[rancid] Throttling per-host (odd situation)

Piegorsch, Weylin William weylin at bu.edu
Wed Jun 21 20:52:52 UTC 2017

This might not be using rancid to independently solve your challenge, but whatever.  Can you split this into multiple groups, each tenant gets it’s own group (with one device in router.db), and then you can schedule do-diffs for the various groups at staggered times?

-----Original Message-----
From: Howard Jones <howie at thingy.com>
Date: Tuesday, June 20, 2017 at 18:06
To: <rancid-discuss at shrubbery.net>
Subject: [rancid] Throttling per-host (odd situation)

    I have a homegrown script for grabbing individual configs from a 
    multi-tenant firewall. It works in conjunction with a small hack to 
    bin/rancid and bin/control_rancid, so that I can have a "host" called 
    firewall1[TENANT1], and it knows to take the part in [] off, and use the 
    remains as a hostname, and also not smash the case of the filename.
    The upshot of this though, is that I have many connections to the same 
    device as part of a rancid run. The device has a limit on the number of 
    incoming ssh sessions, and even if it didn't I don't really want to DOS 
    it with rancid. I know I can change PAR_COUNT so that it's less than the 
    number of allowed connections, but then a complete run takes over an 
    hour (there are plenty of other devices here) instead of the 
    already-quite-long 30ish minutes with a PAR_COUNT of 10.
    So - is there any convenient way to have rancid throttle connections for 
    particular devices, groups, or hostnames matching a pattern? Or is it 
    just a case of turn the timeouts up, and the retries up and let it grind 
    through? (each attempt will get connection refused until a slot is open 
    - so I suppose I'd need num_tenants/max_sessions retries, at least, 
    which itself would be dynamic.
    I realise this is not at all a standard situation, but maybe someone 
    else has similar? Or, e.g. something with access via a serial console 
    server that has similar limitations?
    Without re-engineering the guts of rancid too much, I'm thinking about 
    something like a pool of lockfiles that clogin (or rancid before it 
    starts clogin) waits on...
    Thanks in advance for any pointers...

More information about the Rancid-discuss mailing list