Ams
De Admin -- TALEVAS.
Version du 30 septembre 2012 à 13:35 par Admin (discuter | contributions)
Sommaire |
Admin
admin.ams.talevas.com
lvcreate -L10G -ngit vg mkfs.ext3 /dev/mapper/vg-git mkdir /home/config echo "/dev/mapper/vg-git /home/config ext3 defaults 0 0" >> /etc/fstab mount /home/config lvcreate -L 100G -nfrontlog vg mkfs.ext3 /dev/mapper/vg-frontlog mkdir /home/log echo "/dev/mapper/vg-frontlog /home/log ext3 defaults 0 0" >> /etc/fstab mount /home/log rm -rf /home/log/lost* rm -rf /home/config/lost* rm -rf /home/lost* rm -rf /tmp/lost* apt-get update apt-get install tree htop zip openntpd git-core proftpd apt-get install -yq openvpn
http://doc.ubuntu-fr.org/openvpn
git config --global user.name "Damien" git config --global user.email "damien@talevas.com" git config --global core.autocrlf input git config --global core.safecrlf true
Frontaux
front01.ams.talevas.com -- front02.ams.talevas.com
rm -rf /home/lost* rm -rf /tmp/lost* apt-get update apt-get install -yq openvpn apt-get install -yq nfs-client openntpd htop php5 php5-mysql lvcreate -L 50G -nwww vg mkfs.ext3 /dev/mapper/vg-www echo "/dev/mapper/vg-www /var/www ext3 defaults 0 0" >> /etc/fstab mount /var/www mkdir /var/www/upload/ mount -t nfs 10.16.101.6:/nas-000108/mininas-001386 /var/www/upload/ echo "10.16.101.6:/nas-000108/mininas-001386 /var/www/upload// nfs w 0 0 " >>/etc/fstab
a2enmod rewrite
A valdier
ServerTokens Prod
Databases
db01.ams.talevas.com -- db02.ams.talevas.com
# creation de l'espace disque lvcreate -L50G -nmysql vg lvcreate -L10G -nbinlog vg mkfs.ext3 /dev/mapper/vg-mysql mkfs.ext3 /dev/mapper/vg-binlog mkdir /var/lib/mysql mkdir /var/log/mysql-binlog echo "/dev/mapper/vg-mysql /var/lib/mysql ext3 defaults 0 0" >> /etc/fstab echo "/dev/mapper/vg-binlog /var/log/mysql-binlog ext3 defaults 0 0" >> /etc/fstab mount /var/lib/mysql mount /var/log/mysql-binlog chown mysql:mysql /var/log/mysql-binlog/ rm -rf /var/lib/mysql/lost* rm -rf /home/lost* rm -rf /tmp/lost* rm -rf /var/log/mysql-binlog/lost* # installation de Mysql apt-get update apt-get install -yq openvpn openntpd htop apt-get install -yq mysql-server # DB01 iptables -A INPUT -p tcp -s 188.165.240.126 --dport 3306 -j ACCEPT # DB02 iptables -A INPUT -p tcp -s 188.165.241.29 --dport 3306 -j ACCEPT # front01 iptables -A INPUT -p tcp -s 94.23.12.228 --dport 3306 -j ACCEPT # front02 iptables -A INPUT -p tcp -s 94.23.241.220 --dport 3306 -j ACCEPT # admin iptables -A INPUT -p tcp -s 91.121.8.205 --dport 3306 -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -j DROP iptables-save > /etc/iptables.rules
# recup des données openvpn depuis le master scp admin.ams.talevas.com:/home/config/db02/etc/openvpn/* /etc/openvpn/ /etc/init.d/openvpn start
Procédure de bascule
couper le master
iptables partout
allow writes sur le slave
suppression du fichier de conf
pointage des frontaux
édition du fichier host
Le script
#!/bin/bash
ServerList="front01.prod.allmyski.info front02.prod.allmyski.info"
MasterDb="db01.prod.allmyski.info"
SlaveDb="db02.prod.allmyski.info"
# couper le master => IPTABLES sur les frontaux
for server in $ServerList
do
echo "$server => iptables -A OUTPUT -p tcp -d 188.165.241.29 -j DROP"
ssh $server "iptables -A OUTPUT -p tcp -d 188.165.241.29 -j DROP"
done
# supression du read_only sur le slave
# restart du slave
echo "supression du read_only sur le slave"
ssh $SlaveDb "rm /etc/mysql/conf.d/slave.cnf; service mysql restart"
# changement du master dans les fichiers host des frontaux
for server in $ServerList
do
echo "On change l'entree master pour le front $server."
ssh $server "cp /etc/hosts /etc/hosts.ori"
ssh $server "echo '188.165.241.29 $MasterDb' >> /etc/hosts"
done
