i-generationコンテンツ同期手順 ---------------------------------------------------------------------------- ■コンテンツ同期ポリシー ・rsyncで1分間隔で同期 ・ソースはweb1→web2への一方向同期とする(双方向同期はファイル競合のリスクがあるため) ・stat系ログファイルはweb2→web1へ同期(運営者管理画面からweb2のログを参照できるようにするため) ・運営者管理画面はweb1へアクセス(画像更新、設定ファイルの更新はweb1のみ)  http://web1.i-generation.jp/admin/  .htaccessでhttp://i-generation.jp/admin/はhttp://web1.i-generation.jp/admin/へリダイレクト ■同期対象ディレクトリ /www/aff/ad/* /www/aff/admin/* /www/aff/db/* /www/aff/home/* /www/aff/lib/* /www/aff/mail/* /www/aff/maintenance/* /www/aff/set/* /www/aff/stat/* /www/aff/sync/* /www/aff/user/* ■同期対象外ディレクトリ /www/aff/log/* /www/aff/stat/log/* /www/aff/stat/*.log ■rsync設定 ---------------------------------------------------------------------------- [web1] rsync用ユーザー作成 $ /usr/sbin/adduser web_sync $ passwd web_sync password: Gnxi34C8 $ su - web_sync $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/web_sync/.ssh/id_rsa): ENTER Enter passphrase (empty for no passphrase): ENTER Enter same passphrase again: ENTER Your identification has been saved in /home/web_sync/.ssh/id_rsa. Your public key has been saved in /home/web_sync/.ssh/id_rsa.pub. The key fingerprint is: 19:00:74:dd:ee:b2:fd:6b:49:68:76:27:b8:76:49:bb web_sync@web1.localdomain $ scp /home/web_sync/.ssh/id_rsa.pub admin@192.168.2.103:/home/admin $ su - $ vi /etc/ssh/sshd_config 以下3行コメントはずす RSAAuthentication yes <--- SSH v1 PubkeyAuthentication yes <--- SSH v2 AuthorizedKeysFile .ssh/authorized_keys $ /sbin/service sshd restart ---------------------------------------------------------------------------- [web2] $ /usr/sbin/adduser web_sync $ passwd web_sync password: Gnxi34C8 $ su - web_sync $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/web_sync/.ssh/id_rsa): ENTER Enter passphrase (empty for no passphrase): ENTER Enter same passphrase again: ENTER Your identification has been saved in /home/web_sync/.ssh/id_rsa. Your public key has been saved in /home/web_sync/.ssh/id_rsa.pub. The key fingerprint is: 19:00:74:dd:ee:b2:fd:6b:49:68:76:27:b8:76:49:bb web_sync@web1.localdomain $ scp /home/web_sync/.ssh/id_rsa.pub admin@192.168.2.101:/home/admin web1への接続確認 $ ssh web_sync@192.168.2.101 $ su - $ vi /etc/ssh/sshd_config 以下3行コメントはずす RSAAuthentication yes <--- SSH v1 PubkeyAuthentication yes <--- SSH v2 AuthorizedKeysFile .ssh/authorized_keys $ /sbin/service sshd restart $ cat /home/admin/id_rsa.pub >> /home/web_sync/.ssh/authorized_keys $ chown web_sync:web_sync /home/web_sync/.ssh/authorized_keys $ chown -R web_sync:web_sync /www/aff/ [web1] $ cat /home/admin/id_rsa.pub >> /home/web_sync/.ssh/authorized_keys $ chown web_sync:web_sync /home/web_sync/.ssh/authorized_keys ---------------------------------------------------------------------------- ■同期スクリプトパーミッション設定 [web1] $ cd /www/aff/sync/ $ chown web_sync:web_sync *.sh $ chmod 4744 *.sh ■ログ同期用ディレクトリ作成 [web1] $ mkdir /www/aff/log/web2 $ chmod a+w /www/aff/log/web2 ■同期確認 [web1] $ cd /www/aff/sync/ $ ./content_rsync_test.sh Agent pid 29373 Enter passphrase for /home/web_sync/.ssh/id_rsa: Identity added: /home/web_sync/.ssh/id_rsa (/home/web_sync/.ssh/id_rsa) building file list ... done test.txt sent 90 bytes received 42 bytes 264.00 bytes/sec total size is 0 speedup is 0.00 Agent pid 29373 killed ---------------------------------------------------------------------------- ■初回同期処理 $ cd /www/aff/sync/ $ ./content_rsync_init.sh ---------------------------------------------------------------------------- ■実運用 [web1] $crontab -e * * * * * $WEB_DIR/sync/content_rsync.sh > $WEB_DIR/sync/content_rsync.log 2>&1 [web2] $crontab -e stat系以外は全てコメントアウト * * * * * $WEB_DIR/sync/log_rsync.sh > $WEB_DIR/sync/log_rsync.log 2>&1