Plan for migration of code.gnucash.org to new VM?

John Ralls jralls at ceridwen.us
Wed Jan 18 20:54:19 EST 2017


> On Jan 18, 2017, at 2:36 PM, Derek Atkins <warlord at mit.edu> wrote:
> 
> Hi,
> 
> tl;dr:  I want to migrate code to the new VM.  You'll need to reset your
> ssh known_hosts key.  Let me know when would be a good time/date for
> you (I'm thinking Sunday afternoon).
> 
> Long version:
> 
> I've been working on building a new VM for code on the new server.
> I've done a preliminary copy of all the current data and I've been
> testing the various services to ensure they work.  The only service I
> haven't actually tested yet is git.  This move upgrades the server to
> Fedora 25, which includes mailman 2.1.21 (alas, not mailman 3).  I also
> changed from sendmail to postfix as the MTA.
> 
> If there are any particular new features you'd like in the new server,
> please let me know sooner rather than later.
> 
> A few things to note about the new server:
> 
> 1) I did not migrate trac.  I will have the current database, but I'm
>   not migrating any of the trac services since we don't use it.
> 
> 2) I copied the SVN repo, but I am not enabling SVN access
> 
> 3) I'm going to rename the IRC log files to YYYY/MM/DD.html, but I've
>   put in a permanent redirect so the old names continue to work.
> 
> 4) The SSH Host Keys are going to change.  This means you will need to
>   reset your known_hosts configurations.  The new keys have the
>   following fingerprints:
> 
>   256 SHA256:NLWx77E0Yp4oBhNfRJ0d4dlqDr+8nTmVKhOScebgQlY no comment (ECDSA)
>   256 SHA256:p3phK2xtXAEKzLEG3qqBvL1WLwqgAqu/Nm5VaZdi9jc no comment (ED25519)
>   2048 SHA256:V6oRv7mpv/LLWK1wKUS3xzh7Cxs/YJuOQ//ftVEzuBQ no comment (RSA)
> 
> 5) I need to find a good date/time for the migration.  I've already
>   copied MOST of the data so any downtime would be relatively short as
>   it rsync's any changes over.  The process would be:
>     a) take old machine "offline" (change its IP address to a private
>        address) and open up SSH a bit more
>     b) migrate the data to the new server
>     c) reconfigure the machine to take over code's IP address
>     d) ensure all the services are running
>   I expect this to take less than an hour, considering I *think* I've
>   got it all configured right now.
> 
> 6) As part of the migration from sendmail to postfix, I'll be losing any
>   email that remains in the mail queue.  I'm just not sure how to
>   migrate a sendmail-queued message to a postfix-queued message.
>   Google seems to think "get the old server to forward it to the new
>   server" but I'm not sure I feel comfortable doing that.  Perhaps I'll
>   just shut off incoming email to the old server ~12-24 hours before I
>   plan to migrate?
> 
> 7) If there are any additional changes or reconfigurations you'd like to
>   see in the new server, it would be nice to tell me sooner rather than
>   later.
> 
> SO....  Before I migrate, are there any specific tests you'd like me to
> perform?  Any service changes you'd like to see?  Also, when would be a
> good date/time to perform this migration?  I'm thinking this Sunday
> afternoon US/EST.
> 
> Comments/Suggestions?


I dunno how conservative you want to be. If we were to go all corporate IT we'd want to bring it up under an alternate host name and test all of the services from inside and outside, but I don't really think that's necessary. If you can access the wiki, send mail to the list, get a git log, and read the html docs then the only thing that can go wrong is connectivity and authentication from outside. We can coordinate that via IRC during the switchover process.

Sunday's fine with me.

Regards,
John Ralls




More information about the gnucash-devel mailing list