Simple configuration and implementation of Rsync

RSYSNC Mode of operation

A third way of working is common in the work, and in order to keep the backup server from being pressured, use push as a backup.

650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M00/8B/29/wKiom1hGGjvCk70bAABQOmYdj3s353.png-wh_500x0-wm_3 -wmp_4-s_2067049537.png "title=" 123.png "alt=" Wkiom1hggjvck70baabqomydj3s353.png-wh_50 "/>

The first way is an example:

rsync-avz/etc/hosts/tmp/#相当于cp/etc/hosts/tmp/rsync-avz--delete/null//tmp/#相当于rm-rf/tmp/*

An example of the second way:

Rsync-avzp-e ' ssh-p '/tmp [email protected]:/tmp #push方式rsync-avzp-e ' ssh-p ' [email protected]:/tmp/tmp # Pull mode

The Third Way:

rsync-avz/tmp/[Email Protected]::backup #push方式

Service side (the server that holds the backup files)

The first step, create the rsyncd.conf file

[[email protected]_server ~]# vi /etc/rsyncd.confuid = rsync   #程序属主gid  = rsync    #程序属组use  chroot = no  #  whether root account max  connetions = 2000   #最大连接的客户端数量timeout  = 600   #超时时间, time-out automatic disconnection, need service and then active connection PID  file = /var/run/rsyncd.pid   #pid文件存放地址lock  file = /var/run/rsync.lock    #锁文件地址log  file = /var/log/rsyncd.log   #日志文件存放目录ignore  errors    #忽略错误read  only = false   #表示可读可写list  = false   # Indicates that a remote list can be hosts allow = 192.168.0.0/24   #允许主机地址hosts  deny = 0.0.0.0/32    #拒绝主机地址auth  users = rsync_backup   #运行服务的用户secrets  file = / etc/rsync.password   #密码文件 #####################[backup]    #模块名字comment  =  This is luruiqi writter   #注释path  = /backup    #需要备份的目录, preferably the same as the module name, easy to find ################### ################

[[email protected]_server ~]# rsync --daemon   #启动 [[Email protected]_Server  ~]# ps -ef |grep rsync |grep -v grep   #检查root    3168  1  0 07:16 ?   00:00:00 rsync --daemon[[email  protected]_Server ~]# netstat -lntup |grep rsync   #检查tcp      0   0 0.0.0.0:873   0.0.0.0:*   LISTEN     3168/rsynctcp    0   0 :::873         :::*    LISTEN    3168/rsync[[email  protected]_server ~]# ss -lntup |grep rsyn   #检查tcp   LISTEN   0   5    :::873    :::*      Users: (("rsync", 3168,5)) TCP &NBsp listen  0   5     *:873     *:*     users: (("rsync", 3168,3) [[Email protected]_server ~]# lsof -i  :873   #检查COMMAND   PID USER   FD   TYPE  Device size/off node namersync   3168 root  3u  ipv4   16481   0t0  TCP *:rsync  (LISTEN) rsync   3168  root  5u  ipv6  16482   0t0  tcp *:rsync   (LISTEN)

[[email protected]_server ~]# useradd rsync -s /sbin/nologin -m   #创建rsync账户 [[email protected]_server ~]# id rsync  #检查创建用户的结果uid =500 (rsync)  gid= Rsync  groups=500 (rsync) [[email protected]_server ~]# mkdir /backup  # Create a backup directory [[email protected]_server ~]# chown -r rsync /backup   #更改备份目录的属组 [[email protected]_server ~]# ll -d /backup/   #检查是否更改属组drwxr-xr-x 2  rsync root 4096 dec  2 07:25 /backup/[[email protected]_server  ~]# echo  "rsync_backup:123456"  >/etc/rsync.password   #创建账号和密码 [[email  protected]_server ~]# cat /etc/rsync.password   #检查是否创建rsync_backup: 123456[[email  protected]_Server ~]# chmod 600 /etc/rsync.password   #配置密码文件的访问权限 [[Email  protected]_server ~]# ll /etc/rsync.password     #检查是否更改-rw------- 1 root root  20 dec  2 07:29 /etc/rsync.password

Client (the server that needs to be backed up)

the client does not need to create a rsyncd.conf, just create a password file ,

[Email protected] ~]# echo "123465" >/etc/rsync.password [[email protected] ~]# chmod 600/etc/rsync.password [email Protected] ~]# ll/etc/rsync.password-rw-------1 root root 7 Nov 03:33/etc/rsync.password[[email protected] ~]# cat /etc/rsync.password 123465

Test it.

rsync-avz/tmp/[Email Protected]::backup--password-file=/etc/rsync.password

Server for NFS (rsync client)

