a purpose

The purpose of this paper is to solve the problem of directory difference between two servers, that is, you can write or delete any content in the specified directory of A and B servers, and it will be synchronized to another server, that is, to achieve high availability of file storage and reading.

environment

Server information:

node-1:192.168.93.139
node-2:192.168.93.140

User name and password:

root/666666

Sync Directory:

/home/jier

VIP address:

192.168.93.200

Software involved in this document:

rsync
lsyncd
keepalived
sftp

preparation in advance

Close the firewall and selinux, which needs to be executed on both servers.

[root@localhost jier]# systemctl stop firewalld.service
[root@localhost jier]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost jier]# setenforce 0
# Modified content SELINUX=disabled
[root@localhost jier]# vim /etc/selinux/config
[root@localhost jier]# iptables -F

1, Deploy rsync

PS: it needs to be installed on node-1 and node-2 at the same time.

1.1 installing rsync

PS: rsync is installed on all linux servers by default. If it is found that rsync is not installed, you can use the following command to install it.

rpm -qa|grep rsync  # Check that rsync is installed
yum -y install rsync xinetd  # If not, execute this command

1.2 new user

PS: since I use the root user here, I don't create it. The specific operation process is configured according to the actual situation.

[root@loaclhost ~]# useradd user name  # New user
[root@loaclhost ~]# passwd user name  # Configure password for user

1.3 create a new related directory

[root@localhost ~]# mkdir -pv /root/rsync/log
mkdir: Directory created "/root/rsync"
mkdir: Directory created "/root/rsync/log"
[root@localhost ~]# mkdir -pv /home/jier
mkdir: Directory created "/home/jier"
[root@localhost ~]#

1.4 modify rsync configuration file

Path: / etc / rsyncd conf

PS: the IP address of the other party needs to be written in hosts allow, that is, node-1 writes the IP address of node-2, and node-2 writes the IP address of node-1.

uid = root
gid = root
# Locked directory
use chroot = no
# maximum connection
max connections = 10000
# Port number
port = 873
lock file = /root/rsync/rsync.lock 
log file = /root/rsync/log/rsyncd.log
motd file = /root/rsync/rsyncd.motd
pid file = /root/rsync/rsyncd.pid
# Readable and writable
read only = no
# Module name
[ceshi]
# Specify directory
path = /home/jier
# Readable and writable
read only = no
# Authorized user
auth users = root
# Authorized IP
hosts allow = 192.168.93.140/32
# Password of authorized user
secrets file = /root/.rsync_server.passwd

1.5 create password file and authorize

[root@localhost ~]# vim /root/.rsync_server.passwd
root:666666

:wq # Save exit
[root@localhost ~]# vim /root/.rsync_client.passwd
666666

:wq # Save exit
[root@localhost ~]# chmod 600 /root/.rsync_*  # Authorize 600 permissions

1.6 start service

[root@localhost ~]# rsync --daemon
[root@localhost ~]# netstat -tunlp | grep 873
tcp        0      0 0.0.0.0:873           0.0.0.0:*               LISTEN      2320/rsync          
tcp6       0      0 :::873                :::*                    LISTEN      2320/rsync          
[root@localhost ~]#

1.7 test and installation results

[root@localhost jier]# cd /home/jier/
[root@localhost jier]# echo 111 > 1.txt
[root@localhost jier]# rsync -avzcR --port=873 --password-file=/root/.rsync_client.passwd 1.txt root@192.168.93.140::ceshi

sending incremental file list
1.txt

sent 108 bytes  received 35 bytes  95.33 bytes/sec
total size is 4  speedup is 0.03
[root@localhost jier]#

Log in to the corresponding directory of another server to view:

[root@localhost jier]# pwd
/home/jier
[root@localhost jier]# ls
1.txt
[root@localhost jier]# cat 1.txt 
111
[root@localhost jier]#

2, Deploy lsyncd

2.1 installation lsyncd

PS: it needs to be installed on node-1 and node-2 at the same time.

