rsync服务的讲解
第2章 rsync备份服务器的搭建
2.1 rsync备份服务器的概念
2.1.1 概念
- rsync服务器对网站服务器数据进行备份(防止数据丢失和数据进行恢复)
- rsync服务器对网站服务器数据进行对比(数据修改了但是服务器服务出问题了,这会就可以进行数据进行对比)
- rsync服务器对网站服务器数据进行统一管理(web服务器的日志文件的分析)
2.1.2 rsync备份服务器怎么样备份最安全
俩地三中心
-
俩地:一个在总部机房,并且在总部机房有多台备份服务器
- 一个在异地机房,最好该地方没有突发情况的发生, 并且机房有多台备份服务器
-
三中心:总部机房
- 在总部外面相隔10几公里建造一个备份机房
- 在异地在建造一个备份机房
2.1.3 rsync备份服务器的应用领域
2.1.3.1 服务器备份数据对内的(定时备份)
- 研发人员代码的信息
- 运维人员脚本的信息
- 数据库文件的信息
- 日志文件的信息
- 配置文件的信息
2.1.3.2 服务器备份数据对外的(实时备份)
- 图片文件
- 视频文件
- 附件信息
2.2 实现备份数据的方法
2.2.1 全量备份
命令cp,scp
特点:全量备份每次都会将数据完整的备份,备份效率低
2.2.2 增量备份
命令:rsync
特点:增量备份每次将修改的数据(属性信息和指纹信息)进行备份,备份效率高
2.3 rsync的三种模式
2.3.1 本地备份
2.3.1.1 语法
rsync [OPTION]... SRC [SRC]... DEST
2.3.1.2 实际操作
[root@backup ~] # rsync /etc/hosts /tmp/ 将文件hosts备份到tmp目录下
[root@backup ~] # ll /tmp
total 4
-rw-r--r-- 1 root root 390 Oct 21 09:55 hosts
2.3.2 远程备份
2.3.2.1 推模式的备份
2.3.2.1.1 语法
rsync [OPTION...] SRC... [USER@]HOST:/ DEST
2.3.2.1.2 语法讲解
- SRC 需要拷贝的文件
- USER@ 需要拷贝到远程的主机登陆用户名,如果不指定,默认是当前用户 (注意:当前指定的远程用户必须的在当前的主机上面也得有)
- HOST 指远程的主机IP地址(也可以是远程主机的IP对应的主机名)
- DEST 将拷贝的文件需要备份到远程主机这个目录里面
2.3.2.1.3 实际操作
[root@nfs01 ~] # rsync /etc/hosts root@172.16.1.41:/tmp/ 将/etc/hosts备份到172.16.1.41服务上面
root@172.16.1.41's password:
[root@nfs01 ~] #
[root@backup ~] # ll /tmp 查看备份服务器(172.16.1.41)发现备份成功
total 4
-rw-r--r-- 1 root root 390 Oct 21 10:19 hosts
[root@backup ~] #
[root@nfs01 ~] # rsync -avz /etc/hosts root@172.16.1.41:/tmp/ 参数加上,会将数据备份的过程显示出来
root@172.16.1.41's password:
sending incremental file list
hosts
sent 235 bytes received 35 bytes 60.00 bytes/sec
total size is 390 speedup is 1.44
You have new mail in /var/spool/mail/root
[root@nfs01 ~] #
[root@backup ~] # ll /tmp/ 再次查看发现备份成功
total 4
-rw-r--r-- 1 root root 390 Oct 17 19:10 hosts
[root@backup ~] #
2.3.2.2 拉模式的备份
2.3.2.2.1 语法
Pull: rsync [OPTION...] [USER@]HOST:/SRC... [DEST]
2.3.2.2.2 语法讲解
- SRC 远程主机需要备份的数据传输到本地主机的数据
- USER@ 远程的主机登陆用户名,如果不指定,默认是当前用户
(注意:当前指定的远程用户必须的在当前主机上面也得有)
- HOST 指远程的主机IP地址(也可以是远程主机的IP对应的主机名)
- DEST 远程的数据需要将备份的数据放入到本地主机的路径下
2.3.2.2.3 实际操作
[root@nfs01 tmp] # rsync -avz root@172.16.1.41:/root/1.sh /tmp 将远程数据1.sh备份到当前主机的/ tmp目录下
root@172.16.1.41's password:
receiving incremental file list
1.sh
sent 43 bytes received 145 bytes 53.71 bytes/sec
total size is 86 speedup is 0.46
You have new mail in /var/spool/mail/root
[root@nfs01 tmp] #
[root@nfs01 tmp] # ll 查看本地主机目录下发现备份成功
total 4
-rw-r--r-- 1 root root 86 Oct 10 20:50 1.sh
[root@nfs01 tmp] #
2.3.2.3 远程备份出现的错误问题
2.3.2.3.1 备份的目录指定的用户在当前主机不存在的情况
[root@backup ~] # useradd old10 在远程主机添加用户old10
You have new mail in /var/spool/mail/root
[root@nfs01 tmp] # rsync -avz old10@172.16.1.41:/root/1.sh /tmp 在当前主机进行拉模式的备份,用户 指定为在远程主机创建old10
old10@172.16.1.41's password:
Permission denied, please try again.
