The sys admin's daily grind: iWatch
In a Minute
Recently, sys admin Charly was faced with the task of synchronizing a directory on a server with two NFS-mounted clients. He wanted the whole thing to happen quickly and to be easily manageable, which ruled out DRBD and GlusterFS.
My sync setup looks roughly like this: An application server cyclically reads values from a database, generates HTML files and some images, and dumps everything in the
/source directory. I use NFS 4 to mount the
/dest2 directories. When any new data arrives in
/source, I want it to reach the two target directories
Simple and Been Here for Years
Because complex solutions are out of the question, actually the only option left is to dump the task on inotify subsystem's plate. Inotify has been part of the kernel since 2.6.13 and provides an interface to filesystem events for userspace programs.
Apart from incron , I've hardly found a use for it so far, but it should be ideal for quick syncing of directories – or at least, these were my ideas on the matter. What was missing was the right tool for the task. Some quick research brought to light two candidates: lsyncd  and iWatch , but I'll focus on iWatch here.
The monitor is suitable for operation in the foreground or as a daemon. In the simplest case, I just monitor a single directory without triggering an action:
iwatch -r /var
iWatch then reports:
[ 6/May/2014 20:49:30] IN_CREATE/var/tmp/etilqs_SqorfaOvdiBaBI7 [ 6/May/2014 20:49:30] IN_DELETE/var/tmp/etilqs_SqorfaOvdiBaBI7
-c <action> parameter tells iWatch to respond to events. To avoid all these parameters from hell, a configuration file, as shown in Figure 1, seemed to be a better option. The exciting part of the configuration is in the
<path> tag. Here
type = recursive tells iWatch to include directories below
/source as well.
In case of a filesystem event, the mechanism starts the
/home/charly/bash/sync.sh shell script. iWatch passes in the
%f variable to the script. The variable resolves to the full path of the file that has changed. The script
sync.sh, in turn, is a lean two-liner:
#!/bin/bash rsync -a --delete $1 /dest1/$1 & rsync -a --delete $1 /dest2/$1 &
This method works quite well as long as the number of events to be processed does not increase exorbitantly. If it does – such as when syncing a six-digit number of very small files that the server writes to disk at maximum speed on the plate – you could experience a considerable number of queued rsync processes. Not that this would ever happen to me <cough>!
Charly Kühnast is a Unix operating system administrator at the Data Center in Moers, Germany. His tasks include firewall and DMZ security and availability. He divides his leisure time into hot, wet, and eastern sectors, where he enjoys cooking, freshwater aquariums, and learning Japanese, respectively.
Buy this article as PDF
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.