主要内容：

1.分析什么东西需要备份

2.整体的思路

3.rsync服务

4.备份命令和脚本以及定时任务的书写测试

一、那些文件需要备份

1.配置文件：

包括：
（1）/etc/ 下的配置文件
（2）/var/log/日志下的文件：

/var/log/messages
/var/log/secure
/var/log/cron
/var/log/rsyncd.log
/var/log/nginx/access.log
（3）/var/spoot/cron/

2.网站的代码

3.用户的数据

包括：

（1） 数据库里的文件
（2）存储中的数据

二、整体思路

1.rsync服务的配置，启动，检查等（详见简书rsync守护进程模式https://www.jianshu.com/p/2b39603d5b5a）

2.备份的命令和脚本测试

3.定时任务的书写和测试

三、rsync服务

1.rsync服务端（backup服务端）

（1）创建用户

[root@backup ~]# useradd -s /sbin/nologin  -M rsync
[root@backup ~]# grep 'rsync' /etc/passwd
rsync:x:1001:1001::/home/rsync:/sbin/nologin

（2）创建共享目录，修改所属用户和组

[root@backup ~]# mkdir /backup
[root@backup ~]# chown rsync.rsync  /backup/
[root@backup ~]# ll -d /backup/
drwxr-xr-x 2 rsync rsync 6 May 22 09:13 /backup/

3.创建密码文件，并修改权限为600

[root@backup ~]# echo 'rsync_backup:123456' >/etc/rsync.password 
[root@backup ~]# chmod 600 /etc/rsync.password
[root@backup ~]# ll /etc/rsync.password
-rw------- 1 root root 0 May 22 09:14 /etc/rsync.password
[root@backup ~]# cat /etc/rsync.password 
rsync_backup:123456

4.修改配置文件

[root@backup ~]# vim /etc/rsyncd.conf 
#Rsync server
#created by oldboy 15:01 2009-6-5
##rsyncd.conf start##
fake super = yes
uid = rsync 
gid = rsync 
use chroot = no
max connections = 2000
timeout = 600
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
ignore errors
read only = false
list = false
#hosts allow = 10.0.0.0/24
#hosts deny = 0.0.0.0/32
auth users = rsync_backup
secrets file = /etc/rsync.password
#####################################
[backup]
comment = www by old0boy 14:18 2012-1-13
path = /backup 

5.启动和开机自动启动

[root@backup ~]# systemctl restart rsyncd
[root@backup ~]# systemctl is-active rsyncd
active
[root@backup ~]# systemctl is-enabled rsyncd
disabled
[root@backup ~]# systemctl enable rsyncd
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
[root@backup ~]# systemctl is-enabled rsyncd
enabled
[root@backup ~]# ps -ef |grep 'rsync'
root       8067      1  0 09:21 ?        00:00:00 /usr/bin/rsync --daemon --no-detach
root       8102   7459  0 09:22 pts/0    00:00:00 grep --color=auto rsync
[root@backup ~]# ss -lntup |grep 'rsync'
tcp    LISTEN     0      5         *:873                   *:*                   users:(("rsync",pid=8067,fd=3))
tcp    LISTEN     0      5        :::873                  :::*                   users:(("rsync",pid=8067,fd=5))

6.测试

[root@backup ~]# rsync -avz /etc/hostname  rsync_backup@172.16.1.41::backup
Password: 
sending incremental file list
hostname

sent 102 bytes  received 43 bytes  41.43 bytes/sec
total size is 7  speedup is 0.05
[root@backup ~]# tree /backup/
/backup/
└── hostname

0 directories, 1 file
[root@backup ~]# cat /backup/hostname 
backup

2.rsync客户端

1.密码文件和修改权限

[root@web01 ~]# echo '123456' >/etc/rsync.password
[root@web01 ~]# chmod 600 /etc/rsync.password
[root@web01 ~]# ll /etc/rsync.password
-rw------- 1 root root 7 May 22 09:25 /etc/rsync.password
[root@web01 ~]# cat /etc/rsync.password
123456

2.测试

（1）web01服务器：

[root@web01 ~]# rsync -avz /etc/hosts  rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password 
sending incremental file list
hosts

sent 221 bytes  received 43 bytes  528.00 bytes/sec
total size is 349  speedup is 1.32

