先自我介绍一下,小编浙江大学毕业,去过华为、字节跳动等大厂,目前阿里P7
深知大多数程序员,想要提升技能,往往是自己摸索成长,但自己不成体系的自学效果低效又漫长,而且极易碰到天花板技术停滞不前!
因此收集整理了一份《2024年最新Linux运维全套学习资料》,初衷也很简单,就是希望能够帮助到想自学提升又不知道该从何学起的朋友。
既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,涵盖了95%以上运维知识点,真正体系化!
由于文件比较多,这里只是将部分目录截图出来,全套包含大厂面经、学习笔记、源码讲义、实战项目、大纲路线、讲解视频,并且后续会持续更新
如果你需要这些资料,可以添加V获取:vip1024b (备注运维)
正文
24 - name: touch password chmod 600
25 file:
26 path: /etc/rsync.password
27 state: touch
28 mode: 600
29
30 - name: content password
31 copy:
32 dest: /etc/rsync.password
33 content: rsync_backup:123456
34
35 - name: restart rsyncd
36 service:
37 name: rsyncd.service
38 state: restarted
39 enabled: yes
40
41 #nfs01 web01 web02 客户端守护进程
42
43 - hosts: oldboy
44 tasks:
45
46 - name: touch password chmod 600
47 file:
48 path: /etc/rsync.password
49 state: touch
50 mode: 600
51 - name: content password
52 copy:
53 dest: /etc/rsync.password
54 content: 123456
55
56 - name: copy rsync_backup
57 copy:
58 src: /server/scripts/rsync_backup.sh
59 dest: /server/scripts/
60
61 ##客户端定时任务 每天凌晨0点执行备份推送到服务端
62
63 - name: cron backup
64 cron:
65 name: rsync_backup
66 minute: 00
67 hour: 00
68 job: sh /server/scripts/rsync_backup.sh >/dev/null 2>&1
69 state: present
70
71 ##服务端定时任务 将备份校验信息发送mail
72
73 - hosts: backup
74 tasks:
75
76 - name: yum mailx
77 yum:
78 name: mailx
79 state: present
80
81 - name: copy rsync_backup
82 copy:
83 src: /server/scripts/backup.sh
84 dest: /server/scripts/
85
86 - name: copy mail.rc
87 copy:
88 src: /etc/mail.rc
89 dest: /etc/mail.rc
90
91 - name: mail-cron
92 cron:
93 name: set mail
94 minute: 01
95 hour: 00
96 job: sh /server/scripts/backup.sh >/dev/null 2>&1
97 state: present
#### 7.先检查剧本后再完成推送
>
> 可以在剧本中定时任务改为每分钟,单个拿出模块测试一下是否能备份,是否可以收到邮件。
> –start-at-task=模块名 指定任务执行
>
>
>
ansible-playbook rsync_backup.yml --start-at-task=“mail-cron” 检查剧本
---
## ※二、批量部署nfs服务(服务端 客户端)
>
> 1.书写分发秘钥脚本保证SSH远程连接服务
> 5.本地创建剧本执行nfs网络文件系统服务
>
>
>
#### 1.本地创建分发秘钥脚本并执行
>
> 如果已经批量分发过秘钥,此步不需要执行
>
>
>
[03:00 root@m01 /etc/ansible]# vim /server/scripts/fenfa_pub.sh
#!/bin/bash
#make key pair
ssh-keygen -t dsa -f ~/.ssh/id_dsa -P ‘’
#fenfa public key
for ip in 7 8 41 31
do
sshpass -p123456 ssh-copy-id -o StrictHostKeyChecking=no 172.16.1.$ip
done
#ansible
ansible all -m shell -a “hostname”
>
>
> >
> > ![playbook-剧本一键批量部署—NFS存储服务流程图.jpg](https://upload-images.jianshu.io/upload_images/16952149-2306eced2418a085.jpg?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240)
> >
> >
> >
>
>
>
#### 2.本地创建剧本文件nfs.yml进行全网配置
[03:02 root@m01 /etc/ansible]# vim nfs.yml
1 #nfs服务端配置-安装软件-配置/etc/exports权限-创建共享目录-重启服务
2 —
3 #安装软件
4 - hosts: nfs web
5 tasks:
6
7 - name: yum rpcbind nfs-utils
8 yum:
9 name: rpcbind
10 name: nfs-utils
11 state: present
12
13 #nfs服务端
14
15 - hosts: nfs
16 tasks:
17
18 - name: configure nfs
19 shell: echo ‘/nfs 172.16.1.0/24(rw,all_squash)’ >>/etc/exports
20
21 - name: mkdir chown /nfs
22 file:
23 path: /nfs
24 owner: nfsnobody
25 group: nfsnobody
26 state: directory
27
28 - name: start && enable rpcbind
