rsync

Linux小菜鸟發表於2024-12-04

Rsync服務

【1】、rsync定義

作用:

1.本地的備份 類似cp命令 意義不大

2.遠端的複製 類似scp命令 意義不大 (增量備份)

如果第一次遠端執行檔案複製動作使用scp和rsync一樣

如果第二次遠端執行,有新增加的檔案可以使用rsync命令

3.守護程序模式 持續不斷地在後臺執行,接收客戶端傳送的重要 資料。類似於百度網盤。

scp 每次都是全量複製

rsync 每次都是增量複製

image-20241202193330284

# 全量備份
[root@web01 ~]# scp -r test backup:~/

Authorized users only. All activities may be monitored and reported.
01.txt                                                                                             100%    0     0.0KB/s   00:00    
02.txt                                                                                             100%    0     0.0KB/s   00:00    
03.txt                                                                                             100%    0     0.0KB/s   00:00    
04.txt                                                                                             100%    0     0.0KB/s   00:00    
05.txt                                                                                             100%    0     0.0KB/s   00:00    
[root@web01 ~]# touch test/{06..09}.txt
[root@web01 ~]# scp -r test backup:~/
# 全量備份再有新增加的內容時,不僅會備份新增的內容,還會再備份一次就的資料
Authorized users only. All activities may be monitored and reported.
01.txt                                                                                             100%    0     0.0KB/s   00:00    
02.txt                                                                                             100%    0     0.0KB/s   00:00    
03.txt                                                                                             100%    0     0.0KB/s   00:00    
04.txt                                                                                             100%    0     0.0KB/s   00:00    
05.txt                                                                                             100%    0     0.0KB/s   00:00    
06.txt                                                                                             100%    0     0.0KB/s   00:00    
07.txt                                                                                             100%    0     0.0KB/s   00:00    
08.txt                                                                                             100%    0     0.0KB/s   00:00    
09.txt                                                                                             100%    0     0.0KB/s   00:00   

# 增量備份
[root@web01 ~]# rsync -avz test backup:~/
The authenticity of host 'backup (192.168.121.41)' can't be established.
ECDSA key fingerprint is SHA256:ojGuz7nAhVgYaZgcnxgbxZOsIwQOL7DkBGqc38t7hXw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'backup' (ECDSA) to the list of known hosts.

Authorized users only. All activities may be monitored and reported.
sending incremental file list
test/
test/01.txt
test/02.txt
test/03.txt
test/04.txt
test/05.txt
test/06.txt
test/07.txt
test/08.txt
test/09.txt
test/10.txt

sent 595 bytes  received 210 bytes  230.00 bytes/sec
total size is 0  speedup is 0.00
[root@web01 ~]# touch test/new.txt
[root@web01 ~]# rsync -avz test backup:~/
# 增量備份之備份第一備份後新增加的內容
Authorized users only. All activities may be monitored and reported.
sending incremental file list
test/
test/new.txt

sent 296 bytes  received 39 byte

【2】、rsync三種工作模式

SYNOPSIS
       Local:  rsync [OPTION...] SRC... [DEST]

       Access via remote shell:
         Pull: rsync [OPTION...] [USER@]HOST:SRC... [DEST]
         Push: rsync [OPTION...] SRC... [USER@]HOST:DEST

       Access via rsync daemon:
         Pull: rsync [OPTION...] [USER@]HOST::SRC... [DEST]
               rsync [OPTION...] rsync://[USER@]HOST[:PORT]/SRC... [DEST]
         Push: rsync [OPTION...] SRC... [USER@]HOST::DEST
               rsync [OPTION...] SRC... rsync://[USER@]HOST[:PORT]/DEST

1、本地模式

類似於cp命令,瞭解即可

2、遠端模式

類似於scp命令(在有增量需求複製的時候或者有資料同步的要求才使用)

# 注意rsync的目錄後面加/表示複製目錄下的檔案 不加/表示複製目錄及下所有內容
[root@web01 ~]# rsync -avz test1/ backup:~/

Authorized users only. All activities may be monitored and reported.
sending incremental file list
./
01.txt
02.txt
03.txt
04.txt

sent 258 bytes  received 95 bytes  706.00 bytes/sec
total size is 0  speedup is 0.00

