实战rsync全网数据备份

linux-node1,linux-node2 上数据通过推的方式，备份至backup服务器

备份服务器端：

1.backup 服务器上创建 rsyncd.conf 文件并编辑

[root@backup ~]# cat /etc/rsyncd.conf

#Created by alvin 20:06 2018-7-5
##rsync.conf start##
uid = rsync
gid = rsync
use chroot = no
max connections = 2000
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
hosts allow = 10.89.7.0/24
host deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
##################################
[data]
comment = backup data by alvin 2018-7-6
path = /data/
[share]
comment = backup share by alvin 2018-7-6
path = /share/
#rsync_config___________________end

2.启动rsync 服务，并查看服务是否启动了（以下3条命令任选1条）

[root@backup ~]# rsync --daemon           #启动rsync 服务

[root@backup ~]# netstat -lntup|grep rsync
tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 5847/rsync
tcp 0 0 :::873 :::* LISTEN 5847/rsync

[root@backup ~]# ps -ef | grep rsync
root 5847 1 0 14:43 ? 00:00:00 rsync --daemon
root 5855 2881 0 14:44 pts/0 00:00:00 grep rsync

[root@backup ~]# lsof -i:873
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rsync 5847 root 3u IPv4 22567 0t0 TCP *:rsync (LISTEN)
rsync 5847 root 5u IPv6 22568 0t0 TCP *:rsync (LISTEN)

3.创建rsync 用户（不创建家目录）

[root@backup ~]# useradd rsync -s /sbin/nologin -M

4. 创建备份目录 data ，share

[root@backup ~]# mkdir /data /share

[root@backup ~]# chown -R rsync.rsync /data       #修改目录的访问权限
[root@backup ~]# chown -R rsync.rsync /share
[root@backup ~]# ls -ld /data/
drwxr-xr-x 2 rsync rsync 4096 Aug 25 14:32 /data/
[root@backup ~]# ls -ld /share/
drwxr-xr-x 2 rsync rsync 4096 Aug 25 14:32 /share/

5.创建密码文件并查看

[root@backup ~]# echo "rsync_backup:123456" >/etc/rsync.password
[root@backup ~]# cat /etc/rsync.password
rsync_backup:123456

6.修改密码文件的查看权限

[root@backup ~]# chmod 600 /etc/rsync.password
[root@backup ~]# ll /etc/rsync.password
-rw------- 1 root root 20 Aug 25 15:08 /etc/rsync.password
[root@backup ~]#

7.把rsync 服务加入开机自启动

[root@backup ~]# which rsync
/usr/bin/rsync

[root@backup ~]# echo "/usr/bin/rsync --daemon" >>/etc/rc.local
[root@backup ~]# cat /etc/rc.local            #检查是否加入
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

touch /var/lock/subsys/local
/usr/bin/rsync --daemon
[root@backup ~]#

需要备份的客户端服务器：

客户端1：

[root@linux-node1 ~]# echo "123456" >/etc/rsync.password
[root@linux-node1 ~]# chmod 600 /etc/rsync.password
[root@linux-node1 ~]# ll /etc/rsync.password
-rw------- 1 root root 7 Aug 25 15:26 /etc/rsync.password
[root@linux-node1 ~]# cat /etc/rsync.password
123456
[root@linux-node1 ~]#

#创建备份资料

[root@linux-node1 ~]# mkdir /data

[root@linux-node1 ~]# cd /data

[root@linux-node1 data]# touch {1..5}.txt
[root@linux-node1 data]# ll
total 16
-rw-r--r-- 1 root root 0 Aug 25 15:36 1.txt
-rw-r--r-- 1 root root 0 Aug 25 15:36 2.txt
-rw-r--r-- 1 root root 0 Aug 25 15:36 3.txt
-rw-r--r-- 1 root root 0 Aug 25 15:36 4.txt
-rw-r--r-- 1 root root 0 Aug 25 15:36 5.txt

#推文件到备份服务器

[root@linux-node1 data]# rsync -avz /data/ rsync_backup@10.89.7.9::data --password-file=/etc/rsync.password
sending incremental file list
./
1.txt
2.txt
3.txt
4.txt
5.txt

sent 263 bytes received 106 bytes 246.00 bytes/sec
total size is 0 speedup is 0.00

客户端2：

[root@linux-node2 ~]# echo "123456" >/etc/rsync.password
[root@linux-node2 ~]# chmod 600 /etc/rsync.password
[root@linux-node2 ~]# ll /etc/rsync.password
-rw------- 1 root root 7 Aug 25 15:26 /etc/rsync.password
[root@linux-node2 ~]# cat /etc/rsync.password
123456
[root@linux-node2 ~]#

#创建备份资料

[root@linux-node2 ~]# mkdir /share

[root@linux-node2 ~]# cd /share

[root@linux-node2 share]# touch {a..f}.txt
[root@linux-node2 share]# ll
total 0
-rw-r--r-- 1 root root 0 Aug 25 15:37 a.txt
-rw-r--r-- 1 root root 0 Aug 25 15:37 b.txt
-rw-r--r-- 1 root root 0 Aug 25 15:37 c.txt
-rw-r--r-- 1 root root 0 Aug 25 15:37 d.txt
-rw-r--r-- 1 root root 0 Aug 25 15:37 e.txt
-rw-r--r-- 1 root root 0 Aug 25 15:37 f.txt
[root@linux-node2 share]#

#推文件到备份服务器

[root@linux-node2 share]# rsync -avz /share/ rsync_backup@10.89.7.9::share --password-file=/etc/rsync.password
sending incremental file list
./
a.txt
b.txt
c.txt
d.txt
e.txt
f.txt

sent 305 bytes received 125 bytes 860.00 bytes/sec
total size is 0 speedup is 0.00

