NFS高可用

角色	服务	IP
Master	nfs服务、sersync服务	192.168.31.155
Slave	rsync服务	192.168.31.150
Client		192.168.31.140

共享目录/data/www/web

挂载目录/mnt

安装配置NFS共享目录

​ 1.安装nfs

​ 服务端和客户端都需要安装

yum install -y nfs-utils rpcbind

NFS-Master、NFS-Slave:

echo '/data/www/web 192.168.31.0/24(rw,sync,all_squash)' >> /etc/exports
systemctl start rpcbind && systemctl start nfs
systemctl enable rpcbind && systemctl enable nfs
并且需要配置防火墙，否则客户端有可能挂载失败，连接不上

配置防火墙放行nfs服务

firewall-cmd --permanent --add-service=nfs

（注意先启动rpcbind,再启动nfs）

---

安装配置rsync + Sersync

在NFS-Slave端安装rsync,因为我们在NFS-Master上写入数据要备份到NFS-Slave服务器上,所以我们在NFS-Slave上启动rsync

vi /etc/rsyncd.conf

# /etc/rsyncd: configuration file for rsync daemon mode

# See rsyncd.conf man page for more options.

# configuration example:

# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2

# [ftp]
#        path = /home/ftp
#        comment = ftp export area

uid = nfsnobody
gid = nfsnobody
port = 873
pid file = /var/rsyncd.pid
log file = /var/log/rsyncd.log
use chroot = no
max connections = 200
read only = false
list = false
fake super = yes
ignore errors
[test_nfs]
path = /test_nfs
auth users = test_nfs
secrets file = /etc/rsync.pass
hosts allow = 192.168.31.0/24

systemctl start rsyncd && systemctl enable rsyncd
echo 'test_nfs:zsf123' > /etc/rsync.pass
chmod 600 /etc/rsync.pass
chown nfsnobody:nfsnobody /test_nfs/

日志文件 /var/log/rsyncd.log

---

安装keepalived 并配置

1. yum install keepalived -y

2. vi /etc/keepalived/keepalived.conf

MASTER

//全局定义模块
global_defs {
   router_id NFS-Master
   //运行keepalive机器的标识
}

vrrp_instance VI_1 {
    //靠priority 来区别主从,这个不生效
    state MASTER
    //实例绑定的网卡
    interface enp0s31f6
    //组ID,值一样为一个组
    virtual_router_id 51
    //优先级,优先级高的为master
    priority 150
    //检查时间间隔
    advert_int 1
    //认证模式为密码认证
    authentication {
        auth_type PASS
        auth_pass zhangshoufu
    }
    //设置的VIP
    virtual_ipaddress {
        192.168.1.101
    }
}

BACKUP

global_defs {
   router_id NFS-Slave
}

vrrp_instance VI_1 {
    state BACKUP
    interface enp0s31f6 
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass zhangshoufu
    }
    virtual_ipaddress {
        192.168.1.101
    }
}

systemctl start keepalived.service 启动

systemctl stop keepalived.service 停止

systemctl enable keepalived.service 开机启动

因为keepalive的漂移机制是根据keepalive这个服务是否存活来判断IP地址是否漂移的,如果我们是机器down机,此方法可以直接使用,但是如果是网络出现问题导致了服务不可用的,

防火墙

firewall-cmd --state

firewall-cmd --reload

systemctl start firewalld.service

systemctl stop firewalld.service

允许防火墙vrrp的组播

keepalived组播地址是224.0.0.18

firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp0s3 --destination 224.0.0.18 --protocol vrrp -j ACCEPT

如果安装了iptables，则也要进行相应的防火墙配置，否则会出现脑(split-brain)裂现象

---

yum install -y wget
332 wget https://rsync.samba.org/ftp/rsync/src/rsync-3.0.7.tar.gz
333 ll
334 mkdir /rsync/
335 ll
336 mv rsync-3.0.7.tar.gz /rsync/
337 ll
338 ll /rsync/
339 cd /rsync/
340 ll
341 tar xzf rsync-3.0.7.tar.gz
342 ls
343 cd rsync-3.0.7
344 ls
345 yum install -y gcc
346 yum -y install perl
347 ./configure --prefix=/usr/local/rsync/
348 make&&make install
349 ll /usr/local/rsync/

rsync —daemon #开启rsync

/usr/local/rsync/bin/rsync --daemon --config=/usr/local/rsync/rsyncd.conf

netstat -antp | grep 873

netstat -nulpt| grep rsync

lsof -i:873

配置rsync开机启动

vi /etc/rc.local

在末尾加上 /usr/local/rsync/bin/rsync --daemon --config=/usr/local/rsync/rsyncd.conf

下载sersync

mkdir -p /application/tools/

cd /application/tools/

wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/sersync/sersync2.5.4_64bit_binary_stable_final.tar.gz

tar xzf sersync2.5.4_64bit_binary_stable_final.tar.gz

mv GNU-Linux-x86 /usr/local/sersync

配置sersync

cp confxml.xml confxml.xml.$(date +%F)

du seq

开启sersync守护进程同步数据

启动命令

/usr/local/sersync/sersync2 -d -r -o /usr/local/sersync/confxml.xml

Sersync参数	说明
./sersync -d	-d参数为：后台服务，通常情况下使用 -r参数对本地到远端整体同步一遍后，在后台运行此参数启动守护进程实时同步；在第一次整体同步时，-d 和 -r参数经常会联合使用
./sersync -o xx.xml	指定 -o 参数：可以指定多个不同的配置文件，从而实现sersync多进程多实例的数据同步
./sersync -r	提别说明：如果设置了过滤器，即在xml文件中，filter为true，则暂时不能使用-r参数进行整体同步；

sersync是一个软件,相应的他的启动时一个脚本执行,并非命令,,所以添加到/etc/rc.local中没有效果

添加脚本监控sersync是否正常运行

#!/bin/sh
sersync="/usr/local/sersync/sersync2"
confxml="/usr/local/sersync/confxml.xml"
status=$(ps aux | grep 'sersync2' | grep -v 'grep' | wc -l)
if [ $status -eq 0 ];
then
$sersync -d -r -o $confxml &
else
exit 0;
fi

chmod +x /usr/local/sersync/check_sersync.sh #添加脚本执行权限

vi /etc/crontab #编辑，在最后添加下面一行

*/5 * * * * root /usr/local/sersync/check_sersync.sh > /dev/null 2>&1 #每隔5分钟执行一次脚本

service crond reload #重新加载服务

节点名称修改:

hostname Master

unman -n

主机名解析:

cat /etc/hosts