[root@backup ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.16.1.5 lb01 172.16.1.6 lb02 172.16.1.7 web01 172.16.1.8 web02 172.16.1.9 web03 172.16.1.31 nfs01 172.16.1.41 backup 172.16.1.51 db01 172.16.1.61 m01 [root@backup ~]# getenforce Disabled [root@backup ~]# systemctl status firewalld.service ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) [root@backup ~]# rpm -qa | grep rsync rsync-3.1.2-4.el7.x86_64 [root@backup ~]# yum -y install rsync [root@backup ~]# rsync --version rsync version 3.1.2 protocol version 31 Copyright (C) 1996-2015 by Andrew Tridgell, Wayne Davison, and others. Web site: http://rsync.samba.org/ Capabilities: 64-bit files, 64-bit inums, 64-bit timestamps, 64-bit long ints, socketpairs, hardlinks, symlinks, IPv6, batchfiles, inplace, append, ACLs, xattrs, iconv, symtimes, prealloc rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the GNU General Public Licence for details. rsync相当于cp/scp/rm命令 [root@backup ~]# cp /etc/hosts /tmp/hosts_bak01 [root@backup ~]# ls -l /tmp/ total 4 -rw-r--r-- 1 root root 327 Jul 13 05:49 hosts_bak01 [root@backup ~]# rsync /etc/hosts /tmp/hosts_bak02 [root@backup ~]# ls -l /tmp/ total 8 -rw-r--r-- 1 root root 327 Jul 13 05:49 hosts_bak01 -rw-r--r-- 1 root root 327 Jul 13 05:50 hosts_bak02 [root@backup ~]# scp /etc/hosts root@nfs01:/tmp/hosts_bak01 root@nfs01's password: hosts 100% 327 128.4KB/s 00:00 [root@nfs01 ~]# ls -l /tmp/ total 4 -rw-r--r-- 1 root root 327 Jul 13 05:47 hosts_bak01 [root@backup ~]# rsync /etc/hosts root@nfs01:/tmp/hosts_bak02 root@nfs01's password: [root@nfs01 ~]# ls -l /tmp/ total 8 -rw-r--r-- 1 root root 327 Jul 13 05:47 hosts_bak01 -rw-r--r-- 1 root root 327 Jul 13 05:48 hosts_bak02 [root@backup ~]# mkdir -p /root/data/mysql/3306/{data,logs,tmp} [root@backup ~]# scp -rp /root/data root@nfs01:/tmp root@nfs01's password: [root@nfs01 ~]# tree /tmp/ /tmp/ ├── data │ └── mysql │ └── 3306 │ ├── data │ ├── logs │ └── tmp ├── hosts_bak01 └── hosts_bak02 6 directories, 2 files [root@nfs01 ~]# rm -rf /tmp/* [root@backup ~]# rsync -rp /root/data root@nfs01:/tmp root@nfs01's password: [root@nfs01 ~]# tree /tmp/ /tmp/ └── data └── mysql └── 3306 ├── data ├── logs └── tmp 6 directories, 0 files 利用rsync传输目录数据 目录数据后面有/ /data/ 将目录下面的数据内容进行传输 目录数据后面没/ /data 将目录本身和目录下面的数据内容进行传输 [root@backup ~]# mkdir /test [root@backup ~]# touch /test/test{01..10}.txt [root@backup ~]# ls -l /test/ total 0 -rw-r--r-- 1 root root 0 Jul 13 06:08 test01.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test02.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test03.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test04.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test05.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test06.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test07.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test08.