Install new prod (RAID1)
Aus HS Syswiki
(Unterschied zwischen Versionen)
(13 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
Zeile 4: | Zeile 4: | ||
1. Set servername and rDNS on robot | 1. Set servername and rDNS on robot | ||
2. Set yes for traffic warnings with following amount: ( Hourly: 25600 MB / Daily: 102400 MB / 5120 GB ) | 2. Set yes for traffic warnings with following amount: ( Hourly: 25600 MB / Daily: 102400 MB / 5120 GB ) | ||
− | 3. Add DNS entries for tux, ns, login, bkp and srsbounce settings on tux1 /var/named/domains/hoststar.ch.db | + | 3. Add DNS entries for tux, ns, login, bkp and srsbounce settings on tux1 /var/named/domains/hoststar.(ch|at).db |
4. connect to rescue with credentials received on abuse@hoststar.ch | 4. connect to rescue with credentials received on abuse@hoststar.ch | ||
</pre> | </pre> | ||
Zeile 11: | Zeile 11: | ||
<pre> | <pre> | ||
− | domain="hoststar.ch" | + | domain="hoststar.(ch|at)" |
server_name="login-XX.$domain" | server_name="login-XX.$domain" | ||
tux="tuxXX" | tux="tuxXX" | ||
− | mysql_pw=" | + | mysql_pw="(ch|at)XXX-mySQL@XXX_$" |
bkp_server="bkpXXX.hrXX" | bkp_server="bkpXXX.hrXX" | ||
</pre> | </pre> | ||
Zeile 89: | Zeile 89: | ||
rsync -avz --delete --progress --rsh='ssh -p48531' tux281.hoststar.ch:/mnt/ /mnt/ | rsync -avz --delete --progress --rsh='ssh -p48531' tux281.hoststar.ch:/mnt/ /mnt/ | ||
− | #$182-ssh@MN_$ | + | # PW: $182-ssh@MN_$ |
</pre> | </pre> | ||
Zeile 95: | Zeile 95: | ||
<pre> | <pre> | ||
+ | chattr -i /mnt/root/usr/local/bin | ||
sed -i "s|`grep -o -E "[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}" /mnt/root/etc/udev/rules.d/70-persistent-net.rules`|`ifconfig | grep HWaddr | awk '{ print $5}'`|g" /mnt/root/etc/udev/rules.d/70-persistent-net.rules | sed -i "s|`grep -o -E "[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}" /mnt/root/etc/udev/rules.d/70-persistent-net.rules`|`ifconfig | grep HWaddr | awk '{ print $5}'`|g" /mnt/root/etc/udev/rules.d/70-persistent-net.rules | ||
sed -i "s|`grep "ETH0=" /mnt/root/usr/local/bin/iptables.bash | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`ifconfig | grep "Bcast" | awk '{ print $2}' | cut -d':' -f2`|g" /mnt/root/usr/local/bin/iptables.bash /mnt/root/etc/sysconfig/network/ifcfg-eth0 /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf | sed -i "s|`grep "ETH0=" /mnt/root/usr/local/bin/iptables.bash | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`ifconfig | grep "Bcast" | awk '{ print $2}' | cut -d':' -f2`|g" /mnt/root/usr/local/bin/iptables.bash /mnt/root/etc/sysconfig/network/ifcfg-eth0 /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf | ||
Zeile 100: | Zeile 101: | ||
sed -i "s|sda3|md2|g" /mnt/root/boot/grub/menu.lst | sed -i "s|sda3|md2|g" /mnt/root/boot/grub/menu.lst | ||
sed -i "s|via82cxxx sata_via sata_sil sata_nv sd_mod ahci atiixp raid0 raid1 raid5 raid6 raid10 3w-xxxx 3w-9xxx aacraid powernow-k8|raid1 via82cxxx sata_via sata_sil sata_nv sd_mod ahci atiixp raid0 raid5 raid6 raid10 3w-xxxx 3w-9xxx aacraid powernow-k8|g" /mnt/root/etc/sysconfig/kernel | sed -i "s|via82cxxx sata_via sata_sil sata_nv sd_mod ahci atiixp raid0 raid1 raid5 raid6 raid10 3w-xxxx 3w-9xxx aacraid powernow-k8|raid1 via82cxxx sata_via sata_sil sata_nv sd_mod ahci atiixp raid0 raid5 raid6 raid10 3w-xxxx 3w-9xxx aacraid powernow-k8|g" /mnt/root/etc/sysconfig/kernel | ||
