综合架构 -- 备份服务器

Rsync Server

安装软件：

[root@backup ~]# dnf install rsync-daemon
Repository AppStream is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository PowerTools is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
Last metadata expiration check: -1 day, 19:22:57 ago on Tue 08 Sep 2020 06:37:35 PM CST.
Dependencies resolved.
==================================================================================================================================================
 Package                               Arch                            Version                                Repository                     Size
==================================================================================================================================================
Installing:
 rsync-daemon                          noarch                          3.1.3-7.el8                            base                           42 k
Installing dependencies:
 rsync                                 x86_64                          3.1.3-7.el8                            base                          404 k

Transaction Summary
==================================================================================================================================================
Install  2 Packages

Total download size: 446 k
Installed size: 836 k
Is this ok [y/N]: 

编写配置文件：

[root@backup ~]# cp /etc/rsyncd.conf{,.bak}
[root@backup ~]# vi /etc/rsyncd.conf
[root@backup ~]# cat /etc/rsyncd.conf
# /etc/rsyncd: configuration file for rsync daemon mode
# See rsyncd.conf man page for more options.

uid = rsync
gid = rsync
port = 873
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
hosts allow = 192.168.1.0/24
auth users = rsync_backup
secrets file = /etc/rsyncd.password
# Each client server own a backup dir (or module)
[nfs01]
comment = "nfs01 server backup dir"
path = /backup/nfs01
# [nfs02]
# comment = "nfs02 server backup dir"
# path = /backup/nfs02

[root@backup ~]#

创建虚拟用户：

[root@backup ~]# useradd rsync -M -s /sbin/nologin
[root@backup ~]# id rsync
uid=1001(rsync) gid=1001(rsync) groups=1001(rsync)
[root@backup ~]# 

配置密码文件：

[root@backup ~]# echo "rsync_backup:abcd1234.." > /etc/rsyncd.password
[root@backup ~]# cat /etc/rsyncd.password 
rsync:abcd1234..
[root@backup ~]# chmod 600 /etc/rsyncd.password 
[root@backup ~]# ll /etc/rsyncd.password 
-rw-------. 1 root root 17 Sep  8 14:11 /etc/rsyncd.password
[root@backup ~]# 

配置备份目录：

[root@backup ~]# mkdir /backup/nfs01 -p
[root@backup ~]# chown -R rsync.rsync /backup
[root@backup ~]# ll -d /backup
drwxr-xr-x. 3 rsync rsync 19 Sep  8 14:13 /backup
[root@backup ~]# 

配置防火墙：

[root@backup ~]# firewall-cmd --zone=public --permanent --add-service=rsyncd
success
[root@backup ~]# firewall-cmd --reload
success
[root@backup ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160 ens192
  sources: 
  services: cockpit dhcpv6-client rsyncd ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
	
[root@backup ~]# 

配置SELinux：

[root@backup ~]# getsebool -a | grep rsync
postgresql_can_rsync --> off
rsync_anon_write --> off
rsync_client --> off
rsync_export_all_ro --> off
rsync_full_access --> off
[root@backup ~]# setsebool -P rsync_full_access=1
[root@backup ~]# getsebool -a | grep rsync
postgresql_can_rsync --> off
rsync_anon_write --> off
rsync_client --> off
rsync_export_all_ro --> off
rsync_full_access --> on
[root@backup ~]# 

启动程序：

[root@backup ~]# systemctl start rsyncd
[root@backup ~]# systemctl enable rsyncd
Created symlink /etc/systemd/system/multi-user.target.wants/rsyncd.service → /usr/lib/systemd/system/rsyncd.service.
[root@backup ~]# systemctl status rsyncd
● rsyncd.service - fast remote file copy program daemon
   Loaded: loaded (/usr/lib/systemd/system/rsyncd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-09-08 14:14:03 CST; 15s ago
 Main PID: 1905 (rsync)
    Tasks: 1 (limit: 4912)
   Memory: 284.0K
   CGroup: /system.slice/rsyncd.service
           └─1905 /usr/bin/rsync --daemon --no-detach

Sep 08 14:14:03 backup systemd[1]: Started fast remote file copy program daemon.
[root@backup ~]# 

Lsyncd Client

安装软件：

[root@nfs01 ~]# dnf install lsyncd
Repository AppStream is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository PowerTools is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
Last metadata expiration check: -1 day, 19:42:31 ago on Tue 08 Sep 2020 06:37:35 PM CST.
Dependencies resolved.
==================================================================================================================================================
 Package                                 Arch                           Version                                Repository                    Size
==================================================================================================================================================
Installing:
 lsyncd                                  x86_64                         2.2.2-9.el8                            epel                          86 k
Installing dependencies:
 rsync                                   x86_64                         3.1.3-7.el8                            base                         404 k
 compat-lua                              x86_64                         5.1.5-15.el8                           epel                          77 k
 compat-lua-libs                         x86_64                         5.1.5-15.el8                           epel                         167 k

Transaction Summary
==================================================================================================================================================
Install  4 Packages

Total download size: 734 k
Installed size: 1.6 M
Is this ok [y/N]: 

编写配置文件：

[root@nfs01 ~]# cp /etc/lsyncd.conf{,.bak}
[root@nfs01 ~]# vi /etc/lsyncd.conf
[root@nfs01 ~]# cat /etc/lsyncd.conf
settings {
   logfile    = "/var/log/lsyncd/lsyncd.log",
   statusFile = "/var/log/lsyncd/lsyncd-status.log",
   statusInterval = 20,
   nodaemon   = true,
}

sync {
   default.rsync,
   source = "/data",
   target = "rsync_backup@backup::nfs01",
   delay  = 10,
   rsync = {
      binary = "/usr/bin/rsync",
      archive = true,
      compress = true,
      password_file = "/etc/rsyncd.password"
   }
}

[root@nfs01 ~]# 

配置密码文件：

[root@nfs01 ~]# echo "abcd1234.." > /etc/rsyncd.password
[root@nfs01 ~]# cat /etc/rsyncd.password 
abcd1234..
[root@nfs01 ~]# chmod 600 /etc/rsyncd.password 
[root@nfs01 ~]# ll /etc/rsyncd.password 
-rw-------. 1 root root 11 Sep  8 14:24 /etc/rsyncd.password
[root@nfs01 ~]# 

创建目录：

[root@nfs01 ~]# mkdir /data
[root@nfs01 ~]# 

启动服务程序：

[root@nfs01 ~]# systemctl enable lsyncd
Created symlink /etc/systemd/system/multi-user.target.wants/lsyncd.service → /usr/lib/systemd/system/lsyncd.service.
[root@nfs01 ~]# systemctl start lsyncd
[root@nfs01 ~]# systemctl status lsyncd
● lsyncd.service - Live Syncing (Mirror) Daemon
   Loaded: loaded (/usr/lib/systemd/system/lsyncd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-09-08 15:29:37 CST; 5s ago
 Main PID: 25201 (lsyncd)
    Tasks: 1 (limit: 4912)
   Memory: 1.0M
   CGroup: /system.slice/lsyncd.service
           └─25201 /usr/bin/lsyncd -nodaemon /etc/lsyncd.conf

Sep 08 15:29:37 nfs01 systemd[1]: Started Live Syncing (Mirror) Daemon.
[root@nfs01 ~]# 

测试：

[root@nfs01 ~]# echo "Today is good day" > /data/test
[root@nfs01 ~]# 

[root@backup ~]# tree /backup/
/backup/
└── nfs01
    └── test

1 directory, 1 file
[root@backup ~]# cat /backup/nfs01/test 
Today is good day
[root@backup ~]#