>/etc/bashrc

      shell: source /etc/bashrc

#################RSYNC服务端############

- hosts: rsync1

  tasks:

- name:安装rsync

      yum: name=rsync state=installed

- name:本地配置好的rsync配置文件copy过去

      copy: src=/etc/rsyncd.conf dest=/etc/rsyncd.conf mode=0644 backup=yes

- name:配置密码

      shell: echo "rsync_backup:123456" >/etc/rsync.password

- name:密码权限

      file: path=/etc/rsync.password mode=600

- name:创建rsync

      user: name=rsync

- name:创建backup备份目录

      file: name=/backup state=directory mode=755 recurse=yes owner=rsync group=rsync

- name:启动rsync服务

      systemd: name=rsyncd enabled=yes state=started

#############RSYNC客户端####################

- hosts: rsync2

  tasks:

- name:安装rsync

      yum: name=rsync state=installed

- name:密码文件写入bashrc

      shell: echo "export RSYNC_PASSWORD=123456" >>/etc/bashrc

      shell: source /etc/bashrc

- name:写入密码123456到etc/下的rsync.password

      copy: content=123456 dest=/etc/rsync.password mode=600

- name:启动并开机自启动rsync

      systemd: name=rsyncd enabled=yes state=started

#########################SERSYNC实时同步#############

- hosts: sersync

  tasks:

- name:下载实时监控机制

      yum: name=epel-release state=installed

      yum: name=inotify-tools state=installed

- name:安装包

      copy: src=/server/tools/ dest=/server/tools/

      copy: src=/server/tools/application dest=/ mode=755

- name:启动

      shell: /application/sersync/bin/sersync -d -n 10 -o /application/sersync/conf/confxml.xml

7.测试执行

ansible-playbook -C one.yml

8.正式执行

ansible-playbook one.yml

易错总结：

1. rsync服务端密码文件：/etc/rsync.password 密码格式：rsync_backup:123456

2. rsync客户端密码文件： /etc/rsync.password   123456

3. 密码文件权限600

4. 密码文件写入/etc/bashrc echo “export RSYNC_PASSWORD=123456” 

并重启变量 source /etc/bashrc