目录
rsync
可实现全量及增量的本地或远程数据镜像同步备份的优秀工具
特性:
- 支持拷贝特殊文件如链接、设备等;
- 可以有排除指定文件或目录同步的功能,相当于打包命令tar的排除功能
- 可以做到保持原文件或目录的权限、时间、软硬链接、属主、组等所有属性均不改变;
- 可实现增量同步,即只同步发生变化的数据,因此数据传输效率很高;
- 可以使用rcp、rsh、ssh等方式来配合传输文件;
- 可以通过socket(进程方式)传输文件和数据;
- 可支持匿名的或认证(无需系统用户)的进程模式传输,可实现方便安全的进行数据备份及镜像
工作方式:
三大传输方式
- 主机本地间的数据传输(类似于cp)
- 借助rcp、ssh等通道来传输数据(类似于scp)
- 以守护进程(socket)的方式传送数据
本地传输模式:
Local: rsync [OPTION...] SRC... [DEST]
示例一:把系统的host文件同步到/opt目录
[root@localhost ~]# rsync /etc/hosts /opt/
[root@localhost ~]# ls /opt/
hosts示例二:把opt目录拷贝到/mnt目录
[root@localhost ~]# rsync -avz /opt/ /mnt/
sending incremental file list
./
hosts
sent 210 bytes received 34 bytes 162.67 bytes/sec
total size is 187 speedup is 0.77远程shell进行数据传输:
Access via remote shell:
Pull: rsync [OPTION...] [USER@]HOST:SRC... [DEST]
Push: rsync [OPTION...] SRC... [USER@]HOST:DEST
- 拉取为get,表示从远端主机把数据同步到执行命令的本地主机相应目录
- 推送为put,表示从本地主机执行命令把本地的数据同步到远端主机指定目录下。
示例一:拉取实例
[root@localhost ~]#
[root@localhost ~]# rsync -avz /etc/hosts -e 'ssh -p 22' root@192.168.147.128:~
The authenticity of host '192.168.147.128 (192.168.147.128)' can't be established.
RSA key fingerprint is 47:b8:3c:46:41:57:06:08:b4:56:c5:d2:d4:17:f6:e2.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.147.128' (RSA) to the list of known hosts.
root@192.168.147.128's password:
sending incremental file list
hosts
sent 197 bytes received 31 bytes 30.40 bytes/sec
total size is 187 speedup is 0.82示例二:推送实例
[root@localhost tmp]# rsync -avz -e 'ssh -p 22' root@192.168.147.128:~/hosts /tmp/
root@192.168.147.128's password:
receiving incremental file list
hosts
sent 30 bytes received 202 bytes 66.29 bytes/sec
total size is 187 speedup is 0.81使用守护进程的方式数据传输
也分为两种,分别为拉取和推送
Access via rsync daemon:
Pull: rsync [OPTION...] [USER@]HOST::SRC... [DEST]
rsync [OPTION...] rsync://[USER@]HOST[:PORT]/SRC... [DEST]
Push: rsync [OPTION...] SRC... [USER@]HOST::DEST
rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST通过rsync在本地数据传输实践
rsync命令同步参数选项
rsync [OPTION...] SRC... [DEST]
常用参数选项说明:
-H 保留源文件的硬链接文件
-r 递归模式,包含目录及子目录的所有信息
-z 在传输文件的同时进行压缩
-a 归档模式,表示以递归方式传输时,保持所有文件属性
-v 显示同步过程的信息
-t 保留文件的时间标记
-o 保留文件的属主标记
-p 保留了文件的权限标记
-D 保留了设备文件和一些特殊的文件
-S 对零散文件的处理
-g 保留了文件的属组信息
-l 保持软连接
-e 使用的信道协议
--exclude=PATTERN 指定排除不需要传输的文件模式
avz相当于vzrtopgDl注意以下两条命令区别
[root@localhost ~]# rsync -avz /opt /mnt/
sending incremental file list
opt/
opt/hosts
sent 222 bytes received 35 bytes 514.00 bytes/sec
total size is 187 speedup is 0.73
[root@localhost ~]# rsync -avz /opt/ /mnt/
sending incremental file list
./
hosts
sent 210 bytes received 34 bytes 162.67 bytes/sec
total size is 187 speedup is 0.77加 / 表示只传输 / 下面的内容不包括目录,不加 / 连同目录和其下文件一起传输
借助ssh key密钥实现免登录验证加密传输
事先设置ssh key密钥免登录验证。
守护进程方式
配置文件
[root@localhost ~]# vim /etc/rsyncd.conf
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
[data]
comment = It's my test data!
