Synchronization between master and slave

[ElGigi]

Hi,

An error occured during synchronization between master and slave:

Nov 15 10:24:51 bastion osh-sync-watcher.sh[33179]: Watching for changes (timeout: 120)...
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33198]: ... timed out, syncing just in case!
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33202]: Starting sync!
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33205]: 10.x.x.x: [Server 1/1 - Step 1/3] syncing needed data...
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33207]: rsync: [sender] Failed to exec -p: No such file or directory (2)
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33207]: rsync error: error in IPC code (code 14) at pipe.c(85) [sender=3.2.7]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33206]: rsync: connection unexpectedly closed (0 bytes received so far) [sender]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33206]: rsync error: error in IPC code (code 14) at io.c(231) [sender=3.2.7]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33208]: 10.x.x.x: [Server 1/1 - Step 1/3] sync ended with return value 14
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33209]: 10.x.x.x: [Server 1/1 - Step 2/3] syncing lastlog files from master to slave, only if master version is newer...
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33211]: rsync: [sender] Failed to exec -p: No such file or directory (2)
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33211]: rsync error: error in IPC code (code 14) at pipe.c(85) [sender=3.2.7]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33210]: rsync: connection unexpectedly closed (0 bytes received so far) [sender]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33210]: rsync error: error in IPC code (code 14) at io.c(231) [sender=3.2.7]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33212]: 10.x.x.x: [Server 1/1 - Step 2/3] sync ended with return value 14
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33213]: 10.x.x.x: [Server 1/1 - Step 3/3] syncing lastlog files from slave to master, only if slave version is newer...
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33216]: rsync: [Receiver] Failed to exec -p: No such file or directory (2)
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33216]: rsync error: error in IPC code (code 14) at pipe.c(85) [Receiver=3.2.7]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33215]: rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33215]: rsync error: error in IPC code (code 14) at io.c(231) [Receiver=3.2.7]
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33217]: 10.x.x.x: [Server 1/1 - Step 3/3] sync ended with return value 14
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33218]: ERROR: Encountered 3 error(s) while synchronizing, see above
Nov 15 10:26:51 bastion osh-sync-watcher.sh[33219]: Watching for changes (timeout: 120)...

The manual synchronization works fine:

rsync -v --rsh "ssh -i /root/.ssh/id_master2slave" /etc/passwd /etc/group bastionsync@IP.OF.THE.SLAVE:/root/

The configuration file:

$ cat /etc/bastion/osh-sync-watcher.sh
###############################################################################
## Config for ``bin/admin/osh-sync-watcher.sh``
## As it'll be sourced, THIS FILE MUST BE A VALID SHELL SCRIPT.
##
#@ .. note::
#@
#@    This daemon is responsible for ensuring secondary bastions
#@    are synced up to their primary at all times.
#@    If you don't have such HA setup, you can ignore this config file.
#@    For more information, refer to
#@    :ref:`installation/advanced:clustering (high availability)`.
###############################################################################
#
# > Logging
# >> These options configure the way the script logs its actions
#
# logdir (string)
#    DESC: Directory where the logs will be written to. Note that using this configuration option, the script will directly write to a file, without using syslog. If empty, won't log directly to a file.
# DEFAULT: ""
logdir=""
#
# syslog (string)
#    DESC: The syslog facility to use for logging the script output. If set to the empty string, we'll not log through syslog at all. If this configuration option is missing from your config file altogether, the default value will be used (local6), which means that we'll log to syslog.
# DEFAULT: "local6"
syslog="local6"
#
# > Daemon setup
# >> These options configure whether the synchronization daemon is enabled
#
# enabled (int)
#    DESC: If set to anything else than ``1``, the daemon will refuse to start (e.g. you don't have secondary bastions). You can set this to ``1`` when you've configured and tested the primary/secondaries setup.
# DEFAULT: 0
enabled=1
#
# timeout (int > 0)
#    DESC: The maximum delay, in seconds, after which we'll forcefully synchronize our data to the secondaries, even if no change was detected.
# DEFAULT: 120
timeout=120
#
# > Remote synchronization
# >> These options configure how the primary bastion should push its configuration to the secondaries
#
# rshcmd (string)
#    DESC: This value will be passed as the ``--rsh`` parameter of ``rsync`` (don't use ``-p`` to specify the port heree, use the ``remotehostlist`` config below instead), this can be used to specify which SSH key to use, for example. Note that this option is mandatory (if you don't have anything to specify here, you can just say ``ssh``).
# DEFAULT: ""
# EXAMPLE: "ssh -q -i /root/.ssh/id_master2slave"
rshcmd=""
#
# remoteuser (string)
#    DESC: The remote user to connect as, using ``ssh`` while rsyncing to secondaries. You probably don't need to change this.
# DEFAULT: "bastionsync"
remoteuser="bastionsync"
#
# remotehostlist (space-separated list of strings, each string being either 'ip' or 'ip:port')
#    DESC: The list of the secondary bastions to push our data to. If this list is empty, the daemon won't do anything.
# DEFAULT: ""
# EXAMPLE: "192.0.2.17 192.0.2.12:2244"
remotehostlist="10.x.x.x"

[ksourdrille]

Hi @ElGigi , in your /etc/bastion/osh-sync-watcher.sh fill rshcmd="" like this rshcmd="ssh -i /root/.ssh/id_master2slave", and tell us if it's better

[ElGigi]

Works fine, thx!

[ElGigi]

Perhaps, update documentation?

[ksourdrille]

Maybe @speed47, can update the documentation ?

Kélian

[speed47]

Hey, sorry for the delay, and thanks for you report!

The documentation states that this value must be filled :

Note that this option is mandatory (if you don't have anything to specify here, you can just say ssh)

However, the script should check that and not even attempt to run the rsync but warn you and exit. That must be fixed.

I'll also try to make it more obvious in the documentation that this option needs to be looked into.
Do you feel that the default value in the unmodified dist config file should be ssh -q -i /root/.ssh/id_master2slave, hoping that this should work on systems using the default port 22 and the default key name setup during a standard install?

[ksourdrille]

Hey @speed47, in my opinion, for a default installation, this is the right value to enter.