1) rsync 명령시 암호 묻지 않고 실행하도록 설정
각 송신서버에서 실행해야함
참고1, 참고2
user@backend1-server:~$ cd ~/.ssh
# 암호화 키 발급
user@backend1-server:~/.ssh$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): #엔터
Enter passphrase (empty for no passphrase): #엔터
Enter same passphrase again: #엔터
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:ljv/dfjdlfkjdkdkfjwlefjdk문자열LT8Jj5SQ
user@backend1-server
The key's randomart image is:
+---[RSA 2048]----+
| .EoO. +*oO|
=| +O + o.oB*|
| o . |
...
| o . |
| ...' |
+----[SHA256]-----+
# 발급받은 키 확인
user@backend1-server:~/.ssh$ ll
total 20
drwx------ 2 user user 4096 Aug 10 17:02 ./
drwxr-xr-x 7 user user 4096 Aug 10 16:56 ../
-rw------- 1 user user 1679 Aug 10 17:02 id_rsa
-rw-r--r-- 1 user user 413 Aug 10 17:02 id_rsa.pub
# 키를 수신 서버에 전달
user@backend1-server:~/.ssh$ ssh-copy-id -i id_rsa.pub admin@10.1.xx.x
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
admin@10.1.xx.x''s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'admin@10.1.xx.x'"
and check to make sure that only the key(s) you wanted were added.
# 이렇게 해도 rsync명령시 암호를 묻길래 /etc/ssh/sshd_config 파일을 수정함
# 송신, 수신 양측 모두 .ssh 디렉토리의 권한을 700으로 수정함
2) 로그 수집 쉘스크립트 작성
로그파일 생성 -> 수신서버로 전송
user@backend1-server:~/mhw-api-log$ vi get-log.sh
----------------------------
#!/bin/bash
echo "yes"
SLEEP_SECOND=3
function some_task {
echo $(date "+%Y-%m-%d %H:%M:%S") ;
}
for i in $(seq -s " " 1 ${SLEEP_SECOND} 60);do
sudo docker logs -tn 2000 mhw-api > /home/user/mhw-api-log/mhw-api-log-2000.log
sed -i'' -r -e "/2022-/a\ " /home/user/mhw-api-log/mhw-api-log-2000.log # 한 줄씩 띄는! 차장님
rsync /home/user/mhw-api-log/mhw-api-log-2000.log admin@10.1.xx.x:/home/admin/log-app/mhw-api-log-2000.log
sleep ${SLEEP_SECOND};
done
----------------------------
3) cron 등록 - 로그 주기적으로 전송
user@backend1-server:~/mhw-api-log$ crontab -e
* * * * * /home/user/mhw-api-log/get-log.sh
4) 결과 확인 - 3초마다 도커 로그를 mhw-api-log-2000.log로 변환하여 저장 후 전송
user@backend1-server:~/mhw-api-log$ ll
total 1196
drwxrwxr-x 2 user user 4096 Aug 10 18:49 ./
drwxr-xr-x 7 user user 4096 Aug 10 18:48 ../
-rwxr-xr-x 1 user user 461 Aug 10 18:41 get-log.sh*
-rw-rw-r-- 1 user user 1211890 Aug 10 18:49 mhw-api-log-2000.log
1) rsync 명령시 암호 묻지 않고 실행하도록 설정
백엔드1 서버와 동일
2) 로그 수집 쉘스크립트 작성
[admin@backend2-server ~]$ vi /home/admin/get-log.sh
#!/bin/bash
echo "yes"
SLEEP_SECOND=3
function some_task {
echo $(date "+%Y-%m-%d %H:%M:%S") ;
}
for i in $(seq -s " " 1 ${SLEEP_SECOND} 60);do
rsync /usr/local/tomcat8/logs/catalina.out admin@10.1.xx.x:/home/admin/log-fhir/fhir-log.log
sleep ${SLEEP_SECOND};
done
3) cron 등록 - 로그 주기적으로 전송
[admin@backend2-server~]$ crontab -e
* * * * * /home/admin/get-log.sh
4) 결과 확인 - 3초마다 catalina.out을 fhir-log.log로 변환하여 저장 후 전송
1) log-server 서버 생성(10.1.xx.x)
2) web서버 띄우기
/home/admin/log-fhir
, /home/admin/log-app
폴더를 각 컨테이너의 html폴더와 볼륨으로 공유시킴#docker pull nginx:1.21-alpine -> bash접속이 불가능해서 1.21버전으로 변경. 접속 못해도 크게 상관없을듯
docker pull nginx:1.21
docker run -itd --name=log-app -v /home/admin/log-app:/usr/share/nginx/html -p 80:80 nginx:1.21
docker run -itd --name=log-fhir -v /home/admin/log-fhir:/usr/share/nginx/html -p 81:80 nginx:1.21
3) 각 백엔드 서버로부터 로그 파일 수신하여 index.html로 변환
백엔드1 서버 로그
[admin@log-server log-app]$ vi /home/admin/log-app/write-index.sh
---------------------------------------
#!/bin/bash
SLEEP_SECOND=3
function some_task {
echo $(date "+%Y-%m-%d %H:%M:%S") ;
}
for i in $(seq -s " " 1 ${SLEEP_SECOND} 60);do
mv /home/admin/log-app/mhw-api-log-2000.log /home/admin/log-app/index.html
sleep ${SLEEP_SECOND};
done
---------------------------------------
백엔드2 서버 로그
[admin@log-server log-fhir]$ vi /home/admin/log-fhir/write-index.sh
---------------------------------------
#!/bin/bash
SLEEP_SECOND=3
function some_task {
echo $(date "+%Y-%m-%d %H:%M:%S") ;
}
for i in $(seq -s " " 1 ${SLEEP_SECOND} 60);do
mv /home/admin/log-fhir/fhir-log.log /home/admin/log-fhir/index.html
sleep ${SLEEP_SECOND};
done
---------------------------------------
4) cron 등록 - 주기적 변환
* * * * * /home/admin/log-app/write-index.sh
* * * * * /home/admin/log-fhir/write-index.sh