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test09.txt -rw-r--r-- 1 root root 0 Jul 13 06:08 test10.txt [root@backup ~]# mkdir /null [root@backup ~]# rsync -avz --delete /null/ /test/ sending incremental file list deleting test10.txt deleting test09.txt deleting test08.txt deleting test07.txt deleting test06.txt deleting test05.txt deleting test04.txt deleting test03.txt deleting test02.txt deleting test01.txt sent 39 bytes received 152 bytes 382.00 bytes/sec total size is 0 speedup is 0.00 [root@backup ~]# ls -l /null/ total 0 [root@backup ~]# ls -l /test/ total 0 --delete 无差异同步参数 将两个目录中的数据保持高度一致 我的东西 /null 你也有 我没有的东西 /null 你也不能有 [root@backup ~]# ls /etc/hosts /etc/hosts [root@backup ~]# rsync /etc/hosts -rw-r--r-- 327 2019/07/12 06:04:32 hosts [root@backup ~]# rsync /root drwxr-xr-x 128 2019/07/13 06:07:36 root [root@backup ~]# rsync /root/ drwxr-xr-x 128 2019/07/13 06:07:36 . -rw-r--r-- 96 2019/07/13 06:06:17 .bash_history -rw-r--r-- 18 2019/07/13 06:06:31 .bash_logout -rw-r--r-- 176 2019/07/13 06:07:03 .bash_profile -rw-r--r-- 271 2019/07/13 06:06:42 .bashrc -rw-r--r-- 100 2019/07/13 06:07:14 .cshrc -rw-r--r-- 129 2019/07/13 06:07:26 .tcshrc -rw------- 3,863 2019/07/13 06:07:36 .viminfo rsync命令详细用法说明 Local: rsync [OPTION...] SRC... [DEST] 本地复制备份文件 == cp SRC 要备份的数据 DEST 要备份到什么路径中 Access via remote shell: 远程复制备份文件 Pull: rsync [OPTION...] [USER@]HOST:SRC... [DEST] 远端数据 拉取 本地 [USER@]: 指定以什么用户身份登录到远程主机(默认是当前系统用户) HOST: 远程主机IP地址或者主机名称 SRC: 远程要拉取的数据信息 DEST: 保存到本地路径信息 Push: rsync [OPTION...] SRC... [USER@]HOST:DEST 本地数据 推送 远端 [USER@]: 指定以什么用户身份登录到远程主机(默认是当前系统用户) HOST: 远程主机IP地址或者主机名称 SRC: 本地要推送的数据信息 DEST: 保存到远程路径信息 Access via rsync daemon: 利用守护进程方式 Pull: rsync [OPTION...] [USER@]HOST::SRC... [DEST] rsync [OPTION...] rsync://[USER@]HOST[:PORT]/SRC... [DEST] Push: rsync [OPTION...] SRC... [USER@]HOST::DEST src: 本地要推送的数据信息 [USER@] 认证用户名称信息 HOST: 备份服务器IP地址或者主机名称 host后面需要有两个冒号 DEST: 指定模块信息 backup rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST 备份服务部署 服务端部署 [root@backup ~]# yum -y install rsync [root@backup ~]# rpm -qa | grep rsync rsync-3.1.2-4.el7.x86_64 [root@backup ~]# vi /etc/rsyncd.conf #rsync_config #created by HQ at 2017 ##rsyncd.conf start## uid = rsync gid = rsync port = 873 fake super = yes use chroot = no max connections = 200 timeout = 300 pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock log file = /var/log/rsyncd.log ignore errors read only = false list = false hosts allow = 172.16.1.0/24 hosts deny = 0.0.0.0/32 auth users = rsync_backup secrets file = /etc/rsync.password [backup] comment = "backup dir by oldboy" path = /backup [root@backup ~]# useradd rsync -M -s /sbin/nologin [root@backup ~]# id rsync uid=1000(rsync) gid=1000(rsync) groups=1000(rsync) [root@backup ~]# echo "rsync_backup:123" >/etc/rsync.password [root@backup ~]# chmod 600 /etc/rsync.password [root@backup ~]# ls -l /etc/rsync.password -rw------- 1 root root 17 Jul 13 06:20 /etc/rsync.password [root@backup ~]# mkdir /backup -p [root@backup ~]# chown rsync:rsync /backup [root@backup ~]# ls -ld /backup drwxr-xr-x 5 rsync