Difference between revisions of "Cloning a Debian server"
Christensen (talk | contribs) |
Christensen (talk | contribs) |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Cloning a server an be necessary for various reasons, e.g. due to hardware failures and upgrades as well as after hacker attacks. Notice that in order to clone a server using the method described below, you need access to the server that you want to clone. Hence, it is a good idea to take the steps described below BEFORE a machine crashes or is compromised. |
Cloning a server an be necessary for various reasons, e.g. due to hardware failures and upgrades as well as after hacker attacks. Notice that in order to clone a server using the method described below, you need access to the server that you want to clone. Hence, it is a good idea to take the steps described below BEFORE a machine crashes or is compromised. |
||
| + | |||
| + | The cloning consists of four different steps: |
||
| + | |||
| + | # Installing the correct packages |
||
| + | # Cloning the configuration |
||
| + | # Copying all user files |
||
| + | # Loading all application data (databases, mail, etc.) |
||
== Installing packages == |
== Installing packages == |
||
| Line 5: | Line 12: | ||
<pre> |
<pre> |
||
| − | $ dpkg --get-selections > |
+ | $ dpkg --get-selections > packages_server.txt |
</pre> |
</pre> |
||
| − | The machine on which you want to install the server clone has to be up and ready to receive a Debian fresh installation. Find a [http://www.debian.org |
+ | The machine on which you want to install the server clone has to be up and ready to receive a Debian fresh installation. Find a [http://www.debian.org Debian installation image] and install a ''minimal system''. Get a list of all the packages installed on the new minimal system: |
<pre> |
<pre> |
||
| − | $ |
+ | $ dpkg --get-selections > packages_minimal.txt |
</pre> |
</pre> |
||
| + | Now, change all occurances of "install" to "deinstall" on packages_minimal.txt, except hardware specific packages (e.g. for usb keyboards, network devices etc.). |
||
| ⚫ | |||
| + | |||
| + | Packages worth keeping from the minimal installation (if they are not present in packages_server.txt): |
||
| + | <pre> |
||
| + | kernel-image-... |
||
| + | iputils-ping |
||
| + | hotplug |
||
| + | libusb-... |
||
| + | module-init-tools |
||
| + | </pre> |
||
| + | |||
| + | Copy the file containing the package selections for the server (packages_server.txt) to the newly installed system and: |
||
| + | <pre> |
||
| + | $ cat packages_minimal.txt | dpkg --set-selections |
||
| + | $ cat packages_server.txt | dpkg --set-selections |
||
| + | </pre> |
||
| + | |||
| ⚫ | |||
<pre> |
<pre> |
||
| Line 20: | Line 44: | ||
</pre> |
</pre> |
||
| − | And choose "Install". Don't worry too much about the various configuration options as you are likely going to overwrite during the configuation cloning. |
+ | And choose "Install". Before confirming the install, check that you do not remove any ''critical'' packages (hence, scroll up and read the "To be REMOVED" section). Don't worry too much about the various configuration options as you are likely going to overwrite during the configuation cloning. |
== Cloning the configuration == |
== Cloning the configuration == |
||
| + | cfengine is used to maintain the configuration files for the servers. The reason behind this is that cfengine allows for configuration file changes to be idempotent, flexible and all changes, including removal/out commeting of lines, additions etc. can be done neatly from within a single, high-level script. Thus, all changes done to a configuration file is done through a cfengine script. |
||
| + | |||
| + | Cfengine does in fact do a lot of other things too, but all we use are the "file edit" features. |
||
| + | |||
| + | If the cfengine package is not installed, then: |
||
| + | <pre> |
||
| + | $ apt-get install cfengine |
||
| + | </pre> |
||
| + | |||
| + | For more on how to use cfengine's ''editfiles'' features, see: [http://linux-green.lanl.gov/gnu/Manuals/cfengine-1.6.3/html_node/cfengine-Reference_65.html Cfengine Manual] |
||
| + | |||
| + | And for a couple of small useful examples, see: [http://cfwiki.org/cfwiki/index.php/Editfiles_Examples Cfwiki] |
||
| + | |||
| + | == User files == |
||
| + | |||
| + | == Restoring application data == |
||
Latest revision as of 15:46, 21 February 2006
Cloning a server an be necessary for various reasons, e.g. due to hardware failures and upgrades as well as after hacker attacks. Notice that in order to clone a server using the method described below, you need access to the server that you want to clone. Hence, it is a good idea to take the steps described below BEFORE a machine crashes or is compromised.
The cloning consists of four different steps:
- Installing the correct packages
- Cloning the configuration
- Copying all user files
- Loading all application data (databases, mail, etc.)
Installing packages
On the server that you wish to clone, you have get a list of installed packages:
$ dpkg --get-selections > packages_server.txt
The machine on which you want to install the server clone has to be up and ready to receive a Debian fresh installation. Find a Debian installation image and install a minimal system. Get a list of all the packages installed on the new minimal system:
$ dpkg --get-selections > packages_minimal.txt
Now, change all occurances of "install" to "deinstall" on packages_minimal.txt, except hardware specific packages (e.g. for usb keyboards, network devices etc.).
Packages worth keeping from the minimal installation (if they are not present in packages_server.txt):
kernel-image-... iputils-ping hotplug libusb-... module-init-tools
Copy the file containing the package selections for the server (packages_server.txt) to the newly installed system and:
$ cat packages_minimal.txt | dpkg --set-selections $ cat packages_server.txt | dpkg --set-selections
This will selected the packages that were selected on the server you want to clone as well as remove any unwanted packages from the minimal install. In order to actually install the packages run:
$ dselect
And choose "Install". Before confirming the install, check that you do not remove any critical packages (hence, scroll up and read the "To be REMOVED" section). Don't worry too much about the various configuration options as you are likely going to overwrite during the configuation cloning.
Cloning the configuration
cfengine is used to maintain the configuration files for the servers. The reason behind this is that cfengine allows for configuration file changes to be idempotent, flexible and all changes, including removal/out commeting of lines, additions etc. can be done neatly from within a single, high-level script. Thus, all changes done to a configuration file is done through a cfengine script.
Cfengine does in fact do a lot of other things too, but all we use are the "file edit" features.
If the cfengine package is not installed, then:
$ apt-get install cfengine
For more on how to use cfengine's editfiles features, see: Cfengine Manual
And for a couple of small useful examples, see: Cfwiki
