[toc]

1、服务端的环境搭建

1)查看rsync的安装版本

[root@Tencent-SNG ~]$ rpm -qa rsync
rsync-3.0.6-9.el6.x86_64

2)添加rsync服务的用户,管理本地目录

[root@Tencent-SNG ~]$ useradd rsync -s /sbin/nologin -M #创建一个rsync的虚拟用户,只被程序使用

3)先创建rsync的配置文件/etc/rsyncd.conf,然后对其进行配置

[root@Tencent-SNG ~]$ touch /etc/rsyncd.conf
[root@Tencent-SNG ~]$ vim rsyncd.conf

uid = rsync
gid = rsync
use chroot = no
max connections=5
timeout = 500
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

[backup]
path = /backup/
ignore errors
read only = false
list = false
hosts allow = 9.146.180.155,19.86.141.18
auth users = rsync
secrets file = /etc/rsync.passwd

4)根据rsyncd.conf的auth users配置账号

[root@Tencent-SNG ~]$ touch /etc/rsync.passwd 
[root@Tencent-SNG ~]$ echo 'rsync:123456' >> /etc/rsync.passwd

**
5)为密码文件设置权限**

[root@Tencent-SNG ~]$ chmod 600 /etc/rsync.passwd

6)创建共享的目录,并授权rsync服务管理

[root@Tencent-SNG ~]$ mkdir /backup (mkdir /backup/rsync/bi -p)
# 允许rsync用户及用户组可读、可写、可操作backup文件夹
[root@Tencent-SNG ~]$ chown -R rsync.rsync /backup

7)启动rsync服务进程,并查看是否启动成功

[root@Tencent-SNG ~]$ rsync --daemon --config=/etc/rsyncd.conf 
[root@Tencent-SNG ~]$ lsof -i tcp:873
COMMAND   PID USER   FD   TYPE    DEVICE SIZE/OFF NODE NAME
rsync   17883 root    4u  IPv4 645226871      0t0  TCP *:rsync (LISTEN)
rsync   17883 root    5u  IPv6 645226872      0t0  TCP *:rsync (LISTEN)

8)其他相关命令(非必须执行)

# 设置开机启动
[root@Tencent-SNG ~]$ echo '/usr/bin/rsync --daemon --config=/etc/rsyncd.conf' >>/etc/rc.local
[root@Tencent-SNG ~]$ tail -l /etc/rc.local

# 查看rsync的日志文件
[root@Tencent-SNG ~]$ tail /var/log/rsyncd.log

# 重启rsync
[root@Tencent-SNG ~]$ pkill rsync -e
[root@Tencent-SNG ~]$ rsync --daemon --config=/etc/rsyncd.conf
[root@Tencent-SNG ~]$ lsof -i tcp:873

2、客户端的环境搭建

1)查看rsync的安装版本

[root@Tencent-SNG ~]$ rpm -qa rsync
rsync-3.0.6-9.el6.x86_64

2)生成连接服务器需要的密码文件,并设置权限为600

[root@Tencent-SNG ~]$ touch /etc/rsync_client.passwd 
[root@Tencent-SNG ~]$ echo 123456 >> /etc/rsync_client.passwd
[root@Tencent-SNG ~]$ chmod 600 /etc/rsync_client.passwd

3)创建共享的目录,并授权rsync服务管理

[root@Tencent-SNG ~]$ mkdir /backup

#允许rsync用户及用户组可读、可写、可操作backup文件夹

[root@Tencent-SNG ~]$ chown -R rsync.rsync /backup

4)将文件从[客户端]推送到[服务端]的Demo

# 客户端:9.146.80.55 ---(推送)---> 服务端:9.86.41.180
[root@Tencent-SNG /backup]$ rsync -avz /backup/ rsync@9.86.41.180::backup/ --password-file=/etc/rsync_client.passwd
sending incremental file list
client.txt
rsync: chgrp "master2.txt" (in backup) failed: Operation not permitted (1)

sent 150 bytes  received 30 bytes  360.00 bytes/sec
total size is 36  speedup is 0.20
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1052) [sender=3.0.9]

