[j-nsp] Config archive subtleties
Phil Mayers
p.mayers at imperial.ac.uk
Wed Aug 7 12:03:09 EDT 2013
All,
For several years, we've used "system archival configuration" in
"on-commit" mode, to backup each commit to a separate file on an
sftp/scp server, then check them individually into subversion.
Recently this fell apart on us, as the SSH key on the server changed and
the archival transfers started to silently[1] fail.
While trying to write a nagios check for outstanding archive transfers,
I then discovered that in some circumstances, the archival config will
give up and discard a file - I had assumed it would queue them forever,
but apparently not in some cases (e.g. 3 successive failures with bad
username/password).
All of which has me wondering if the feature is more trouble than it's
worth.
What do other people do? It seems like it would be a nice feature to
preserve the commits and so forth, but if it's not robust, maybe it's
just misleading.
Cheers,
Phil
[1] It did log en entry into /var/log/messages, but TBH JunOS logs so
much crap there, we don't do anything with those logs...
More information about the juniper-nsp
mailing list