rsync 39 Jul 12 03:52 /backup [root@backup ~]# systemctl enable rsyncd Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service. [root@backup ~]# systemctl start rsyncd [root@backup ~]# systemctl status rsyncd ● rsyncd.service - fast remote file copy program daemon Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled) Active: active (running) since Sat 2019-07-13 06:22:21 CST; 15s ago Main PID: 7343 (rsync) CGroup: /system.slice/rsyncd.service └─7343 /usr/bin/rsync --daemon --no-detach Jul 13 06:22:21 backup systemd[1]: Started fast remote fi... Hint: Some lines were ellipsized, use -l to show in full. 客户端备份存储测试 [root@nfs01 ~]# rsync -avz /etc/hosts rsync_backup@backup::backup Password: sending incremental file list hosts sent 214 bytes received 43 bytes 102.80 bytes/sec total size is 327 speedup is 1.27 [root@backup ~]# ls -l /backup/ total 4 drwxr-xr-x 2 root root 29 Jul 12 03:50 conf -rw-r--r-- 1 rsync rsync 327 Jul 12 23:15 hosts drwxr-xr-x 2 root root 54 Jul 12 05:39 sh drwxr-xr-x 2 root root 49 Jul 12 03:52 sql [root@backup ~]# rm -rf /backup/hosts 客户端部署 创建密码文件 [root@nfs01 ~]# echo "123" > /etc/rsync.password [root@nfs01 ~]# chmod 600 /etc/rsync.password [root@nfs01 ~]# ls -l /etc/rsync.password -rw------- 1 root root 4 Jul 13 06:25 /etc/rsync.password 免交互传输数据测试 [root@nfs01 ~]# rsync -avz /etc/hosts rsync_backup@backup::backup --password-file=/etc/rsync.password sending incremental file list hosts sent 214 bytes received 43 bytes 514.00 bytes/sec total size is 327 speedup is 1.27 [root@backup ~]# ls -l /backup/ total 4 drwxr-xr-x 2 root root 29 Jul 12 03:50 conf -rw-r--r-- 1 rsync rsync 327 Jul 12 23:15 hosts drwxr-xr-x 2 root root 54 Jul 12 05:39 sh drwxr-xr-x 2 root root 49 Jul 12 03:52 sql 操作常见问题: 问题一: # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup Password: @ERROR: auth failed on module backup rsync error: error starting client-server protocol (code 5) at main.c(1648) [sender=3.1.2] 传输失败原因: auth failed on module backup --- 认证失败 1)用户名不正确/密码不正确 2)密码文件编写格式不正确/密码文件名称不正确 rsync_backup:oldboy123 3)密码文件权限不正确 600 问题二: # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup @ERROR: Unknown module 'backup' rsync error: error starting client-server protocol (code 5) at main.c(1648) [sender=3.1.2] 传输失败原因: Unknown module 'backup' backup模块未知 问题三:复制配置文件有注释信息 rsync命令参数说明 -v increase verbosity 显示数据传输过程信息 -z compress file data during the transfer 将传输的数据进行压缩处理 -a archive mode 归档参数:等价于输入了 -rlptgoD -r 递归传输数据信息(传输目录) -l copy symlinks as symlinks 最没有意义参数 保持链接文件属性 -L 将链接文件指向的源文件进行备份传输 -p 保持文件权限不变 -t 保持文件时间信息不变 (修改时间不变) -g 保持文件属组信息不变 -o 保持文件属主信息不变 -D 保持设备文件属性信息不变 --delete 实现无差异同步参数 让服务器目录中数据信息 和 备份目录中的数据信息 保持高度一致 --exclude=PATTERN exclude files matching PATTERN tar --exclude-from=FILE read exclude patterns from FILE 排除指定数据信息不做备份传输 备份服务原理过程 1.客户端:发送要传输数据的请求 rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password 2.服务端:接收到传输数据请求,进行用户认证操作 服务端确认用户信息是否正确 确认客户端输入的用户 == 服务端配置文件用户 服务端确认用户密码是否正确 确认客户端输入的密码 == 服务端相应用户的密码信息 oldboy:oldboy123 在进行用户认证时,需要判断两个文件的权限是否是600 3.