rsync数据同步操作
rsync是Linux系统下的数据镜像备份工具。使用快速增量备份工具Remote Sync可以远程同步,支持本地复制,与其他SSH、rsync主机同步数据。
1、rsync命令
格式:rsync [选项] 原始位置 目标位置
可用命令查看:rsync --help
常用选项:
-a归档模式,递归并保留对象属性
-v显示同步过程的详细(verbose)信息
-z在传输文件时进行压缩(compress)
-H保留硬链接文件
-A保留ACL属性
--delete删除目标位置有而原始位置没有的文件
-r递归模式,包含目录及子目录中所有文件
-l对于软链接文件仍然复制为软链接文件
-p保留文件的权限标记
-t保留文件的时间标记
-g保留文件的属组标记(仅超级用户使用)
-o保留文件的属主标记(仅超级用户使用)
-D保留设备文件及其他特殊文件
2、rsync有两种同步源,一种是基于SSH的同步源,另一种是基于rsync的同步源。
现在测试一下基于SSH的同步源
服务端:192.168.20.104
[root@server104 ~]$ yum install -y httpd
[root@server104 ~]$ systemctl start httpd
[root@server104 ~]$ echo 777 > /var/www/html/index.html
[root@server104 ~]$ curl 192.168.20.104
777
#如果访问不了网页,应该看看selinux是否为关闭的(disabled)
selinux服务的配置文件位置:/etc/selinux/config
客户端:192.168.20.11
[root@server11 ~]$ curl 192.168.20.104
777
\#客户端能成功访问服务端网站首页的内容
3、基于SSH的同步源
(1)在服务端创建一个用户:
服务端:192.168.20.104
[root@server104 ~]$ useradd gang
[root@server104 ~]$ passwd gang
Changing password for user gang.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
(2)在客户端创建一个目录,命名为了好记,就用ssh吧,同步服务端数据
客户端:192.168.20.11
[root@server11 ~]$ mkdir /client
[root@server11 ~]$ cd /client/
[root@server11 /client]$ mkdir ssh
[root@server11 /client]$ ls
ssh
[root@server11 /client]$ rsync -avz gang@192.168.20.104:/var/www/html/* /client/ssh/
The authenticity of host '192.168.20.104 (192.168.20.104)' can't be established.
ECDSA key fingerprint is SHA256:MkeKIt0mRzYN8F+HJDn4NQsRnP57bgy8Yu+E+WXOkHo.
ECDSA key fingerprint is MD5:e2:cc:aa:40:e5:d2:08:ea:a2:aa:02:c8:76:6d:cd:e1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.20.104' (ECDSA) to the list of known hosts.
gang@192.168.20.104's password:
receiving incremental file list
index.html
sent 30 bytes received 84 bytes 20.73 bytes/sec
total size is 4 speedup is 0.04
[root@server11 /client]$ ls
ssh
[root@server11 /client]$ ll ssh/
total 4
-rw-r--r-- 1 root root 4 Jan 16 14:51 index.html
[root@server11 /client]$ cat ssh/index.html
777
\#客户端已成功同步服务端数据
#这是下行同步,即从服务器端把数据同步到客户端
(3)上行同步,即把客户端的数据同步到服务端
[root@server11 /client/ssh]$ ls
index.html
[root@server11 /client/ssh]$ touch q.txt w.txt
[root@server11 /client/ssh]$ ls
index.html q.txt w.txt
[root@server11 /client/ssh]$ rsync -avz /client/ssh/* gang@192.168.20.104:/var/www/html
gang@192.168.20.104's password:
sending incremental file list
q.txt
w.txt
rsync: mkstemp "/var/www/html/.q.txt.XAwTR1" failed: Permission denied (13)
rsync: mkstemp "/var/www/html/.w.txt.KMoLDS" failed: Permission denied (13)
sent 143 bytes received 213 bytes 101.71 bytes/sec
total size is 4 speedup is 0.01
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1179) [sender=3.1.2]
#同步失败,报错结果为权限问题,gang用户的权限不足,gang用户对/var/www/html目录没有写权限
解决:
服务端:192.168.20.104
[root@server104 ~]$ ll /var/www/html/
total 4
-rw-r--r--. 1 root root 4 Jan 16 01:51 index.html
[root@server104 ~]$ setfacl -m user:gang:rwx /var/www/html/
[root@server104 ~]$ ll /var/www/html/