[root@web01 ~]# rsync -avz test backup:~/

Authorized users only. All activities may be monitored and reported.
sending incremental file list
test/
test/01.txt
test/02.txt
test/03.txt
test/04.txt
test/05.txt

sent 329 bytes  received 115 bytes  296.00 bytes/sec
total size is 0  speedup is 0.00

# rsync拉取模式,將遠端上的東西拉取到本地
[root@backup ~]# rsync -avz web01:~/test ./

Authorized users only. All activities may be monitored and reported.
receiving incremental file list
test/
test/01.txt
test/02.txt
test/03.txt
test/04.txt
test/05.txt

sent 123 bytes  received 329 bytes  129.14 bytes/sec
total size is 0  speedup is 0.00

在使用rsync時,如果dest path沒有加使用者,預設使用本地登入的使用者去登入遠端

[oldboy@web01 ~]$ rsync -avz /etc/hosts backup:~/
# 我們在傳遞時,需要保證本地和遠端都有相同的使用者
The authenticity of host 'backup (192.168.121.41)' can't be established.
ECDSA key fingerprint is SHA256:ojGuz7nAhVgYaZgcnxgbxZOsIwQOL7DkBGqc38t7hXw.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'backup,192.168.121.41' (ECDSA) to the list of known hosts.

Authorized users only. All activities may be monitored and reported.
oldboy@backup's password: 

3、守護程序模式

主機角色 外網IP(WAN) 內網IP(LAN) 主機名稱

Rsync服務端 192.168.121.41 172.16.1.41 backup

Rsync客戶端 192.168.121.7 172.16.1.7 web01

1、服務端安裝rsync服務
[root@backup ~]# yum install -y rsync

2、服務端配置rsync
[root@backup ~]# rpm -qc rsync
/etc/rsyncd.conf
/etc/sysconfig/rsyncd

[root@backup ~]# cat /etc/rsyncd.conf
uid = rsync   # 執行程序的使用者
gid = rsync   # 執行程序的使用者組
port = 873 	  # 監聽埠
fake super = yes    # 無需讓rsync以root的身份執行,允許接受檔案的完整屬性
use chroot = no     # 禁錮推送的資料到某一個目錄,不允許跳出該目錄
max connections = 200    # 最大連線數
timeout = 600    # 超時時間
ignore errors    # 忽略錯誤資訊   
read only = false    # 對備份資料不是隻讀的,可讀可寫
list = false    #不許檢視模組資訊
auth users = rsync_backup    # 定義虛擬使用者,作為連線認證使用者
secrets file = /etc/rsync.passwd    # 定義rsync服務使用者連線認證密碼檔案路徑
log file = /var/log/rsyncd.log 
##################################### 
[backup]   # 定義模組資訊
path = /backup  # 定義接收備份資料的目錄

3.根據配置檔案建立必要的資料資訊
[root@backup ~]# grep rsync /etc/passwd
[root@backup ~]# 
# 建立虛擬使用者rsync
[root@backup ~]# useradd -M -s /sbin/nologin rsync

# 建立密碼檔案
[root@backup ~]# cat /etc/rsync.passwd
rsync_backup:123456
[root@backup ~]# chmod 600 /etc/rsync.passwd 

# 建立接收目錄
[root@backup ~]# mkdir /backup
[root@backup ~]# ll /backup -d
drwxr-xr-x 2 root root 6 Dec  3 16:17 /backup
# rsync是以啟動程序的使用者身份往/backup目錄中寫入
[root@backup ~]# chown rsync:rsync /backup/

4.服務端啟動rsync服務
[root@backup ~]# systemctl enable rsyncd --now
Created symlink /etc/systemd/system/multi-user.target.wants/rsyncd.service → /usr/lib/systemd/system/rsyncd.service.
[root@backup ~]# ss -tunlp | grep rsync
tcp     LISTEN   0        5                0.0.0.0:873           0.0.0.0:*       users:(("rsync",pid=78018,fd=3))                                               
tcp     LISTEN   0        5                   [::]:873              [::]:*       users:(("rsync",pid=78018,fd=5))  
需要使用守護程序模式的語法格式推送檔案 
Push: rsync [OPTION...] SRC... [USER@]HOST::DEST 
推送: rsync -avz /etc/passwd rsync_backup@10.0.0.41::模組的名稱
[root@web01 ~]# rsync -avz /etc/passwd rsync_backup@backup::backup
Password: 
sending incremental file list
passwd

sent 847 bytes  received 43 bytes  356.00 bytes/sec
total size is 1,848  speedup is 2.08

