| A/I Orange Book (1.0): An how-to for the realization of a resilient network of self-managed servers | ||
|---|---|---|
| Prev | Chapter 3. Filesystem | Next |
Some data (as for example the /opt directory we described before holding the content not connected to a specific user) have to be synchronized on the various servers. Since this is not a small amount of data and since it does not need to be modified specifically for every single box, we have chosen not to distribute it through CFengine. Rather, we have chosen easier systems. At the moment we did not find a solution to actually have a truly shared filesystem, since the particular situation of our network (non-local boxes with low bandwidth connecting to each other) is not compatible with the standard design of distributed filesystems (which are generally targeted to local high-speed connections).
To copy all of the data simultaneously, we use then a rsync server, non encrypted, available on every single server on the VPN. This solution allows for a decent transfer speed, with a low overhead. The side effect of this solution is that it breaks the simmetry of the servers: one of them needs to be defined as the master and the others as the slaves the copies are distributed to, although as usual the "master" role can be switched in no time very easily.
The same mechanism will be used to move a single website or mailbox from one server to the other. To avoid too much confusion (and the risk of tragic errors) with misspelled commands, the rsync connections are read-only, so every server can only pull contents from the others.