（2）backup服务器

[root@backup ~]# tree /backup/
/backup/
├── hostname
└── hosts

0 directories, 2 files
[root@backup ~]# cat /backup/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.5      lb01
172.16.1.6      lb02
172.16.1.7      web01
172.16.1.8      web02
172.16.1.31     nfs01
172.16.1.41     backup
172.16.1.51     db01 db01.etiantian.org
172.16.1.61     m01

四、备份命令和脚本：

1.客户端：

（1）第一步：创建ip地址命名的目录：

[root@web01 ~]# IP=`hostname -I |awk '{print $2}'`
[root@web01 ~]# echo $IP
172.16.1.7
[root@web01 ~]# mkdir -p /backup/$IP
[root@web01 ~]# tree /backup/
/backup/
└── 172.16.1.7

1 directory, 0 files

（2）第二步 打包压缩文件到这个目录下并以时间命名

[root@web01 ~]# DATE=`date +%F-%w`
[root@web01 ~]# echo $DATE
2019-05-22-3
[root@web01 ~]# tar zcf /backup/$IP/conf-$DATE.tar.gz   /etc/ 
tar: Removing leading `/' from member names
[root@web01 ~]# tree /backup/
/backup/
└── 172.16.1.7
    └── conf-2019-05-22-3.tar.gz

1 directory, 1 file

（3）第三步 制作MD5校验码，并放到创建的目录下

[root@web01 ~]# HOST=`hostname`
[root@web01 ~]# echo $HOST
web01
[root@web01 ~]# find /backup/ -type f -name '*.tar.gz' |xargs md5sum >/backup/$IP/conf-$HOST.md5
[root@web01 ~]# tree /backup/
/backup/
└── 172.16.1.7
    ├── conf-2019-05-22-3.tar.gz
    └── conf-web01.md5

1 directory, 2 files
[root@web01 ~]# md5sum -c /backup/$IP/conf-$HOST.md5
/backup/172.16.1.7/conf-2019-05-22-3.tar.gz: OK

（4）第四步 把备份推送到backup服务器的backup模块下

[root@web01 ~]# #备份推送到backup服务器的backup模块下
[root@web01 ~]# rsync -avz /backup/  rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password 
sending incremental file list
./
172.16.1.7/
172.16.1.7/conf-2019-05-22-3.tar.gz
172.16.1.7/conf-web01.md5

sent 10,016,550 bytes  received 73 bytes  6,677,748.67 bytes/sec
total size is 10,217,175  speedup is 1.02
####到backup服务器下查看
[root@backup ~]# tree /backup/
/backup/
├── 172.16.1.7
│   ├── conf-2019-05-22-3.tar.gz
│   └── conf-web01.md5
├── hostname
└── hosts

1 directory, 4 files

（5）第五步 删除7天之前的备份

[root@web01 ~]# find /backup/ -type f -name 'conf-*' -mtime +7 |xargs rm -f
[root@web01 ~]# ll /backup/172.16.1.7/
total 0

（6） 第六步 书写脚本

 [root@web02 ~]# vim /server/scripts/bak.sh
#!/bin/bash
#bianlaing
HOST=`hostname`
DATE=`date +%F-%w`
IP=`hostname -I |awk '{print $2}'`
#mkdir
mkdir -p /backup/$IP
#tar
tar zcf /backup/$IP/conf-$DATE-$HOST.tar.gz  /var/spool/cron/root /etc/rc.local /server/scripts/ /et
c/sysconfig/iptables /var/html/www/  /app/logs/ /var/log/messages /var/log/secure /var/log/cron  /va
r/log/rsyncd.log /etc/

#make md5
md5sum /backup/$IP/conf-$DATE-$HOST.tar.gz  >/backup/$IP/conf-$DATE-$HOST.md5
#bash
rsync -az /backup/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password
#del 7 day ago md5 and tar file
find /backup/ -type f -name 'conf*' -mtime +7 |xargs rm -f

