为确保CentOS系统数据安全,建议采用多层次备份策略:
# 全系统备份(排除/proc, /sys, /mnt, /media, /dev等特殊目录)
tar -cvpzf /backup/centos_full_$(date +%Y%m%d).tar.gz --exclude=/backup --exclude=/proc --exclude=/lost+found --exclude=/sys --exclude=/mnt --exclude=/media --exclude=/dev /
rsync -aAXv --delete --exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found","/backup"} / /backup/incremental_backup_$(date +%Y%m%d)
dd if=/dev/sda of=/backup/centos_disk.img bs=4M status=progress
# 安装Bacula
yum install bacula-director bacula-storage bacula-client bacula-console
# 备份/etc目录
tar -czvf /backup/etc_backup_$(date +%Y%m%d).tar.gz /etc
# 备份重要服务配置
cp /etc/ssh/sshd_config /backup/sshd_config_$(date +%Y%m%d)
cp /etc/my.cnf /backup/my.cnf_$(date +%Y%m%d)
# 全库备份
mysqldump -u root -p --all-databases > /backup/mysql_all_$(date +%Y%m%d).sql
# 单库备份
mysqldump -u root -p database_name > /backup/database_name_$(date +%Y%m%d).sql
pg_dumpall -U postgres > /backup/postgres_all_$(date +%Y%m%d).sql
创建/usr/local/bin/backup_centos.sh
脚本:
#!/bin/bash
# 定义备份目录
BACKUP_DIR="/backup"
DATE=$(date +%Y%m%d)
# 创建备份目录
mkdir -p $BACKUP_DIR/full $BACKUP_DIR/incremental $BACKUP_DIR/db
# 全量备份(每周日执行)
if [ $(date +%u) -eq 7 ]; then
tar -cvpzf $BACKUP_DIR/full/centos_full_$DATE.tar.gz \
--exclude=/backup \
--exclude=/proc \
--exclude=/lost+found \
--exclude=/sys \
--exclude=/mnt \
--exclude=/media \
--exclude=/dev /
fi
# 增量备份(每日执行)
rsync -aAXv --delete \
--exclude={"/dev/*","/proc/*","/sys/*","/tmp/*","/run/*","/mnt/*","/media/*","/lost+found","/backup"} \
/ $BACKUP_DIR/incremental/incr_$DATE
# 数据库备份
mysqldump -u root -pYOURPASSWORD --all-databases > $BACKUP_DIR/db/mysql_all_$DATE.sql
pg_dumpall -U postgres > $BACKUP_DIR/db/postgres_all_$DATE.sql
# 保留30天备份
find $BACKUP_DIR/full -mtime +30 -delete
find $BACKUP_DIR/incremental -mtime +30 -delete
find $BACKUP_DIR/db -mtime +30 -delete
添加到crontab自动执行:
0 2 * * * /usr/local/bin/backup_centos.sh
# 进入救援模式或Live CD环境
tar -xvpzf /backup/centos_full_YYYYMMDD.tar.gz -C /
rsync -aAXv /backup/incremental_backup_YYYYMMDD/ /
dd if=/backup/centos_disk.img of=/dev/sda bs=4M status=progress
# MySQL恢复
mysql -u root -p < /backup/mysql_all_YYYYMMDD.sql
# PostgreSQL恢复
psql -U postgres -f /backup/postgres_all_YYYYMMDD.sql
定期验证备份完整性
tar -tvf /backup/centos_full_YYYYMMDD.tar.gz | head
定期进行恢复演练
遵循3-2-1备份原则:
加密敏感备份数据:
openssl enc -aes-256-cbc -salt -in backup.tar.gz -out backup.tar.gz.enc
监控备份作业状态,设置报警机制
定期更新备份策略以适应系统变化
文档化备份恢复流程,确保团队成员了解操作步骤
通过实施以上策略,可以确保CentOS系统在遭遇硬件故障、人为错误或安全事件时能够快速恢复,最大限度保障业务连续性。