[olug] Clean Upgrade using RPMS?

Christopher Cashell topher at zyp.org
Thu Sep 11 19:40:22 UTC 2003 

At Thu, 11 Sep 03, Unidentified Flying Banana Mike Peterson, said:
> You do have to reboot for kernel updates do you not?

Yes, you do.  Kernel upgrades aren't a required part of the Debian
upgrade process, though.

Well, in general, anyway.  There have been a few occasions when newer
versions of certain programs necessitated a kernel upgrade before or
during an operating system upgrade.  And the upgrade from Debian 1.3 to
Debian 2.0 did require a reboot also, in order to iron out a few
wrinkles caused by the libc5 -> glibc2/libc6 upgrade.

Additionally, Debian provides a set of utilities known as
'kernel-package', which allow you to build custom Linux kernels into
Debian packages that can be managed as any other Debian package.

> What type of services do your Debian systems provide?

The one I was specifically referring to, nexus.zyp.org, is my primary
personal use Server, and handles a multitude of tasks for my home
network, as well as for some friends.

It's typical day-to-day tasks include:
 Web Server (Apache)
 File Server (Samba and NFS)
 Mail Server (QMail and ezmlm)
 Database Server (PostgreSQL)
 Domain Name Server (BIND 9 (hosting DNS for my domain names))
 Firewall and Internet Gateway (Linux Kernel firewall facilities)

> Are they running any mission critical internal applications?

I suppose this would depend on your definition of "mission critical",
but I would consider it to be the case.  I do treat this server no
differently than I would (and do) treat a critical server that I would
maintain professionally as my job.

nexus.zyp.org currently handles all e-mail, authoritative DNS, and web
serving for both myself, and a group of other people.  Since I rely on
e-mail more than I do my cell phone, I consider it quite critical.  At
least a couple of people who I'm hosting things for are using it as part
of a home business, so I'd say they also consider it very important.

> What type of backups do you run on them?
> Do you do full backups?

The backup scheme is a little bit unusual, as it is a home-grown system
that has evolved with the machine.  The basics of it are that I do
frequent backups of the most important stuff, and less frequent backups
of the rest of the system.  I'll outline the essential details here,
too.

All of /etc is stored in CVS.  All changes to any config file in /etc is
tracked by immediately checking in all changes as they are made.  Debian
is very good about ensuring that configuration files be located in /etc
(or a subdirectory of /etc), and that no binary files will be located
there.

All of /home, which includes all user data and files, is rsync'ed with a
backup copy on another machine every three hours.

All of the data in /var, except for the PostgreSQL database data, is
backed up daily to another machine.  This includes a file that contains
a listing of all of the Debian packages installed on the machine.  I
also back up /boot and 

The PostgreSQL data is backed up every 12 hours to another machine.

Approximately once a week, all of the above stuff is backed up to CD-R's
for long term backup storage.

You may notice that nowhere do I mention a full backup of the entire
machine, only of the data and configs.  The reason for this is because
of some discussions with a guy I know, and some tests we ran.

With Debian, I can run a command, to get a listing of all of the
packages installed on my system.  Using this file and little bit of
script work, I can then tell a newly installed Debian box to go through
and download and install all of these packages.

Me and a friend tested this, and found it to be about as fast as
restoring a complete system from backups.  We just install the system
from a Debian CD, have it download and install the full list of packages
we want installed, then check out /etc from CVS, and restore /home and
/var data, and we have a machine up and going that is essentially
identical to the original machine.  We tried it on a spare machine, and
it worked without flaw.

After some playing, we then managed to narrow down the listing so that
we could install the OS, have it install all of the immediately
necessary packages to provide Services, and then we later install all of
the fluff at our liberty.  That managed to cut down the time it takes to
bring up a new machine even more.

This also saved our behinds a couple years ago when we had to take the
machine off line for two days in order to do some major hardware changes
in it.  We were able to get a backup machine, install it as mentioned
above, and use that to provide services until the primary server was
back in operation.

And, now that you've heard way more than you probably ever wanted to
know about one of my machines, I'll let you go back to more important
things. ;-)

-- 
| Christopher
+------------------------------------------------+
| A: No.                                         |
| Q: Should I include quotations after my reply? |
+------------------------------------------------+

More information about the OLUG mailing list