[英]Update all instances of IP address on a server
We currently have a dynamically provided IP address and are switching over to a static ip address. 当前,我们有一个动态提供的IP地址,并正在切换到一个静态IP地址。 As such, I need to change the IP address on our 3 LAMP servers. 因此,我需要更改3个LAMP服务器上的IP地址。 These servers also run bind9 for DNS and postfix/dovecot for email. 这些服务器还运行DNS的bind9和电子邮件的postfix / docotcot。 (MySQL is actually running as a Percona DB cluster which may be irrelevant.) (MySQL实际上是作为Percona数据库集群运行的,这可能是无关紧要的。)
I think I have a good strategy, but want to check my logic with others who may have done this successfully before. 我认为我有一个很好的策略,但想与其他之前可能成功完成此工作的人核对我的逻辑。
The concept is to stop all web, database, and mail services on each machine one at a time, pushing traffic to one of the two remaining servers, and run the following script to replace the old IP address with the new IP address, then reboot the server and attempt to push traffic back to it then proceed with the next server in the cluster if all goes well. 该概念是一次停止每台计算机上的所有Web,数据库和邮件服务,将流量推送到其余两个服务器之一,然后运行以下脚本以将新IP地址替换为旧IP地址,然后重新启动服务器,然后尝试将流量推回去,如果一切顺利,则继续使用群集中的下一个服务器。
I used grep -r to find instances of the old ip address in the system and need to make sure that I'm not missing anything important that needs to be considered. 我使用grep -r在系统中查找旧IP地址的实例,并且需要确保我没有遗漏任何需要考虑的重要内容。
find /etc/bind -type f -print0 | xargs -0 sed -i 's/old.ip.address/new.ip.address/g'
find /etc/postfix -type f -print0 | xargs -0 sed -i 's/old.ip.address/new.ip.address/g'
find /etc/apache2 -type f -print0 | xargs -0 sed -i 's/old.ip.address/new.ip.address/g'
find /etc/postfix -type f -print0 | xargs -0 sed -i 's/old-ip-address/new-ip-address/g'
find /etc/bind -type f -print0 | xargs -0 sed -i 's/rev.address.ip.old/rev.address.ip.new/g'
As a point of clarification, grep -r found the IP address references in the /etc/bind/zones tables, the /etc/postfix configuration files, and the /etc/apache2 config file. 为了澄清起见,grep -r在/ etc / bind / zones表,/ etc / postfix配置文件和/ etc / apache2配置文件中找到了IP地址引用。 The IP address separated by hyphens was also found in the postfix config files. 在后缀配置文件中也找到了用连字符分隔的IP地址。 The reverse IP address was also found in a /etc/bind/named.conf.local file and will also need to be replaced. 在/etc/bind/named.conf.local文件中也找到了反向IP地址,也需要将其替换。
Can anyone see if I may be missing something here? 谁能看到我是否在这里错过了什么? I'm doing this in a production environment...not the most ideal of circumstances, of course. 我是在生产环境中这样做的……当然,这不是最理想的情况。
Sorry all. 不好意思 Looks like I let this get stale after finding the solution. 看起来我找到解决方案后就让它过时了。 For posterity's sake, here's what seems to be working at this point: 为了后代的缘故,这似乎在起作用:
$ORIGIN example.com.
$TTL 12H
; @ symbol represents example.com.
@ 12H IN SOA ns1.example.com. hostmaster@example.com. (
2015062954 ;serial
30M ;refresh
2M ;retry
2W ;expire
1D ;minimum TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 mail.example.com.
IN A 99.101.XXX.XXX
IN TXT "v=spf1 a mx ip4:99.101.XXX.XXX ~all"
IN SPF "v=spf1 a mx ip4:99.101.XXX.XXX -all"
ns1 IN A 99.101.XXX.XXX
ns2 IN A 99.101.XXX.XXX
mail IN A 99.101.XXX.XXX
IN TXT "v=spf1 a mx ip4:99.101.XXX.XXX ~all"
IN SPF "v=spf1 a mx ip4:99.101.XXX.XXX -all"
www IN A 99.101.XXX.XXX
dev IN A 99.101.XXX.XXX
demo IN A 99.101.XXX.XXX
webconf IN A 99.101.XXX.XXX
stats IN A 99.101.XXX.XXX
While the idea of using a find
piped to an xargs
sounds reasonable, I would take my 15 years of experience and tell you that is a bad idea. 尽管使用通过管道传送到xargs
的find
的想法听起来很合理,但我会以15年的经验告诉您,这是一个坏主意。 I would propose: 我建议:
This way you have a fast transition with: 这样,您可以通过以下方式快速过渡:
cp somefile.new somefile
and a fast backout with: 并通过以下方式快速退出:
cp somefile.orig somefile
Additionally, I would expect that the zones files contain actual DNS entries, so changing them is fine, but you'll probably need to reload named for those changes to take effect. 另外,我希望区域文件包含实际的DNS条目,因此可以进行更改,但是您可能需要重新加载具名才能使这些更改生效。 Same goes for postfix, you'll want to postfix reload those as well. postfix也一样,您也希望通过postfix重新加载这些内容。
EDIT (I haven't taken the time to actually load this zone, but it looks reasonably correct): 编辑(我还没有花时间实际加载该区域,但是看起来相当正确):
$ORIGIN example.com.
$TTL 12H @ IN SOA ns1.example.com. hostmaster@example.com. (
2015062660 ;
30M ;refresh
2M ;retry
2W ;expire
1D ;minimum TTL
)
IN NS ns1.example.com.
IN NS ns2.example.com.
IN A 99.101.XXX.X
example.com. IN MX 10 mail.example.com.
mail IN A 99.101.XXX.X
IN TXT "v=spf1 a mx ip4:99.101.XXX.X ~all
ns1 IN A 99.101.XXX.X
ns2 IN A 99.101.XXX.X
www IN CNAME example.com.
dev IN CNAME example.com.
demo IN CNAME example.com.
webconf IN CNAME example.com.
stats IN CNAME example.com.
EDIT: glue records 编辑: 胶水记录
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.