saltstack+git+rsync发布代码
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了saltstack+git+rsync发布代码相关的知识,希望对你有一定的参考价值。
一度git版本利用tag上线
####################git部分###############
脚本
#!/bin/bash
#630manage的pull代码方法
git --git-dir=630manage/.git--work-tree=630manage clean -dfx
git --git-dir=630manage/.git--work-tree=manage reset --hard
git --git-dir=630manage/.git checkout master
git --git-dir=630manage/.git pull
read -p "Tag Name:" tag
##630manage项目tag pull最新代码
git --git-dir=630manage/.git checkouttags/$tag
git --git-dir=630manage/.git--work-tree=manage reset --hard
git --git-dir=630manage/.git pull
#################saltstack远程执行平台########################
前期准备:
区级saltstack服务器设置:
yum installhttp://mirrors.sohu.com/fedora-epel/7/x86_64/e/epel-release-7-10.noarch.rpm -y
yum install salt-master -y
#防火墙设置
systemctl stop firewalld.service
systemctl disable firewalld.service
yum install iptables-services -y
systemctl enable iptables.service
systemctl restart iptables.service(暂不启动)
vim /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 4505-j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 4506-j ACCEPT
#saltmaster配置
sed -i ‘s/#hash_type: md5/hash_type: sha256/g‘/etc/salt/master
sed -i ‘s/#auto_accept: False/auto_accept: True/g‘/etc/salt/master
sed -i ‘s/#file_recv: False/file_recv: True/g‘/etc/salt/master
sed -i ‘s/#file_recv: 100/ffile_recv_max_size: 500/g‘/etc/salt/master
分组设置:
nodegroups:
demo: ‘[email protected]‘
p-server: ‘[email protected]
h5-server: ‘[email protected]‘
chehji-server: ‘[email protected]‘
old-server: ‘[email protected]‘
#salt-master启动
systemctl enable salt-master.service
systemctl start salt-master.service
systemctl status salt-master.service
更改完配置需重启生效
客户端设置:
yum installhttps://repo.saltstack.com/yum/redhat/salt-repo-latest-1.el7.noarch.rpm-y
yum install salt-minion -y
#minion配置
sed -i ‘s/#master:salt/master:10.144.115.37/g‘ /etc/salt/minion
sed -i ‘s/#id:/id:test-47-93-139-124/g‘ /etc/salt/minion
sed -i ‘s/#id:/id:yd-p1-47-93-139-27/g‘ /etc/salt/minion
sed -i ‘s/#id:/id:yd-p2-47-95-34-83/g‘ /etc/salt/minion
启动salt-minion
#salt-minion启动
systemctl enablesalt-minion.service
systemctl startsalt-minion.service
systemctl statussalt-minion.service
测试:
salt ‘*‘ test.ping
salt -N ‘demo‘ test.ping
salt -N ‘p-server‘ test.ping
salt -N ‘h5-server‘ test.ping
salt -N ‘cheji-server‘ test.ping
salt -N ‘old-server‘ test.ping
###################备份执行
sh /mnt/gittag.sh
srv/salt/beifen/demobak.sh
salt -N ‘demo‘ cmd.scriptsalt://beifen/demo_back.sh
salt -N ‘demo‘ cmd.scriptsalt://rsync/demo_rsync.sh
salt -N ‘demo‘ cmd.script salt://rsync/h5_rsync.sh
#136发布
salt ‘136‘ cmd.script salt://beifen/p136bak.sh
salt ‘136‘ cmd.script salt://rsync/p136_rsync.sh
#110车机发布
sh /mnt/gittag1.sh
salt ‘110‘ cmd.script salt://beifen/cheji110bak.sh
salt ‘110‘ cmd.scriptsalt://rsync/cheji110_rsync.sh
#p端集群发布
salt -N ‘p-server‘ cmd.script salt://beifen/pbak.sh
salt -N ‘p-server‘ cmd.scriptsalt://rsync/p_rsync.sh
#h5集群发布
salt -N ‘h5-server‘ cmd.scriptsalt://beifen/h5bak.sh
salt -N ‘h5-server‘ cmd.scriptsalt://rsync/h5_rsync.sh
#cehji集群发布
salt -N ‘cheji-server‘ cmd.scriptsalt://beifen/chejibak.sh
salt -N ‘cheji-server‘ cmd.scriptsalt://rsync/cheji_rsync.sh
########################rsync部分#######################
服务器:192.168.3.21
客户端:192.168.3.22
192.168.3.23
服务器部署192.168.3.21
yum -y install rsync xinetd
配置文件
vi /etc/rsyncd.conf
uid =root
gid =root
usechroot = no
maxconnections = 4
strictmodes = yes
port= 873
#module名字和路径
[svnbackup]
path= /usr/local/svndata/
commet= This is SVN Data
ignoreerrors
readonly = yes
list= no
#authusers = test
secretsfile = /etc/rsync.pas
hostsallow = 192.168.3.22,192.168.3.23
hostsdeny =0.0.0.0/0
pidfile = /var/run/rsyncd.pid
lockfile =/var/run/rsync.lock
logfile = /var/log/rsyncd.log
################密码
vi /etc/rsync.pas
pas创建密码文件
svntrasfer:123456
chownroot.root /etc/rsync.pas
#chmod600 /etc/rsync.pas
vi /etc/rsyncd.motd
Welcometo use the rsync services!
