1024
One, about rsync
- A tool for fast incremental backup
Remote sync
supports local replication, or synchronizes with other ssh and rsync hosts.
Official website: http://rsync.samba.org
1.1rsync synchronization source
- Refers to the remote server for backup operations, which also becomes the backup source;
1.2 Basic ideas
- Change the rsync.conf configuration file
- Separate account file
- Enable rsync --daemon mode daemon mode
1.3 Usage of rsync command
rsync 选项 原始位置 目标位置
常用选项
-a 归档模式,递归并保留住对象属性,等同于-rlptgoD
-v 显示同步过程的详细信息
-z 在传输文件时进行压缩
-H 保留硬链接文件
-A 保留ACL属性信息
--delete 删除目标位置有,原始位置没有的文件
--checksum 根据对象的校验和来决定是否跳过文件
1.4 Two methods of backup (pull)
1. Username@Host Address::Shared module name
Example: rsync -avz [email protected]::www /opt
2.rsync://username@host address/shared module name
示例:rsync -avz rsync://[email protected]/www /opt/
1.5 Deficiency
- The time to perform the backup is fixed, the delay is obvious, and the real-time performance is poor
- If the synchronization source does not change for a long time, intensive periodic tasks are unnecessary
- Network congestion, port downtime, bandwidth problems will all affect;
Second, real-time synchronization rsync+inotify
2.1 Advantages:
- Once the synchronization source changes, immediately restart the backup (synchronization command)
- As long as the synchronization source does not change, no backup is performed
2.2 About inotify
- The inotify mechanism from the kernel version
Available from version 2.6.13 (centos6.0). It
can monitor changes in the file system and respond to notifications.
Auxiliary software: inotify-tools
2.3 Basic ideas:
- Adjust the inotify kernel parameters
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576
//The size of the monitoring event queue
//The maximum number of monitored instances
//The maximum number of monitored files per instance
-
Inotify auxiliary tool
inotifywait: used for continuous monitoring, real-time output results
inotifywatch: used for short-term monitoring, results will be output after the task is completed -
Synchronous operation script
Use while and read to continuously obtain monitoring results.
According to the results, you can make further judgments and decide which operation to perform
Third, build rsync to synchronize the apache site directory
Source (server):
Step 1: Check the environment
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
rpm -q rsync //查看软件包是否安装
//未安装的话,yum -y install rsync
yum -y install httpd //安装apache测试,站点目录同步
Step 2: Main two configuration files
/etc/rsync.conf //rsync's main configuration file
/etc/rsyncd_users.db //rsync's account file
1.vi /etc/rsyncd.conf
//原有配置下,有的内容去掉注释,没有的内容加上去
uid = nobody
gid = nobody
use chroot = yes
pid file = /var/run/rsyncd.pid
log file = /var/log/rsyncd.log
address = 20.0.0.11
port 873
hosts allow = 20.0.0.0/24
[www]
path = /var/www/html
comment = www.kgc.cn
read olny = yes
dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
auth users = back
secrets file = /etc/rsyncd_users.db
///配置解释
允许所有主账户
允许所有组账户
用户使用权限
日志文件存放位置
pid文件存放位置
配置rsync本机服务器地址
端口873
白名单,允许175网段的所有主机地址;
[www] //共享模块名
定义共享的目录
绑定域名
只读模式,只允许读
禁止压缩的类型文件 //外面和里面的,里面最终生效,最后的生效
rsync同步的用户名
用户的密码存放文件 //授权只允许主账户的权限600
-
vi /etc/rsyncd_users.db
backuper: 123123 -
chmod 600 /etc/rsyncd_users.db //Change permissions, only the master account has read and write permissions
chmod 777 /var/www/html //Change permissions to the synchronization site directory 777 release permission test -
Start the service
rsync --daemon
view status
netstat -antp |grep rsync
Initiator (client):
Step 1: Check the environment
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
rpm -q rsync //查看软件包是否安装
//未安装的话,yum -y install rsync
yum -y install httpd //安装apache测试,站点目录同步
Step 2: Two representation methods of pull
