[Orca-users] Re: Anyone using Orca with rsync?

Ade Rixon ade.rixon at big-bubbles.fluff.org
Sat Nov 22 02:30:36 PST 2003 

Apologies for barging in like this and dredging up an old thread, but I
have something important to add.

Diana N. mentioned my blog entry about using Orca with rsync in her
posting of 7th Oct:
http://www.big-bubbles.fluff.org/blogs/bubbles/archives/000242.html
If anyone has followed this procedure and is using my orca_collect script
then you should immediately download the latest version:
http://www.big-bubbles.fluff.org/scripts/orca_collect
It contains an important performance fix to the rsync arguments that may
also clear up the huge amount of warning messages generated by Orca. (The
timestamps on all the copied data files were being updated with each run.)
Restart Orca after the first run.

Also, Sean O'Neill followed up with:
> If you have a ORCA server that SSH's into the remote systems and rsync's
> down the data (e.g. PULL), this one machine would have SSH access to
> LOTS of other systems and would probably make any security group very
> nervous about that machine.
> 
> If you have the remote systems rsync their data to the ORCA server (e.g.
> PUSH), then you have lots of other machines with SSH access to ONE
> system.  This generally makes security a /little/ less nervous.

It's true that one of the principles of security is not to put all your
eggs into one basket. However, the corollary of this is that sometimes
it's more secure to keep your eggs in one basket *if the basket is
well-guarded*.

Consider a 2 tier network with a demilitarised (Internet-facing) zone and
a secure internal zone, separated by a firewall. You don't want to allow
the hosts on the external zone to have transparent SSH access to an
internal host (particularly one that contains something as important as
your performance data). The SSH private key (the important part of the
pair) would be installed on a host that could be compromised. You could
use the SSH authorized_keys file to restrict command execution, but your
firewall would have to allow *all* SSH traffic between those hosts,
including non-Orca-related connections. And SSH itself has suffered the
odd vulnerability.

Instead, the internal host must initiate connections to the external ones
and pull the data down. The point of initiation and the private key are on
a secure network and, assuming it really is secure, are unlikely to be
compromised. It's easier to lock down one machine than many.

I agree that there is a scalability problem here, but this is why I wrote
orca_collect; it batches the rsyncs into concurrent groups.

Cheers,
Ade_
  /
-- 
[   Ade Rixon || http://www.big-bubbles.fluff.org/ || ade.rixon at bigfoot.com   ]

 "I don't remember exactly where, but it was rather cool."
					- WWW user

More information about the Orca-users mailing list