[Box-Admins] Moving services from box2 to box4

David T. Lewis lewis at mail.msen.com
Tue Jun 10 23:42:10 UTC 2014 

On Tue, Jun 10, 2014 at 07:26:34PM +0200, Levente Uzonyi wrote:
> On Mon, 9 Jun 2014, David T. Lewis wrote:
> >
> > Chris Muller offered to move the old SqueakMap from box2 to box4, and I 
> > offered to provide whatever interpreter VM may be need to run the old
> > image. If no objections, I will go ahead and install the same VM that
> > is currently installed on box3, and Chris Muller can follow up on the
> > SqueakMap move.
> > 
> > Levente, does this make sense to you? And if so, is it reasonable for 
> > Chris Muller and me to move a single service such as SqueakMap, as
> > opposed to moving a larger number of services all at once? I'm afraid
> > I am not very knowledgeable about setting up Apache >configurations,
> > so I do not really know how easily this can be done. But if we could get
> > the old SqueakMap service moved, it might be a good start.
> 
> That's exactly how it should be done. We should migrate the services one 
> by one. The easiest ones are those which use a single image and nothing 
> else (no other services). These are squeaksource (source.squeak.org), 
> squeakmap, and the wiki.

Thanks Levente,

The squeakmap service sounds like a good place to start. Chris is going
to try moving that service some time soon (maybe a couple of weeks from
now). I've installed a VM on box3 to support that image, and I will try
to help Chris where I can.

If we can get the squeakmap service moved successfully, maybe we can do
source.squeak.org next. I have recent experience moving the squeakmap.com
service onto box3, so I expect that source.squeak.org should be similar.

> 
> There's no apache on box4, it has nginx instead, which is a lot better 
> imho. To migrate these services we should
> 
> - copy the images, and files to box4
> - create nginx configurations for them
> - check if they work properly on box4
> - shut down the service on box2
> - synchronize the files again if necessary
> - create tunnels between box4 to box2 (at this point the services should 
> work as expected)
> - rewrite the dns entries
> 
> It may be necessary to change stuff in the image, if they expect that they 
> are running on box2. For example the way email is sent from them.
> 
> When these are done, we can migrate the harder serivces, which are mantis, 
> qmail and mailman.
> 
> 
> But before migrating any services, it would be good to ensure that
> 1. we have backups from box4 (and box3)
> 2. we have a proper firewall set up
> 
> I think Randal used to create backups from box2 - and maybe box3, but I 
> don't know if he still does that. I'm fairly sure we have no backups from 
> box4.
> 
> For the firewall, we should make sure that only some services are 
> accessible (nginx, ssh, smtp, dns). All other services should be either 
> served through nginx, or accessed over ssh. This goes against the current 
> practice, where people just fire up an image, pick a random port and hack 
> something.
> 

I do not know how to set up backups or firewalls. Hopefully we can get the
squeakmap move under way now even if the backups and firewalls have not
been done. Unless you say otherwise, I will assume that Chris and I should
proceed with moving the squeakmap service even if the backups and firewall
have not been done yet. Is that OK?

Thanks!

Dave

More information about the Box-Admins mailing list