服務器於備份目錄準備
- 源服務器(客戶端):
10.251.172.87
源目錄:/home/user1/data_source/ - 目標服務器(服務端):
10.210.11.236
備份目錄:/home/user1/data_backup/
Rsync安裝與配置
目標服務器端Rsync安裝與配置
一、 關閉SELINUX
(1) 注釋掉SELINUXTYPE=targeted
[user1@server236 selinux]$ sudo vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
(2) 立即生效
[user1@server236 selinux]setenforce 0
二、 開啟防火墻tcp 873端口
方式一:命令行開放(推薦)
[user1@localhost ~]$ firewall-cmd --zone=public --add-port=873/tcp --permanent
方式二:命令行開放(推薦)修改防火墻配置文件
[user1@localhost ~]$ sudo vim /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 873 -j ACCEPT
[user1@localhost ~]$ /etc/init.d/iptables restart
三、 安裝Rsync服務端軟件
(1)安裝
[user1@localhost ~]$ sudo yum install rsync -y
(2)設置開機自啟動
[user1@localhost ~]$ sudo vim /etc/xinetd.d/rsync
disable = no
(3)啟動
[user1@localhost ~]$ sudo /etc/init.d/xinetd start
四、 創建rsyncd.conf配置文件
[user1@localhost ~]$ sudo vim /etc/rsyncd.conf
# /etc/rsyncd: configuration file for rsync daemon mode
port = 873
log file = /var/log/rsyncd.log
pid file = /run/rsyncd.pid
lock file = /run/rsync.lock
# [web]是模塊名,同步命令中會用到
[web]
comment = test rsync backup
path = /home/user1/data_backup/
read only = no
dont compress = *.gz *.bz2
auth users = user1
secrets file = /etc/rsyncd_users.db
# 如果要同步備份到多台服務器,用逗號隔開即可
host allow =10.251.172.87
host deny = 0.0.0.0/32
# 如果配置了軟連接,需要將use chroot=yes
use chroot = yes
# See rsyncd.conf man page for more options.
# configuration example:
# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
五、 創建用戶認證文件
[user1@server236 etc]$ sudo vim /etc/ rsyncd_users.db
user1:123456
六、 設置rsyncd.conf和認證文件權限
[user1@server236 etc] $ sudo chmod 600 /etc/rsyncd.conf
[user1@server236 etc] $ sudo chmod 600 /etc/ rsyncd_users.db
七、 設置備份目錄屬主和屬組為nobody
[user1@server236 etc] $ sudo chown nobody:nobody /home/user1/data_backup
八、 啟動rsync
[user1@server236 etc] $ sudo rsync --daemon --config=/etc/rsyncd.conf
##查看rsync服務狀態
[user1@server236 etc] $ sudo lsof -i tcp:873
源服務器Rsync安裝與配置
一、 關閉SELINUX
(1) 注釋掉SELINUXTYPE=targeted
[user1@server236 selinux]$ sudo vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
(2) 立即生效
[user1@server236 selinux]setenforce 0
二、 開啟防火墻tcp 873端口
方式一:命令行開放(推薦)
[user1@localhost ~]$ firewall-cmd --zone=public --add-port=873/tcp --permanent
方式二:命令行開放(推薦)修改防火墻配置文件
[user1@localhost ~]$ sudo vim /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 873 -j ACCEPT
[user1@localhost ~]$ /etc/init.d/iptables restart
三、 安裝Rsync服務端軟件
(1)安裝
[user1@localhost ~]$ sudo yum install rsync -y
(2)設置開機自啟動
[user1@localhost ~]$ sudo vim /etc/xinetd.d/rsync
disable = no
(3)啟動
[user1@localhost ~]$ sudo /etc/init.d/xinetd start
四、 創建密碼文件,方便原服務器讀取
[user1@localhost ~]$ sudo vim /etc/rsyncd_users.txt
123456
五、 設置密碼文件權限
[user1@localhost ~]$ sudo chmod 600 /etc/rsyncd_users.txt
六、 啟動rsync
[user1@server236 etc] $ sudo rsync --daemon --config=/etc/rsyncd.conf
##查看rsync服務狀態
[user1@server236 etc] $ sudo lsof -i tcp:873
測試增量備份效果
在源服務器輸入命令
