rsync
'rsync是Linux系統下的數據鏡像備份工具。Remote Sync 可以遠程同步,支持本地複製'
rsync特性
1.無須特殊權限即可安裝
2.可以做到保持原來文件的權限、時間、軟硬鏈接。
3.可以鏡像保存整個目錄樹和文件系統
4.快速:第一次同步時rsync將會複製全部內容,之後傳輸只傳輸修改過的文件,傳輸過程中實行壓縮及解壓縮操作,減少了帶寬。
5.安全:可以使用scp、ssh方式傳輸文件,或者通過直接的socket連接。
6.支持匿名傳輸,方便網站鏡像。
rsync的ssh認證協議
默認是省略-e ssh的:
'rsync -avz /SRC -e ssh [email protected]:/DEST'
-a 文件宿主變化,時間戳不變
-z 壓縮數據傳輸
修改端口:
'rsync -avz /SRC -e "ssh -p2222" [email protected]:/DEST'
(修改ssh協議的端口,默認是22)
rsync常見選項
-a (archive) 歸檔
-v (verbose) 囉嗦模式
-q (quiet) 靜默模式
-r (recursive) 遞歸
-p (perms) 保持原有的權限屬性
-z (compress) 在傳輸時壓縮,節省帶寬,加快傳輸速度rsync+inotify
' Inotify 是一種強大的,細粒度的、異步的文件系統事件監控機制,linux內核從2.6.13起,加入了Inotify支持,通過inotify可以監控文件系統中添加、刪除、修改、移動等各種細微事件,利用這個內核接口,第三方軟件就可以監控文件系統下文件的各種變化情況,而inotify-tools就是第三方軟件。'
' rsync 可以實現觸發式的文件同步,但是通過crontab守護進程方式進行觸發,同步的數據與實際數據會有差異,但是inotify可以監控文件系統的各種變化。'環境說明:
| 源服務器 | 192.168.228.20 | rsync\inotify-tools腳本 |
|---|---|---|
| 目標服務器 | 192.168.228.21 | rsync |
目標服務器操作
'關閉防火牆與selinux'
[root@yaoxiaorong ~]# systemctl stop firewalld
[root@yaoxiaorong ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@yaoxiaorong ~]# setenforce 0
[root@yaoxiaorong ~]# getenforce
Permissive
[root@yaoxiaorong ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[root@yaoxiaorong ~]# vim /etc/selinux/config
'安裝rsync服務端軟件'[root@yaoxiaorong ~]# yum -y install rsync
'設置rsyncd.conf配置文件'
[root@yaoxiaorong ~]# cat >> /etc/rsyncd.conf <<EOF
log file = /var/log/rsyncd.log
pidfile = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
secrets file = /etc/rsync.pass[etc_from_client]
path = /tmp/
comment = sync etc from client
uid = root
gid = root
port = 873
ignore errors
use chroot = no
read only = no
list = no
max connections = 200
timeout = 600
auth users = admin
hosts allow = 192.168.228.20
hosts deny = 192.168.1.1
EOF**查看修改的配置文件**
[root@yaoxiaorong ~]# tail -20 /etc/rsyncd.conf
log file = /var/log/rsyncd.log '日誌文件位置,啓動rsync後自動產生這個文件,無需提前創建'
pidfile = /var/run/rsyncd.pid 'pid文件的存放位置'
lock file = /var/run/rsync.lock '支持max connections參數的鎖文件'
secrets file = /etc/rsync.pass '用戶認證配置文件,裏面保存用戶名稱和密碼,必須手動創建這個文件'
[etc_from_client] '自定義同步名稱'
path = /tmp/ 'rsync服務端數據存放路徑,客戶端的數據將同步至此目錄'
comment = sync etc from client
uid = root '設置rsync運行權限爲root'
gid = root '設置rsync運行權限爲root'
port = 873 '默認端口'
ignore errors '表示出現錯誤忽略錯誤'
use chroot = no '默認爲true,修改爲no,增加對目錄文件軟鏈接的備份'
read only = no '設置rsync服務端爲讀寫權限'
list = no '不顯示rsync服務端資源列表'
max connections = 200 '最大連接數'
timeout = 600 '設置超時時間'
auth users = admin '執行數據同步的用戶名,可以設置多個,用英文狀態下逗號隔開'
hosts allow = 192.168.228.20 '允許進行數據同步的客戶端IP地址,可以設置多個,用英文狀態下逗號隔開'
hosts deny = 192.168.1.1 '禁止數據同步的客戶端IP地址,可以設置多個,用英文狀態下逗號隔開'
'創建用戶認證'
[root@yaoxiaorong ~]# echo 'admin:123456' > /etc/rsync.pass
[root@yaoxiaorong ~]# cat /etc/rsync.pass
admin:123456
'設置文件權限'
[root@yaoxiaorong ~]# chmod 600 /etc/rsync*
[root@yaoxiaorong ~]# ll /etc/rsync*
-rw-------. 1 root root 843 Aug 16 10:17 /etc/rsyncd.conf
-rw-------. 1 root root 13 Aug 16 10:35 /etc/rsync.pass