客戶端引數:--password-file,指定密碼檔案在哪
[root@web01 ~]# echo 123456 > /etc/pa.txt
[root@web01 ~]# chmod 600 /etc/pa.txt
[root@web01 ~]# rsync -avz /etc/hosts rsync_backup@backup::backup --password-file=/etc/pa.txt 
sending incremental file list
hosts

sent 176 bytes  received 43 bytes  438.00 bytes/sec
total size is 200  speedup is 0.91

rsync客戶端密碼內建變數

[root@web01 ~]# echo $RSYNC_PASSWORD

[root@web01 ~]# export RSYNC_PASSWORD=123456
[root@web01 ~]# echo $RSYNC_PASSWORD
123456
[root@web01 ~]# rsync -avz /etc/rc.local  rsync_backup@backup::backup
sending incremental file list
rc.local -> rc.d/rc.local

sent 62 bytes  received 23 bytes  170.00 bytes/sec
total size is 13  speedup is 0.15

rsync在推送資料時,首先會查RSYNC_PASSWORD

# 案例
1.客戶端提前準備存放的備份的目錄,目錄規則如 下:/backup/web01_172.16.1.7_2018-09-02 date +%F 2.客戶端在本地打包備份(系統配置檔案、應用配置等)複製 至/backup/web01_172.16.1.7_2018-09-02 
3.客戶端最後將備份的資料進行推送至備份伺服器 守護程序 
4.客戶端每天凌晨1點定時執行該指令碼 
5.客戶端伺服器本地保留最近7天的資料, 避免浪費磁碟空間

#!/bin/bash

mkdir -p /backup

IP=`hostname -I | awk -F" " '{print $1}'`
path=/backup/web01_${IP}_`date +%F`
tar -zcvf  $path /etc/
rsync -avz $path rsync_backup@backup::backup
find /backup -mtime +7 -exec rm -f {} \;
# 拉取資料
[root@web01 ~]# ls
backup.sh  html
[root@web01 ~]# rsync -avz rsync_backup@backup::backup/hosts .
receiving incremental file list
hosts

sent 43 bytes  received 180 bytes  446.00 bytes/sec
total size is 200  speedup is 0.90
[root@web01 ~]# ls
backup.sh  hosts  html

新增模組,可以儲存到多個服務的目錄下

[root@backup ~]# vim /etc/rsyncd.conf 
# 新增一個模組即可
[data]
path = /data
[root@backup ~]# systemctl restart rsyncd
[root@backup ~]# mkdir /data
[root@backup ~]# chown rsync:rsync /data/


# 在客戶端進行傳遞,指定新加的模組名
[root@web01 ~]# rsync -avz /etc/rc.local  rsync_backup@backup::data
sending incremental file list
rc.local -> rc.d/rc.local

sent 62 bytes  received 23 bytes  170.00 bytes/sec
total size is 13  speedup is 0.15

【3】、rsync引數

-a #歸檔模式傳輸, 等於-tropgDl 
-v #詳細模式輸出, 列印速率, 檔案數量等 
-z #傳輸時進行壓縮以提高效率 
-r #遞迴傳輸目錄及子目錄,即目錄下得所有目錄 都同樣傳輸。 
-t #保持檔案時間資訊 
-o #保持檔案屬主資訊 
-p #保持檔案許可權 
-g #保持檔案屬組資訊 
-l #保留軟連線 
-P #顯示同步的過程及傳輸時的進度等資訊 
-D #保持裝置檔案資訊 
-L #保留軟連線指向的目標檔案
-e #使用的通道協議,指定替代rsh的shell程式 