old10@172.16.1.41's password:
Permission denied, please try again. 权限拒绝
old10@172.16.1.41's password:
结论:传输用户的时候必须的传输的主机和要传输到的主机都需要相同的用户
2.3.2.3.2 无法将数据备份到远程目录下
[root@nfs01 tmp] # useradd oldboy01 创建相同的用户,oldboy01
[root@nfs01 tmp] # echo 123456 | passwd --stdin oldboy01
Changing password for user oldboy01.
passwd: all authentication tokens updated successfully.
[root@nfs01 tmp] #
[root@backup ~] # useradd oldboy01 创建相同的用户,oldboy01
[root@backup ~] # echo 123456 | passwd --stdin oldboy01
Changing password for user oldboy01.
passwd: all authentication tokens updated successfully.
[root@backup ~] #
[oldboy01@nfs01 ~] $ rsync -avz /etc/hosts oldboy01@172.16.1.41:/home/oldboy01/oldboy/ 使用oldboy01用户进行备份文件
oldboy01@172.16.1.41's password:
sending incremental file list
rsync: ERROR: cannot stat destination "/home/oldboy/": Permission denied (13) 报权限拒绝
rsync error: errors selecting input/output files, dirs (code 3) at main.c(635) [Receiver=3.1.2]
问题:为啥会出现权限拒绝
解决方案:查看172.16.1.41主机里面的oldboy目录是否有写权限
[root@backup ~] # ll oldboy -d 查看权限发现其他用户没有写权限
drwxr-xr-x 2 root root 6 Oct 21 10:53 oldboy
You have new mail in /var/spool/mail/root
[root@backup ~] # chmod 777 oldboy 将目录赋予777权限
[root@backup ~] # ll oldboy
total 0
[root@backup ~] # ll oldboy -d
drwxrwxrwx 2 root root 6 Oct 21 10:53 oldboy 再次查看发现权限为777
[root@backup ~] #
[oldboy01@nfs01 ~] $ rsync -avz /etc/hosts oldboy01@172.16.1.41:/home/oldboy01/oldboy/ 备份文件
oldboy01@172.16.1.41's password:
sending incremental file list
created directory /home/oldboy01/oldboy
hosts
sent 235 bytes received 79 bytes 89.71 bytes/sec
total size is 390 speedup is 1.24
[oldboy01@nfs01 ~] $
[oldboy01@backup ~] $ ll /home/oldboy01/oldboy 查看远程服务器(172.16.1.41)是否有备份过来的数据
total 4
-rw-r--r-- 1 oldboy01 oldboy01 390 Oct 17 19:10 hosts
[oldboy01@backup ~] $
2.3.3 目录后面带/和不带/进行备份的区别(rsync)
- 传输目录后面有斜线 /oldboy/ 表示将目录下面的数据内容进行传输备 份
- 传输目录后面无斜线 /oldboy 表示将目录本身以及下面的数据内容都 进行传输备份
注意:scp命令是没有这种说法的
2.3.4 守护进程方式进行备份
2.3.4.1 服务端部署
2.3.4.1.1 查看rsync服务是否安装
[root@backup ~] # rpm -qa | grep "rsync"
rsync-3.1.2-4.el7.x86_64 发现已经安装rsync服务
[root@backup ~] #
2.3.4.1.2 编写配置文件
(1) 源文件
[root@backup ~] # cat /etc/rsyncd.conf
uid = rsync
gid = rsync
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
comment = "backup dir by oldboy"
path = /backup
(2) 说明文件(源文件进行说明下)
[root@backup ~] # cat /etc/rsyncd.conf
uid = rsync 备份目录的属主权限
gid = rsync 备份目录的属组权限
port = 873 该服务的端口号
fake super = yes 伪装成超级用户来执行
use chroot = no 传输连接的安全参数
max connections = 200 用户可以最大的一次性连接数
timeout = 300 用户传输数据完成以后,没任何传输的时候,最多等候300秒 就会断开
pid file = /var/run/rsyncd.pid 表示服务处于运行状态|可以通过该文件下面的进程将服务杀死
lock file = /var/run/rsync.lock 当连接数最大的时候,用锁文件来阻止后面的用户进行连接
log file = /var/log/rsyncd.log 记录了rsync服务的正确和错误的日志信息
ignore errors 忽略rsync传输中的(小)错误
read only = false 表示备份文件只能有读取的权限,这里是no
list = false 列表信息
hosts allow = 172.16.1.0/24 白名单用户,允许那些网段或者IP来进行传输备份
hosts deny = 0.0.0.0/32 黑名单用户,不允许那些网段或者IP来进行传输备份
auth users = rsync_backup 认证用户
secrets file = /etc/rsync.password 认证用户对应的认证密码
[backup] 模块信息(每个模块就是一个备份目录)
comment = "backup dir by oldboy" 注释信息
path = /backup 备份目录
2.3.4.1.3 创建虚拟用户
[root@backup ~] # useradd rsync -M -s /sbin/nologin
