[ale] Copying config files to DHCP peer

Robert Tweedy robert at robert-tweedy.com
Thu Dec 19 20:51:59 EST 2019 

Another option with systemd would be to use its ability to monitor
changes to files and start a custom systemd script when the config files
being monitored are modified:
https://www.freedesktop.org/software/systemd/man/systemd.path.html

This is the method we use to keep our DHCP server configs in sync at
work; we make an update to the config file on one system, and it pushes
the change to the peer via a systemd oneshot service that copies it over
via scp. You could also modify it to do a restart of the DHCP service at
the same time, though that could be dangerous if you have to save the
config file for any reason before finishing with all the changes; it
would result in the DHCP server being restarted each time the file's
saved, and if it's in an incomplete state then you'll have a disruption
in your DHCP service.

-Robert

On 12/19/19 12:40 PM, Todor Fassl via Ale wrote:
> It occurs to me that my question has a basic push/pull problem. I
> could make it so my co-workers don't know they are updating the peer. 
> That is the way it is now. They type "service dhcp start" just as they
> have always done. So that's nice when I am on vacation but what if I
> get hit by a bus? New guy comes in and has no idea how the peer is
> getting updated. Maybe its bad that I'm making this so easy.
>
> Well, if I stick with the make it easy approach, what about adding a
> execstart post script to the systemd config file?
>
> https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStartPre=
>
>
>
>
>
> On 12/19/19 11:20 AM, Bryan L. Gay via Ale wrote:
>> Using a config manager would be perfect, but that's a long row to hoe
>> if not already using a config manager.
>> Personally, I'd use Chef above ansible or puppet, but that's just me.
>> There's a learning curve for the people who want to make config
>> changes using either of these tools.
>>
>> On Thu, Dec 19, 2019 at 12:17 PM Joey Kelly via Ale <ale at ale.org> wrote:
>>>
>>> On Thursday, December 19, 2019 10:58:03 AM Todor Fassl via Ale wrote:
>>>> I have been running peered ISC dhcp servers for years. The problem is
>>>> that you need copies of the config files on both machines. Say you
>>>> want
>>>> to assign an IP address to a new machine. You add a stanza to a config
>>>> file but then you then have to get a copy of the modified config
>>>> file to
>>>> the peer. If you forget to do that, you are going to screw things up
>>>> pretty badly.
>>>
>>> So write a wrapper that fetches your stanzas or the complete config
>>> file, pushes
>>> them to the servers, then restarts the servers. ansible/puppet can
>>> be your
>>> friend here.
>>>
>>> --Joey
>>>
>>>
>>>> Other people in my department occasionally need to make these config
>>>> changes. So I need a way to guarantee that the config files get copied
>>>> over. Googling showed me lots of articles on configuring a peer in
>>>> isc-dhcp but only one on syncing the config files. That person was
>>>> doing
>>>> it via rsync and a script in cron.hourly.
>>>>
>>>> What I have done, at least for now, is to replace the init script with
>>>> my own script. This script uses an ssh key to copy the files to the
>>>> peer
>>>> and then restarts dhcp on the peer. If somebody types "service dhcp
>>>> restart", it runs my script. But now with systemd, it is going to
>>>> be harder.
>>>>
>>>> Fortunately, for now, my co-workers are still typing "service bind9
>>>> restart" and the like. So "service dhcp restart" is not a problem --
>>>> yet. But if somebody types "systemctl restart isc-dhcp-server", it is
>>>> not going to work.
>>>>
>>>>
>>>> Its interesting that bind9 and slapd handle this under the covers.
>>>
>>> -- 
>>> Joey Kelly
>>> Minister of the Gospel and Linux Consultant
>>> http://joeykelly.net
>>> 504-239-6550
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> https://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> https://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20191219/dcca4b8d/attachment.html>

More information about the Ale mailing list