172173.com

参考博文:https://www.cnblogs.com/zydev/p/5370512.html

测试服务器:

  • 192.168.99.207 - 主svn
  • 192.168.99.208 - 备份svn

一、svn主配置

1.创建备份账号

添加svnsync备份账号sync_user,该账号在svn主/备的所有仓库根目录的读写权限。

  • 用户名:sync_user
  • 密码:sync_user321

2.配置文件同步到svn备

svn备上:所有其他用户只有读权限,sync_user用户有读写权限。

同步配置文件

  • authz的其他用户改成只读,暂存放在/root/tdserver/svn/yd_2018/authz
1
cat /data/svn_pass/yd_2018/authz | sed 's/ rw/ r/g' | sed '/sync_user/s/ r/ rw/g' > /root/tdserver/svn/yd_2018/authz
  • 同步用户配置到svn备。
1
2
3
4
5
6
7
8
9
mkdir -p /root/svn_sync
cp /data/svn_passwd/authz /root/svn_sync
cat /data/svn_passwd/authz |sed 's/ rw/ r/g'| sed '/sync_user/s/ r/ rw/g' > /root/svn_sync/authz

# 同步配置文件、权限文件、服务管理脚本
/usr/bin/rsync -e 'ssh -p 57321' -avzP /root/svn_sync/authz 192.168.99.208:/data/svn_passwd/
/usr/bin/rsync -e 'ssh -p 57321' -avzP /data/svn_passwd/passwd 192.168.99.208:/data/svn_passwd/
/usr/bin/rsync -e 'ssh -p 57321' -avzP /data/svn_passwd/svnserve.conf 192.168.99.208:/data/svn_passwd/
/usr/bin/rsync -e 'ssh -p 57321' -avzP /etc/init.d/svnserve 192.168.99.208:/etc/init.d/

二、svn备配置

1.部署svn基础环境

svn的部署过程略,创建与svn主一致的空仓库。

2.svn备份机创建空库

创建和主svn同名仓库,保持空,不要上传任何文件,否则会引起主从同步失败。

1
2
svnadmin create /data/svn_data/sadoc
svnadmin create /data/svn_data/sbdoc

3.配置svnsync备份用的钩子

  • pre-revprop-change
1
2
3
4
5
6
7
8
cd /data/svn_data/sadoc/hooks/
cp pre-revprop-change.tmpl pre-revprop-change
chmod 755 pre-revprop-change

# 前两行,第二行加个exit 0,这个钩子脚本要存在,svnsync启动时调用。可以没有内容。
vim pre-revprop-change
1 #!/bin/sh
2 exit 0

三、svn主:开始svnsync备份

1.svnsync初始化

语法:

1
2
3
svnsync init {备份svn库url/库名} {源库url/库名} 

svnsync init svn://192.168.99.208/sadoc svn://192.168.99.207/sadoc --username sync_user --password 123456
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
[[email protected] hooks]# svnsync init svn://192.168.99.208/sadoc svn://192.168.99.207/sadoc
Authentication realm: <svn://192.168.99.207:3690> f228a13e-7f01-4ded-bd0b-62835f02763c
Password for 'root':
Authentication realm: <svn://192.168.99.207:3690> f228a13e-7f01-4ded-bd0b-62835f02763c
Username: sync_user
Password for 'sync_user':

-----------------------------------------------------------------------
ATTENTION! Your password for authentication realm:

<svn://192.168.99.207:3690> f228a13e-7f01-4ded-bd0b-62835f02763c

can only be stored to disk unencrypted! You are advised to configure
your system so that Subversion can store passwords encrypted, if
possible. See the documentation for details.

You can avoid future appearances of this warning by setting the value
of the 'store-plaintext-passwords' option to either 'yes' or 'no' in
'/root/.subversion/servers'.
-----------------------------------------------------------------------
Store password unencrypted (yes/no)? yes
Copied properties for revision 0.

