使用inotifywait工具
当此目录下出现新建、修改、更改权限、删除文件等事件时能给出提示
验证上述监控事件的效果
inotifywait监控操作:
inotifywait [选项] 目标文件夹
inotifywait常用命令选项:
-m,持续监控(捕获一个事件后不退出)
-r,递归监控、包括子目录及文件
-q,减少屏幕输出信息
-e,指定监视的 modify、move、create、delete、attrib 等事件类别
步骤一:安装inotify-tools软件包
1)解包
[root@nginx ~]# tar -xf tools.tar.gz
[root@nginx tools]# cp inotify-tools-3.13.tar.gz /root
[root@nginx ~]# tar -xf inotify-tools-3.13.tar.gz -C /usr/src/
[root@nginx ~]# cd /usr/src/inotify-tools-3.13/
2)编译安装
[root@nginx inotify-tools-3.13]# ./configure
[root@nginx inotify-tools-3.13]# make
[root@nginx inotify-tools-3.13]# make install
3)检查安装结果
[root@nginx inotify-tools-3.13]# inotifywait –help
步骤二:测试inotifywait监控
1)开启监控任务,置入后台
[root@nginx ~]# inotifywait -mrq -e create,modify,move,attrib,delete /opt &
[1] 5456
2)测试/opt/目录下的新建、修改、改名、更改权限、删除文件等事件的响应消息
观察新建文件时的监控信息
3)观察文件的创建 ,修改 , 改名 , 修改权限的变化
[root@nginx ~]# touch /opt/a.txt
/opt/ CREATE a.txt
/opt/ ATTRIB a.txt
[root@nginx ~]# echo hello > /opt/a.txt
/opt/ MODIFY a.txt
[root@nginx ~]# mv /opt/a.txt /opt/b.txt
/opt/ MOVED_FROM a.txt
/opt/ MOVED_TO b.txt
[root@nginx ~]# chmod 600 /opt/b.txt
/opt/ ATTRIB b.txt
4)停止监控服务
[root@nginx ~]# kill -9 %1
[root@nginx ~]# fg
-bash: fg: 任务已经终止
[1]+ 已杀死 inotifywait -mrq -e create,modify,move,attrib,delete /opt
[root@nginx ~]# kill -9 %1
-bash: kill: %1: 无此任务
案例4:配置Web镜像同步
inotifywait与rsync的结合,主要思路:
while inotifywait监控操作
do
需要执行的rsync同步操作
done
步骤一:为主机svr7、pc207部署同步目录
双方的目录均为/var/www/html/,如果安装了httpd,此目录会自动出现。
1)确认svr7的目录内容
yum -y install httpd
echo 123 > /var/www/html/index.html
systemctl restart httpd
步骤二:为svr7配置到pc207的SSH密钥对验证,实现免密码交互
1)检查当前用户是否已经有可用的SSH密钥对文件
[root@svr7 ~]# ls ~/.ssh/id_*
/root/.ssh/id_rsa /root/.ssh/id_rsa.pub
如果找不到id_rsa、id_rsa.pub密钥对文件,则需要执行下列操作创建:
[root@nginx ~]# ssh-keygen -t dsa -f /root/.ssh/id_dsa -P “” //非交互式创建密钥对
Generating public/private dsa key pair.
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:9BY3FpuPmMyPE0uyn3FkMPG0WPYjT3umiRVsA1jBk4g root@nginx
The key’s randomart image is:
+—[DSA 1024]—-+
| ..=Oo |
| E oB+O |
| . = X.O |
| . + O O = |
| S X + = o|
| = B o = |
| . = + o |
| . = |
| o |
+—-[SHA256]—–+
2)将当前用户的SSH公钥部署到远程主机
[root@nginx ~]# ssh-copy-id root@192.168.1.21
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_dsa.pub”
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys
root@192.168.1.21’s password:
Number of key(s) added: 1
Now try logging into the machine, with: “ssh ‘root@192.168.1.21’”
and check to make sure that only the key(s) you wanted were added.
3)验证免密码登录效果
[root@nginx ~]# ssh 192.168.1.21
步骤三:编写镜像同步脚本并测试效果
1)编写脚本文件/root/isync.sh
vim /root/isync.sh
#!/bin/bash
FROM_DIR="/var/www/html/"
RSYNC_CMD="rsync -az --delete $FROM_DIR root@192.168.4.207:/var/www/html"
while inotifywait -rqq -e modify,move,create,delete,attrib $FROM_DIR
do
$RSYNC_CMD
done &
2)给脚本授权
[root@nginx ~]# chmod +x /root/isync.sh
3)运行脚本
[root@nginx ~]# /root/isync.sh
[root@nginx ~]# pgrep -l inotify //确认任务在运行 , 因为脚本是在后台运行的
5638 inotifywait
3)测试同步效果
在svr7上向/var/www/html/目录下添加一个测试网页(触发同步):
[root@nginx ~]# ls /var/www/html/
index.html
[root@nginx ~]# touch /var/www/html/a.txt
[root@nginx ~]# ls /var/www/html/
a.txt index.html
4)在另外一个客户端上检查/var/www/html/目录,内容应该已经与svr7上的同名目录一致:
[root@apache ~]# ls /var/www/html/
a.txt index.html
[root@apache ~]# curl http://192.168.1.21
123
5)结束测试后,在nginx上停止监控任务
[root@nginx ~]# pkill -9 inotify
/root/isync.sh: 行 7: 5658 已杀死 inotifywait -rqq -e modify,move,create,delete,attrib $FROM_DIR
[root@nginx ~]# pgrep -l inotify //确认已经没有监控任务
[root@nginx ~]#