[root@localhost ~]# yum -y install epel-release  # Because lsyncd is in the epel source, you need to install the corresponding source first
[root@localhost ~]# yum -y install lsyncd  # Install lsyncd software

2.2 lsyncd configuration file

PS: it is necessary to debug on node-2 and node-2 at the same time.

settings {
        logfile ="/var/log/lsyncd/lsyncd.log",
        statusFile ="/var/log/lsyncd/lsyncd.status",
        inotifyMode = "CloseWrite or Modify",
        maxProcesses = 7,
        -- nodaemon =true,
       }
sync {
      default.rsync,
      source = "/home/jier",
      target = "root@192.168.93.140::ceshi",
      delete="running",
      exclude = { ".*", ".tmp" },
      delay = 1,
      rsync = {
             binary = "/usr/bin/rsync",
             archive = true,
             compress = true,
             verbose = true,
             password_file = "/root/.rsync_client.passwd",
             _extra = {"--bwlimit=200"}
      }
}

Parameter interpretation:

settings:Global settings,--Indicates a comment
           logfile: Define log file
           statusFile: Define status file
           nodaemon=no: Indicates that the daemon mode is not enabled. The default is
           statusInterval: take lsyncd The status of is written to the above statusFile The default interval is 10 seconds
           inotifyMode: appoint inotify Monitored events. The default is CloseWrite，It can also be Modify or CloseWrite or Modify
           maxProcesses: The maximum number of synchronization processes. If 20 files need to be synchronized at the same time, and maxProcesses = 8，You can see up to 8 rysnc process
           maxDelays How many monitored events have accumulated to activate a synchronization, even if the following events delay The delay time has not yet arrived
sync: Define synchronization parameters
           rsync,rsyncssh,direct Three modes
                      default.rsync: Synchronization between local directories, using rsync，It can also be used ssh Form of remote rsync Effect, or daemon Remote connection rsyncd process
                      default.direct: Synchronization between local directories, using cp,rm Wait for the command to complete the differential file backup
                      default.rsyncssh: Sync to remote host directory, rsync of ssh Mode, need to use key To authenticate
           source: Source directory of synchronization, using absolute path
           target: Define destination address:
                      /tmp/dest: Local directory synchronization, available for direct and rsync pattern
                      192.168.93.140:/home/jier: Sync to remote server directory, available for rsync and rsyncssh pattern
                      192.168.93.140::ceshi : Sync to remote server directory for rsync pattern
           init: This is an optimization option when init = false，Only the files with change events after the process is started will be synchronized, and the original directory will not be synchronized even if there are differences. Default is true
           delay: Cumulative events, waiting rsync Synchronization delay time: 15 seconds by default (up to 1000 events that cannot be merged). That's 15 s Changes in the internal monitoring directory will accumulate to one time rsync Synchronization, avoid too frequent synchronization. (consolidation means, 15 s The same file is modified twice in the, and only the latest file is synchronized at last)
           excludeFrom: Exclude option, and specify the excluded list file later, such as excludeFrom = "/etc/lsyncd.exclude"，If it is a simple exclusion, you can use exclude = LIST. The exclusion rule here is written in the same way as the original rule rsync A little different, simpler:
                      If any part of the monitoring path matches a text, it will be excluded, such as/bin/foo/bar Can match rules foo
                      If the rule is slashed/At the beginning, match all from the beginning
                      If the rule is/End, match the end of the monitoring path
                      ?Matches any character, but does not include/
                      *0 or more characters do not match/
                      **Matches 0 or more characters, which can be/
                      delete To keep target And souce Fully synchronized, Lsyncd Default meeting delete = true To allow synchronous deletion. It except false，also startup,running value
           bwlimit: Speed limit, unit kb/s，And rsync Same (such an important option is not marked in the document);
           compress: Compressed transmission defaults to true. In bandwidth and cpu Considering the trade-off between load and local directory synchronization, it can be set as false；
           perms: File permissions are reserved by default;

2.3 starting lsyncd

[root@localhost ~]# systemctl start lsyncd
[root@localhost ~]# systemctl status lsyncd
● lsyncd.service - Live Syncing (Mirror) Daemon
   Loaded: loaded (/usr/lib/systemd/system/lsyncd.service; disabled; vendor preset: disabled)
   Active: active (running) since II. 2022-01-18 09:52:51 CST; 5min ago
 Main PID: 1772 (lsyncd)
   CGroup: /system.slice/lsyncd.service
           └─1772 /usr/bin/lsyncd -nodaemon /etc/lsyncd.conf

