19.全网架构备份项目实践

unit19 全网架构备份项目

1.某公司里有一台Web服务器，里面的数据很重要，但是如果硬盘坏了，数据就会丢失，现在领导要求你把数
据在其他机器上做一个周期性定时备份。要求如下：
每天晚上00点整在Web服务器A(web01
)上打包备份网站程序目录并通过rsync命令推送到服务器B(backup)上备份保留
（备份思路可以是先在本地按日期打包，然后再利用rsync推到备份服务器上）。
具体要求如下：
1)Web服务器A和备份服务器B的备份目录必须都为/backup。
2)Web服务器站点目录假定为(/var/www/html)。
3)Web服务器本地仅保留7天内的备份。
4)备份服务器上每周六的数据都保留，其他备份仅保留180天备份。
5)备份服务器上检查备份结果是否正常，并将每天的备份结果发给管理员信箱。

2.题目分析

　　

3.创建rsync与书写脚本
步骤1：搭建rsync服务端和客户端
rsync服务端backup配置：
[root@backup ~]# vim /etc/rsyncd.conf //保留backup模块
[root@backup ~]# killall rsync
[root@backup ~]# killall rsync
rsync: no process killed
[root@backup ~]# rsync --daemon
[root@backup ~]# ps -ef|grep rsync
root 3265 1 0 09:48 ? 00:00:00 rsync --daemon
root 3267 3246 0 09:48 pts/0 00:00:00 grep rsync

客户端web01配置：
[root@backup ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5 lb01
172.16.1.6 lb02
172.16.1.7 web02
172.16.1.8 web01
172.16.1.51 db01 db01.etiantian.org
172.16.1.31 nfs01
172.16.1.41 backup
172.16.1.61 m01

03-期中架构-web01-10.0.0.8
D:\vmware_centos\03-期中架构-web01-10.0.0.8
修改IP和主机名：
[root@oldboyedu-mu ~]# sed -i 's#210$#8#g' /etc/sysconfig/network-scripts/ifcfg-eth*
[root@oldboyedu-mu ~]# hostname web01
[root@oldboyedu-mu ~]# hostname
web01
[root@oldboyedu-mu ~]# vim /etc/sysconfig/network
[root@oldboyedu-mu ~]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=web01
[root@oldboyedu-mu ~]# /etc/init.d/network restart
配置密码并修改权限：
[root@web01 ~]# echo '123456' >/etc/rsync.password
[root@web01 ~]# cat /etc/rsync.password
123456
[root@web01 ~]# chmod 600 /etc/rsync.password
[root@web01 ~]# ll /etc/rsync.password
-rw------- 1 root root 7 Jan 24 10:07 /etc/rsync.password

[root@web01 ~]# rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password //重要一步！
sending incremental file list
hosts
sent 188 bytes received 27 bytes 430.00 bytes/sec
total size is 303 speedup is 1.41

[root@backup ~]# ls /backup/
test01.c test02.c test03.c test04.c test05.c
[root@backup ~]# ls /backup/
hosts test01.c test02.c test03.c test04.c test05.c

步骤2：书写客户端web01的脚本
[root@web01 backup]# mkdir -p /backup /var/www/html
[root@web01 backup]# tar -zcf /backup/web01-$(date +%F_%w).tar.gz /var/www/html/ /etc/rc.local /var/spool/cron/ //打包软链接
tar: Removing leading `/' from member names
[root@web01 backup]# ls
web01-2018-01-24_3.tar.gz
[root@web01 backup]# tar xf web01-2018-01-24_3.tar.gz
[root@web01 backup]# ll
total 12
drwxr-xr-x 2 root root 4096 Jan 24 10:23 etc
drwxr-xr-x 4 root root 4096 Jan 24 10:23 var
-rw-r--r-- 1 root root 296 Jan 24 10:23 web01-2018-01-24_3.tar.gz
[root@web01 backup]# ll etc/
total 0
lrwxrwxrwx 1 root root 13 Jan 24 10:23 rc.local -> rc.d/rc.local
客户端web01的脚本：
[root@web01 backup]# tar -zchf /backup/web01-$(date +%F_%w).tar.gz /var/www/html/ /etc/rc.local /var/spool/cron/ //-h打包软链接指向的文件
tar: Removing leading `/' from member names
[root@web01 backup]# ll
total 12
drwxr-xr-x 2 root root 4096 Jan 24 10:23 etc
drwxr-xr-x 4 root root 4096 Jan 24 10:23 var
-rw-r--r-- 1 root root 444 Jan 24 10:25 web01-2018-01-24_3.tar.gz
[root@web01 backup]# tar xf web01-2018-01-24_3.tar.gz
[root@web01 backup]# ll etc/
total 4
-rwxr-xr-x 1 root root 220 Mar 23 2017 rc.local
[root@web01 backup]# ll var/
total 8
drwxr-xr-x 3 root root 4096 Jan 24 10:23 spool
drwxr-xr-x 3 root root 4096 Jan 24 10:23 www

