Ticket #612 (closed maintenance: fixed)

Opened 3 years ago

Last modified 3 years ago

Upgrade to BOA-2.1.1 Stable Edition

Reported by: chris Owned by: chris
Priority: major Milestone: Maintenance
Component: Live server Keywords: BOA
Cc: ed, jim Estimated Number of Hours: 0.5
Add Hours to Ticket: 0 Billable?: yes
Total Hours: 1.75

Description

I have been sent this email from wiki:PuffinServer:

There is new BOA-2.1.0 Stable Edition available.

Please review the changelog and upgrade as soon as possible
to receive all security updates and new features.

Changelog: http://bit.ly/newboa

I could potentially do this upgrade tonight as it's a quite time for the server -- Jim, any reason not to apply this update tonight?

Change History

comment:1 Changed 3 years ago by chris

  • Add Hours to Ticket changed from 0.0 to 0.1
  • Total Hours changed from 0.0 to 0.1

comment:2 follow-ups: ↓ 3 ↓ 4 Changed 3 years ago by jim

  • Add Hours to Ticket changed from 0.0 to 0.05
  • Total Hours changed from 0.1 to 0.15

Though it's got some really juicy enhancements, including my proposal on removing those funky control files, I think it's worth sitting it out for a week to ensure any bugs get discovered and cleaned up.

We also need to establish what .barracuda.cnf changes we want to enable to get the best out of the new version.

comment:3 in reply to: ↑ 2 Changed 3 years ago by chris

  • Add Hours to Ticket changed from 0.0 to 0.15
  • Total Hours changed from 0.15 to 0.3
  • Summary changed from Upgrade to BOA-2.1.0 Stable Edition to Upgrade to BOA-2.1.1 Stable Edition

I have added this ticket to the list of upgrade tickets, wiki/PuffinServer#Upgradetickets and I note that the last upgrade ticket:612 hasn't yet been closed.

Replying to jim:

Though it's got some really juicy enhancements, including my proposal on removing those funky control files

Nice one, I have just read that ticket for the first time.

I think it's worth sitting it out for a week to ensure any bugs get discovered and cleaned up.

Have you been following progress on this -- do you think it's now safe to do the upgrade? I see that the latest version is now BOA-2.1.1 http://drupalcode.org/project/barracuda.git/blob_plain/HEAD:/CHANGELOG.txt

We also need to establish what .barracuda.cnf changes we want to enable to get the best out of the new version.

I'm not sure we need to make any more? Or are there some more variables we can now tweak?

Version 1, edited 3 years ago by chris (previous) (next) (diff)

comment:4 in reply to: ↑ 2 Changed 3 years ago by chris

  • Add Hours to Ticket changed from 0.0 to 0.15
  • Total Hours changed from 0.3 to 0.45

Replying to jim:

We also need to establish what .barracuda.cnf changes we want to enable to get the best out of the new version.

These are the options I can see from the changelog:

  • _NGINX_FORWARD_SECRECY=YES
  • _NGINX_SPDY=YES
  • _BUILD_FROM_SRC=YES

If we enable _NGINX_FORWARD_SECRECY (see ticket:535#comment:18 ) and / or _NGINX_SPDY (see https://en.wikipedia.org/wiki/SPDY ) then I think BOA will build openssl from source. Whatever you think of _NGINX_FORWARD_SECRECY it's clear that having SPDY support would be a good thing. If we upgrade to Wheezy, ticket:535 then I don't think there will be a need to build openssl from source.

If we want to use Zend OPcache instead of APC before a upgrade to Wheezy then BOA will build php from source.

Generally it's a lot easier maintaining server that run with packages from the distribution and not libraries and languages build from source.

I suggest we upgrade to Wheezy (manually or using BOA script? Best follow this question up on ticket:535) and set these options:

  • _NGINX_FORWARD_SECRECY=YES
  • _NGINX_SPDY=YES
  • _BUILD_FROM_SRC=NO


Last edited 3 years ago by chris (previous) (diff)

comment:5 follow-up: ↓ 6 Changed 3 years ago by jim

  • Add Hours to Ticket changed from 0.0 to 0.15
  • Total Hours changed from 0.45 to 0.6

I updated my box to 2.1.1 last night -- though there were a couple more hotfix commits to that today. From my perspective the update went without hitch, and the result seems nice. Can't say I've benchmarked the sites, but hopefully it's a bit quicker thanks to the new Zend opcode cache replacing the creaky APC.

Since this update is a semi-blocker to the work on #610 (if only to rule out the permissions issue and force their correction), I'd prefer to see this sooner rather than later. The question of Debian 7 update is somewhat separate, though clearly the 'build from source' option will make the updates a little slower - though hopefully not result in any extra downtime as Linux seems happy to update one thing whilst using an older version of it temporarily.

I would suggest the BOA script is used for the Wheezy update, because it's already got control of the LEMP stack. Over on #535 I'd suggest checking the issue queue for Wheezy update issues.

I reckon those .barracuda.cnf changes you list would be all we need.

comment:6 in reply to: ↑ 5 Changed 3 years ago by chris

  • Add Hours to Ticket changed from 0.0 to 0.1
  • Total Hours changed from 0.6 to 0.7

Replying to jim:

Since this update is a semi-blocker to the work on #610 (if only to rule out the permissions issue and force their correction), I'd prefer to see this sooner rather than later. The question of Debian 7 update is somewhat separate, though clearly the 'build from source' option will make the updates a little slower - though hopefully not result in any extra downtime as Linux seems happy to update one thing whilst using an older version of it temporarily.

I feel quite strongly that given the choice of:

  • Start using openssl, php etc built from source
  • Upgrade to Wheezy

That we should do the upgrade, it can't be put off forever and now seems like a very good time to do it.

I would suggest the BOA script is used for the Wheezy update, because it's already got control of the LEMP stack.

OK.

Over on #535 I'd suggest checking the issue queue for Wheezy update issues.

Which issue queue?

I reckon those .barracuda.cnf changes you list would be all we need.

OK.

comment:7 follow-up: ↓ 8 Changed 3 years ago by jim

  • Add Hours to Ticket changed from 0.0 to 0.05
  • Total Hours changed from 0.7 to 0.75

The Barracuda issue list, since that's what we're using!

All issues with the word 'Wheezy'.

comment:8 in reply to: ↑ 7 Changed 3 years ago by chris

Replying to jim:

The Barracuda issue list, since that's what we're using!

All issues with the word 'Wheezy'.

There doesn't appear to be any tickets worth reading in that list.

comment:9 Changed 3 years ago by jim

Then I'm happy if you are...

comment:10 Changed 3 years ago by chris

OK, so we just need to agree a date and a time, it will probably involve the site being unavailable for an hour or so, I suggest one evening starting at 10pm, perhaps Sunday 17th Nov?

comment:11 Changed 3 years ago by ed

Sunday 17th Nov, 22:00 fine by me.

If there are any other things you're expecting me to reply to, let me know - I watch the tech threads but will probably not rise until I'm asked...

comment:12 Changed 3 years ago by chris

  • Status changed from new to assigned

comment:13 Changed 3 years ago by chris

  • Add Hours to Ticket changed from 0.0 to 1.0
  • Status changed from assigned to closed
  • Resolution set to fixed
  • Total Hours changed from 0.75 to 1.75
Note: See TracTickets for help on using tickets.