目录

• 设置待备份的机器无登录远程访问远程服务器
• Cron执行脚本
• 脚本

设置待备份的机器无登录远程访问远程服务器

1. 在待备份的机器下生成密钥, 输入ssh-keygen -t rssa命令，然后一路回车

   # ssh-keygen -t rsa
   Enter file in which to save the key (/root/.ssh/id_rsa):
   Enter passphrase (empty for no passphrase):
   Enter same passphrase again:
   Your identification has been saved in /root/.ssh/id_rsa.
   Your public key has been saved in /root/.ssh/id_rsa.pub.
   The key fingerprint is:
   SHA256:ktv7oSyTXkC++gT4A47abB6/Ta+Q3EBbQg6J3qb0TVE root@vm4c8g5m01
   The key's randomart image is:
   
   				
   
   					
   				
   				
   
   					
   				
   				
   
   					
   				
   				
   
   					
   				
   			

2. 命令执行完成后会在用户的根目录生成一个 .ssh的目录，进入该目录会发现生成了一下几个文件:

   • authorized_keys: 存放远程免密登录的公钥,主要通过这个文件记录多台机器的公钥
   • id_rsa : 生成的私钥文件
   • id_rsa.pub ： 生成的公钥文件
   • know_hosts : 已知的主机公钥清单

3. 如果希望ssh公钥生效需满足至少下面两个条件：

   • .ssh目录的权限必须是700

   • .ssh/authorized_keys文件权限必须是600

   这里确保权限设置正确

   # chmod 700 .ssh
   # chmod 600 .ssh/authorized_keys
   
   				
   
   					
   				
   				
   
   					
   				
   				
   
   					
   				
   				
   
   					
   				
   			

4. 远程免密登录， 在带备份的机器上执行如下命令

   ssh-copy-id -i ~/.ssh/id_rsa.put <romte_ip>

   e,g:

   # ssh-copy-id -i ~/.ssh/id_rsa.pub -p 1234 test@test.com
   /bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
   /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
   /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
   test@test.com's password:
    
   Number of key(s) added: 1
    
   Now try logging into the machine, with:   "ssh -p '1234' 'test@test.com'"
   and check to make sure that only the key(s) you wanted were added.
    
   
   				
   
   					
   				
   				
   
   					
   				
   				
   
   					
   				
   				
   
   					
   				
   			

   -bash: ssh-copy-id: command not found //提示命令不存在, 解决办法：yum -y install openssh-clients

Cron定期执行备份脚本

* * 6 * * sh /root/workspace/bin/linux/backup.sh

备份脚本

#!/bin/bash
NOW=$(date +"%Y-%m-%d-%H%M")
BASE_BACKUP_DIR="/tmp/backup/"
 
PROJECT=xxx
DB_NAME=testdb
DB_PASSWORD=testpassword
 
function usuage() {
  echo "============================================="
  echo " sh backup.sh <project> <dbname> <dbpassword>"
  echo "============================================="
}
 
function backup(){
  echo "======= backup ======"
  echo "[OK] project: "$PROJECT
  echo "[OK] database: "$DB_NAME
 
  if [ -z "${DB_NAME}" ];then
    echo "- empty db name, ignore the DB backup"
    BACK_DB="no"
  fi
 
  BACKUP_DIR=$BASE_BACKUP_DIR"${PROJECT}"
  BACKUP_FILE=${PROJECT}"."$NOW".tar"
 
  #make sure the backup dir is created
  mkdir -p $BACKUP_DIR
  if [ $? -gt 0 ];then
    echo "- failed to create backup dir: $BACKUP_DIR"
    return 1
  fi
 
  #clean up oldest backups
  find ${BACKUP_DIR} -mtime +7 -exec rm -fr {} \;
 
  # backup db
  DB_FILE="${DB_NAME}.sql"
  mysqldump -uroot -p${DB_PASSWORD} $DB_NAME > /tmp/$DB_FILE
  if [ $? -gt 0 ];then
    echo "- failed to dump db"
    return 1
  fi
 
  # append db backup file to tar file
  DB_TRANSFORM='s,^tmp,db,'
  tar --append --file=$BACKUP_DIR/$BACKUP_FILE --transform $DB_TRANSFORM /tmp/$DB_FILE
  if [ $? -gt 0 ];then
    echo "- failed to append db backup file to tar file"
    return 1
  fi
 
  # delete db backup file
  rm /tmp/$DB_FILE
  if [ $? -gt 0 ];then
    echo "- failed to remove backup db file"
    return 1
  fi
 
  # compress backup file
  gzip -9 $BACKUP_DIR/$BACKUP_FILE
  if [ $? -gt 0 ];then
    echo "- failed to compress backup file"
    return 1
  fi
}
 
# backup
backup
 
# copy it to remote server 
#echo "Sync to remote server"
rsync -av --delete -e 'ssh -p 1234' ${BASE_BACKUP_DIR}${PROJECT} test@test.com:/home/test/backup/