Rsync+inotify触发式自动同步

一、环境

二、rsync搭建流程

• 在远程同步任务中，负责发起rsync同步操作的客户机被称为发起端，而负责相应来自客户机的rsync同步操作的服务器成为同步源
• 在同步过程中，同步源负责提供文档的原始位置，同步发起端应对同步位置具有读取权限。
• rsync作为同步源时以守护进程运行，为其他客户机提供备份源。配置rsync同步源需要配置rsyncd.conf，创建备份账号，然后rsync程序以“--daemon”选项运行

2.1 关闭防火墙和selinux

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0

注：以上是临时关闭，系统重启后设置无效，作为演示环境，这里不作延伸

线上环境防火墙开启时应配置策略放端口

2.2 安装rsync

#Debian
sudo apt-get install rsync

#Red Hat
sudo yum install rsync

同步源及客户端都需要安装rsync

2.3 编辑rsyncd.conf文件（同步源）

[root@localhost ~]# vim /etc/rsyncd.conf 

添加以下内容：

log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid

uid = nobody
gid = nobody
use chroot = yes
address = 192.168.64.100
port = 873
hosts allow = 192.168.64.0/24

[rsyncfile]
path = /opt/myfile
read only = yes
auth users = backuper
secrets file = /etc/rsyncd_users.db

为备份账户创建数据文件

[root@localhost ~]# vim /etc/rsyncd_users.db
[root@localhost ~]# cat /etc/rsyncd_users.db 
backuper:pwd123

启动rsync服务程序

[root@localhost ~]# rsync --daemon
[root@localhost ~]# ps -ef | grep rsync
root      11416      1  0 18:57 ?        00:00:00 rsync --daemon
root      11422   1668  0 18:57 pts/0    00:00:00 grep --color=auto rsync

如果要结束rsync进程，可以执行下面的命令，进程号是刚刚ps命令查出来的

[root@localhost ~]# kill -9 11416

修改认证文件权限，创建备份路径，测试文件

[root@localhost myfile]# chmod 600 /etc/rsyncd_users.db 
[root@localhost ~]# mkdir /opt/myfile
[root@localhost ~]# cd /opt/myfile/
[root@localhost myfile]# touch test1.txt
[root@localhost myfile]# ll
总用量 0
-rw-r--r--. 1 root root 0 8月  25 19:12 test1.txt

2.4 测试rsync远程备份功能（客户端）

[root@localhost ~]# rsync -avz backuper@192.168.64.100::rsyncfile /opt/myfile/Password: receiving incremental file listcreated directory /opt/myfile./test1.txtsent 46 bytes  received 107 bytes  43.71 bytes/sectotal size is 0  speedup is 0.00[root@localhost ~]# cd /opt/myfile/[root@localhost myfile]# ll总用量 0-rw-r--r--. 1 root root 0 8月  25 19:12 test1.txt

测试在客户端新增文件后，加--delete参数同步文件

[root@localhost myfile]# touch client.txt[root@localhost myfile]# ll总用量 0-rw-r--r--. 1 root root 0 8月  25 19:23 client.txt-rw-r--r--. 1 root root 0 8月  25 19:12 test1.txt[root@localhost myfile]# rsync -avzH --delete backuper@192.168.64.100::rsyncfile /opt/myfile/Password: receiving incremental file listdeleting client.txt./sent 27 bytes  received 71 bytes  21.78 bytes/sectotal size is 0  speedup is 0.00[root@localhost myfile]# ll总用量 0-rw-r--r--. 1 root root 0 8月  25 19:12 test1.txt

可以看到同步源没有的文件会被删除

2.5 使用crontab,定时对同步源进行备份（客户端）

如：每天晚上22:00对服务器的网站做一次同步

这里因为测试，使用每分钟同步一次的计划

首先在客户端创建密码文件，保存备份账户的密码，设置权限

[root@localhost myfile]# vim /etc/rsync.pass[root@localhost myfile]# cat /etc/rsync.pass pwd123[root@localhost myfile]# chmod 600 /etc/rsync.pass 

做计划任务

[root@localhost myfile]# crontab -e内容如下：* * * * * /usr/bin/rsync -az --delete --password-file=/etc/rsync.pass backuper@192.168.64.100::rsyncfile /opt/myfile

然后在同步源的同步路径下修改文件测试客户端是否有变化。

192.168.64.100[root@localhost myfile]# touch plantest2.txt192.168.64.99[root@localhost myfile]# ll总用量 0-rw-r--r--. 1 root root 0 8月  25 19:38 plantest2.txt-rw-r--r--. 1 root root 0 8月  25 19:12 test1.txt

可以看到文件已经从同步源备份到了客户端，计划任务里面的 * * * * *是crontab表达式，感兴趣的可以自行查阅了解

三、配置rsync+inotify实时同步（同步源）

作用：将rsync工具与inotify机制相结合，可以实现触发式备份（实时同步），只要同步源的文档有变化，立刻启动备份操作

3.1 下载安装inotify-tools

下载工具包，然后上传至服务器解压

[root@localhost ~]# ll总用量 356-rw-------. 1 root root   1421 8月   7 00:01 anaconda-ks.cfg-rw-r--r--. 1 root root 358772 8月  25 20:06 inotify-tools-3.14.tar.gz[root@localhost ~]# tar -xvf inotify-tools-3.14.tar.gz[root@localhost ~]# ll总用量 360-rw-------. 1 root  root    1421 8月   7 00:01 anaconda-ks.cfgdrwxrwxrwx. 5 yinmy yinmy   4096 3月  14 2010 inotify-tools-3.14-rw-r--r--. 1 root  root  358772 8月  25 20:06 inotify-tools-3.14.tar.gz

