Rsync服务器架设
跳到导航
跳到搜索
目录
什么是rsync
rsync,remote synchronize顾名思意就知道它是一款实现远程同步功能的软件,它在同步文件的同时,可以保持原来文件的权限、时间、软硬链接等附加信息。 rsync是用 “rsync 算法”提供了一个客户机和远程文件服务器的文件同步的快速方法,而且可以通过ssh方式来传输文件,这样其保密性也非常好,另外它还是免费的软件。
rsync 包括如下的一些特性:
能更新整个目录和树和文件系统;
有选择性的保持符号链链、硬链接、文件属于、权限、设备以及时间等;
对于安装来说,无任何特殊权限要求;
对于多个文件来说,内部流水线减少文件等待的延时;
能用rsh、ssh 或直接端口做为传输入端口;
支持匿名rsync 同步文件,是理想的镜像工具;
rsync 是一个快速增量文件传输工具,它可以用于在同一主机备份内部的备分,我们还可以把它作为不同主机网络备份工具之用。本文主要讲述的是如何自架rsync服务器,以实现文件传输、备份和镜像。
1.服务器端
mkdir -p /data/allbackdata/ # uid git 可以改成你所想要的 echo ' ###################################################################################################### # ******进程相关全局配置****** ###################################################################################################### # = 后面的值可根据自己的实际情况更改 # pid file 守护进程pid文件 # port 守护进程监听端口,可更改,由xinetd允许rsyncd时忽略此参数 # address 守护进程监听ip,由xinetd允许rsyncd时忽略此参数 port = 873 #address = 192.168.1.2 #很多时候这个不要 uid=root gid=root #hosts allow = 192.168.1.130 # \\ 允许同步的机器,可以是一个网段 很多时候这个不要 #hosts deny = 0.0.0.0/0 #\\ 拒绝同步的机器,这里是只允许上面指定的机器 很多时候这个不要 use chroot = yes # 这个很多时候不敢要 read only = no max connections = 80 timeout = 300 # read only = false 允许client上传 # wirte only = false 允许 client 下载 max connections = 20 timeout = 300 #欢迎文件路径,可选的 motd file = /etc/rsyncd.motd pid file = /var/run/rsyncd.pid log file = /data/logs/rsync.log lock file = /var/run/rsync.lock secrets file = /etc/pass.crt [data] path = /data/allbackdata/ #是否允许列出模块里的内容 list=yes #忽略错误 #ignore errors #排除目录,多个之间使用空格隔开 exclude = test1/ test2 auth users = ops ' > /etc/rsyncd.conf #Note client 只要密码 不用写上用户哦 Nov 25 2021, #但是这是server端 两个全要 echo 'ops:3636' > /etc/pass.crt chmod 600 /etc/pass.crt #注意 这个一定得是 600 不然权限太大 失败的 Oct 16 cat /var/jenkins_home/lcpass youpassword #on service iptables -A INPUT -s 47.8.16.30 -p tcp -m tcp --dport 873 -j ACCEPT ##******************* #自启动 chkconfig --level 345 rsyncd on
2. client
iptables -A INPUT -s 10.45.241.123/32 -p tcp -m tcp --dport 873 -j ACCEPT #pull env RSYNC_PASSWORD=3636 rsync -avz s_20160928.sql.gz [email protected]::data rsync -avz s_20160928.sql.gz --delete --password-file=rsyncd.secrets [email protected]::data /usr/bin/rsync -al -q --timeout=50 ${DB_BAK_ROOT} root@${BAK_SERVER}::${MODULE}/${IPADDR}
3.rsync daemon 启动脚本
sysd centos7
cat /usr/lib/systemd/system/rsyncd.service [Unit] Description=fast remote file copy program daemon ConditionPathExists=/etc/rsyncd.conf [Service] EnvironmentFile=/etc/sysconfig/rsyncd ExecStart=/usr/bin/rsync --daemon --no-detach "$OPTIONS" [Install] WantedBy=multi-user.target
sysv centos6.x
#!/bin/bash
#
# rsyncd This shell script takes care of starting and stopping
# standalone rsync.
#
# chkconfig: - 99 50
# description: rsync is a file transport daemon
# processname: rsync
# config: /etc/rsyncd.conf
# Source function library
. /etc/rc.d/init.d/functions
RETVAL=0
rsync="/usr/bin/rsync"
prog="rsync"
CFILE="/etc/rsyncd.conf"
start() {
# Start daemons.
[ -x $rsync ] || \
{ echo "FATAL: No such programme";exit 4; }
[ -f $CFILE ] || \
{ echo "FATAL: config file does not exist";exit 6; }
echo -n $"Starting $prog: "
daemon $rsync --daemon --config=$CFILE
RETVAL=$?
