Centos7下的rsyncd守护进程配置详解
一、服务端配置
1)安装
[root@backup ~]# yum install rsync
[root@backup ~]# rsync --version
rsync version 3.1.2 protocol version 31
....
2)添加配置文件/etc/rsyncd.conf
cp /etc/rsyncd.conf{,.ori}
cat>/etc/rsyncd.conf<<EOF
#rsync config
#created by shnne
#site: https://www.shnne.com
uid = rsync
gid = rsync
use chroot = no
fake super = yes #CentOS7要加,不加会报错,跟参数o(属主)和g(属组)有关
max connections = 20
timeout = 600
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 192.168.238.0/24 #跟下面这条二选一,如果两条都选,配置不生效
#hosts deny = 0.0.0.0/32 #跟上面这条二选一
auth users = rsync_backup
secrets file = /etc/rsync.password
[backup]
comment = backup directory
path = /backup/
EOF
3)创建用户和备份目录
[root@backup ~]# useradd rsync
[root@backup ~]# id rsync
uid=1000(rsync) gid=1000(rsync) groups=1000(rsync)
[root@backup ~]# mkdir -p /backup
[root@backup ~]# chown -R rsync.rsync /backup/
[root@backup ~]# ls -ld /backup/
drwxr-xr-x 2 rsync rsync 6 Jan 14 09:36 /backup/
4)启动和检查
CentOS 6及以前启动方式
rsync --daemon
CentOS 7启动方式
systemctl start rsyncd
systemctl enable rsyncd
systemctl status rsyncd
[root@backup ~]# ps -ef|grep sync|grep -v grep #检查进程
root 1263 1 0 09:26 ? 00:00:00 /usr/bin/rsync --daemon --no-detach
[root@backup ~]# netstat -lntup|grep 873 #检查端口方式1
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 1263/rsync
tcp6 0 0 :::873 :::* LISTEN 1263/rsync
[root@backup ~]# ss -lntup|grep 873 #检查端口方式2
tcp LISTEN 0 5 *:873 *:* users:(("rsync",pid=1263,fd=3))
tcp LISTEN 0 5 [::]:873 [::]:* users:(("rsync",pid=1263,fd=5))
[root@backup ~]# lsof -i :873 #检查端口方式3
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rsync 1263 root 3u IPv4 22383 0t0 TCP *:rsync (LISTEN)
rsync 1263 root 5u IPv6 22384 0t0 TCP *:rsync (LISTEN)
4)配置密码文件
[root@backup ~]# echo "rsync_backup:shnne" > /etc/rsync.password
[root@backup ~]# chmod 600 /etc/rsync.password
[root@backup ~]# cat /etc/rsync.password
rsync_backup:shnne
[root@backup ~]# ls -l /etc/rsync.password
-rw------- 1 root root 19 Jan 14 10:12 /etc/rsync.password
Rsync服务端到此配置完成。
_________________________________________________________________
二、客户端配置
以下方法2选1
方法1:认证密码文件
[root@nfs ~]# echo "shnne" > /etc/rsync.password
[root@nfs ~]# chmod 600 /etc/rsync.password
[root@nfs ~]# cat /etc/rsync.password
shnne
[root@nfs ~]# ls -l /etc/rsync.password
-rw------- 1 root root 6 Jan 14 10:16 /etc/rsync.password
方法2:
[root@nfs ~]# echo ' export RSYNC_PASSWORD=shnne' >>/etc/bashrc
[root@nfs ~]# tail -1 /etc/bashrc
export RSYNC_PASSWORD=shnne
[root@nfs ~]# . /etc/bashrc
[root@nfs ~]# echo $RSYNC_PASSWORD
shnne
Rsync客户端到此配置完成。
_________________________________________________________________
三、守护进程模式下客户端rsync的命令语法:
pull(拉):从远端拉取到本地。
语法1(常用):
rsync [OPTION...] [USER@]HOST::SRC... [DEST]
rsync命令 参数选项 [虚拟用户]@[主机地址]::[模块名] 本地路径
语法2:
rsync [OPTION...] rsync://[USER@]HOST::SRC... [DEST]
rsync命令 参数选项 rsync://[虚拟用户]@[主机地址]/[模块名] 本地路径
push(推):从本地推到远端。
语法1(常用):
rsync [OPTION...] [DEST] [USER@]HOST::SRC...