[root@backup ~] # id rsync
uid=1013(rsync) gid=1016(rsync) groups=1016(rsync)
[root@backup ~] #
2.3.4.1.4 创建认证用户密码
[root@backup ~] # echo "rsync_backup:oldboy123" > /etc/rsync.password 将用户:密码写入密码文件
[root@backup ~] # cat /etc/rsync.password
rsync_backup:oldboy123 查看发现已经创建成功
[root@backup ~] #
[root@backup ~] # chmod 600 /etc/rsync.password 将密码文件修改成只能属主权限才能进行读写
You have new mail in /var/spool/mail/root
[root@backup ~] # ll /etc/rsync.password
-rw------- 1 root root 23 Oct 21 17:47 /etc/rsync.password 查看发现已经修改成功
[root@backup ~] #
2.3.4.1.5 创建模块对应的备份目录
[root@backup ~] # ll /backup 查看/backup目录发现目录不存在
ls: cannot access /backup: No such file or directory
[root@backup ~] # mkdir /backup 创建/backup目录
[root@backup ~] # ll /backup -d 查看属主.属组权限是root不正确
drwxr-xr-x 2 root root 6 Oct 22 08:40 /backup
[root@backup ~] # chown -R rsync. /backup/ 修改属主.属组权限为rsync
[root@backup ~] # ll /backup -d
drwxr-xr-x 2 rsync rsync 6 Oct 22 08:40 /backup 查看修改成功
2.3.4.1.6 重启rsync服务
[root@backup backup] # systemctl restart rsyncd
[root@backup backup] #
2.3.4.2 进程模式语法
2.3.4.2.1 推模式
- rsync [OPTION...] SRC... [USER@]HOST::DEST 短模式
- rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST 长模式
2.3.4.2.2 拉模式
rsync [OPTION...] [USER@]HOST::SRC... [DEST] 短模式
rsync [OPTION...] rsync://[USER@]HOST[:PORT]/SRC... [DEST] 长模式
2.3.4.3 实际操作
2.3.4.3.1 将/etc/hosts文件远程备份到41服务的备份模块
[root@nfs01 scripts] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup 远程备份
Password:
sending incremental file list
hosts 传输成功
sent 239 bytes received 43 bytes 51.27 bytes/sec
total size is 390 speedup is 1.38
You have new mail in /var/spool/mail/root
[root@nfs01 scripts] #
[root@backup backup] # ll
total 4
-rw-r--r-- 1 rsync rsync 390 Oct 17 19:10 hosts 查看备份服务器目录发现备份成功
[root@backup backup] #
2.3.4.3.2 将/oldboy目录远程备份到41服务的备份模块
[root@nfs01 oldboy] # rsync -avz /oldboy rsync_backup@172.16.1.41::backup 备份目录到远程服务器41
Password:
sending incremental file list
oldboy/ 备份成功
oldboy/oldboy01/
oldboy/oldboy01/a.txt
oldboy/oldboy01/b.txt
oldboy/oldboy01/c.txt
oldboy/oldboy02/
oldboy/oldboy02/a.txt
oldboy/oldboy02/b.txt
oldboy/oldboy02/c.txt
oldboy/oldboy03/
oldboy/oldboy03/a.txt
oldboy/oldboy03/b.txt
oldboy/oldboy03/c.txt
sent 627 bytes received 215 bytes 240.57 bytes/sec
total size is 0 speedup is 0.00
[root@nfs01 oldboy] #
[root@backup /] # ll /backup/
total 4
-rw-r--r-- 1 rsync rsync 390 Oct 17 19:10 hosts
drwxr-xr-x 5 rsync rsync 54 Oct 22 09:02 oldboy 目录备份成功
[root@backup /] # cd /backup/oldboy/
[root@backup oldboy] # ll
total 0
drwxr-xr-x 2 rsync rsync 45 Oct 22 09:03 oldboy01
drwxr-xr-x 2 rsync rsync 45 Oct 22 09:03 oldboy02
drwxr-xr-x 2 rsync rsync 45 Oct 22 09:03 oldboy03
[root@backup oldboy] #
2.3.4.4 客户端部署
2.3.4.4.1 检查rsync是否安装成功
[root@nfs01 ~] # rpm -qa rsync
rsync-3.1.2-4.el7.x86_64 软件安装
You have new mail in /var/spool/mail/root
[root@nfs01 ~] #
2.3.4.4.2 创建密码文件
[root@nfs01 ~] # echo "oldboy123" > /etc/rsync.password 将密码放入文件中
[root@nfs01 ~] # ll /etc/rsync.password 查看文件的权限(不符合)
-rw-r--r-- 1 root root 10 Oct 22 09:21 /etc/rsync.password
[root@nfs01 ~] # chmod 600 /etc/rsync.password 将密码权限修改成只有属主可 以看
[root@nfs01 ~] # ll /etc/rsync.password
