Re: Moving web server to new IP - Debian

This is a discussion on Re: Moving web server to new IP - Debian ; On Wed, Jul 26, 2006 at 09:05:03PM +1200, Simon wrote: > I know this is strictly not a debian question, but i will be using > debian todo it! > > I need to move our web server to a ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Re: Moving web server to new IP

  1. Re: Moving web server to new IP

    On Wed, Jul 26, 2006 at 09:05:03PM +1200, Simon wrote:
    > I know this is strictly not a debian question, but i will be using
    > debian todo it!
    >
    > I need to move our web server to a new IP range. This is hosting
    > around 300 websites, about 250 on 2-3 IPS (standard name based virtual
    > hosts) and the rest on their own IPs (SSL hosts). All running on
    > apache/php/mysql.
    >
    > Im wondering how i can achieve this over a period of a week rather
    > than all in one go.


    set up a host in your own domain called 'vhost.your.domain.com' or
    whatever. make sure that your web server is configured to use both
    the new and the old IP address. gradually change the DNS for the
    virtual host domains so that www.vhostdomain.com is a CNAME for
    vhost.your.domain.com rather than an A record.

    dual hosting of the web server gives you time to move them gradually.
    pointing the www. records at a CNAME will make it easier to move them
    all again in future if you ever need to.

    if you don't want to use a CNAME (and there are pros and cons - e.g.
    dont do it if you want an MX record pointing at the same IP), but still
    don't want to manually edit 250 zone files, you can use perl to change
    them all in one go. something like:

    perl -p -i.bak 's/\b\d{10}\b/2006072701/; s/OLD_IP_OF_WEBSERVER/NEW_IP_OF_WEBSERVER/g;' *

    NOTE: the "*" on the end indicates all files in the current directory.
    use standard shell wildcards to refine the file selection if you need
    to.

    if you're paranoid (as i am), copy all the zone files to subdirectory
    under /tmp and run it in there first as a test to confirm that it will
    do what you want. when you're happy with the result, run it in the
    directory where you keep your primary zone files.

    note that the first search and replace looks for any sequence of 10 digits and
    replaces them with today's date. this assumes two things: 1. that you use the
    standard YYYYMMDDnn format for the zone's serial number, and 2. that you don't
    have anything else that looks like a serial number in the zone file.


    btw, you can use perl to automatically change all the A records to point
    at the CNAME too...you just need a slightly more complicated search
    regexp:

    perl -p -i.bak 's/\b\d{10}\b/2006072701/; s/IN\s*A\s*OLD_IP_OF_WEBSERVER/IN CNAME vhost.your.domain.com./;' *


    > My thoughts are to set up some sort of proxy to proxy the requests
    > from one IP range to another. But, this would result in wierd hit
    > stats (coming from the proxy IP rather than the client IP - i think).


    are the two IP addresses in the same network segments or at the same
    physical real-world location?

    if so, then just make sure both IP addresses are routed to your web server.

    if not, then proxying will be needed. you could do it with DNAT, but
    only if the two different IP networks are routed to the same actual
    location (i.e. at the same ISP or your own network blocks) - in which
    case, you're better off either routing both IPs to the same host or (as
    below) putting a second NIC in the web server. much simpler and less
    hassle than DNAT.

    (as for stats, i vaguely recall seeing an apache module which looked
    at the "Via:" headers added by proxies to the request and logged that
    rather than the actual TCP source address. can't remember what it's
    called. it's not something that's very important, though, esp. if it's
    only going to be for a week or so).

    alternatively, put a second network card in the web server and connect
    it to both networks (if physically possible).



    craig

    --
    craig sanders (part time cyborg)


    --
    To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  2. Re: Moving web server to new IP

    On Thu, 27 Jul 2006, Craig Sanders wrote:

    > perl -p -i.bak 's/\b\d{10}\b/2006072701/; s/OLD_IP_OF_WEBSERVER/NEW_IP_OF_WEBSERVER/g;' *


    Craig,

    Thanks for this great tip. As a lazy self-centered jerk, I will find this
    very useful for updating my zone files. I've yet to implement a
    web/[sql|ldap] based system for managing DNS records.

    Steve


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  3. Re: Moving web server to new IP

    On Thu, Jul 27, 2006 at 08:50:55AM +1000,
    Craig Sanders wrote
    a message of 87 lines which said:

    > if you don't want to use a CNAME (and there are pros and cons - e.g.
    > dont do it if you want an MX record pointing at the same IP), but
    > still don't want to manually edit 250 zone files, you can use perl
    > to change them all in one go.


    If someone manages 250 domains, he typically does not edit them by
    hand, they are produced by a program, no?

    Otherwise, it's like writing a program with 250 modules and defining
    the same constant in each module!


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  4. Re: Moving web server to new IP

    On Thu, Jul 27, 2006 at 10:06:56AM +1000,
    Craig Sanders wrote
    a message of 53 lines which said:

    > (*) especially true for an ISP or virtual hosting service where most
    > zone files are identical (or at least 99% the same) except for the
    > actual domain name.


    In that case, you do not even need Perl / Python / Haskell / awk /
    shell. Just edit a master zone file, containing only relative names:


    @ IN SOA bortzmeyer.netaktiv.com. hostmaster.bortzmeyer.org. (
    2006071901
    ....
    IN MX 0 bortzmeyer.netaktiv.com.

    www IN A 192.0.2.1
    ....


    and then setup symbolic links to this file (or use this file name in
    named.conf).


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  5. Re: Moving web server to new IP

    On Thu, Jul 27, 2006 at 09:38:23AM +0200, Stephane Bortzmeyer wrote:
    > On Thu, Jul 27, 2006 at 08:50:55AM +1000,
    > Craig Sanders wrote
    > a message of 87 lines which said:
    >
    > > if you don't want to use a CNAME (and there are pros and cons - e.g.
    > > dont do it if you want an MX record pointing at the same IP), but
    > > still don't want to manually edit 250 zone files, you can use perl
    > > to change them all in one go.

    >
    > If someone manages 250 domains, he typically does not edit them by
    > hand, they are produced by a program, no?


    maybe or maybe not. probably not. in my experience, usually not.

    lots of people do things the hard manual way - often because they think
    doing it the easy way (via a script) is a lot harder than it actually
    is. and because they dont have the discipline to plan in advance what
    they are going to do, which is an essential step in optimising any
    procedure. and because it has never occurred to them that a zone file
    is, like ANY other text config file, just textual data which can be
    generated and manipulated by a script.

    > Otherwise, it's like writing a program with 250 modules and defining
    > the same constant in each module!


    yes. but people do it.



    fortunately, sometimes all it takes is just to show people that
    there's a better way and that it isnt that hard, and they adopt it
    enthusiastically.


    craig

    --
    craig sanders (part time cyborg)


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

+ Reply to Thread