CentOS (rsync+crond for scheduled backup)

Keywords: rsync socket ssh VPN

;

1, rsync introduction
rsync is called remote synchronization in English. From the name of the software, it can be seen that rsync can make the data between the local and remote hosts copy the synchronous image and remote backup quickly. This function is similar to the scp command with ssh, but it is better than the scp command. * * scp is a full copy every time, while rsync can be an incremental copy. **Of course, rsync can also copy data in full and incremental between different partitions or directories of the local host, which is similar to the cp command. But it is also better than cp command. cp is a full copy every time, and rsync can be an incremental copy.

When synchronizing data, by default, rsync uses its unique "quick check algorithm, which synchronizes only the files or directories whose size or last modification time has changed, of course, it can also synchronize according to the changes of permissions, ownership and other attributes, but it needs to develop corresponding parameters, and even can synchronize only the changed parts of a file, so it can realize fast synchronization of backup data.

rsync - a fast, versatile tool for full and incremental remote (and local) file replication.

rsync listening port: 873

rsync operation mode: C/S

client/server: client/server

2, Advantages and disadvantages of rsync
advantage:
1) It can support incremental backup, socket (daemon) and centralized backup (push and pull are supported, which are all based on the client); socket (daemon) needs encrypted transmission, which can use vpn service or ipsec service.

2) The data can be backed up or restored within the speed limit.

3) Remote SHELL channel mode can also encrypt (SSH) transmission

4) It supports the process mode transmission of anonymous authentication (without system users), and can realize convenient and safe data backup and mirroring

5) Keep all attributes of the original file or directory such as permission, time, soft and hard link, owner, group unchanged - p

6) It can exclude the synchronization of specified files or directories, which is equivalent to the exclusion of the packaging command tar. (–exclude)

Disadvantages:
1) When a large number of small files are backed up synchronously, the time of comparison is longer, sometimes the rsync process stops running or the process is suspended;
resolvent:
a. Resynchronization after packing;
b. drbd (file system synchronous replication block).

2) Synchronization of large files, such as 10G, sometimes causes problems, leading to rsync process interruption. Before complete synchronization, files are hidden, but disk space is occupied (LS al view). Until the synchronization is complete, change the hidden file to a normal file. Moreover, a hidden file is generated for each interrupt.

3, Three working modes of rsync
There are three transport modes of Rsync: local mode, remote mode and daemons.
Local replication mode: similar to cp

rsync [OPTION...] SRC... [DEST]

Tunnel transport mode: similar to scp
Pull: pull

rsync [OPTION...] [USER@]HOST:SRC... [DEST]

Push: push

rsync [OPTION...] SRC... [USER@]HOST:DEST

Daemonic mode: the most common way to transfer data is through the daemonic socket
Pull: pull

rsync [OPTION...] [USER@]HOST::SRC... [DEST]rsync [OPTION...] 
rsync://[USER@]HOST[:PORT]/SRC... [DEST]

Push: push

rsync [OPTION...] SRC... [USER@]HOST::DEST
rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST

Note: push and pull operations are all performed through the rsync client.

4, rsync daemons mode deployment
Environment introduction
Server: 192.168.116.128 centos7.5
Client: 192.168.116.129 centos7.5

Server deployment
1. Verify that the rsync software service exists

rpm -qa rsync
#Install yum -y install rsync

2. Manually configure the rsync software configuration file

[root@localhost ~]# vim /etc/rsyncd.conf
##Global configuration			
uid = root    #user			
gid = root    #User groups			
use chroot = no    #Safety related			
max connections = 200    #Maximum number of links			
timeout = 300    #Timeout			
pid file = /var/run/rsyncd.pid    #Process number file corresponding to the process			
lock file = /var/run/rsync.lock    #Lock file			
log file = /var/log/rsyncd.log    #Log files, displaying error messages

##Module configuration			
[backup]            #Module name			
path = /data      #Module location (path)			
ignore errors       #Ignore bad program			
read only = false    #Read only or not			
list = false        #Can I list			
hosts allow = 192.168.116.0/255.255.255.0  #The range of customers allowed to access rsync server			
#hosts deny = 0.0.0.0/32      #Range of customers who are forbidden to access rsync server			
auth users = rsync_backup    #User that does not exist; only for authentication			
secrets file = /etc/rsync.password  #Set the key file for connection authentication

Note: in the configuration file, there should be no comments or spaces after the lines.

3. Create rsync backup directory / authorize rsync users to manage backup directory; modify backup directory permissions

[root@localhost ~]# mkdir -p /data
[root@localhost ~]# useradd rsync -s /sbin/nologin -M
[root@localhost ~]# chown -R rsync.rsync /data/

4. Create authentication user password file; modify file permissions

[root@localhost ~]# echo "rsync_backup:123456" > /etc/rsync.password
[root@localhost ~]# chmod 600 /etc/rsync.password 

5. Restart the rsync daemons service

systemctl restart rsyncd.service
systemctl enable rsyncd.service

Client Deployment
To create a password file, you only need a password in the client password file. At the same time, the password file permissions are 600

echo "123456">/etc/rsync.password
chmod 600 /etc/rsync.password

Client push file

touch aaa.txt
rsync -avz aaa.txt rsync_backup@192.168.116.128::backup --password-file=/etc/rsync.password

Note: rsync uses port 873 by default. When the firewall is turned on, the port needs to be released.

Client pull file

rsync -avz rsync_backup@192.168.116.128::backup --password-file=/etc/rsync.password /data

See if there are files

[root@localhost ~]# cd /data/
[root@localhost data]# ll
//Total dosage 0
-rw-r--r--. 1 root root 0 4 29 / 18:13 aaa.txt

Posted by christine75 on Fri, 12 Jun 2020 21:00:24 -0700