DHCP failover?

[Simon Hobson]

Benjamin Wiechman wrote:
>>It's that 3rd step where rsync (or anything that works for you) comes
>>in. One technique I use is for the script that generates the config
>>file to use rsync to copy a config file to another machine - on the
>>other machine, a cron job checks every few minutes and if a new file
>>has appeared it tests it and then makes it the live config.


>Do you have a copy of said config that you would be willing to share?

Bear in mind this is part of my DNS management so the files and 
commands are different of course, but it should give you an idea. 
There are plenty of other ways of doing this, but this 'works for me' 
(a lot comes down to what tools you are comfortable with) ...


On the master, as part of the build script I have :

># Send slave file to slave servers
>   cmp -s "${SlaveZone}" "${SlaveZone}-"
>   [ $? -ne 0 ] && {
>     for server in "${SlaveServers[@]}"
>     do
>       echo "Copying to slave server \"${server}\""
>       rsync --timeout 120 --password-file=/etc/rsync.password \
>           ${SlaveZone} rsync://named@${server}/dnsslave
>     done
>     mv "${SlaveZone}" "${SlaveZone}-"
>   }

Basically, compare the newly build slave zone file with the last one 
we sent, and if it's different then send it (it's quite possible that 
it hasn't changed in which case there's no point updating the slave 
with the same file).

># cat /etc/rsync.password
><your password here>




On the slave I have :
># crontab -l
>0,5,10,15,20,25,30,35,40,45,50,55 * * * * /usr/local/bin/get_dns

Crontab to run the script every 5 mins - of course you could just use 
0/5 but I knew a bit less when I did this !


># cat /usr/local/bin/get_dns
>#!/bin/bash
>
># Check if a new slave zone list has been transferred, and if so
># check it and install it.
>
>incoming="/var/rsync/slave/zones.slave"
>include="/var/named/zones.slave"
>
>if [ -e "${incoming}" ]
>then
>   sleep 15
>   cmp -s "${incoming}" "${include}" && rm "${incoming}" || {
>     mv "${include}" "${include}-"
>     mv "${incoming}" "${include}"
>     chmod 0444 "${include}"
>     chown bind:bind "${include}"
>     /usr/sbin/rndc reconfig && echo "Slave DNS server reloaded" \
>         || echo "Reloading server failed"
>   }
>fi

Check if there is an incoming file, and if so (and it is different to 
the last one we loaded) then make it the live file.


># cat /etc/rsyncd.conf
>[dnsslave]
>         path = /var/rsync/slave
>         comment = dns slave data
>         auth users = named
>         secrets file = /etc/rsyncd.secrets
>         uid = bind
>         gid = bind
>         read only = false
>         hosts allow = w.x.y.z a.b.c.d
>         list = false


># cat /etc/rsyncd.secrets
>named:<your password here>


Define an rsync 'share' and the secret to use as the password.