i-generationコンテンツ同期手順.txt

山本 義治, 2015/06/18 16:47

ダウンロード (4.251 KB)

 
1 
i-generationコンテンツ同期手順
2 
----------------------------------------------------------------------------
3 
■コンテンツ同期ポリシー
4 
・rsyncで1分間隔で同期
5 
・ソースはweb1→web2への一方向同期とする(双方向同期はファイル競合のリスクがあるため)
6 
・stat系ログファイルはweb2→web1へ同期(運営者管理画面からweb2のログを参照できるようにするため)
7 
・運営者管理画面はweb1へアクセス(画像更新、設定ファイルの更新はweb1のみ)
8 
 http://web1.i-generation.jp/admin/
9 
 .htaccessでhttp://i-generation.jp/admin/はhttp://web1.i-generation.jp/admin/へリダイレクト
10 

    		
  

  

    
      11
    
    
      
■同期対象ディレクトリ


    		
  

  

    
      12
    
    
      
/www/aff/ad/*


    		
  

  

    
      13
    
    
      
/www/aff/admin/*


    		
  

  

    
      14
    
    
      
/www/aff/db/*


    		
  

  

    
      15
    
    
      
/www/aff/home/*


    		
  

  

    
      16
    
    
      
/www/aff/lib/*


    		
  

  

    
      17
    
    
      
/www/aff/mail/*


    		
  

  

    
      18
    
    
      
/www/aff/maintenance/*


    		
  

  

    
      19
    
    
      
/www/aff/set/*


    		
  

  

    
      20
    
    
      
/www/aff/stat/*


    		
  

  

    
      21
    
    
      
/www/aff/sync/*


    		
  

  

    
      22
    
    
      
/www/aff/user/*


    		
  

  

    
      23
    
    
      

    		
  

  

    
      24
    
    
      
■同期対象外ディレクトリ


    		
  

  

    
      25
    
    
      
/www/aff/log/*


    		
  

  

    
      26
    
    
      
/www/aff/stat/log/*


    		
  

  

    
      27
    
    
      
/www/aff/stat/*.log


    		
  

  

    
      28
    
    
      

    		
  

  

    
      29
    
    
      
■rsync設定


    		
  

  

    
      30
    
    
      
----------------------------------------------------------------------------


    		
  

  

    
      31
    
    
      
[web1]


    		
  

  

    
      32
    
    
      
rsync用ユーザー作成


    		
  

  

    
      33
    
    
      
$ /usr/sbin/adduser web_sync


    		
  

  

    
      34
    
    
      
$ passwd web_sync


    		
  

  

    
      35
    
    
      
password: Gnxi34C8


    		
  

  

    
      36
    
    
      
$ su - web_sync


    		
  

  

    
      37
    
    
      
$ ssh-keygen -t rsa


    		
  

  

    
      38
    
    
      
Generating public/private rsa key pair.


    		
  

  

    
      39
    
    
      
Enter file in which to save the key (/home/web_sync/.ssh/id_rsa): ENTER


    		
  

  

    
      40
    
    
      
Enter passphrase (empty for no passphrase): ENTER


    		
  

  

    
      41
    
    
      
Enter same passphrase again: ENTER


    		
  

  

    
      42
    
    
      
Your identification has been saved in /home/web_sync/.ssh/id_rsa.


    		
  

  

    
      43
    
    
      
Your public key has been saved in /home/web_sync/.ssh/id_rsa.pub.


    		
  

  

    
      44
    
    
      
The key fingerprint is:


    		
  

  

    
      45
    
    
      
19:00:74:dd:ee:b2:fd:6b:49:68:76:27:b8:76:49:bb web_sync@web1.localdomain


    		
  

  

    
      46
    
    
      

    		
  

  

    
      47
    
    
      
$ scp /home/web_sync/.ssh/id_rsa.pub admin@192.168.2.103:/home/admin


    		
  

  

    
      48
    
    
      

    		
  

  

    
      49
    
    
      
$ su -


    		
  

  

    
      50
    
    
      
$ vi /etc/ssh/sshd_config


    		
  

  

    
      51
    
    
      

    		
  

  

    
      52
    
    
      
以下3行コメントはずす


    		
  

  

    
      53
    
    
      
RSAAuthentication yes    <--- SSH v1


    		
  

  

    
      54
    
    
      
PubkeyAuthentication yes    <--- SSH v2


    		
  

  

    
      55
    
    
      
AuthorizedKeysFile      .ssh/authorized_keys


    		
  

  

    
      56
    
    
      

    		
  

  

    
      57
    
    
      
$ /sbin/service sshd restart


    		
  

  

    
      58
    
    
      
----------------------------------------------------------------------------


    		
  

  

    
      59
    
    
      
[web2]


    		
  

  

    
      60
    
    
      
$ /usr/sbin/adduser web_sync


    		
  

  

    
      61
    
    
      
$ passwd web_sync


    		
  

  

    
      62
    
    
      
password: Gnxi34C8


    		
  

  

    
      63
    
    
      

    		
  

  

    
      64
    
    
      
$ su - web_sync


    		
  

  

    
      65
    
    
      
$ ssh-keygen -t rsa


    		
  

  

    
      66
    
    
      
Generating public/private rsa key pair.


    		
  

  

    
      67
    
    
      
Enter file in which to save the key (/home/web_sync/.ssh/id_rsa): ENTER


    		
  

  

    
      68
    
    
      
Enter passphrase (empty for no passphrase): ENTER


    		
  

  

    
      69
    
    
      
Enter same passphrase again: ENTER


    		
  

  

    
      70
    
    
      
Your identification has been saved in /home/web_sync/.ssh/id_rsa.