rsync命令 参数选项 本地路径 [虚拟用户]@[主机地址]::[模块名]
语法2:
rsync [OPTION...] [DEST] rsync://[USER@]HOST::SRC...
rsync命令 参数选项 本地路径 rsync://[虚拟用户]@[主机地址]/[模块名]
测试过程中出现的问题:
错误1:
[root@nfs ~]# rsync -avz /etc/hosts rsync_backup@192.168.238.102::backup --password-file=/etc/rsync.password
@ERROR: invalid uid rsync
rsync error: error starting client-server protocol (code 5) at main.c(1648) [sender=3.1.2]
*原因:无效的rsync用户,服务端应该是没有添加这个用户导致
*解决办法:需要在服务端backup机器上添加rsync用户,并确认是否创建了backup目录,且backup目录要授权rsync用户和用户组
[root@backup ~]# useradd rsync
[root@backup ~]# id rsync
[root@backup ~]# mkdir -p /backup
[root@backup ~]# chown -R rsync.rsync /backup/
[root@backup ~]# ls -ld /backup/
drwxr-xr-x 2 rsync rsync 6 Jan 14 09:36 /backup/
错误2:
[root@nfs ~]# rsync -avz /etc/hosts rsync_backup@192.168.238.102::backup --password-file=/etc/rsync.password
sending incremental file list
hosts
rsync: chgrp "/.hosts.pRQZvk" (in backup) failed: Operation not permitted (1)
sent 186 bytes received 125 bytes 207.33 bytes/sec
total size is 242 speedup is 0.78
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1179) [sender=3.1.2]
*原因:因为命令参数a里面包含保持o(属主)和g(属组)的参数,执行命令的时候可以不加就不报错,如果要使用a参数就需要在配置文件里加个配置
*解决办法:在服务端backup机器下增加如下配置到/etc/rsyncd.conf
fake super = yes #不用root用户也可以存储文件的完整属性。
This allows the full attributes of a file to be stored without having to have the daemon actually running as root.
[root@backup ~]# grep fake /etc/rsyncd.conf
fake super = yes
[root@backup ~]# systemctl restart rsyncd #改完配置要重启服务
错误3:
[root@nfs ~]# rsync -avz /etc/hosts rsync_backup@192.168.238.102::backup --password-file=/etc/rsync.password
rsync: failed to connect to 192.168.238.102 (192.168.238.102): No route to host (113)
rsync error: error in socket IO (code 10) at clientserver.c(125) [sender=3.1.2]
*解决办法:防火墙firewall没有放行873端口
firewall-cmd --permanent --zone=public --add-port=873/tcp
firewall-cmd --reload
再次测试,客户端执行如下:
对文件操作
[root@nfs ~]# rsync -avz /etc/hosts rsync_backup@192.168.238.102::backup --password-file=/etc/rsync.password
sending incremental file list
hosts
sent 186 bytes received 43 bytes 458.00 bytes/sec
total size is 242 speedup is 1.06
对目录操作,其中/etc和/etc/是不一样的,/etc代表etc目录及里面的文件,而/etc/只代表里面的内容(rsync特有情况)
rsync -avz /etc rsync_backup@192.168.238.102::backup --password-file=/etc/rsync.password
服务端检查:
[root@backup ~]# ls /backup/
hosts
[root@backup ~]# ls /backup/
etc hosts
如果客户端按照环境变量的方式配置,则可以忽略--password-file=/etc/rsync.password参数。
[root@nfs ~]# rsync -avz /etc rsync_backup@192.168.238.102::backup
sending incremental file list
sent 53,878 bytes received 645 bytes 36,348.67 bytes/sec
total size is 28,376,405 speedup is 520.45
测试增量
[root@nfs ~]# touch /etc/shnne.txt
[root@nfs ~]# rsync -avz /etc rsync_backup@192.168.238.102::backup
sending incremental file list
etc/
etc/shnne.txt
sent 53,934 bytes received 651 bytes 109,170.00 bytes/sec
total size is 28,376,405 speedup is 519.86
Rsync整个过程全部完成下一篇 >>
网友留言(0 条)