ZCS to ZCS rsync Migration

Revision as of 14:41, 3 May 2014 by Thom (talk | contribs) (ZCS 7.0.x and later LDAP Import)

Admin Article

Article Information

This article applies to the following ZCS versions.

ZCS 8.0 Article ZCS 8.0

ZCS 7.0 Article ZCS 7.0

ZCS to ZCS rsync Migration

Using rsync to migrate from an old ZCS mailstore to a new ZCS mailstore can be required for multiple reasons:

  1. Migrating from a 32-bit server to a 64-bit server - reference Moving from 32-bit to 64-bit Server for a previous version of this guide
  2. Abandoning an old system because it is damaged, corrupted, broken, etc.
  3. Running continuous rsync copies of a ZCS mailstore for DR purposes
  4. Moving from an Operating System that is EOL to one that is current, for example:
  • Moving from RHEL 4 to RHEL 5
  • Moving from RHEL 5 to RHEL 6
  • Moving from Ubuntu 8 to Ubuntu 10
  • Moving from Ubuntu 10 to Ubuntu 12

For the purposes of this documentation, we will call the two platforms the "Old Server" and the "New Server".


IMPORTANT: The ZCS release you install on the New Server must be the same ZCS Version as installed on the Old Server. The server can have a different operating system, but the ZCS Version must be identical.

The new server hardware must meet the requirements described in the Installation Prerequisites section of the ZCS Single Server Installation Guide. Install the new operating systems, making any necessary OS configuration modifications as described in the installation guide.

Please note too: this method is not required for ancillary systems, such as LDAP nodes, MTAs, or Proxies - all of these nodes can have new systems added while the old system is still running, and therefore do not require the rsync methods described here. Use Rolling Upgrade methods for non-mailstores systems. This rsync method is specifically for ZCS mailstores.

Migration Steps

For the migration, you would perform the following high-level steps to minimize downtime:

New Server:

  • 1. Prepare Operating System - this includes patching, updating, and tuning.
  • 2. Install ZCS Version - this MUST be the exact same ZCS Version as on the Old Server. The bit level (32-bit vs. 64-bit) or the Operating System build (RHEL 5, RHEL 6, Ubuntu 12, etc.) may be different, but the ZCS version must be exactly the same.

Old Server:

  • 1. Rsync'ing large amounts of data. Since rsync can sync data incrementally, you can therefore rsync the majority of the data in advance of any downtime.
    • The actual amount of downtime is then limited to a final rsync and then the final setup steps. For the second-to-last rsync run, it is a good idea to time it - this will give you a good idea of the amount of downtime required.
  • 2. Backup LDAP and MYSQL data for importing into new server.

You do the following on the New Server:

  • Prepare the new server
  • Restore the LDAP data
  • Edit the localconfig.xml file to update the MySQL and LDAP password values to be the same as those configured on the old server
  • Copy the latest backup files from the Old Server to the New Server
  • Delete the MySQL data that is set up in the initial installation of ZCS
  • Copy various files from the Old Server to the New Server
  • Prepare and run a new backup for the New Server

Preparing the Old Server

1. Block client access to the server's IP address with firewall rules. 2. Create an LDAP dump directory. As root, type

mkdir /backup

3. As root, type:

chown zimbra:zimbra /backup

4. Stop the Old Server, type

su - zimbra
zmcontrol stop

5. On ZCS 6.0 and later, backup the LDAP config database, as zimbra, type

/opt/zimbra/libexec/zmslapcat -c /backup

6/ Backup the LDAP data, as zimbra, type

/opt/zimbra/libexec/zmslapcat /backup

7. Change the hostname and IP address on the old server to something else. Do not turn off the server.

Preparing the New Server

Prepare the New server and install ZCS

The ZCS installation on the new server must be configured exactly as the ZCS configuration on the original server. You go through the complete menu driven installation process, making changes to the configuration setting to match the settings on the original server.
a. Copy your ZCSLicense.xml file to a directory on the new server. You will not be able to complete the ZCS installation if the license is not on the new server.
b. Follow the directions in the ZCS single server installation guide to install ZCS. Make sure that you configure the same domain, hostname, passwords as on the old server. During ZCS install, the following settings must be changed to match the original server settings:
  • Zimbra LDAP Server - For Domain to create - identify the same default domain as on the original server.
  • Zimbra Mailbox Server - An administrator's account is automatically created.
  • Make sure that the account name for Admin user to create is the same name as on the original server.
  • Set the admin password.
  • Change the Spam training user and the Non-spam (HAM) training user account names to be the same as the spam account names on the original server.
  • Global Document Account - This account name is automatically generated. Change the Global Document Account name to be the same account name as on the original server.
  • Change any other settings on the new server to match the configuration on the original server.

ZCS is installed. To continue

Stop the ZCS services, type

su - zimbra
zmcontrol stop

ZCS 5.0.x-6.0.x LDAP Import

1. Restore the LDAP data to the New Server. As zimbra, type

rm -rf /opt/zimbra/openldap-data/*

2. Copy the file:


from the Old Server to the New Server


Note: If this file does not exist, or is empty, creating it may improve ldap performance; see the Performance Tuning Guide for more information.

