Prior to the "SSH Trust and SCP automatic transfer Script" Technical document, this scenario is the way to backup in the company, but in the actual operation, because the primary server to the backup server transmission, our primary server needs to back up the files are real-time, non-stop production, Cause do not know how many files the primary server transmits to the backup server, disk space is so large, do backup reason: one is to maintain the file, the other is to solve the primary server disk full problem, but because do not know the backup server exactly how many files received, So the file in the main server dare not delete (if there is no backup in the case of deletion, the problem is serious, I this is the government project, the server files are important, delete the wrong to leave ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ INotify way to real-time simultaneous server files, and the transmission process is encrypted, more than the SCP security (even if the SCP with SSH Trust, with the key, is not foolproof).
The following is I to the company to do the backup technical documents, to share with you, hope to help.
First of all, the introduction of Rsync and INotify, are found on the Internet information. First of all, the following rsync and inotify introduction is not my own writing.
1, rsync
Compared with the traditional CP and tar backup methods, Rsync has the advantages of high security, fast backup, support incremental backup, etc., through rsync can solve the real-time requirements of the data backup, such as regular backup file server data to the remote server, the local disk regularly do data mirroring.
With the expansion of the application system, the security and reliability of the data also put forward better requirements, rsync in high-end business system also gradually exposed a lot of deficiencies, first, rsync synchronized data, need to scan all files after the comparison, to carry out the differential transmission. If the number of files reaches millions or even millions of levels, scanning all files will be time-consuming. And what is changing is often a small part of it, which is a very inefficient way. Second, rsync can not real-time monitoring, synchronization of data, although it could be triggered by the Linux daemon process synchronization, but the two trigger action must have a time difference, which leads to server and client data may be inconsistent, not in the application of the failure to fully recover data. Based on the above reasons, the rsync+inotify combination appears!
2, INotify
Inotify is a powerful, fine-grained, asynchronous file system event monitoring mechanism, the Linux kernel from 2.6.13, joined the Inotify support, through the Inotify can monitor the file system to add, delete, modify, move and so on a variety of subtle events, using this kernel interface, Third-party software can monitor the file system under the various changes in files, and inotify-tools is such a third-party software.
In the above section, we mentioned that rsync can implement trigger-type file synchronization, but the crontab daemon way of triggering, synchronized data and actual data will be different, and inotify can monitor the various changes in the file system, when the file has any changes, will trigger rsync synchronization, This just solves the problem of real-time synchronization data.
Specific people can refer to http://www.ibm.com/developerworks/cn/linux/l-ubuntu-inotify/index.html to learn.
Next we start with the installation, configuration, and testing of rsync and inotify.
The following is the structure of 2 servers, host name, IP, status, kernel, number of digits, synchronized directory, and 2 servers are redhat5.4 distributions.
First, the main server (server side, I am here is Nginx)
Where the primary server needs to install Rsync and inotify, the primary server as the server, transfer files to the backup server client
1. Install rsync
[Root@nginx ~]# cd/usr/src/ [root@nginx src]# ll Total drwxr-xr-x 2 root 4096 Rwxr-xr-x 2 root root 4096 a kernels [Root@nginx src]# wget. 9.tar.gz [Root@nginx src]# tar zxvf rsync-3.0.9.tar.gz [root@nginx src]# cd rsync-3.0.9 [Root@nginx rsync-3.0.9]#./configure--prefix=/usr/local/rsync [Root@nginx rsync-3.0.9]# make
2, the establishment of password certification documents
Where rsync-pwd can set their own password, rsync.passwd name can also set their own
The password file requires 600 permissions, whether for security or to avoid the following errors
3. Installation INotify
[Root@nginx rsync]# cd/usr/src/ [Root@nginx src]# wget inotify-tools/inotify-tools-3.14.tar.gz [Root@nginx src]# tar zxvf inotify-tools-3.14.tar.gz [Root@nginx src]# CD inotify-tools-3.14 [Root@nginx inotify-tools-3.14]#./configure--prefix=/usr/local/inotify [ Root@nginx inotify-tools-3.14]# make [Root@nginx inotify-tools-3.14]# make install
4. Create rsync Replication Scripts
This feature is primarily the server-side directory/TMP content, if modified (whether add, modify, delete files) can be monitored through the inotify, and through rsync real-time synchronization to the client's/TMP, the following is implemented through the shell script.
