Okay, one more time ... hopefully relatively smoothly this time. Have done fair bit more thorough testing, essentially on "cloned" virtual machines (while also taking the appropriate precautions to avoid conflicts with the running production).
Anyway, will restart the upgrade process soon. If all goes relatively smoothly, should be complete after a few hours or so.
Services - for the most part will mostly remain up and operational throughout, but there will definitely be at least some disruptions, due to some required reboot(s) and stopping and restarting of services. I'll update once things have completed and things look good ... or any substantially different results.
This BALUG VM is the host that supports essentially all (except some additional DNS slaves) services of: BALUG and likewise excepting list services, for: SF-LUG BerkeleyLUG
references/excerpts: https://lists.balug.org/pipermail/balug-admin/2020-February/001017.html https://lists.balug.org/pipermail/balug-admin/2020-February/001018.html http://linuxmafia.com/pipermail/conspire/2020-April/010521.html http://linuxmafia.com/pipermail/conspire/2020-April/010525.html
As far as I can easily tell, the upgrade has been successfully completed.
Let me/us know if you find anything amiss or not working properly or whatever.
Bit 'o before & after:
$ hostname; lsb_release -d; uname -m balug-sf-lug-v2.balug.org Debian GNU/Linux 9.12 (stretch) x86_64
$ hostname; lsb_release -d; cat /etc/debian_version; uname -m balug-sf-lug-v2.balug.org Description: Debian GNU/Linux 10 (buster) 10.3 x86_64 $
Also, for the curious, this is set of outline/notes I worked off of ... the "clone" bits, were additional steps run through with "clone" VMs of the production balug VM - notably to avoid conflicts with the production VM's data and operations (DNS, email, lists, IP addresses, ...), and the "files:" bit towards the end outlines most all the configuration files that had some specific (semi-)"manual" changes applied to them (typically merging customizations from older versions into newer versions, adjusting to fix any incompatibilities, etc.):
# <balug.upgrade.notes expand -t 4 #vm=balugclone01 vm=balugclone02 clone VM --> "$vm" see also earlier: https://lists.balug.org/pipermail/balug-admin/2020-February/001018.html
clone: down interface link: (vm=balugclone02; link=down; mac=52:54:00:67:20:40; virsh domif-setlink "$vm" "$mac" "$link" --config; virsh domif-setlink "$vm" "$mac" "$link"; virsh domif-getlink "$vm" "$mac" --config; virsh domif-getlink "$vm" "$mac") change network from bridged to default stop and disable potential conflicting services: systemctl stop & systemctl disable: mailman.service exim4.service apache2.service spamassassin.service rsync.service mariadb.service bind9.service /etc/network/interfaces disable interfaces except lo and change eth0 to inet dhcp shutdown up interface link: (vm=balugclone02; link=up; mac=52:54:00:67:20:40; virsh domif-setlink "$vm" "$mac" "$link" --config; virsh domif-setlink "$vm" "$mac" "$link"; virsh domif-getlink "$vm" "$mac" --config; virsh domif-getlink "$vm" "$mac") boot follow upgrade documentation from release notes https://www.debian.org/releases/buster/amd64/release-notes/ before changing sources.list: update, upgrade backup (cd / && tar -cf - etc var/lib/dpkg var/lib/apt/extended_states) | xz -9 > etc_var-lib-dpkg_var-lib-apt-extended_states.tar.xz dpkg --get-selections * | xz -9 > dpkg_--get-selections_*.xz Migrating from legacy network interface names https://www.debian.org/releases/buster/amd64/release-notes/ch-information.en... eth0 --> ens3 /etc/udev/rules.d/70-persistent-net.rules comment out active lines # rm /etc/systemd/network/50-virtio-kernel-names.link # mount -o remount,rw /boot && update-initramfs -u /etc/fail2ban/action.d/dshield.conf eth0 --> ens3 /etc/fail2ban/action.d/mynetwatchman.conf eth0 --> ens3 /etc/network/interfaces eth0 --> ens3 /etc/sysctl.conf eth0 --> ens3 reboot /etc/apt/sources.list stretch --> buster # (ts=$(TZ=GMT0 date -Iseconds) && script -t 2>~/tmp/9.12_to_10/typescript."