Rsync server configuration - simulate IDC cross machine room backup
| IP | role | user |
|---|---|---|
| 192.168.1.4 | aaa server (public cloud) | root |
| 192.168.1.5 | bbb client | root |
| 192.168.1.6 | ccc client | root |
- Preparation for aaa server (public cloud)
//Create a backup directory, preferably a separate disk [root@aaa-server /]# mkdir /backup //Create rsync user, not allowed to log in, not create home directory [root@aaa-server share]# useradd -M -s /sbin/nologin rsync //Check whether the establishment is successful [root@aaa-server /]# id rsync uid=1002(rsync) gid=1002(rsync) groups=1002(rsync) //Authorized backup directory rsync user belongs to the primary group [root@aaa-server /]# chown -R rsync.rsync /backup
- Rsync server configuration, create password file / etc/rsync.secrets
[root@aaa-server /]# echo "rsync_backup:abc123" > /etc/rsync.secrets [root@aaa-server /]# chmod 600 /etc/rsync.secrets [root@aaa-server /]# ll /etc/rsync.secrets -rw------- 1 root root 20 Sep 28 16:10 /etc/rsync.secrets [root@aaa-server /]#
- Rsync server configuration main configuration file / etc/rsyncd.conf
[root@aaa-server /]# vim /etc/rsyncd.conf uid = rsync gid = rsync port = 873 use chroot = no max connetion = 2000 timeout = 600 pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock log file = /var/run/rsync.log ignore errors read only = false list = false address = 192.168.1.4 hosts allow = 192.168.1.0/24 hosts deny = 0.0.0.0/32 auth users = rsync_backup ######################################### [backup] path = /backup secrets file = /etc/rsync.secrets
- Create server password file and client password file (wrong name / no creation / wrong configuration file parameters will be reported as errors)
// Create the rsync.secrets file on the server side in the correct format [root@aaa-serverbackup]# vim /etc/rsync.secrets rsync_backup:123123 //Create the rsync.secrets file on the client side in the correct format [root@bbb-client backup]# vim /etc/rsync.secrets 123123 // Both the server and client password files are set to 600 [root@aaa-server backup]# chmod 600 /etc/rsync.secrets [root@bbb-client backup]# chmod 600 /etc/rsync.secrets
- It is better to establish a directory for unified management of Rsync configuration files / etc/rsyncd with soft link management
//Establish a soft connection between / etc/rsyncd.conf and / etc/rsync.secrets in the / etc/rsyncd directory [root@aaa-server rsyncd]# ln -s /etc/rsync.secrets /etc/rsyncd/rsync.secrets [root@aaa-server rsyncd]# ln -s /etc/rsyncd.conf /etc/rsyncd/rsyncd.conf [root@aaa-server rsyncd]# ll total 0 lrwxrwxrwx 1 root root 16 Sep 28 18:06 rsyncd.conf -> /etc/rsyncd.conf lrwxrwxrwx 1 root root 18 Sep 28 21:30 rsync.secrets -> /etc/rsync.secrets [root@aaa-server rsyncd]#
- Start Rsync
1. Start command
[root@aaa-server /]# rsync --daemon --config=/etc/rsyncd.conf
//View port is 873
[root@aaa-server /]# ss -lnp |grep rsync
u_dgr UNCONN 0 0 * 366531 * 8432 users:(("rsync",pid=45916,fd=4))
tcp LISTEN 0 5 192.168.1.4:873 *:* users:(("rsync",pid=45916,fd=3))
[root@aaa-server /]# ps -aux|grep rsync
root 45916 0.0 0.0 114700 384 ? Ss 16:15 0:00 rsync --daemon
root 46010 0.0 0.0 112708 964 pts/1 S+ 16:16 0:00 grep --color=auto rsync
[root@aaa-server /]#
2. You can also write start stop scripts
[root@aaa-server /]# vim /etc/init.d/rdaemon.sh
#!/bin/bash
source /etc/init.d/functions
function start(){
rsync_pid_dir=/var/run/rsyncd.pid
if [ ! -f /var/run/rsyncd.pid ];then
/usr/bin/rsync --daemon
action "rsync is deamon" /bin/true
else
action "rsync is start" /bin/false
exit 1
fi
}
function stop(){
kill pid=$(ps aux|grep rsync|grep -v grep |awk '{print $2}')
proce_pid=$(ps aux|grep rsync|grep -v grep |wc -l)
if [ "$proce_pid" -eq 0 ];then
action "rsync is no start" /bin/false
else
/bin/kill -9 $kill_pid &>/dev/null
rm -f /var/run/rsyncd.pid &>/dev/null
action "rsync is off" /bin/true
fi
}
case $1 in
start)
start
;;
stop)
stop
;;
restart)
restart
stop
start
;;
*)
echo "USAGE: start|stop|restart"
esac
//Add execution permission to the script
[root@aaa-server /]# chmod +x /etc/init.d/rdaemon.sh
//Start rsync
[root@aaa-server /]# /etc/init.d/rdaemon.sh start
3. Of course, it can also be edited/etc/xinetd.d/rsync Files, converting disable=yes Change to disable=noļ¼And restart xinetd Services, as follows
[root@aaa-server /]#vim /etc/xinetd.d/rsync
#default: off
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync {
disable = no
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
[root@aaa-server /]# /etc/init.d/xinetd restart
//Stop xinetd: [OK]
//Start xinetd: [OK]
- Rsync joins the startup
//Steal the lazy and write the startup command directly to / etc/rc.local [root@aaa-server /]# echo "rsync --daemon --config=/etc/rsyncd.conf" >> /etc/rc.local //Add executable permissions to / etc/rc.local [root@aaa-server /]# chmod +x /etc/rc.local
- Rsync simulation IDC cross machine room backup
1. bbb-client Push data to aaa-server Server side [root@ccc-client ~]# rsync -avz /data/share rsync_backup@192.168.1.5::backup --password-file=/etc/rsync.secrets 2. ccc-client from aaa-server Pull data [root@ccc-client ~]# rsync -avz rsync_backup@192.168.1.4::backup /data/ --password-file=/etc/rsync.secrets # The above two parts can realize IDC cross machine room backup synchronization 3. bbb-client from aaa-server Pull data (password authentication method) [root@ccc-client ~]# rsync -avz --delete rsync_backup@192.168.1.4::backup /data/ --password-file=/etc/rsync.secrets
- Possible errors:
[root@ccc-client ~]# rsync -avz rsync_backup@192.168.1.4::backup /backup/ Password: @ERROR: auth failed on module backup rsync error: error starting client-server protocol (code 5) at main.c(1648) [Receiver=3.1.2] [root@ccc-client ~]# //Error reason 1> The permission of the client password file is not 600 [root@aaa-server backup]# chmod 600 /etc/rsync.secrets 2> The server password file is not 600 [root@bbb-client backup]# chmod 600 /etc/rsync.secrets 3> The server password file does not exist(Wrong name/No creation/Configuration file parameters are wrong) [root@bbb-client backup]# vim /etc/rsync.secrets rsync_backup:123123 4> The password saved in the client password file is incorrect [root@ccc-client ~]# vim /etc/rsync.secrets 123123
rsync reports more errors: https://blog.csdn.net/syaving_________/article/details/65437534