|
Attention! I apologize, but it is automatic machine translation of the text. You can improve it if will send to me more correct version of the text or fix html pages via GITHUB repository.
Operation with nodes
Operation with nodes
OverviewCommands:
% cbsd node
"Node addition" is meant RSA key exchange for system user cbsd between two and more hosts. Having at itself RSA a key of the individual server, the some command has an opportunity to work with it through OpenSSH connection, carrying out such actions as:
- - executable remote cbsd (get jail list, login into jail) or unprivileged OS command (some commands, nevertheless, demand existence of the rights of the superuser. Such command are started through the scripts being in catalogs $workdir/sudoexec and $prefix/cbsd/*ver*/sudoexec/ (distrib directory) - look at /usr/local/etc/sudoers.d/cbsd_sudoers.
- - copying/creation of configuration files for jails, replication and synchronization of data.
Nodes can be united in any called logic group over which it is possible to carry out mass actions
List of nodesCommands:
% cbsd node mode=list
The command cbsd node mode=list show name of the nodes RSA which keys were received through cbsd node add. Too most it is possible to receive, having seen the catalog $workdir/.rssh, in which there are keys. The deduced list doesn't mean that the available key is actual or communication with a node is available (for these tasks there is a special demon nodepinger)
Example:
% cbsd node mode=list
Adding nodesCommands:
% cbsd node mode=add
Commands cbsd node mode=add .., at availability of the remote node via ssh and the correct password of the user cbsd, takes away a private key from the remote server and save it in the catalog $workdir/.rssh
Obligatory parameters for mode=add:
node = IP address or FQDN of server (in the list of notes, however, this server will be called how is specified in nodename on the remote node in $workdir/nc.inventory. This that name which is asked at the first start cbsd initenv
pw = password for cbsd user
Unessential argument:
port = alternative number of sshd port. By default, nodes of cbsd use port 22222 for connection on SSH.
Attention: the password of a user cbsd is used only at the moment of receiving a private key. Respectively, access on the server will be until the key won't be removed or re-generated. Change of the password of the user account in this case won't work.
Example:
% cbsd node mode=add node=192.168.1.2 pw=superpw port=22
Removal nodesCommands:
% cbsd node mode=remove
the commands cbsd node mode=remove node=nodename delete private key and records for this node from the $workdir/.rssh directory The name specified in node= should coincide with that writing which is output on cbsd node mode=list
Example:
% cbsd node mode=remove mode=backup1.mydomain.ru
some cbsd tools that use keys of nodesCommands:
% cbsd jcoldmigrate
% cbsd jbackup
% cbsd jrclone
% cbsd jailmapdb
...
Part of commands can demand existence of a key of a remote node for performance of the functions. Some list of similar commands:
- cbsd jcoldmigrate - cold migration jail from one node to other
- cbsd jbackup, jrclone - single synchronization or replication of jail data on-the-fly on a remote node
- cbsd jailmapdb - generate jmap.txt file, containing records of a look nodename="jail1 jail2 .." - list and location for jails
- cbsd jwhereis - return node name, where this jail is located (work under jmap.txt file)
- cbsd jlogin - to try to login into a jails if it isn't present locally, but is present in jmap.txt
- cbsd rexe - execute command on remote node
- cbsd rnode - login via ssh in cbsd shell on remote node
- ...
|
