大家分享一下linux通过脚本实现远程自动备份的方法,考虑到在本机上备份数据,一旦该机器硬盘出现故障,数据无法取出。远程手动备份数据费时费力且不及时。最好的方法就是通过脚本实现远程自动互备。但远程无论是通过SSH登陆,还是通过scp拷贝文件都需要输入密码。为了克服这个问题,首先需要实现不需要密码的SSH登陆,这样就可以使用rsync,scp,rexec等命令来做的远程备份了。
1. 设置无需密码的ssh登陆,方法如下:
假设A,B两服务器,现在需要在A机上用root登陆B机,而不需要输入密码,那我们可按照下面的步骤来做:
1)在A机上生成钥匙对,执行以下命令:
ssh-keygen -t rsa
Generating public/private rsa keypair.
Enter filein which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa
Enter passphrase(empty for no passphrase):直接回车
Enter same passphrase again:直接回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public keyhas been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f6:61:a8:27:35:cf:4c:6d:13:22:70:cf:4c:c8:a0:23 root@host1
这样,在/root/.ssh/路径下会生成id_rsa,和id_rsa.pub,其中id_rsa是密钥,id_rsa.pub是公钥。
2)把在A机生成的id_rsa.pub拷贝到B机上,假设拷贝到B机的临时目录下,如:
scp /root/.ssh/id_rsa.pub root@218.242.214.20:/tmp
3)用root帐号登陆B机,进入其主目录,创建authorized_keys文件,并设置好权限。
cd ~/.ssh
cat /tmp/id_rsa.pub >>authorized_keys
chmod400 authorized_keys
rm -f /tmp/id_rsa.pub
在A机上转到root帐号,尝试登录B机。看看是不是不要密码.
说明:
authorized_keys文件的权限很重要,如果设置为777,那么登录的时候,还是需要提供密码的。
记得将临时目录下的id_rsa.pub删除,养成个好习惯。
本方法在Red Hat9.0上测试通过。
2. 编辑crontab文件
vi /etc/crontab
如设置每天凌晨3:00执行cron.daily中的脚本:
00 3 * * * root run-parts /etc/cron.daily
3.编辑cron.daily中的脚本
cd /etc/cron.daily/
vi backupdb
pg_dump -U postgres voipack >/voipack.sql
pg_dump -U postgres regserver >/regserver.sql
tar-cvjf /aavm.tgz.bz2 /usr/local/aavm
tar -cvjf /oracle.tgz.bz2 /var/oracle
scp /voipack.sql root@218.242.214.20:/root/218.242.214.23_backup
scp /regserver.sql root@218.242.214.20:/root/218.242.214.23_backup
scp /aavm.tgz.bz2 root@218.242.214.20:/root/218.242.214.23_backup
scp /oracle.tgz.bz2 root@218.242.214.20:/root/218.242.214.23_backup
将23上产生的备份文件copy到218.242.214.20:/root/218.242.214.23_backup路径下
同样的方法可以将假设B服务器上的数据备份到A服务器,实现双机的互备。
Thursday, April 19, 2012
Sunday, April 1, 2012
domain time sync
1000s of documents out there that describe how to seize FSMO role, RID Master, Infrastructure Master etc from one domain controller to the other but not that easy to find a document that describes how to move the NTP time server role to new domain controller. Here goes how to do it but before we go any further, its time for the usual "Disclaimer1"
On the old domain controller, run the following at command prompt
w32tm /config /syncfromflags:domhier /reliable:no /updatenet stop w32time && net start w32time
On the new domain controller, run the following at command prompt
w32tm /config /manualpeerlist:time.windows.com /syncfromflags:manual /reliable:yes /updatenet stop w32time && net start w32time
That's it. All the computers in your domain should automatically synchronize.
On the old domain controller, run the following at command prompt
w32tm /config /syncfromflags:domhier /reliable:no /updatenet stop w32time && net start w32time
On the new domain controller, run the following at command prompt
w32tm /config /manualpeerlist:time.windows.com /syncfromflags:manual /reliable:yes /updatenet stop w32time && net start w32time
That's it. All the computers in your domain should automatically synchronize.
Subscribe to:
Posts (Atom)