Configuring Sync Endpoints

Sync reads configuration settings from aspera.conf, which can be edited using asconfigurator commands or manually. The following sections provide instructions for setting Aspera-recommended security configuration, instructions for how to edit other configurations, a reference for many of the available configuration options, and a sample aspera.conf.

Aspera Recommended Configuration

Aspera recommends setting the following configuration options for greatest security. Additional settings are described in the following table.

Note: To synchronize with AWS S3 storage, you must configure specific locations for the log and database directories. For more information, see Synchronizing with AWS S3 Storage.
  1. Set the location for the Sync log for each transfer user.

    By default, Sync events are logged to the Aspera log (see Logging). Aspera recommends setting the log to a directory within the transfer user's home folder.

    Log location, size, and log level can be configured for both ascp and async by setting default or user-specific configurations in aspera.conf. For instructions, see Server Logging Configuration for Ascp and Ascp4.

    To set a logging directory for async that is separate from ascp, you can set async_log_dir. For example:

    > asconfigurator -x "set_user_data;user_name,username;async_log_dir,log_dir"
    Note: If async_log_dir is not set, then the logging configuration for ascp is applied. The client can override the server logging settings with the -R option.
  2. Set the location for the Sync database for each transfer user.

    Sync uses a database to track file system changes between runs of the same session (see The Sync Database). The Aspera Sync database should not be located on CIFS, NFS, or other shared file systems mounted on Linux, unless you are synchronizing through IBM Aspera Proxy. If server data are stored on a mount, specify a local location for the Sync database. Aspera recommends setting the database location to a directory within the user's home folder by using the same approach as setting the local Aspera Sync log:

    > asconfigurator -x "set_user_data;user_name,username;async_db_dir,db_dir"

    This setting overrides the remote database directory specified by the client with the -B option.

    Note: If the transfer user's docroot is a URL (such as file:////*), then async_db_dir must be set in aspera.conf. For an example, see Synchronizing with AWS S3 Storage.
  3. If the Sync source files are on a NFS or CIFS mount, create a mount signature file.

    Sync can use a mount signature file to recognize that the source is on a mount. If you do not use the mount signature file and the NFS or CIFS mount is unreachable, Sync considers those files as deleted and will delete them.

    To create a mount signature file, create the file in the parent directory of the source directory on the mount. For example, if the Sync directory is Z:\Sync\data, create the mount signature file by running the following command:

    >echo mount >> Z:\Sync\mount_signature.txt

    When you run a Sync session, use --local-mount-signature=/mnt/sync/mount_signature.txt if the local source is on a mount and --remote-mount-signature=/mnt/sync/mount_signature.txt if the remote source is on a mount. For bidirectional Sync sessions between mounts, use both.

Configuring Other Settings

To configure Syncsettings in aspera.conf by using asconfigurator commands, use the following general syntax for setting default values (first line) or user-specific values (second line):

> asconfigurator -x "set_node_data;option,value"
> asconfigurator -x "set_user_data;user_name,username;option,value"

To manually edit aspera.conf, open it in a text editor with administrative privileges from the following location:

C:\Program Files\Aspera\Point-to-Point\etc\aspera.conf

See an example aspera.conf following the settings reference table. For an example of the asperawatchd configuration, see Watch Service Configuration.

After manually editing aspera.conf, validate that its XML syntax is correct by running the following command:

> asuserdata -v
This command does not check if the settings are valid.

Sync Configuration Options

asconfigurator option
aspera.conf setting
 Description and Value Options
async_connection_timeout
<async_connection_timeout>
 The number of seconds async waits for a connection to be established before it terminates.

