Ticket #301 (closed maintenance: fixed)
Upgrade LIVE server to Debian Squeeze
Reported by: | jim | Owned by: | chris |
---|---|---|---|
Priority: | major | Milestone: | Phase 5 |
Component: | Live server | Keywords: | |
Cc: | jim, ed | Estimated Number of Hours: | 0.0 |
Add Hours to Ticket: | 0 | Billable?: | yes |
Total Hours: | 16.775 |
Description
Many of the libraries and programs available to us are limited to older versions because LIVE is on Debian Etch. Upgrading to Squeeze will allow many components to be upgraded, and hopefully provide other nice side effects.
Elements upgraded:
- Memcached (important)
- PHP/MySQL/Apache (probably?)
- Linux kernel an all associated stuff
Change History
comment:3 Changed 5 years ago by jim
- Type changed from defect to task
Well I run the site (minus SSL, Varnish and Memcache) on my Ubuntu 11.04 system which has PHP v5.3.3-1ubuntu9.3...
I think the main thing was a few pass-by-reference issues and notice-level warnings popping up... I just changed the PHP warnings level (on LIVE as well) and these went away.
The site runs fine on my box as far as I've seen. I think the vast majority of PHP5.3 bugs have been fixed in the modules we use, and if a handful have not then we can patch accordingly.
comment:4 Changed 5 years ago by chris
- Status changed from new to accepted
- Type changed from task to maintenance
comment:5 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0 to 2.5
Upgrade done on kiwi: wiki:LennyToSqueeze
comment:6 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 2.5
- Total Hours changed from 0.0 to 2.5
The upgrade yesterday on kiwi provides some lessons for the live upgrade:
- Put the site into maintenance mode
- Dump the mysql databases
- Upgrade to squeeze
- Check the Mysql upgrade
- Import the databases
Also there are still some issues to resolve with php:
PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/apache2/php.ini on line 977 in Unknown on line 0 PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/suhosin.ini on line 89 in Unknown on line 0 PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626/uploadprogress.so' - /usr/lib/php5/20090626/uploadprogress.so: +cannot open shared object file: No such file or directory in Unknown on line 0
And the subversion backups:
== errors from /etc/backup.d/30.svn == Error: command failed -- /usr/bin/svnadmin hotcopy /web/tech.transitionnetwork.org/svn/. /var/backups/svn.tmp/. Error: because of earlier errors, we are leaving svn backups in /var/backups/svn.tmp instead of /var/backups/svn
Adding time spent last night when the timer wasn't working.
comment:7 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 2.5
- Total Hours changed from 2.5 to 5.0
Hmm the time got reset, it should have gone to 5 hours.
comment:8 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.7
- Total Hours changed from 5.0 to 5.7
The PHP issues have been resolved and everything looks OK here: https://dev.transitionnetwork.org/admin/reports/status
I'm a bit concerned though that there might be some database problem - Jim any idea what all the errors here are about? https://dev.transitionnetwork.org/admin/reports/dblog
For example:
User warning: Table 'dev.block_class' doesn't exist query: SELECT css_class, module, delta FROM block_class in _db_query() (line 148 of /web/dev.transitionnetwork.org.webarch.net/www/includes/database.mysql.inc).
comment:9 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.51
- Total Hours changed from 5.7 to 6.21
The issue with the backups of the subversion repo were solved by following the steps here: http://linuxsysadminblog.com/2010/06/svnadmin-cant-open-file-svndbfsfs-conf-no-such-file-or-directory/
comment:10 Changed 5 years ago by jim
- Add Hours to Ticket changed from 0.0 to 0.5
- Total Hours changed from 6.21 to 6.71
That table "block_class" missing error is a problem with that module - it's not installing itself properly. I've gone down a version and it's fine... Will open a bug report on the module issue list.
comment:11 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 1.0
- Total Hours changed from 6.71 to 7.71
Quite a few config file changes to upgrade to Varnish 3.0, see https://www.varnish-cache.org/docs/trunk/installation/upgrade.html and https://drupal.org/node/1054886#comment-4871274
Have still to test varnish on dev.