total 4
-rw-r--r--. 1 root root 4 Jan 16 01:51 index.html
[root@server104 ~]$ getfacl /var/www/html/
getfacl: Removing leading '/' from absolute path names
# file: var/www/html/
# owner: root
# group: root
user::rwx
user:gang:rwx
group::r-x
mask::rwx
other::r-x
客户端:
[root@server11 /client/ssh]$ rsync -avz /client/ssh/* gang@192.168.20.104:/var/www/html
gang@192.168.20.104's password:
sending incremental file list
q.txt
w.txt
sent 143 bytes received 53 bytes 56.00 bytes/sec
total size is 4 speedup is 0.02
服务端:
[root@server104 ~]$ ll /var/www/html/
total 4
-rw-r--r--. 1 root root 4 Jan 16 01:51 index.html
-rw-r--r--. 1 gang gang 0 Jan 16 03:15 q.txt
-rw-r--r--. 1 gang gang 0 Jan 16 03:15 w.txt
这次我们将index.html文件修改一下,再尝试一次:
客户端:
[root@server11 /client/ssh]$ rsync -avz /client/ssh/* gang@192.168.20.104:/var/www/html
gang@192.168.20.104's password:
sending incremental file list
e.txt
index.html
sent 169 bytes received 63 bytes 92.80 bytes/sec
total size is 8 speedup is 0.03
服务端:
[root@server104 ~]$ ll /var/www/html/
total 4
-rw-r--r--. 1 gang gang 0 Jan 16 03:34 e.txt
-rw-r--r--. 1 gang gang 8 Jan 16 03:34 index.html
-rw-r--r--. 1 gang gang 0 Jan 16 03:15 q.txt
-rw-r--r--. 1 gang gang 0 Jan 16 03:15 w.txt
[root@server104 ~]$ curl 192.168.20.104
777
888
\#由同步的过程可以看出,可知rsync使用的同步机制是增量备份的机制。
4、基于rsync的同步源
rsync -avz 用户名@服务器地址::共享模块名 /本地目录
rsync -avz rsync://用户名@服务器地址/共享模块名 /本地目录
使用SSH的同步源需要创建用户,对于服务器来说,存在过多的用户不是一件好事。而用基于rsync的同步源则不需要创建用户,指定的用户只需写在配置文件里即可,这样的用户是虚拟用户。
(1)修改配置文件
服务端:192.168.20.104
[root@server104 ~]$ cat /etc/rsyncd.conf
address = 192.168.20.104
port 873
pid file = /var/run/rsyncd.pid
log file = /var/log/rsyncd.log
[share]
comment = soft
path = /gang/rsync #后面要将这个路径创建出来
read only = yes
dont compress = *.gz *.bz2 *.zip
auth users = gang #虚拟用户
secrets file = /etc/rsyncd_users.db
[root@server104 ~]$ cat /etc/rsyncd_users.db
gang:123456 #rsync不支持复杂密码,尽量简单
[root@server104 ~]$ chmod 600 /etc/rsyncd_users.db #/etc/rsyncd_users.db文件权限必须是600
配置xinetd管理rsync
[root@server104 ~]$ cat /etc/xinetd.d/rsync
service rsync
{
disable = yes
flags= IPv6
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
[root@server104 ~]$ rsync --daemon #启动rsync
[root@server104 ~]$ netstat -pantul | grep 873
tcp 0 0 192.168.20.104:873 0.0.0.0:* LISTEN 2057/rsync
[root@server104 ~]$ mkdir -p /gang/rsync
[root@server104 ~]$ cd !$
cd /gang/rsync
[root@server104 /gang/rsync]$ touch rsync.txt
[root@server104 /gang/rsync]$ ls
rsync.txt
[root@server104 /gang/rsync]$ systemctl restart rsyncd
[root@server104 ~]$ systemctl status rsyncd
● rsyncd.service - fast remote file copy program daemon
Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2023-01-16 03:58:37 EST; 851ms ago
Main PID: 1207 (rsync)
CGroup: /system.slice/rsyncd.service
└─1207 /usr/bin/rsync --daemon --no-detach
Jan 16 03:58:37 server104 systemd[1]: Started fast remote file copy program daemon.
