Upgrading Centos 7 to Centos 8

ssgill

Verified User
Joined
May 9, 2012
Messages
168
Hello, we need TLS 1.3 as per our PCI DSS compliance and that creates an issue with Centos 7. Have read discussions on Centos forum how to achieve this but with for production server i will not trust those methods. At this point i am thinking of upgrading to Centos 8.
Server only hosts couple of our own sites which can be easily migrated so that not an issue, its the email's that comprise the biggest chunk that i am worried about.
I have 1 admin and 1 reseller that manages all the site.

So my question is
1) Should i upgrade server ( looks like easy to do Centos 7 to Centos 8) or bite the bullet and reinstall
-- Anyone have any experience doing this, what issues they had

2) Reinstall
-- Best option to backup all user data and restore, how effective no issues etc
-- Have looked at https://help.directadmin.com/?topic=18 and there are lot options.
-- https://docs.directadmin.com/directadmin/backup-restore-migration/backups#backuprestore-settings looks promissing but its broken down into bits and picesse

My steps: ( system IP and all accounts will be same ), will do during Christmas holidays and can afford to be offline for couple of hours.

-- Request DA for changing the operating system on license
-- Enbale zstd for ( better than gzip )
-- Stop exim, dovecot, mysql and apache ( no new emails or database changes )
-- Backup all users under reseller on local drive and then transfer backup on attached hard drive. Only options are Which user account to backup, time and where. So does this backup contains all user settings to restore or do i have to add domain setup manually
-- Backup Copy of important config files for reference named, network, list of all the services installed, dump of all the databases ...
3) For each Admin/Reseller account on the old system, they will have to be created through DA the usual way on the new system (does not apply if you're using Admin Backup/Transfer). If the User backup files of the Reseller/Admin (their personal user files) were just restored, their account would be created as a user. This is why their account needs to be first created. Once each Reseller/Admin are created, go to Admin Panel -> IP Manager and assign each one whichever IPs they'll need to be using.
-- This if from https://docs.directadmin.com/direct...ons#server-to-server-transfer-of-all-accounts
As i just have 1 admin and 1 reseller account, and 2 IP one for directadmin and second for all the users, would it be easier if create Admin and Reseller manually on new setup. ( both accounts don't have any personal files that are needed.
-- Print out all hosting account settings, or does user backup have all this information and will update at time of restore

-- Install Centos 8, directadmin, create admin and reseller ( i have one hosting package do i need to create that as well)
-- Enable zstd for DA
-- Upload seller backups to /home/reseller/user_backups
-- Restore backup from reseller account
-- Make sure database are update
--> Test email, websites
-- install extra packages that are required, update php settings, tweak mariadb
-- Go live

Whats ideal partition for 1TB raid, current setup df -h

Code:
Filesystem                       Size  Used Avail Use% Mounted on
devtmpfs                         7.7G     0  7.7G   0% /dev
tmpfs                            7.8G   64K  7.8G   1% /dev/shm
tmpfs                            7.8G  169M  7.6G   3% /run
tmpfs                            7.8G     0  7.8G   0% /sys/fs/cgroup
/dev/mapper/centos_matrix2-root   50G  1.1G   49G   3% /
/dev/mapper/centos_matrix2-usr    20G  8.8G   11G  45% /usr
tmpfs                            7.8G  3.9M  7.7G   1% /tmp
/dev/sda1                        497M  224M  274M  45% /boot
/dev/mapper/centos_matrix2-var    20G   13G  7.2G  64% /var
/dev/mapper/centos_matrix2-home  993G  749G  245G  76% /home
tmpfs                            1.6G     0  1.6G   0% /run/user/1003
tmpfs                            1.6G     0  1.6G   0% /run/user/0

Any other step that i have missed or recommended
Thanks for your input.
 
Last edited:
Well there is this
 
Well there is this
Thanks for the link, seems like i have been living in a pond. So now what .. if you are migrating today which path you would take.
 
i have been living in a pond
Well not for to long. That's why it important to come back and check up on post.

if you are migrating today which path you would take

IMHO if it was me and today I would go to Debian 10.

However, you could Migrate to Cento 8 now and not stream. You would have a year to plan or see what unfolds. The stable one is available until "CentOS Linux 8, as a rebuild of RHEL 8, will end at the end of 2021"

Either way its double work. So let me answer some of you original questions too.
bite the bullet and reinstall
You must reinstall. There is no supported way to upgrade from 7 to 8 other than reinstall.
Anyone have any experience doing this, what issues they had
Don't do it and dont listen to them...

Other than that the only thing I would do different is do ZSTD after you are on 8. I other words do it like for like as close as possible. Then tweak the new box.
 
Unless you are going to run cloudlinux (as they will create their own fork of centos 8). I would bite the bullet and run Debian 10.
 
Thanks for your time. I have got trail license and started testing on Debian. So far Directadmin is installed and running, local install was non issue awesome job on that front to directadmin team.
 
I do have directadmin working, installed local sni ssl from https://freesslcert.org/ got one certificate for server and bunch of site that i want to test. So looking good, no ssl error. On my live server just had apache, now i have opportunity to install nginx reverse proxy. Got that working, created one test site, manually uploaded files and db. Site is working fine, so far so good. Will install mod pagespeed next to check if that improves speed.

I have not added any additional configuration directives for nginx, using it as reverse proxy.

Do i need to do any additional security measures to secure server


Next to test user back from live site, want to check if email account are created and email's are upto date. Will try this tomorrow, want some information how can i check email's on test server. Can i login using roundcube on test server, maybe temporary set ip for site to test ip on hosts file on my computer and login with correct credentials will that work.

Thanks
 
Back
Top