-rw------- 1 root root 10 Oct 22 09:21 /etc/rsync.password 查看权限
[root@nfs01 ~] # cat /etc/rsync.password
oldboy123 查看内容
[root@nfs01 ~] #
2.3.4.4.3 免交互方式来进行远程传输数据
[root@nfs01 ~] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password 免密码的方式传输
sending incremental file list
hosts 传输成功
sent 239 bytes received 43 bytes 564.00 bytes/sec
total size is 390 speedup is 1.38
You have new mail in /var/spool/mail/root
[root@nfs01 ~] #
[root@backup backup] # ll
total 4
-rw-r--r-- 1 rsync rsync 390 Oct 17 19:10 hosts 41服务器已经备份成功
[root@backup backup] #
2.3.4.5 数据传输的过程中常见的问题
2.3.4.5.1 rsync: mkstemp ".hosts.TVnY5i" (in backup) failed: Permission denied
原因:备份的目录权限没有设置成虚拟用户的权限(rsync)
解决办法:将属主.属组修改成rsync
[root@backup backup] # chown -R rsync.rsync /backup 修改属主.属组权限
You have new mail in /var/spool/mail/root
[root@backup backup] # ll
total 0
[root@backup backup] #
[root@backup backup] # ll
total 4
-rw------- 1 rsync rsync 390 Oct 22 09:42 hosts 推送成功
[root@backup backup] #
2.3.4.5.2 rsync: chgrp ".hosts.8V2dHv" (in backup) failed:Operation not permitted
原因:这个是因为在将数据转换成rsync属组的时候,出现不允许这样操作,但是rsync还是可以修改成功
解决办法:将服务器端的配置文件fake super=yes开启则可以
uid = rsync
gid = rsync
port = 873
fake super = yes 将伪装超级用户开启
use chroot = no
max connections = 200
timeout = 300
[root@backup oldboy] # systemctl restart rsyncd
[root@backup oldboy] #
[root@nfs01 ~] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup 再次发送发现已经没有错误日志
Password:
sending incremental file list
hosts
sent 89 bytes received 49 bytes 39.43 bytes/sec
total size is 390 speedup is 2.83
[root@nfs01 ~] #
2.3.4.5.3 auth failed on module backup
原因:这个是因为认证用户不正确或者密码不正确(或者存放密码的文件没有)
解决办法:查看认证用户,密码,密码文件是否都配置成功
auth users = rsync_backup 认证用户信息正确
secrets file = /etc/rsync.password 服务器端密码文件
[root@backup ~] # cat /etc/rsync.password
rsync_backup:oldboy123 查看认证用户:密码文件
[root@nfs01 ~] # cat /etc/rsync.password
oldboy123 查看客户端密码文件的配置
2.3.4.5.4 password file must not be other-accessible
原因:这个是因为你在客户端免交互的时候你的密码文件没有设置成600权限
解决办法:将文件权限变为600,在执行
[root@nfs01 ~] # chmod 600 /etc/rsync.password 修改权限为600
[root@nfs01 ~] # ll /etc/rsync.password
-rw------- 1 root root 10 Oct 22 09:21 /etc/rsync.password 查看权限
[root@nfs01 ~] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password 再次发送,发现已经发送成功
sending incremental file list
sent 48 bytes received 20 bytes 45.33 bytes/sec
total size is 390 speedup is 5.74
[root@nfs01 ~] #
2.4 rsync的工作原理
2.5 rsync的参数介绍
2.5.1 rsync归档(a)参数的介绍
- -a archive mode; equals -rlptgoD (no -H,-A,-X)(归档参数)
- -l copy symlinks as symlinks(复制一个软连接,这个参数基本没用)
- -p preserve permissions(保持传输以后权限不变)
- -o preserve owner (super-user only)(保持属主权限传输以后不变,仅 超级用户)
- -g preserve group(保持属组权限传输以后不变)
- t preserve modification times(保持传输以后的修改时间不变)
- D preserve device files (super-user only)(保持传输的时候设备文件 不变,仅超级用户)
2.5.2 其他的参数介绍
- -L 传输链接文件的时候会将链接文件对应的源文件传输过去
- -P 显示文件传输的进度
- --delete 进行无差异的同步数据
- -v 显示文件传输的过程
- -z 将需要传输的文件打包成zip格式进行传输
2.5 rsync的企业环境实际操作
2.5.1 配置多模块的功能
[dev_dir]
comment = "backup dir by dev_dir"
path = /dev_dir
[sa_dir] 添加3个模块
comment = "backup dir by sa_dir"
path = /sa_dir
[db_dir]
comment = "backup dir by db_dir"
path = /db_dir
[root@backup ~] # ll /*_dir -d
