LinkedIn Sourceforge

Vincent's Blog

Pleasure in the job puts perfection in the work (Aristote)

How to keep config files in sync within a cluster of machines

Posted on 2024-11-16 19:14:00 from Vincent in OpenBSD High Availability

When managing a cluster of OpenBSD machines, keeping configuration files synchronized between nodes is essential for maintaining high availability and consistency. One effective approach for automating this process is to use entr, a simple and powerful utility for executing arbitrary commands when files change.


Using entr to Sync Configuration Files Between OpenBSD Machines

In this guide, I will explain how to set up a system where changes to key configuration files on the master node are automatically replicated to a backup node using rsync.

This post is in relation to the setup of a carp set of 2 nodes

Installing entr

First, install entr using the OpenBSD package repository:

pkg_add entr

The Monitoring Script

We need a script that will watch specific files for changes and trigger synchronization scripts when modifications occur. Here´s an example script:

/opt/carp_fw/sync_via_entr.sh

#!/bin/sh

echo "/etc/pf.conf" | entr -n -p /opt/carp_fw/remote_actions/sync_pf.sh &
echo "/etc/dhcpd.conf" | entr -n -p /opt/carp_fw/remote_actions/sync_dhcpd.sh &

This script sets up entr to monitor /etc/pf.conf and /etc/dhcpd.conf. When a change is detected in either file, the corresponding synchronization script will be executed.

Ensuring Script Execution at Boot

To ensure the monitoring script runs at startup, add the following line to /etc/rc.local:

/opt/carp_fw/sync_via_entr.sh

The Synchronization Scripts

Synchronizing pf.conf

/opt/carp_fw/remote_actions/sync_pf.sh

#!/bin/sh

case $(ifconfig carp | grep status) in
    *master*)
        ;;
    *)
        echo "We are not in master mode. We do not sync!!"
        exit 0
        ;;
esac

{
echo "$0 triggered at $(date)"
rsync -a /etc/pf.conf root@other_fw:/etc/pf.conf &&          echo "   Synced" &&          ssh -q root@other_fw "/sbin/pfctl -f /etc/pf.conf >> /dev/null" &&          echo "   Successful" || echo "    Failed"
} >> /var/log/carp.log 2>&1

This script:
- Checks if the machine is the master node using ifconfig carp | grep status.
- Synchronizes /etc/pf.conf to the backup node using rsync.
- If successful, reloads pf.conf on the backup node.
- Logs the outcome to /var/log/carp.log.

Synchronizing dhcpd.conf

/opt/carp_fw/remote_actions/sync_dhcpd.sh

#!/bin/sh

case $(ifconfig carp | grep status) in
    *master*)
       ;;
    *)
       echo "We are not in master mode. We do not sync!!"
       exit 0
esac

{
echo "$0 triggered at $(date)"
rsync -a /etc/dhcpd.conf root@other_fw:/etc/dhcpd.conf &&          echo "   Synced" &&          ssh -q root@other_fw "rcctl restart dhcpd" &&          echo "   Successful" || echo "    Failed"
} >> /var/log/carp.log 2>&1

This script behaves similarly to sync_pf.sh but targets /etc/dhcpd.conf and restarts the dhcpd service on the backup node.

Log File Management

To manage the size of the log file, add the following entry to /etc/newsyslog.conf:

/var/log/carp.log          root:wheel   650   5   1500   *   Z

This configuration rotates and compresses the log file once it exceeds 1500KB, retaining five historical logs.

Conclusion

By combining entr, rsync, and OpenBSD´s robust features, you can ensure that configuration files are synchronized efficiently between cluster nodes, maintaining reliability and operational continuity.



0, 0
displayed: 964



What is the last letter of the word Moon?