Thank you for visiting!
My little window on internet allowing me to share several of my passions
Categories:
- OpenBSD
- High Availability
- vdcron
- My Sysupgrade
- FreeBSD
- Nas
- DragonflyBSD
- fapws
- Alpine Linux
- Openbox
- Desktop
- Security
- nvim
- yabitrot
- nmctl
- Tint2
- Firewall
- VPN
- Project Management
- Hifi
- Alarm
Most Popular Articles:
Last Articles:
How to keep config files in sync within a cluster of machines
Posted on 2024-11-16 19:14:00 from Vincent in OpenBSD High Availability
When managing a cluster of OpenBSD machines, keeping configuration files synchronized between nodes is essential for maintaining high availability and consistency. One effective approach for automating this process is to use entr
, a simple and powerful utility for executing arbitrary commands when files change.
Using entr
to Sync Configuration Files Between OpenBSD Machines
In this guide, I will explain how to set up a system where changes to key configuration files on the master node are automatically replicated to a backup node using rsync
.
This post is in relation to the setup of a carp set of 2 nodes
Installing entr
First, install entr
using the OpenBSD package repository:
pkg_add entr
The Monitoring Script
We need a script that will watch specific files for changes and trigger synchronization scripts when modifications occur. Here´s an example script:
/opt/carp_fw/sync_via_entr.sh
#!/bin/sh
echo "/etc/pf.conf" | entr -n -p /opt/carp_fw/remote_actions/sync_pf.sh &
echo "/etc/dhcpd.conf" | entr -n -p /opt/carp_fw/remote_actions/sync_dhcpd.sh &
This script sets up entr
to monitor /etc/pf.conf
and /etc/dhcpd.conf
. When a change is detected in either file, the corresponding synchronization script will be executed.
Ensuring Script Execution at Boot
To ensure the monitoring script runs at startup, add the following line to /etc/rc.local
:
/opt/carp_fw/sync_via_entr.sh
The Synchronization Scripts
Synchronizing pf.conf
/opt/carp_fw/remote_actions/sync_pf.sh
#!/bin/sh
case $(ifconfig carp | grep status) in
*master*)
;;
*)
echo "We are not in master mode. We do not sync!!"
exit 0
;;
esac
{
echo "$0 triggered at $(date)"
rsync -a /etc/pf.conf root@other_fw:/etc/pf.conf && echo " Synced" && ssh -q root@other_fw "/sbin/pfctl -f /etc/pf.conf >> /dev/null" && echo " Successful" || echo " Failed"
} >> /var/log/carp.log 2>&1
This script:
- Checks if the machine is the master node using ifconfig carp | grep status
.
- Synchronizes /etc/pf.conf
to the backup node using rsync
.
- If successful, reloads pf.conf
on the backup node.
- Logs the outcome to /var/log/carp.log
.
Synchronizing dhcpd.conf
/opt/carp_fw/remote_actions/sync_dhcpd.sh
#!/bin/sh
case $(ifconfig carp | grep status) in
*master*)
;;
*)
echo "We are not in master mode. We do not sync!!"
exit 0
esac
{
echo "$0 triggered at $(date)"
rsync -a /etc/dhcpd.conf root@other_fw:/etc/dhcpd.conf && echo " Synced" && ssh -q root@other_fw "rcctl restart dhcpd" && echo " Successful" || echo " Failed"
} >> /var/log/carp.log 2>&1
This script behaves similarly to sync_pf.sh
but targets /etc/dhcpd.conf
and restarts the dhcpd
service on the backup node.
Log File Management
To manage the size of the log file, add the following entry to /etc/newsyslog.conf
:
/var/log/carp.log root:wheel 650 5 1500 * Z
This configuration rotates and compresses the log file once it exceeds 1500KB, retaining five historical logs.
Conclusion
By combining entr
, rsync
, and OpenBSD´s robust features, you can ensure that configuration files are synchronized efficiently between cluster nodes, maintaining reliability and operational continuity.