29 service:
30 name: rpcbind
31 state: restarted
32 enabled: yes
33
34 - name: reloaded nfs
35 service:
36 name: nfs.service
37 state: reloaded
38 enabled: yes
39
40
41 #web客户端配置-创建挂载目录-安装nfs-挂载nfs共享目录到/upload
42 - hosts: web
43 tasks:
44
45 - name: mkdir /upload
46 file:
47 path: /upload
48 state: directory
49
50 - name: mount
51 mount:
52 fstype: nfs
53 src: 172.16.1.31:/nfs
54 path: /upload
55 state: mounted
#### 3.7.先检查剧本后再完成推送
ansible-playbook -C nfs.yml 检查剧本
---
## ※三、批量部署sersync
>
> ansible-playbook -C sersync.yml 检查剧本
> 剧本可能会有很多瑕疵,欢迎补充。
>
>
>
>
>
> >
> > ![playbook-剧本一键批量部署—sersync实时同步思路图 .jpg](https://upload-images.jianshu.io/upload_images/16952149-f0eeaa579ca28536.jpg?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240)
> >
> >
> >
>
>
>
[03:05 root@m01 /etc/ansible]# vim sersync.yml
1 ##sersync实时同步服务
2 —
3 #服务端配置:
4
5 - hosts: backup
6 tasks:
7
8 - name: gourpadd rsync
9 group:
10 name: rsync
11 state: present
12
13 - name: useradd rsync
14 user:
15 name: rsync
16 shell: /sbin/nologin
17 create_home: no
18
19 - name: copy rsyncd.conf
20 copy:
21 src: /etc/ansible/file/rsyncd.conf
22 dest: /etc/rsyncd.conf
23
24 - name: mkdir nfsbackup
25 file:
26 path: /nfsbackup
27 state: directory
28 owner: rsync
29 group: rsync
30
31 - name: mkdir password chmod 600
32 file:
33 path: /etc/rsync.password
34 state: touch
35 mode: 600
36
37 - name: content password
38 copy:
39 dest: /etc/rsync.password
40 content: rsync_backup:123456
41
42 #客户端配置:
43
44 - hosts: nfs
45 tasks:
46
47 - name: rsyncd restart && enable
48 service:
49 name: rsyncd
50 state: restarted
51 enabled: yes
52
53 - name: mkdir server/scripts && tools &&
54 file:
55 path: ‘{{ item }}’
56 state: directory
57 with_items:
58 - /server/scripts
59 - /server/tools
60
61 - name: copy sercync.zip
62 copy:
63 src: /server/tools/sersync_installdir_64bit.zip
64 dest: /server/tools/
65
66 - name: unzip
67 unarchive:
68 src: /server/tools/sersync_installdir_64bit.zip
69 copy: no
70 dest: /server/tools/
71 - name: mkdir app
72 file:
73 path: /app
74 state: directory
75
76 - name: cp sersync /app/
77 shell: cp -a /server/tools/sersync_installdir_64bit/sersync /app/
78
79 - name: chmod +x
80 file:
81 path: /app/sersync/bin/sersync
82 mode: 755
83
84 - name: link sersync
85 file:
86 src: /app/sersync/bin/sersync
87 path: /sbin/sersync
88 state: link
89 force: yes
90
91 - name: copy confxml.xml
92 copy:
93 src: /etc/ansible/file/confxml.xml
94 dest: /app/sersync/conf/
95 backup: yes
96
97 - name: touch password chmod 600
98 file:
99 path: /etc/rsync.password
100 state: touch
101 mode: 600
102
103 - name: content password
104 copy:
105 dest: /etc/rsync.password
106 content: 123456
107
108 - name: mkdir /upload
109 file:
110 path: /upload
111 state: directory
112 owner: nfsnobody
113 group: nfsnobody
114
115 - name: shell sersync
116 shell: sersync -rd -o /app/sersync/conf/confxml.xml
117
118 - name: /etc/rc.d/rc.local
119 shell: echo “sersync -rd -o /app/sersync/conf/confxml.xml” >>/etc/rc.d/rc.local
