Thread: svr2/unionfs
Hi Marc, How easy would it be to get rid of the unionfs stuff on svr2/borg? Given that there is only the one VM, can the vserver just be copied over the template? Regards, Dave
On Sun, 27 Nov 2005, Dave Page wrote:
> Hi Marc,
>
> How easy would it be to get rid of the unionfs stuff on svr2/borg? Given
> that there is only the one VM, can the vserver just be copied over the
> template?
the ones we've been doing, and what we'll be doing with teh dev vserver
tonight, is we copy over a clean, base template (ie. imap, postfix and
vanilla apache) and then re-add the various applications over top of it
... that way it doesn't have any of the extra trash installed ...
In theory, you could do that where you just copy it over the template
itself ...
If you want to go the clean route, though, what I'm doing is:
cp fresh base template
shut down old vServer
rm various top level directories that can be safely removed
- compat, sys, kernel, dev, modules, proc, tmp
cd usr; find . -depth -type d -delete
- clears out the 'ghost directories that unionfs creates
cd ..
find . -print | cpio -pduma ../<new vserver hierarchy>
and then restart ...
for dev/lists, I'll disable postfix from starting up on restart, since I
need to re-install the perl modules for majordomo2 ... for wwwmaster,
you'd have to worry about making sure the appropriate php modules are
installed ...
the 'painful ones' are doing the vServers with Java installed, since you
have to build it all from scratch, which takes a good long while ... but
the rest are fairly quick/easy ...
----
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664
> > Hi Marc, > > > > How easy would it be to get rid of the unionfs stuff on svr2/borg? > > Given that there is only the one VM, can the vserver just be copied > > over the template? > > the ones we've been doing, and what we'll be doing with teh > dev vserver tonight, is we copy over a clean, base template > (ie. imap, postfix and vanilla apache) and then re-add the When we're talking svr2 in this case, why would we want to even put imap *on* it in the first placae? Or vanilla apache, since we'll need to recompile it anyway. The less stuff on there, the less stuff to be pathched for security stuff. In light of the recent "mishap" on svr2... //Magnus
On Mon, 28 Nov 2005, Magnus Hagander wrote: >>> Hi Marc, >>> >>> How easy would it be to get rid of the unionfs stuff on svr2/borg? >>> Given that there is only the one VM, can the vserver just be copied >>> over the template? >> >> the ones we've been doing, and what we'll be doing with teh >> dev vserver tonight, is we copy over a clean, base template >> (ie. imap, postfix and vanilla apache) and then re-add the > > When we're talking svr2 in this case, why would we want to even put imap > *on* it in the first placae? Or vanilla apache, since we'll need to > recompile it anyway. > The less stuff on there, the less stuff to be pathched for security > stuff. In light of the recent "mishap" on svr2... We can do that too ... I just have pre-setup skeletons that already match the format for how svr2 is already setup, so it would potentially be an easier switch then starting completely from scratch, that's all ... re: imap ... just disable it in /etc/rc.conf so that it doesn't start up, that's all ... ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664
> -----Original Message----- > From: Marc G. Fournier [mailto:scrappy@postgresql.org] > Sent: 27 November 2005 23:00 > To: Dave Page > Cc: pgsql-www@postgresql.org > Subject: Re: svr2/unionfs > > On Sun, 27 Nov 2005, Dave Page wrote: > > > Hi Marc, > > > > How easy would it be to get rid of the unionfs stuff on > svr2/borg? Given > > that there is only the one VM, can the vserver just be > copied over the > > template? > > the ones we've been doing, and what we'll be doing with teh > dev vserver > tonight, is we copy over a clean, base template (ie. imap, > postfix and > vanilla apache) and then re-add the various applications over > top of it > ... that way it doesn't have any of the extra trash installed ... > > In theory, you could do that where you just copy it over the template > itself ... > > If you want to go the clean route, though, what I'm doing is: > > cp fresh base template > shut down old vServer > rm various top level directories that can be safely removed > - compat, sys, kernel, dev, modules, proc, tmp > cd usr; find . -depth -type d -delete > - clears out the 'ghost directories that unionfs creates > cd .. > find . -print | cpio -pduma ../<new vserver hierarchy> > > and then restart ... > > for dev/lists, I'll disable postfix from starting up on > restart, since I > need to re-install the perl modules for majordomo2 ... for wwwmaster, > you'd have to worry about making sure the appropriate php modules are > installed ... > > the 'painful ones' are doing the vServers with Java > installed, since you > have to build it all from scratch, which takes a good long > while ... but > the rest are fairly quick/easy ... Cool. So when can you do it? :-p Regards, Dave.