− | sed -i "s|`grep NameVirtualHost /mnt/root/usr/local/apache2/conf/confixx_mhost.conf | grep ':80' | grep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`ifconfig | grep 'Bcast' | awk '{ print $2}' | cut -d':' -f2`|g" /mnt/root/usr/local/apache2/conf/confixx_mhost.conf | + | sed -i "s|`grep NameVirtualHost /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf | grep ':80' | grep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`ifconfig | grep 'Bcast' | awk '{ print $2}' | cut -d':' -f2`|g" /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf |
− | sed -i "s|`grep ServerName /mnt/root/usr/local/apache2/conf/confixx_mhost.conf | grep -o -E 'login-[1-9]{1,3}\.[a-z]{1,11}\.[a-z]{2}' | head -n1`|$server_name|g" /mnt/root/usr/local/apache2/conf/confixx_mhost.conf /mnt/root/usr/local/confixx/confixx_main.conf /mnt/home/www/confixx/settings.inc.php /mnt/etc/logrotate.d/apache2 /mnt/var/spool/cron/tabs/root | + | sed -i "s|`grep ServerName /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf | grep -o -E 'login-[1-9]{1,3}\.[a-z]{1,11}\.[a-z]{2}' | head -n1`|$server_name|g" /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf /mnt/root/usr/local/confixx/confixx_main.conf /mnt/home/www/confixx/settings.inc.php /mnt/root/etc/logrotate.d/apache2 /mnt/var/spool/cron/tabs/root /mnt/root/etc/logrotate.d/apache2 |
− | sed -i "s|`grep mysql_user_pass /mnt/home/www/confixx/settings.inc.php | grep -o -E '[a-z]{2}[1-9]{1,3}-mySQL@[1-9]{1,3}_\'\$`|$mysql_pw|g" /mnt/root/usr/local/webapp_updater/appupdate.sh /mnt/root/usr/local/webapp_updater/appupdate_mysql.sh /mnt/root/usr/local/confixx/confixx_main.conf /mnt/root/usr/local/bin/sqlbackup.sh /mnt/home/www/confixx/html/api/config/autoload/local.php /mnt/home/www/confixx/settings.inc.php /mnt/var/spool/cron/tabs/root | + | sed -i "s|`grep mysql_user_pass /mnt/home/www/confixx/settings.inc.php | grep -o -E '[a-z]{2}[1-9]{1,3}-mySQL@[1-9]{1,3}_\'\$`|$mysql_pw|g" /mnt/root/usr/local/webapp_updater/appupdate.sh /mnt/root/usr/local/webapp_updater/appupdate_mysql.sh /mnt/root/usr/local/confixx/confixx_main.conf /mnt/root/usr/local/bin/sqlbackup.sh /mnt/home/www/confixx/html/api/config/autoload/local.php /mnt/home/www/confixx/settings.inc.php /mnt/var/spool/cron/tabs/root /mnt/root/usr/local/confixx/confixx_main.conf |
− | sed -i "s|`grep servername /mnt/usr/local/bin/serverinfo.conf | grep -o -E 'tux[0-9]{1,3}'`|$tux|g" /mnt/usr/local/bin/serverinfo.conf | + | sed -i "s|`grep servername /mnt/root/usr/local/bin/serverinfo.conf | grep -o -E 'tux[0-9]{1,3}'`|$tux|g" /mnt/root/usr/local/bin/serverinfo.conf |
sed -i "s|`grep backupserver /mnt/root/usr/local/bin/serverinfo.conf | grep -o -E 'bkp[0-9]{1,3}\.hr[0-9]{1,2}'`|$bkp_server|g" /mnt/root/usr/local/bin/serverinfo.conf | sed -i "s|`grep backupserver /mnt/root/usr/local/bin/serverinfo.conf | grep -o -E 'bkp[0-9]{1,3}\.hr[0-9]{1,2}'`|$bkp_server|g" /mnt/root/usr/local/bin/serverinfo.conf | ||
sed -i "s|`grep ServerName /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf | awk '{ print $2 }'`|$domain|g" /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf | sed -i "s|`grep ServerName /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf | awk '{ print $2 }'`|$domain|g" /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf | ||
sed -i "s|`grep hostname /mnt/home/www/confixx/html/mail/config-v1.1.xml | tail -n1 | grep -o -E 'login-[1-9]{1,3}\.[a-z]{1,99}\.[a-z]{1,3}'`|$server_name|g" /mnt/home/www/confixx/html/mail/config-v1.1.xml /mnt/home/www/confixx/html/autodiscover/autodiscover.php | sed -i "s|`grep hostname /mnt/home/www/confixx/html/mail/config-v1.1.xml | tail -n1 | grep -o -E 'login-[1-9]{1,3}\.[a-z]{1,99}\.[a-z]{1,3}'`|$server_name|g" /mnt/home/www/confixx/html/mail/config-v1.1.xml /mnt/home/www/confixx/html/autodiscover/autodiscover.php | ||
