4案例4:配置Web鏡像同步
4.1問題
本例要求爲兩臺Web服務器svr7、pc207的網頁文檔目錄配置鏡像同步,主要基於inotifywait監控技術實現實時觸發操作完成下列任務:
- 以svr7爲發起方,原始目錄爲/var/www/html/
- 以pc207爲同步目標,基於SSH免密驗證
- 編寫inotify+rsync同步腳本,驗證實時同步效果
4.2方案
inotifywait與rsync結合,主要思路:
while inotifywait監控操作
do
需要執行的rsync同步操作
done
4.3步驟
實現此案例需要按照如下步驟進行。
步驟一:爲主機svr7、pc207部署同步目錄
雙方的目錄均爲/var/www/html/,如果安裝了httpd,此目錄會自動出現。
1)確認svr7的目錄內容
[root@svr7 ~]# yum -y install httpd
.. ..
[root@svr7 ~]# ls /var/www/html/ //向目錄下提供一些測試文件
libreoffice
2)確認pc207的目錄內容
[root@pc207 ~]# yum -y install httpd
.. ..
[root@pc207 ~]# ls /var/www/html //初始目錄無數據
[root@pc207 ~]#
步驟二:爲svr7配置到pc207的SSH密鑰對驗證,實現免密碼交互
1)檢查當前用戶是否已經有可用的SSH密鑰對文件
[root@svr7 ~]# ls ~/.ssh/id_*
/root/.ssh/id_rsa /root/.ssh/id_rsa.pub
如果找不到id_rsa、id_rsa.pub密鑰對文件,則需要執行下列操作創建:
[root@svr7 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): //按回車,確認存放位置
Enter passphrase (empty for no passphrase): //按回車,確認不要密碼
Enter same passphrase again: //再次按回車,確認
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
00:a7:cb:2d:9d:b8:8a:df:f5:ff:5b:ed:bd:04:10:fe root@svr7
The key's randomart image is:
+--[ RSA 2048]----+
| . . . |
| + . . |
| . . o |
| . = o o |
| = + S E |
| o .. |
| . . ...|
| . o . . ....|
|..o . ....o. .+|
+-----------------+
2)當前用戶的SSH公鑰部署到遠程主機
[root@svr7 ~]# ssh-copy-id [email protected]
The authenticity of host '192.168.4.207 (192.168.4.207)' can't be established.
ECDSA key fingerprint is d3:16:2c:9a:9d:91:28:c8:74:9c:af:2d:04:82:c9:66.
Are you sure you want to continue connecting (yes/no)? yes //首次連yes確認
[email protected]'s password: //驗證對方的密碼
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
3)驗證免密碼登錄效果
[root@svr7 ~]# ssh [email protected]
Last login: Fri Jan 13 09:52:08 2017 from 192.168.4.110
[root@pc207 ~]# //確認已免密碼連入遠程主機
[root@pc207 ~]# exit //退出SSH登錄環境
登出
Connection to 192.168.4.207 closed.
[root@svr7 ~]# //已返回原客戶機
步驟三:編寫鏡像同步腳本並測試效果
1)編寫腳本文件/root/isync.sh
[root@svr7 ~]# vim /root/isync.sh
#!/bin/bash
FROM_DIR="/var/www/html/"
RSYNC_CMD="rsync -az --delete $FROM_DIR [email protected]:/var/www/html"
while inotifywait -rqq -e modify,move,create,delete,attrib $FROM_DIR
do
$RSYNC_CMD
done &
[root@svr7 ~]# chmod +x /root/isync.sh
2)運行腳本
[root@svr7 ~]# /root/isync.sh
[root@svr7 ~]# pgrep -l inotify //確認任務在運行
56494 inotifywait
3)測試同步效果
在svr7上向/var/www/html/目錄下添加一個測試網頁(觸發同步):
[root@svr7 ~]# touch /var/www/html/a.txt
[root@svr7 ~]# ls /var/www/html/
a.txt libreoffice
在pc207上檢查/var/www/html/目錄,內容應該已經與svr7上的同名目錄一致:
[root@pc207 ~]# ls /var/www/html
a.txt libreoffice
4)結束測試後,在svr7上停止監控任務
[root@svr7 ~]# pkill -9 inotify
[root@svr7 ~]# pgrep -l inotify //確認已沒有監控任務
[root@svr7 ~]#