drwxr-xr-x 2 root root 6 Oct 22 20:06 /db_dir
drwxr-xr-x 2 root root 6 Oct 22 20:06 /dev_dir
drwxr-xr-x 2 root root 6 Oct 22 20:06 /sa_dir
[root@backup ~] # chown rsync.rsync /{dev_dir,sa_dir,db_dir} 将属主.属组修改为rsync
[root@backup ~] # ll /*_dir -d
drwxr-xr-x 2 rsync rsync 6 Oct 22 20:06 /db_dir
drwxr-xr-x 2 rsync rsync 6 Oct 22 20:06 /dev_dir
drwxr-xr-x 2 rsync rsync 6 Oct 22 20:06 /sa_dir
[root@backup ~] #
[root@nfs01 oldboy] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::dev_dir 远程传输--password-file=/etc/rsync.password
sending incremental file list
hosts
sent 239 bytes received 43 bytes 564.00 bytes/sec
total size is 390 speedup is 1.38
You have new mail in /var/spool/mail/root
[root@nfs01 oldboy] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::sa_dir --password-file=/etc/rsync.password
sending incremental file list
hosts
sent 239 bytes received 43 bytes 564.00 bytes/sec
total size is 390 speedup is 1.38
[root@nfs01 oldboy] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::db_dir --password-file=/etc/rsync.password
sending incremental file list
hosts
sent 239 bytes received 43 bytes 564.00 bytes/sec
total size is 390 speedup is 1.38
[root@nfs01 oldboy] #
[root@backup ~] # tree /*_dir 查看备份服务器发现已经成功
/db_dir
└── hosts
/dev_dir
└── hosts
/sa_dir
└── hosts
0 directories, 3 files
[root@backup ~] #
2.5.2 创建备份目录下面的子目录信息
2.5.2.1 实现在/dev_dir目录下面在有子目录conf来保存配置文件
[root@nfs01 oldboy] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::dev_dir/conf/--password-file=/etc/rsync.password 在dev_dir模块下面创建子目录conf
sending incremental file list
created directory conf
hosts
sent 239 bytes received 70 bytes 618.00 bytes/sec
total size is 390 speedup is 1.26
[root@backup ~] # ll /dev_dir/conf/ 查看发现传输成功
total 4
-rw-r--r-- 1 rsync rsync 390 Oct 17 19:10 hosts
[root@backup ~] #
2.5.2.2 实现在/dev_dir目录下面在有子目录conf来保存配置文件,创建子子目录fetc来实现etc文件的保存
[root@nfs01 oldboy] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::dev_dir/conf/fetc/ --password-file=/etc/rsync.password
sending incremental file list
rsync: mkdir "conf/fetc" (in dev_dir) failed: No such file or directory (2) 传输失败,因为找不见conf/fetc文件
rsync error: error in file IO (code 11) at main.c(657) [Receiver=3.1.2]
[root@nfs01 oldboy] #
结论:想要实现模块下面创建的子目录成功,必须的有以下几点
- 指定的模块必须的存在
- 创建的目录上级目录必须存在
2.5.3 实现排除不需要的目录和文件
2.5.3.1 使用—exclude来进行排除
[root@nfs01 oldboy] # rsync -avz /oldboy/ --exclude=/oldboy01/a.txt --exclude=oldboy03 rsync_backup@172.16.1.41::sa_dir --password-file=/etc/rsync.password 将目录/oldboy01/a.txt和 /oldboy03/目录进行排除
sending incremental file list
./
oldboy01/
oldboy01/b.txt
oldboy01/c.txt
oldboy02/
oldboy02/a.txt
oldboy02/b.txt
oldboy02/c.txt
sent 382 bytes received 134 bytes 1,032.00 bytes/sec
total size is 0 speedup is 0.00
You have new mail in /var/spool/mail/root
[root@nfs01 oldboy] #
[root@backup sa_dir] # tree * 查看备份目录sa_dir发现已经成功
hosts [error opening dir]
oldboy01
├── b.txt
└── c.txt
oldboy02
├── a.txt
├── b.txt
└── c.txt
0 directories, 5 files
[root@backup sa_dir] #
2.5.3.2 使用—exclude-from来进行排除
[root@nfs01 ~] # cat /oldboy/1.txt 设置需要排除的文件
oldboy01/a.txt
oldboy02/b.txt
oldboy03/c.txt
[root@nfs01 ~] #
