next up previous contents
Next: Version Control on Routers Up: Using CVS to Administer Previous: Introduction   Contents

Basic Architecture

Figure 1: Basic Architecture
[Basic Architecture]

The initial motivation was to create a system that would require minimal changes to scripts and administrative processes. For this reason the system developed has configuration file edited in place on the production system. At the conclusion of an edit by an administrator or script make is run. The Makefile written makes CVS commits as required and performs any other tasks required to effect the change. Such tasks include the conversion of plain text files to DBM files and sending signals to daemons as appropriate.

Addition and removal of files from the repository is dealt with by scripts that create or delete configuration files. An example of files that may be added and deleted are zone files or email configuration files for virtual domains. The DNS and email servers that this system was designed to work with have many such domains and it is inevitable that domains will frequently be added or deleted.

The issue of concurrent edits is primitively handled by the use of vim style lock files. Scripts that with so access configuration files honor this lock file semantic so it is not possible for more than one script or administrator to access a file simultaneously. This also requires all administrators to use vim. A symbolic link from vi to vim and an absence of administrators who use editors other than vi have worked well to date. This locking mechanism while extremely simple to break eliminates most fine contention issues.

In this system CVS provides a rollback mechanism as arbitrary revisions of files in the repository can be constructed using CVS diff. This is ideally suited to situations where configuration files mysteriously stop functioning invariably over the course of a long weekend where no one recalls having made any changes.

The audit trail afforded by this system is limited as all commits come from a single user on a single host however the time of commits is recorded and this is certainly an improvement on no audit trail at all.


next up previous contents
Next: Version Control on Routers Up: Using CVS to Administer Previous: Introduction   Contents

1999-02-04