We currently have a dynamically provided IP address and are switching over to a static ip address. As such, I need to change the IP address on our 3 LAMP servers. These servers also run bind9 for DNS and postfix/dovecot for email. (MySQL is actually running as a Percona DB cluster which may be irrelevant.)
I think I have a good strategy, but want to check my logic with others who may have done this successfully before.
The concept is to stop all web, database, and mail services on each machine one at a time, pushing traffic to one of the two remaining servers, and run the following script to replace the old IP address with the new IP address, then reboot the server and attempt to push traffic back to it then proceed with the next server in the cluster if all goes well.
I used grep -r to find instances of the old ip address in the system and need to make sure that I'm not missing anything important that needs to be considered.
find /etc/bind -type f -print0 | xargs -0 sed -i 's/old.ip.address/new.ip.address/g'
find /etc/postfix -type f -print0 | xargs -0 sed -i 's/old.ip.address/new.ip.address/g'
find /etc/apache2 -type f -print0 | xargs -0 sed -i 's/old.ip.address/new.ip.address/g'
find /etc/postfix -type f -print0 | xargs -0 sed -i 's/old-ip-address/new-ip-address/g'
find /etc/bind -type f -print0 | xargs -0 sed -i 's/rev.address.ip.old/rev.address.ip.new/g'
As a point of clarification, grep -r found the IP address references in the /etc/bind/zones tables, the /etc/postfix configuration files, and the /etc/apache2 config file. The IP address separated by hyphens was also found in the postfix config files. The reverse IP address was also found in a /etc/bind/named.conf.local file and will also need to be replaced.
Can anyone see if I may be missing something here? I'm doing this in a production environment...not the most ideal of circumstances, of course.
Sorry all. Looks like I let this get stale after finding the solution. For posterity's sake, here's what seems to be working at this point:
$ORIGIN example.com.
$TTL 12H
; @ symbol represents example.com.
@ 12H IN SOA ns1.example.com. hostmaster@example.com. (
2015062954 ;serial
30M ;refresh
2M ;retry
2W ;expire
1D ;minimum TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 mail.example.com.
IN A 99.101.XXX.XXX
IN TXT "v=spf1 a mx ip4:99.101.XXX.XXX ~all"
IN SPF "v=spf1 a mx ip4:99.101.XXX.XXX -all"
ns1 IN A 99.101.XXX.XXX
ns2 IN A 99.101.XXX.XXX
mail IN A 99.101.XXX.XXX
IN TXT "v=spf1 a mx ip4:99.101.XXX.XXX ~all"
IN SPF "v=spf1 a mx ip4:99.101.XXX.XXX -all"
www IN A 99.101.XXX.XXX
dev IN A 99.101.XXX.XXX
demo IN A 99.101.XXX.XXX
webconf IN A 99.101.XXX.XXX
stats IN A 99.101.XXX.XXX
While the idea of using a find
piped to an xargs
sounds reasonable, I would take my 15 years of experience and tell you that is a bad idea. I would propose:
This way you have a fast transition with:
cp somefile.new somefile
and a fast backout with:
cp somefile.orig somefile
Additionally, I would expect that the zones files contain actual DNS entries, so changing them is fine, but you'll probably need to reload named for those changes to take effect. Same goes for postfix, you'll want to postfix reload those as well.
EDIT (I haven't taken the time to actually load this zone, but it looks reasonably correct):
$ORIGIN example.com.
$TTL 12H @ IN SOA ns1.example.com. hostmaster@example.com. (
2015062660 ;
30M ;refresh
2M ;retry
2W ;expire
1D ;minimum TTL
)
IN NS ns1.example.com.
IN NS ns2.example.com.
IN A 99.101.XXX.X
example.com. IN MX 10 mail.example.com.
mail IN A 99.101.XXX.X
IN TXT "v=spf1 a mx ip4:99.101.XXX.X ~all
ns1 IN A 99.101.XXX.X
ns2 IN A 99.101.XXX.X
www IN CNAME example.com.
dev IN CNAME example.com.
demo IN CNAME example.com.
webconf IN CNAME example.com.
stats IN CNAME example.com.
EDIT: glue records
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.