原 Linux 挂载 sshfs 文件系统,可挂载为数据库的异地备份目录
Tags: Oracle原创LinuxGreenPlumOSPostgreSQLsshfs备份服务器存储服务器挂载目录共享
简介
在 linux 与 linux 主机间可以通过 sshfs (SSH File System) 将对方的目录远程挂载在自己的主机上。相对于 nfs 、samba、webdav 等服务,sshfs 对系统的依赖最小,只需要对方支持 ssh 协议即可。
sshfs 是个开源项目,项目地址为:https://github.com/libfuse/sshfs
目前主流的 linux 发行版都有编译好的包支持,可以使用各自平台的包管理工具进行安装。
使用 sshfs 可以更方便地进行主机间的文件拷贝,挂载后的目录文件可以像本地目录一样浏览和编辑。
与 nfs 等传统服务相比,sshfs 可以挂载任意目录,并且不需求提前在服务器上进行配置。
sshfs 的原理实际上调用的是 sftp,通过 ps 命令我们可以检查实际执行的进程信息。
1 2 3 4 5 | $ netstat -anp | grep remote_ip tcp 0 0 remote_ip:2222 ESTABLISHED 3770/ssh $ ps -eaf | grep 3770 00:03:33 ssh -x -a -oClearAllForwardings=yes -oPort=2222 -2 root@remote_ip -s sftp |
一个挂载目录会启用一个 ssh 连接会话,所使用的端口就是远程主机的 ssh 端口。这个功能实际上在很多 windows ssh 连接工具上都有,即调用 sftp 进行主机间的文件传输。
使用 sshfs 可以起到保持 ssh 会话的作用,同时可以使用 cp 命令替代 scp 命令进行日常的远程文件拷贝。
注意事项
- 远程机器必须运行 SSH 服务。
- SSHFS 使用的是 SSH 连接,因此性能取决于网络状况。
- 如果希望在开机时自动挂载,可以在
/etc/fstab
文件中添加相应的条目,或使用脚本实现自动挂载。 - 如果需要免密登陆,可以提前配置互信。
allow_other
:允许其他用户访问挂载的目录。 若不加该参数,加入root用户挂载,则其它用户是看不到该目录的。
下载安装
安装:
1 2 3 4 5 | yum install -y fuse fuse-libs fuse-sshfs sudo apt-get install sshfs yum reinstall -y fuse fuse-libs fuse-sshfs --downloadonly --downloaddir=/soft |
也可以直接下载:
http://www.rpmfind.net/linux/rpm2html/search.php?query=fuse&submit=Search+...&system=&arch=x86_64
参数
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 | [root@alldb ~]# sshfs -h usage: sshfs [user@]host:[dir] mountpoint [options] general options: -o opt,[opt...] mount options -h --help print help -V --version print version SSHFS options: -p PORT equivalent to '-o port=PORT' -C equivalent to '-o compression=yes' -F ssh_configfile specifies alternative ssh configuration file -1 equivalent to '-o ssh_protocol=1' -o reconnect reconnect to server -o delay_connect delay connection to server -o sshfs_sync synchronous writes -o no_readahead synchronous reads (no speculative readahead) -o sync_readdir synchronous readdir -o sshfs_debug print some debugging information -o cache=BOOL enable caching {yes,no} (default: yes) -o cache_max_size=N sets the maximum size of the cache (default: 10000) -o cache_timeout=N sets timeout for caches in seconds (default: 20) -o cache_X_timeout=N sets timeout for {stat,dir,link} cache -o cache_clean_interval=N sets the interval for automatic cleaning of the cache (default: 60) -o cache_min_clean_interval=N sets the interval for forced cleaning of the cache if full (default: 5) -o workaround=LIST colon separated list of workarounds none no workarounds enabled [no]rename fix renaming to existing file (default: off) [no]truncate fix truncate for old servers (default: off) [no]buflimit fix buffer fillup bug in server (default: on) [no]fstat fix fstat for old servers (default: off) -o idmap=TYPE user/group ID mapping (default: none) none no translation of the ID space user only translate UID/GID of connecting user file translate UIDs/GIDs contained in uidfile/gidfile -o uidfile=FILE file containing username:remote_uid mappings -o gidfile=FILE file containing groupname:remote_gid mappings -o nomap=TYPE with idmap=file, how to handle missing mappings ignore don't do any re-mapping error return an error (default) -o ssh_command=CMD execute CMD instead of 'ssh' -o ssh_protocol=N ssh protocol to use (default: 2) -o sftp_server=SERV path to sftp server or