How to install servers

Little tutorial on how to deploy a server machine. These steps have been performed on Pygmee and reported here for future needs.

Before to start

Try to plan everything before to start:

  • services migration
  • timing schedules (since not migrated services will be off)
  • hw components (need long time to order)

Back up data

  1. make a backup of the whole system.
  2. note down the disks partitions 
    $ df -h >> disks_config.txt

$ echo >> disks_config.txt

$ mount >> disks_config.txt
  3. dump the installed packages
    $ dpkg -l >> installed_packages.txt
    ("dpkg -l" over "dpkg --get-selections" gives more info on package version)
  4. Note down each specific SW configuration (Apache, Svn, ...)

Change Old Hard-Drives

If possible change old disks. New disks are a little expense to do and guarantee longer life to data. Strongly recommended RAID1 (mirroring) configuration: don't use hardware RAID but Software RAID since Debian doesn't support it (during Debian installation).

Partitioning the disks

We'll assume to have 2 HDD of the same size; make the same partitions on both disks. Ex: 

50Gb    /

400Gb   /data

200Mb   /boot

4Gb     Swap

The same partitions in both disks will be used to create RAID Arrays.

Install Debian

  • Get the latest Debian release (Amd64) and burn it on a cd (network install preferably)
  • if needed change boot order on bios
  • start the install
  • you'll have to configure manually the network interface to retrieve the new packages for Debian (make sure to select the correct interface)
  • during partitioning create the RAID configuration:
    • for each partition select it and go to Use as: use it as physical volume for RAID (not for swap!)
    • now the first entry in the main partitioning menu should be: Configure software RAID, enter on it
    • for each logical partition: Create MD device; select partition on first disk; select same partition on second disk, (number of active devices = 2, number of spare devices = 0)
    • now new RAID partitions are available in the main partitioning menu: configure each partition (root, data, boot, swap)
  • continue with the installation
  • During the packages installation don't install the Desktop environment (selected by default). Just go with the Standard. (Web-server and SQL-database if needed)
  • complete install and reboot

Install Software

Make a diff of the currently installed packages and the previously ones and reinstall the missing ones.

  • Create the list of installed packages of the new system: 
$ dpkg -l >> installed_packages_new.txt
  • Delete the first comment lines of installed_packages and installed_packages_new
  • Now get just the list of packages: 
$ cat installed_packages.txt | cut -d " " -f 3-3 > tmp1.txt

$ cat installed_packages_new.txt | cut -d " " -f 3-3 > tmp2.txt
  • Get the list of missing packages: 
$ grep -v -f tmp2.txt tmp1.txt
  • remove all it's not necessary anymore.

Configure the system

Network

There are two main connections: an external to internet and an internal for intra-servers communication. The NFS4 filesystem mounts are allowed only within the internal network.

Automount

$ aptitude install autofs

Kerberos

Follow the instructions in here under the section Linux authentication (PAM)

Users

There are several ways to recreate all the kerberos users on the system. The main point is to rematch the users with the previous uid. Supposing that you saved the old passwd and shadow files then recreate the previous users in the following way: 

$ grep  \\*K\\*  /OldSystemBackup/etc/shadow | cut -d : -f 1 > /tmp/kerberos_users

$ grep -f /tmp/kerberos_users /OldSystemBackup/etc/passwd | cut -d : -f 1,3 --output-delimiter ' ' \

 | awk '{ print "useradd --uid", $2, " --password '*K*'", $1 }' > /tmp/users_to_create

$ sh /tmp/users_to_create

Firewall (iptables)

Follow instructions in here under the section /etc/init.d/iptables (firewall) and adapt the script for the specific host