650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/>650 "this.width=650;" src= "http ://s4.51cto.com/wyfs02/m01/8b/26/wkiol1hggfvrbhniaaavuhwpx_4780.png-wh_500x0-wm_3-wmp_4-s_427634834.png "title= "123.png" alt= "Wkiol1hggfvrbhniaaavuhwpx_4780.png-wh_50"/>

Backup server (rsync service side)

650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/>650 "this.width=650;" src= "http ://s5.51cto.com/wyfs02/m02/8b/26/wkiol1hgggfqak8uaaayroxf8ug866.png-wh_500x0-wm_3-wmp_4-s_4107373896.png "title = "1234.png" alt= "Wkiol1hgggfqak8uaaayroxf8ug866.png-wh_50"/>

-----------------------------------------------------------

The above see simple configuration has been completed, can complete a simple file backup transfer work.

Restart rsync Combo command pkill rsync #强制关闭服务

Killall rsync #平滑的杀进程 "need to repeat multiple times to ensure the kill process" kill ' Cat/var/run/rsyncd.pid ' #杀进程, also equivalent to shutting down the service rsync--daemon #启动进程kill-hup ' cat/var/r Un/rsyncd.pid ' #平滑的杀死进程kill-usr2 ' cat/var/run/rsyncd.pid ' #平滑的杀死进程

Check for initiated processes

Ps-ef |grep rsync

--------------------------------------------------------------------

Summarize all the above steps

Rsync Server Configuration steps

1. vi/etc/rsyncd.conf

2. Create the rsync user and the shared directory/backup

Useradd rsync-s/sbin/nologin-m

Mkdir/backup

Chown-r Rsync/backup

3. Create a password file

echo "Rsync_backup:oldboy" >/etc/rsync.password

Cat/etc/rsync.password

chmod 600/etc/rsync.password

4. Start the service and check

Rsync--daemon

5. Join the boot-up

echo "Rsync--daemon" >>/etc/rc.local

Tail-2/etc/rc.local

---------------------------------------------------------

The client resumes pulling resources on the server and needs to run the following statement on the client:

Rsync-avz [Email protected]::backup/tmp/--password-file=/etc/rsync.password

-------------------------------------------------------------------------------------------

Note: The server only runs the Rsync service regardless of whether the push-pull is in the client operation

----------------------------------------------------------------------------

Security optimization: 1. Listen for internal IP address

[Email protected]_server backup]# Netstat-lntup|grep rsync

TCP 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 29031/rsync

TCP 0 0::: 873:::* LISTEN 29031/rsync

By the above, the default is to listen to the entire network IP 0.0.0.0:873 we need to change into the intranet segment

Make the following changes to start

[[Email protected]_server backup]# rsync--daemon--address=192.168.1.0

[Email protected]_server backup]# Netstat-lntup|grep rsync

TCP 0 0 192.168.1.0:873 0.0.0.0:* LISTEN 29153/rsync

[[Email Protected]_server backup]#

----------------------------------------------------------------------------------------

The wrong part of the line

Idea: The configuration process must be skilled, according to the operation process Check again

Service-Side troubleshooting:

1.rsync the configuration file path of the service is correct, the default path is,/etc/rsyncd.conf

2. Check the configuration file for host Allow,host deny, allow the IP network segment, whether to allow client access.

3. Check if the path in the paths parameter exists and the permissions are correct (normal should be the genus and owner of the UID parameter in the configuration file)

4. Check if the Rsync service is started, see if the command is Ps-ef |grep rsync, the port exists netstat-lntup |grep 873

5. Check if the iptables firewall and SELinux are enabled to allow the Rsync service to pass, the intranet can be closed.

6. Check if the password file for rsync configuration on the server is 600, the password file format is correct, the correct format is Username:password, the file path and the Secrect files parameter in the configuration file correspond.

7. If you are pushing data, see if the user has read and write permissions to the directory under the module in the configuration rsyncd.conf file.

Client Troubleshooting Ideas:

1. Check if the password file for the client rsync configuration is 600, the password file format is correct, note that only the password is required, and the password is consistent with the server.

2. telnet to the IP address 873 port of the rsync server to see if the service is started (can test if the service-side firewall is blocked) Telnet 192.168.1.8 873

3. The client execution command is RSYNC-AVZP [email protected]::backup/test/--password-file=/etc/rsync.password

The details of this command should be noted that the IP address of the server is followed by a double colon, followed by the name of the server-side module.

This article is from the "richylu____ Records" blog, so be sure to keep this source http://richylu.blog.51cto.com/1481674/1879847

Simple configuration and implementation of Rsync