（7）执行脚本进行测试：

[root@web02 ~]# sh -x /server/scripts/bak.sh 
++ hostname
+ HOST=web02
++ date +%F-%w
+ DATE=2019-05-22-3
++ awk '{print $2}'
++ hostname -I
+ IP=172.16.1.8
+ mkdir -p /backup/172.16.1.8
+ tar zcf /backup/172.16.1.8/conf-2019-05-22-3-web02.tar.gz /var/spool/cron/root /etc/rc.local /server/scripts/ /etc/sysconfig/iptables /var/html/www/ /app/logs/ /var/log/messages /var/log/secure /var/log/cron /var/log/rsyncd.log /etc/
tar: Removing leading `/' from member names
tar: Removing leading `/' from hard link targets
+ md5sum /backup/172.16.1.8/conf-2019-05-22-3-web02.tar.gz
+ rsync -az /backup/ rsync_backup@172.16.1.41::backup --password-file=/etc/rsync.password
+ find /backup/ -type f -name 'conf*' -mtime +7
+ xargs rm -f
[root@web02 ~]# tree /backup/
/backup/
└── 172.16.1.8
    ├── conf-2019-05-22-3-web02.md5
    └── conf-2019-05-22-3-web02.tar.gz

1 directory, 2 files
########到backup服务旗下查看是否推送过去了
[root@backup ~]# tree /backup/
/backup/
├── 172.16.1.8
│   ├── conf-2019-05-22-3-web02.md5
│   └── conf-2019-05-22-3-web02.tar.gz
└── chekmd5-2019-05-22-3.txt

1 directory, 3 files

（8）书写定时任务并进行测试

[root@web02 ~]# crontab -e
#bak web01 bash backup server
* *  * * *  sh  /server/scripts/bak.sh  >/dev/null >2&1
##########
测试成功后修改为我们所需要的
[root@web02 ~]# crontab -e
#bak web01 bash backup server
00 00  * * *  sh  /server/scripts/bak.sh  >/dev/null >2&1
[root@web02 ~]# 

2.服务端：

（1）校验MD5信息

[root@backup ~]# md5sum -c /backup/172.16.1.8/conf-2019-05-22-3-web02.md5  >/backup/chekmd5-2019-05-22-3.txt 
[root@backup ~]# cat /backup/chekmd5-2019-05-22-3.txt 
/backup/172.16.1.8/conf-2019-05-22-3-web02.tar.gz: OK

（2）删除180天前的备份文件但是保留周六的

[root@backup ~]# find /backup/ -type f -name 'conf*' ! -name '*-6*'  -mtime +180 |xargs rm -f

（3）修改邮件服务的配置文件

set from=17794256261@163.com  smtp=smtp.163.com smtp-auth-user=17794256261  smtp-auth-password=#授权码 开启邮箱smtp服务后后获取   smtp-auth=login

（4）发送邮件

[root@backup ~]# date 
Wed May 22 19:48:46 CST 2019
[root@backup ~]# mail -s "CHEK WEB01 BACK MD5" 17794256261@163.com  </backup/chekmd5-$DATE.txt

邮件服务截图.png

（5）书写脚本并检测

[root@backup ~]# vim /server/scripts/chek.sh 
#!/bin/bash
DATE=`date +%F-%w`
#del 180 day ago and save Mon file 
find /backup/ -type f -name 'conf*' ! -name '*-6*'  -mtime +180 |xargs rm -f
#chek md5
find /backup/ -type f -name '*.md5' |xargs md5sum -c >/backup/chekmd5-$DATE.txt
#mail
mail -s "CHEK WEB01 BACK MD5" 17794256261@163.com  </backup/chekmd5-$DATE.txt
################################
检测
[root@backup ~]# sh -x /server/scripts/chek.sh 
++ date +%F-%w
+ DATE=2019-05-22-3
+ find /backup/ -type f -name 'conf*' '!' -name '*-6*' -mtime +180
+ xargs rm -f
+ find /backup/ -type f -name '*.md5'
+ xargs md5sum -c
+ mail -s 'CHEK WEB01 BACK MD5' 17794256261@163.com

（6）书写定时任务检测后改为我们需要的时间

[root@backup ~]# crontab -e
#chek bak file
* *  * * *    sh  /server/scripts/chek.sh   >/dev/null >2&1
########################
修改为我们需要的时间
[root@backup ~]# crontab -e
#chek bak file
00 00  * * *    sh  /server/scripts/chek.sh   >/dev/null >2&1

完成全网备份的服务端和客户端的配置