[DRBD-user] Re: DRBD w/ Postfix

Maurice Volaski mvolaski at aecom.yu.edu
Thu Jul 14 17:48:04 CEST 2005

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.

At 10:19 AM +0200 7/14/05, drbd-user-request at linbit.com wrote:
>I plan to put DRBD w/Heartbeat on a Debian (sarge) Postfix server w/
>Courier-imap.
>
>My question is this. Obviously one directory structure that I will be 
>synchronizing (making a drbd block device) would be /home
>However, although I would like to be able to synchronize all users 
>and their passwords, and all postfix settings, that would mean 
>making /etc also a drbd block device. But that's not possible now is 
>it - or not advisable as I would be synchronizing files that are box
>specific (/etc/fstab, /etc/network/interfaces..., /etc/hostname, etc.).
>

How often would those things that change that you'd have a need to 
synchronize them in real time? In any case, if you have a failover 
setup with heartbeat, I would think you'd want the failover computer 
to be near identical in configuration to the primary. In my case, I 
have a central config directory. In it is a common directory that 
contains config files that are identical on both computers. Then I 
have a separate directory for each computer that has the config files 
which differ on each computer. Every human-edited config file resides 
in these directories with the exception of the 
passwd/group/shadow/gshadow/sudoers files. I have a script that sets 
up symlinks to appropriate locations for every file and performs some 
basic configuration and setup such as setting up which init scripts 
run on each computer.

I have an rsync script that keeps the failover computer up to date 
for all changes. Update software on primary, run the script and the 
failover is updated automatically.

In a few cases, humans can edit some files, namely the shadow and 
smbpasswd files. This is accomplished by an expect script accessed by 
the human from an https web page. I use sudo and ssh to update these 
files on the failover computer, so it always has up to date passwords.
-- 

Maurice Volaski, mvolaski at aecom.yu.edu
Computing Support, Rose F. Kennedy Center
Albert Einstein College of Medicine of Yeshiva University

More information about the drbd-user mailing list