rsync与rsync+inotify远程同步工具的使用

rsync

1. rsync简介

rsynclinux系统下的数据镜像备份工具。使用快速增量备份工具Remote Sync可以远程同步,支持本地复制,或者与其他SSHrsync主机同步。

2. rsync特性

rsync支持很多特性:

  • 可以镜像保存整个目录树和文件系统
  • 可以很容易做到保持原来文件的权限、时间、软硬链接等等
  • 无须特殊权限即可安装
  • 快速:第一次同步时rsync会复制全部内容,但在下一次只传输修改过的文件。rsync在传输数据的过程中可以实行压缩及解压缩操作,因此可以使用更少的带宽
  • 安全:可以使用scpssh等方式来传输文件,当然也可以通过直接的socket连接
  • 支持匿名传输,以方便进行网站镜像

3. rsync的ssh认证协议

rsync命令来同步系统文件之前要先登录remote主机认证,认证过程中用到的协议有2种:

  • ssh协议
  • rsync协议
rsync server`端不用启动`rsync`的`daemon`进程,只要获取`remote host`的用户名和密码就可以直接`rsync`同步文件
`rsync server`端因为不用启动`daemon`进程,所以也不用配置文件`/etc/rsyncd.conf

ssh认证协议跟scp的原理是一样的,如果在同步过程中不想输入密码就用ssh-keygen -t rsa打通通道

//这种方式默认是省略了 -e ssh 的,与下面等价:
rsync -avz /SRC -e ssh root@172.16.12.129:/DEST 
    -a  //文件宿主变化,时间戳不变
    -z  //压缩数据传输
 
//当遇到要修改端口的时候,我们可以:
rsync -avz /SRC -e "ssh -p2222" root@172.16.12.129:/DEST  
//修改了ssh 协议的端口,默认是22

4. rsync部署

1.环境配置
//源主机:192.168.116.146
//目标主机:192.168.116.147

2.修改主机名
[root@localhost ~]# hostnamectl set-hostname src
[root@localhost ~]# bash
Welcome to 4.19.0-91.82.152.uelc20.x86_64
[root@src ~]# 

[root@localhost ~]# hostnamectl set-hostname dest
[root@localhost ~]# bash
Welcome to 4.19.0-91.82.152.uelc20.x86_64
[root@dest ~]# 

3.关闭防火墙
[root@src ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@src ~]# vim /etc/selinux/config
SELINUX=disabled
[root@src ~]# setenforce 0

[root@dest ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@dest ~]# vim /etc/selinux/config
SELINUX=disabled
[root@dest ~]# setenforce 0

4.版本
[root@src ~]# cat /etc/os-release 
PRETTY_NAME="UOS Server 20"
NAME="UOS Server 20"
VERSION_ID="20"
VERSION="20"
ID=uos
HOME_URL="https://www.chinauos.com/"
BUG_REPORT_URL="https://bbs.chinauos.com/"
VERSION_CODENAME=kongzi
PLATFORM_ID="platform:uelc20"

[root@dest ~]# cat /etc/os-release 
PRETTY_NAME="UOS Server 20"
NAME="UOS Server 20"
VERSION_ID="20"
VERSION="20"
ID=uos
HOME_URL="https://www.chinauos.com/"
BUG_REPORT_URL="https://bbs.chinauos.com/"
VERSION_CODENAME=kongzi
PLATFORM_ID="platform:uelc20"

5.安装rsync
[root@src ~]# yum -y install rsync
完毕!

[root@dest ~]# yum -y install rsync
完毕!

6.同步资源
//同步文件
[root@dest ~]# ls /tmp
qtsingleapp-uosdev-2dc4-0-lockfile  systemd-private-4e54a31f722d460b928dcadf1e9821b9-chronyd.service-eVTFex
qtsingleapp-uoslic-e6e4-0           systemd-private-4e54a31f722d460b928dcadf1e9821b9-systemd-logind.service-s1htvL
qtsingleapp-uoslic-e6e4-0-lockfile

[root@src ~]# rsync -avz anaconda-ks.cfg root@192.168.116.147:/tmp
The authenticity of host '192.168.116.147 (192.168.116.147)' can't be established.
ECDSA key fingerprint is SHA256:NmTmj8AZttR+QqiPin3+KkuKagCElpgZ5IXN6TU25oc.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.116.147' (ECDSA) to the list of known hosts.
UOS Server 20 1060a 
root@192.168.116.147's password: 
sending incremental file list
anaconda-ks.cfg

sent 769 bytes  received 35 bytes  55.45 bytes/sec
total size is 1,237  speedup is 1.54

