Using RSYNC for Content Replication in ZENworks Linux Management

Novell Cool Solutions: Feature
By Phillip Cockrell

Digg This - Slashdot This

Posted: 19 Sep 2006

ENVIRONMENT: Novell ZENworks Linux Management 7 (IR1)

PROBLEM: TED (Tiered Electronic Distribution) occasionally fails to properly replicate the package data store in ZENworks Linux Management 7 across a WAN link. This can cause headaches when delivering patches via bundle assignment.

SOLUTION: Configuration of content replication for the package repository is handled within the ZENworks Control Console (ZCC). The following components are replicated:

  • Bundle directory (/var/opt/novell/zenworks/pkg-repo/bundles)
  • Catalog directory (/var/opt/novell/zenworks/pkg-repo/catalogs)
  • Package repository (/var/opt/novell/zenworks/pkg-repo/packages)
  • Supported Platforms (/var/opt/novell/zenworks/lib/www/ostargets.xml)

The functionality of TED can easily be replaced with RSYNC. It would even be possible to schedule the replication with a "Remote Execute" policy through the ZCC. For the purposes of this document, I will give the example of using CRON.

NOTE: Unless specified, all commands will be run as the root user.

  1. Prepare the environment for the estabilishment of SSH keys for unauthenticated logins. To ensure the preservation of permissions, I use the built-in "zenworks" user for the entire process:
       # mkdir /var/opt/novell/share/tomcat/.ssh
       # chown zenworks:zenworks /var/opt/novell/share/tomcat/.ssh
  2. As the zenworks user (su - zenworks):

    $ ssh-keygen -t dsa

  3. Take the contents of /var/opt/novell/share/tomcat/.ssh/id_dsa.pub from all secondary ZLM servers and create / update the authorized_keys file on the primary ZLM server (/var/opt/novell/share/tomcat/.ssh/authorized_keys). Finally, test that key-based authentication is working. The desired result is that you will be able to successfully SSH from the secondary ZLM servers to the primary ZLM servers without being required to provide a password. There are many resources that provide information pertaining to configuring key-based authentication, this is a good one: http://sial.org/howto/openssh/publickey-auth/
  4. Ensure rsync is installed, if it is not, install it.
  5. Install the crontab for the "zenworks" user:

    # crontab -e -u zenworks

    I have included the sample CRONTAB file below.
  6. Disable "Content Replication"
    • Log into the ZCC -> Configuration Content Replication -- Select "No Schedule"
    • On each of the secondary ZLM servers, it is safe to disable TED:
      # /etc/init.d/novell-zented stop
      # chkconfig novell-zented off

Known Issues:

  1. It is a good idea to run the rsync commands specified above as the "zenworks" user prior to installing the CRONTAB to ensure that the repository is up-to-date. Following an initial rsync, the only changes that will be transferred are differentials. The frequency of the rsyncs as specified in the CRONTAB should be customized appropriately for the environment. At Rackspace, the environment is always rapidly changing, requiring that the repository is in sync at all times.
  2. Content replication with TED may be required in future versions of the ZENworks Management Suite -- Novell's long-term strategy for the ZENworks Suite is to merge all the products under a single control console (ZCC). When this occurs, using TED might be a requirement for full ZLM functionality.
  3. As designed, the secondary ZLM servers function utilizes cached data for agent transactions. When initially synchronizing the package repository data store, it may be necessary to clear the server-side cache and restart all ZLM services.


--- Begin Sample Crontab ---
# Replicate the target platforms twice daily (1100 & 2300 hours).
* 11,22 * * *     /usr/bin/rsync -aze ssh zlmprimary.digitalairlines.com:var/opt/novell/zenworks/lib/www/ostargets.xml /var/opt/novell/zenworks/lib/www/ostargets.xml
# Replicate catalog directory every 30 minutes beginning at the top of the hour.
0,30 * * * *     /usr/bin/rsync -aze ssh zlmprimary.digitalairlines.com:/var/opt/novell/zenworks/pkg-repo/catalogs /var/opt/novell/pkg-repo/
# Replicate bundle directory every 30 minutes beginning at ten minutes past the hour.
10,40 * * * *     /usr/bin/rsync -aze ssh zlmprimary.digitalairlines.com:/var/opt/novell/zenworks/pkg-repo/bundles /var/opt/novell/pkg-repo/
# Replicate packages directory every 30 minutes beginning at twenty minutes past the hour.
20,50 * * * *     /usr/bin/rsync -aze ssh zlmprimary.digitalairlines.com:/var/opt/novell/zenworks/pkg-repo/packages /var/opt/novell/pkg-repo/
--- End Sample Crontab ---

If you have any questions you may contact Philip at pcockrel@rackspace.com

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© Micro Focus