ZCS to ZCS rsync Migration
|This article applies to the following ZCS versions.|
ZCS to ZCS rsync Migration
Using rsync to migrate from an old ZCS mailstore to a new ZCS mailstore can be required for multiple reasons:
- Migrating from a 32-bit server to a 64-bit server - reference Moving from 32-bit to 64-bit Server for a previous version of this guide
- Abandoning an old system because it is damaged, corrupted, broken, etc.
- Running continuous rsync copies of a ZCS mailstore for DR purposes
- Moving from an Operating System that is EOL to one that is current, for example:
- Moving from RHEL 4 to RHEL 5
- Moving from RHEL 5 to RHEL 6
- Moving from Ubuntu 8 to Ubuntu 10
- Moving from Ubuntu 10 to Ubuntu 12
For the purposes of this documentation, we will call the two platforms the "Old Server" and the "New Server".
IMPORTANT: The ZCS release you install on the New Server must be the same ZCS Version as installed on the Old Server. The server can have a different operating system, but the ZCS Version must be identical.
The new server hardware must meet the requirements described in the Installation Prerequisites section of the ZCS Single Server Installation Guide. Install the new operating systems, making any necessary OS configuration modifications as described in the installation guide.
Please note too: this method is not required for ancillary systems, such as LDAP nodes, MTAs, or Proxies - all of these nodes can have new systems added while the old system is still running, and therefore do not require the rsync methods described here. Use Rolling Upgrade methods for non-mailstores systems. This rsync method is specifically for ZCS mailstores.
For the migration, you would perform the following high-level steps to minimize downtime:
- 1. Prepare Operating System - this includes patching, updating, and tuning.
- 2. Install ZCS Version - this MUST be the exact same ZCS Version as on the Old Server. The bit level (32-bit vs. 64-bit) or the Operating System build (RHEL 5, RHEL 6, Ubuntu 12, etc.) may be different, but the ZCS version must be exactly the same.
- 1. Rsync'ing large amounts of data. Since rsync can sync data incrementally, you can therefore rsync the majority of the data in advance of any downtime.
- The actual amount of downtime is then limited to a final rsync and then the final setup steps. For the second-to-last rsync run, it is a good idea to time it - this will give you a good idea of the amount of downtime required.
- 2. Backup LDAP and MYSQL data for importing into new server.
You do the following on the New Server:
- Prepare the new server
- Restore the LDAP data
- Edit the localconfig.xml file to update the MySQL and LDAP password values to be the same as those configured on the old server
- Copy the latest backup files from the Old Server to the New Server
- Delete the MySQL data that is set up in the initial installation of ZCS
- Copy various files from the Old Server to the New Server
- Prepare and run a new backup for the New Server
Preparing the Old Server
- Block client access to the server's IP address with firewall rules.
- Create an LDAP dump directory. As root, type mkdir /backup.
- As root, type chown zimbra:zimbra /backup.
- Stop the Old Server, type zmcontrol stop.
- On ZCS 6.0 and later, backup the LDAP config database, as zimbra, type /opt/zimbra/libexec/zmslapcat -c /backup
- Backup the LDAP data, as zimbra, type /opt/zimbra/libexec/zmslapcat /backup
- Change the hostname and IP address on the old server to something else. Do not turn off the server.
Preparing the 64-bit Server
- Prepare the 64-bit server and install ZCS.
- The ZCS installation on the new server must be configured exactly as the ZCS configuration on the original server. You go through the complete menu driven installation process, making changes to the configuration setting to match the settings on the original server.
- a. Copy your ZCSLicense.xml file to a directory on the new server. You will not be able to complete the ZCS installation if the license is not on the new server.
- b. Follow the directions in the ZCS single server installation guide to install ZCS. Make sure that you configure the same domain, hostname, passwords as on the old server. During ZCS install, the following settings must be changed to match the original server settings:
- Zimbra LDAP Server - For Domain to create - identify the same default domain as on the original server.
- Zimbra Mailbox Server - An administrator's account is automatically created.
- Make sure that the account name for Admin user to create is the same name as on the original server.
- Set the admin password.
- Change the Spam training user and the Non-spam (HAM) training user account names to be the same as the spam account names on the original server.
- Global Document Account - This account name is automatically generated. Change the Global Document Account name to be the same account name as on the original server.
- Change any other settings on the new server to match the configuration on the original server.
ZCS is installed. To continue:
- Stop the ZCS services, type zmcontrol stop.
5.0.x or previous LDAP setup:
- Restore the LDAP data to the 64-bit server. As zimbra, type
- a. rm -rf /opt/zimbra/openldap-data/*
- b. Copy the file /opt/zimbra/openldap-data/DB_CONFIG from the Old Server to /opt/zimbra/openldap-data/ on the New Server. Note: If this file does not exist, or is empty, creating it may improve ldap performance; see the Performance Tuning Guide for more information.
