Leli nothi liqeda umjikelezo omayelana nokwenza isipele. Izoxoxa ngenhlangano enengqondo yeseva ezinikezele (noma i-VPS), elungele ukwenza isipele, futhi izonikeza inketho yokubuyisela ngokushesha iseva kusuka kusipele ngaphandle kokuphumula okuningi uma kwenzeka inhlekelele.
Idatha ebomvu
Iseva ezinikezele ivamise ukuba okungenani namadrayivu aqinile amabili asebenza ukuhlela uhlu lokuqala lwe-RAID (isibuko). Lokhu kuyadingeka ukuze ukwazi ukuqhubeka nokusebenzisa iseva uma idiski eyodwa yehluleka. Uma lokhu kuyisiphakeli esizinikezele esivamile, kungase kube nesilawuli esihlukile se-RAID yehadiwe enobuchwepheshe obusebenzayo be-caching ku-SSD, ukuze ngaphezu kwama-hard drive avamile, i-SSD eyodwa noma ngaphezulu ingaxhunywa. Kwesinye isikhathi kunikezwa amaseva azinikezele, okuwukuphela kwawo amadiski endawo okuyi-SATADOM (amadiski amancane, ngokwesakhiwo i-flash drive exhunywe echwebeni le-SATA), noma i-flash drive encane evamile (8-16GB) exhunywe echwebeni elikhethekile langaphakathi, idatha ithathwa ohlelweni lwesitoreji , exhunywe ngenethiwekhi yesitoreji esizinikele (i-Ethernet 10G, FC, njll.), futhi kukhona amaseva azinikezele alayishwa ngokuqondile ohlelweni lokugcina. Ngeke ngicabangele lezi zinketho, ngoba ezimweni ezinjalo umsebenzi wokusekela iseva udlula kahle kuchwepheshe ogcina uhlelo lokugcina; ngokuvamile kuba nobuchwepheshe obuhlukahlukene bobunikazi bokudala izifinyezo, ukuphindaphinda okwakhelwe ngaphakathi kanye nezinye izinjabulo zomphathi wesistimu. , okuxoxwe ngayo ezingxenyeni ezidlule zalolu chungechunge. Ivolumu yamalungu afanayo ediski yeseva ezinikele ingafinyelela amashumi amaningana ama-terabytes, kuye ngenani nosayizi wamadiski axhunywe kuseva. Endabeni ye-VPS, imiqulu inesizotha kakhulu: ngokuvamile ayikho ngaphezu kwe-100GB (kodwa kukhona futhi ngaphezulu), futhi amanani entengo ye-VPS enjalo angabiza kalula kunamaseva azinikezele ashibhile avela kumphathi ofanayo. I-VPS ivamise ukuba nediski eyodwa, ngoba kuzoba nesistimu yokugcina (noma okuthile okuguquliwe) ngaphansi kwayo. Kwesinye isikhathi i-VPS inamadiski amaningana anezici ezahlukahlukene, ngezinhloso ezahlukahlukene:
- uhlelo oluncane - lokufaka uhlelo lokusebenza;
- enkulu - ukugcina idatha yomsebenzisi.
Uma ufaka kabusha uhlelo usebenzisa iphaneli yokulawula, idiski enedatha yomsebenzisi ayibhalwa ngaphezulu, kodwa idiski yesistimu igcwaliswa kabusha ngokuphelele. Futhi, esimweni se-VPS, umninikhaya angase anikeze inkinobho ethatha isifinyezo sesimo se-VPS (noma idiski), kodwa uma ufaka isistimu yakho yokusebenza noma ukhohlwe ukwenza kusebenze isevisi oyifunayo ngaphakathi kwe-VPS, abanye yedatha kungenzeka isalahleka. Ngaphezu kwenkinobho, isevisi yokugcina idatha ivamise ukunikezwa, ngokuvamile ilinganiselwe kakhulu. Ngokuvamile lena i-akhawunti enokufinyelela nge-FTP noma i-SFTP, ngezinye izikhathi kanye ne-SSH, enegobolondo elikhumuliwe (isibonelo, i-rbash), noma umkhawulo wokusebenzisa imiyalo ngokhiye_ogunyaziwe (nge-ForcedCommand).