comment:12 Changed 5 years ago by jim
- Add Hours to Ticket changed from 0.0 to 0.05
- Total Hours changed from 7.71 to 7.76
Note the latest version of the Drupal Varnish module properly supports Varnish 3.x is in SVN and going up tonight hopefully... It's already on DEV.
comment:13 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.7
- Total Hours changed from 7.76 to 8.46
Ah ha, cheers for that, I should have checked with you before doing the upgrade, dev is running varnish 3.0 now and it appears to be working OK, but I'm going to do some more testing, there were quite a few changes needed in the config file.
comment:14 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.42
- Total Hours changed from 8.46 to 8.88
I testing varnish 3.0 and have put the dev site into online mode for testing.
comment:15 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 2.0
- Total Hours changed from 8.88 to 10.88
Varnish seems to be OK but will need checking when the 3.0 configuration from the dev server is copied onto the live server.
One thing that I have realised is that as the site works from http://transitionnetwork.org/ and http://www.transitionnetwork.org/ varnish thinks these are different pages and will cache a copy for each url, we have two options here, munge the request with the varnish configuration (both url's would still work) or redirect at an apache level, say from http://transitionnetwork.org/ to http://www.transitionnetwork.org/. I think I'd rather do an apache redirect as it's simpler if that is OK with people.
I have listed the steps to take for the upgrade here wiki:LennyToSqueeze#LiveUpgradeSteps and it's going to take a couple of hours or so to do it and looking at times at which the site is least used it might make sense to do it late at night one evening -- would that be OK with people?
comment:16 Changed 5 years ago by jim
Apache redirect sounds the simplest to me... Provided it doesn't block other subdomains of course!
comment:17 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.2
- Total Hours changed from 10.88 to 11.08
Apache redirect sounds the simplest to me
OK I have done that, it shouldn't cause any problems and should dramatically reduce the amount of duplicate pages varnish is caching :-)
I have also noticed that since the upgrade the ticket URL's int he trac emails don't have full URL's any more in the sig, eg:
-- Ticket URL: </trac/ticket/301#comment:16> Transition Technology </trac> Support and issues tracking for the Transition Network Web Project.
I'll look at this next week.
comment:18 Changed 5 years ago by jim
Was going to raise the trac footer link issue, hadn't realised how useful it was until it's gone.
comment:19 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.2
- Total Hours changed from 11.08 to 11.28
Trac footer is fixed if the footer is now correct below this (on the email version of this comment)!
The debian upgrade also upgraded trac and it's behaviour changed, see http://trac.edgewall.org/ticket/6150 and http://trac.edgewall.org/ticket/5064
Would late tonight be a good time for the upgrade of the live server to squeeze?
comment:20 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 1.8
- Total Hours changed from 11.28 to 13.08
An uncompressed Mysql dump of the live server is 2.1G!
Just dumping and database and doing the backup jobs took a long time.
One Mysql error when inserting the backups, not sure which database this was from:
ERROR 1062 (23000) at line 12403: Duplicate entry 'läßt-18817-node' for key 'word_sid_type'
The server has been upgraded and rebooted :-)
I'm going to leave the varnish upgrade till tomorrow.
Need to key an eye on things to make sure everything is OK...
comment:21 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.2
- Total Hours changed from 13.08 to 13.28
There are a lot of errors like this:
User warning: Table 'live.block_class' doesn't exist query: SELECT css_class, module, delta FROM block_class in _db_query() (line 148 of /web/transitionnetwork.org/www/includes/database.mysql.inc).
https://www.transitionnetwork.org/admin/reports/event/6463570
Is this a problems caused at a Mysql level?
comment:22 Changed 5 years ago by jim
- Add Hours to Ticket changed from 0.0 to 0.1
- Total Hours changed from 13.28 to 13.38
No worries - as per https://tech.transitionnetwork.org/trac/ticket/301#comment:8 faulty module that'll be fixed shortly. I've disabled it for now.
The site and the sharing engine seem fine, so all's well!... I'll do the SVN updates on Wednesday night once this has all settled..
comment:23 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 2.0
- Total Hours changed from 13.38 to 15.38
Munin is now working again https://kiwi.transitionnetwork.org/munin/webarch.net/quince.webarch.net.html
vsftp has been switchd off due to the large number of brute force attacks -- it can be switched on as needs be.