'啓動rsync服務並設置開機自啓動'
[root@yaoxiaorong ~]# systemctl start rsyncd
[root@yaoxiaorong ~]# systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
[root@yaoxiaorong ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 5 *:873 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 5 :::873 :::*
在源服務器上做操作:
'關閉防火牆與SELINUX'
[root@yaoxiaorong ~]# systemctl stop firewalld
[root@yaoxiaorong ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@yaoxiaorong ~]# getenforce
Enforcing
[root@yaoxiaorong ~]# setenforce 0
[root@yaoxiaorong ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
'配置yum源'
[root@yaoxiaorong ~]# cd /etc/yum.repos.d/
[root@yaoxiaorong yum.repos.d]# wget http://mirrors.163.com/.help/CentOS7-Base-163.repo
--2018-08-16 10:45:14-- http://mirrors.163.com/.help/CentOS7-Base-163.repo
Resolving mirrors.163.com (mirrors.163.com)... 59.111.0.251
Connecting to mirrors.163.com (mirrors.163.com)|59.111.0.251|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1572 (1.5K) [application/octet-stream]
Saving to: ‘CentOS7-Base-163.repo’
100%[====================>] 1,572 --.-K/s in 0s
2018-08-16 10:45:14 (65.2 MB/s) - ‘CentOS7-Base-163.repo’ saved [1572/1572]
[root@yaoxiaorong yum.repos.d]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@yaoxiaorong yum.repos.d]# sed -i 's/^enabled=.*/enabled=1/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@yaoxiaorong yum.repos.d]# vim CentOS7-Base-163.repo
[root@yaoxiaorong yum.repos.d]# yum -y install epel-release
[root@yaoxiaorong yum.repos.d]# yum -y install update --skip-broken
安裝rsync服務端軟件,只需要安裝,不要啓動,不需要配置
[root@yaoxiaorong ~]# yum -y install rysnc
'創建認證密碼文件'
[root@yaoxiaorong ~]# echo '123456' > /etc/rsync.pass
[root@yaoxiaorong ~]# cat /etc/rsync.pass
123456
'設置文件權限,只設置文件所有者具有讀取、寫入權限即可'
[root@yaoxiaorong ~]# chmod 600 /etc/rsync.pass
[root@yaoxiaorong ~]# ll /etc/rsync.pass
-rw-------. 1 root root 7 Aug 16 10:53 /etc/rsync.pass
'在源服務器上創建測試目錄,然後在源服務器運行以下命令'
[root@yaoxiaorong ~]# ls
anaconda-ks.cfg
[root@yaoxiaorong ~]# mkdir -pv /root/etc/test
mkdir: created directory ‘/root/etc’
mkdir: created directory ‘/root/etc/test’
[root@yaoxiaorong ~]# rsync -avH --port 873 --progress --delete /root/etc/ [email protected]::etc_from_client --password-
file=/etc/rsync.pass
sending incremental file list
deleting systemd-private-63981aeced5b4d538cd4b80c9f6c85d8-vmtoolsd.service-fpj9Ji/tmp/vmware-root/
deleting systemd-private-63981aeced5b4d538cd4b80c9f6c85d8-vmtoolsd.service-fpj9Ji/tmp/
deleting systemd-private-63981aeced5b4d538cd4b80c9f6c85d8-vmtoolsd.service-fpj9Ji/
deleting systemd-private-63981aeced5b4d538cd4b80c9f6c85d8-vgauthd.service-pA9skg/tmp/
deleting systemd-private-63981aeced5b4d538cd4b80c9f6c85d8-vgauthd.service-pA9skg/
deleting .font-unix/
deleting .XIM-unix/
deleting .X11-unix/
deleting .Test-unix/
deleting .ICE-unix/
./
test/
sent 77 bytes received 506 bytes 233.20 bytes/sec
total size is 0 speedup is 0.00
在目標服務器上查看,是否/tmp目錄下有test目錄