[user1@server236 etc] $ sudo rsync -avH --port=873 --progress --delete /home/user1/data_source/ user1@10.210.11.236::web --password-file=/etc/rsyncd_users.txt
Inotify安裝與配置
一、 確認服務器內核是否滿足要求,出現下述內容則滿足
[user1@localhost ~]$ ll /proc/sys/fs/inotify
-rw-r--r-- 1 root root 0 2月 21 14:11 max_queued_events
-rw-r--r-- 1 root root 0 2月 21 14:12 max_user_instances
-rw-r--r-- 1 root root 0 2月 21 14:12 max_user_watches
二、 安裝inotify-tools
(1)準備gcc,gcc++編譯環境
沒有c,c++編譯環境後續會報錯
[user1@localhost ~]$ sudo yum install make gcc gcc-gcc++
(2)上傳到/usr/local/src目錄下並解壓
[user1@localhost ~]$ tar –zxvf inotify-tools-3.13.tar.gz
(3)配置、編譯、安裝
[user1@localhost ~]$ cd / inotify-tools-3.13
[user1@localhost ~]$ ./configure –prefix=/usr/local/inotify
[user1@localhost ~]$ make
[user1@localhost ~]$ make install
三、 設置系統環境變量和軟連接
(1)在/etc/profile中添加inotify的path變量
[user1@localhost ~]$sudo vim /etc/profile
export PATH=$JAVA_HOME/bin:$MAVEN_HOME/bin:/usr/local/inotify/bin:$PATH
(2)輸出環境變量到執行腳本
[user1@localhost ~]$ echo “PATH=/usr/local/inotify/bin:$PATH”>>/etc/profile.d/inotify.sh
[user1@localhost ~]$ source /etc/profile.d/inotify.sh
(3)添加軟連接(軟連接是啥)
[user1@localhost ~]$ sudo ln –s /usr/local/inotify/include /usr/include/inotify
四、 修改inotify默認參數(inotify默認內核參數值調小)
(1)查看系統默認參數值
[user1@localhost ~]$ sudo sysctl -a | grep max_queued_events
fs.inotify.max_queued_events = 16384
[user1@localhost ~]$ sudo sysctl -a | grep max_user_watches
fs.inotify.max_user_watches = 8192
[user1@localhost ~]$ sudo sysctl -a | grep max_user_instances
fs.inotify.max_user_instances = 128
(2)修改系統默認參數值
# inotify隊列最大長度,如果值太小,會出現隊列溢出
[user1@localhost ~]$ sudo sysctl -w fs.inotify.max_queued_events = “99999999”
# 文件最大同步目錄數
[user1@localhost ~]$ sudo sysctl -w fs.inotify.max_user_watches = “99999999”
# 每個用戶創建inotify實例的最大值
[user1@localhost ~]$ sudo sysctl -w fs.inotify.max_user_instances = “65535”
五、 創建腳本,實時觸發rsync進行同步
[user1@localhost ~]$ sudo vim /usr/local/inotify/rsync.sh
#!/bin/bash
srcdir=/home/user1/data_source/
dstdir=web
rsyncuser=user1
rsyncpassdir=/etc/rsyncd_users.txt
# 如果備份到多個目錄,引號內用逗號開即可
dstip="10.210.11.236"
for ip in $dstip
do
rsync -avH --port=873 --progress --delete $srcdir $rsyncuser@$ip::$dstdir --password-file=$rsyncpassdir
done
/usr/local/inotify/bin/inotifywait -mrq --timefmt '%d%m%y %H:%M' --format '%T %w%f%e' -e close_write,modify,delete,create,attrib,move $srcdir | while read file
do
for ip in $dstip
do
rsync -avH --port=873 --progress --delete $srcdir $rsyncuser@$ip::$dstdir --password-file=$rsyncpassdir
echo "${file} was rsynced" >> /tmp/rsync.log 2>&1
done
done
六、 添加腳本執行權限
[user1@localhost ~]$ sudo chmod +x /usr/local/inotify/rsync.sh
七、 設置腳本開機自啟動
(1)在rc.local最後一行添加命令
[user1@localhost ~]$ sudo vim /etc/rc.d/rc.local
#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
touch /var/lock/subsys/local
sh /usr/local/inotify/rsync.sh &
(2)不想重啟服務器的話可以手動執行一下rsync.sh腳本
[user1@localhost ~]$ sudo /usr/local/inotify/rsync.sh