Shulou(Shulou.com)06/02 Report--

Backup instructions for offsite backup systems

rsync

Rsync has four modes of operation:

1. List mode

Similar to ls -l, it lists the content of the source. You can see not only locally, but also remotely.

Shell mode, also known as native mode

Similar to cp, copy files locally

rsync [option] SRC DEST -v: Display detailed process -q: Silent mode -c: Force validation of transferred files -r: Recursive replication -p: permission to save files -t: Time stamp of the file to be preserved -l: Keep symbolic links to files -g: The group that holds the file -o: owner of the reserved file -D: Keep device files -A: Keep ACL access control list -a: equivalent to-rlptgo SSH: Use SSH protocol for remote replication Common usage is-e 'ssh -p ssh port number' -z: Transfers compressed files When the rsync command is in use, if there is a slash at the end of the source argument, it copies the contents of the specified directory, not the directory. If there are no slashes, the directory itself is copied. 3. Remote shell mode, can be transmitted through rcp,ssh and other channels Similar to rcp, but with incremental backups and secure ssh data transfers Using ssh also requires specifying the port of ssh Remote shell mode is divided into two cases pull :rsync [option] SRC [USER@]HOST:DEST (If pulling, rsync must be installed on the remote host, otherwise it will fail) push :rsync [option] SRC [USER@]HOST:DEST [USER@]HOST is the remote connection user and host address when rsync synchronizes 4. Server Mode In this mode, the rsync daemon runs permanently on a server, receiving file transfer requests. You can send files to the daemon, or you can request files from it. The server pattern is ideal for creating a central backup server or project repository. The service mode of rsync is divided into rsync server and rsync client when deployed. rsync server and rsync client are a software package. rsync server and rsync client use the same rsync software package to implement remote mirroring and periodic synchronous updates. The rsync server can backup data of multiple clients at the same time, and multiple servers can backup data of one client. The default port for rsync is 873, where the server receives anonymous or authenticated backup requests from clients. The rsync server needs to be configured before use. The configuration file is/etc/rsyncd.conf, which is not available by default and needs to be created manually. Configuration is divided into global configuration side and module configuration section rsync server configuration file explanation: uid=rsync #The user identity used by the specified module when transferring files gid=rsync #The user group identity used by the specified module when transferring files port=873 #Default port use chroot=no #Whether to imprison the user's home directory max connections=xxx #Maximum number of concurrency, default 0 Unlimited timeout =xxx #Session timeout pid file=/var/run/rsyncd.pid #After the process is started, the process number is stored in the path lock file=/var/run/rsyncd.lock #Lock file that will be used when the service starts and stops log file=/var/log/rsyncd.log #Log file storage path Log fromat = %h %o %f %l %b #Specify logging format motd file = /etc/rsyncd.motd #Login message prompt file, can not be configured. Default is empty. [test] #Module name, name can be written arbitrarily, but generally named by path, it is best to see the name meaning Comment = test #Module information description, which is displayed to the client along with the module name when the client connects to get the module list. Default No Description Definition path=/test/ #Specify the directory path for backup, this parameter must be specified. This directory path is a path of the rsync server and is provided to the client for upload or download. ignore errors #Ignore errors read only = false #Sets whether customers are allowed to upload files. If true, any upload request fails, if false and the client has read and write permissions on the server directory, uploads are allowed. The default value is true. write only Sets whether customers are allowed to download files. If true, any download request will fail, and the default is false. list = false #Sets whether to list modules when a customer requests a list of available modules. If false, a hidden module is created. default value is true hosts allow= 192.168.137.0/24 #Whitelists or network segments need to be separated by spaces. The default is to allow all hosts to connect. hosts deny=* #Blacklist Dont commit #Specifies files that can be transferred without compression, default is *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz auth users = rsync_backup #This option specifies a list of user names separated by spaces or commas that are allowed to connect to the module. The user here is not necessarily the user who exists on the client side. If "auth users" is set, the client needs to authenticate the user when making a connection request to the module. The user's name and password are stored in plain text in the file specified by the "secrets file" option. By default, modules can be connected without a password (i.e. anonymously). secrets file = /etc/rsync.password #Password file for virtual users, in which the format recorded is: username: password exclude = common/ #Used to specify multiple files or directories separated by spaces (relative paths) and add them to the exclude list. This is equivalent to using the--exclude parameter in client commands. Only one exclude option can be specified for a module. However, it should be noted that this option has some security issues, and it is likely that the client will bypass the exclude list. If you want to ensure that certain files cannot be accessed, it is best to use it in conjunction with the uid/gid option. pre-xfer exec, post-xfer exec #Sets commands that can be executed before/after file transfer. If the command executed before the file transfer fails, cancel the transfer operation. Rsync server startup: rsync --daemon #Start as a daemon #echo "/usr/bin/rsync --daemon &" >> /etc/rc.local Automatic startup service Common parameters for manually starting rsync: --daemon starts as a daemon --address Binding specifies IP to provide services, both in server mode and multi-NIC or virtual IP mode --config=xxx Change configuration file path instead of default/etc/rsyncd.conf --port=xx Change port rsync client configuration: The client only needs to install rsync software, and then create a local password file, corresponding to the password of the virtual user under each module in the server configuration file, to achieve password-free synchronization (only write the password without writing the user name). Format of synchronization data in server mode: Pull:rsync [option] [USER@]HOST::SRC DEST Push:rsync [option] SRC rsync://[USER@]HOST[:PORT]/DEST rsync Server Mode Configuration Example: Server side: Create rsyncd profile; vim /etc/rsyncd.conf uid=rsync gid=rsync use chroot=no port=873 list=/mysqlbak max connections=10 timeout=300 Log fromat=%h %o %f %l %d log file=/var/log/rsyncd.log pid file=/var/run/rsyncd.pid [mysqlbak] path=/mysqlbak read only=false list=false hosts allow=182.61.49.21 hosts deny=* auth users=rsync Create a virtual user: useradd rsync -s /sbin/nologin -M (Create a user who cannot log in without a home directory) mkdir /mysqlbak #Create a backup directory chown -R rsync.rsync /mysqlbak Start the server-side process: rsync --daemon Create a server-side virtual user password file: vim /etc/rsync.password rsync:test@1234 Change password file permissions Only root can read and write: chmod 600 /etc/rsync.password Client configuration: vim /etc/rsync.password Create a client password file test@1234 chmod 600 /etc/rsync.password Change password file permissions Only root can read and write

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.