[OpenAFS] Re: Win2K AFS server, setup SL4.5 test-cell server then migrate...

Tue, 14 Oct 2008 13:07:48 -0400

On Tue, Oct 14, 2008 at 12:44 PM, avison48 <avison48@yahoo.co.uk> wrote:
>
> Respectful greetings AFS gurus,
>
>
> In trying to migrate the account-data & user-data off this antique Win2K
> IBM/TransArc3.5 AFS server onto RHEL4.5 OpenAfs server (& retire the Win2K
> server);
> would this idea work:
>
> I believe the RHEL4.5 server can become a secondary fileserver & database
> server to this antique Win2K AFS server. That would enable it to mirror all
> the user-account info & user-data - correct?
>

That is probably correct.

The primary question is where your current Kerberos authentication
comes from.  If you're running the kaserver on your IBM/Transarc AFS
server (and given your other emails, that appears to be the case),
then your migration should  not be too painful (except for updating
the CellServDB information on all the clients).

A secondary question is how your IP address space will look: given
that you'll have exactly 2 AFS servers, you could get into some
difficulty with respect to making changes.  If you can, bring up the
Red Hat server with an IP address lower than your current W2K AFS
server.

Finally, keep in mind that AFS will only automatically synchronize the
user-account info and the volume location information -- you will
actually have to move the user data yourself via vos commands (e.g.,
vos move).

> No clients at all would point to it - just want it to mirror all the data.
>
> Would it then be possible to shutdown AFS services on this new server,
> and configure it as an AFS server _not_ secondary to the antique Win2K AFS
> server, but as "the" AFS server of the afs cell.
> (I believe if it does not know about / try to contact the other AFS
> server, it could exist)
> With its own kerberos server running on it, its own Keyfile.
> Still with no AFS clients except itself.
>
> If it could "wake up" and own all the user-accounts & user-data as its own,
> in its status as an AFS server (not secondary) - that would be great.
>
> I'm concerned about where in its ... mirroring of user-account & user-data,
> would be critical ties or references to its old "master" AFS server.
>

In general, doing a bos removehost $server $server-to-forget + bos
restart $server $process of a server process removes references to
$server-to-forget.

However, for user data, you will actually  need to migrate data from
your existing AFS server to the new one: vos listvol -server
$old-server will tell you what is on your old server.  You should
cross-check that with vos listvldb -server $old-server to make sure no
references remain to your old server.

> Would that work?
>
> If not, how can the data with all the ACLs & etc be transferred to a new
> server?
>

Assuming you know the current afs password, you should be able to
follow the instructions about adding an additional server machine at
http://www.openafs.org/pages/doc/QuickStartUnix/auqbg006.htm#HDRWQ99,
paying special attention to the section on adding a database server.

At a high level, you need to:

- tell your existing AFS server about the new one
- configure the new AFS server
- tell all your clients about the new AFS server
- verify everyone is talking to the new one properly
- move all user data (i.e., vos move's, and any vos backup's, vos
addsite's, and vos release's needed).
- stop the old AFS server
- tell the new server to stop talking to the old server
- tell all the clients to stop talking to the old server

The documentation has details on those steps.  Feel free to ask,
though, if you have further questions.

-- 
Steven Jenkins
End Point Corporation
http://www.endpoint.com/