path = /data/
ignore errors
read only = false
list = false
hosts allow = 192.168.147.0/24
hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsyncd.passwd准备用户并授权
[root@localhost ~]# mkdir /data
[root@localhost ~]# useradd rsync -s /sbin/nologin -M
[root@localhost ~]# chown -R rsync.rsync /data配置用于rsync同步的密码文件
[root@localhost ~]# echo "rsync_backup:123456" >> /etc/rsyncd.passwd
[root@localhost ~]# cat /etc/rsyncd.passwd
rsync_backup:123456
[root@localhost ~]# chmod 600 /etc/rsyncd.passwd
[root@localhost ~]# ll /etc/rsyncd.passwd
-rw------- 1 root root 20 Sep 7 17:29 /etc/rsyncd.passwd启动rsync服务
以守护进程方式启动服务
[root@localhost ~]# rsync --daemon
[root@localhost ~]# lsof -i tcp:873
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rsync 14980 root 4u IPv6 62669 0t0 TCP *:rsync (LISTEN)
rsync 14980 root 5u IPv4 62670 0t0 TCP *:rsync (LISTEN)
[root@localhost ~]# netstat -lntup | grep 873
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 14980/rsync
tcp 0 0 :::873 :::* LISTEN 14980/rsync 设置开机自启动
将开机命令添加到 /etc/rc.local 或者开发服务启动脚本
客户端配置
客户端配置rsync账号密码文件
[root@localhost ~]# echo "123456" > /etc/rsyncd.passwd
[root@localhost ~]# cat /etc/rsyncd.passwd
123456
[root@localhost ~]# chmod 600 /etc/rsyncd.passwd
[root@localhost ~]# ll /etc/rsyncd.passwd
-rw------- 1 root root 7 Sep 7 17:45 /etc/rsyncd.passwd客户端备份数据到服务端测试
[root@localhost ~]# echo "Test page" > /var/www/html/index.html
[root@localhost ~]# cd /var/www/
[root@localhost www]# tar cvf html_$(date +%F).tar.gz ./html/
./html/
./html/index.html
[root@localhost www]# rsync -avzp html_$(date +%F).tar.gz rsync_backup@192.168.147.200::data
Password:
sending incremental file list
html_2015-09-07.tar.gz
sent 10327 bytes received 27 bytes 49.42 bytes/sec
total size is 10240 speedup is 0.99可以指定密码文件:
[root@localhost www]# rsync -avzp html_$(date +%F).tar.gz rsync_backup@192.168.147.200::data --password-file=/etc/rsyncd.passwd
sending incremental file list
sent 43 bytes received 8 bytes 102.00 bytes/sec
total size is 10240 speedup is 200.78第二种方式:
[root@localhost www]# rsync -avzp html_$(date +%F).tar.gz rsync://rsync_backup@192.168.147.200/data --password-file=/etc/rsyncd.passwd
sending incremental file list
sent 43 bytes received 8 bytes 102.00 bytes/sec
total size is 10240 speedup is 200.78打包排除
[root@localhost data]# mkdir a b c d
[root@localhost data]# touch a/1 b/2 c/3 d/4
[root@localhost data]# tree ./
./
|-- a
| `-- 1
|-- b
| `-- 2
|-- c
| `-- 3
`-- d
`-- 4
[root@localhost data]# rsync -avzp --exclude=a --exclude=b/2 ./ rsync_backup@192.168.147.200::backup --password-file=/etc/rsyncd.passwd
sending incremental file list
./
b/
c/
c/3
d/
d/4
sent 164 bytes received 61 bytes 450.00 bytes/sec
total size is 0 speedup is 0.00以上命令可简化为以下方式:
[root@localhost data]# rsync -avzp --exclude={a,b/2} ./ rsync_backup@192.168.147.200::backup --password-file=/etc/rsyncd.passwd
sending incremental file list
./
b/
c/
c/3
d/
d/4
sent 164 bytes received 61 bytes 450.00 bytes/sec
total size is 0 speedup is 0.00也可采用如下排除方式 --exclude-from=FILE,把需要排除内容放到文件里
第二种排除方法
直接在配置文件里添加排除参数(服务端排除参数用于客户端拉取)
exclude = a b/2 c
[root@localhost backup]# pkill rsync
[root@localhost backup]# rsync --daemon
[root@localhost backup]# lsof -i :873
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rsync 4465 root 4u IPv6 147639 0t0 TCP *:rsync (LISTEN)
rsync 4465 root 5u IPv4 147640 0t0 TCP *:rsync (LISTEN)
[root@localhost data]# rsync -avzp rsync_backup@192.168.147.200::backup ./ --password-file=/etc/rsyncd.passwd
receiving incremental file list
./
b/
d/
d/4
sent 94 bytes received 198 bytes 584.00 bytes/sec
total size is 0 speedup is 0.00无差异同步
- 使用 --delete参数
- 使用场景:一般用于两台负载均衡下面web服务器之间的同步,或者高可用双机配置直接的同步等。rsync无差异同步异常危险
多目录多模块
[root@localhost backup]# cat /etc/rsyncd.conf
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 192.168.147.0/24
hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsyncd.passwd
[backup]
comment = It's my backup data!
path = /backup/
[data]
comment = It's my test data!
path = /data/