1 September 18:52:51 localhost.localdomain systemd[1]: Started Live Syncing (Mirror) Daemon.
1 September 18:52:51 localhost.localdomain systemd[1]: Starting Live Syncing (Mirror) Daemon...
1 September 18:52:51 localhost.localdomain lsyncd[1772]: sending incremental file list
1 September 18:52:51 localhost.localdomain lsyncd[1772]: 22.txt
1 September 18:52:51 localhost.localdomain lsyncd[1772]: sent 171 bytes  received 35 bytes  412.00 bytes/sec
1 September 18:52:51 localhost.localdomain lsyncd[1772]: total size is 16  speedup is 0.08
1 September 18:54:03 localhost.localdomain lsyncd[1772]: sending incremental file list
1 September 18:54:03 localhost.localdomain lsyncd[1772]: sent 156 bytes  received 12 bytes  336.00 bytes/sec
1 September 18:54:03 localhost.localdomain lsyncd[1772]: total size is 11  speedup is 0.07
[root@localhost ~]#

Verify that you can create different files in the / home/jier directory of both servers at the same time.

PS: if there are only new requirements in your business and there is no deletion action, then it can end here; However, if there is any deletion, you need to continue to look at the following.

3, Kept

PS: the following operations are required on node-1 and node-2

PS: This program needs to be used with ftp, that is, the program calls by calling the vip address (192.168.93.200).

3.1 building a keepalived

[root@localhost ~]# yum -y install keepalived

3.2 deployment monitoring script

[root@localhost ~]# mkdir -pv /home/script/
mkdir: Directory created "/home/script/"
[root@localhost ~]# 
[root@localhost ~]# vim /home/script/check_vip.sh
#!/bin/bash
ip a | grep 192.168.93.200
if [ $? -eq 0 ]; then
    PROGRAM=$(ps -ef | grep -w lsyncd | grep -v grep | wc -l)
    if [ "${PROGRAM}" -eq 0 ];then
        systemctl start lsyncd
    else
        echo 1
    fi    
else
    systemctl stop lsyncd
fi
[root@localhost ~]# chmod +x /home/script/check_vip.sh 
[root@localhost ~]#

3.3 adjusting configuration

[root@localhost jier]# vim /etc/keepalived/keepalived.conf  # Delete all contents in the original file
! Configuration File for keepalived
global_defs {
    #Add the following parameters
    script_user root
    enable_script_security
}

vrrp_script check_vip {
    script "/home/script/check_vip.sh"
    interval 1
    weight 2
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33  # The name of the network card is configured according to the actual situation
    virtual_router_id 9
    priority 10  # It needs to be more than 50 different from another server. It cannot be consistent. It can be 90
    advert_int 1
    track_script {
      check_vip
    }
    virtual_ipaddress {
        192.168.93.200
    }
}

3.4 start up service

[root@localhost jier]# systemctl start keepalived
[root@localhost jier]# ps -ef | grep keepalived
root      44776      1  0 10:41 ?        00:00:00 /usr/sbin/keepalived -D
root      44777  44776  0 10:41 ?        00:00:00 /usr/sbin/keepalived -D
root      44778  44776  0 10:41 ?        00:00:00 /usr/sbin/keepalived -D
root      44816  44024  0 10:41 pts/0    00:00:00 grep --color=auto keepalived
[root@localhost jier]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since II. 2022-01-18 10:41:06 CST; 14s ago
  Process: 44775 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 44776 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─44776 /usr/sbin/keepalived -D
           ├─44777 /usr/sbin/keepalived -D
           └─44778 /usr/sbin/keepalived -D

1 October 18:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:11 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:16 localhost.localdomain Keepalived_vrrp[44778]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.93.200
1 October 18:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
1 October 18:41:16 localhost.localdomain Keepalived_vrrp[44778]: Sending gratuitous ARP on ens33 for 192.168.93.200
[root@localhost jier]#

So far, this document has been built.