#备份服务器上查看是否备份成功

[root@backup ~]# ll /data
total 0
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:36 1.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:36 2.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:36 3.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:36 4.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:36 5.txt
[root@backup ~]# ll /share
total 0
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 a.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 b.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 c.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 d.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 e.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 f.txt

#差异备份（编辑a.txt,删除f.txt）

[root@linux-node2 share]# vi a.txt

dgadga
agafhfhaja

[root@linux-node2 share]# rm -rf f.txt
[root@linux-node2 share]# ll
total 8
-rw-r--r-- 1 root root 19 Aug 25 17:31 a.txt
-rw-r--r-- 1 root root 0 Aug 25 17:31 b.txt
-rw-r--r-- 1 root root 10 Aug 25 17:33 c.txt
-rw-r--r-- 1 root root 0 Aug 25 15:37 d.txt
-rw-r--r-- 1 root root 0 Aug 25 15:37 e.txt

[root@linux-node2 share]# rsync -avz --delete /share/ rsync_backup@10.89.7.9::share --password-file=/etc/rsync.password         #同步时加上   --delete 参数，完全同步。
sending incremental file list
./
deleting f.txt
a.txt

sent 167 bytes received 36 bytes 406.00 bytes/sec
total size is 35 speedup is 0.17
[root@linux-node2 share]#

备份服务器端查看：

[root@backup share]# ll
total 8
-rw-r--r-- 1 rsync rsync 25 Aug 25 17:49 a.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 17:31 b.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 17:33 c.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 d.txt
-rw-r--r-- 1 rsync rsync 0 Aug 25 15:37 e.txt

 ###########################################################

实战脚本：

网站，日志，系统重要资料按机器ip地址生成目录，每天定时备份至服务器。

1.备份客户端脚本

root@linux-node2 scripts]# cat backup.sh

#！/bin/sh
IP="`ifconfig eth0|awk -F '[ :]+' 'NR==2 {print $4}'`"
Path=/backup/$IP
[ ! -d $Path ] && mkdir $Path -p

cd $Path

#backup
tar zcPf $Path/www_$(date +%F).tar.gz /var/html/www/
tar zcPf $Path/conf_$(date +%F).tar.gz /var/spool/cron/root /etc/rc.d/rc.local /etc/sysconfig/iptables /server/scripts
tar zcPf $Path/logs_$(date +%F).tar.gz /app/logs/

#to bakup server
rsync -az /backup/ rsync_backup@10.89.7.9::backup --password-file=/etc/rsync.password

#del
find $Path -type f -name "*.tar.gz" -mtime +7|xargs rm -f

2.加入定时任务中

定时任务
#crontab -e

00 01 * * * /bin/sh /server/scripts/backup.sh >/dev/null 2>&1

备份效果-服务器端查看：

[root@backup backup]# ll
total 8
drwxr-xr-x 2 rsync rsync 4096 Aug 29 13:05 10.89.7.10
drwxr-xr-x 2 rsync rsync 4096 Aug 29 13:04 10.89.7.12

[root@backup backup]# cd 10.89.7.10
[root@backup 10.89.7.10]# ll
total 12
-rw-r--r-- 1 rsync rsync 863 Aug 29 13:05 conf_2018-08-29.tar.gz
-rw-r--r-- 1 rsync rsync 115 Aug 29 13:05 logs_2018-08-29.tar.gz
-rw-r--r-- 1 rsync rsync 118 Aug 29 13:05 www_2018-08-29.tar.gz

###########################################################
部分故障排除经验总结：
[root@linux-node1 data]# rsync -avz /data/ rsync_backup@10.89.7.9::data --password-file=/etc/rsync.password
rsync: failed to connect to 10.89.7.9: Connection refused (111)
rsync error: error in socket IO (code 10) at clientserver.c(124) [sender=3.0.6]

原因分析:
[root@linux-node1 data]# ping 10.89.7.9
PING 10.89.7.9 (10.89.7.9) 56(84) bytes of data.
64 bytes from 10.89.7.9: icmp_seq=1 ttl=64 time=1002 ms
64 bytes from 10.89.7.9: icmp_seq=2 ttl=64 time=0.279 ms
64 bytes from 10.89.7.9: icmp_seq=3 ttl=64 time=0.424 ms
^C
--- 10.89.7.9 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2422ms
rtt min/avg/max/mdev = 0.279/334.435/1002.603/472.466 ms, pipe 2
[root@linux-node1 data]# telnet 10.89.7.9 873
Trying 10.89.7.9...
telnet: connect to address 10.89.7.9: Connection refused
考虑防火墙问题：
服务器端和客户端关闭防火墙
[root@backup ~]# /etc/init.d/iptables stop
[root@backup ~]# /etc/init.d/iptables status
iptables: Firewall is not running.

------------------
[root@linux-node1 data]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: nat mangle raw f[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@linux-node1 data]# /etc/init.d/iptables stop
[root@linux-node1 data]# /etc/init.d/iptables status
iptables: Firewall is not running.

#还有种可能是服务器端rsync服务没有启动，此时启动服务器端的rsync服务即可。

[root@backup share]# kill `cat /var/run/rsyncd.pid`

[root@backup share]# ps -ef|grep rsync
root 6537 2881 0 17:56 pts/0 00:00:00 grep rsync
[root@backup share]# lsof -i :873

#备份出错

[root@linux-node2 share]# rsync -avz --delete /share/ rsync_backup@10.89.7.9::share --password-file=/etc/rsync.password
rsync: failed to connect to 10.89.7.9: Connection refused (111)
rsync error: error in socket IO (code 10) at clientserver.c(124) [sender=3.0.6]

#此问题是服务端没有开启rsync 服务，开启服务即可。