[root@nfs01 ~] # rsync -avz /oldboy/ --exclude-from=/oldboy/1.txt rsync_backup@172.16.1.41::db_dir --password-file=/etc/rsync.password 使用exclude-from进行排除
sending incremental file list
./
1.txt
oldboy01/
oldboy01/b.txt
oldboy01/c.txt
oldboy02/
oldboy02/a.txt
oldboy02/c.txt
oldboy03/
oldboy03/a.txt
oldboy03/b.txt
sent 558 bytes received 180 bytes 1,476.00 bytes/sec
total size is 45 speedup is 0.06
You have new mail in /var/spool/mail/root
[root@nfs01 ~] #
[root@backup db_dir] # tree * 查看备份服务器发现已经成功
oldboy01
├── b.txt
└── c.txt
oldboy02
├── a.txt
└── c.txt
oldboy03
├── a.txt
└── b.txt
0 directories, 6 files
[root@backup db_dir] #
2.5.4 实现某些网段或者IP地址没有办法进行传输数据到备份目录
将服务器端的/etc/rsyncd.conf文件的全局配置文件白名单和黑名单进行注释
2.5.4.1 将数据备份 dev_dir目录时, 172网段和10网段都允许
[dev_dir]
comment = "backup dir by dev_dir"
path = /dev_dir
hosts allow = 172.16.1.0/24,10.0.0.0/24 设置允许网段,每隔网段中间以,号进行隔开
[root@nfs01 ~] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::dev_dir --password-file=/etc/rsync.password 使用网段进行测试
sending incremental file list
hosts
sent 239 bytes received 43 bytes 564.00 bytes/sec
total size is 390 speedup is 1.38
[root@nfs01 ~] # rsync -avz /etc/resolv.conf rsync_backup@10.0.0.41::dev_dir --password-file=/etc/rsync.password 使用网段进行测试
sending incremental file list
resolv.conf
sent 147 bytes received 43 bytes 76.00 bytes/sec
total size is 51 speedup is 0.27
[root@nfs01 ~] #
[root@backup dev_dir] # ll
total 8
-rw-r--r-- 1 rsync rsync 390 Oct 17 19:10 hosts
-rw-r--r-- 1 rsync rsync 51 Oct 22 21:34 resolv.conf 查看发现备份成功
[root@backup dev_dir] #
2.5.4.2 将数据备份 sa_dir目录时, 允许172网段备份 禁止10网段备份
[sa_dir]
comment = "backup dir by sa_dir"
path = /sa_dir
hosts allow = 172.16.1.0/24 设置只允许传输的172.16.1网段信息
[root@nfs01 ~] # rsync -avz /etc/resolv.conf rsync_backup@172.16.1.41::sa_dir --password-file=/etc/rsync.password 传输成功
sending incremental file list
resolv.conf
sent 147 bytes received 43 bytes 380.00 bytes/sec
total size is 51 speedup is 0.27
You have new mail in /var/spool/mail/root
[root@nfs01 ~] # rsync -avz /etc/resolv.conf rsync_backup@10.0.0.41::sa_dir --password-file=/etc/rsync.password 发现10网段的不允许传输
@ERROR: Unknown module 'sa_dir'
rsync error: error starting client-server protocol (code 5) at main.c(1648) [sender=3.1.2]
[root@nfs01 ~] #
[root@backup db_dir] # ll /sa_dir/
total 4
-rw-r--r-- 1 rsync rsync 51 Oct 22 21:34 resolv.conf 查看备份服务器发现备份成功
You have new mail in /var/spool/mail/root
[root@backup db_dir] #
2.5.4.3 将数据备份 db_dir目录时, 禁止172网段备份 允许10网段备份
[db_dir]
comment = "backup dir by db_dir"
path = /db_dir
hosts allow = 10.0.0.0/24 只允许10.0.0网段传输
[root@nfs01 ~] # rsync -avz /etc/resolv.conf rsync_backup@10.0.0.41::db_dir --password-file=/etc/rsync.password 发现传输成功
sending incremental file list
resolv.conf
sent 147 bytes received 43 bytes 76.00 bytes/sec
total size is 51 speedup is 0.27
You have new mail in /var/spool/mail/root
[root@nfs01 ~] # rsync -avz /etc/resolv.conf rsync_backup@172.16.1.41::db_dir --password-file=/etc/rsync.password 发现没有办法进行传输
@ERROR: Unknown module 'db_dir'
rsync error: error starting client-server protocol (code 5) at main.c(1648) [sender=3.1.2]
[root@nfs01 ~] #
[root@backup db_dir] # ll
total 4
