File Synchronization in NetScaler High Availability Setup

This article contains information about file synchronization in a NetScaler high availability setup from the Command Line Interface.

During a high availability file synchronization operation, a set of files are copied from the primary appliance to the secondary appliance. The high availability setup is synchronized automatically at an interval of one minute or when you manually run the sync ha files command. The secondary appliance initiates the high availability synchronization.

The rsync process completes the high availability file synchronization and the nsfsyncd process controls the synchronization. The rsync process uses an SSH tunnel for file synchronization, but the default SSH port 22 can be updated when running the rsync process. You can specify a particular port instead of port 22 and disallow Access Control Lists (ACLs) from blocking that port. To run the rsync process at an interval of one minute, the cron utility is used.

You can use the NetScaler command line interface or the Configuration Utility at either the primary or secondary appliance to manually synchronize the appliances. The sync ha files command only synchronizes certain files between the appliances and not the ns.conf file. Files located on the secondary appliance, that are specific to the secondary appliance and not present on the primary appliance, are not deleted during the synchronization.

The following is the syntax for high availability synchronization:

sync ha files <mode>

This table provides a description to the list of modes used for the sync ha files command
Mode Descriptions
all In this mode, everything except licenses and rc.conf files are synchronized. Files related to system configuration, NetScaler Gateway bookmarks, SSL certificates, SSL CRL lists, HTML injection scripts, and Application Firewall XML objects are synchronized.

The following are the synchronization paths in this mode:

/var/download

/var/archive

/nsconfig/ssl

/var/netscaler/ssl

/nsconfig/dns

/var/vpn/bookmark

/nsconfig/htmlinjection

/netscaler/htmlinjection/ens – (a symlink target)

/var/wi/tomcat/webapps/

/var/wi/tomcat/conf/Catalina/localhost/

/var/wi/java_home/lib/security/cacerts

/var/wi/java_home/jre/lib/security/cacerts

/var/wi/Clients/

/nsconfig/rc.netscaler

/nsconfig/inetd.conf

/nsconfig/sshd_config

/nsconfig/hosts

/nsconfig/snmpd.conf

/nsconfig/monitors

/nsconfig/ntp.conf

/nsconfig/resolv.conf

/nsconfig/syslog.conf

/nsconfig/nstemplates

/nsconfig/enckey

/var/nstemplates – (a symlink target)

/nsconfig/httpd.conf

/var/nslog/asl/

/var/nslw.bin/etc/krb5.conf

/var/nslw.bin/etc/krb5.keytab

/var/lib/likewise/db/

/nsconfig/ssh/

/nsconfig/krb/
dns In this mode, DNS related files are synchronized; /nsconfig/dns is the synchronization path.
bookmarks In this mode, all NetScaler Gateway bookmarks are synchronized; /var/vpn/bookmark/ is the synchronization path.
ssl In this mode, all certificates, keys, and CRLs for the SSL feature are synchronized.

The following are the synchronization paths in this mode:

/nsconfig/ssl/

/var/netscaler/ssl/
htmlinjection In this mode, all EdgeSight Monitoring scripts configured for the HTML injection feature are synchronized.

The following are the synchronization paths in this mode:

/nsconfig/htmlinjection/

/netscaler/htmlinjection/ens
imports In this mode, all XML objects such as WSDLs, schemas, and error pages configured for the Application Firewall are synchronized.

The following are the synchronization paths in this mode:

/var/download

/var/archive
misc In this mode, all license files and the rc.conf file are synchronized.

The following are the synchronization paths in this mode:

/nsconfig/license/

/nsconfig/rc.conf
all_plus_misc In this mode, all files related to system configuration, NetScaler Gateway bookmarks, SSL certificates, SSL CRL lists, HTML injection scripts, Application Firewall XML objects, licenses, and the rc.conf file are synchronized.

The following are the synchronization paths in this mode:

/var/download

/var/archive

/nsconfig/ssl

/var/netscaler/ssl

/nsconfig/dns

/var/vpn/bookmark

/nsconfig/htmlinjection

/netscaler/htmlinjection/ens – (a symlink target)

/var/wi/tomcat/webapps/

/var/wi/tomcat/conf/Catalina/localhost/

/var/wi/java_home/lib/security/cacerts

/var/wi/java_home/jre/lib/security/cacerts

/var/wi/Clients/

/nsconfig/rc.netscaler

/nsconfig/inetd.conf

/nsconfig/sshd_config

/nsconfig/hosts

/nsconfig/snmpd.conf

/nsconfig/monitors

/nsconfig/ntp.conf

/nsconfig/resolv.conf

/nsconfig/syslog.conf

/nsconfig/nstemplates

/nsconfig/enckey

/var/nstemplates – (a symlink target)

/nsconfig/httpd.conf

/var/nslog/asl/

/var/nslw.bin/etc/krb5.conf

/var/nslw.bin/etc/krb5.keytab

/var/lib/likewise/db/

/nsconfig/ssh/

/nsconfig/krb/

/nsconfig/license/

/nsconfig/rc.conf

Related:

Leave a Reply