Jan 16 03:58:37 server104 systemd[1]: Starting fast remote file copy program daemon...
Jan 16 03:58:37 server104 rsyncd[1207]: params.c:Parameter() - Ignoring badly formed line in c...873
Jan 16 03:58:37 server104 rsyncd[1207]: rsyncd version 3.0.9 starting, listening on port 873
Hint: Some lines were ellipsized, use -l to show in full.
(2)在客户端执行下行同步
客户端:192.168.20.11
[root@server11 ~]$ mkdir /client/rsync
[root@server11 ~]$ cd !$
cd /client/rsync
[root@server11 /client/rsync]$ rsync -avz gang@192.168.20.104::share /client/rsync
Password:
receiving incremental file list
./
rsync.txt
sent 77 bytes received 151 bytes 91.20 bytes/sec
total size is 0 speedup is 0.00
[root@server11 /client/rsync]$ ll
total 0
-rw-r--r-- 1 root root 0 Jan 16 16:53 rsync.txt
测试一下:
服务端:192.168.20.104
[root@server104 ~]$ echo hello > /gang/rsync/rsync.txt
客户端:192.168.20.11
[root@server11 /client/rsync]$ rsync -avz gang@192.168.20.104::share /client/rsync
Password:
receiving incremental file list
rsync.txt
sent 74 bytes received 162 bytes 157.33 bytes/sec
total size is 6 speedup is 0.03
[root@server11 /client/rsync]$ cat rsync.txt
hello
下行同步成功!
(3)执行上行同步
服务端:192.168.20.104
\#在执行上行同步前一定要修改模块权限和ACL权限
[root@server104 ~]$ cat /etc/rsyncd.conf
address = 192.168.20.104
port 873
pid file = /var/run/rsyncd.pid
log file = /var/log/rsyncd.log
[share]
comment = soft
path = /gang/rsync
read only = no #这里要改成no
dont compress = *.gz *.bz2 *.zip
auth users = gang
secrets file = /etc/rsyncd_users.db
[root@server104 ~]$ setfacl -m u:nobody:rwx /gang/rsync/
[root@server104 ~]$ getfacl /gang/rsync/
getfacl: Removing leading '/' from absolute path names
# file: gang/rsync/
# owner: root
# group: root
user::rwx
user:nobody:rwx
group::r-x
mask::rwx
other::r-x
[root@server104 ~]$ pkill rsync #\#关闭rsync
[root@server104 ~]$ rsync --daemon #启动rsync
客户端:192.168.20.11
[root@server11 /client/rsync]$ rsync -avz /client/rsync/* gang@192.168.20.104::share
或者
[root@server11 /client/rsync]$ rsync -avz /client/rsync/* rsync://gang@192.168.20.104/share
Password:
sending incremental file list
zz.txt
sent 104 bytes received 34 bytes 55.20 bytes/sec
total size is 9 speedup is 0.07
客户端查看:
[root@server104 ~]$ ll /gang/rsync/
total 8
-rw-r--r--. 1 root root 6 Jan 16 23:15 rsync.txt
-rw-r--r-- 1 nobody nobody 3 Jan 16 23:50 zz.txt
[root@server104 ~]$ cat /gang/rsync/zz.txt
Cc
上行同步成功!