-rw-r--r-- 1 rsync rsync 51 Oct 22 21:34 resolv.conf 服务器端传输成功
[root@backup db_dir] #
2.5.5 配置文件的列表功能
2.5.5.1 语法
rsync 认证用户@远程连接服务器IP::
例子:
rsync rsync_backup@172.16.1.41::
2.5.5.2 查看列表信息
2.5.5.2.1 在服务端将文件中的列表配置打开
ignore errors
read only = false
list = true 打开列表配置功能
2.5.5.2.2 在客户端再次查看
[root@nfs01 ~] # rsync rsync_backup@172.16.1.41:: 发现列表的信息是每隔模块的信息
dev_dir "backup dir by dev_dir"
sa_dir "backup dir by sa_dir"
db_dir "backup dir by db_dir"
[root@nfs01 ~] #
2.5.5.3 列表打开好还是不打开好
不打开好,因为列表打开所代表的的是模块信息,如果知道认证用户,密码的情况下,这样操作,会让黑客或者其他人员误将模块对应的备份文件夹给删除或者修改,所以不建议打开
2.6 rsync的常见错误
2.6.1 rsync: mkstemp ".hosts.TVnY5i" (in backup) failed: Permission denied
原因:
- 备份的目录权限没有设置成虚拟用户的权限(rsync)
- 没有修改备份目录的权限
- 服务端配置了只读模式
解决办法:
- 将属主.属组修改成rsync,
- 查看配置文件里面是否是只读模式
- 查看备份目录权限是否正常
[root@backup backup] # chown -R rsync.rsync /backup 修改属主.属组权限
You have new mail in /var/spool/mail/root
[root@backup backup] # ll
total 0
read only = false 查看配置文件rsyncd.conf里面是否是只读模式
[root@backup backup] #
[root@backup backup] # ll
total 4
-rw------- 1 rsync rsync 390 Oct 22 09:42 hosts 推送成功
[root@backup backup] #
2.6.2 rsync: chgrp ".hosts.8V2dHv" (in backup) failed:Operation not permitted
原因:
- 这个是因为在将数据转换成rsync属组的时候,出现不允许这样操作,但是rsync还是可以修改成功
解决办法:
- 将服务器端的配置文件fake super=yes开启则可以
uid = rsync
gid = rsync
port = 873
fake super = yes 将伪装超级用户开启
use chroot = no
max connections = 200
timeout = 300
[root@backup oldboy] # systemctl restart rsyncd
[root@backup oldboy] #
[root@nfs01 ~] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup 再次发送发现已经没有错误日志
Password:
sending incremental file list
hosts
sent 89 bytes received 49 bytes 39.43 bytes/sec
total size is 390 speedup is 2.83
[root@nfs01 ~] #
2.6.3 auth failed on module backup
原因:
- 认证用户不正确
- 密码不正确
- 存放密码的文件没有
- 使用cat -A参数(或者:su list)来查看密码文件是否有空格
- 查看服务端的密码配置文件
解决办法:
- 查看认证用户,密码,密码文件是否都配置成功
auth users = rsync_backup 认证用户信息正确
secrets file = /etc/rsync.password 服务器端密码文件
[root@backup ~] # cat /etc/rsync.password
rsync_backup:oldboy123 查看认证用户:密码文件
[root@backup ~] # cat -A/etc/rsync.password 使用-A参数(或者:su list)来查看密码文件是否有空格
rsync_backup:oldboy123
[root@nfs01 ~] # cat /etc/rsync.password
oldboy123 查看客户端密码文件的配置
[root@backup ~] # ll /etc/rsync.password
-rw------- 1 root root 23 Oct 21 17:47 /etc/rsync.password 查看权限发现密码是600
[root@backup ~] #
2.6.4 password file must not be other-accessible
原因:
- 这个是因为你在客户端免交互的时候你的密码文件没有设置成600权限
解决办法:
- 将文件权限变为600,在执行
[root@nfs01 ~] # chmod 600 /etc/rsync.password 修改权限为600
[root@nfs01 ~] # ll /etc/rsync.password
-rw------- 1 root root 10 Oct 22 09:21 /etc/rsync.password 查看权限
[root@nfs01 ~] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password 再次发送,发现已经发送成功
sending incremental file list
sent 48 bytes received 20 bytes 45.33 bytes/sec
total size is 390 speedup is 5.74
[root@nfs01 ~] #
2.6.5 rsync: failed to connect to 172.16.1.41 (172.16.1.41): No route to host (113)
原因:
- 这个是因为客户端往服务端发送文件的时候,出现了阻挡,常见的原因是防火墙开启造成的
解决办法:
- 查看服务端防火墙是否开启
[root@backup ~] # systemctl is-active firewalld.service 发现防火墙临时开启了
active
[root@backup ~] # systemctl is-enabled firewalld.service
disabled
[root@backup ~] #
[root@backup ~] # systemctl stop firewalld.service 关闭防火墙
