Centos6系統利用rsync與ssh實現文件同步
Rsync(remote synchronize)是一個遠程數據同步工具,可通過LAN/WAN快速同步多臺主機間的文件。Rsync使用所謂的“Rsync算法”來使本地和遠程兩個主機之間的文件達到同步,這個算法只傳送兩個文件的不同部分,而不是每次都整份傳送,因此速度相當快。
Rsync本來是用於替代rcp的一個工具,目前由rsync.samba.org維護,所以rsync.conf文件的格式類似於samba的主配置文件。Rsync可以通過rsh或ssh使用,也能以daemon模式去運行,在以daemon方式運行時Rsync server會打開一個873端口,等待客戶端去連接。連接時,Rsync server會檢查口令是否相符,若通過口令查覈,則可以開始進行文件傳輸。第一次連通完成時,會把整份文件傳輸一次,以後則就只需進行增量備份。
Rsync支持大多數的類Unix系統,無論是Linux、Solaris還是BSD上都經過了良好的測試。此外,它在windows平臺下也有相應的版本,如cwRsync和Sync2NAS等工具。
10.100.10.10(服務器端)
tar xvf rsync-patches-3.0.9.tar.gz
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
rsync.x86_64 3.0.6-9.el6 @base
Make && make install
ln -sv /usr/local/rsync/bin/rsync /usr/bin/rsync
ln -sv /usr/local/rsync/bin/rsync /usr/sbin/rsync
# Section 1: Global settings
max connections = 3
strict modes = yesi
pid file = /var/run/rsync/rsyncd.pid
log file = /var/log/rsync/rsyncd.log
lock file = /var/log/rsync/rsyncd.lock
path = /var/log/httpd/
ignore errors = yes
hosts allow = x.x.x.0/255.255.255.0 y.y.0.0/255.255.0.0 允許來同步數據的主機,多個用空格隔開
auth users = loguser
secrets file = /etc/rsync.passwd
path = /appsdata/apps/tomcat/logs
ignore errors = yes
hosts allow = x.x.x.0/255.255.255.0 y.y.0.0/255.255.0.0 允許來同步數據的主機,多個用空格隔開
auth users = loguser
secrets file = /etc/rsync.passwd
path = /appsdata/apps/nginx/logs
ignore errors = yes
hosts allow = x.x.x.0/255.255.255.0 y.y.0.0/255.255.0.0 允許來同步數據的主機,多個用空格隔開
auth users = loguser
secrets file = /etc/rsync.passwd
vim /etc/rsync.passwd
其中冒號前的是用戶名,冒號後的是對應用戶的密碼。此文件不能爲其他任意用戶可訪問,因此可用如下命令修改:
mkdir -pv /var/run/rsync/ /var/log/rsync /var/lock/rsync
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 26635/rsync
tcp 0 0 :::873 :::* LISTEN 26635/rsync
1)、開啓root用戶ssh認證權限
vim /etc/ssh/sshd_config
PermitRootLogin yes 將其註釋去掉
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
b5:02:63:6f:93:30:a0:f2:a6:e6:e0:a1:05:f3:23:79 root@idc010vm010
The key's randomart image is:
+--[ RSA 2048]----+
| . |
| . . |
|. . * . |
| o . * o . |
| B . o |
cat .ssh/id_rsa.pub >> authorized_keys
scp authorized_keys [email protected]:/root/.ssh 要在12服務器mkdir .ssh 之後進行,
ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
5b:fd:ab:b1:bd:10:5a:8d:2d:f1:77:78:4b:1f:8b:2b root@idc010vm012
The key's randomart image is:
+--[ RSA 2048]----+
| . |
cat .ssh/id_rsa.pub >> authorized_keys
scp authorized_keys [email protected]:/root/.ssh 輸入10機器的root用戶密碼即可。
Warning: Permanently added '10.100.10.10' (RSA) to the list of known hosts.
Last login: Wed Sep 12 15:17:03 2012 from idc010vm012.idc.lecast
ssh-keygen –t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/loguser/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/loguser/.ssh/id_rsa.
Your public key has been saved in /home/loguser/.ssh/id_rsa.pub.
The key fingerprint is:
5d:3c:e7:af:8c:5a:60:13:17:a9:87:e8:98:8b:9e:ed loguser@idc010vm010
The key's randomart image is:
| .. |
| ... |
| ..o+.+ |
| o .. o . |
| . . . .|
| .o. . o . |
| .o.E ... o |
cp /home/loguser/.ssh/id_rsa.pub /home/loguser/authorized_keys
scp /home/loguser/authorized_keys [email protected]:/home/loguser/.ssh/
chmod –R 600 .ssh/*
ssh-keygen –t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/loguser/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/loguser/.ssh/id_rsa.
Your public key has been saved in /home/loguser/.ssh/id_rsa.pub.