- Username@host address::shared module name
Example: rsync -avz [email protected]::www /opt
- rsync://username@host address/shared module name
示例: rsync -avz rsync://[email protected]/www /opt/
Configuration without interaction:
创建一个文件存放密码:
vi /etc/server.pass
123123
chmod 600 /etc/server.pass //更改权限
验证:
rsync -avz --delete --password-file=/etc/pass rsync://back@20.0.0.11/www /var/www/html
Step 3: Planned tasks
For example, sync every 5 minutes
crontab -e
5 * * * * /usr/bin/rsync -azv --delete --password-file=/etc/pass back@20.0.0.11::www /var/www/html
to sum up
- Note that the main configuration information of the source end must be consistent. Mismatch cannot be performed;
- Site shared directory permissions of the shared module, and user account file permissions
- Permission of the password file of the initiator
Fourth, build rsync+inotify real-time synchronization
Source adjustment:
- The configuration in /etc/rsyncd.conf, read only = yes changed to no;
- Restart the daemon -daemon, the process is as follows:
//Check the process first, kill the process
[root@localhost www]# netstat -antp |grep rsync
tcp 0 0 20.0.0.11:873 0.0.0.0:* LISTEN 11219/rsync
[root@localhost www]# kill -9 11219
//At this time, you need to delete the pid process file of rsync, because the pid information inside still exists, which will affect the process that cannot be started;
rm -rf /var/run/rsyncd.pid //pid进程是咱们之前配置文件定义的存放位置
//Open the daemon
rsync --daemon
View status
netstat -antp |grep rsync
Initiator (client)
- Do kernel parameter optimization
vi /etc/sysctl.conf
//最后插入
fs.inotify.max_queued_events = 16384
fs.inotify.max_user_instances = 1024
fs.inotify.max_user_watches = 1048576
--wq保存
sysctl -p //生效
Configuration explanation:
//监控事件队列的大小
//最多监控实例数
//每个实例最多监控文件数
- Install auxiliary tools to monitor inotify-tools
yum -y install gcc gcc-c++ make //安装底层环境依赖包
//到软件所在目录下,解压到所在目录
tar zxvf inotify-tools-3.14.tar.gz
cd inotify-tools-3.14/
//编译安装
./configure
make
make install
- Verify monitoring function
inotifywait -mrq -e modify,create,move,delete /var/www/html
//命令选项解释
-m 持续进行监控
-r 递归监控所有子对象
-q 简化输出信息
-e 指定要监控那些事件类型
监控:
修改,新建,移动,删除
- Need to open a new tty terminal of the t initiator,
chmod 777 /var/www/html //放开权限
cd /var/www/html
echo 'this is a' > a.txt //直接ehco内容到文件,是属于修改
- Go to the previous monitoring interface to check the display as follows
inotifywait -mrq -e modify,create,move,delete /var/www/html
/var/www/html/ MODIFY a.txt
- Write monitoring execution script
cd /opt/ //在哪都行,看情况
vi inotify.sh
#!/bin/bash
INOTIFY_CMD="inotifywait -mrq -e modify,create,attrib,move,delete /var/www/html/"
RSYNC_CMD="rsync -azH --delete --password-file=/etc/server.pas /var/www/html [email protected]::test"
$INOTIFY_CMD | while read DIRECTORY EVENT FILE
do
if [ $(pgrep rsync | wc -l) -le 0 ] ; then
$RSYNC_CMD
fi
done
--wq保存
chmod +x inotify.sh //给执行权限
- Execute the script to verify whether it is synchronized in real time;
[root@localhost opt]# ./inotify.sh
再进入发起端之前开启的第二台终端上,进行同步验证
[root@localhost html]# echo "this is b" > b.txt //在/var/www/html/写入文档
在监控上可以看到写入的信息:
rsync: failed to set times on "/." (in wwwroot): Operation not permitted (1)
rsync: chgrp "/.jinmao.txt.U7UOVY" (in wwwroot) failed: Operation not permitted (1)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1178) [sender=3.1.2]
- The source side checks whether it is synchronized in real time;
[root@localhost www]# ll /var/www/html/
total 4
-rw-r--r-- 1 root root 11 Oct 23 09:50 a.txt
-rw-r--r-- 1 root root 0 Oct 23 10:45 b.txt
carry out! !
to sum up
- Whether the read-only permission of the source configuration file is changed to no
- Push directory permission of the initiator 777
- Through the initiator monitoring site directory push to the source end (real-time synchronization), other nodes can synchronize the source end;