2.开始备份

语法:

1
svnsync sync {备份svn库url/库名} --no-auth-cache --username sync_user --password 123456

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[[email protected] hooks]# svnsync sync svn://192.168.99.208/sadoc
Transmitting file data .
Committed revision 1.
Copied properties for revision 1.
Transmitting file data .
Committed revision 2.
Copied properties for revision 2.
Transmitting file data .
Committed revision 3.
Copied properties for revision 3.
Transmitting file data ..
Committed revision 4.
Copied properties for revision 4.
Transmitting file data .
Committed revision 5.
Copied properties for revision 5.
Transmitting file data .

四、YD svn主从环境参考

1.svn主crontab

1
5 1 * * * /bin/sh -xv /root/tdserver/svn/sync_svn_yd2018.sh > /var/log/svn/`date +\%Y\%m\%d`_sync_svn_yd2018.log 2>&1

2.sync_svn_yd2018.sh同步脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
shell > cat /root/tdserver/svn/sync_svn_yd2018.sh
#!/bin/bash
#fucntion: rsync /data/svn_data repository to 192.168.99.22.

day=$(date +%Y%m%d)
t=$(date +%H%M%S)
TIMESTAMP=$("date +%Y-%m-%d %H:%M:%S")
log=/data/svn_log/yd_2018/${day}_init_sync.log

# change slave authz user only have read permissions.
cat /data/svn_pass/yd_2018/authz | sed 's/ rw/ r/g' | sed '/sync_user/s/ r/ rw/g' > /root/tdserver/svn/yd_2018/authz
/usr/bin/rsync -e 'ssh -p 57321' -avH /root/tdserver/svn/yd_2018/authz 192.168.99.22:/data/svn_pass/yd_2018/authz
/usr/bin/rsync -e 'ssh -p 57321' -avH /data/svn_pass/yd_2018/http_users 192.168.99.22:/data/svn_pass/yd_2018/http_users


for repo in `ls /data/svn_data/yd_2018/`
do
cp -rp /root/tdserver/svn/pre-revprop-change /data/svn_data/yd_2018/${repo}/hooks
/usr/bin/rsync -e 'ssh -p 57321' -avH /root/tdserver/svn/pre-revprop-change 192.168.99.22:/data/svn_data/yd_2018/${repo}/hooks

# svnsync command.
# check if repo already init,if not init,then do init then put to init_repo file.
if [ -z "`grep ${repo} /root/tdserver/svn/yd_2018/init_repo`" ];then
/usr/local/subversion/bin/svnsync init http://192.168.99.22:8080/yd2018/${repo} http://192.168.99.30:8080/yd2018/${repo} --allow-non-empty --username sync_user --password sync_user321
if [ $? -eq 0 ];then
echo "${repo}" >> /root/tdserver/svn/yd_2018/init_repo
else
echo "${TIMESTAMP} ${repo} init to 192.168.99.22 error." >> ${log}
fi
fi

# check if repo already init,if yes init,then do synchronize to slave.
if [ -n "`grep ${repo} /root/tdserver/svn/yd_2018/init_repo`" ];then
/usr/local/subversion/bin/svnsync sync --steal-lock http://192.168.99.22:8080/yd2018/${repo} --no-auth-cache --username sync_user --password sync_user321
if [ $? -ne 0 ];then
echo "${TIMESTAMP} ${repo} sync to 192.168.99.22 error." >> ${log}
else
echo "${TIMESTAMP} ${repo} sync to 192.168.99.22 is ok." >> ${log}
fi
fi
done

3.check_svn_sync.sh Nagios监控脚本

  • /usr/local/nagios/libexec/check_svn_sync.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
cat /usr/local/nagios/libexec/check_svn_sync.sh
#!/bin/sh
#function: monitor subversion master and slve synchronize.
#Modify by lyc at 2018-08-15
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
TIMESTAMP=`date +%Y%m%d`
LOG_PATH="/data/svn_log"
log_dir_array=(
by_2018
yd_2018
)

function main(){
for i in ${log_dir_array[*]}
do
log=${LOG_PATH}/${i}/${TIMESTAMP}_init_sync.log
echo $log
if [ ! -e ${log} ];then
echo '$i have no svnsync log'
exit ${STATE_CRITICAL}
elif [ `grep 'error' ${log}|wc -l` -gt 0 ];then
cat ${log}
exit ${STATE_CRITICAL}
else
cat ${log}
fi
done
exit ${STATE_OK}
}

main

 评论