Zabbix Monitoring series of-rsync+inotify for file synchronization update (no firewall version)

rsync+inotify Implementing file synchronization Updates (no firewall version)

Directory

Description:... 2

ready to work: Shut down the server's firewall ... 2

shutting down the firewall firewall2

Disable boot-up firewall ... 2

write the script "shut-firewall.sh". 2

Publisher Configuration rsync:192.168.171.128. 2

Installation Configuration Rsync. 2

Configure rsyncd.conf file ... 2

Create the Authentication file:/etc/rsyncd.secrets. 3

set file Permissions ... 3

start rsync service ... 4

Turn off rsync service ... 4

Create directory ... 4

target server configuration rsync:192.168.171.129. 4

Installation Configuration Rsync. 4

Configure rsyncd.conf file ... 4

Create a secure authentication file rsyncd.secrets. 5

set file Permissions ... 5

start rsync service ... 5

Turn off rsync service ... 5

Create directory ... 6

on the publisher, manually test the data sync effect! ... 6

Catalog Effects ... 6

Publisher Configuration inotify:192.168.171.128. 6

Install the Inotify-tools tool for real-time directory monitoring ... 6

Configuring The inotify monitoring script rsync.sh-- monitoring PRO directory ... 6

set boot inotify and other scripts ... 7

Appendix Script Content ... 7

new machines, a few things to do ... 7

Description:

Operating System: Linux version 3.10.0-327.el7.x86_64 (centos7.1151)

Publisher:192.168.171.128

target server:192.168.171.129,192.168.171.130,...

Purpose: to synchronize the file/pro directory on the publisher to the/pro of the target server in real time

ready to work: Shut down the server's firewallshutting down the firewallFirewall

[Email protected] ~]# Systemctl stop Firewalld

[[Email protected] ~] #firewall-cmd–state

Disable boot-up firewall

[Email protected] ~]# systemctl disable FIREWALLD

Removed Symlink/etc/systemd/system/basic.target.wants/firewalld.service.

Removed Symlink/etc/systemd/system/dbus-org.fedoraproject.firewalld1.service.

Writing Scripts"Shut-firewall.sh"

#!/bin/bash

Systemctl Stop Firewalld.service

Publishing Server ConfigurationRsync:192.168.171.128Installation ConfigurationRsync

[email protected] ~]# Yum install Rsync–y

ConfigurationRsyncd.conffile

[Email protected] ~]# vim/etc/rsyncd.conf

#/etc/rsyncd:configurationfile for rsync daemon mode

# See rsyncd.conf Mans page formore options.

port=873

Uid=root

Gid=root

Use chroot = no

Max Connections=7

PID file =/var/run/rsyncd.pid

Log file =/var/log/rsyncd.log

Lock file =/var/run/rsyncd.lock

Strict modes = True

Transfer Logging =yes

Log format =%t%a%m%f%b

Syslog facility = Local3

Timeout = 300

# Sync PRO1

[Pro1]

Path =/pro

List = True

Ignore errors = yes

Read Only = no

Write only =no

Hosts allow = 192.168.171.129,192.168.171.130,192.168.171.131

Auth users = Rsyncuser

Secrets File =/etc/rsyncd.secrets

# Synchronize Item 2 This is an extension, single-point synchronization can be ignored

[Web1]

Path =/web

List = True

Ignore errors = yes

Read Only = no

Write only =no

Hosts Allow =192.168.171.129,192.168.171.130,192.168.171.131

Auth users = Rsyncuser

Secrets File =/etc/rsyncd.secrets

To Create an authentication file:/etc/rsyncd.secrets

[[Email protected] ~] #vim/etc/rsyncd.secrets

123456

Set file Permissions

[Email protected] ~]# chmod 600/etc/rsyncd.secrets

StartRsyncService

Daemon Mode Startup method:

[Email protected] ~]#/usr/bin/rsync--daemon--config=/etc/rsyncd.conf

CloseRsyncService

To close the process directly:

[Email protected] ~]# NETSTAT-NLUTP | grep rsync

TCP 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 1284/rsync

TCP6 0 0::: 873:::* LISTEN 1284/rsync

[[email protected] ~]# kill 1284

Create a directory

[[Email protected] ~] #mkdir/pro

Target server ConfigurationRsync:192.168.171.129Installation ConfigurationRsync

[email protected] ~]# Yum install Rsync–y

ConfigurationRsyncd.conffile

[Email protected] ~]# vim/etc/rsyncd.conf

#/etc/rsyncd:configurationfile for rsync daemon mode

# See rsyncd.conf Mans page formore options.

port=873

Uid=root

Gid=root

Use chroot = no

Max Connections=7

PID file =/var/run/rsyncd.pid

Log file =/var/log/rsyncd.log

Lock file =/var/run/rsyncd.lock

Strict modes = True

Transfer Logging =yes

Log format =%t%a%m%f%b

Syslog facility = Local3

Timeout = 300

# Synchronizing Items 1

[Pro1]

