rsync+inotify同步文件

RSYNC 远程同步

• 目标服务器端配置

[root@node1 ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@node1 ~]# setenforce 0
setenforce: SELinux is disabled
[root@node1 ~]# vim /etc/selinux/config 
SELINUX=disabled
[root@node1 ~]# yum -y install rsync     //安装软件包

• 源服务器端

[root@server ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@server ~]# setenforce 0
setenforce: SELinux is disabled
[root@server ~]# vim /etc/selinux/config
setenforce: SELinux is disabled
[root@server ~]# yum -y install rsync

• 测试

目标服务器端
[root@node1 ~]# tree /root/qqq/
/root/qqq/
├── qa
└── qe

2 directories, 0 files
[root@node1 ~]# rsync -avz /root/qqq 192.168.117.10:/tmp/  
The authenticity of host '192.168.117.10 (192.168.117.10)' can't be established.
ECDSA key fingerprint is SHA256:RDwr/8Td7hT0Y4WiSHjQ1VPursgpcyhqTj0W2TcSpxY.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.117.10' (ECDSA) to the list of known hosts.
UOS Server 20 1060a 
root@192.168.117.10's password: 
sending incremental file list
qqq/
qqq/qa/
qqq/qe/

sent 96 bytes  received 28 bytes  11.81 bytes/sec
total size is 0  speedup is 0.00


源服务器端
[root@server ~]# tree /tmp/qqq/
/tmp/qqq/
├── qa
└── qe

2 directories, 0 files

//rsync常用选项：
    -a, --archive       //归档,文件宿主变化，时间戳不变
    -v, --verbose       //啰嗦模式
    -q, --quiet         //静默模式
    -r, --recursive     //递归
    -p, --perms         //保持原有的权限属性
    -z, --compress      //在传输时压缩，节省带宽，加快传输速度
    --delete            //在源服务器上做的删除操作也会在目标服务器上同步

• 配置无密码登录

[root@node1 ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:IN80+vP5VmvUounxH2GP3CFTXTjBJbHNZqFjlZuY6Os root@node1
The key's randomart image is:
+---[RSA 3072]----+
|             .+B+|
|              **+|
|    . . o   .++oO|
|     o = . ..oo= |
|      o S .  o = |
|       .   . .Bo=|
|        o   o=o+o|
|         o o+oo .|
|          +Eo....|
+----[SHA256]-----+
[root@node1 ~]# ssh-copy-id root@192.168.117.10
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
UOS Server 20 1060a 
root@192.168.117.10's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.117.10'"
and check to make sure that only the key(s) you wanted were added.

• rsync+inotify 自动远程同步

目标服务器端
[root@node1 ~]# yum -y install rsync-daemon    //目标主机需要安装
[root@node1 ~]# vim /etc/rsyncd.conf
log file = /var/log/rsyncd.log    # 日志文件位置，启动rsync后自动产生这个文件，无需提前创建
pidfile = /var/run/rsyncd.pid     # pid文件的存放位置
lock file = /var/run/rsync.lock   # 支持max connections参数的锁文件
secrets file = /etc/rsync.pass    # 用户认证配置文件，里面保存用户名称和密码，必须手动创建这个文件

[etc_from_client]     # 自定义同步名称
path = /xhx/          # rsync服务端数据存放路径，客户端的数据将同步至此目录
comment = sync etc from client
uid = root        # 设置rsync运行权限为root
gid = root        # 设置rsync运行权限为root
port = 873        # 默认端口
ignore errors     # 表示出现错误忽略错误
use chroot = no       # 默认为true，修改为no，增加对目录文件软连接的备份
read only = no    # 设置rsync服务端为读写权限
list = no     # 不显示rsync服务端资源列表
max connections = 200     # 最大连接数
timeout = 600     # 设置超时时间
auth users = admin        # 执行数据同步的用户名，可以设置多个，用英文状态下逗号隔开,必须不是真实用户
hosts allow = 172.16.12.128   # 允许进行数据同步的客户端IP地址，可以设置多个，用英文状态下逗号隔开
hosts deny = 192.168.1.1      # 禁止数据同步的客户端IP地址，可以设置多个，用英文状态下逗号隔开