3、注意事项

1)服务器之间进行双向同步

为了能在服务期间进行双向同步,需要在每台服务器上都执行 ”1、服务端的环境搭建“ 和  ”2、客户端的环境搭建“ ,则每台服务器既是服务端,同时又是客户端

2)常见问题

客户端报错:

@ERROR: auth failed on module backup  
rsync error: error starting client-server protocol (code 5) at main.c(1516) [sender=3.0.9]

服务端报错:

2020/11/05 14:57:10 [22996] params.c:Parameter() - Ignoring badly formed line in configuration file: ignore errors  
2020/11/05 14:57:10 [22996] name lookup failed for 9.146.80.55: Name or service not known  
2020/11/05 14:57:10 [22996] connect from UNKNOWN (9.146.80.55)  
2020/11/05 14:57:10 [22996] error matching address 9.146.80.55.0/24: Name or service not known  
2020/11/05 14:57:10 [22996] auth failed on module backup from unknown (9.146.80.55): missing secret for user "rsync"

解决方案:

1)检查文件/etc/rsync_client.passwd的权限是否为600

2)检查服务端和客户端的密码一致,其中,服务端/etc/rsync.passwd的格式为 用户名:密码,客户端/etc/rsync_client.passwd的格式为 密码

3)检查服务端 /etc/rsyncd.conf 中的密码文件路径 secrets file 的取值,是否与服务端的密码文件名 /etc/rsync.passwd 保持一致,比如:后缀 passwd 是否错写成 password

4)出现rsync: chgrp "." (in backup) failed: Operation not permitted (1),如果还想使用-avz这个参数组合的话,可以在rsyncd.conf配置文件中添加一个参数fake super = yes也能解决问题!
图片.png

4、样例参考

  • rsync大概配置同步流程
# 测试环境rsync服务器信息
ip: 9.135.227.108
port: 873
username: root
password: lct@2020
模块参数: backup
备份路径:/backup/rsync/bi

# 1.先将客户端ip加入授信host
/etc/rsyncd.conf # hosts allow字段
#  2.改完重启rsync服务器
pkill rsync
rsync --daemon --config=/etc/rsyncd.conf

#  3.客户端测试路径
# 3.1.创建客户端rsync密码文件
touch /etc/rsync_client.passwd 
echo lct@2020 >> /etc/rsync_client.passwd

# 3.2.客户端:本机 ---(推送)---> 服务端:9.135.227.108
rsync -avz /backup/ root@9.135.227.108::backup/ --password-file=/etc/rsync_client.passwd
# 3.3.客户端:本机/backup目录 ---(推送)---> 服务端:11.148.206.243 (backup模块配置的路径,使用rsync用户)
rsync -avz /backup/ rsync@11.148.206.243::backup/ --password-file=/etc/rsync_client.passwd
  • rsync服务端配置文件样例
# /etc/rsyncd: configuration file for rsync daemon mode

# See rsyncd.conf man page for more options.

# configuration example:

# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2

# [ftp]
#        path = /home/ftp
#        comment = ftp export area


uid = rsync
gid = rsync
use chroot = no
max connections=5
timeout = 500
fake super = yes
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

[backup]
path = /backup/rsync/bi
ignore errors
read only = false
list = false
hosts allow = 11.148.205.208,11.148.206.204,9.88.102.129,11.168.40.88,11.168.40.141,100.122.190.255,11.148.201.143
auth users = rsync
secrets file = /etc/rsync.passwd

5、参考资料

https://rsync.samba.org/

https://www.cnblogs.com/liangjingfu/p/9759085.html

https://blog.csdn.net/weixin_30284355/article/details/101251918

https://baike.baidu.com/item/rsync/8086338?fr=aladdin

Q.E.D.

谁言不解广寒情,天边一颗伴月星