加密并检查：
[root@web01 backup]# cd /backup/ && md5sum web01-$(date +%F_%w).tar.gz
a7b85774b855b59064612f3021437895 web01-2018-01-24_3.tar.gz
[root@web01 backup]# md5sum web01-$(date +%F_%w).tar.gz >check.log //
[root@web01 backup]# md5sum -c check.log
web01-2018-01-24_3.tar.gz: OK

免密增量推送压缩包：
[root@web01 backup]# rsync -avz /backup/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password
sending incremental file list
./
check.log
web01-2018-01-24_3.tar.gz
etc/
etc/rc.local
var/
var/spool/
var/spool/cron/
var/spool/cron/root
var/www/
var/www/html/
sent 1186 bytes received 111 bytes 2594.00 bytes/sec
total size is 820 speedup is 0.63

[root@backup ~]# ls /backup/
check.log etc hosts test01.c test02.c test03.c test04.c test05.c var web01-2018-01-24_3.tar.gz

删除7天前的压缩包：
[root@web01 backup]# find /backup/ -type f -name "*.tar.gz" -mtime +7
[root@web01 backup]# find /backup/ -type f -name "*.tar.gz" -mtime +7|xargs rm
rm: missing operand
Try `rm --help' for more information.

小结：
tar -zchf /backup/web01-$(date +%F_%w).tar.gz /var/www/html/ /etc/rc.local /var/spool/cron/
cd /backup/ && md5sum web01-$(date +%F_%w).tar.gz >check.log
rsync -avz /backup/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password
find /backup/ -type f -name "*.tar.gz" -mtime +7|xargs rm

4.测试脚本与定时任务
步骤3：写入web01定时任务
[root@web01 ~]# mkdir -p /service/scripts
[root@web01 ~]# vim /service/scripts/bak-web01.sh
[root@web01 ~]# cat /service/scripts/bak-web01.sh
#!/bin/bash
#desc: backup html && conf
Date=$(date +%F_%w)

cd / && \
tar -zchf /backup/web01-${Date}.tar.gz var/www/html/ etc/rc.local var/spool/cron/

cd /backup/ && \
md5sum web01-${Date}.tar.gz >check.log

rsync -avz /backup/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password

find /backup/ -type f -name "*.tar.gz" -mtime +7|xargs rm
[root@web01 ~]# sh /service/scripts/bak-web01.sh
sending incremental file list
check.log
web01-2018-01-24_3.tar.gz
sent 845 bytes received 64 bytes 1818.00 bytes/sec
total size is 820 speedup is 0.90
rm: missing operand
Try `rm --help' for more information.

[root@backup backup]# ls
check.log etc hosts test01.c test02.c test03.c test04.c test05.c var web01-2018-01-24_3.tar.gz
[root@backup backup]# md5sum -c check.log
web01-2018-01-24_3.tar.gz: OK

测试脚本：
[root@web01 ~]# /bin/bash /service/scripts/bak-web01.sh
sending incremental file list
./
check.log
web01-2018-01-24_3.tar.gz

sent 659 bytes received 61 bytes 1440.00 bytes/sec
total size is 504 speedup is 0.70
rm: missing operand
Try `rm --help' for more information.
[root@web01 ~]# ls /backup/
check.log web01-2018-01-24_3.tar.gz

[root@backup ~]# ls /backup/
check.log web01-2018-01-24_3.tar.gz

[root@web01 ~]# crontab -e
crontab: installing new crontab
[root@web01 ~]# crontab -l|tail -2
#backup conf & html cr 2018-01-24
* * * * * /bin/bash /service/scripts/bak-web01.sh >/dev/null 2>&1
[root@web01 ~]# tail -f /var/log/cron

[root@web01 ~]# rm -rf /backup/*
[root@web01 ~]# ls /backup/
[root@web01 ~]# tail -f /var/log/cron
Jan 24 11:10:01 oldboyedu-mu CROND[2320]: (root) CMD (/usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1)
Jan 24 11:10:01 oldboyedu-mu CROND[2321]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Jan 24 11:14:18 oldboyedu-mu crontab[2348]: (root) BEGIN EDIT (root)
Jan 24 11:15:01 oldboyedu-mu CROND[2351]: (root) CMD (/usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1)
Jan 24 11:15:45 oldboyedu-mu crontab[2348]: (root) REPLACE (root)
Jan 24 11:15:45 oldboyedu-mu crontab[2348]: (root) END EDIT (root)
Jan 24 11:16:01 oldboyedu-mu crond[1215]: (root) RELOAD (/var/spool/cron/root)
Jan 24 11:16:01 oldboyedu-mu CROND[2354]: (root) CMD (/bin/bash /service/scripts/bak-web01.sh >/dev/null 2>&1)
Jan 24 11:16:09 oldboyedu-mu crontab[2364]: (root) LIST (root)
Jan 24 11:17:01 oldboyedu-mu CROND[2368]: (root) CMD (/bin/bash /service/scripts/bak-web01.sh >/dev/null 2>&1)

