2. it技术
  3. 中小型企业网站项目

中小型企业网站项目

it2025-11-15  17

centos-60 centos-70各添加一块硬盘,并格式化为xfs格式

blkid fdisk /dev/sdb mkfs.xfs /dev/sdb1  

创建保存数据库的目录授权并挂载到硬盘 mkdir /data mount /dev/sdb1 /data/ chown -R mysql:mysql /data/ df -hT

安装 MySQL 5.7 版本: 上传 mysql-5.7.tar.gz 到 Linux 主机上,并解压: tar xvf mysql-5.7.tar.gz yum -y install ./mysql*.rpm

vim /etc/my.cnf [mysqld]

datadir=/data/ socket=/var/lib/mysql/mysql.sock

# Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0

log-error=/data/mysqld.log pid-file=/var/run/mysqld/mysqld.pid log-bin=/data/mysql-bin-master server-id=1 binlog-do-db=book2 binlog-ignore-db=mysql

mysqld --initialize --user=mysql systemctl start mysqld

centos-60 centos-70部署主从模式https://blog.csdn.net/workey/article/details/108614800

centos-80安装zabbixhttps://blog.csdn.net/workey/article/details/109114309

这里下面这段在centos-70上执行,在centos-70的数据库里创建zabbix数据库和zabbix账号 create database zabbix character set utf8 collate utf8_bin; grant all privileges on zabbix.* to zabbix@'192.168.0.80' identified by '123456'; exit 在centos-80上执行,把zabbix服务端里的创建zabbix相关表的sql导入到centos-70数据库中 zcat /usr/share/doc/zabbix-server-mysql-4.4.6/create.sql.gz |mysql -u zabbix -p zabbix -h192.168.0.70 Enter password: 输入zabbix数据库账号的密码 执行完成后,在centos-70的zabbix库中有了很多表。

vim /etc/zabbix/zabbix_server.conf 91 # DBHost=localhost #数据库的 IP 地址 ,默认就可以 要改成 DBHost=192.168.0.70  centos-70的数据库地址

systemctl start httpd http://192.168.0.80/zabbix

在centos-70上安装 rpm -ivh zabbix-agent-4.4.6-1.el7.x86_64.rpm vim /etc/zabbix/zabbix_agentd.conf 改:98 Server=127.0.0.1 为:98 Server=192.168.0.80  #zabbix server 地址,可以多个,用“,”隔开 改:139 ServerActive=127.0.0.1 为:139 ServerActive=192.168.0.80 #主动检查本主机的数据发送给 Zabbix Server 改:150 Hostname=Zabbix server 为:150 Hostname=centos-70 systemctl start zabbix-agent && systemctl enable zabbix-agent netstat -antup | grep 10050  #检查客户端有没有在运行

zabbix_get -s 192.168.0.70 -p 10050 -k system.uname

解决中文乱码 [root@centos-80 ~]# cd /usr/share/zabbix/assets/fonts/ rz 上传中文字体文件simkai.ttf [root@centos-80 fonts]# mv graphfont.ttf graphfont.ttf.bak [root@centos-80 fonts]# mv simkai.ttf graphfont.ttf

确保zabbix-server服务运行中 systemctl restart zabbix-server zabbix-agent httpd systemctl enable zabbix-server zabbix-agent httpd

监控centos-80主机的 Apache 及centos-70主机的 MySQLhttps://blog.csdn.net/workey/article/details/109142973

安装Discuz论坛 mkdir -p /root/Discuz unzip Discuz_X3.4_SC_GBK_20191201.zip -d /root/Discuz cd /var/www/html/ mv /root/Discuz/upload ./ chown -R apache:apache ./upload/ 在centos-60主机上授权root用户可以在地址192.168.0.80上登录 grant all privileges on *.* to root@'192.168.0.80' identified by '123456';

centos-8 安装iptables防火墙 yum -y install iptables-services iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -p icmp -j ACCEPT iptables -A INPUT -p tcp -m state --state NEW -m multiport --dports 20,21,22,80 -j ACCEPT iptables -P INPUT DROP iptables -t filter -R INPUT 4 -p tcp -m state --state NEW -m multiport --dports 20,21,22,80 -j ACCEPT iptables-save > /etc/sysconfig/iptables iptables-restore < /etc/sysconfig/iptables

centos-8 安装fail2ban [root@centos-80 ~]# yum -y install epel-release [root@centos-80 ~]# yum -y install fail2banhttp://www.fail2ban.org/wiki/index.php/MANUAL_0_8#Definitions  官方配置文档 vim /etc/fail2ban/jail.conf