Iseva ezinikezele ixhunywe kunethiwekhi ngamachweba amabili anesivinini esingu-1 Gbps, ngezinye izikhathi lawa angaba amakhadi anesivinini esingu-10 Gbps. I-VPS ivamise ukuba nenethiwekhi eyodwa. Ngokuvamile, izikhungo zedatha azikhawuli isivinini senethiwekhi ngaphakathi kwesikhungo sedatha, kodwa zikhawulela isivinini sokufinyelela ku-inthanethi.
Umthwalo ojwayelekile weseva enjalo ezinikezele noma i-VPS iseva yewebhu, isizindalwazi, kanye neseva yohlelo lokusebenza. Kwesinye isikhathi izinsiza ezahlukahlukene ezengeziwe zingase zifakwe, okuhlanganisa neseva yewebhu noma isizindalwazi: injini yokusesha, isistimu yemeyili, njll.
Iseva elungiselelwe ngokukhethekile isebenza njengendawo yokugcina amakhophi ayisipele; sizobhala ngayo ngemininingwane eminingi kamuva.
Inhlangano enengqondo yesistimu yediski
Uma unesilawuli se-RAID, noma i-VPS ene-disk eyodwa, futhi akukho okukhethekile okukhethekile kokusebenza kwe-subsystem ye-disk (isibonelo, i-disk ehlukile esheshayo ye-database), yonke indawo yamahhala ihlukaniswa kanje: ingxenye eyodwa. kudalwe, futhi iqembu levolumu ye-LVM lenziwa phezu kwalo, kwakhiwa imiqulu eminingana kuyo: 2 amancane anosayizi ofanayo, asetshenziswa njengesistimu yefayela lempande (ishintshwe ngayinye ngesikhathi sokubuyekezwa ukuze kube nokwenzeka ukuhlehliswa ngokushesha, umbono uthathwe ekusabalaliseni Bala i-Linux), omunye ungowokuhlukanisa, enye indawo ekhululekile ihlukaniswe yaba imiqulu emincane, esetshenziswa njengohlelo lwefayela eliyimpande leziqukathi ezigcwele, amadiski emishini ebonakalayo, ifayela. amasistimu ama-akhawunti ku/ekhaya (i-akhawunti ngayinye inesistimu yayo yefayela), amasistimu wefayela weziqukathi zohlelo lokusebenza.
Inothi elibalulekile: imiqulu kufanele ibe yodwa ngokuphelele, i.e. akufanele kuncike komunye nomunye noma ohlelweni lwefayela eliyimpande. Endabeni yemishini ebonakalayo noma iziqukathi, leli phuzu libhekwa ngokuzenzakalelayo. Uma lezi kuyiziqukathi zohlelo lokusebenza noma uhla lwemibhalo lwasekhaya, kufanele ucabange ngokuhlukanisa amafayela okumisa eseva yewebhu nezinye izinsiza ngendlela yokuqeda ukuncika phakathi kwamavolumu ngangokunokwenzeka. Isibonelo, isayithi ngalinye liqala kumsebenzisi walo, amafayela okumisa isayithi akuluhlu lwasekhaya lomsebenzisi, kuzilungiselelo zeseva yewebhu, amafayela okumiswa kwesayithi awafakiwe nge-/etc/nginx/conf.d/.conf, kanye, isibonelo, /home//configs/nginx/*.conf
Uma kunamadiski amaningana, ungakha i-software ye-RAID (futhi ulungiselele i-caching yayo ku-SSD, uma kunesidingo nethuba), phezu kwalokho ungakha i-LVM ngokuvumelana nemithetho ehlongozwe ngenhla. Futhi kulesi simo, ungasebenzisa i-ZFS noma i-BtrFS, kodwa kufanele ucabange kabili ngalokhu: kokubili kudinga indlela ebucayi kakhulu yezinsiza, futhi ngaphandle kwalokho, i-ZFS ayifakiwe ne-Linux kernel.
