高可用nfs文件服务器集群部署(NFS+keepalived+Sersync)
萌新第一篇文章,请多指教。本文所需资源,链接30天内有效,提取码:k8c1https://pan.baidu.com/s/1w8Mc-B_UVF5dBoCzu7Y-9A目录一、准备工具二、准备工作三、安装NFS一、准备工具当前系统为Centos7以下工具有4个需要安装,第5个需要自己编写:1、NFS(文件共享)2、rsync(文件推送)3、Sersync(监控目录并执行rsync命令)4、Keep
萌新第一篇文章,请多指教。
2021-10-13日更新,本文所需资源,链接7天内有效,提取码:s3p9。https://pan.baidu.com/s/1O54ghFCb4ba6n5e28mEC5Q
目录
一、准备工具
当前系统为Centos7
以下工具有4个需要安装,第5个需要自己编写:
1、NFS(文件共享)
2、rsync(文件推送)
3、Sersync(监控目录并执行rsync命令)
4、Keepalived(高可用)
5、Shell脚本(不用安装,需要自己编写)
客户端IP:192.168.137.10
(主)NFS文件服务器IP:192.168.137.30
(备)NFS文件服务器IP:192.168.137.40
Keepalived VIP:192.168.137.50
拓扑图:
文中的客户端为此图中的应用服务器
二、准备工作
工具名称 | 协议类型 | 端口号 |
NFS | TCP | 111、2049 |
NFS | UDP | 111、4046 |
rsync | TCP | 873 |
Keepalived | 需要开启组播地址 |
服务端开放端口命令:
firewall-cmd --permanent --add-port=111/tcp
firewall-cmd --permanent --add-port=111/udp
firewall-cmd --permanent --add-port=2049/tcp
firewall-cmd --permanent --add-port=4046/udp
firewall-cmd --permanent --add-port=873/tcp
# 重启防火墙(修改配置后要重启防火墙):
firewall-cmd --reload
# 查看已开放端口:
firewall-cmd --list-ports
开启组播地址:
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface eth0 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
# 重启防火墙(修改配置后要重启防火墙):
firewall-cmd --reload
# 查看已开放端口:
firewall-cmd --list-ports
注:eth0为网卡名字
如果不想麻烦,又或是测试阶段可以把防火墙关闭
# 关闭防火墙:
systemctl stop firewalld
# 关闭开机自启:
systemctl disable firewalld
在客户端及服务端的根目录“/”下,创建“NFS”文件夹和“user”文件夹
mkdir /NFS
mkdir /user
三、安装NFS
1、客户端与服务端均需要安装NFS
将文档目录下“安装NFS”文件夹下的所有RPM包上传到“user”文件夹下
安装文件夹下所有rpm包
rpm -Uvh /user/*.rpm
2、安装完后清空user文件夹下所有内容
cd /user
rm -rf *
3、服务端编辑exports文件:
vi /etc/exports
# 添加一行:
/NFS 192.168.137.10(rw,sync,all_squash)
4、启动服务:
systemctl start rpcbind
systemctl start nfs
5、设为开机启动:
systemctl enable rpcbind
systemctl enable nfs
查看服务状态:
systemctl status rpcbind
systemctl status nfs
注:红框为当前启动状态,黄框为是否开机启动
四、安装rsync
1、服务端安装rsync
将文档目录下“安装rsync”文件夹下的所有RPM包上传到“user”文件夹下
安装“user”文件夹下所有rpm包(主、备均需要)
rpm -Uvh /user/*.rpm
2、安装完后清空user文件夹下所有内容(主、备均需要)
cd /user
rm -rf *
3、编辑rsyncd.conf文件(路径:/etc/rsyncd.conf)(主、备均需要)
vi /etc/rsyncd.conf
--------------------------------------------------------主服务器配置-------------------------------------------------------
uid = nfsnobody
gid = nfsnobody
port = 873
pid file = /var/run/rsyncd.pid
log file = /var/log/rsyncd.log
use chroot = no
max connections = 200
read only = false
timeout = 300
list = false
fake super = yes
ignore errors
[NFS]
path = /NFS
auth users = wz
secrets file = /user/rsync_salve.pass
hosts allow=192.168.137.40
comment = "this is a 30NFS"
--------------------------------------------------------备服务器配置-------------------------------------------------------
uid = nfsnobody
gid = nfsnobody
port = 873
pid file = /var/run/rsyncd.pid
log file = /var/log/rsyncd.log
use chroot = no
max connections = 200
read only = false
timeout = 300
list = false
fake super = yes
ignore errors
[NFS]
path = /NFS
auth users = wz
secrets file = /user/rsync_salve.pass
