使用Rsync实现服务器数据自动备份方案
项目背景与需求分析
企业环境中存在一台核心NFS服务器,其存储的关键业务数据面临硬件故障风险。现需建立自动化备份机制,确保数据安全性。
备份策略要求:
- 每日凌晨自动打包并同步关键配置文件和业务数据
- 本地保留最近7天备份,远端服务器长期归档
- 按服务器IP分类存储,文件命名包含时间戳
- 实施数据完整性校验,并发送通知邮件
环境规划与网络配置
服务器角色分配如下:
| 主机名 | 管理IP | 业务IP | 功能定位 |
|---|---|---|---|
| backup | 10.0.0.41 | 172.16.1.41 | 备份服务端 |
| nfs01 | 10.0.0.31 | 172.16.1.31 | NFS存储节点 |
| web01 | 10.0.0.8 | 172.16.1.8 | Web应用服务器 |
备份服务器配置流程
首先确认rsync软件包已安装:
rpm -q rsync编辑主配置文件/etc/rsyncd.conf:
uid = rsync
gid = rsync
use chroot = no
max connections = 200
timeout = 300
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
[backup_store]
path = /backup/
ignore errors
read only = false
list = false
hosts allow = 172.16.1.0/24
hosts deny = 0.0.0.0/32
auth users = backup_user
secrets file = /etc/rsync_auth.conf初始化系统账户和存储目录:
useradd -s /sbin/nologin -M rsync
mkdir /backup
chown rsync:rsync /backup启动rsync守护进程:
rsync --daemon
ss -tuln | grep 873创建服务控制脚本/etc/init.d/backup_service:
#!/bin/bash
#chkconfig: 35 80 20
#description: Backup server daemon control
. /etc/rc.d/init.d/functions
start_service() {
rsync --daemon
[[ $? -eq 0 ]] && action "启动备份服务:" /bin/true || action "启动失败:" /bin/false
}
stop_service() {
pkill rsync
[[ $? -eq 0 ]] && action "停止备份服务:" /bin/true || action "停止失败:" /bin/false
}
case "$1" in
start) start_service ;;
stop) stop_service ;;
restart) stop_service; start_service ;;
*) echo "用法: $0 {start|stop|restart}" ;;
esac设置脚本权限并注册为系统服务:
chmod +x /etc/init.d/backup_service
chkconfig backup_service on配置认证凭证文件:
echo "backup_user:mypass123" > /etc/rsync_auth.conf
chmod 600 /etc/rsync_auth.conf编写服务端健康检查脚本/server/check_integrity.sh:
#!/bin/bash
# 数据完整性验证脚本
BACKUP_PATH="/backup"
CLIENT_COUNT=2
MAIL_RECEIVER="admin@example.com"
/etc/init.d/postfix status &>/dev/null || /etc/init.d/postfix start
file_count=$(find $BACKUP_PATH -name "checksum*.txt" | wc -l)
if [[ $file_count -eq $CLIENT_COUNT ]]; then
find $BACKUP_PATH -name "checksum*.txt" | while read check_file; do
md5sum -c "$check_file"
if [[ $? -eq 0 ]]; then
logger "备份校验成功: $check_file"
rm -f "$check_file"
else
logger "备份校验失败: $check_file"
echo "校验失败通知" | mail -s "备份异常告警" $MAIL_RECEIVER
fi
done
else
echo "客户端数据不完整" | mail -s "备份完整性警告" $MAIL_RECEIVER
fi
# 清理过期非周一备份
find $BACKUP_PATH -type f ! -name "*_1.tar.gz" -mtime +180 -delete将检查脚本加入计划任务:
0 6 * * * /bin/bash /server/check_integrity.sh &>/dev/null客户端部署步骤
在各业务服务器上执行以下操作:
创建认证文件:
echo "mypass123" > /etc/client_auth.key
chmod 600 /etc/client_auth.key建立本地备份目录:
mkdir -p /backup开发数据采集脚本/server/data_archive.sh:
#!/bin/bash
# 客户端数据归档脚本
STORAGE_DIR="/backup"
REMOTE_HOST="172.16.1.41"
SERVER_IP=$(ip addr show eth1 | awk '/inet / {gsub(/\/.*/, "", $2); print $2}')
DATE_TAG="${SERVER_IP}_$(date +%Y%m%d_%u)"
mkdir -p ${STORAGE_DIR}/${DATE_TAG}
# 复制关键系统文件
[[ -f /var/spool/cron/root ]] && cp -a /var/spool/cron/root ${STORAGE_DIR}/${DATE_TAG}/
[[ -f /etc/rc.local ]] && cp -a /etc/rc.local ${STORAGE_DIR}/${DATE_TAG}/
[[ -d /opt/scripts ]] && cp -a /opt/scripts ${STORAGE_DIR}/${DATE_TAG}/
[[ -d /var/www/html ]] && cp -a /var/www/html ${STORAGE_DIR}/${DATE_TAG}/
[[ -d /var/log/nginx ]] && cp -a /var/log/nginx ${STORAGE_DIR}/${DATE_TAG}/
[[ -f /etc/sysconfig/iptables ]] && cp -a /etc/sysconfig/iptables ${STORAGE_DIR}/${DATE_TAG}/
cd $STORAGE_DIR
tar -czf ${DATE_TAG}.tar.gz ${DATE_TAG}
rm -rf ${DATE_TAG}
# 生成校验码
md5sum ${DATE_TAG}.tar.gz > checksum_${SERVER_IP}.txt
# 同步至备份服务器
rsync -az ${STORAGE_DIR}/ backup_user@${REMOTE_HOST}::backup_store --password-file=/etc/client_auth.key
# 删除7天前旧备份
find ${STORAGE_DIR} -name "${SERVER_IP}*" -type f -mtime +7 -delete配置定时执行任务:
0 0 * * * /bin/bash /server/data_archive.sh &>/dev/null通过以上配置,实现了企业级分布式服务器自动备份解决方案。
