The sys admin's daily grind: iWatch
In a Minute
Recently, sys admin Charly was faced with the task of synchronizing a directory on a server with two NFS-mounted clients. He wanted the whole thing to happen quickly and to be easily manageable, which ruled out DRBD and GlusterFS.
My sync setup looks roughly like this: An application server cyclically reads values from a database, generates HTML files and some images, and dumps everything in the
/source directory. I use NFS 4 to mount the
/dest2 directories. When any new data arrives in
/source, I want it to reach the two target directories
Simple and Been Here for Years
Because complex solutions are out of the question, actually the only option left is to dump the task on inotify subsystem's plate. Inotify has been part of the kernel since 2.6.13 and provides an interface to filesystem events for userspace programs.
Apart from incron , I've hardly found a use for it so far, but it should be ideal for quick syncing of directories – or at least, these were my ideas on the matter. What was missing was the right tool for the task. Some quick research brought to light two candidates: lsyncd  and iWatch , but I'll focus on iWatch here.
The monitor is suitable for operation in the foreground or as a daemon. In the simplest case, I just monitor a single directory without triggering an action:
iwatch -r /var
iWatch then reports:
[ 6/May/2014 20:49:30] IN_CREATE/var/tmp/etilqs_SqorfaOvdiBaBI7 [ 6/May/2014 20:49:30] IN_DELETE/var/tmp/etilqs_SqorfaOvdiBaBI7
-c <action> parameter tells iWatch to respond to events. To avoid all these parameters from hell, a configuration file, as shown in Figure 1, seemed to be a better option. The exciting part of the configuration is in the
<path> tag. Here
type = recursive tells iWatch to include directories below
/source as well.
In case of a filesystem event, the mechanism starts the
/home/charly/bash/sync.sh shell script. iWatch passes in the
%f variable to the script. The variable resolves to the full path of the file that has changed. The script
sync.sh, in turn, is a lean two-liner:
#!/bin/bash rsync -a --delete $1 /dest1/$1 & rsync -a --delete $1 /dest2/$1 &
This method works quite well as long as the number of events to be processed does not increase exorbitantly. If it does – such as when syncing a six-digit number of very small files that the server writes to disk at maximum speed on the plate – you could experience a considerable number of queued rsync processes. Not that this would ever happen to me <cough>!
Charly Kühnast is a Unix operating system administrator at the Data Center in Moers, Germany. His tasks include firewall and DMZ security and availability. He divides his leisure time into hot, wet, and eastern sectors, where he enjoys cooking, freshwater aquariums, and learning Japanese, respectively.
Buy this article as PDF
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.