[Gluster-infra] Lists server upgrade tomorrow
Amar Tumballi
amar at kadalu.io
Thu Apr 15 13:44:09 UTC 2021
Much appreciated! Thanks.
On Thu, Apr 15, 2021 at 7:09 PM Michael Scherer <mscherer at redhat.com> wrote:
> Le mercredi 14 avril 2021 à 17:16 +0200, Michael Scherer a écrit :
> > Hi,
> >
> > Since supercolony is still running on RHEL 6 (who is past its shelf
> > life), it has to be upgraded to EL 7. So I installed another VM, used
> > ansible, and we are ready to switch soon.
> >
> > The plan for migration tomorrow is as follow (so I can refer later),
> > for the moment of migration:
> >
> > - disable the ansible playbook for supercolony
> > - block postfix port 25 on iptables
> > - make sure the postfix queue is empty
> > - deal with current moderation tasks, check that
> > /var/lib/mailman/data
> > is empty
> > - stop postfix
> > - stop mailman (on both servers)
> >
> > - sync the archives/ and lists/ to the new server with rsync
> >
> > - start mailman on new server
> > - switch the web proxy to go to the new server
> >
> > - check this work fine on the web interface
> >
> > - switch the DNS (so the MX record as well)
> >
> > - announce the new server on list and see if the mail is sent
> >
> > and later, deal with all the side effect of switching that I forgot
> > (like, I guess, jenkins, and the IP reputation, and maybe some RH IT
> > stuff)
> >
> > If all goes well, it should take less than 30 minutes. There is
> > almost
> > no risk of losing mails. I am gonna send a email to announce the
> > migration to devel and users.
>
> So as usual, not everything went well:
>
> - Our old EL 6 server was without IP v6. The new one is IP v6 ready.
> Postfix refused to start due to that (since the old server was
> configured to be IP v4 only in postfix config).
>
> But, I was lucky because at the same time, mailman decided to bounce
> and spam everybody, so this got blackholed.
>
> - the web interface and mailman didn't work out of the box. I suspect I
> forgot one configuration file or one detail. I fixed it and now it
> work.
>
> - the firewall was also blocking port 25. While this is a very
> efficient measure to prevent spam, I deemed it too efficient.
>
> - of course, new IP mean new delay due to greylisting. On both side
> when sending a mail to myself to test. But this worked
>
> If you read that mail, it mean that the move worked.
>
> I slowed it down so we do not hit limits too fast on gmail/yahoo/etc,
> and with the greylisting cache being reset, delay might be observed
> during the next few days.
>
>
>
> --
> Michael Scherer / He/Il/Er/Él
> Sysadmin, Community Infrastructure
>
>
>
> _______________________________________________
> Gluster-infra mailing list
> Gluster-infra at gluster.org
> https://lists.gluster.org/mailman/listinfo/gluster-infra
--
--
https://kadalu.io
Container Storage made easy!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gluster.org/pipermail/gluster-infra/attachments/20210415/624f577e/attachment.html>
More information about the Gluster-infra
mailing list