hosts allow=192.168.137.30
comment = "this is a 40NFS"
4、生成认证文件(主、备均需要)
echo 'wz:wz123' > /user/rsync_salve.pass
chmod 600 /user/rsync_salve.pass
注:密钥文件需要600权限
5、添加用户权限(主、备均需要)
chown -R nfsnobody:nfsnobody /NFS
6、启动服务(主、备均需要)
rsync --daemon --config=/etc/rsyncd.conf
7、生成访问密钥(主、备均需要)
echo "wz123" > /user/rsync.pass
chmod 600 /user/rsync.pass
注:密钥文件需要600权限
附加(用来测试rsync功能是否正常):
# 推送命令:
rsync -arv /NFS/ wz@192.168.137.40::NFS --password-file=/user/rsync.pass
五、安装Sersync
1、服务端安装Sersync(主、备均需要)
将文档目录下“sersync2.5.4_64bit_binary_stable_final.tar.gz”文件上传到“user”文件夹下
# 进入user文件夹
cd /user
# 解压gz包
tar xvf sersync2.5.4_64bit_binary_stable_final.tar.gz
# 重命名文件夹
mv GNU-Linux-x86/ sersync
2、解压完后删除gz包(主、备均需要)
cd /user
rm -rf sersync2.5.4_64bit_binary_stable_final.tar.gz
3、修改confxml.xml文件(路径:/user/sersync/confxml.xml)(主、备均需要)
--------------------------------------------------------主服务器配置-------------------------------------------------------
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="false"/>
<modify start="false"/>
</inotify>
<sersync>
<localpath watch="/NFS">
<remote ip="192.168.137.40" name="NFS"/>
</localpath>
<rsync>
<commonParams params="-arutz"/>
<auth start="true" users="wz" passwordfile="/user/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="10"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
--------------------------------------------------------备服务器配置-------------------------------------------------------
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="false"/>
<modify start="false"/>
</inotify>
<sersync>
<localpath watch="/NFS">
<remote ip="192.168.137.30" name="NFS"/>
</localpath>
<rsync>
<commonParams params="-arutz"/>
<auth start="true" users="wz" passwordfile="/user/rsync.pass"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="true" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="10"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
附加(用来测试Sersync功能是否正常):
# 服务启动命令
/user/sersync/sersync2 -dro /user/sersync/confxml.xml
注:主、备不可同时启动此服务,因为会形成混乱
六、安装Keepalived
1、服务端安装Keepalived(主、备均需要)
将文档目录下“keepalived-1.4.2.tar.gz”文件上传到“user”文件夹下
将文档目录下“安装keepalived”文件夹中的RPM文件上传到“user”文件夹下的“keep”文件夹中
安装“/user/keep”文件夹下所有rpm包
rpm -Uvh /user/keep/*.rpm
# 进入user文件夹
cd /user
# 解压gz包
tar -xzvf keepalived-1.4.2.tar.gz
cd keepalived-1.4.2
./configure --prefix=/usr/local/keepalived
make && make install
cp /user/keepalived-1.4.2/keepalived/etc/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
2、安装完后删除相关安装软件(主、备均需要)
cd /user
rm -rf keep
rm -rf keepalived-1.4.2.tar.gz
3、修改keepalived.conf文件(路径:/etc/keepalived/keepalived.conf)(主、备均需要)
--------------------------------------------------------主服务器配置-------------------------------------------------------
! Configuration File for keepalived
global_defs {
router_id nfs1
}
vrrp_script chk_nfs {
script "/user/k_NFS_check.sh"
interval 1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
track_script {
chk_nfs
}