- c. Create the necessary directory structure. Type mkdir -p /opt/zimbra/openldap-data/logs /opt/zimbra/openldap-data/accesslog/db /opt/zimbra/openldap-data/accesslog/logs Type chown -R zimbra:zimbra /opt/zimbra/openldap-data
- d. Copy from the Old Server to the New Server the /backup/ldap.bak file.
- e. Type /opt/zimbra/openldap/sbin/slapadd -q -b "" -f /opt/zimbra/conf/slapd.conf -cv -l /backup/ldap.bak.
6.0.x and later LDAP setup:
- Restore the LDAP data to the New Server. As zimbra, type
- a. rm -rf /opt/zimbra/data/ldap/config/*
- b. rm -rf /opt/zimbra/data/ldap/hdb/*
- c. If this is an ldap master with replicas: rm -rf /opt/zimbra/data/ldap/accesslog/*
- d. mkdir -p /opt/zimbra/data/ldap/hdb/db /opt/zimbra/data/ldap/hdb/logs
- e. If this is an ldap master with replicas: mkdir -p /opt/zimbra/data/ldap/accesslog/db /opt/zimbra/data/ldap/accesslog/logs
- f. Copy the file /opt/zimbra/data/ldap/hdb/db/DB_CONFIG from the Old Server to /opt/zimbra/data/ldap/hdb/db on the New Server. Note: If this file does not exist, or is empty, creating it may improve ldap performance; see the Performance Tuning Guide for more information.
- g. Type chown -R zimbra:zimbra /opt/zimbra/data/ldap
- h. Copy from the Old Server to the New Server the /backup/ldap-config.bak file.
- i. Copy from the Old Server server to the New Server the /backup/ldap.bak file.
- j. Type /opt/zimbra/openldap/sbin/slapadd -q -n 0 -F /opt/zimbra/data/ldap/config -cv -l /backup/ldap-config.bak.
- k. Type /opt/zimbra/openldap/sbin/slapadd -q -b "" -F /opt/zimbra/data/ldap/config -cv -l /backup/ldap.bak.
For all versions:
- Edit /opt/zimbra/conf/localconfig.xml to update the following with the values from the localconfig.xml file on the Old Server:
- a. zimbra_mysql_password
- b. mysql_root_password
- c. zimbra_logger_mysql_password (Note: Transfer/copy this value to the New Server only if available from the old Old Server.)
- d. mailboxd_keystore_password (Note: Transfer/copy this value to the New Server only if available from the old Old Server.)
- e. mailboxd_truststore_password
- f. mailboxd_keystore_base_password
- g. zimbra_ldap_password
- h. ldap_root_password
- i. ldap_postfix_password
- j. ldap_amavis_password
- k. ldap_nginx_password
- l. ldap_replication_password
- Delete the MySQL data on the New Server and copy the MySQL data from the Old Server.
- a. Type rm -rf /opt/zimbra/db/data/*
- b. Copy the /opt/zimbra/db/data/* from the Old Server to the New Server.
- Copy the following files from the Old Server to the New Server
- Any other volumes that were set up on the Old Server such as HSM.
- If the original server was running with commercial certificates, copy those over as well.
- The tomcat keystore (http, pop, and imap) is /opt/zimbra/tomcat/conf/keystore. (In 5.0.x, the jetty keystore (http, pop, and imap) is /opt/zimbra/mailboxd/etc/keystore.)
- When transferring the keystore file, be sure to transfer the keystore password to the new system otherwise the mailbox server will not start.
- Run on old system
zmlocalconfig -s mailboxd_keystore_password
- On new system
zmlocalconfig -e mailboxd_keystore_password=thepassword
- If any root certificates were added to the cacerts keystore, that is /opt/zimbra/java/jre/lib/security/cacerts on linux or /System/Library/Frameworks/JavaVM.framework/Versions/1.5/Home/lib/security/cacerts on Mac OS X, copy cacerts to the new server.
- The postfix certificates (smtp) are /opt/zimbra/conf/smtpd.crt and smtpd.key. If you are using the certificates for nginx, perdition, or ldap (slapd) they are also in /opt/zimbra/conf/; they should normally be identical to the postfix certificate files.
- Remove any old backup sessions because these sessions are no longer needed. Type rm -rf /opt/zimbra/redolog/*
- As root, run /opt/zimbra/libexec/zmfixperms to repair any potential permissions problems with files under /opt/zimbra.
- Start ZCS, type zmcontrol start.
- Now run a full backup, type zmbackup -f -a all.
- Remove the firewall rules and allow client access to the new server.
- Optimizing 5.0 to 6.0 LDAP upgrade, found at http://wiki.zimbra.com/wiki/Optimizing_5.0_to_6.0_LDAP_upgrade
- UNIX and Windows Accounts in Zimbra LDAP and Zimbra Admin UI 6.0, found at http://wiki.zimbra.com/wiki/UNIX_and_Windows_Accounts_in_Zimbra_LDAP_and_Zimbra_Admin_UI_6.0
Keywords: Migration, migrating, 32bit, 64bit, architecture, moving