#### 检查一下
>
> 客户端
>
>
>
[03:06 root@nfs01 ~]# touch /upload/lcx{01…5}.txt
[03:06 root@nfs01 ~]# ll /upload/
total 0
-rw-r–r-- 1 root root 0 Jun 1 03:06
lcx01.txt
-rw-r–r-- 1 root root 0 Jun 1 03:06 lcx02.txt
-rw-r–r-- 1 root root 0 Jun 1 03:06 lcx03.txt
-rw-r–r-- 1 root root 0 Jun 1 03:06 lcx04.txt
-rw-r–r-- 1 root root 0 Jun 1 03:06 lcx05.txt
>
> 服务端
>
>
>
[03:06 root@backup ~]# ll /nfsbackup/
total 0
-rw-r–r-- 1 rsync rsync 0 Jun 1 03:06 lcx01.txt
-rw-r–r-- 1 rsync rsync 0 Jun 1 03:06 lcx02.txt
-rw-r–r-- 1 rsync rsync 0 Jun 1 03:06 lcx03.txt
-rw-r–r-- 1 rsync rsync 0 Jun 1 03:06 lcx04.txt
-rw-r–r-- 1 rsync rsync 0 Jun 1 03:06 lcx05.txt
>
> #### 大功告成
>
>
> 把rsync全网备份服务 nfs网络文件共享服务 sersync实时同步服务都放到一个脚本中执行
> 把SSH远程分发秘钥写到脚本中
>
>
>
[03:07 root@m01 /etc/ansible]# vim /server/scripts/one.sh
#!/bin/bash
. /etc/profile
sh /server/scripts/fenfa_pub.sh
ansible-playbook /etc/ansible/rsync_backup.yml
ansible-playbook /etc/ansible/nfs.yml
ansible-playbook /etc/ansible/sersync.yml
#### 克隆四台全新的虚拟机测试一下吧:
>
> web01 web02 nfs01 backup
> 修改主机名 IP地址 做基础优化 关闭防火墙
>
>
>
#### 这种一条走到头的感觉非常爽,有种上厕所的通畅感,终于搞定了!
[03:17 root@m01 /etc/ansible]# sh /server/scripts/one.sh
Generating public/private dsa key pair.
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:Jl7LZ3tPlY2k/WnwjPpaRQcjFwoBecUGCAtiynKARCU root@m01
The key’s randomart image is:
±–[DSA 1024]----+
|=E+… …++=o =. |
|o+… . .o …o+ o |
|o… . . … …|
|… +…+|
| . S …ooo|
| . = . *o.|
| . o o o.=.|
| o .+… |
| .+oo. |
±—[SHA256]-----+
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_dsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: “ssh -o ‘StrictHostKeyChecking=no’ ‘172.16.1.7’”
and check to make sure that only the key(s) you wanted were added.
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_dsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: “ssh -o ‘StrictHostKeyChecking=no’ ‘172.16.1.8’”
and check to make sure that only the key(s) you wanted were added.
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_dsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: “ssh -o ‘StrictHostKeyChecking=no’ ‘172.16.1.41’”
and check to make sure that only the key(s) you wanted were added.
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_dsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
Number of key(s) added: 1
Now try logging into the machine, with: “ssh -o ‘StrictHostKeyChecking=no’ ‘172.16.1.31’”
and check to make sure that only the key(s) you wanted were added.
172.16.1.7 | CHANGED | rc=0 >>
web01
172.16.1.31 | CHANGED | rc=0 >>
nfs01
172.16.1.41 | CHANGED | rc=0 >>
backup
172.16.1.8 | CHANGED | rc=0 >>
web02
PLAY [backup] ************************************************************************
TASK [Gathering Facts] ***************************************************************
ok: [172.16.1.41]
TASK [rsync.conf] ********************************************************************
ok: [172.16.1.41]
TASK [useradd rsync] *****************************************************************
ok: [172.16.1.41]
TASK [mkdir /backup] *****************************************************************
ok: [172.16.1.41]
TASK [touch password chmod 600] ******************************************************
changed: [172.16.1.41]
TASK [content password] **************************************************************
ok: [172.16.1.41]
TASK [restart rsyncd] ****************************************************************
changed: [172.16.1.41]
PLAY [oldboy] ************************************************************************
TASK [Gathering Facts] ***************************************************************
ok: [172.16.1.7]
ok: [172.16.1.31]
ok: [172.16.1.8]
TASK [touch password chmod 600] ******************************************************
changed: [172.16.1.7]
changed: [172.16.1.8]
changed: [172.16.1.31]
TASK [content password] **************************************************************
ok: [172.16.1.7]
ok: [172.16.1.8]
ok: [172.16.1.31]
TASK [copy rsync_backup] *************************************************************
ok: [172.16.1.7]
ok: [172.16.1.8]
ok: [172.16.1.31]
TASK [cron backup] *******************************************************************
[WARNING]: The value 0 (type int) in a string field was converted to u’0’ (type
string). If this does not look like what you expect, quote the entire value to ensure
it does not change.
ok: [172.16.1.31]
ok: [172.16.1.8]
ok: [172.16.1.7]
PLAY [backup] ************************************************************************
TASK [Gathering Facts] ***************************************************************
ok: [172.16.1.41]
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
需要这份系统化的资料的朋友,可以添加V获取:vip1024b (备注运维)
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
72.16.1.8]
ok: [172.16.1.7]
PLAY [backup] ************************************************************************
TASK [Gathering Facts] ***************************************************************
ok: [172.16.1.41]
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
需要这份系统化的资料的朋友,可以添加V获取:vip1024b (备注运维)
[外链图片转存中…(img-B1C1s0en-1713391530422)]
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!