客户端:将数据传输到服务端 会转换传输者的身份(rsync) 将数据信息权限改动 rsync 4.服务端:如果想让数据正确保存 修改备份目录 5.备份服务参数说明 -avz [root@backup ~]# vim /etc/rsyncd.conf 加入: [sa] comment = "for system admin" path = /sa [dev] comment = "for dev" path = /dev [dba] comment = "for database" path = /dba [root@backup ~]# mkdir -p /{sa,dev,dba} [root@backup ~]# chown rsync:rsync /{sa,dev,dba} [root@backup ~]# ls -ld /sa drwxr-xr-x 2 rsync rsync 6 Jul 18 00:29 /sa [root@backup ~]# ls -ld /dev drwxr-xr-x 18 rsync rsync 3180 Jul 17 23:42 /dev [root@backup ~]# ls -ld /dba drwxr-xr-x 2 rsync rsync 6 Jul 18 00:29 /dba 如果统一将数据存储在一个目录中,如何进行区分不同数据是哪个用户存储的? 注意:备份服务器中一定要有指定存储的用户存在!多个主机用户id要保持一致! [root@backup ~]# ls -ld /backup drwxr-xr-x 5 rsync rsync 52 Jul 13 06:27 /backup [root@backup ~]# vim /etc/rsyncd.conf uid = root gid = root #fake super = yes [root@backup ~]# chown root:root /backup [root@backup ~]# ls -ld /backup drwxr-xr-x 5 root root 52 Jul 13 06:27 /backup [root@backup ~]# systemctl restart rsyncd [root@backup ~]# useradd -u 2001 natasha [root@backup ~]# useradd -u 2002 barry [root@nfs01 ~]# useradd -u 2001 natasha [root@nfs01 ~]# useradd -u 2002 barry [natasha@nfs01 ~]$ touch test01.txt [natasha@nfs01 ~]$ ls -l test01.txt -rw-rw-r-- 1 natasha natasha 0 Jul 18 00:51 test01.txt [natasha@nfs01 ~]$ rsync -avz /home/natasha/test01.txt rsync_backup@backup::backup Password: sending incremental file list test01.txt sent 111 bytes received 43 bytes 102.67 bytes/sec total size is 0 speedup is 0.00 [root@backup ~]# ls -l /backup/test01.txt -rw-rw-r-- 1 natasha natasha 0 Jul 18 00:51 /backup/test01.txt 备份数据进行排除备份 --exclude: 排除指定单个数据信息 --exclude-from:排除指定多个数据信息 [root@nfs01 ~]# mkdir /tmp/test{01..05} [root@nfs01 ~]# touch /tmp/test{01..05}/test{01..03}.txt [root@nfs01 ~]# tree /tmp/ /tmp/ ├── test01 │ ├── test01.txt │ ├── test02.txt │ └── test03.txt ├── test02 │ ├── test01.txt │ ├── test02.txt │ └── test03.txt ├── test03 │ ├── test01.txt │ ├── test02.txt │ └── test03.txt ├── test04 │ ├── test01.txt │ ├── test02.txt │ └── test03.txt └── test05 ├── test01.txt ├── test02.txt └── test03.txt 5 directories, 15 files 需求01:备份/tmp整个数据,排除test02目录不要同步备份,排除test03目录中test03.txt文件不要备份 --exclude指定排除数据信息,目录结构必须是相对路径,相对于传输的目录而言 [root@nfs01 ~]# rsync -avz /tmp/ --exclude=test02 --exclude=test03/test03.txt rsync_backup@172.16.1.41::backup Password: sending incremental file list ./ test01/ test01/test01.txt test01/test02.txt test01/test03.txt test03/ test03/test01.txt test03/test02.txt test04/ test04/test01.txt test04/test02.txt test04/test03.txt test05/ test05/test01.txt test05/test02.txt test05/test03.txt sent 887 bytes received 261 bytes 459.20 bytes/sec total size is 0 speedup is 0.00 需求02:备份/tmp整个数据,排除test02目录中test01.txt test02.txt,排除test03目录中test01.txt test02.txt [root@nfs01 ~]# vim exclude.txt test02/test01.txt test02/test02.txt test03/test01.txt test03/test02.txt [root@nfs01 ~]# rsync -avz /tmp/ --exclude-from=/root/exclude.txt