--exclude=PATTERN #指定排除不需要傳輸的檔案模式 
--exclude-from=file #檔名所在的目錄檔案 
--bwlimit=100 #限速傳輸 
--partial #斷點續傳 
--delete #讓目標目錄和源目錄資料保持一致 
--password-file=xxx #使用密碼檔案,守護程序模式下才可以使用
# 使用--exclude 排除檔案,不參與傳輸
[root@backup ~]# rsync -avz test/ web01:~/ --exclude=43.txt

Authorized users only. All activities may be monitored and reported.
sending incremental file list
./
hosts
passwd

sent 992 bytes  received 57 bytes  2,098.00 bytes/sec
total size is 2,005  speedup is 1.91
# 使用{} 排除多個檔案
[root@backup ~]# rsync -avz test web01:~/ --exclude={43.txt,passwd}

Authorized users only. All activities may be monitored and reported.
sending incremental file list
test/
test/hosts

sent 208 bytes  received 39 bytes  164.67 bytes/sec
total size is 200  speedup is 0.81
--exclude-from=file 可以指定檔案,安裝指定的檔案中的名字排除不需要進行傳輸的檔案
[root@backup ~]# vim /opt/ex.txt
[root@backup ~]# cat /opt/ex.txt
passwd
hosts
[root@backup ~]# rsync -avc test web01:~/ --exclude-from=/opt/ex.txt 

Authorized users only. All activities may be monitored and reported.
sending incremental file list
test/
test/43.txt

sent 136 bytes  received 39 bytes  350.00 bytes/sec
total size is 0  speedup is 0.00
--bwlimit 限速傳遞
[root@backup ~]# dd if=/dev/zero of=/1g.txt bs=1M count=1000
1000+0 records in
1000+0 records out
1048576000 bytes (1.0 GB, 1000 MiB) copied, 10.4023 s, 101 MB/s

[root@backup ~]# rsync -avcP  1g.txt web01:~/

Authorized users only. All activities may be monitored and reported.
sending incremental file list
1g.txt
    448,299,008  42%   26.47MB/s    0:00:22  
    
[root@backup ~]# rsync -avcP  1g.txt web01:~/ --bwlimit=1m

Authorized users only. All activities may be monitored and reported.
sending incremental file list
1g.txt
     26,509,312   2%    1.00MB/s    0:16:37  
--password-file只能在守護程序模式下使用
--delete 可以讓兩端伺服器的內容保持一致
# 誰在前就以誰為準
[root@backup ~]# rsync -avz web01:~/ . --delete

Authorized users only. All activities may be monitored and reported.
receiving incremental file list
deleting test/passwd
deleting test/hosts
deleting test/43.txt
deleting test/
deleting passwd.txt
deleting 1g.txt
./
.bash_history
.lesshst
.viminfo
.ssh/
.ssh/authorized_keys
.ssh/id_rsa
.ssh/id_rsa.pub
.ssh/known_hosts

sent 364 bytes  received 4,451 bytes  9,630.00 bytes/sec
total size is 9,732  speedup is 2.02

# 可以用於快速同步資訊,一般用在網站被篡改,可以透過一條命令進行同步
[root@backup ~]# rsync -avz html web01:~/

Authorized users only. All activities may be monitored and reported.
root@web01's password: 
sending incremental file list
html/
html/1.html
html/2.html
html/3.html

sent 287 bytes  received 77 bytes  104.00 bytes/sec
total size is 45  speedup is 0.12

# 模擬網站被篡改
[root@web01 ~]# find html/ -type f -name "*.html" -exec sed -i 's#haha#???#g' {} \;
[root@web01 ~]# cat html/1.html 
www.???ha.com
[root@web01 ~]# cat html/2.html 
www.???ha.com
[root@web01 ~]# cat html/3.html 
www.???ha.com

# 使用rsync進行同步
[root@backup ~]# rsync -avz html/ web01:~/html --delete

Authorized users only. All activities may be monitored and reported.
root@web01's password: 
sending incremental file list
./
1.html
2.html
3.html

sent 276 bytes  received 94 bytes  105.71 bytes/sec
total size is 45  speedup is 0.12
[root@web01 ~]# cat html/1.html 
www.hahaha.com
[root@web01 ~]# cat html/2.html 
www.hahaha.com
[root@web01 ~]# cat html/3.html 
www.hahaha.com

相關文章