sed -i "s|`grep allow-transfer /mnt/root/usr/local/bind-9.10.1/etc/named.conf | grep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`dig a +short $bkp_server.$domain`|g" /mnt/root/usr/local/bind-9.10.1/etc/named.conf | sed -i "s|`grep allow-transfer /mnt/root/usr/local/bind-9.10.1/etc/named.conf | grep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`dig a +short $bkp_server.$domain`|g" /mnt/root/usr/local/bind-9.10.1/etc/named.conf | ||
+ | chattr +i /mnt/root/usr/local/bin | ||
</pre> | </pre> | ||
Zeile 138: | Zeile 140: | ||
rmdir /mnt/* | rmdir /mnt/* | ||
undo ssh changes | undo ssh changes | ||
+ | </pre> | ||
+ | |||
+ | == Reboot == | ||
+ | |||
+ | <pre> | ||
+ | Server should be bootable and accessible over network now | ||
+ | </pre> | ||
+ | |||
+ | == Finish setup for Confixx etc. == | ||
+ | <pre> | ||
+ | cat /root/DNA/new_server/finish_setup.txt | ||
</pre> | </pre> |
Aktuelle Version vom 19. März 2018, 21:31 Uhr
Inhaltsverzeichnis |
[Bearbeiten] Preparation
1. Set servername and rDNS on robot 2. Set yes for traffic warnings with following amount: ( Hourly: 25600 MB / Daily: 102400 MB / 5120 GB ) 3. Add DNS entries for tux, ns, login, bkp and srsbounce settings on tux1 /var/named/domains/hoststar.(ch|at).db 4. connect to rescue with credentials received on abuse@hoststar.ch
[Bearbeiten] Set conf before pasting to console
domain="hoststar.(ch|at)" server_name="login-XX.$domain" tux="tuxXX" mysql_pw="(ch|at)XXX-mySQL@XXX_$" bkp_server="bkpXXX.hrXX"
[Bearbeiten] Create partitions
parted /dev/sda mktable msdos mkpart primary linux-swap 2048s 34.4G mkpart primary ext3 34.4G 88.1G mkpart primary ext3 88.1G 142G mkpart extended 142G 4294967295s mkpart logical ext3 142G 169G mkpart logical ext3 480G 4294967295s mkpart logical ext3 169G 480G set 1 raid on set 2 raid on set 3 raid on set 5 raid on set 6 raid on set 7 raid on quit sfdisk --dump /dev/sda > diskparts.txt sfdisk /dev/sdb < diskparts.txt
[Bearbeiten] Create RAID1
mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sda1 /dev/sdb1 mdadm --create /dev/md1 --level=1 --raid-devices=2 /dev/sda2 /dev/sdb2 mdadm --create /dev/md2 --metadata=0.90 --level=1 --raid-devices=2 /dev/sda3 /dev/sdb3 mdadm --create /dev/md3 --level=1 --raid-devices=2 /dev/sda5 /dev/sdb5 mdadm --create /dev/md5 --level=1 --raid-devices=2 /dev/sda7 /dev/sdb7 mdadm --create /dev/md4 --level=1 --raid-devices=2 /dev/sda6 /dev/sdb6
[Bearbeiten] Create file system
mkswap /dev/md0 mkfs.ext3 -O dir_index /dev/md1 mkfs.ext3 -I 128 -O dir_index /dev/md2 mkfs.ext3 -O dir_index /dev/md3 mkfs.ext3 -O dir_index /dev/md4 mkfs.ext3 -O dir_index /dev/md5
[Bearbeiten] Prepare image server
umount /mnt /mnt{1..3} /mnt/* /mysql1 mkdir /mnt/var /mnt/root /mnt/home /mnt/mysql mount /dev/sdb2 /mnt/var mount /dev/sdb3 /mnt/root mount /dev/sdb6 /mnt/home mount /dev/sda7 /mnt/mysql
[Bearbeiten] Prepare prod server
mkdir /mnt/var /mnt/root /mnt/home /mnt/mysql mount /dev/md1 /mnt/var mount /dev/md2 /mnt/root mount /dev/md4 /mnt/home mount /dev/md5 /mnt/mysql
[Bearbeiten] Sync data
rsync -avz --delete --progress --rsh='ssh -p48531' tux281.hoststar.ch:/mnt/ /mnt/ # PW: $182-ssh@MN_$
[Bearbeiten] Replace old config