[root@backup ~] # systemctl is-active firewalld.service 在查看防火墙的状态信息
unknown
[root@backup ~] #
2.6.6 ERROR: The remote path must start with a module name not a /
原因:
- 这个是因为你的守护进程传输数据的时候出现了模块前面加了/造成的
解决方法:
- 出现这个问题查看你的命令看是否书写正确
[root@nfs01 ~] # rsync -avz /etc/hosts rsync_backup@172.16.1.41::/dev_dir --password-file=/etc/rsync.password 发现出现/造成的
2.6.7 @ERROR: Unknown module 'backup'
原因:
- 你的模块信息可能不存在造成的
- 该模块设置的不允许该网段的IP进行传输数据
解决方法:
- 查看服务端的配置文件模块信息,看是否有这个模块,
- 查看这个网段IP是否可以在该模块下正常的连接
[dev_dir]
comment = "backup dir by dev_dir"
path = /dev_dir
[sa_dir]
comment = "backup dir by sa_dir"
path = /sa_dir 发现没有backup的模块
[db_dir]
comment = "backup dir by db_dir"
path = /db_dir
[root@backup ~] #
2.6.8 @ERROR: chdir failed
原因:
- 备份目录不存在
- 模块里面设置的备份目录和创建的备份目录不一致
解决办法:
- 查看服务端的备份目录是否存在
- 查看模块对应的备份目录
[root@backup sa_dir] # ll /sa_dir 模块里面写的是/root/sa_dir.而自己创建在/root/下面,所以不能正常备份
[root@backup sa_dir] #
[sa_dir]
comment = "backup dir by sa_dir"
path = /root/sa_dir 查看模块需要备份的目录
hosts allow = 172.16.1.0/24
[root@backup sa_dir] # ll /root/sa_dir 查看发现不存在
ls: cannot access /root/sa_dir: No such file or directory
[root@backup sa_dir] #
2.6.9 @ERROR: invalid uid rsync
原因:
- rsync用户不存在造成的
解决办法:
- 创建虚拟用户rsync
[root@backup sa_dir] # id rsync
id: rsync: no such user
You have new mail in /var/spool/mail/root
[root@backup sa_dir] # useradd rsync -s /sbin/nologin -M 创建虚拟用户rsync
[root@backup sa_dir] # id rsync
uid=1013(rsync) gid=1016(rsync) groups=1016(rsync)
[root@backup sa_dir] #
2.6.10 rsync: failed to connect to 172.16.1.41 (172.16.1.41): Connection refused (111)
原因:
- rsync服务没有开启
- 远程服务器是否ping通
- rsync服务的端口可能和配置文件不一致造成的
解决办法
- 开启rsync服务
- 查看远程服务器是否ping通
- 查看rsync端口的配置文件
[root@backup sa_dir] # systemctl is-active rsync
unknown
You have new mail in /var/spool/mail/root
[root@backup sa_dir] # ps -ef | grep rsync
root 3665 2195 0 09:21 pts/0 00:00:00 grep --color=auto rsync 发现rsync服务没开启
[root@backup sa_dir] # cat /var/run/rsync.pid
cat: /var/run/rsync.pid: No such file or directory
[root@backup sa_dir] #
[root@nfs01 ~] # ping 172.16.1.41 ping41服务器
PING 172.16.1.41 (172.16.1.41) 56(84) bytes of data.
64 bytes from 172.16.1.41: icmp_seq=1 ttl=64 time=0.344 ms
64 bytes from 172.16.1.41: icmp_seq=2 ttl=64 time=0.372 ms
--- 172.16.1.41 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.344/0.384/0.436/0.038 ms
You have new mail in /var/spool/mail/root
uid = rsync
gid = rsync
port = 874 服务应该是873,现在是874
2.6.11 skipping directory etc
原因:
- 传输的是目录
解决办法
- 加参数-r进行递归遍历
[root@nfs01 ~] # rsync -r /oldboy root@172.16.1.41:/tmp 加参数-r则成功传递
root@172.16.1.41's password:
You have new mail in /var/spool/mail/root
2.6.12 bash: rsync: command not found(remote command not found)
原因:
- 远程没有rsync服务造成的
解决方法:
- 使用yum安装rsync来进行解决
2.6.13 error: error in rsync protocol data stream
[root@nfs01 ~] # rsync -avz /etc/ rsync_backup@172.16.1.41::sa_dir
Password:
sending incremental file list
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(226) [sender=3.1.2]
You have new mail in /var/spool/mail/root
原因:
- 配置文件出现错误造成的
解决办法:
- 查看配置文件,查看哪些出现了错误
read only = true 只读打开造成的
list = false
#hosts allow = 172.16.1.0/24
#hosts deny = 0.0.0.0/32