Kungakhathalekile ukuthi yiluphi uhlelo olusetshenzisiwe, kufanelekile ngaso sonke isikhathi ukulinganisa kusengaphambili isivinini esilinganiselwe sokushintsha izinguquko kumadiski, bese kubalwa inani lesikhala samahhala esizogcinelwa ukudala izifinyezo. Isibonelo, uma iseva yethu ibhala idatha ngesivinini sama-megabytes angu-10 ngomzuzwana, futhi usayizi wedatha yonke i-terabytes engu-10 - isikhathi sokuvumelanisa singafinyelela usuku (amahora angu-22 - lokhu ukuthi ivolumu enjalo izodluliswa kangakanani phezu kwenethiwekhi 1 Gbps) - kufanelekile ukubhuka mayelana ne-800 GB . Eqinisweni, isibalo sizoba sincane, ungasihlukanisa ngokuphepha ngenani lamavolumu anengqondo.
Yenza isipele idivayisi yeseva yesitoreji
Umehluko omkhulu phakathi kweseva yokugcina amakhophi ayisipele amadiski ayo amakhulu, ashibhile futhi ahamba kancane. Njengoba ama-HDD anamuhla asevele ewele ibha ye-10TB kudiski eyodwa, kuyadingeka ukusebenzisa izinhlelo zefayela noma i-RAID ngama-checksums, ngoba ngesikhathi sokwakhiwa kabusha kwe-array noma ukubuyiselwa kwesistimu yefayela (izinsuku ezimbalwa!) ukwandisa umthwalo. Kumadiski anomthamo ongafika ku-1TB lokhu bekungazweli kangako. Ukuze kube lula ukuchaza, ngicabanga ukuthi isikhala sediski sihlukaniswe izingxenye ezimbili zosayizi olinganayo (futhi, isibonelo, kusetshenziswa i-LVM):
- amavolumu ahambisana namaseva asetshenziswa ukugcina idatha yomsebenzisi (ikhophi yokugcina eyenziwe izothunyelwa kuzo ukuze iqinisekiswe);
- amavolumu asetshenziswa njengamakhosombe e-BorgBackup (idatha yezipele izohamba ngqo lapha).
Umgomo wokusebenza ukuthi amavolumu ahlukene adalelwa iseva ngayinye yamakhosombe e-BorgBackup, lapho idatha evela kumaseva wokulwa izoya khona. Amakhosombe asebenza ngemodi yesithasiselo kuphela, eqeda ukuthi kungenzeka ukususa idatha ngamabomu, nangenxa yokuphindaphinda nokuhlanzwa ngezikhathi ezithile kwamakhosombe kumakhophi amadala (amakhophi onyaka asele, nyanga zonke onyakeni odlule, masonto onke enyangeni yokugcina, nsuku zonke ngesonto eledlule, mhlawumbe ezimweni ezikhethekile - ngehora ngosuku lokugcina: inani eliphelele lama-24 + 7 + 4 + 12 + ngonyaka - cishe amakhophi angu-50 kuseva ngayinye).
Amakhosombe e-BorgBackup awaniki amandla imodi yokufaka kuphela, esikhundleni salokho, i-ForcedCommand ku-.ssh/authorized_keys isetshenziswa into efana nale:
from="Π°Π΄ΡΠ΅Ρ ΡΠ΅ΡΠ²Π΅ΡΠ°",command="/usr/local/bin/borg serve --append-only --restrict-to-path /home/servername/borgbackup/",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc AAAAA.......Umzila oshiwo uqukethe iskripthi sokugoqa phezu kwe-borg, okuthi, ngaphezu kokuqalisa kanambambili ngamapharamitha, ngokungeziwe iqale inqubo yokubuyisela ikhophi eyisipele ngemva kokukhishwa kwedatha. Ukwenza lokhu, iskripthi se-wrapper sidala ifayela lethegi eduze kwendawo yokugcina ehambisanayo. Isipele sokugcina esenziwe sibuyiselwa ngokuzenzakalela kuvolumu enengqondo ehambisanayo ngemva kokuqedwa kwenqubo yokugcwalisa idatha.
Lo mklamo ikuvumela ukuthi ngezikhathi ezithile uhlanze izipele ezingadingekile, futhi uvimbela amaseva wokulwa ekususeni noma yini kuseva yokugcina isipele.