On Mon, 28 Nov 2005, Dave Page wrote: > Cool. So when can you do it? :-p Not today :) If you want to send me a reminder, how about Wednesday? ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664
> -----Original Message----- > From: Marc G. Fournier [mailto:scrappy@postgresql.org] > Sent: 28 November 2005 14:46 > To: Dave Page > Cc: pgsql-www@postgresql.org > Subject: RE: svr2/unionfs > > On Mon, 28 Nov 2005, Dave Page wrote: > > > Cool. So when can you do it? :-p > > Not today :) > > If you want to send me a reminder, how about Wednesday? Sounds good, thanks. Magnus (or anyone else); any problems with that? Will mean a little downtime of wwwmaster and techdocs.... Regards, Dave
> > > Cool. So when can you do it? :-p > > > > Not today :) > > > > If you want to send me a reminder, how about Wednesday? > > Sounds good, thanks. > > Magnus (or anyone else); any problems with that? > > Will mean a little downtime of wwwmaster and techdocs.... Works for me - tough I probably won't be able to help out all that much. Depending on how long it is, do we want to kick downloads off to a hardcoded mirror during the update (will require syncing with the static mirrors, of course), or just live with it? (Since during the downtime, nobody will be able to download off the website) //Magnus
> -----Original Message----- > From: Magnus Hagander [mailto:mha@sollentuna.net] > Sent: 28 November 2005 19:59 > To: Dave Page; Marc G. Fournier > Cc: pgsql-www@postgresql.org > Subject: RE: svr2/unionfs > > > > > Cool. So when can you do it? :-p > > > > > > Not today :) > > > > > > If you want to send me a reminder, how about Wednesday? > > > > Sounds good, thanks. > > > > Magnus (or anyone else); any problems with that? > > > > Will mean a little downtime of wwwmaster and techdocs.... > > Works for me - tough I probably won't be able to help out all > that much. > > > Depending on how long it is, do we want to kick downloads off to a > hardcoded mirror during the update (will require syncing with > the static > mirrors, of course), or just live with it? > > (Since during the downtime, nobody will be able to download off the > website) Hmm, that's a good point. Marc; any idea how long the downtime is likely to be? I'm not sure what the best way to redirect the clients will be unless we temporarily write a static version of the few hundred or so mirror selection pages. /D
On Tue, 29 Nov 2005, Dave Page wrote: > Hmm, that's a good point. Marc; any idea how long the downtime is likely > to be? I'm not sure what the best way to redirect the clients will be > unless we temporarily write a static version of the few hundred or so > mirror selection pages. So, why not just create a second wwwmaster, that is templateless ... we'll call it wwwmaster2.postgresql.org for testing purposes ... then, once we know its all working, we shutdown the old and restart the new was wwwmaster? Is there anything in wwwmaster that would need to be transferred across, or is it all db (or script) generated? I can guarantee you it will be down for at least an hour, since once its brought back up, the system is pretty bare (not even PHP), so we need to install all the various apps specific to that vServer ... ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664
> -----Original Message----- > From: Marc G. Fournier [mailto:scrappy@postgresql.org] > Sent: 29 November 2005 16:48 > To: Dave Page > Cc: Magnus Hagander; Marc G. Fournier; pgsql-www@postgresql.org > Subject: RE: svr2/unionfs > > On Tue, 29 Nov 2005, Dave Page wrote: > > > Hmm, that's a good point. Marc; any idea how long the > downtime is likely > > to be? I'm not sure what the best way to redirect the > clients will be > > unless we temporarily write a static version of the few > hundred or so > > mirror selection pages. > > So, why not just create a second wwwmaster, that is > templateless ... we'll > call it wwwmaster2.postgresql.org for testing purposes ... > then, once we > know its all working, we shutdown the old and restart the new was > wwwmaster? That's a good idea, except it'll take a fair bit of setup I imagine. Can we just copy svr2 over a copy of the template and bring that up as wwwmaster2 for testing? I don't think we need to worry about cleanly installing the VM at this stage, just eliminating the unionfs. Gavin - any chance we can temporarily get an additional IP address if that's a possibility? Regards, Dave