进入解压后的目录

[root@localhost ~]# cd inotify-tools-3.14/[root@localhost inotify-tools-3.14]# ./configure若有以下报错，安装一下gccconfigure: error: in `/root/inotify-tools-3.14':configure: error: no acceptable C compiler found in $PATHSee `config.log' for more details.[root@localhost inotify-tools-3.14]# yum install gcc -y[root@localhost inotify-tools-3.14]# ./configure [root@localhost inotify-tools-3.14]# make && make install

3.2 客户端创建用户，配置同步源ssh免密登录客户端

客户端创建用户,配置允许rsync用户登录：

[root@localhost myfile]# useradd rsync && passwd rsync更改用户 rsync 的密码 。新的 密码：重新输入新的 密码：passwd：所有的身份验证令牌已经成功更新。[root@localhost myfile]# vim /etc/ssh/sshd_config 在文件中增加AllowUsers rsync@192.168.64.100# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2# but this is overridden so installations will only check .ssh/authorized_keysAuthorizedKeysFile      .ssh/authorized_keysAllowUsers rsync@192.168.64.100#AuthorizedPrincipalsFile none修改同步目录权限 [root@localhost opt]# chmod -R 777 /opt/myfile/

同步源配置ssh免密登录客户端

[root@localhost /]# ssh-keygen Generating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'.Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:SHA256:0DGvYW6mK94lsOqyUD3phS2ub8wEcHvZ/+8uFKoF4JM root@localhost.localdomainThe key's randomart image is:+---[RSA 2048]----+|        o        ||. . .  . +       || o o =. + .      ||  o.E+o+ o.      ||  .oB.ooS. .     || . o.* ++ .      ||.  ++ oo.o       ||o  o=..+  o      ||.+++o.o    =+    |+----[SHA256]-----+[root@localhost /]# ssh-copy-id rsync@192.168.64.99/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"The authenticity of host '192.168.64.99 (192.168.64.99)' can't be established.ECDSA key fingerprint is SHA256:qehSfNDKLquXCwUvekxdNeUekmUO0rpT8bkiCNCRZsM.ECDSA key fingerprint is MD5:8e:b5:53:5c:be:c3:70:bb:0d:2f:db:cd:a9:88:67:73.Are you sure you want to continue connecting (yes/no)? yes/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keysrsync@192.168.64.99's password: Number of key(s) added: 1Now try logging into the machine, with:   "ssh 'rsync@192.168.64.99'"and check to make sure that only the key(s) you wanted were added.

生成秘钥时一路回车即可，第二步传输秘钥文件时输入yes,后输入rsync的密码

同步源测试ssh免密登录客户端

[root@localhost /]# ssh rsync@192.168.64.99[rsync@localhost ~]$ 

3.3 编写触发式同步脚本（同步源）

[root@localhost opt]# vim /opt/inotify_rsync.sh 脚本内容为#!/bin/bashINOTIFY_CMD="inotifywait -mrq -e modify,create,attrib,move,delete /opt/myfile"RSYNC_CMD="rsync -azH --delete /opt/myfile rsync@192.168.64.99:/opt/myfile"$INOTIFY_CMD | while read DIRECTORY EVENT FILEdoif [ $(pgrep "^rsync$" | wc -l) -ne 0 ] ; then$RSYNC_CMDfidone

执行脚本，修改同步源文件测试（注意删除客户端crontab的内容，避免影响测试结果）

[root@localhost opt]# sh -x inotify_rsync.sh + INOTIFY_CMD='inotifywait -mrq -e modify,create,attrib,move,delete /opt/myfile'+ RSYNC_CMD='rsync -azH --delete /opt/myfile rsync@192.168.64.99:/opt/myfile'+ inotifywait -mrq -e modify,create,attrib,move,delete /opt/myfile+ read DIRECTORY EVENT FILE复制会话或者新建终端窗口，在同步源新增一个文件[root@localhost myfile]# touch inotifytest4.txt[root@localhost myfile]# 查看刚刚窗口的脚本执行输出[root@localhost opt]# sh -x inotify_rsync.sh + INOTIFY_CMD='inotifywait -mrq -e modify,create,attrib,move,delete /opt/myfile'+ RSYNC_CMD='rsync -azH --delete /opt/myfile rsync@192.168.64.99:/opt/myfile'+ inotifywait -mrq -e modify,create,attrib,move,delete /opt/myfile+ read DIRECTORY EVENT FILE++ pgrep '^rsync$'++ wc -l+ '[' 1 -ne 0 ']'+ rsync -azH --delete /opt/myfile rsync@192.168.64.99:/opt/myfile+ read DIRECTORY EVENT FILE++ pgrep '^rsync$'++ wc -l+ '[' 1 -ne 0 ']'+ rsync -azH --delete /opt/myfile rsync@192.168.64.99:/opt/myfile+ read DIRECTORY EVENT FILE  没有报错即执行成功，报错的话根据报错结果去修改

客户端目录查看是否实时触发同步成功

3.4 给脚本增加可执行权限，后台运行脚本

[root@localhost opt]# chmod +x /opt/inotify_rsync.sh [root@localhost myfile]# /opt/inotify_rsync.sh &

如有任何问题欢迎联系：

author：yinmy

wechat：rainsimple