The key fingerprint is:
c4:95:5a:5a:89:93:34:45:e3:9f:d2:f4:79:86:89:4c loguser@idc010vm012
The key's randomart image is:
+--[ RSA 2048]----+
| .o==o |
| .++=. |
| o*. E |
| . o |
cp /home/loguser/.ssh/id_rsa.pub /home/loguser/authorized_keys
scp /home/loguser/authorized_keys [email protected]:/home/loguser/.ssh/
chmod –R 600 .ssh/*
Warning: Permanently added '10.100.10.10' (RSA) to the list of known hosts.
scp 10.100.10.10:/etc/rsyncd.conf ./ 放在家目錄下,隨後用root用戶cp至/etc下。
Warning: Permanently added '10.100.10.10' (RSA) to the list of known hosts.
rsyncd.conf 100% 905 0.9KB/s 00:00
[loguser@idc010vm012 .ssh]$ rsync -vzrtopg --progress --stats -e ssh /opt/GeoDB.dat [email protected]:/tmp/cmake
Warning: Permanently added '10.100.10.10' (RSA) to the list of known hosts.
sending incremental file list
4333568 100% 11.52MB/s 0:00:00 (xfer#1, to-check=0/1)
Number of files: 1
Number of files transferred: 1
Total file size: 4333568 bytes
Total transferred file size: 4333568 bytes
Literal data: 4333568 bytes
Matched data: 0 bytes
File list size: 27
File list generation time: 0.001 seconds
File list transfer time: 0.000 seconds
Total bytes sent: 554522
Total bytes received: 31
sent 554522 bytes received 31 bytes 369702.00 bytes/sec
total size is 4333568 speedup is 7.81
[root@idc010vm010 tmp]# ll cmake
四、Rsync的常用參數描述:
--backup-dir 將備份文件(如~filename)存放在在目錄下。
-L, --copy-links 想對待常規文件一樣處理軟鏈結
--copy-unsafe-links 僅僅拷貝指向SRC路徑目錄樹以外的鏈結
-H, --hard-links 保留硬鏈結
-W, --whole-file 拷貝文件,不進行增量檢測
-x, --one-file-system 不要跨越文件系統邊界
-B, --block-size=SIZE 檢驗算法使用的塊尺寸,默認是700字節
-e, --rsh=COMMAND 指定替代rsh的shell程序
--rsync-path=PATH 指定遠程服務器上的rsync命令所在路徑信息
-C, --cvs-exclude 使用和CVS一樣的方法自動忽略文件,用來排除那些不希望傳輸的文件
--delete 刪除那些DST中SRC沒有的文件
--delete-excluded 同樣刪除接收端那些被該選項指定排除的文件
--ignore-errors 即使出現IO錯誤也進行刪除
--max-delete=NUM 最多刪除NUM個文件
--numeric-ids 不將數字的用戶和組ID匹配爲用戶名和組名
--timeout=TIME IP超時時間,單位爲秒
-I, --ignore-times 不跳過那些有同樣的時間和長度的文件
--exclude=PATTERN 指定排除不需要傳輸的文件模式
--include=PATTERN 指定不排除而需要傳輸的文件模式
--exclude-from=FILE 排除FILE中指定模式的文件
--include-from=FILE 不排除FILE指定模式匹配的文件
--log-format=formAT 指定日誌文件格式
--password-file=FILE 從FILE中得到密碼
--bwlimit=KBPS 限制I/O帶寬,KBytes per second
另外要注意最後的/ 有沒有是不一樣的:
如:
[loguser@idc010vm010 ~]$ rsync --list-only -e ssh 10.100.10.12:/var/log
Warning: Permanently added '10.100.10.12' (RSA) to the list of known hosts.
[loguser@idc010vm010 ~]$ rsync --list-only -e ssh 10.100.10.12:/var/log/
Warning: Permanently added '10.100.10.12' (RSA) to the list of known hosts.
-rw------- 5311 2012/07/12 16:17:29 anaconda.ifcfg.log
-rw------- 37319 2012/07/12 16:17:29 anaconda.program.log
-rw------- 299403 2012/07/12 16:17:29 anaconda.storage.log
-rw------- 41263 2012/07/12 16:17:29 anaconda.syslog
-rw------- 4596 2012/07/12 16:17:29 anaconda.yum.log
-rw-r--r-- 3142485 2012/09/11 16:43:10 localhost_access_log.2012-07-23.txt
-rw-r--r-- 3142485 2012/09/11 16:06:36 localhost_access_log.2012-09-11.txt
rsync -av /src_dir/ user@IP_Addres:/dest_dir/
A-->B 同步本地到遠端
rsync -av user@IP_Addres:/src_dir/ /dest_dir/
B-->A 同步遠端到本地
A-->B 同步本地到遠端
B-->A 同步遠端到本地
在日常的使用中,可以將rsync同步的事件寫在crontab 任務裏或者先寫至腳本里,然後定期執行,減輕了維護人員手動操作的負擔。