Moving my linux server to the cloud

After more than 10 years and after a thorough re-calculation of my family’s TCO on internet and server infrastructure, we came to the conclusion that it would be more economic to move the physical server and the associated leased line and IP subnet to a more modern cloud based infrastructure. (OK, I admit… It was actually way more spontaneous than it sounds… But I always wanted to say “TCO” in a blog post. 😉 )

Anyway – I had to

  1. find a cloud provider I trust
  2. relocate the server, services and data with as little downtime as possible

Luckily, my internet provider (iWay.ch) also offers virtual machines on a cloud based infrastructure entirely hosted in Switzerland – hello NSA – for a reasonable price. After going through all the contractual negotiations (i.e. click on ‘Agree’ on a web page) I got my cloud console login – like the one you get from Amazon.

I’ve set up an openSuSE 12.2 server from the provided template, ran a distro upgrade to 12.3 and my primary infrastructure was basically up-and-running within less than an hour.

A couple days before the actual migration, I did set the default TTL and refresh values for all my DNS zones to a very low value. This was to compensate the IP address change I had to undertake for my hosted domains. I did the change and pushed the updated zones out in the wild.

The first service I migrated was the DNS server. I “rsync” the relevant directories and then I went to the registrar of my domains and updated my name server IP address. The A records in the zone files still pointing to he old server, obviously. Shortly after I did the IP change, I began to see DNS requests to appear in my new server’s log files.

The next step was to replicate all the customer data (home directories, mail boxes and mysql data files) to the new server. I also chose to do this using rsync over ssh. After I set up the necessary sync jobs, I let it run over night to copy the initial set of data.

The next day I replicated the configuration settings of Apache, Postfix, dovecot and mysql to the new server the same way using rsync.
After some initial testing and tweaking on the new server, I ran the rsync jobs again and then I was finally able to make the switch on my DNS server by altering only 3 lines (A record for MX, A record for www and serial number). I shutdown the services on the old server and bounced the DNS on the new one and less than a minute later the HTTP requests and mail messages began to hit the new server.

At the end, I was a bit surprised how easy the migration went.
I realized that with only little planning and the right set of basic tools, you can get things done quickly – unlike some recent experiences I made at other places…

 

Upgrade your SuSE server

I run a SuSE 11 internet server providing some basic services.
I recently had to upgrade to a new version of SuSE (11.3) and it took my quite some time to do so.
Therefore I am listing here the necessary steps, hoping that the next time I will spend less time on such an upgrade…

Services installed

  • dovecot IMAP/IMAPS Mail Server
  • dovecot POP3/POP3S Mail Server
  • postfix SMTP TLS MTA
  • Apache HTTP/HTTPs Webserver
  • Subversion Repository
  • WebDAV online Disk
  • BIND DNS

Preparations and basic setup

  1. Take the server off-line and make sure no mail arrives. The emails will be queued on the alternate MX and delivered later.
  2. Do the backup (rsync including all deletions)
  3. Dump the installed packes to an XML using yast2 Software Management
  4. Install base software from boot ISO over the network
  5. Setup Networking
  6. Restore /etc/passwd
  7. Restore /etc/shadow
  8. Restore /home in the background

Setup Mail Server

  1. Setup postfix (check possibility to restore /etc/sysconfig/postfix from backup), but do not start
  2. Setup dovecot (restore /etc/dovecot/dovecot.conf), but do not start
  3. Check certificate values in /etc/sysconfig/postfix (or restore from backup)
  4. Create postfix certificates and SSL CA using mkpostfixcert
  5. Edit the config file /usr/share/doc/packages/dovecot/dovecot-openssl.cnf (attention, will be overwritten when upgrading dovecot)
  6. Run /usr/share/doc/packages/dovecot/mkcert.sh
  7. Download and install roundcube mail in /srv/www/htdocs

Setup Apache Webserver

  1. Setup apache2 (check possibility to restore /etc/sysconfig/apache2)
  2. Restore /etc/apache2/vhost.d from backup
  3. Restore /etc/apache2/conf.d/subversion.conf from backup
  4. Generate the following certificates for apache using yast2 (mail, svn, disk)
  5. Export the PEM encoded certificates to /etc/apache/ssl.crt|key/

Setup BIND Name Server

  1. Restore /etc/named.conf from backup
  2. Restore /etc/named.d from backup
  3. Restore /var/lib/named/master from backup

Setup MySQL

  1. Restore /etc/my.cnf from backup
  2. Restore /var/lib/mysql from backup

Setup Subversion

  1. If subversion is the same version (or compatible) just restore /srv/svn from backup
  2. If subversion is not compatible anymore use svnadmin load to load the dump from the backup

There’s noting to do for the WebDAV disk 🙂

After all the configuration files etc. have been restored and the settings in /etc/sysconfig have been checked, run SuSEconfig for the last time and test the mail server.
Unplug from the internet and start postfix and dovecot.
Check if a locally created mail is correctly handled by postfix, amavis and successfully delivered with dovecot.
Also check if the IMAP mbox is created in /var/spool/mail.

If this test succeeds we can restore /var/spool/mail from backup and connect to the internet again.

Now use yast2 to edit the runlevel configuration and make sure all the services are started at boot-time.
Also start them now.

Stored e-mails should no be delivered and correctly handled by the mail server.

Test all the virtual apache servers, webmail, subversion and WebDAV.