Purpose

We are moving production services from bud, at Primary, to amber, 'in the cloud'. This page is an attempt to list out everything that needs to run on amber, notes on moving our applications from debian to CentOS, and notes for testing before turning amber live.

Currently running services

SSH

We can probably re-use the build steps we documented on bud.

MySQL

MySQL supports a members DB, roundcube, a click-through monitor, and wordpress. Possibly the safest way to migrate mysql is to make bud replicate to amber. Then when we're ready to go live with amber, we can turn off bud's services, and the database on amber will be up to date. This procedure is documented at http://www.softwareprojects.com/resources/programming/t-how-to-move-copy-a-live-mysql-database-and-what-1257.html. We should review our application configurations to make sure that they will be able to use amber's mysql installation when we copy them over.

Mail

This includes postgrey, postfix, spamassassin, courier, mailscanner, and mailman.

Apache

CentOS uses user and group 'apache' instead of 'www' and 'www-data', like Debian. We'll need to set the file and directory ownerships under /home/www/ aproppriately. Then we should be able to copy the contents of /etc/apache2 from bud to /etc/httpd/ on amber, change the user and group statements in httpd.conf to 'apache', and have it start.

To test our websites, it is probably best to include entries for www.sluug.org, www.stllinux.org, etc. pointing to amber's IP address in /etc/hosts on a remote machine.

Other things requiring configuration

Firewall

Unlike debian, CentOS comes with an integrated firewall configuration tool. This means we won't use Shorewall, but will configure iptables either with 'system-config-securitylevel-tui' or via /etc/sysconfig/iptables.

SSL

We may need to generate new SSL certificates, as clients may complain about mismatched FQDNs if we just copy the bud certs over to amber. We can either use the methods documented for bud, or use the Makefile or scripts in /etc/pki/tls/certs on amber.

NTP

Just run 'yum install ntp' and edit /etc/ntp.conf to use pool.ntp.org servers.

User accounts

Go through /etc/passwd on bud and make sure that user and application accounts are created. We'll need to be careful to avoid conflicts with UIDs/GIDs reserved by CentOS.