[sshd] # To use more aggressive sshd modes set filter parameter "mode" in jail.local: # normal (default), ddos, extra or aggressive (combines all). # See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. #mode = normal port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s enabled = true filter = sshd action = iptables[name=SSH,port=ssh,protocol=tcp] sendmail-whois[name=SSH,dest=you@mail.com,sender=fail2ban@example.com,sendername="FAIL2BAN"] logpath = /var/log/secure bantime = 600 findtime = 300 maxretry = 3

在300秒内输入错误密码3次,则封锁600秒。

每天定时对mysql数据库进行优化

crontab -e

0 3 * * * mysqlcheck -A -r -uroot -p123456 > /dev/null 2>&1

数据库改成ultrax systemctl restart mysqld centos-70 重新建立主从 stop slave; reset slave; change master to master_host='192.168.0.60',master_user='slave',master_password='123456',master_port=3306; start slave;

centos-70 进行数据库备份

mysql5.7.20 需安装相应版本 XtraBackup2.4.9

tar -xvf Percona-XtraBackup-2.4.9-ra467167cdd4-el7-x86_64-bundle.tar  rpm -ivh libev-4.04-2.el6.x86_64.rpm yum -y install percona-xtrabackup-24-2.4.9-1.el7.x86_64.rpm

#!/bin/bash export LANG=en_US.UTF-8 #脚本名:xtrabackup_full_backup.sh #描述:使用strabackup工具进行 mysql全量备份,添加计划任务每周日凌晨3点执行。 #create by Dopamine at 2020-09-14 15:33 #user info USER=root PASSWORD=123456 #time info #backup_date今天备份日期 BACKUP_DATE=`date +%Y-%m-%d` #dir info #backup_dir今天全量备份目录 backup_dir="/backup/dbbackup/incremental_backup" BACKUP_DIR="/backup/dbbackup/incremental_backup/${BACKUP_DATE}" if [ ! -d "${backup_dir}" ];then mkdir -p "${backup_dir}" fi #functoin_full_back full_back(){ innobackupex --user=${USER} --password=${PASSWORD} --no-timestamp ${BACKUP_DIR} 2>>${BACKUP_DIR}.log } full_back #清理30天前的文件 find ${backup_dir} -name "2020-*" -mtime +30 -exec rm -rf {} \;

 

#!/bin/bash export LANG=en_US.UTF-8 #脚本名:xtrabackup_incremental_backup.sh #描述:使用strabackup工具进行 mysql增量备份,添加计划任务每日凌晨3点执行。 #create by Dopamine at 2020-09-14 16:53 #user info USER=root PASSWORD=123456 #time info #back_date 今天备份的日期 #last_date 上次备份的日期,昨天date -d"1 day ago" BACK_DATE=`date +%Y-%m-%d` LAST_DATE=`date -d"1 day ago $BACK_DATE" +%Y-%m-%d` #dir info #backup_dir 本次增量备份目录 #last_backup_dir 上次备份的目录 back_dir="/backup/dbbackup/incremental_backup" BACKUP_DIR="/backup/dbbackup/incremental_backup/${BACK_DATE}" LAST_BACKUP_DIR="/backup/dbbackup/incremental_backup/${LAST_DATE}" if [ ! -d "${back_dir}" ];then mkdir -p "${back_dir}" fi #functoin_incremental_back incremental_back(){ innobackupex --user=${USER} --password=${PASSWORD} --no-timestamp --incremental ${BACKUP_DIR} --incremental-basedir=${LAST_BACKUP_DIR} 2>>${BACKUP_DIR}.log } incremental_back

[root@centos-60 ~]# chmod +x /root/sh/xtrabackup_full_backup.sh xtrabackup_increment_backup.sh

[root@centos-60 ~]# crontab -e

0 2 * * * mysqlcheck -A -o -r -uroot -p123456 > /dev/null 2>&1 0 3 * * 1-6 /bin/sh /root/sh/xtrabackup_increment_backup.sh 0 3 * * 0 /bin/sh /root/sh/xtrabackup_full_backup.sh

原帖子内容

修改后内容

 

恢复数据库

恢复时,确保mysql已停止运行systemctl stop mysqld

cd /data/ mv * /backup/temp/

innobackupex --copy-back /backup/dbbackup/incremental_backup/2020-10-23/ chown mysql.mysql -R /data/ systemctl start mysqld

恢复数据库后内容

 

数据库恢复后,日志文件都没了,都copy到/backup/temp目录了,重启服务新生成了新的日志文件,需要重做主从关系

从库删除数据库ultrax

drop database ultrax;