chattr -i /mnt/root/usr/local/bin sed -i "s|`grep -o -E "[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}\:[0-9A-Fa-f]{2}" /mnt/root/etc/udev/rules.d/70-persistent-net.rules`|`ifconfig | grep HWaddr | awk '{ print $5}'`|g" /mnt/root/etc/udev/rules.d/70-persistent-net.rules sed -i "s|`grep "ETH0=" /mnt/root/usr/local/bin/iptables.bash | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`ifconfig | grep "Bcast" | awk '{ print $2}' | cut -d':' -f2`|g" /mnt/root/usr/local/bin/iptables.bash /mnt/root/etc/sysconfig/network/ifcfg-eth0 /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf sed -i "s|`grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' /mnt/root/etc/sysconfig/network/routes`|`route -n | grep 0.0.0.0 | head -n1 | awk '{print $2}'`|g" /mnt/root/etc/sysconfig/network/routes sed -i "s|sda3|md2|g" /mnt/root/boot/grub/menu.lst sed -i "s|via82cxxx sata_via sata_sil sata_nv sd_mod ahci atiixp raid0 raid1 raid5 raid6 raid10 3w-xxxx 3w-9xxx aacraid powernow-k8|raid1 via82cxxx sata_via sata_sil sata_nv sd_mod ahci atiixp raid0 raid5 raid6 raid10 3w-xxxx 3w-9xxx aacraid powernow-k8|g" /mnt/root/etc/sysconfig/kernel sed -i "s|`grep NameVirtualHost /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf | grep ':80' | grep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`ifconfig | grep 'Bcast' | awk '{ print $2}' | cut -d':' -f2`|g" /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf sed -i "s|`grep ServerName /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf | grep -o -E 'login-[1-9]{1,3}\.[a-z]{1,11}\.[a-z]{2}' | head -n1`|$server_name|g" /mnt/root/usr/local/apache2-2.2.29/conf/confixx_mhost.conf /mnt/root/usr/local/confixx/confixx_main.conf /mnt/home/www/confixx/settings.inc.php /mnt/root/etc/logrotate.d/apache2 /mnt/var/spool/cron/tabs/root /mnt/root/etc/logrotate.d/apache2 sed -i "s|`grep mysql_user_pass /mnt/home/www/confixx/settings.inc.php | grep -o -E '[a-z]{2}[1-9]{1,3}-mySQL@[1-9]{1,3}_\'\$`|$mysql_pw|g" /mnt/root/usr/local/webapp_updater/appupdate.sh /mnt/root/usr/local/webapp_updater/appupdate_mysql.sh /mnt/root/usr/local/confixx/confixx_main.conf /mnt/root/usr/local/bin/sqlbackup.sh /mnt/home/www/confixx/html/api/config/autoload/local.php /mnt/home/www/confixx/settings.inc.php /mnt/var/spool/cron/tabs/root /mnt/root/usr/local/confixx/confixx_main.conf sed -i "s|`grep servername /mnt/root/usr/local/bin/serverinfo.conf | grep -o -E 'tux[0-9]{1,3}'`|$tux|g" /mnt/root/usr/local/bin/serverinfo.conf sed -i "s|`grep backupserver /mnt/root/usr/local/bin/serverinfo.conf | grep -o -E 'bkp[0-9]{1,3}\.hr[0-9]{1,2}'`|$bkp_server|g" /mnt/root/usr/local/bin/serverinfo.conf sed -i "s|`grep ServerName /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf | awk '{ print $2 }'`|$domain|g" /mnt/root/usr/local/proftpd-1.3.5/etc/proftpd.conf sed -i "s|`grep hostname /mnt/home/www/confixx/html/mail/config-v1.1.xml | tail -n1 | grep -o -E 'login-[1-9]{1,3}\.[a-z]{1,99}\.[a-z]{1,3}'`|$server_name|g" /mnt/home/www/confixx/html/mail/config-v1.1.xml /mnt/home/www/confixx/html/autodiscover/autodiscover.php sed -i "s|`grep allow-transfer /mnt/root/usr/local/bind-9.10.1/etc/named.conf | grep -o -E '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`|`dig a +short $bkp_server.$domain`|g" /mnt/root/usr/local/bind-9.10.1/etc/named.conf chattr +i /mnt/root/usr/local/bin
[Bearbeiten] Make server bootable from RAID1
mdadm --detail --scan > /mnt/root/etc/mdadm.conf mv /mnt/root/etc/fstab.raid /mnt/root/etc/fstab rm /mnt/home/www/mysql /mnt/mysql/data/tux*.{pid,err} ln -s /mysql1 /mnt/home/www/mysql umount /mnt/{var,home,mysql} chroot-prepare /mnt/root chroot /mnt/root grub root (hd1,2) setup (hd1) root (hd0,2) setup (hd0) quit mkdir /var/tmp mkinitrd -f md chkconfig boot.md on chkconfig mdadmd on
[Bearbeiten] Undo changes on image server
umount /mnt/* rmdir /mnt/* undo ssh changes
[Bearbeiten] Reboot
Server should be bootable and accessible over network now
[Bearbeiten] Finish setup for Confixx etc.
cat /root/DNA/new_server/finish_setup.txt