#!/bin/bash
host=192.168.10.221
src=/tmp/
des=web
user=webuser
/usr/local/inotify/bin/ Inotifywait-mrq--timefmt '%d/%m/%y%h:%m '--format '%T%w%f%e '-e modify,delete,create,attrib $src \
| while read fi Les
do
/usr/bin/rsync-vzrtopg--delete--progress--password-file=/usr/local/rsync/rsync.passwd $src $user @ $host:: $des
echo "${files} is rsynced" >>/tmp/rsync.log 2>&1
Done
Note: After the 1 floor tip, I found that if you put the Rsync.log into TMP (backup directory) or send the question that has been replicated, so I suggest you go to Rsync's log in other directory (not backup directory).
Where host is the client's ip,src is the server side to real-time monitoring of the directory, DES is a certified module name, need to be consistent with the client, user is the establishment of password files in the Authenticated users.
Name the script rsync.sh, put it in the Monitor directory, like mine, put it under/tmp, and give 764 privileges.
[Root@nginx tmp]# chmod 764 rsync.sh
And then run this script
[Root@nginx tmp]# sh/tmp/rsync.sh &
Keep in mind that if you start the rsync.sh script after you have installed and started rsync on the client side of the backup server, it will sometimes appear full screen:
rsync:failed to connect to 192.168.10.221:connection refused (111)
Rsync error:error in Socket IO (code ten) at CLIENTSERVER.C [sender=2.6.8]
We can also add the rsync.sh script to the boot entry.
[Root@nginx tmp]# echo "/tmp/rsync.sh" >>/etc/rc.local II, Backup server (client, I'm here for Nginx-backup)
1, install rsync (Backup server only install rsync)
[Root@nginx-backup ~]# cd/usr/src/ [root@nginx-backup src]# ll Total drwxr-xr-x 2 root 4096 out of 26 20 2 Debug drwxr-xr-x root 4096 kernels [root@nginx-backup src]# wget http://rsync.samba.org/ftp/ rsync/src/rsync-3.0.9.tar.gz [root@nginx-backup src]# tar zxvf rsync-3.0.9.tar.gz [Root@nginx-backup src]# CD rsync-3.0.9 [root@nginx-backup rsync-3.0.9]#./configure--prefix=/usr/local/rsync [root@nginx-backup rsync-3.0.9]# make
2, the establishment of user and password certification documents
[Root@nginx-backup rsync-3.0.9]# echo "Webuser:rsync-pwd" >/USR/LOCAL/RSYNC/RSYNC.PASSWD
Keep in mind that the password file created on the server side has only a password, no username, and a password file that is created in the backup server client with the username and password.
[Root@nginx-backup rsync]# chmod rsync.passwd need to give password file 600 permissions
3, set up the rsync configuration file
UID = root gid = root use chroot = no max connections = Ten Strict modes = yes pid file =/var/run/rsyn Cd.pid Lock file =/var/run/rsync.lock log file =/var/log/rsyncd.log [web] path =/tmp/ comment = Web file Ignore errors Read Only = no write only = no hosts allow = 192.168.10.220 hosts deny = * list = False uid = root gid = root auth users = WebUser
Where the web is the server service side of the authentication module name, need to be consistent with the main server, above the configuration of my own server configuration for reference.
Name the configuration file rsync.conf and put it in the/usr/local/rsync/directory.
Start rsync
[Root@nginx-backup rsync]#/usr/local/rsync/bin/rsync--daemon--config=/usr/local/rsync/rsync.conf
If the following problems occur:
/usr/local/rsync/bin/rsync:error while loading shared libraries:libiconv.so.2:cannot open shared object file:no such F Ile or directory,
The following methods can be used to resolve
Locate the directory where you want the module, add the directory to/etc/ld.so.conf, and update the library file
We can add the rsync script to the boot entry.
Now that rsync and inotify are installed on the server side, Rsync is also installed on the client side of the backup server
The following is the server-side TMP file situation
The following is the file condition for client-side TMP
Let's take a test and create a Test-rsync file in the server to see if the client can receive
To see if the client side has a Test-rsync file, and whether the client-side TMP directory file is exactly the same as the server-side file
You can see that on the client side, you have received the Test-rsync file, and the files in client tmp are exactly the same as the files in server TMP and the number of files is identical.
Now the construction and configuration of rsync and INotify are completed, and the real-time synchronization of server direct data is realized. You can configure it according to your own needs.
BTW: In Rsync+inotify This backup method, our company has encountered a problem, that is, the main service has synchronized the data to the standby service, but the primary server disk is full, you need to delete the files that have been backed up, but at the same time in the backup server to keep the files in the main server, That is, the main server to delete files, the backup server does not follow the deletion of files, I looked at a lot of English documents, tested many times, and finally found a solution, that is, in the main server, The problem can be solved by removing the--delete parameter from the 9th line of the rsync.sh script.
This article comes from "Yin-technology Exchange" blog
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
