The sys admin's daily grind: iWatch
In a Minute
Recently, sys admin Charly was faced with the task of synchronizing a directory on a server with two NFS-mounted clients. He wanted the whole thing to happen quickly and to be easily manageable, which ruled out DRBD and GlusterFS.
My sync setup looks roughly like this: An application server cyclically reads values from a database, generates HTML files and some images, and dumps everything in the
/source directory. I use NFS 4 to mount the
/dest2 directories. When any new data arrives in
/source, I want it to reach the two target directories
Simple and Been Here for Years
Because complex solutions are out of the question, actually the only option left is to dump the task on inotify subsystem's plate. Inotify has been part of the kernel since 2.6.13 and provides an interface to filesystem events for userspace programs.
Apart from incron , I've hardly found a use for it so far, but it should be ideal for quick syncing of directories – or at least, these were my ideas on the matter. What was missing was the right tool for the task. Some quick research brought to light two candidates: lsyncd  and iWatch , but I'll focus on iWatch here.
The monitor is suitable for operation in the foreground or as a daemon. In the simplest case, I just monitor a single directory without triggering an action:
iwatch -r /var
iWatch then reports:
[ 6/May/2014 20:49:30] IN_CREATE/var/tmp/etilqs_SqorfaOvdiBaBI7 [ 6/May/2014 20:49:30] IN_DELETE/var/tmp/etilqs_SqorfaOvdiBaBI7
-c <action> parameter tells iWatch to respond to events. To avoid all these parameters from hell, a configuration file, as shown in Figure 1, seemed to be a better option. The exciting part of the configuration is in the
<path> tag. Here
type = recursive tells iWatch to include directories below
/source as well.
In case of a filesystem event, the mechanism starts the
/home/charly/bash/sync.sh shell script. iWatch passes in the
%f variable to the script. The variable resolves to the full path of the file that has changed. The script
sync.sh, in turn, is a lean two-liner:
#!/bin/bash rsync -a --delete $1 /dest1/$1 & rsync -a --delete $1 /dest2/$1 &
This method works quite well as long as the number of events to be processed does not increase exorbitantly. If it does – such as when syncing a six-digit number of very small files that the server writes to disk at maximum speed on the plate – you could experience a considerable number of queued rsync processes. Not that this would ever happen to me <cough>!
Charly Kühnast is a Unix operating system administrator at the Data Center in Moers, Germany. His tasks include firewall and DMZ security and availability. He divides his leisure time into hot, wet, and eastern sectors, where he enjoys cooking, freshwater aquariums, and learning Japanese, respectively.
Buy this article as PDF
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.
Redmond rushes in to root out alleged malware haven.
New initiative will bring futuristic virtual reality effects to the web surfing experience.