Operation with nodes
Attention! Current pages describe CBSD version 12.1.x. If you are using an older version, please update first.
What nodes is meant
% cbsd node
"Node addition" is meant RSA key exchange for system user CBSD between two and more hosts. Having at itself RSA a key of the individual server, the some command has an opportunity to work with it through OpenSSH connection, carrying out such actions as:
- executable remote CBSD (get jail list, login into jail) or unprivileged OS command (some commands, nevertheless, demand existence of the rights of the superuser. Such command are started through the scripts being in catalogs $workdir/sudoexec and $prefix/cbsd/*ver*/sudoexec/ (distrib directory) — look at /usr/local/etc/sudoers.d/cbsd_sudoers.
- copying/creation of configuration files for jails, replication and synchronization of data.
Nodes can be united in any called logic group over which it is possible to carry out mass actions
List of nodes
% cbsd node mode=list
The command cbsd node mode=list show name of the nodes RSA which keys were received through cbsd node add. Too most it is possible to receive, having seen the catalog $workdir/.rssh, in which there are keys.
Through argument display you can specify the fields for output data. If display is not specified, the value takes from $workdir/etc/defaults/node.conf file, which you can change at its discretion via $workdir/etc/node.conf
% cbsd node mode=list
% cbsd node mode=add
Commands cbsd node mode=add .., at availability of the remote node via ssh and the correct password of the user CBSD, takes away a private key from the remote server and save it in the catalog $workdir/.rssh
Obligatory parameters for mode=add:
- node = IP address or FQDN of server (in the list of notes, however, this server will be called how is specified in nodename on the remote node in $workdir/nc.inventory. This that name which is asked at the first start cbsd initenv
- pw = password for CBSD user
- port = alternative number of sshd port. By default, nodes of CBSD use port 22222 for connection on SSH.
Attention: the password of CBSD user is used only at the moment of receiving a private key. Respectively, access on the server will be until the key won't be removed or re-generated. Change of the password of the user account in this case won't work.
% cbsd node mode=add node=192.168.1.2 pw=superpw port=22
% cbsd node mode=remove
The commands cbsd node mode=remove node=nodename delete private key and records for this node from the $workdir/.rssh directory. The name specified in node= should coincide with that writing which is output on cbsd node mode=list
% cbsd node mode=remove node=backup1.mydomain.ru