##############xinetd服务配置
vim/etc/rc.local
/usr/bin/rsync--daemon --config=/etc/rsyncd.conf
servicexinetdrestart
/usr/bin/rsync--daemon --config=/etc/rsyncd.conf
###检测端口
lsof -i:873
#########################################################################
客户端(192.168.3.22,192.168.3.23):
yum -y install rsync
vi/etc/rsync.pas
123456
chownroot.root /etc/rsync.pas
chmod600 /etc/rsync.pas
客户端测试同步:
/test/svndata/
rsync -vzrtopg--progress [email protected]::svnbackup /test/svndata/--password-file=/etc/rsyncd.pas
手动检测客户端是否把服务器文件同步过来
排除设置
vim /mnt/rsync/excludes
2
4
5
--log-file=/mnt/rsync/yii_sync.log--exclude-from /mnt/rsync/excludes
rsync -vzrtopg--progress --exclude-from /mnt/rsync/[email protected]::svnbackup /test/svndata/--password-file=/etc/rsyncd.pas
--------------------------------------------------------------
线上测试(p端)
rsync -vzrtopg--progress --exclude-from /mnt/rsync/excludes [email protected]::svnbackup/mnt/630manage --password-file=/etc/rsyncd.pas
vim/mnt/rsync/excludes
main-local.php
main.php
params-local.php
.git
runtime
backend/web/index.php
线上测试(app)
rsync -vzrtopg--progress --exclude-from /mnt/rsync/yii_excludes [email protected]::svnbackup/mnt/yii/630manage/ --password-file=/etc/rsyncd.pas
vim/mnt/rsync/yii_excludes
.git
common/config/main-local.php
common/config/main.php
frontend/config/main-local.php
frontend/config/main.php
coreapi/config/params-local.php
coreapi/config/main-local.php
coreapi/config/main.php
runtime/*
console/config/main.php
common/config/params-local.php
vendor/swiftmailer
#####################实时同步部分后续####################
二、安装sersync工具,实时触发rsync进行同步
1、查看服务器内核是否支持inotify
ll /proc/sys/fs/inotify #列出文件目录,出现下面的内容,说明服务器内核支持inotify
-rw-r--r-- 1 root root 0 Mar 7 02:17max_queued_events
-rw-r--r-- 1 root root 0 Mar 7 02:17max_user_instances
-rw-r--r-- 1 root root 0 Mar 7 02:17max_user_watches
备注:Linux下支持inotify的内核最小为2.6.13,可以输入命令:#uname -a查看内核
CentOS 7.0内核为3.10.0,默认已经支持inotify
2、修改inotify默认参数(inotify默认内核参数值太小)
查看系统默认参数值:
sysctl -a | grep max_queued_events
结果是:fs.inotify.max_queued_events= 16384
sysctl -a | grep max_user_watches
结果是:fs.inotify.max_user_watches= 8192
sysctl -a | grep max_user_instances
结果是:fs.inotify.max_user_instances= 128
修改参数:
#sysctl-wfs.inotify.max_queued_events="99999999"
#sysctl -wfs.inotify.max_user_watches="99999999"
#sysctl-wfs.inotify.max_user_instances="65535"
#vi /etc/sysctl.conf#添加以下代码
fs.inotify.max_queued_events=99999999
fs.inotify.max_user_watches=99999999
fs.inotify.max_user_instances=65535
:wq!#保存退出
参数说明:
max_queued_events:
inotify队列最大长度,如果值太小,会出现"** Event QueueOverflow **"错误,导致监控文件不准确
max_user_watches:
要同步的文件包含多少目录,可以用:find /home/Sync-type d| wc -l 统计,必须保证max_user_watches值大于统计结果(这里/home/Sync为同步文件目录)
max_user_instances:
每个用户创建inotify实例最大值
3、安装sersync
sersync下载地址:https://sersync.googlecode.com/files/sersync2.5.4_64bit_binary_stable_final.tar.gz
上传sersync2.5.4_64bit_binary_stable_final.tar.gz到/usr/local/src目录下
#cd /usr/local/src
#tarzxvfsersync2.5.4_64bit_binary_stable_final.tar.gz #解压
#mv GNU-Linux-x86 /usr/local/sersync #移动目录到/usr/local/sersync
4、配置sersync
#cd /usr/local/sersync#进入sersync安装目录
#cp confxml.xml confxml.xml-bak #备份原文件
#vi confxml.xml #编辑,修改下面的代码
<?xmlversion="1.0"encoding="ISO-8859-1"?>
<headversion="2.5">
<host hostip="localhost"port="8008"></host>
<debugstart="false"/>
<fileSystemxfs="false"/>
