[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] [RaQ 4] 'rough' process to renumber IP's with no downtime

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

NOTE: USE AT YOUR OWN RISK UNTIL THIS ENTIRE PROCESS IS "PROVEN SAFE"

Situation: I had to renumber domains on my colo'd RaQ4 this week with 
only a couple of days notice.  I did some reading on the Apache site 
and found a way to make Apache listen on multiple IPs at the same 
time for each virtual site.  I did this "hack" and there was no 
interruption in service to my domains at all.

This process is based on the "Change all IPs on RaQ 4 without using 
UI" howto at www.cobaltfaqs.com

Note: This will probably wreak some kind of havoc if you're running a 
mail scanner, spamassassin, etc.  I don't run any of those on my 
small box, so I have no idea what changes you might need to make to 
get that to work.  My steps are for a "vanilla" RaQ 4.  If you're not 
running one of those, do NOT write and ask me what to do as I do not 
know...

This process also assumes your ISP/colo/etc is continuing to route 
traffic for the "old" IP addresses, and has already started routing 
the new IP addresses to your RaQ as well. If this isn't the case, 
stop now and wait until the routing is set up.


Step 1: Create new ifcfg-eth0:x virtual interface files in 
/etc/sysconfig/network-scripts for each new IP address (this will be 
kinda painful if you have a lot of IP-based virtual sites on the box 
- - I'm sure it could be scripted but I only had to do a couple so I 
didn't worry about it).

Example:

I have ifcfg-eth0, ifcfg-eth0:0 and ifcfg-eth0:1 (3 IPs assigned to 
the box).  Do

cd /etc/sysconfig/network-scripts
cp ifcfg-eth0   ifcfg-eth0:2
cp ifcfg-eth0:0 ifcfg-eth0:3
cp ifcfg-eth0:1 ifcfg-eth0:4

Then edit the new files (ifcfg-eth0:2 :3 and :4 in this example) and 
add/change the IP/network/gateway/etc info as needed.  Remember to 
make sure the correct DEVICE line is in each file.)

Then start each new interface:

ifup eth0:2
ifup eth0:3
ifup eth0:4

Verify the RaQ is listening for the new IPs by pinging the new IPs 
from another box.  If there's no answer, figure out what's wrong 
before continuing.  Figuring out what might be wrong is left as an 
exercise for the reader. :)

These examples assume I'm switching "old" IP 12.34.56.78 to "new" IP 
78.56.34.12.


Step 2: Add new IPs to /etc/httpd/conf/httpd.conf

a. Find each NameVirtualHost line and add a duplicate line below it 
with the new IP address.

Example:

NameVirtualHost 12.34.56.78

becomes

NameVirtualHost 12.34.56.78
NameVirtualHost 78.56.34.12

b. In each <VirtualHost ip.ad.re.ss> container "header" add the new IP 
as well.

Example:

<VirtualHost 12.34.56.78>

becomes

<VirtualHost 12.34.56.78 78.56.34.12>

c. Modify the RewriteCond line with the old IP to have the new IP

Example:

RewriteCond %{HTTP_HOST}                !^12.34.56.78(:80)?$

becomes

RewriteCond %{HTTP_HOST}                !^78.56.34.12(:80)?$

d. Restart Apache to re-read the new config file:

/etc/rc.d/init.d/httpd reload

At this point, Apache will answer for both the old IP and the new IP 
for each virtual site.


Step 3: Change each domain's info at the domain registrar.

If you are providing the DNS info yourself, edit the 'records' file 
and do global search-and-replace to change all the IPs to the new 
ones.  Then "distribute" those changes to the zone files by clicking 
"Save Changes" in the Control Panel (or manually run the CGI).

NOTE: All domains I host are externally registered, so step 3 is my 
"best guess" at what you should do if you are the authoritative 
nameserver for the domain(s). I have not tested this at all, so USE 
WITH CAUTION!


People using cached DNS info for the domains will continue to be 
directed to the old IP address, which Apache is dutifully listening 
on.  As the new IP info propogates, and people start getting the new 
IP, they will be sent there, and Apache will pick that up as well.


Step 4: Once you know all the new DNS info has propogated (48-72 hours 
later), you can change the server's network info and each domain's IP 
address in the GUI to the new IP... (this will be painful but you can 
do it at your leisure).  This will mainly update the PostgreSQL 
database, and ensure correct info is present in the UI.

(An alternative is to manually update the PostgreSQL database, which 
will be faster, but potentially more dangerous.  See the "howto" at 
www.cobaltfaqs.com for the process)

Remember to delete each "extra" ifcfg-eth0:x file in 
/etc/sysconfig/network-scripts as you set the new IP in the UI.  
Having two interfaces try to answer for the same IP whenever the 
server boots is not a Good Thing.


NOTE: I did these steps 3 or 4 days ago, but didn't document what I 
was doing at the time.  This is a recollection of the steps I took, 
which I believe to be correct.  However, if anyone cares to verify 
them and post any corrections, that might be a good idea.  (I'll be 
trying this on a "spare" box sometime, but not sure what the 
timeframe will be)

This may not be the best or "correct" way to handle renumbering (I 
have a nagging feeling that it may somehow break FTP or other 
services - I don't use them so I can't comment at the moment), but it 
worked for me when I only had a day or two's notice to "get it 
done"... and I didn't have any mail or web downtime for any domain 
I'm hosting, so I'm pretty sure it works...

USE AT YOUR OWN RISK THOUGH UNTIL IT CAN BE "PROVEN SAFE"!!!

- -- 
Bruce Timberlake

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+hS+YvLA2hUZ9kgwRAlHTAJ0Zq0Jf5O9DivbFmdpOyc0QFX8OjQCcCcZu
R8lU/f9KDYHFRe7mEe/VbWA=
=IdiG
-----END PGP SIGNATURE-----