Inqubo yokwenza ikhophi yasenqolobaneni
Umqalisi wesipele yiseva ezinikezele noma i-VPS ngokwayo, njengoba lolu hlelo lunikeza ukulawula okwengeziwe kwenqubo yokusekelayo engxenyeni yale seva. Okokuqala, kuthathwe isifinyezo sesimo sesistimu yefayela lezimpande esebenzayo, ekhwezwayo futhi ilayishwe kusetshenziswa i-BorgBackup kuseva yesitoreji esiyisipele. Ngemva kokuqedwa kokuthatha idatha, isifinyezo siyehliswa futhi sisuswe.
Uma kukhona i-database encane (kufika ku-1 GB kusayithi ngalinye), ukulahlwa kwedatha kwenziwa, okugcinwe kuvolumu enengqondo efanele, lapho yonke idatha yesayithi efanayo itholakala, kodwa ukuze ukulahla ayitholakali ngeseva yewebhu. Uma izizindalwazi zizinkulu, kufanele ulungiselele ukususwa kwedatha βokushisayoβ, isibonelo, usebenzisa i-xtrabackup ye-MySQL, noma usebenze ne-WAL nge-archive_command ku-PostgreSQL. Kulesi simo, isizindalwazi sizobuyiselwa ngokuhlukene nedatha yesayithi.
Uma iziqukathi noma imishini ebonakalayo isetshenziswa, kufanele ulungiselele i-qemu-guest-agent, CRIU noma obunye ubuchwepheshe obudingekayo. Kwezinye izimo, izilungiselelo ezengeziwe ngokuvamile azidingeki - simane sakhe izifinyezo zamavolumu anengqondo, acutshungulwa ngendlela efanayo njengesifinyezo sesimo sesistimu yefayela lezimpande. Ngemuva kokuthi idatha isithathiwe, izithombe ziyasuswa.
Umsebenzi owengeziwe uyenziwa kuseva yokulondoloza ikhophi:
- isipele sokugcina esenziwe kunqolobane ngayinye siyahlolwa,
- ukuba khona kwefayela lokumaka kuyahlolwa, okubonisa ukuthi inqubo yokuqoqa idatha isiqediwe,
- idatha inwetshwa kuvolumu yendawo ehambisanayo,
- ifayela lethegi liyasuswa
Inqubo yokutakula iseva
Uma iseva eyinhloko ifa, khona-ke iseva ezinikele efanayo iyaqaliswa, eqala ngesithombe esithile esijwayelekile. Cishe ukulandwa kuzokwenzeka ngenethiwekhi, kodwa uchwepheshe wesikhungo sedatha omisa iseva angakopisha ngokushesha lesi sithombe esijwayelekile kwenye yamadiski. Ukulanda kwenzeka ku-RAM, ngemuva kwalokho inqubo yokutakula iqala:
- kwenziwa isicelo sokunamathisela idivayisi yokuvimba nge-iscsinbd noma enye iphrothokholi efanayo kuvolumu enengqondo equkethe isistimu yefayela eliyimpande yeseva eshonile; Njengoba uhlelo lwefayela lempande kufanele lube luncane, lesi sinyathelo kufanele siqedwe ngemizuzu embalwa. I-bootloader nayo ibuyiselwe;
- isakhiwo semiqulu yendawo enengqondo siyakhiwa kabusha, amavolumu anengqondo anamathiselwe kusuka kuseva eyisipele kusetshenziswa imojuli ye-dm_clone kernel: ukubuyiselwa kwedatha kuyaqala, futhi izinguquko zibhalwa ngokushesha kumadiski endawo.
- isitsha sethulwa nawo wonke amadiski atholakalayo ngokomzimba - ukusebenza kweseva kubuyiselwa ngokuphelele, kodwa ngokusebenza okuncishisiwe;
- ngemva kokuqedwa kokuvumelanisa idatha, amavolumu anengqondo avela kuseva eyisipele ayanqanyulwa, isiqukathi siyavalwa, futhi iseva iyaqalwa kabusha;
Ngemva kokuqalisa kabusha, iseva izoba nayo yonke idatha eyayikhona ngesikhathi kwenziwa ikhophi yasenqolobaneni, futhi izofaka phakathi zonke izinguquko ezenziwe phakathi nenqubo yokubuyisela.
Ezinye izihloko ochungechungeni
Isipele Ingxenye 7: Iziphetho
Ngiyakumema ukuthi uxoxe ngenketho ehlongozwayo kumazwana, ngiyabonga ngokunaka kwakho!
Source: www.habr.com