Path =/pro

List = False

Ignore errors = yes

Read Only = no

Write only =no

Hosts allow = *

Auth users = Rsyncuser

Secrets File =/etc/rsyncd.secrets

# Synchronize Item 2 This is an extension, single-point synchronization can be ignored

[Web1]

Path =/web

List = False

Ignore errors = yes

Read Only = no

Write only =no

Hosts allow = *

Auth users = Rsyncuser

Secrets File =/etc/rsyncd.secrets

Create a security certification fileRsyncd.secrets

[Email protected] ~]# vim/etc/rsyncd.secrets

rsyncuser:123456

Set file Permissions

[Email protected] ~]# chmod 600/etc/rsyncd.secrets

StartRsyncService

Daemon Mode Startup method:

[Email protected] ~]#/usr/bin/rsync--daemon--config=/etc/rsyncd.conf

CloseRsyncService

To close the process directly:

[Email protected] ~]# NETSTAT-NLUTP | grep rsync

TCP 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 1784/rsync

TCP6 0 0::: 873:::* LISTEN 1784/rsync

[[email protected] ~]# kill 1784

Create a directory

[[Email protected] ~] #mkdir/pro

on the publisher, manually test the data sync effect!

[[Email protected] ~] #rsync-avzh--delete--progress--password-file=/etc/rsyncd.secrets/pro/pro1 [email protected]:: Pro1

Catalog Effects

[email protected] pro]# LL

Total 8

Drwxr-xr-x. 2 root root 4096Aug 17:10 Pro1

If you have any questions, please refer to Error Handling ! Until successful, you can continue with the following actions!

Publishing Server ConfigurationINotify:192.168.171.128installationInotify-toolsTools for real-time directory monitoring

[[Email protected] ~] #yum Install Inotify-tools–y

ConfigurationINotifyMonitoring Scriptsrsync.sh--MonitoringPROCatalogue

[[Email protected] ~] #vim/etc/mesh/rsync.sh

#!/bin/bash

src=/pro/

Des1=pro

host1=192.168.171.129

#host2 =192.168.171.130 # Standby Machine

#host3 =192.168.171.131 # Standby Machine

User1=rsyncuser

/usr/bin/inotifywait-mrq--timefmt '%d/%m/%y%h:%m '--format '%T%w%f '-e modify,delete,create,attrib$src | While read file DATE time DIR;

Do

Rsync-avzh--delete--progress--password-file=/etc/rsyncd.secrets $src [email protected] $host 1:: $des 1

#rsync-avzh--delete--progress--password-file=/etc/rsyncd.secrets $src [email protected] $host 2:: $des 1

#rsync-avzh--delete--progress--password-file=/etc/rsyncd.secrets $src [email protected] $host 3:: $des 1

echo "${files} wasrsynced" >>/var/log/rsync.log 2>&1

Done

(If you have more than one directory, you can set up multiple monitoring scripts, if you have more than one host, you can set multiple lines of code)

Set boot upINotifyand other scripts

[Email protected] ~]# chmod 755/etc/rc.d/rc.local

[Email protected] ~]# vim/etc/rc.d/rc.local

#!/bin/bash

# This FILE is ADDED forcompatibility purposes

# It is highly advisable tocreate own SYSTEMD services or Udev rules

# to run scripts during bootinstead of the using this file.

# In contrast to previousversions due to parallel execution during boot

# This script is not being runafter all other services.

# Please note this mustrun ' chmod +x/etc/rc.d/rc.local ' to ensure

# That's this script would beexecuted during boot.

/bin/bash/etc/mesh/shut-firewall.sh&

/bin/bash/etc/mesh/rsyncd-pro.sh&

/bin/bash/etc/mesh/rsyncdstart.sh&

Appendix Script Content

[Email protected] ~]# vim/etc/mesh/rsyncd-pro.sh

#!/bin/bash

Src=/pro

Des1=pro

host1=192.168.171.129

host2=192.168.171.130

User1=rsyncuser

/usr/bin/inotifywait-mrq--timefmt '%d/%m/%y%h:%m '--format '%T%w%f '-e modify,delete,create,attrib$src | While read file DATE time DIR;

Do

Rsync-avzh--delete--progress--password-file=/etc/rsyncd.secrets $src [email protected] $host 1:: $des 1

Rsync-avzh--delete--progress--password-file=/etc/rsyncd.secrets $src [email protected] $host 2:: $des 1

echo "${files} wasrsynced" >>/var/log/rsync.log 2>&1

Done

[Email protected] ~]# vim/etc/mesh/rsyncdstart.sh

#!/bin/bash

/usr/bin/rsync--daemon--config=/etc/rsyncd.conf

new machines, a few things to do

1. Modify The monitoring host information for the inotify at the publisher, see Rsync-pro1.sh.

2. Repeat the preparatory work

3. The deployment process for the duplicate operations target host (192.168.171.129).

4. Test Data Sync Effect

Inotify The parameter settings are adjusted as follows:

