Difference between revisions of "Cloning a Debian server"

From IridiaWiki
Jump to navigationJump to search
 
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
Cloning a server an be necessary for various reasons, e.g. due to hardware failures and upgrades as well as after hacker attacks. Notice that in order to clone a server using the method described below, you need access to the server that you want to clone. Hence, it is a good idea to take the steps described below BEFORE a machine crashes or is compromised.
 
Cloning a server an be necessary for various reasons, e.g. due to hardware failures and upgrades as well as after hacker attacks. Notice that in order to clone a server using the method described below, you need access to the server that you want to clone. Hence, it is a good idea to take the steps described below BEFORE a machine crashes or is compromised.
  +
  +
The cloning consists of four different steps:
  +
  +
# Installing the correct packages
  +
# Cloning the configuration
  +
# Copying all user files
  +
# Loading all application data (databases, mail, etc.)
   
 
== Installing packages ==
 
== Installing packages ==
Line 5: Line 12:
   
 
<pre>
 
<pre>
$ dpkg --get-selections > packages_selected.txt
+
$ dpkg --get-selections > packages_server.txt
 
</pre>
 
</pre>
   
The machine on which you want to install the server clone has to be up and ready to receive a Debian fresh installation. Find a [http://www.debian.org]] Debian installation image and install a ''minimal system''. Copy the file containing the package selections (packages_selected.txt) to the newly installed system and:
+
The machine on which you want to install the server clone has to be up and ready to receive a Debian fresh installation. Find a [http://www.debian.org Debian installation image] and install a ''minimal system''. Get a list of all the packages installed on the new minimal system:
   
 
<pre>
 
<pre>
$ cat packages_selected.txt | dpkg --set-selections
+
$ dpkg --get-selections > packages_minimal.txt
 
</pre>
 
</pre>
   
  +
Now, change all occurances of "install" to "deinstall" on packages_minimal.txt, except hardware specific packages (e.g. for usb keyboards, network devices etc.).
This will selected the packages that were selected on the server you want to clone. In order to actually install the packages run:
 
  +
  +
Packages worth keeping from the minimal installation (if they are not present in packages_server.txt):
  +
<pre>
  +
kernel-image-...
  +
iputils-ping
  +
hotplug
  +
libusb-...
  +
module-init-tools
  +
</pre>
  +
  +
Copy the file containing the package selections for the server (packages_server.txt) to the newly installed system and:
  +
<pre>
  +
$ cat packages_minimal.txt | dpkg --set-selections
  +
$ cat packages_server.txt | dpkg --set-selections
  +
</pre>
  +
 
This will selected the packages that were selected on the server you want to clone as well as remove any unwanted packages from the minimal install. In order to actually install the packages run:
   
 
<pre>
 
<pre>
Line 20: Line 44:
 
</pre>
 
</pre>
   
And choose "Install". Don't worry too much about the various configuration options as you are likely going to overwrite during the configuation cloning.
+
And choose "Install". Before confirming the install, check that you do not remove any ''critical'' packages (hence, scroll up and read the "To be REMOVED" section). Don't worry too much about the various configuration options as you are likely going to overwrite during the configuation cloning.
   
 
== Cloning the configuration ==
 
== Cloning the configuration ==
  +
cfengine is used to maintain the configuration files for the servers. The reason behind this is that cfengine allows for configuration file changes to be idempotent, flexible and all changes, including removal/out commeting of lines, additions etc. can be done neatly from within a single, high-level script. Thus, all changes done to a configuration file is done through a cfengine script.
  +
  +
Cfengine does in fact do a lot of other things too, but all we use are the "file edit" features.
  +
  +
If the cfengine package is not installed, then:
  +
<pre>
  +
$ apt-get install cfengine
  +
</pre>
  +
  +
For more on how to use cfengine's ''editfiles'' features, see: [http://linux-green.lanl.gov/gnu/Manuals/cfengine-1.6.3/html_node/cfengine-Reference_65.html Cfengine Manual]
  +
  +
And for a couple of small useful examples, see: [http://cfwiki.org/cfwiki/index.php/Editfiles_Examples Cfwiki]
  +
  +
== User files ==
  +
  +
== Restoring application data ==

Latest revision as of 15:46, 21 February 2006

Cloning a server an be necessary for various reasons, e.g. due to hardware failures and upgrades as well as after hacker attacks. Notice that in order to clone a server using the method described below, you need access to the server that you want to clone. Hence, it is a good idea to take the steps described below BEFORE a machine crashes or is compromised.

The cloning consists of four different steps:

  1. Installing the correct packages
  2. Cloning the configuration
  3. Copying all user files
  4. Loading all application data (databases, mail, etc.)

Installing packages

On the server that you wish to clone, you have get a list of installed packages:

$ dpkg --get-selections > packages_server.txt

The machine on which you want to install the server clone has to be up and ready to receive a Debian fresh installation. Find a Debian installation image and install a minimal system. Get a list of all the packages installed on the new minimal system:

$ dpkg --get-selections > packages_minimal.txt

Now, change all occurances of "install" to "deinstall" on packages_minimal.txt, except hardware specific packages (e.g. for usb keyboards, network devices etc.).

Packages worth keeping from the minimal installation (if they are not present in packages_server.txt):

kernel-image-...
iputils-ping
hotplug
libusb-...
module-init-tools

Copy the file containing the package selections for the server (packages_server.txt) to the newly installed system and:

$ cat packages_minimal.txt | dpkg --set-selections 
$ cat packages_server.txt | dpkg --set-selections 

This will selected the packages that were selected on the server you want to clone as well as remove any unwanted packages from the minimal install. In order to actually install the packages run:

$ dselect

And choose "Install". Before confirming the install, check that you do not remove any critical packages (hence, scroll up and read the "To be REMOVED" section). Don't worry too much about the various configuration options as you are likely going to overwrite during the configuation cloning.

Cloning the configuration

cfengine is used to maintain the configuration files for the servers. The reason behind this is that cfengine allows for configuration file changes to be idempotent, flexible and all changes, including removal/out commeting of lines, additions etc. can be done neatly from within a single, high-level script. Thus, all changes done to a configuration file is done through a cfengine script.

Cfengine does in fact do a lot of other things too, but all we use are the "file edit" features.

If the cfengine package is not installed, then:

$ apt-get install cfengine

For more on how to use cfengine's editfiles features, see: Cfengine Manual

And for a couple of small useful examples, see: Cfwiki

User files

Restoring application data