You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- The data sync application now utilizes stunnel for secure data
synchronization. Sync requests can be sent to the sibling BMC
rsync daemon port via localhost, stunnel handling the forwarding
to the sibling BMC.
Tested:
- Verified that the data is synced into sibling BMC after
the mTLS handshake.
- Data sync configuration
```
{
"Files": [
{
"Path": "/var/lib/pds/test",
"Description": "Test Sibling BMC Synchronization",
"SyncDirection": "Active2Passive",
"SyncType": "Immediate"
}
]
}
```
- BMCs Role: BMC0 (Active) and BMC1 (Passive)
- FullSync
- BMC0
```
systemd: Starting Redundant BMC Data Synchronization...
phosphor-rbmc-data-sync-mgr: Full Sync started
stunnel: LOG5[3]: Service [sibling_bmc] accepted connection from 127.0.0.1:50390
stunnel: LOG5[3]: s_connect: connected 10.2.2.100:4071
stunnel: LOG5[3]: Service [sibling_bmc] connected remote server from 10.0.2.100:53920
systemd: Started Redundant BMC Data Synchronization.
stunnel: LOG5[3]: Certificate accepted at depth=0: C=IN, ST=KA, O=IBM, OU=ISDL, CN=bmc1, [email protected] <=== BMC1 certificate verified
stunnel: LOG3[3]: OCSP: No OCSP stapling response received
phosphor-rbmc-data-sync-mgr: Full Sync completed successfully
phosphor-rbmc-data-sync-mgr: Elapsed time for full sync: [0] seconds
stunnel: LOG5[3]: Connection closed: 193 byte(s) sent to TLS, 109 byte(s) sent to socket
```
- BMC1
```
systemd: Starting Redundant BMC Data Synchronization...
phosphor-rbmc-data-sync-mgr: Full Sync started
phosphor-rbmc-data-sync-mgr: Full Sync completed successfully
phosphor-rbmc-data-sync-mgr: Elapsed time for full sync: [0] seconds
systemd: Started Redundant BMC Data Synchronization.
stunnel: LOG5[3]: Service [local_bmc] accepted connection from 10.0.2.100:53920
stunnel: LOG5[3]: Certificate accepted at depth=0: C=IN, ST=KA, O=IBM, OU=ISDL, CN=bmc0, [email protected] <=== BMC0 certificate verified
stunnel: LOG5[3]: s_connect: connected 127.0.0.1:1704
stunnel: LOG5[3]: Service [local_bmc] connected remote server from 127.0.0.1:45472
rsyncd: connect from localhost (127.0.0.1)
rsyncd: rsync allowed access on module var from localhost (127.0.0.1)
rsyncd: rsync to var/lib/pds/test from localhost (127.0.0.1)
rsyncd: receiving file list
rsyncd: sent 40 bytes received 110 bytes total size 0 <=== Data received
stunnel: LOG5[3]: Connection closed: 109 byte(s) sent to TLS, 193 byte(s) sent to socket
```
- After FullSync
```
BMC0:
cat /var/lib/pds/test
Data from Active BMC
BMC1:
cat /var/lib/pds/test
Data from Active BMC
```
- Immediate Sync
- Before Immediate Sync
```
BMC0:
cat /var/lib/pds/test
Data from Active BMC
BMC1:
cat /var/lib/pds/test
Data from Active BMC
```
- BMC0 Trace
```
stunnel: LOG5[4]: Service [sibling_bmc] accepted connection from 127.0.0.1:52292
stunnel: LOG5[4]: s_connect: connected 10.2.2.100:4071
stunnel: LOG5[4]: Service [sibling_bmc] connected remote server from 10.1.2.100:42794
stunnel: LOG5[4]: Connection closed: 201 byte(s) sent to TLS, 109 byte(s) sent to socket
```
- BMC1 Trace
```
stunnel: LOG5[4]: Service [local_bmc] accepted connection from 10.1.2.100:42794
stunnel: LOG5[4]: s_connect: connected 127.0.0.1:1704
stunnel: LOG5[4]: Service [local_bmc] connected remote server from 127.0.0.1:60416
rsyncd: connect from localhost (127.0.0.1)
rsyncd: rsync allowed access on module var from localhost (127.0.0.1)
rsyncd: rsync to var/lib/pds/test from localhost (127.0.0.1)
rsyncd: receiving file list
rsyncd: sent 40 bytes received 118 bytes total size 5 <=== Data received
stunnel: LOG5[4]: Connection closed: 109 byte(s) sent to TLS, 201 byte(s) sent to socket
```
- After Immediate Sync
```
BMC0:
cat /var/lib/pds/test
Data from Active BMC
Another data from Active BMC
BMC1:
cat /var/lib/pds/test
Data from Active BMC
Another data from Active BMC
```
Change-Id: Ia668ee21e69a78f973aea86fc96302ca76f499ec
Signed-off-by: Ramesh Iyyar <[email protected]>
0 commit comments