Jan 24 11:18:01 oldboyedu-mu CROND[2382]: (root) CMD (/bin/bash /service/scripts/bak-web01.sh >/dev/null 2>&1)
Jan 24 11:19:01 oldboyedu-mu CROND[2393]: (root) CMD (/bin/bash /service/scripts/bak-web01.sh >/dev/null 2>&1)

[root@backup ~]# ls /backup/
check.log web01-2018-01-24_3.tar.gz
[root@backup ~]# cd /backup/
[root@backup backup]# md5sum -c check.log
web01-2018-01-24_3.tar.gz: OK

改写正确的时间脚本：
[root@web01 ~]# crontab -e
crontab: installing new crontab
[root@web01 ~]# crontab -l|tail -2
#backup conf & html cr 2018-01-24
00 00 * * * /bin/bash /service/scripts/bak-web01.sh >/dev/null 2>&1

5.保存每周六和检查备份结果
步骤4：书写服务器端backup脚本
删除180天之前的文件但保留每周六的压缩包：
[root@backup ~]# find /backup/ -type f -name "*.tar.gz" -mtime +180 ! -name "*_6.tar.gz" |xargs rm
rm: missing operand
Try `rm --help' for more information.

[root@backup ~]# cd /backup/ && md5sum -c /backup/check.log
web01-2018-01-24_3.tar.gz: OK

[root@backup backup]# md5sum -c check.log
web01-2018-01-24_3.tar.gz: OK
[root@backup backup]# echo $?
0
[root@backup backup]# >web01-2018-01-24_3.tar.gz
[root@backup backup]# md5sum -c check.log
web01-2018-01-24_3.tar.gz: FAILED
md5sum: WARNING: 1 of 1 computed checksum did NOT match
[root@backup backup]# echo $?
1

开启postfix邮件服务：
[root@backup ~]# /etc/init.d/postfix status
master is stopped
[root@backup ~]# /etc/init.d/postfix start
Starting postfix: [ OK ]
[root@backup ~]# chkconfig postfix on
[root@backup ~]# ps -ef |grep postfix

配置163邮箱：
[root@backup ~]# tail -3 /etc/mail.rc
set from=mnlovemin@163.com smtp=smtp.163.com smtp-auth-user=mnlovemin smtp-auth-password=****** smtp-auth=login
测试：

[root@backup ~]# mail -s "md5sum wrong" mnlovemin@163.com </etc/hosts

　　

 

说明：
from是发送的邮件地址
smtp是发送的外部smtp服务器的地址
smtp-auth-user是外部smtp服务器认证的用户名
smtp-auth-password是外部smtp服务器认证的用户密码（授权码）
smtp-auth是邮件认证的方式
提示：这部分要和邮件服务商提供的地址一样才行！

[root@backup ~]# vim /service/scripts/check.sh
[root@backup ~]# cat /service/scripts/check.sh
#del 180 days ago keep every 6
find /backup/ -type f -name "*.tar.gz" -mtime +180 ! -name "*_6.tar.gz" |xargs rm

#check
cd /backup && \
md5sum -c check.log >/backup/result.log
if [ $? -ne 0 ];then
mail -s "md5sum wrong" mnlovemin@163.com </backup/result.log
fi

[root@backup ~]# /bin/bash /service/scripts/check.sh
rm: missing operand
Try `rm --help' for more information.
md5sum: WARNING: 1 of 1 computed checksum did NOT match

步骤5：在服务器端backup将脚本加入定时任务
[root@backup ~]# crontab -e
crontab: installing new crontab
[root@backup ~]# crontab -l|tail -2
#check & send result by cr at 2018-01-24
* * * * * /bin/bash /service/scripts/check.sh >/dev/null 2>&1
例如在凌晨3点检查：
[root@backup ~]# crontab -e
crontab: installing new crontab
[root@backup ~]# crontab -l|tail -2
#check & send result by cr at 2018-01-24
00 03 * * * /bin/bash /service/scripts/check.sh >/dev/null 2>&1

6.总结与备份脚本的不足