MESSAGE
| DATE | 2009-12-22 |
| FROM | Ruben Safir
|
| SUBJECT | Subject: [NYLXS - HANGOUT] Server Upgrade report....you really have to read this
|
So, I finally decided to make the bid server upgrade since we've been
running SuSE 9.2 for way too long and I wanted to really get my hands on
zyppher and try out the new interfaces. In addition, I wanted to
finally switch off of sendmail and there are odds and ends of stuff that
I've wanted to upgrade over the last 4 years, like the improved USB
modules etc.
Now last time we upgraded we went from SuSE 8.2 to 9.2 and I simply
backed up and tar balled a few configuration files. I loaded the new
OS, which went as smooth as glass, and then I downloaded apache,
mod_erl, embperl through cpan, named, dhcpd, and mysql. I compiled
everything ... bang bang bang. Dropped in my custom /etc/rc.d/ files
and BOOM. everything was done in about 40 minutes, and even scratched
his head and said to me..."That's it...everything works" and I said -
yup. And we had some wine and beer.
Not this time.
This has been the most difficult install I'd ever done. It seems like
NOTHING in opensuse 11.2 works correct. Before doing this I ran two
other installations from the USB Key chain drives. The first one was on
an older Dell Laptop with a DVD R/W driver, sound and wireless. That
went pretty smooth and then I costomized it to make sure my boss, who's
machine it was, would be able to simple turn it on, log in and have a
lot of stuff available and everything work. Even the DECSS and MP3
installs went fairly smooth.
The second time was my daughters new HP Mini. That did not go smooth.
First, it wouldn't boot after installation. The Broadcom wireless still
isn't functioning and the drivers for the sound needed twixing. Then I
had trouble with the new Pulse Audio for gnome, which is a really PIA
and seems to be just broken. It's behavior is truly unpreidctable, but
I get it work and I'm not really finished with it, but Shani is in love
with it and I can't rip it out of her hands long enough to finish the
job.
But the server, i fingure...hey - this is 5 year old hardware...it
should be a piece of cake. Its been anything BUT. I've had to rebuild
large comonents of the OS from source and I'll list them
1) Basic Network:
First, Yast was telling me that the port fowarding was on. It took me
two days to figure out that it just wasn't. In addition, the SuSE
Firewall was supposed to be off...Yeah...not quite.
Normally setting up the two ethernet cards and gateway is a simple issue
of dropping this into the networking script:
~~~~~~~~~~
#/bin/sh
PATH=/sbin:/usr/sbin:/usr/local/sbin:/root/bin:/usr/local/bin:/usr/bin:/usr/X11R6/bin:/bin:/usr/games:/opt/gnome2/bin:/opt/gnome/bin:/opt/kde3/bin:/opt/kde2/bin:/usr/openwin/bin:/usr/lib/java/bin:/opt/gnome/bin
export PATH
echo " Entered ROUTE.SH"
## MASQUERADING Rule ##
/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/route -n
~~~~~~~~~~~~~~~~~~
Not only would this just not work, and nobody could tell me why, the
scripts that run networking now are a complete mess. You need an entire
UML data structure just to follow all the dependent bash stripts in a
networking file that is 1071 LINES, and 29570 charactors long...and no
where in the script does it have the word 'ifconfig'. All the OS
operatings are trying to be shoved into userspace and there is a "Net
Manager" the thing that installs your wifi like magic. And you can tell
Yast that you don't want to use it, but that does nothing about reducing
the size of the networking init script.
It took me about 3 hours to figure out that there was no way I was going
to be able to rationally hack that script, as I always had done in the
past so I tried to add a version of the routing script to a new
/etc/rc.d file and to link it into /etc/rc.d/rc3.d and /etc/rc.d/rc5.d
for the run levels that would trigger networking.
Nadda. The OS seemed to ignore them. I finally got some advice and
reworked the scripts from a template and initiallized them through Yast
and they were finally accepted. But then I couldn't get the internal
network to pass through, regardless of the routes. finally, I figured
out that Yast is telling me that port forward is on, but it wasn't. So
I added another init script to
echo 1 >/proc/sys/net/ipv4/conf/eth0/forwarding ..which is a WHOLE NEW
LOCATION for that proc value to be stored.
2: Rebuild named:
OK - one problem solved. On the the next one. There server is the
recorded authoritative DNS serve. So when it is down, it didnt have a
name server to resolve DNS enquiries. And like an idiot, I forgot to
ask out ISP who was our upstream default DNS server. So there is no DNS.
My phone is on the network so I can't call anyone. Whois isn't working
so I couldn't borrow anyone elses for a few minutes until I got a chance
to download a new named and dig wasn't installed so my root hints sucked.
I searched through old mail header to see if I could find panix's IP
numbers, and from there I was able to ssh into panix and create a root
hint file which I then was able to drop in to set up a caching server.
Then I dod a few whois's and found a decent address for /etc/resolv.conf
to leach off of and achive access to the BIND source code. For some
reason, SuSE's built in named never seems to configure correctly with my
name server databases. So I usually rebuild it and then just drop in my
old named.conf and zone information. I did all that, as per normal, but
the init script is being a PIA again. I finally just give up on
rewriting it and build one off the template from scratch and install it
with Yast ... everything is fine..
....cont
|
|