3. Create the necessary directory structure. Type the following as user root:

mkdir -p /opt/zimbra/openldap-data/logs /opt/zimbra/openldap-data/accesslog/db /opt/zimbra/openldap-data/accesslog/logs

Set the correct permissions on the directory:

chown -R zimbra:zimbra /opt/zimbra/openldap-data

4. Copy from the Old Server to the New Server the file:


5. Import the LDAP Data:

/opt/zimbra/openldap/sbin/slapadd -q -b "" -f /opt/zimbra/conf/slapd.conf -cv  -l /backup/ldap.bak

ZCS 7.0.x LDAP Import

1. Restore the LDAP data to the New Server. As user root, type

mkdir /var/tmp/old
mv -f /opt/zimbra/data/ldap/config/* /var/tmp/old
mv -f /opt/zimbra/data/ldap/hdb/* /var/tmp/old

2. If this is an ldap master with replicas:

mv -f /opt/zimbra/data/ldap/accesslog/* /var/tmp/old

3. Create new directories:

mkdir -p /opt/zimbra/data/ldap/hdb/db /opt/zimbra/data/ldap/hdb/logs

4. If this is an ldap master with replicas:

mkdir -p /opt/zimbra/data/ldap/accesslog/db /opt/zimbra/data/ldap/accesslog/logs

5. Copy this file from the Old Server:


To the New Server:


Note: If this file does not exist, or is empty, creating it may improve ldap performance; see the Performance Tuning Guide for more information.

6. Set the permissions correctly:

chown -R zimbra:zimbra /opt/zimbra/data/ldap

7. Copy the LDAP config data from the Old Server to the New Server:


8. Copy from LDAP data the Old Server server to the New Server:


9. Import the LDAP config:

/opt/zimbra/openldap/sbin/slapadd -q -n 0 -F /opt/zimbra/data/ldap/config -cv -l /backup/ldap-config.bak

10. Import the LDAP data:

/opt/zimbra/openldap/sbin/slapadd -q -b "" -F /opt/zimbra/data/ldap/config -cv  -l /backup/ldap.bak

ZCS 8.0.x-8.5.x LDAP Import

Set the Passwords from the Old Server

For all versions:

  1. Edit /opt/zimbra/conf/localconfig.xml to update the following with the values from the localconfig.xml file on the Old Server:
    a. zimbra_mysql_password
    b. mysql_root_password
    c. zimbra_logger_mysql_password (Note: Transfer/copy this value to the New Server only if available from the old Old Server.)
    d. mailboxd_keystore_password (Note: Transfer/copy this value to the New Server only if available from the old Old Server.)
    e. mailboxd_truststore_password
    f. mailboxd_keystore_base_password
    g. zimbra_ldap_password
    h. ldap_root_password
    i. ldap_postfix_password
    j. ldap_amavis_password
    k. ldap_nginx_password
    l. ldap_replication_password

Import the MySQL Data

Delete the MySQL data on the New Server and copy the MySQL data from the Old Server.

1. On the New Server, move the default database aside:

mv -f /opt/zimbra/db/data/* /var/tmp/old

2. Copy the MySQL data to the New Server:

(on Old Server)
rsync --delete -axvzKHS /opt/zimbra/db/data/* newserver:/opt/zimbra/db/data/

Note: if you are having any problems moving over the MySQL data as raw data files, you can instead export the data from the Old Server and import it to the New Server, as described here: http://wiki.zimbra.com/wiki/MySQL_Backup_and_Restore

Copy the Message Blob Data

Copy the following files from the Old Server to the New Server

1. On New Server, move aside default files:

mv -f /opt/zimbra/store/* /var/tmp/old
mv -f /opt/zimbra/index/* /var/tmp/old

2. Rsync all files to the new server:

(on Old Server)
rsync --delete -axvzKHS /opt/zimbra/store/* newserver:/opt/zimbra/store/
rsync --delete -axvzKHS /opt/zimbra/index/* newserver:/opt/zimbra/index/

3. Be sure to rsync over any other message volumes needed, such as if using HSM or secondary volumes:

(on Old Server)
rsync --delete -axvzKHS /opt/zimbra/hsm/* newserver:/opt/zimbra/hsm/

Copy Commercial SSL Certificates (if used)

  1. If the original server was running with commercial certificates, copy those over as well.
    • The tomcat keystore (http, pop, and imap) is /opt/zimbra/tomcat/conf/keystore. (In 5.0.x, the jetty keystore (http, pop, and imap) is /opt/zimbra/mailboxd/etc/keystore.)
    • When transferring the keystore file, be sure to transfer the keystore password to the new system otherwise the mailbox server will not start.
    Run on old system
    zmlocalconfig -s mailboxd_keystore_password
    On new system
    zmlocalconfig -e mailboxd_keystore_password=thepassword
    • If any root certificates were added to the cacerts keystore, that is /opt/zimbra/java/jre/lib/security/cacerts on linux or /System/Library/Frameworks/JavaVM.framework/Versions/1.5/Home/lib/security/cacerts on Mac OS X, copy cacerts to the new server.
    • The postfix certificates (smtp) are /opt/zimbra/conf/smtpd.crt and smtpd.key. If you are using the certificates for nginx, perdition, or ldap (slapd) they are also in /opt/zimbra/conf/; they should normally be identical to the postfix certificate files.

Clear Old Backups from the New Server

  1. Remove any old backup sessions because these sessions are no longer needed. Type rm -rf /opt/zimbra/redolog/*

Fix the Permissions

  1. As root, run /opt/zimbra/libexec/zmfixperms to repair any potential permissions problems with files under /opt/zimbra.

Start the Services

  1. Start ZCS, type zmcontrol start.
  2. Now run a full backup, type zmbackup -f -a all.
  3. Remove the firewall rules and allow client access to the new server.

Reference Documentation

Keywords: Migration, migrating, 32bit, 64bit, architecture, moving

Verified Against: Zimbra Collaboration Server 8.0 Date Created: 01/18/2014
Article ID: https://wiki.zimbra.com/index.php?title=ZCS_to_ZCS_rsync_Migration Date Modified: 2014-05-03

Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search