<filterstart="false">
<excludeexpression="(.*)\.svn"></exclude>
<excludeexpression="(.*)\.gz"></exclude>
<excludeexpression="^info/*"></exclude>
<excludeexpression="^static/*"></exclude>
</filter>
<inotify>
<deletestart="true"/>
<createFolderstart="true"/>
<createFilestart="false"/>
<closeWritestart="true"/>
<moveFromstart="true"/>
<moveTostart="true"/>
<attribstart="false"/>
<modifystart="false"/>
</inotify>
<sersync>
<localpath watch="/home/Sync">
<remote ip="192.168.3.21" name="Sync"/>
<!--<remoteip="192.168.8.40"name="tongbu"/>-->
<!--<remoteip="192.168.8.40"name="tongbu"/>-->
</localpath>
<rsync>
<commonParams params="-artuz"/>
<auth start="true" users="Sync"passwordfile="/etc/passwd.txt"/>
<userDefinedPortstart="false"port="874"/><!-- port=874 -->
<timeoutstart="false"time="100"/><!-- timeout=100 -->
<sshstart="false"/>
</rsync>
<failLogpath="/tmp/rsync_fail_log.sh"timeToExecute="60"/><!--defaultevery 60mins execute once-->
<crontab start="true" schedule="600"><!--600mins-->
<crontabfilterstart="false">
<excludeexpression="*.php"></exclude>
<excludeexpression="info/*"></exclude>
</crontabfilter>
</crontab>
<pluginstart="false"name="command"/>
</sersync>
<pluginname="command">
<paramprefix="/bin/sh"suffix=""ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filterstart="false">
<includeexpression="(.*)\.php"/>
<includeexpression="(.*)\.sh"/>
</filter>
</plugin>
<pluginname="socket">
<localpathwatch="/opt/tongbu">
<deshostip="192.168.138.20"port="8009"/>
</localpath>
</plugin>
<pluginname="refreshCDN">
<localpathwatch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfodomainname="ccms.chinacache.com"port="80"username="xxxx" passwd="xxxx"/>
<sendurlbase="http://pic.xoyo.com/cms"/>;
<regexurlregex="false"match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
:wq! #保存退出
参数说明:
localpath watch="/home/Sync":#源服务器同步目录
192.168.3.21:#目标服务器IP地址
name="Sync":#目标服务器rsync同步目录模块名称
users="Sync":#目标服务器rsync同步用户名
passwordfile="/etc/passwd.pass":#目标服务器rsync同步用户的密码在源服务器的存放路径
remote ip="192.168.0.50": #目标服务器ip,每行一个
failLogpath="/tmp/rsync_fail_log.sh" #脚本运行失败日志记录
start="true" #设置为true,每隔600分钟执行一次全盘同步
5、设置sersync监控开机自动执行
#vi /etc/rc.d/rc.local #编辑,在最后添加一行
/usr/local/sersync/sersync2 -d -r -o /usr/local/sersync/confxml.xml #设置开机自动运行脚本
:wq! #保存退出
# chmod +x /etc/rc.d/rc.local #否则重启不执行
6、添加脚本监控sersync是否正常运行
#mkdir /home/crontab
#vi /home/crontab/check_sersync.sh #编辑,添加以下代码
#!/bin/sh
sersync="/usr/local/sersync/sersync2"
confxml="/usr/local/sersync/confxml.xml"
status=$(psaux |grep ‘sersync2‘|grep -v‘grep‘|wc -l)
if [$status -eq 0 ];
then
$sersync -d-r -o $confxml &
else
exit 0;
fi
:wq! #保存退出
#chmod +x /home/crontab/check_sersync.sh#添加脚本执行权限
#vi /etc/crontab#编辑,在最后添加下面一行
*/5 * * * * root/home/crontab/check_sersync.sh >/dev/null 2>&1 #每隔5分钟执行一次脚本
#重新加载服务
#systemctl restart crond.service
6、测试sersync实时触发rsync同步脚本是否正常运行
在源服务器192.168.0.48上创建文件inotify_rsync_ceshi
#mkdir /home/Sync/inotify_rsync_ceshi
重新启动源服务器:192.168.0.21
等系统启动之后,查看两台目标服务器 192.168.0.130,192.168.21.128的/home/Sync下是否有inotify_rsync_ceshi文件夹
然后再在源服务器192.168.0.48创建文件夹inotify_rsync_ceshi_new
mkdir /home/Sync/inotify_rsync_ceshi_new
继续查看两台目标服务器 192.168.0.130,192.168.21.128的//home/Sync下是否有inotify_rsync_ceshi_new文件夹
如果以上测试都通过,说明inotify实时触发rsync同步脚本运行正常
本文出自 “我的天空” 博客,谢绝转载!
以上是关于saltstack+git+rsync发布代码的主要内容,如果未能解决你的问题,请参考以下文章