Master Rsync Backup: From Basics to Real-World Deployment

Backup Basics

What is backup

Backup is copying files to another location to protect against data loss or corruption. It ensures rapid recovery when failures occur.

File backup – copy files to external storage or network drives.

Snapshot backup – point‑in‑time copy, often incremental (e.g., VMware snapshots).

Binlog backup – record of database operations, useful for point‑in‑time recovery.

Cluster backup – multiple nodes store copies, providing redundancy.

Why backup

Data is critical.

Prevents loss.

Enables fast recovery.

Can you skip backup

For non‑critical data such as temporary files, logs, or caches, backup may be omitted.

How to backup

Full backup copies everything (high cost, low efficiency). Incremental backup copies only changed data (higher efficiency, lower storage and bandwidth usage).

Rsync Overview

What is Rsync

rsync

is a remote synchronization tool that supports both full and incremental backups across hosts.

Sync modes

Push – all hosts push local data to the Rsync server (suitable for small data sets).

Pull – the Rsync server pulls data from all hosts (higher load on the server).

Application scenarios

Large‑scale server backup.

Off‑site backup.

Rsync Transfer Modes

Local transfer

Uses the same syntax as cp for copying within a single host. Local: rsync [OPTION...] SRC... [DEST] Example:

[root@backup ~]# rsync -avz /etc/passwd /tmp/

Remote transfer

Transfers data over SSH, similar to scp.

Pull syntax: rsync [OPTION...] [USER@]HOST:SRC... [DEST] Push syntax: rsync [OPTION...] SRC... [USER@]HOST:DEST Pull example:

# Pull remote file
[root@backup ~]# rsync -avz [email protected]:/etc/hostname ./
# Pull entire remote directory
[root@backup ~]# rsync -avz [email protected]:/root/ /backup/

Push example:

# Push local data to remote module
[root@backup ~]# rsync -avz /backup/2018-10-01 [email protected]:/tmp/

Daemon mode

Runs Rsync as a service without SSH, using a double‑colon syntax.

Pull: rsync [OPTION...] [USER@]HOST::SRC... [DEST] Push: rsync [OPTION...] SRC... [USER@]HOST::DEST Pull example:

[root@nfs ~]# rsync -avz [email protected]::backup/ /mnt/ --password-file=/etc/rsync.password

Push example:

[root@nfs ~]# rsync -avz /mnt/ [email protected]::backup/ --password-file=/etc/rsync.password

Common options

-a   # archive mode (equivalent to -rlptgoD)
-v   # verbose output
-z   # compress data during transfer
-r   # recurse into directories
-t   # preserve modification times
-o   # preserve owner
-p   # preserve permissions
-g   # preserve group
-l   # preserve symlinks
-P   # show progress
-D   # preserve device files
-L   # copy the referent of symlinks
-e   # specify remote shell (e.g., ssh)
--exclude=PATTERN   # exclude files matching pattern
--exclude-from=file # read exclude patterns from file
--bwlimit=KBPS      # limit bandwidth
--partial           # keep partially transferred files
--delete            # delete extraneous files from destination

Rsync Service Deployment

Server installation

[root@backup ~]# yum -y install rsync

Server configuration

uid = rsync
gid = rsync
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log

[backup]
comment = welcome backup!
path = /backup

Server initialization

Create rsync user (no login, no home): useradd -M -s /sbin/nologin rsync Create backup directory and set ownership: mkdir /backup && chown -R rsync.rsync /backup Create password file and set 600 permissions:

echo "rsync_backup:sun" > /etc/rsync.passwd && chmod 600 /etc/rsync.passwd

Start rsync daemon and enable at boot:

# /etc/systemd/system/rsyncd.service
[Unit]
Description=fast remote file copy program daemon
After=network.target

[Service]
ExecStart=/usr/bin/rsync --daemon --no-detach
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure

[Install]
WantedBy=multi-user.target

# Reload and start
systemctl daemon-reload
systemctl start rsyncd
systemctl enable rsyncd

Verify service is listening on port 873:

[root@backup ~]# netstat -lntp
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:873            0.0.0.0:*               LISTEN      4758/rsync

Client configuration

Only the virtual user password is needed, stored either in a file with 600 permissions or as an environment variable.

File method:

# Install client
yum install -y rsync
# Store password
echo "sun" > /etc/rsync.pass && chmod 600 /etc/rsync.pass

Environment variable method:

# Install client
yum install -y rsync
# Export password for the session
export RSYNC_PASSWORD=sun

Rsync Practical Scenarios

Push and pull

Push local /backup to server module:

# Export password
export RSYNC_PASSWORD=sun
# Push
rsync -avz /backup/ [email protected]::backup/

Pull server module to local /backup:

# Export password
export RSYNC_PASSWORD=sun
# Pull
rsync -avz [email protected]::backup /backup/

Bidirectional synchronization (no‑difference sync)

Pull remote data and delete local files not present remotely:

Push local data and delete remote files not present locally:

Bandwidth‑limited push

Limit transfer speed to 1 MB/s to avoid saturating network links:

# Limit bandwidth to 1 MB/s
rsync -avz --bwlimit=1 [email protected]::backup/ /data/

Common issues

The names rsync, rsync_backup refer to the system service user and the virtual authentication user respectively; they are separate entities.