[root@node1 ~]# echo 'admin:123456' > /etc/rsync.pass      //配置虚拟用户账户与密码
[root@node1 ~]# chmod 600 /etc/rsync*       //修改权限,只能自己修改
[root@node1 ~]# systemctl enable --now rsyncd
Created symlink /etc/systemd/system/multi-user.target.wants/rsyncd.service → /usr/lib/systemd/system/rsyncd.service.
[root@node1 ~]# ss -antl
State    Recv-Q   Send-Q     Local Address:Port     Peer Address:Port  Process  
LISTEN   0        5                0.0.0.0:873           0.0.0.0:*              
LISTEN   0        128              0.0.0.0:111           0.0.0.0:*              
LISTEN   0        128              0.0.0.0:22            0.0.0.0:*              
LISTEN   0        5              127.0.0.1:631           0.0.0.0:*              
LISTEN   0        5                   [::]:873              [::]:*              
LISTEN   0        128                 [::]:111              [::]:*              
LISTEN   0        128                 [::]:22               [::]:*              
LISTEN   0        5                  [::1]:631              [::]:*         

源服务器端
[root@server ~]# echo '123456' > /etc/rsync.pass      //只需要配置虚拟用户密码
[root@server ~]# chmod 600 /etc/rsync.pass   
[root@server ~]# mkdir -pv /root/etc/test    
mkdir: 已创建目录 '/root/etc'
mkdir: 已创建目录 '/root/etc/test'
[root@server ~]# rsync -avH --port 873 --progress --delete /root/etc/ admin@192.168.117.22::etc_from_client --password-file=/etc/rsync.pass

目标服务器端测试是否数据同步成功
[root@node1 ~]# ls /xhx
test

写同步脚本
源服务器端
[root@server ~]# ll /proc/sys/fs/inotify/      //查看是否支持inotify
总用量 0
-rw-r--r-- 1 root root 0 12月 14 16:12 max_queued_events
-rw-r--r-- 1 root root 0 12月 14 16:12 max_user_instances
-rw-r--r-- 1 root root 0 12月 14 16:12 max_user_watches
[root@server ~]# wget https://dl.fedoraproject.org/pub/epel/8/Everything/x86_64/Packages/i/inotify-tools-3.14-19.el8.x86_64.rpm
[root@server ~]# yum -y install inotify-tools-3.14-19.el8.x86_64.rpm 
[root@server ~]# mkdir /scripts
[root@server ~]# touch /scripts/inotify.sh     //创建脚本
[root@server ~]# chmod 755 /scripts/inotify.sh
[root@server ~]# ll /scripts/inotify.sh
-rwxr-xr-x 1 root root 0 12月 14 16:19 /scripts/inotify.sh
[root@server ~]# vim /scripts/inotify.sh    编辑配置文件
host=192.168.117.22      # 目标服务器的ip(备份服务器)
src=/etc        # 在源服务器上所要监控的备份目录（此处可以自定义，但是要保证存在）
des=etc_from_client     # 自定义的模块名，需要与目标服务器上定义的同步名称一致
password=/etc/rsync.pass        # 执行数据同步的密码文件
user=admin          # 执行数据同步的用户名
inotifywait=/usr/bin/inotifywait

$inotifywait -mrq --timefmt '%Y%m%d %H:%M' --format '%T %w%f%e' -e modify,delete,create,attrib $src \
| while read files;do
    rsync -avzP --delete  --timeout=100 --password-file=${password} $src $user@$host::$des
    echo "${files} was rsynced" >>/tmp/rsync.log 2>&1
done
[root@server ~]# nohup bash /scripts/inotify.sh &       //使脚本生效
[1] 53963
[root@server ~]# nohup: 忽略输入并把输出追加到'nohup.out'  //继续回车键

[root@server ~]# ps -ef|grep inotify
root       53963   53457  0 17:20 pts/0    00:00:00 bash /scripts/inotify.sh
root       53964   53963  0 17:20 pts/0    00:00:00 /usr/bin/inotifywait -mrq --timefmt %Y%m%d %H:%M --format %T %w%f%e -e modify,delete,create,attrib /etc
root       53965   53963  0 17:20 pts/0    00:00:00 bash /scripts/inotify.sh
root       53967   53457  0 17:20 pts/0    00:00:00 grep --color=auto inotify
[root@server ~]# echo 'hello world' > /etc/test1

目标服务器端
[root@node1 xhx]# ls
test  test1


源服务器端
[root@server ~]# tail /tmp/rsync.log
20231214 17:23 /etc/test1CREATE was rsynced
20231214 17:23 /etc/test1MODIFY was rsynced

设置脚本的开机自启
[root@server ~]# chmod +x /etc/rc.d/rc.local
[root@server ~]# ll /etc/rc.d/rc.local
-rwxr-xr-x 1 root root 506 12月 14 17:24 /etc/rc.d/rc.local
[root@server ~]# echo 'nohup /bin/bash /scripts/inotify.sh' >> /etc/rc.d/rc.local
[root@server ~]# tail /etc/rc.d/rc.local
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.

touch /var/lock/subsys/local
/sbin/sysctl -p /etc/sysctl.conf
nohup /bin/bash /scripts/inotify.sh