[root@yaoxiaorong ~]# cd /tmp/
[root@yaoxiaorong tmp]# ls
test
安裝inotify-tools工具,實時觸發rsync進行同步
'查看服務器內核是否支持inotify'
[root@yaoxiaorong tmp]# ll /proc/sys/fs/inotify/
total 0
-rw-r--r--. 1 root root 0 Aug 16 11:05 max_queued_events
-rw-r--r--. 1 root root 0 Aug 16 11:05 max_user_instances
-rw-r--r--. 1 root root 0 Aug 16 11:05 max_user_watches安裝inotify-tools
[root@yaoxiaorong ~]# yum -y install make gcc gcc-c++
[root@yaoxiaorong ~]# yum -y install inotify-tools寫同步腳本,讓腳本自動去檢測我們制定的目錄下,文件發生的變化,然後再執行rsync的命令把它同步到我們的服務器端
[root@yaoxiaorong ~]# mkdir /scripts
[root@yaoxiaorong ~]# touch /scripts/inotify.sh
[root@yaoxiaorong ~]# chmod 755 /scripts/inotify.sh
[root@yaoxiaorong ~]# ll /scripts/inotify.sh
-rwxr-xr-x. 1 root root 0 Aug 16 11:24 /scripts/inotify.sh
[root@yaoxiaorong ~]# vim /scripts/inotify.sh
#!/bin/bash
host=192.168.228.21 '目標服務器的ip(備份服務器)'
src=/etc '在源服務器上所要監控的備份目錄(此處可以自定義,但是要保證存在)'
des=etc_from_client '自定義的模塊名,需要與目標服務器上定義的同步名稱一致'
password=/etc/rsync.pass '執行數據同步的密碼文件'
user=admin '執行數據同步的用戶名'
inotifywait=/usr/bin/inotifywait
$inotifywait -mrq --timefmt '%Y%m%d %H:%M' --format '%T %w%f%e' -e modify,delete,create,attrib $src \
| while read files ;do
rsync -avzP --delete --timeout=100 --password-file=${password} $src $user@$host::$des
echo "${files} was rsynced" >>/tmp/rsync.log 2>&1
done
'啓動腳本'
[root@yaoxiaorong ~]# nohup bash /scripts/inotify.sh &
[1] 19859
[root@yaoxiaorong ~]# nohup: ignoring input and appending output to ‘nohup.out’
[root@yaoxiaorong ~]# ps -ef |grep inotify
root 19859 2936 0 11:36 pts/2 00:00:00 bash /scripts/inotify.sh
root 19860 19859 0 11:36 pts/2 00:00:00 /usr/bin/inotifywait -mrq --timefmt %Y%m%d %H:%M --format %T %w%f%e -e modify,delete,create,attrib /etc
root 19861 19859 0 11:36 pts/2 00:00:00 bash /scripts/inotify.sh
root 19865 2936 0 11:37 pts/2 00:00:00 grep --color=auto inotify
'在源服務器上生成一個新文件'
[root@yaoxiaorong ~]# mkdir /etc/httpd24
[root@yaoxiaorong ~]# echo 'hello world' > /etc/httpd24/test
[root@yaoxiaorong ~]# tail /tmp/rsync.log
'查看inotify生成的日誌'
[root@yaoxiaorong ~]# tail /tmp/rsync.log
20180816 11:38 /etc/httpd24CREATE,ISDIR was rsynced
20180816 11:39 /etc/httpd24/testCREATE was rsynced
20180816 11:39 /etc/httpd24/testMODIFY was rsynced
(從日誌上可以看到,我們生成了一個test文件,並且添加了內容到其裏面)
'設置腳本開機自動啓動'
[root@yaoxiaorong ~]# chmod +x /etc/rc.d/rc.local
[root@yaoxiaorong ~]# ll /etc/rc.d/rc.local
-rwxr-xr-x. 1 root root 473 Aug 5 2017 /etc/rc.d/rc.local
[root@yaoxiaorong ~]# echo 'nohup /bin/bash /scripts/inotify.sh' >> /etc/rc.d/rc.local
[root@yaoxiaorong ~]# tail /etc/rc.d/rc.local
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
touch /var/lock/subsys/local
nohup /bin/bash /scripts/inotify.sh
到目標服務器上去查看是否把新生成的文件自動傳上去
'在tmp下面查看,源服務器的/etc目錄整個同步到目標服務器,且新增的test文件也自動同步'
[root@yaoxiaorong tmp]# ls
etc test
[root@yaoxiaorong tmp]# ls etc/h
host.conf hosts hosts.deny
hostname hosts.allow httpd24/
[root@yaoxiaorong tmp]# ls etc/httpd24/
test
[root@yaoxiaorong tmp]# vim test/