主库导出数据库

[root@centos-60 data]# mysqldump -uroot -p123456 -B ultrax > ultrax.sql [root@centos-60 data]# scp ultrax.sql 192.168.0.70:/root/

从库导入数据库

[root@centos-70 ~]# mysql -u root -p123456 <ultrax.sql

主库初始化master日志 reset master;

从库 重新建立主从 stop slave; reset slave; change master to master_host='192.168.0.60',master_user='slave',master_password='123456',master_port=3306; start slave;

北京学神分公司服务器 centos-90

60主库安装rsnyc服务,方便90主机进行拉取60主库备份的数据库文件

[root@centos-60 ~]# yum -y install xinetd rsync [root@centos7-90 ~]# yum -y install xinetd rsync [root@centos-60 ~]# rsync --daemon [root@centos-60 ~]#netstat -antup | grep 873 [root@centos-60 ~]#vim /etc/rsyncd.conf  

uid = root gid = root address=192.168.0.60 port=873 hosts allow =192.168.0.90/24 use chroot = yes max connections =5 pid file =/var/run/rsyncd.pid lock file =/var/run/rsync.lock log file=/var/log/rsyncd.log motd file=/etc/rsyncd.motdc [databack] path =/backup/dbbackup/incremental_backup comment = dbbackup read only = false list = yes auth users = rsyncuser secrets file = /etc/rsync.passwd

[root@centos-60 ~]# echo "Welcome to Backup Server" > /etc/rsyncd.motd [root@centos-60 ~]# vim /etc/rsync.passwd

rsyncuser:password123

[root@centos-60 ~]# chmod 600 /etc/rsync.passwd

[root@centos7-90 ~]# vim /etc/rsync.passwd

password123

[root@centos7-90 ~]# chmod 600 /etc/rsync.passwd

[root@centos-60 ~]# systemctl start xinetd [root@centos-60 ~]# systemctl enable xinetd [root@centos-60 ~]# rsync --daemon --config=/etc/rsyncd.conf [root@centos-60 ~]# netstat -antup | grep :873

rsync 语法:rsync 选项 用户名@备份源服务器 IP::共享模块名 目标目录

[root@centos7-90 ~]# rsync -avz rsyncuser@192.168.0.60::databack /databack --password-file=/etc/rsync.passwd #90机器进行拉操作,使用60机器的databack共享模块,拉取到本地的/databack目录,使用的密码文件是/etc/rsync.passwd密码和60机器上的密码相同。

vim autobackup.sh

#!/bin/bash rsync -avz rsyncuser@192.168.0.60::databack /databack/  --password-file=/etc/rsync.passwd

[root@centos7-90 ~]# chmod +x /root/sh/autobackup.sh [root@centos7-90 ~]# crontab -e

0 5 * * * /bin/sh /root/sh/autoback.sh

每天5点从60主机上,拉取备份的mysql数据到本地/databack目录下

centos-80安装rsync,好让centos-90可以上传新版本的web应用程序

[root@centos-80 ~]# yum -y install xinetd rsync [root@centos-80 ~]# rsync --daemon [root@centos-80 ~]#netstat -antup | grep 873 [root@centos-80 ~]#vim /etc/rsyncd.conf

uid = root gid = root address=192.168.0.80 port=873 hosts allow =192.168.0.90/24 use chroot = yes max connections =5 pid file =/var/run/rsyncd.pid lock file =/var/run/rsync.lock log file=/var/log/rsyncd.log motd file=/etc/rsyncd.motdc [wwwroot] path =/var/www/html/ comment = wwwroot read only = false list = yes auth users = rsyncuser secrets file = /etc/rsync.passwd

[root@centos-80 ~]# echo "Welcome to Backup Server" > /etc/rsyncd.motd [root@centos-80 ~]# vim /etc/rsync.passwd

rsyncuser:password123

[root@centos-80 ~]# chmod 600 /etc/rsync.passwd [root@centos-80 ~]# systemctl start xinetd [root@centos-80 ~]# systemctl enable xinetd [root@centos-80 ~]# rsync --daemon --config=/etc/rsyncd.conf [root@centos-80 ~]# netstat -antup | grep :873 [root@centos-80 ~]# iptables -t filter -R INPUT 4 -p tcp -m state --state NEW -m multiport --dports 20,21,22,80,873 -j ACCEPT

80机器rsync配置完毕,90机器可以推送了。

[root@centos7-90 html]# rsync -avz /var/www/html/ rsyncuser@192.168.0.80::wwwroot --password-file=/etc/rsync.passwd 把本地/var/www/html/目录下的内容推送到80主机/var/www/html/目录下

推送后的haha.html的所有者为root

最新回复(0)