Of course. I believe this is on the same subnet: 65.19.161.70/255.255.255.128/gw 65.191.61.1 Gavin On Nov 29, 2005, at 8:52 AM, Dave Page wrote: > > >> -----Original Message----- >> From: Marc G. Fournier [mailto:scrappy@postgresql.org] >> Sent: 29 November 2005 16:48 >> To: Dave Page >> Cc: Magnus Hagander; Marc G. Fournier; pgsql-www@postgresql.org >> Subject: RE: svr2/unionfs >> >> On Tue, 29 Nov 2005, Dave Page wrote: >> >>> Hmm, that's a good point. Marc; any idea how long the >> downtime is likely >>> to be? I'm not sure what the best way to redirect the >> clients will be >>> unless we temporarily write a static version of the few >> hundred or so >>> mirror selection pages. >> >> So, why not just create a second wwwmaster, that is >> templateless ... we'll >> call it wwwmaster2.postgresql.org for testing purposes ... >> then, once we >> know its all working, we shutdown the old and restart the new was >> wwwmaster? > > That's a good idea, except it'll take a fair bit of setup I > imagine. Can > we just copy svr2 over a copy of the template and bring that up as > wwwmaster2 for testing? I don't think we need to worry about cleanly > installing the VM at this stage, just eliminating the unionfs. > > Gavin - any chance we can temporarily get an additional IP address if > that's a possibility? > > Regards, Dave Gavin M. Roy 800 Pound Gorilla gmr@ehpg.net
On Tue, 29 Nov 2005, Dave Page wrote: > > >> -----Original Message----- >> From: Marc G. Fournier [mailto:scrappy@postgresql.org] >> Sent: 29 November 2005 16:48 >> To: Dave Page >> Cc: Magnus Hagander; Marc G. Fournier; pgsql-www@postgresql.org >> Subject: RE: svr2/unionfs >> >> On Tue, 29 Nov 2005, Dave Page wrote: >> >>> Hmm, that's a good point. Marc; any idea how long the >> downtime is likely >>> to be? I'm not sure what the best way to redirect the >> clients will be >>> unless we temporarily write a static version of the few >> hundred or so >>> mirror selection pages. >> >> So, why not just create a second wwwmaster, that is >> templateless ... we'll >> call it wwwmaster2.postgresql.org for testing purposes ... >> then, once we >> know its all working, we shutdown the old and restart the new was >> wwwmaster? > > That's a good idea, except it'll take a fair bit of setup I imagine. Can > we just copy svr2 over a copy of the template and bring that up as > wwwmaster2 for testing? I don't think we need to worry about cleanly > installing the VM at this stage, just eliminating the unionfs. If we're just going to do that, then it does make it alot simplier ... but don't worry about the wwwmaster2 stage, since you aren't changing anything, you are just merging the file systems. cd <template root> find . -print | cpio -pdma /vm/186/svr2.postgresql.org.n shutdown svr2 cd /vm/186/svr2.postgresql.org find . -print | cpio -pduma ../svr2.postgresql.org.n cd .. mv svr2.postgresql.org svr2.postgresql.org.orig mv svr2.postgresql.org.n svr2.postgresql.org change template id in /usr/local/etc/jail.conf to 7 (I believe that start_jail on that server recognizes that as "do not mount a template") and then restart ... You haven't changed any applications, or versions, or anything ... and, in fact, you still have all the ports information in /var/db/pkg, so you can remove ports as desired (ie. all the java stuff) ... for this, I wouldn't run a duplicate in tandem, that's just more work then this requires ... ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664
> -----Original Message----- > From: Gavin M. Roy [mailto:gmr@ehpg.net] > Sent: 29 November 2005 17:38 > To: Dave Page > Cc: Marc G. Fournier; Magnus Hagander; pgsql-www@postgresql.org > Subject: Re: svr2/unionfs > > Of course. I believe this is on the same subnet: > > 65.19.161.70/255.255.255.128/gw 65.191.61.1 > Thanks Gavin - as you've probably seen on-list we're now looking to rebuild the VM. Once done, I'll give the old address back if that's OK? Regards, Dave.
> -----Original Message----- > From: Gavin M. Roy [mailto:gmr@ehpg.net] > Sent: 30 November 2005 16:54 > To: Dave Page > Cc: Marc G. Fournier; Magnus Hagander; pgsql-www@postgresql.org > Subject: Re: svr2/unionfs > > Sure, or keep it... That netblock is about 80% unused. Just let me > know what you want to do with it, when all is said and done. :) Thanks :-) /D
Sure, or keep it... That netblock is about 80% unused. Just let me know what you want to do with it, when all is said and done. :) Gavin On Nov 30, 2005, at 8:50 AM, Dave Page wrote: > > >> -----Original Message----- >> From: Gavin M. Roy [mailto:gmr@ehpg.net] >> Sent: 29 November 2005 17:38 >> To: Dave Page >> Cc: Marc G. Fournier; Magnus Hagander; pgsql-www@postgresql.org >> Subject: Re: svr2/unionfs >> >> Of course. I believe this is on the same subnet: >> >> 65.19.161.70/255.255.255.128/gw 65.191.61.1 >> > > Thanks Gavin - as you've probably seen on-list we're now looking to > rebuild the VM. Once done, I'll give the old address back if that's > OK? > > Regards, Dave.