[root@dest ~]# ls /tmp
anaconda-ks.cfg                     qtsingleapp-uoslic-e6e4-0           systemd-private-4e54a31f722d460b928dcadf1e9821b9-chronyd.service-eVTFex
qtsingleapp-uosdev-2dc4-0-lockfile  qtsingleapp-uoslic-e6e4-0-lockfile  systemd-private-4e54a31f722d460b928dcadf1e9821b9-systemd-logind.service-s1htvL

//同步目录
[root@src ~]# mkdir /root/runtime
[root@src ~]# ls
anaconda-ks.cfg  initial-setup-ks.cfg  runtime
[root@src ~]# cd runtime
[root@src runtime]# touch 123.txt
[root@src runtime]# ls
123.txt

[root@dest ~]# mkdir /root/hl
[root@dest ~]# ls
anaconda-ks.cfg  hl  initial-setup-ks.cfg
[root@dest ~]# ls hl

[root@src ~]# rsync -avz /root/runtime root@192.168.116.147:/root/hl
UOS Server 20 1060a 
root@192.168.116.147's password: 
sending incremental file list
runtime/
runtime/123.txt

sent 121 bytes  received 39 bytes  21.33 bytes/sec
total size is 0  speedup is 0.00

[root@dest ~]# ls hl
runtime
[root@dest ~]# tree hl
hl
└── runtime
    └── 123.txt

1 directory, 1 file

7.备份
//备份目录
[root@src ~]# rsync -avz runtime abc
sending incremental file list
created directory abc
runtime/
runtime/123.txt

sent 121 bytes  received 65 bytes  372.00 bytes/sec
total size is 0  speedup is 0.00
[root@src ~]# ls
abc  anaconda-ks.cfg  initial-setup-ks.cfg  runtime
[root@src ~]# ll -ih
总用量 12K
  1419921 drwxr-xr-x 3 root root   21 12月 14 14:34 abc
 67771613 -rw------- 1 root root 1.3K 12月 14 12:58 anaconda-ks.cfg
 67771628 -rw------- 1 root root 5.5K 12月 14 13:16 initial-setup-ks.cfg
101572737 drwxr-xr-x 2 root root   21 12月 14 14:26 runtime

//备份文件
[root@src ~]# rsync -avz anaconda-ks.cfg 123.txt
sending incremental file list
anaconda-ks.cfg

sent 769 bytes  received 35 bytes  1,608.00 bytes/sec
total size is 1,237  speedup is 1.54
[root@src ~]# ll -ih
总用量 16K
 67149098 -rw------- 1 root root 1.3K 12月 14 12:58 123.txt
  1419921 drwxr-xr-x 3 root root   21 12月 14 14:34 abc
 67771613 -rw------- 1 root root 1.3K 12月 14 12:58 anaconda-ks.cfg
 67771628 -rw------- 1 root root 5.5K 12月 14 13:16 initial-setup-ks.cfg
101572737 drwxr-xr-x 2 root root   21 12月 14 14:26 runtime

8.同步删除资源
[root@src ~]# ls
anaconda-ks.cfg  initial-setup-ks.cfg  runtime
[root@src ~]# ls runtime
123.txt

[root@dest ~]# ls
anaconda-ks.cfg  hl  initial-setup-ks.cfg
[root@dest ~]# tree hl
hl
└── runtime
    └── 123.txt

1 directory, 1 file

[root@src ~]# rm -rf /root/runtime/123.txt
[root@src ~]# ls runtime
[root@src ~]# rsync -avz --delete /root/runtime root@192.168.116.147:/root/hl
UOS Server 20 1060a 
root@192.168.116.147's password: 
sending incremental file list
deleting runtime/123.txt
runtime/

sent 61 bytes  received 39 bytes  13.33 bytes/sec
total size is 0  speedup is 0.00

[root@dest ~]# tree hl
hl
└── runtime

1 directory, 0 files

//更改资源同步
[root@src ~]# ls
anaconda-ks.cfg  initial-setup-ks.cfg  runtime
[root@src ~]# cd runtime
[root@src runtime]# touch 123 456 789
[root@src runtime]# ls
123  456  789
[root@src runtime]# cd
[root@src ~]# rsync -avz /root/runtime root@192.168.116.147:/root/hl
UOS Server 20 1060a 
root@192.168.116.147's password: 
sending incremental file list
runtime/
runtime/123
runtime/456
runtime/789

sent 219 bytes  received 77 bytes  45.54 bytes/sec
total size is 0  speedup is 0.00

