Cloning a Debian server

From IridiaWiki
Jump to navigationJump to search

Cloning a server an be necessary for various reasons, e.g. due to hardware failures and upgrades as well as after hacker attacks. Notice that in order to clone a server using the method described below, you need access to the server that you want to clone. Hence, it is a good idea to take the steps described below BEFORE a machine crashes or is compromised.

The cloning consists of four different steps:

  1. Installing the correct packages
  2. Cloning the configuration
  3. Copying all user files
  4. Loading all application data (databases, mail, etc.)

Installing packages

On the server that you wish to clone, you have get a list of installed packages:

$ dpkg --get-selections > packages_server.txt

The machine on which you want to install the server clone has to be up and ready to receive a Debian fresh installation. Find a Debian installation image and install a minimal system. Get a list of all the packages installed on the new minimal system:

$ dpkg --get-selections > packages_minimal.txt

Now, change all occurances of "install" to "deinstall" on packages_minimal.txt, except hardware specific packages (e.g. for usb keyboards, network devices etc.).

Packages worth keeping from the minimal installation (if they are not present in packages_server.txt):

kernel-image-...
iputils-ping
hotplug
libusb-...
module-init-tools

Copy the file containing the package selections for the server (packages_server.txt) to the newly installed system and:

$ cat packages_minimal.txt | dpkg --set-selections 
$ cat packages_server.txt | dpkg --set-selections 

This will selected the packages that were selected on the server you want to clone as well as remove any unwanted packages from the minimal install. In order to actually install the packages run:

$ dselect

And choose "Install". Before confirming the install, check that you do not remove any critical packages (hence, scroll up and read the "To be REMOVED" section). Don't worry too much about the various configuration options as you are likely going to overwrite during the configuation cloning.

Cloning the configuration

cfengine is used to maintain the configuration files for the servers. The reason behind this is that cfengine allows for configuration file changes to be idempotent, flexible and all changes, including removal/out commeting of lines, additions etc. can be done neatly from within a single, high-level script. Thus, all changes done to a configuration file is done through a cfengine script.

Cfengine does in fact do a lot of other things too, but all we use are the "file edit" features.

If the cfengine package is not installed, then:

$ apt-get install cfengine

For more on how to use cfengine's editfiles features, see: Cfengine Manual

And for a couple of small useful examples, see: Cfwiki

User files

Restoring application data