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $"Stopping $prog: "
killproc $prog -QUIT
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
# [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/rsync && rm -f /var/lock/subsys/$prog && rm -f /var/run/rsyncd.pid /var/lock/subsys/rsync
return $RETVAL
}
# call the function we defined
case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
sleep 2
start
RETVAL=$?
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
exit 2
esac
exit $RETVAL
trouble shooting
1.
uid=root
gid=root
配置文件和 模块的目录属性要一致 不然传输会报错
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1505)
2. client 密码文件 也得是600
3. address ip写得不对 启动不了
tail /var/log/message
23 17:02:44 localhost rsyncd[5345]: rsyncd version 3.0.6 starting, listening on port 873
Mar 23 17:02:44 localhost rsyncd[5345]: bind() failed: Cannot assign requested address (address-family 2)
Mar 23 17:02:44 localhost rsyncd[5345]: unable to bind any inbound sockets on port 873
Mar 23 17:02:44 localhost rsyncd[5345]: rsync error: error in socket IO (code 10) at socket.c(541) [receiver=3.0.6]
4. 启动脚本添加 rm -f /var/run/rsyncd.pid
5.:
@ERROR: chroot failed
rsync error: error starting client-server protocol (code 5) at main.c(1503) [sender=3.0.6]
原因:
服务器端的目录不存在或无权限。创建目录并修正权限可解决问题
6.restart 时起不来,log如下
[root@ ~]# cat /data/logs/rsync.log
2017/07/27 11:16:34 [21027] rsyncd version 3.0.6 starting, listening on port 873
2017/07/27 11:16:34 [21027] bind() failed: Address already in use (address-family 2)
2017/07/27 11:16:34 [21027] socket(10,1,6) failed: Address family not supported by protocol
2017/07/27 11:16:34 [21027] unable to bind any inbound sockets on port 873
2017/07/27 11:16:34 [21027] rsync error: error in socket IO (code 10) at socket.c(541) [receiver=3.0.6]
改为start 成功
最终的解决方案是 sleep 2
restart() {
stop
sleep 2
start
}
7. 问题
restart后 其实有时进程不在
2017/08/02 18:09:49 [6875] bind() failed: Address already in use (address-family 2)
2017/08/02 18:09:49 [6875] unable to bind any inbound sockets on port 873
2017/08/02 18:09:49 [6875] rsync error: error in socket IO (code 10) at socket.c(541) [receiver=3.0.6]
为空
lsof -i:873
解决 查看了nginx的启动脚本后 得到启发 在启动脚本上加 sleep 2
8.查看log得知
Aug 2 17:30:13 localhost rsyncd[3232]: Badly formed boolean in configuration file: "on".
Aug 2 17:30:13 localhost rsyncd[3232]: Unknown Parameter encountered: "pid flie"
Aug 2 17:30:13 localhost rsyncd[3232]: IGNORING unknown parameter "pid flie"
小伙伴no 写成了 on ,file 写成了 flie 哈哈哈哈
期间还有 rsyslog 重启什么的
直接手工启动
rsync --daemon --config=$CFILE
9. rsync报错rsync: failed to set times on "." (in backup): Permission denied (13) 原创
还有 对应的模块 目录一定得是运行是apapche
因为rsyncd 运行用户是apapche
不行 rsync报错rsync: failed to set times on "." (in backup): Permission denied (13) 原创
10. on alpine docker
+ env 'RSYNC_PASSWORD=7jKSNcSD2zN6AjJK' rsync -az '--port=873' '--password-file=/etc/lcpass' /var/jenkins_home/workspace/l/vue-wap/ [email protected]::lc-temp
rsync: [sender] could not open password file /etc/pass: Permission denied (13)
rsync error: syntax or usage error (code 1) at authenticate.c(188) [sender=3.2.3]
Post stage
[Pipeline]
11. ERROR: password file must not be other-accessible
密码文件得当前用户的权限的同时 600 所以在 alpine dokcer里 先用普通用户创建 再用root 去chmod 600 passwordfile
12.
2022/01/12 10:42:43 [22994] rsync: failed to write xattr user.rsync.%stat for "." (in sync-task): Permission denied (13)
2022/01/12 10:42:43 [22994] rsync: failed to set times on "." (in core-sync-task): Operation not permitted (1)
2022/01/12 10:42:43 [22994] ./
整个/data/nginx 全改为 apache用户权限
rsync @ERROR: chdir failed 的解决方法
rsync报错rsync: failed to set times on "." (in backup): Permission denied (13)
参考
https://www.centos.bz/2011/06/rsync-server-setup/
https://segmentfault.com/a/1190000000444614
rsync一:工作模式及语法 http://share.blog.51cto.com/278008/560742
rsync二:daemon端配置文件 http://share.blog.51cto.com/278008/560761
rsync三:过滤规则 http://share.blog.51cto.com/278008/567578