[root@dest ~]# tree hl
hl
└── runtime
    ├── 123
    ├── 456
    └── 789

1 directory, 3 files

9.免密登入传输
[root@src ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:CiVd9ysra2OrDrzavQvRp+1DrzWIK0S4YL9V1orQBBM root@src
The key's randomart image is:
+---[RSA 3072]----+
|   Eo   . .      |
|    .o . . .     |
|   .+ o .   .    |
|.....= o .   .   |
|...o+ = S . .    |
|  .o.= B.. o     |
|   .* +.+.+      |
|   o.= o=+..     |
|  ..ooB*==       |
+----[SHA256]-----+
[root@src ~]# ssh-copy-id root@192.168.116.147
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
UOS Server 20 1060a 
root@192.168.116.147's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.116.147'"
and check to make sure that only the key(s) you wanted were added.

[root@src ~]# ls .ssh
id_rsa  id_rsa.pub  known_hosts
[root@src ~]# cd /runtime
[root@src runtime]# ls
test
[root@src runtime]# mkdir test2
[root@src runtime]# ls
test  test2
[root@src ~]# rsync -avz /root/runtime root@192.168.116.147:/root/hl
UOS Server 20 1060a 
sending incremental file list

sent 78 bytes  received 17 bytes  190.00 bytes/sec
total size is 0  speedup is 0.00

[root@dest ~]# ls /hl
runtime  test
[root@dest ~]# ls /hl/runtime
test  test2

5. rsync+inotify

rsync与传统的cptar备份方式相比,rsync具有安全性高、备份迅速、支持增量备份等优点,通过rsync可以解决对实时性要求不高的数据备份需求,例如定期的备份文件服务器数据到远端服务器,对本地磁盘定期做数据镜像等。
随着应用系统规模的不断扩大,对数据的安全性和可靠性也提出的更好的要求,rsync在高端业务系统中也逐渐暴露出了很多不足,首先,rsync同步数据时,需要扫描所有文件后进行比对,进行差量传输。如果文件数量达到了百万甚至千万量级,扫描所有文件将是非常耗时的。而且正在发生变化的往往是其中很少的一部分,这是非常低效的方式。其次,rsync不能实时的去监测、同步数据,虽然它可以通过linux守护进程的方式进行触发同步,但是两次触发动作一定会有时间差,这样就导致了服务端和客户端数据可能出现不一致,无法在应用故障时完全的恢复数据。基于以上原因,rsync+inotify组合出现了!

Inotify是一种强大的、细粒度的、异步的文件系统事件监控机制,linux内核从2.6.13起,加入了Inotify支持,通过Inotify可以监控文件系统中添加、删除,修改、移动等各种细微事件,利用这个内核接口,第三方软件就可以监控文件系统下文件的各种变化情况,而inotify-tools就是这样的一个第三方软件。
在前面有讲到,rsync可以实现触发式的文件同步,但是通过crontab守护进程方式进行触发,同步的数据和实际数据会有差异,而inotify可以监控文件系统的各种变化,当文件有任何变动时,就触发rsync同步,这样刚好解决了同步数据的实时性问题。

配置环境

1.环境配置
//源主机:192.168.116.146
//目标主机:192.168.116.147

2.修改主机名
[root@localhost ~]# hostnamectl set-hostname src
[root@localhost ~]# bash
Welcome to 4.19.0-91.82.152.uelc20.x86_64
[root@src ~]# 

[root@localhost ~]# hostnamectl set-hostname dest
[root@localhost ~]# bash
Welcome to 4.19.0-91.82.152.uelc20.x86_64
[root@dest ~]# 

3.关闭防火墙
[root@src ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@src ~]# vim /etc/selinux/config
SELINUX=disabled
[root@src ~]# setenforce 0

[root@dest ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@dest ~]# vim /etc/selinux/config
SELINUX=disabled
[root@dest ~]# setenforce 0

在目标服务器上做以下操作(先安装rsync并启动):