virtual_ipaddress {
192.168.137.50
}
}
--------------------------------------------------------备服务器配置-------------------------------------------------------
! Configuration File for keepalived
global_defs {
router_id nfs2
}
vrrp_script chk_nfs {
script "/user/k_NFS_check.sh"
interval 1
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
track_script {
chk_nfs
}
virtual_ipaddress {
192.168.137.50
}
}
4、编写keepalived追踪脚本(主备一样):
文件放在/user目录下
#!/bin/bash
A=`ps -C rpcbind --no-header |wc -l`
if [ $A -eq 0 ];then
systemctl start rpcbind
fi
A=`ps -C nfsd --no-header |wc -l`
if [ $A -eq 0 ];then
systemctl start nfs
fi
A=`ps -C rsync --no-header |wc -l`
if [ $A -eq 0 ];then
rsync --daemon --config=/etc/rsyncd.conf
fi
if [ `ps -C rpcbind --no-header |wc -l` -eq 0 ];then
pkill keepalived
fi
if [ `ps -C nfsd --no-header |wc -l` -eq 0 ];then
pkill keepalived
fi
if [ `ps -C rsync --no-header |wc -l` -eq 0 ];then
pkill keepalived
fi
注:全名带后缀名:k_NFS_check.sh
给脚本添加权限
chmod 777 /user/k_NFS_check.sh
5、修改sh文件的编码为unix
vi k_NFS_check.sh
进入后按“:”
界面左下脚会出现“:”
输入“set ff=unix”,按回车
按“:”
输入“wq” ,按回车
注:本文所有sh文件都需要这样设置,否则文件执行可能会报错
6、设为开机启动:
systemctl enable keepalived
附加(测试VIP切换时使用的命令):
# 服务启动命令:
systemctl start keepalived
# 服务关闭命令:
pkill keepalived
# 服务关闭之后再启动的命令:
service keepalived restart
七、编写Shell脚本
1、服务端脚本(sersync_check.sh)
存放路径:/user/
#!/bin/bash
# 每秒执行一次
# 间隔的秒数,不能大于60
step=1
for (( i = 0; i < 60; i=(i+step) )); do
if [ `/usr/sbin/ip a | grep 192.168.137.50 |wc -l` -eq 0 ]; then
if [ `/usr/bin/ps -C sersync2 --no-header |wc -l` -eq 1 ]; then
/usr/bin/pkill sersync2
fi
else
if [ `/usr/bin/ps -C sersync2 --no-header |wc -l` -eq 0 ]; then
/user/sersync/sersync2 -dro /user/sersync/confxml.xml
if [ `/usr/bin/ps -C sersync2 --no-header |wc -l` -eq 0 ]; then
/usr/bin/pkill keepalived
fi
fi
fi
/usr/bin/sleep $step
done
给脚本添加权限
chmod 777 /user/sersync_check.sh
2、客户端脚本(nfs_check.sh)
存放路径:/user/
#!/bin/bash
ifstart=0
ifstep=1
for (( i = 0; i < 60; i=(i+1) )); do
/usr/bin/sleep $ifstep
ifstart=1
numb=`/usr/bin/ps -C nfs_check.sh |wc -l`
if [ $numb -le 3 ]; then
ifstart=0
ifstep=$i
i=60
fi
done
if [ $ifstart -eq 0 ]; then
step=1
for (( i = ifstep; i < 60; i=(i+step) )); do
if [ `/usr/bin/df -Th|grep NFS |wc -l` -eq 0 ]; then
/usr/bin/echo "开始卸载并挂载"
/usr/bin/umount -f -l /NFS
/usr/bin/mount -t nfs 192.168.137.50:/NFS /NFS
/usr/bin/echo "挂载完成"
fi
/usr/bin/sleep $step
done
fi
给脚本添加权限
chmod 777 /user/nfs_check.sh
八、配置系统调度:
crontab -e
客户端:
* * * * * echo -e $(date) `/user/nfs_check.sh` >> /user/check.log 2>&1
服务端:
* * * * * echo -e $(date) `/user/sersync_check.sh` >> /user/check.log 2>&1
九、重启所有服务器
然后在客户端的 /NFS/ 目录下上传文件后,在主备服务器上都能看到刚上传的文件
使用过程中可能会遇到一个问题,就是VIP切换的时候,重新挂载会很慢,主要原因是 df -Th 命令执行过慢导致的
查看服务是否启动
ps -ef | egrep "rsync --daemon.*rsyncd.conf" | grep -v 'grep'
ps -ef | egrep "sersync" | grep -v 'grep'
查看服务状态:
systemctl status rpcbind
systemctl status nfs
systemctl status keepalived
脚本可能写的有些烂,各位大佬自行修改
更多推荐
所有评论(0)