rsync+crond for scheduled backup

Keywords: rsync socket ssh firewall

rsync introduction

rsync is called remote synchronization in English. From the name of the software, it can be seen that rsync can make the data between the local and remote hosts copy the synchronous image and remote backup quickly. This function is similar to the scp command with ssh, but it is better than the scp command. * * scp is a full copy every time, while rsync can be an incremental copy. **Of course, rsync can also copy data in full and incremental between different partitions or directories of the local host, which is similar to the cp command. But it is also better than cp command. cp is a full copy every time, and rsync can be an incremental copy.
When synchronizing data, by default, rsync uses its unique "quick check algorithm, which synchronizes only the files or directories whose size or last modification time has changed, of course, it can also synchronize according to the changes of permissions, ownership and other attributes, but it needs to develop corresponding parameters, and even can synchronize only the changed parts of a file, so it can realize fast synchronization of backup data.
rsync - a fast, versatile tool for full and incremental remote (and local) file replication.
rsync listening port: 873
rsync operation mode: C/S
client/server: client/server

Advantages and disadvantages of rsync

advantage:
1) It can support incremental backup, socket (daemon) and centralized backup (push and pull are supported, which are all based on the client); socket (daemon) needs encrypted transmission, which can use vpn service or ipsec service.
2) The data can be backed up or restored within the speed limit.
3) Remote SHELL channel mode can also encrypt (SSH) transmission
4) It supports the process mode transmission of anonymous authentication (without system users), and can realize convenient and safe data backup and mirroring
5) Keep all attributes of the original file or directory such as permission, time, soft and hard link, owner, group unchanged - p
6) It can exclude the synchronization of specified files or directories, which is equivalent to the exclusion of the packaging command tar. (–exclude)
Disadvantages:
1) When a large number of small files are backed up synchronously, the time of comparison is longer, sometimes the rsync process stops running or the process is suspended;
resolvent:
a. Resynchronization after packing;
b. drbd (file system synchronous replication block).
2) Synchronization of large files, such as 10G, sometimes causes problems, leading to rsync process interruption. Before complete synchronization, files are hidden, but disk space is occupied (LS al view). Until the synchronization is complete, change the hidden file to a normal file. Moreover, a hidden file is generated for each interrupt.

Three working modes of rsync

There are three transport modes of Rsync: local mode, remote mode and daemons.

Local replication mode: similar to cp

rsync [OPTION...] SRC... [DEST]

Tunnel transport mode: similar to scp
Pull: pull

rsync [OPTION...] [USER@]HOST:SRC... [DEST]

Push: push

rsync [OPTION...] SRC... [USER@]HOST:DEST

Daemonic mode: the most common way to transfer data is through the daemonic socket
Pull: pull

rsync [OPTION...] [USER@]HOST::SRC... [DEST]
rsync [OPTION...] rsync://[USER@]HOST[:PORT]/SRC... [DEST]

Push: push

rsync [OPTION...] SRC... [USER@]HOST::DEST
rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST

Note: push and pull operations are all performed through the rsync client.

rsync daemons mode deployment

Environmental Science:
centos7
192.168.100.128 rsync server
192.168.100.129 rsync client
Turn off the firewall and selinux first

systemctl stop firewalld
setenforce 0

Install rsync

[root@128 ~]# yum -y install rsync

Manually configure the rsync software configuration file

[root@128 ~]# vim /etc/rsyncd.conf
##Global configuration			
uid = root    #user			
gid = root    #User groups			
use chroot = no    #Safety related			
max connections = 200    #Maximum number of links			
timeout = 300    #Timeout			
pid file = /var/run/rsyncd.pid    #Process number file corresponding to the process			
lock file = /var/run/rsync.lock    #Lock file			
log file = /var/log/rsyncd.log    #Log files, displaying error messages

##Module configuration			
[backup]            #Module name			
path = /data      #Module location (path)			
ignore errors       #Ignore bad program			
read only = false    #Read only or not			
list = false        #Can I list			
hosts allow = 192.168.100.0/255.255.255.0  #The range of customers allowed to access rsync server			
#hosts deny = 0.0.0.0/32      #Range of customers who are forbidden to access rsync server			
auth users = rsync_backup    #User that does not exist; only for authentication			
secrets file = /etc/rsync.password  #Set the key file for connection authentication

Create rsync backup directory and modify the permission of backup directory

[root@128 ~]# mkdir -p /data
[root@128 ~]# useradd rsync -s /sbin/nologin -M
[root@128 ~]# chown -R rsync.rsync /data/

Create authentication user password file; modify file permissions

[root@128 ~]# echo "rsync_backup:123456" >/etc/rsync.password
[root@128 ~]# chmod 600 /etc/rsync.password

Restart the rsync daemons service

[root@128 ~]# systemctl restart rsyncd
[root@128 ~]# systemctl enable rsyncd

Client Deployment

Install rsync

[root@129 ~]# yum -y install rsync

To create a password file, you only need a password in the client password file. At the same time, the password file permissions are 600

[root@129 ~]# echo "123456">/etc/rsync.password
[root@129 ~]# chmod 600 /etc/rsync.password

Client test push file

[root@129 ~]# touch aaa.txt
[root@129 ~]# rsync -avz aaa.txt rsync_backup@192.168.100.128::backup --password-file=/etc/rsync.password

Note: rsync uses port 873 by default. When the firewall is turned on, the port needs to be released.
Client pull file

[root@129 ~]# rsync -avz rsync_backup@192.168.100.128::backup --password-file=/etc/rsync.password /data

See if there are files

[root@129 ~]# cd /data/
[root@129 data]# ll
//Total dosage 0
-rw-r--r--. 1 root root 0 6 December 13:04 aaa.txt

Posted by vivianp79 on Fri, 12 Jun 2020 22:03:41 -0700