Re: Cold / warm spare for OpenBSD server

2018-04-11 Thread Gregory Edigarov 

I would solve the problem of config sync vice versa.
instead of syncing the files from one host to another you could just 
create the same files using any software configuration management system 
like ansible.


of course, you will still need to sync the data, and rsync is your best 
friend here.



On 11.04.18 16:08, Jeff Zimmerman wrote:

Hello!


I administer multiple OpenBSD machines which have been backing up via tar and sftp. I do 
have one server that is mission critical that I'd like to move to a more "warm" 
backup, perhaps using rsync. I already have a second server with the same hardware and 
OpenBSD version that is in a cold state but currently it would take some time to rebuild 
from the backup tars if something happened to the main server.


I see this project as having two different stages. Because I've installed a lot 
of ports and packages outside of the base install, stage one would involve 
installing the same rev of OpenBSD on the redundant machine and having rsync 
sync everything (binaries, config, etc.) from production to the redundant 
machine. Then stage two would pare down the rsync config to only sync the 
dynamic data, like /var/mail, /etc configuration files and that kind of thing.


My questions:

Stage 1: sync the two machines so are initially identical.


When syncing everything from existing to redundant machine in stage 1, what 
directories wouldn't need to be / shouldn't be synced?


I suspect that /dev and /mnt probably shouldn't be synced and probably don't 
need to be synced if the server hardware and OS version is the same between 
machines. Likewise kernel files like /boot and /bsd probably don't need to be 
synced either unless upgrading the kernel for security patches. Are there other 
directories that shouldn't be or don't need to be synced?


Stage 2: sync mail, /etc/passwd, etc. on a regular basis between the machines


I need to mirror /etc, /var/mail, and any other directories with dynamically 
changing data. I'm not so concerned about logs so I probably won't sync all of 
/var. Similar to my question above, are there other directories that would have 
commonly changed data that I should be backing up on a semi-regular basis?


Is rsync the best way to keep two OpenBSD servers in close sync with each other? Is rsync a 
reasonable way to initially mirror the installed ports and packages and configuration data from one 
machine to another? And is there a better way to go about having 2 servers in sync, one 
"hot" and one "warm"?


Thanks!


Jeff

Cold / warm spare for OpenBSD server

2018-04-11 Thread Jeff Zimmerman 
Hello!


I administer multiple OpenBSD machines which have been backing up via tar and 
sftp. I do have one server that is mission critical that I'd like to move to a 
more "warm" backup, perhaps using rsync. I already have a second server with 
the same hardware and OpenBSD version that is in a cold state but currently it 
would take some time to rebuild from the backup tars if something happened to 
the main server.


I see this project as having two different stages. Because I've installed a lot 
of ports and packages outside of the base install, stage one would involve 
installing the same rev of OpenBSD on the redundant machine and having rsync 
sync everything (binaries, config, etc.) from production to the redundant 
machine. Then stage two would pare down the rsync config to only sync the 
dynamic data, like /var/mail, /etc configuration files and that kind of thing.


My questions:

Stage 1: sync the two machines so are initially identical.


When syncing everything from existing to redundant machine in stage 1, what 
directories wouldn't need to be / shouldn't be synced?


I suspect that /dev and /mnt probably shouldn't be synced and probably don't 
need to be synced if the server hardware and OS version is the same between 
machines. Likewise kernel files like /boot and /bsd probably don't need to be 
synced either unless upgrading the kernel for security patches. Are there other 
directories that shouldn't be or don't need to be synced?


Stage 2: sync mail, /etc/passwd, etc. on a regular basis between the machines


I need to mirror /etc, /var/mail, and any other directories with dynamically 
changing data. I'm not so concerned about logs so I probably won't sync all of 
/var. Similar to my question above, are there other directories that would have 
commonly changed data that I should be backing up on a semi-regular basis?


Is rsync the best way to keep two OpenBSD servers in close sync with each 
other? Is rsync a reasonable way to initially mirror the installed ports and 
packages and configuration data from one machine to another? And is there a 
better way to go about having 2 servers in sync, one "hot" and one "warm"?


Thanks!


Jeff