Correct and effective backup solution to protect the system and data security is an important means in the server, usually in conjunction with a scheduled task, Shell scripts to perform local backups, in order to further improve the reliability of backups, using off-site backup is very necessary.
For example, for simultaneous backup web site, if you want fast, safe, efficient off-site backup, you need to use to --rsync.
Introduction to rsync
rsync (Remote Sync, remote synchronization) is an open source fast backup tool, you can mirror the entire directory tree synchronization between different hosts, supports incremental backups, keeping links and permissions, and the use of synchronization algorithm optimization, compression is performed prior to transmission, making it ideal for remote backup, mirror server applications.
rsync official site: http: //rsync.samba.org/, the latest version is 3.1.3, maintained by Wayne Davison, as one of the most commonly used files backup tool, rsync Linux and UNIX systems are often installed by default. one of the basic components.
rsync is a fast incremental backup tool support: (1) local replication; (2) synchronized with other SSH; (3) synchronized with rsync host.
In remote synchronization tasks, responsible for initiating client rsync synchronization of operations as the initiator, and is responsible for the corresponding rsync server from a client synchronous operation called synchronization source. During the synchronization process, the synchronization position is responsible for providing the original source document, initiated to deal with the end position has read access. Figure:
Configuring rsync source
Configuring rsync server source roughly divided into three steps: (1) establish rsync configuration file; (2) creating a data file backup account; (3) start the rsync service.
(1) establish rsync configuration file
[root @ localhost ~] # vim /etc/rsyncd.conf
uid = the nobody // Enable anonymous user
gid = the nobody
use chroot = yes // detained in the source directory
address = 192.168.1.1 // listen address
port 873 // listening port
log file = /var/log/rsyncd.log // log file location
file location pid file = /var/run/rsyncd.pid // store the process ID
hosts allow = 192.168.1.0/24 // allow access to customers machine address
[wwwroot] // share module name
path = / actual path var / www / html // source directory
comment = aaa // description (may be omitted)
Read only NO = // is read-only
dont compress = * .gz * .bz2 * .rar * .zip // synchronization is no longer compressed file types
auth users = backuper // authorized account
secrets file = /etc/rsyncd_users.db // store data files account information
For security purposes, for the synchronous source rsync preferably only allowed to do read-only synchronized manner. In addition, the synchronization can be used anonymously, as long as one of the "auth users" and "secrets file" configuration item can be removed!
(2) creating a data file backup account
According to rsync configuration file contents, create accounts data files. One user per line, between the user and password separated by colons.
[root@localhost ~]# vim /etc/rsyncd_users.db backuper:123456
Since the account information stored in plain text, it is necessary to adjust file permissions to prevent account information leakage.
[root@localhost ~]# chmod 600 /etc/rsyncd_users.db
Backup source directory user should have read permissions.
[root@localhost ~]# ls -ld /var/www/html drwxr-xr-x. 2 root root 6 11月 15 2016 /var/www/html
(3) start the rsync service
[root@localhost ~]# rsync --daemon [root@localhost ~]# netstat -anpt | grep rsync tcp 0 0 192.168.1.1:873 0.0.0.0:* LISTEN 44001/rsync
If you need to restart rsync service, you need:
[root @ localhost ~] # the kill $ (CAT /var/run/rsyncd.pid) // stop the service [root @ localhost ~] # rsync --daemon // start the service
[root@localhost ~]# kill -9 $(cat /var/run/rsyncd.pid)
Or directly use the "netstat -anpt | grep rsync" command to find out the process ID, use the "kill process number" the same.
The first method to stop rsync rsync service must delete the file storage service process:
[root@localhost ~]# rm -rf /var/run/rsyncd.pid
Use rsync backup tool
Once you've configured rsync synchronization source server, the client can then use to perform remote synchronization tool rsync.
Options rsync command: -r: recursive mode, the directory containing all the files and subdirectories -l: For symbolic link files are still copying is a symbolic link file -p: keep the file permissions mark -t: preserve file timestamps -g : reserved markup file is a group (only super user) -o: reserved owner markup file (only super user) -D: retention device files and other special files -a: filing mode, and retain recursive object properties, equivalent -rlptgoD -v: Show (verbose) information synchronization procedure -z: transmission in the compressed file (the compress) -H: reserved hard connection file -A: reserved ACL attribute information --delete: delete certain location the original location of the file without --checksum: whether to skip the file checksum determined according to the object
rsync is a fast incremental backup tool support:
(1) local replication;
(2) synchronized with other SSH;
(3) synchronized with rsync host.
(1) Local Copy
[root @ localhost ~] # rsync / etc / passwd 123.txt // similar to the cp command
(2) synchronized with the other SSH
[root@localhost ~]# rsync -av [email protected]:/root/123.txt . [email protected]'s password:
(3) sync with rsync host
[root@localhost ~]# rsync -avz [email protected]::wwwroot /root 或者 [root@localhost ~]# rsync -avz rsync://[email protected]/wwwroot /root
These two commands effect is the same!
Simply upload directory can reverse the order of (Make sure you have write access to the directory upload) !
Enter the following command synchronization source, write permission before implementation
[root@localhost ~]#chmod 777 /var/www/html [root@localhost ~]# rsync -avz /root [email protected]::wwwroot
But in the real work environment, backup is often performed repeatedly as planned, such as:
[root @ localhost ~] # vim /root/123.pass 123456 // create a file used to store any rsync authorized user's password information [root @ localhost ~] # chmod 600 /root/123.pass // must be set 600 permissions, otherwise it will error when executing [root @ localhost ~] # crontab -e // create a scheduled task 30 22 * * * / usr / bin / rsync -az --delete --password-file = / root / 123 [email protected] :: wwwroot .pass / A // 22:30 pm daily execution of the script [root @ localhost ~] # systemctl restart crond // restart crond service
Format scheduled tasks on crond profile (top to bottom):