How to install servers
Little tutorial on how to deploy a server machine. These steps have been performed on Pygmee and reported here for future needs.
Before to start
Try to plan everything before to start:
- services migration
- timing schedules (since not migrated services will be off)
- hw components (need long time to order)
Back up data
- make a backup of the whole system.
- note down the disks partitions
$ df -h >> disks_config.txt $ echo >> disks_config.txt $ mount >> disks_config.txt
- dump the installed packages
$ dpkg -l >> installed_packages.txt
("dpkg -l" over "dpkg --get-selections" gives more info on package version) - Note down each specific SW configuration (Apache, Svn, ...)
Change Old Hard-Drives
If possible change old disks. New disks are a little expense to do and guarantee longer life to data. Strongly recommended RAID1 (mirroring) configuration: don't use hardware RAID but Software RAID since Debian doesn't support it (during Debian installation).
Partitioning the disks
We'll assume to have 2 HDD of the same size; make the same partitions on both disks. Ex:
50Gb / 400Gb /data 200Mb /boot 4Gb Swap
The same partitions in both disks will be used to create RAID Arrays.
Install Debian
- Get the latest Debian release (Amd64) and burn it on a cd (network install preferably)
- if needed change boot order on bios
- start the install
- you'll have to configure manually the network interface to retrieve the new packages for Debian (make sure to select the correct interface)
- during partitioning create the RAID configuration:
- for each partition select it and go to Use as: use it as physical volume for RAID (not for swap!)
- now the first entry in the main partitioning menu should be: Configure software RAID, enter on it
- for each logical partition: Create MD device; select partition on first disk; select same partition on second disk, (number of active devices = 2, number of spare devices = 0)
- now new RAID partitions are available in the main partitioning menu: configure each partition (root, data, boot, swap)
- continue with the installation
- During the packages installation don't install the Desktop environment (selected by default). Just go with the Standard. (Web-server and SQL-database if needed)
- complete install and reboot
Install Software
Make a diff of the currently installed packages and the previously ones and reinstall the missing ones.
- Create the list of installed packages of the new system:
$ dpkg -l >> installed_packages_new.txt
- Delete the first comment lines of installed_packages and installed_packages_new
- Now get just the list of packages:
$ cat installed_packages.txt | cut -d " " -f 3-3 > tmp1.txt $ cat installed_packages_new.txt | cut -d " " -f 3-3 > tmp2.txt
- Get the list of missing packages:
$ grep -v -f tmp2.txt tmp1.txt
- remove all it's not necessary anymore.
Configure the system
Network
There are two main connections: an external to internet and an internal for intra-servers communication. The NFS4 filesystem mounts are allowed only within the internal network.
Automount
$ aptitude install autofs
Kerberos
Follow the instructions in here under the section Linux authentication (PAM)
Users
There are several ways to recreate all the kerberos users on the system. The main point is to rematch the users with the previous uid. Supposing that you saved the old passwd and shadow files then recreate the previous users in the following way:
$ grep \\*K\\* /OldSystemBackup/etc/shadow | cut -d : -f 1 > /tmp/kerberos_users
$ grep -f /tmp/kerberos_users /OldSystemBackup/etc/passwd | cut -d : -f 1,3 --output-delimiter ' ' \
| awk '{ print "useradd --uid", $2, " --password '*K*'", $1 }' > /tmp/users_to_create
$ sh /tmp/users_to_create
Firewall (iptables)
Follow instructions in here under the section /etc/init.d/iptables (firewall) and adapt the script for the specific host