Value is a positive integer. (Default: 20) If synchronization fails and returns connection timeout errors, which could be due to issues such as under-resourced computers, slow storage, or network problems, set the value higher, from 120 (2 minutes) to even 600 (10 minutes).
async_db_dir
<async_db_dir>
 Specify an alternative location for the async server's snap database files. If unspecified, log files are saved in the default location or the location that is specified by the client with the -B option.
async_db_spec
<async_db_spec>
 Value has the syntax sqlite:lock_style:storage_style. (Default: undefined)

lock_style: Specify how async interfaces with the operating system. Values depend on operating system. On Windows, the options are undefined or win32.

storage_style: Specify where Syncstores a local database that traces each directory and file. Three values can be used:

  • undefined or disk: The default option. Read and write the database to disk. This provides maximum reliability and no limitations on the number of files that can be synchronized.
  • lms: The database is loaded from disk into memory at startup, changes during the session are saved to memory, and the database is saved to disk on exit. This option increases speed but all changes are lost if async stops abruptly, and the number of synchronized files is limited by available memory.
  • memory: The database is stored completely in memory. This method provides maximum speed but is not reliable because the database is not backed up to disk.
async_enabled
<async_enabled>
 Enable (set to true, default) or disable (set to false) Sync. When set to false, the client async session fails with the error "Operation 'sync' not enabled or not permitted by license".
async_log_dir
<async_log_dir>
 Specify an alternative location for the async server's log files. If unspecified, log files are saved in the default location or the location that is specified by the client with the -R option. For information on the default log file location, see Logging.
async_log_level
<async_log_level>
 Set the amount of detail in the async server activity log. Valid values are log (default), dbg1, or dbg2.
async_session_timeout
<async_session_timeout>
 The number of seconds async waits for a non-responsive session to resume before it terminates. Value is a positive integer. (Default: 20)
directory_create_mode
<directory_create_mode>
 Specify the directory creation mode (permissions). If specified, create directories with these permissions irrespective of <directory_create_grant_mask> and permissions of the directory on the source computer. This option is applied only when the server is a Unix-based receiver.

Value is a positive integer (octal). (Default: undefined)
directory_create_grant_mask
<directory_create_grant_mask>
 Specify the mode for newly created directories if directory_create_mode is not specified. If specified, directory modes are set to their original modes plus the grant mask values. This option is applied only when the server is a Unix-based receiver and when directory_create_mode is not specified.

Value is a positive integer (octal). (Default: 755)
async_lock
<async_lock>
 Async uses a locking mechanism that enforces a single async session running at a time for a source and destination directory. For example, this command can only have one async session running at a time:
async -N session_name -d local_path -r user@host:remote_path

Async has two types of locks that can be configured: file and kvstore.

The default type is file. This type uses a file system based locking that prevents other async sessions from running.

The kvstore type is best suited to clustered deployments. In this configuration async uses features from the Redis database that is installed as part of the transfer server/endpoint that prevents other async sessions from running.

Other parameters in the async_lock include stale_timeout and update_period_sec:

  • stale_timeout: Specifies the amount of time that async waits to acquire the lock. Only valid when lock type is kvstore. (Default 20 seconds)
  • update_period_sec: Time interval used to update the lock. Only valid when lock type is kvstore. (Default 5 seconds)
async_support_resume
<async_support_resume>

In the server side, the aspera.conf option allow async transfers to resume. Provides the same functionality as --support-resume client argument. This option is not valid if the client side is set to use -x or --reset.

Value corresponds to the minimum size of files (in MB) to resume. Lowest value is 1. Option is disabled with 0.
async_resume_age_days
<async_resume_age_days>
 Set the age limit for temporary files that are preserved on cleanup for potential transfer resume (usually at start and stop in async). Temp files older than the specified days are me removed regardless of whether the transfers might resume.

Example Sync Configuration in aspera.conf

<file_system>
   ...	
   <directory_create_mode> </directory_create_mode> 
   <directory_create_grant_mask>755</directory_create_grant_mask>
   <preserve_acls>none</preserve_acls> 
   <preserve_xattrs>none</preserve_xattrs> 
   ...  
</file_system>
   ...
<default>
   ...
   <async_db_dir>  </async_db_dir>
   <async_db_spec>  </async_db_spec>
   <async_enabled>true</async_enabled>
   <async_connection_timeout>20</async_connection_timeout> 
   <async_session_timeout>20</async_session_timeout> 
   <async_log_dir>AS_NULL</async_log_dir> 
   <async_log_level>log</async_log_level>
   ...
</default>