1.安装
[root@dest ~]# yum list all | grep rsync
rsync.x86_64                                                      3.1.3-19.uelc20                                           @UnionTechOS-20-BaseOS   
apache-ranger-usersync.x86_64                                     2.1.0-3.uelc20.01                                         UnionTechOS-20-Plus      
libguestfs-rsync.x86_64                                           1:1.44.0-9.0.1.module+uelc20+1093+2b4389a2.01             UnionTechOS-20-AppStream 
librsync.x86_64                                                   2.3.1-1.uelc20.1                                          UnionTechOS-20-Plus      
librsync-devel.x86_64                                             2.3.1-1.uelc20.1                                          UnionTechOS-20-Plus      
librsync-doc.noarch                                               2.3.1-1.uelc20.1                                          UnionTechOS-20-Plus      
rsync-bpc.x86_64                                                  3.1.2.0-5.uelc20.1                                        UnionTechOS-20-Plus      
rsync-daemon.noarch                                               3.1.3-19.uelc20                                           UnionTechOS-20-BaseOS    
[root@dest ~]# yum -y install rsync-daemon       //安装rsync启动的服务
完毕!

2.向配置文件添加内容
[root@dest ~]# vim /etc/rsyncd.conf 
[root@dest ~]# tail -20  /etc/rsyncd.conf 
#        path = /home/ftp
#        comment = ftp export area
log file = /var/log/rsyncd.log       //从这里开始,把下面的内容加到配置文件
pidfile = /var/run/rsyncd.pid     
lock file = /var/run/rsync.lock   
secrets file = /etc/rsync.pass       //这里的密码位置可以自定义,不一定非要在/etc/下面

[etc_from_client]                    //源主机同步数据的位置
path = /hl/                          //同步到目标主机的路径  
comment = sync etc from client
uid = root        
gid = root        
port = 873        
ignore errors                        //出现错误可以忽略
use chroot = no                      //允许软链接的方式同步  
read only = no    
list = no     
max connections = 200    
timeout = 600     
auth users = admin    
[root@dest ~]# mkdir /hl

3.创建用户认证文件
[root@dest ~]# echo 'admin:123456' > /etc/rsync.pass
[root@dest ~]# cat /etc/rsync.pass
admin:123456
//设置文件权限
[root@dest ~]# chmod 600 /etc/rsync.pass
[root@dest ~]# ll /etc/rsync.pass
-rw------- 1 root root 13 1214 15:19 /etc/rsync.pass

4.启动rsync并设置开机自启
[root@dest ~]# systemctl enable --now rsyncd
Created symlink /etc/systemd/system/multi-user.target.wants/rsyncd.service → /usr/lib/systemd/system/rsyncd.service.
[root@dest ~]# systemctl status rsyncd
● rsyncd.service - fast remote file copy program daemon
   Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2023-12-14 15:22:18 CST; 19s ago
 Main PID: 357602 (rsync)
    Tasks: 1
   Memory: 192.0K
   CGroup: /system.slice/rsyncd.service
           └─357602 /usr/bin/rsync --daemon --no-detach

1214 15:22:18 dest systemd[1]: Started fast remote file copy program daemon.
[root@dest ~]# ss -antl
State              Recv-Q             Send-Q                           Local Address:Port                           Peer Address:Port             Process             
LISTEN             0                  5                                      0.0.0.0:873                                 0.0.0.0:*                                    
LISTEN             0                  128                                    0.0.0.0:22                                  0.0.0.0:*                                    
LISTEN             0                  5                                    127.0.0.1:631                                 0.0.0.0:*                                    
LISTEN             0                  5                                         [::]:873                                    [::]:*                                    
LISTEN             0                  128                                       [::]:22                                     [::]:*                                    
LISTEN             0                  5                                        [::1]:631                                    [::]:*                                    

在源服务器上做以下操作(先安装rsync并启动):

1.创建认证密码文件
[root@src ~]# echo '123456' > /etc/rsync.pass           //这个上面的密码要跟目标主机上面的一致,存放位置可以不一样
[root@src ~]# cat /etc/rsync.pass
123456

2.设置文件权限,只设置文件所有者具有读取、写入权限即可
[root@src ~]# chmod 600 /etc/rsync.pass
[root@src ~]# ll /etc/rsync.pass
-rw------- 1 root root 7 1214 15:50 /etc/rsync.pass

3.在源服务器上创建测试目录,然后在源服务器运行以下命令
[root@src ~]# mkdir -pv /runtime/test
mkdir: 已创建目录 '/runtime'
mkdir: 已创建目录 '/runtime/test'
[root@src ~]# ls /runtime
test
[root@src ~]# rsync -avH --port 873 --progress --delete /runtime/test admin@192.168.116.147::etc_from_client --password-file=/etc/rsync.pass
sending incremental file list
test/

sent 62 bytes  received 24 bytes  172.00 bytes/sec
total size is 0  speedup is 0.00