rsync_backup@172.16.1.41::backup Password: sending incremental file list ./ test01/ test01/test01.txt test01/test02.txt test01/test03.txt test02/ test02/test03.txt test03/ test03/test03.txt test04/ test04/test01.txt test04/test02.txt test04/test03.txt test05/ test05/test01.txt test05/test02.txt test05/test03.txt sent 914 bytes received 265 bytes 786.00 bytes/sec total size is 0 speedup is 0.00 企业备份服务创建多级目录(一级一级创建,不能一次性创建多级目录) [root@nfs01 ~]# rsync -avz /tmp/ rsync_backup@172.16.1.41::backup/test/ Password: sending incremental file list created directory test ./ .ICE-unix/ .Test-unix/ .X11-unix/ .XIM-unix/ .font-unix/ test01/ test01/test01.txt test01/test02.txt test01/test03.txt test02/ test02/test01.txt test02/test02.txt test02/test03.txt test03/ test03/test01.txt test03/test02.txt test03/test03.txt test04/ test04/test01.txt test04/test02.txt test04/test03.txt test05/ test05/test01.txt test05/test02.txt test05/test03.txt sent 1,141 bytes received 383 bytes 1,016.00 bytes/sec total size is 0 speedup is 0.00 不能一次性备份创建多级目录,只能一级一级的来。 [root@nfs01 ~]# rsync -avz /tmp/ rsync_backup@172.16.1.41::backup/test/123/456/ Password: sending incremental file list rsync: mkdir "test/123/456" (in backup) failed: No such file or directory (2) rsync error: error in file IO (code 11) at main.c(657) [Receiver=3.1.2] 企业备份数据访问控制 备份服务配置文件中:全局配置、局部配置。 全局配置:在模块之上配置都是全局配置,可以影响所有模块。 局部配置:在模块中的配置都是局部配置,可以影响指定模块。 优先级:局部配置优先于全局配置。 [root@backup ~]# vim /etc/rsyncd.conf hosts allow = 172.16.1.0/24 ---允许172.16.1.0/24网段主机存储数据 hosts deny = 0.0.0.0/32 ---阻止0.0.0.0地址主机存储数据 企业备份数据模块列表功能 [root@backup ~]# vim /etc/rsyncd.conf list = true #如果改为true,客户端可以列表显示服务端详细模块信息 [root@backup ~]# systemctl restart rsyncd [root@nfs01 ~]# rsync -avz rsync_backup@172.16.1.41:: backup "backup dir by oldboy" sa "for system admin" dev "for dev" dba "for database" 企业应用无差异同步 --delete:保证客户端和服务端数据高度一致,快速清空删除目录数据 == rm -rf xxx 远程清空数据目录:rsync -avz --delete /null 172.16.1.41:/backup 本地清空数据目录:rsync -avz --delete /test01.txt /tmp/test01.txt 本地清空数据文件:rsync -ave --delete /test01.txt /tmp/test01.txt 传输大的文件,如何显示传输过程:-P [root@nfs01 ~]# dd if=/dev/zero of=/tmp/200M bs=10M count=20 20+0 records in 20+0 records out 209715200 bytes (210 MB) copied, 1.40136 s, 150 MB/s [root@nfs01 ~]# rsync -avzP /tmp/200M rsync_backup@172.16.1.41::backup Password: sending incremental file list 200M 209,715,200 100% 104.97MB/s 0:00:01 (xfr#1, to-chk=0/1) sent 204,042 bytes received 43 bytes 45,352.22 bytes/sec total size is 209,715,200 speedup is 1,027.59 企业传输数据扩展应用 服务端端口号发生改变 --port 端口号 [root@nfs01 ~]# rsync -avzP /tmp/500M rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password --port 874 sending incremental file list sent 47 bytes received 20 bytes 134.00 bytes/sec total size is 524,288,000 speedup is 7,825,194.03 服务端配置文件保存路径不正确 [root@backup ~]# rsync --daemon --config=/tmp/rsync.conf [root@backup ~]# netstat -lntup|grep rsync tcp 0 0 0.0.0.0:874 0.0.0.0:* LISTEN 9933/rsync tcp6 0 0 :::874 :::* LISTEN 9933/rsync