I have tried added this to settings.php so that the dblog reports have the remote IP rather than the IP of varnish for http requests, but it's not working, but it probably doesn't matter:
$conf['reverse_proxy_header'] = 'HTTP_X_FORWARDED_FOR';
I'll leave the varnish upgrade till the drupal module which supports Varnish 3.0 has been installed.
comment:24 Changed 5 years ago by jim
OK, I'm busy tonight but will do the updates tomorrow.
comment:25 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.5
- Total Hours changed from 15.38 to 15.88
I need to fix this graph so it is of more use -- the max number of servers is 16 not 256.
https://kiwi.transitionnetwork.org/munin/webarch.net/quince.webarch.net/apache_processes.html
I have been also looking at the memory footprint of apache and this article explains why we have such a large one:
We have 176 modules enabled, each apache process is around 90 MB.
We should probably look at nginx or at more RAM at some point...
comment:26 Changed 5 years ago by jim
- Add Hours to Ticket changed from 0.0 to 0.5
- Total Hours changed from 15.88 to 16.38
comment:27 Changed 5 years ago by jim
That article is primarily about D5 and quite old... Not saying it' s not an issue, it is, but D6 selectively loads stuff much better than D5, hence why we've got nearly twice the modules as in the article, and we use the same amount of memory.
I've just gone through the list of modules and, of 176, only 16 could be turned off without removing critical functionality. That might save us 1-10Mb per process, so might be worth a look, but disabling some will need work. Also, there are a few more coming in, and some leaving in the next SVN update.
FYI the modules I reckon could go are:
- statistics -- logs user accesses/page views, I just disabled it.
- panels_mini -- I've just disabled this as it wasn't being used.
- translation -- (but needed for other languages -- not used properly presently)
- help -- (maybe)
- locale -- (see translation)
- calendar_ical -- are we importing/exporting iCal feeds?
- og_vocab -- Do CMS need their own vocabs now REconomy have left, Ed?
- insert -- is this used? Allows people to insert images from image fields into the wysiwyg editor
- private -- about to be replaced
- terms_of_use -- could be replaced with a mandatory CCK checkbox field
- rules_admin -- can be turned off after the SVN updates happen
- googleanalytics -- Piwik is there, let's kill this
- xmlsitemap -- provides a (huge) XML sitemap to google et al... I reckon we can do without this and its children xmlsitemap_node, xmlsitemap_taxonomy at the cost of slower indexing by search engines.
Everything else is needed, and in theory in D6 only what's needed for a page is loaded... A further line of investigation is to patch core so we get stats as to how much memory the individual modules are using... http://2bits.com/articles/measuring-memory-consumption-by-drupal-bootstrap-and-modules.html will investigate on my machine and report back.
comment:28 Changed 5 years ago by ed
CMS don't need their own vocabs.
comment:29 Changed 5 years ago by jim
- Add Hours to Ticket changed from 0.0 to 0.075
- Total Hours changed from 16.38 to 16.455
OG vocab now removed and uninstalled.
If we feel that the above should be turned off, please move these requests to a new ticket.
comment:31 Changed 5 years ago by chris
- Add Hours to Ticket changed from 0.0 to 0.32
- Total Hours changed from 16.455 to 16.775
Update Varnish to a squeeze version, edit /etc/apt/sources.list.d/varnish.list:
#deb http://repo.varnish-cache.org/debian/ lenny varnish-2.1 deb http://repo.varnish-cache.org/debian/ squeeze varnish-3.0
Upgrade:
cd /etc/varnish /etc/init.d/varnish stop cp default.vcl.3.0.bak default.vcl dpkg -r varnish aptitude update; aptitude install varnish
This has been done, there was a few mins of downtime, I have also changed the settings at https://www.transitionnetwork.org/admin/settings/varnish/general to match the varnish version.
Debian Squeeze has PHP PHP 5.3.3-7 and drupal.org says:
Jim -- would this be an issue for us?