[root@dest ~]# ls /hl
test

4.安装inotify-tools工具,实时触发rsync进行同步
//查看服务器内核是否支持inotify
[root@src ~]# ll /proc/sys/fs/inotify/
总用量 0
-rw-r--r-- 1 root root 0 1214 16:03 max_queued_events
-rw-r--r-- 1 root root 0 1214 16:03 max_user_instances
-rw-r--r-- 1 root root 0 1214 16:03 max_user_watches

//安装inotify-tools 
//可以直接用yum list all | grep inotify查找,直接下,如果没有的话下个epel-release源再下载
[root@src ~]# wget https://dl.fedoraproject.org/pub/epel/8/Everything/x86_64/Packages/i/inotify-tools-3.14-19.el8.x86_64.rpm
[root@src ~]# yum -y install inotify-tools-3.14-19.el8.x86_64.rpm

5.写同步脚本,此步乃最最重要的一步,请慎之又慎。让脚本自动去检测我们制定的目录下
//文件发生的变化,然后再执行rsync的命令把它同步到我们的服务器端去
//创建目录,在目录下创建一个文件
[root@src ~]# mkdir /scripts
[root@src ~]# touch /scripts/inotify.sh

//设置权限
[root@src ~]# chmod 755 /scripts/inotify.sh
[root@src ~]# ll /scripts/inotify.sh
-rwxr-xr-x 1 root root 0 1214 17:41 /scripts/inotify.sh

//编辑文件,向里面写入脚本
[root@src ~]# vim /scripts/inotify.sh
[root@src ~]# cat /scripts/inotify.sh
#!/bin/bash
host=192.168.116.147  
src=/runtime        
des=etc_from_client     
password=/etc/rsync.pass       
user=admin        
inotifywait=/usr/bin/inotifywait

$inotifywait -mrq --timefmt '%Y%m%d %H:%M' --format '%T %w%f%e' -e modify,delete,create,attrib $src \
        | while read files;do
    rsync -avzP --delete  --timeout=100 --password-file=${password} $src $user@$host::$des
        echo "${files} was rsynced" >>/tmp/rsync.log 2>&1
done

6.启动脚本
[root@src ~]# nohup bash /scripts/inotify.sh &
[1] 107195
[root@src ~]# nohup: 忽略输入并把输出追加到'nohup.out'

[root@src ~]# ps -ef|grep inotify
root      107195    1485  0 17:46 pts/0    00:00:00 bash /scripts/inotify.sh
root      107196  107195  0 17:46 pts/0    00:00:00 /usr/bin/inotifywait -mrq --timefmt %Y%m%d %H:%M --format %T %w%f%e -e modify,delete,create,attrib /runtime
root      107197  107195  0 17:46 pts/0    00:00:00 bash /scripts/inotify.sh
root      109147    1485  0 17:46 pts/0    00:00:00 grep --color=auto inotify

7.在源服务器上生成一个新文件
[root@src ~]# ls /runtime/test
[root@src ~]# echo 'hello world' > /runtime/test/abc
[root@src ~]# cat /runtime/test/abc
hello world

[root@dest ~]# cat /hl/runtime/test/abc
hello world
8.查看inotify生成的日志
[root@src ~]# tail /tmp/rsync.log
20231214 17:49 /runtime/test/abcCREATE was rsynced
20231214 17:49 /runtime/test/abcMODIFY was rsynced

设置脚本开机自动启动:

[root@src ~]# ll /etc/rc.d/rc.local
-rw-r--r-- 1 root root 506 1214 13:00 /etc/rc.d/rc.local
[root@src ~]# chmod +x /etc/rc.d/rc.local
[root@src ~]# vim /etc/rc.d/rc.local
[root@src ~]# tail -2 /etc/rc.d/rc.local
/sbin/sysctl -p /etc/sysctl.conf
nohup /bin/bash /scripts/inotify.sh         //把这一段添加到开机自启的文件中/etc/rc.local,加执行权限

//测试
[root@src ~]# reboot
连接断开
连接断开
连接主机...
UOS Server 20 1060a 
连接主机成功
Welcome to UOS Server 20
Last login: Thu Dec 14 17:50:49 2023 from 192.168.116.1
Welcome to 4.19.0-91.82.152.uelc20.x86_64
[root@src ~]# echo 'hello china' >> /runtime/test/abc
[root@src ~]# cat /runtime/test/abc
hello world
hello china

[root@dest ~]# cat /hl/runtime/test/abc
hello world
hello china
  • 31
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 1
    评论
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值