subsystem (default: sftp) -o directport=PORT directly connect to PORT bypassing ssh -o slave communicate over stdin and stdout bypassing network -o disable_hardlink link(2) will return with errno set to ENOSYS -o transform_symlinks transform absolute symlinks to relative -o follow_symlinks follow symlinks on the server -o no_check_root don't check for existence of 'dir' on server -o password_stdin read password from stdin (only for pam_mount!) -o SSHOPT=VAL ssh options (see man ssh_config) FUSE options: -d -o debug enable debug output (implies -f) -f foreground operation -s disable multi-threaded operation -o allow_other allow access to other users -o allow_root allow access to root -o auto_unmount auto unmount on process termination -o nonempty allow mounts over non-empty file/dir -o default_permissions enable permission checking by kernel -o fsname=NAME set filesystem name -o subtype=NAME set filesystem type -o large_read issue large read requests (2.4 only) -o max_read=N set maximum size of read requests -o hard_remove immediate removal (don't hide files) -o use_ino let filesystem set inode numbers -o readdir_ino try to fill in d_ino in readdir -o direct_io use direct I/O -o kernel_cache cache files in kernel -o [no]auto_cache enable caching based on modification times (off) -o umask=M set file permissions (octal) -o uid=N set file owner -o gid=N set file group -o entry_timeout=T cache timeout for names (1.0s) -o negative_timeout=T cache timeout for deleted names (0.0s) -o attr_timeout=T cache timeout for attributes (1.0s) -o ac_attr_timeout=T auto cache timeout for attributes (attr_timeout) -o noforget never forget cached inodes -o remember=T remember cached inodes for T seconds (0s) -o intr allow requests to be interrupted -o intr_signal=NUM signal to send on interrupt (10) -o modules=M1[:M2...] names of modules to push onto filesystem stack -o max_write=N set maximum size of write requests -o max_readahead=N set maximum readahead -o max_background=N set number of maximum background requests -o congestion_threshold=N set kernel's congestion threshold -o async_read perform reads asynchronously (default) -o sync_read perform reads synchronously -o atomic_o_trunc enable atomic open+truncate support -o big_writes enable larger than 4kB writes -o no_remote_lock disable remote file locking -o no_remote_flock disable remote file locking (BSD) -o no_remote_posix_lock disable remove file locking (POSIX) -o [no_]splice_write use splice to write to the fuse device -o [no_]splice_move move data while splicing to the fuse device -o [no_]splice_read use splice to read from the fuse device Module options: [iconv] -o from_code=CHARSET original encoding of file names (default: UTF-8) -o to_code=CHARSET new encoding of the file names (default: UTF-8) [subdir] -o subdir=DIR prepend this directory to all paths (mandatory) -o [no]rellinks transform absolute symlinks to relative You have new mail in /var/spool/mail/root [root@alldb ~]# |
使用方法
1 | sshfs -o allow_other [user]@[remote_host]:[remote_directory] [local_mount_point] |
例如,将远程机器 remote_host
上的 /var/www
目录挂载到本地的 ~/remote_dir
:
1 | sshfs -o allow_other username@remote_host:/var/www ~/remote_dir |
为确保安全性,allow_other
选项允许所有用户访问挂载目录。如果只希望某些用户有访问权限,可以通过设置文件和目录的权限来控制。
示例
通过 sshfs 命令挂载后,可以使用 df 命令查看挂载点信息: