场景:
通过rsync将某教学平台的课程文件同步到存储上,实现备份和同步。
操作:
ssh登陆到待备份的服务器,查看rsync安装情况。
#rpm -qa|grep -i rsync
rsync-2.6.3-1
说明有安装,再查看还有哪些rsync被安装在此服务器:
# which rsync
/usr/bin/rsync
就这一个,现在删除系统自带的rsync,安装新版本。
#rpm -e rsync-2.6.3-1
完成后再次测试rpm -qa|grep -i rsync,发现已经没有rsync在了。
安装:
进入目录/usr/local/tools,通过wget下载:
#wget http://www.samba.org/ftp/rsync/src/rsync-3.0.9.tar.gz
http://www.samba.org/ftp/rsync/src/rsync-3.0.9.tar.gz
=> `rsync-3.0.9.tar.gz'
Resolving www.samba.org... 216.83.154.106, 2001:470:1f05:1a07::1
Connecting to www.samba.org|216.83.154.106|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 792,725 (774K) [application/x-gzip]
100%[====================================>] 792,725 52.49K/s ETA 00:00
08:28:26 (58.54 KB/s) - `rsync-3.0.9.tar.gz' saved [792725/792725]
下载完毕,开始解压编译安装:
#tar zxvf rsync-3.0.9.tar.gz
#cd rsync-3.0.9
#./configure && make && make install
安装完成后,rsync被安装在
#/usr/local/bin
然后查看安装的情况:
#rsync -version
rsync version 3.0.9 protocol version 30
Copyright (C) 1996-2011 by Andrew Tridgell, Wayne Davison, and others.....
这样表示正常安装了。
开始配置,在/etc/下建立文件:
#vi /etc/rsyncd.conf
#运行RSYNC守护进程的用户
uid = root
#运行RSYNC守护进程的组
gid = root
#不使用chroot
use chroot = no
#最大连接数不限制
max connections = 0
#pid文件存放位置
pid file = /var/run/rsyncd.pid
#锁文件存放位置
lock file = /var/run/rsync.lock
#日志文件存放位置
log file = /var/log/rsyncd.log
[logs]
#要同步的目录
path = /usr/local/tools
#忽略无关的IO错误
ignore errors
#只读,不能上传
read only = true
#禁止查看文件列表
list = false
#允许访问服务的ip
#hosts allow = 202.200.*.*
#禁止访问服务的ip
#hosts deny = 0.0.0.0/32
#认证的用户名,系统必须存在的用户,但是密码需要在secrets file 配置,不是系统的密码。
auth users = root
#认证用户密码文件,配置auth users的密码
secrets file = /etc/backserver.pas
配置完成后,建立两边的shh互信链接:
#ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):回车
Enter passphrase (empty for no passphrase):回车
Enter same passphrase again:回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
xxx:3b root@xxxxxx
#cd /root/.ssh
#ls 查看到文件id_rsa id_rsa.pub known_hosts
然后把这个文件通过ssh传送到目标机器上:
scp /root/.ssh/id_rsa.pub root@202.200.*.*:/root/.ssh/authorized_keys2
scp /root/.ssh/known_hosts root@202.200.*.*:/root/.ssh/
The authenticity of host '202.200.*.* (202.200.*.*)' can't be established.
RSA key fingerprint is ###############################:bb:91:63:5c:13.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '202.200.*.*' (RSA) to the list of known hosts.
root@202.200.*.*'s password:
id_rsa.pub 100% 223 0.2KB/s 00:00
完成后来到目标主机,修改vi /etc/ssh/sshd_config,找到下面内容修改:
AuthorizedKeysFile .ssh/authorized_keys2 (这里写刚才传送过来的文件名)
最后重启目标主机的ssh:
#service sshd restart
然后测试原主机和目标主机的连通情况,看是否不需要密码就可以链接。
ssh 202.200.*.*
如果可以连通,就可以配置下面的了;
启动rsync:
#/usr/local/bin/rsync --daemon
查看是否启动:
#ps -aux |grep rsync
root 90*5 0.0 0.0 4660 520 ? Ss Sep18 0:00 /usr/local/bin/rsync --daemon
root 237*5 0.0 0.0 3728 660 pts/2 S+ 15:12 0:00 grep rsync
#netstat -an |grep 873
tcp 0 0 :::873 :::* LISTEN
说明rsync正常运行。
现在加入防火墙:
打开防火墙
iptables -i INPUT -p tcp --dport 873 -j ACCEPT
iptables -L
结果如下:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:rsync
开始备份:
#rsync -aSvH /home/ root@202.200.*.*:/home/
#rsync -aSvH /bb/content/vi/bb_bb60/courses root@202.200.*.*:/home1/bb
如何同步两边的文件,并自动备份呢? (未完待续....)