[Email protected] pro]# Sysctl-a | grep max_queued_events

Fs.inotify.max_queued_events =16384

[Email protected] pro]# Sysctl-a | grep max_user_watches

Fs.epoll.max_user_watches =202874

Fs.inotify.max_user_watches =8192

[Email protected] pro]# Sysctl-a | grep max_user_instances

fs.inotify.max_user_instances= 128

[Email protected] pro]# sysctl-w fs.inotify.max_queued_events= "99999999"

Fs.inotify.max_queued_events =99999999

[Email protected] pro]# sysctl-w fs.inotify.max_user_watches= "99999999"

Fs.inotify.max_user_watches =99999999

[Email protected] pro]# sysctl-w fs.inotify.max_user_instances= "65535"

fs.inotify.max_user_instances= 65535

Vim/etc/sysctl.conf

fs.inotify.max_queued_events=99999999

fs.inotify.max_user_watches=99999999

fs.inotify.max_user_instances=65535

rsync Parameter Description

rsync -avzh--delete--progress--password-file=/etc/rsyncd.secrets [email protected] $host 1:: $des 1

- v,--verboseVerbose mode output
-Q,--quiet thin output mode
-C,--checksum turn on the check switch to force verification of file transfers
-A,--archivearchive mode, which means that files are transferred recursively, and all file attributes are maintained, equal to-Rlptgod
-R,--recursivesubdirectories are processed in recursive mode
-R,--relative using relative path information
-B,--backup creates a backup, that is, the old file is renamed to ~filename when the same file name exists for the purpose. You can use the--suffix option to specify a different backup file prefix.
--backup-dir store backup files (such as ~filename) in the directory.
-suffix=suffix Defining backup File prefixes
-U,--update only updates, which is to skip all the files that already exist in DST, and the file time is later than the file to be backed up. (Does not overwrite the updated file)
-L,--linkskeep the soft link knot
-L,--copy-links to handle soft links like regular files
--copy-unsafe-links only copies links to links outside the SRC Path directory tree
--safe-links ignoring links to the SRC Path directory tree
-H,--hard-linksKeep Hard Links
-P,--permsKeep file permissions
-O,--owner keep file owner information
-G,--group keep file group information
-D,--devices keep device file information
-T,--times keep file time information
-S,--sparse special processing of sparse files to save DST space
-N,--dry-run reality which files will be transmitted
-W,--whole-file copy files without incremental detection
-X,--one-file-system do not cross file system boundaries
-B, the block size used by the--block-size=size test algorithm, is 700 bytes by default
-E,--rsh=command specifies data synchronization using RSH and SSH
--rsync-path=path Specify the path information for the rsync command on the remote server
-C,--cvs-exclude uses the same method as CVs to automatically ignore files to exclude files that you do not want to transfer
--existing only updates those files that already exist in DST without backing up those newly created files
--delete Delete those files that are not in the DST SRC
--delete-excluded also deletes those files that are excluded by the option specified by the Receive side
--delete-after transfer ends after removal
--ignore-errors Timely IO errors are also deleted
--max-delete=num deleting NUM files up to a maximum
--partial retains files that are not fully transmitted for any reason, to expedite subsequent transmissions
--force forcibly delete a directory, even if it is not empty
--numeric-ids does not match the user and group ID of a number to a user name and group name
--timeout=time IP time-out, in seconds
-I,--ignore-times do not skip files that have the same time and length
--size-only when deciding whether to back up a file, just look at the file size regardless of file time
--modify-window=num determines whether the file is time-stamped with the time Stamp window, which defaults to 0
-t--temp-dir=dir creating temporary files in Dir
--compare-dest=dir also compares the files in DIR to determine if a backup is required
-p equivalent to--partial
--progress Show Backup process
-Z,--compresscompress the backed-up files as they are transferred
--exclude=pattern specify to exclude file modes that do not need to be transferred
--include=pattern specifies file modes that need to be transferred without exclusion
--exclude-from=file exclude files in the specified schema in file
--include-from=file does not exclude files that specify pattern matching
--version Print version Information
--address binding to a specific address
--config=file specify a different configuration file, do not use the default rsyncd.conf file
--port=port Specify a different rsync service port
--blocking-io using blocking IO for remote shells
-stats gives the transfer status of some files
--progress in the transmission of the real-time transmission process
--log-format=format specifying the log file format
--password-file=file get the password from file
--bwlimit=kbps limit I/O bandwidth, kbytesper second
-H,--help display Help information

This article is from "The Dragon Eye Kid, UBM World" blog, please make sure to keep this source http://longmuxiaozi.blog.51cto.com/865148/1837393

Zabbix Monitoring series of-rsync+inotify for file synchronization update (no firewall version)