    		
  

  

    
      71
    
    
      
Your public key has been saved in /home/web_sync/.ssh/id_rsa.pub.


    		
  

  

    
      72
    
    
      
The key fingerprint is:


    		
  

  

    
      73
    
    
      
19:00:74:dd:ee:b2:fd:6b:49:68:76:27:b8:76:49:bb web_sync@web1.localdomain


    		
  

  

    
      74
    
    
      

    		
  

  

    
      75
    
    
      
$ scp /home/web_sync/.ssh/id_rsa.pub admin@192.168.2.101:/home/admin


    		
  

  

    
      76
    
    
      

    		
  

  

    
      77
    
    
      
web1への接続確認


    		
  

  

    
      78
    
    
      
$ ssh web_sync@192.168.2.101


    		
  

  

    
      79
    
    
      

    		
  

  

    
      80
    
    
      
$ su -


    		
  

  

    
      81
    
    
      
$ vi /etc/ssh/sshd_config


    		
  

  

    
      82
    
    
      

    		
  

  

    
      83
    
    
      
以下3行コメントはずす


    		
  

  

    
      84
    
    
      
RSAAuthentication yes    <--- SSH v1


    		
  

  

    
      85
    
    
      
PubkeyAuthentication yes    <--- SSH v2


    		
  

  

    
      86
    
    
      
AuthorizedKeysFile      .ssh/authorized_keys


    		
  

  

    
      87
    
    
      

    		
  

  

    
      88
    
    
      
$ /sbin/service sshd restart


    		
  

  

    
      89
    
    
      

    		
  

  

    
      90
    
    
      
$ cat /home/admin/id_rsa.pub >> /home/web_sync/.ssh/authorized_keys


    		
  

  

    
      91
    
    
      
$ chown web_sync:web_sync /home/web_sync/.ssh/authorized_keys


    		
  

  

    
      92
    
    
      

    		
  

  

    
      93
    
    
      
$ chown -R web_sync:web_sync /www/aff/


    		
  

  

    
      94
    
    
      

    		
  

  

    
      95
    
    
      
[web1]


    		
  

  

    
      96
    
    
      
$ cat /home/admin/id_rsa.pub >> /home/web_sync/.ssh/authorized_keys


    		
  

  

    
      97
    
    
      
$ chown web_sync:web_sync /home/web_sync/.ssh/authorized_keys


    		
  

  

    
      98
    
    
      
----------------------------------------------------------------------------


    		
  

  

    
      99
    
    
      
■同期スクリプトパーミッション設定


    		
  

  

    
      100
    
    
      
[web1]


    		
  

  

    
      101
    
    
      
$ cd /www/aff/sync/


    		
  

  

    
      102
    
    
      
$ chown web_sync:web_sync *.sh


    		
  

  

    
      103
    
    
      
$ chmod 4744 *.sh


    		
  

  

    
      104
    
    
      

    		
  

  

    
      105
    
    
      
■ログ同期用ディレクトリ作成


    		
  

  

    
      106
    
    
      
[web1]


    		
  

  

    
      107
    
    
      
$ mkdir /www/aff/log/web2


    		
  

  

    
      108
    
    
      
$ chmod a+w /www/aff/log/web2


    		
  

  

    
      109
    
    
      

    		
  

  

    
      110
    
    
      
■同期確認


    		
  

  

    
      111
    
    
      
[web1]


    		
  

  

    
      112
    
    
      
$ cd /www/aff/sync/


    		
  

  

    
      113
    
    
      
$ ./content_rsync_test.sh


    		
  

  

    
      114
    
    
      
Agent pid 29373


    		
  

  

    
      115
    
    
      
Enter passphrase for /home/web_sync/.ssh/id_rsa: 


    		
  

  

    
      116
    
    
      
Identity added: /home/web_sync/.ssh/id_rsa (/home/web_sync/.ssh/id_rsa)


    		
  

  

    
      117
    
    
      
building file list ... done


    		
  

  

    
      118
    
    
      
test.txt


    		
  

  

    
      119
    
    
      

    		
  

  

    
      120
    
    
      
sent 90 bytes  received 42 bytes  264.00 bytes/sec


    		
  

  

    
      121
    
    
      
total size is 0  speedup is 0.00


    		
  

  

    
      122
    
    
      
Agent pid 29373 killed


    		
  

  

    
      123
    
    
      

    		
  

  

    
      124
    
    
      
----------------------------------------------------------------------------


    		
  

  

    
      125
    
    
      
■初回同期処理


    		
  

  

    
      126
    
    
      
$ cd /www/aff/sync/


    		
  

  

    
      127
    
    
      
$ ./content_rsync_init.sh


    		
  

  

    
      128
    
    
      

    		
  

  

    
      129
    
    
      
----------------------------------------------------------------------------


    		
  

  

    
      130
    
    
      
■実運用


    		
  

  

    
      131
    
    
      
[web1]


    		
  

  

    
      132
    
    
      
$crontab -e


    		
  

  

    
      133
    
    
      
* * * * * $WEB_DIR/sync/content_rsync.sh > $WEB_DIR/sync/content_rsync.log 2>&1


    		
  

  

    
      134
    
    
      

    		
  

  

    
      135
    
    
      
[web2]


    		
  

  

    
      136
    
    
      
$crontab -e


    		
  

  

    
      137
    
    
      
stat系以外は全てコメントアウト


    		
  

  

    
      138
    
    
      
* * * * * $WEB_DIR/sync/log_rsync.sh > $WEB_DIR/sync/log_rsync.log 2>&1


    		
  

  

    
      139
    
    
      

    		
  

  

    
      140
    
    
      

    		
  

  

    
      141