$ts".time -a ~/tmp/9.12_to_10/typescript."$ts".script) # lvcreate -l 320 -n archives balug # mkfs -t ext3 -L archives /dev/balug/archives # tune2fs -r 0 /dev/balug/archives # (umask 022 && mkdir /var/tmp/archives) add to /etc/fstab (setting UUID accordingly in /etc/fstab): /dev/balug/archives /var/tmp/archives ext3 nosuid,nodev 0 3 # LABEL=archives UUID= # rm -rf /var/cache/apt/archives/.f # (umask 022 && apt-get -y clean) # mount -a # mkdir /var/tmp/archives/archives # (cd /var/cache/apt/archives && find . -xdev -depth -print0 | pax -rw -0d -p e /var/tmp/archives/archives) add to /etc/fstab: /var/tmp/archives/archives /var/cache/apt/archives none bind 0 0 mount -a pre-fill files from cache # (cd / && umask 022 && apt-get -y upgrade) configuration & files: Automatic font hinting style: 2 (Slight) /etc/init.d/rsync /etc/crontab /etc/fail2ban/action.d/dshield.conf save downloaded packages to cache # apt-get clean pre-fill files from cache # (cd / && umask 022 && apt full-upgrade) configuration & files: Insert headers before changelogs? [yes/no] no Show changes in reverse order? [yes/no] no Allow ordinary users to run ip vrf exec using capabilities? [yes/no] no /etc/exim4/exim4.conf.template /etc/sysctl.conf PAM profiles to enable: 1. Unix authentication /etc/sysstat/sysstat /etc/logrotate.d/apache2 /etc/bind/named.conf.options.local /etc/bind/named.conf.options /etc/bind/named.conf.local /etc/lvm/lvm.conf (umask 077 && cd / && echo -e 'usr/share/dns\nusr/share\nusr' | pax -rw -d -p e /var/lib/named/) /etc/fstab: /usr/share/dns /var/lib/named/usr/share/dns none bind 0 0 # mount -a # rm /etc/systemd/system/bind9.service.d/bind9.conf # systemctl daemon-reload clone: bind9 all notify off (no) comment out notify-source and notify-source-v6 systemctl enable bind9.service /etc/exim4/eximconfig/config/exim4.conf & /etc/exim4/eximconfig/messages/en/eximconfig: :%s/TEXT_LOG_ALLOWED/TEXT_LOG__ALLOWED/g :%s/TEXT_LOG_ETRN_PROHIBITED/TEXT_LOG__ETRN_PROHIBITED/g :%s/TEXT_LOG_SUBJECT/TEXT_LOG__SUBJECT/g save downloaded packages to cache remove from /etc/fstab: /dev/balug/archives /var/tmp/archives ext3 nosuid,nodev 0 3 # LABEL=archives UUID= /var/tmp/archives/archives /var/cache/apt/archives none bind 0 0 # umount /var/cache/apt/archives # umount /var/tmp/archives # rmdir /var/tmp/archives # lvchange -a n /dev/balug/archives # lvremove /dev/balug/archives reboot (cd / && umask 022 && apt-get --purge -y remove linux-image-4.9.0-12-amd64) (cd / && umask 022 && apt-get --purge -y autoremove) (cd / && umask 022 && apt-get -y --purge remove $(dpkg -l | awk '{if($1=="rc")print $2;}')) clone: down interface link: (vm=balugclone02; link=down; mac=52:54:00:67:20:40; virsh domif-setlink "$vm" "$mac" "$link" --config; virsh domif-setlink "$vm" "$mac" "$link"; virsh domif-getlink "$vm" "$mac" --config; virsh domif-getlink "$vm" "$mac") systemctl enable: mariadb.service spamassassin.service exim4.service mailman.service apache2.service rsync.service reboot stop and disable services: (set -x; for s in rsync apache2 mailman exim4 spamassassin mariadb; do { systemctl stop "$s" && systemctl disable "$s"; } || break; done) up interface link: (vm=balugclone02; link=up; mac=52:54:00:67:20:40; virsh domif-setlink "$vm" "$mac" "$link" --config; virsh domif-setlink "$vm" "$mac" "$link"; virsh domif-getlink "$vm" "$mac" --config; virsh domif-getlink "$vm" "$mac")
files: /etc/network/interfaces /etc/network/interfaces.nominal /etc/udev/rules.d/70-persistent-net.rules comment out active lines # rm /etc/systemd/network/50-virtio-kernel-names.link /etc/fail2ban/action.d/dshield.conf eth0 --> ens3 /etc/fail2ban/action.d/mynetwatchman.conf eth0 --> ens3 /etc/network/interfaces eth0 --> ens3 /etc/sysctl.conf eth0 --> ens3 /etc/apt/sources.list stretch --> buster /etc/init.d/rsync /etc/crontab /etc/fail2ban/action.d/dshield.conf /etc/exim4/exim4.conf.template /etc/sysctl.conf /etc/sysstat/sysstat /etc/logrotate.d/apache2 /etc/bind/named.conf.options.local /etc/bind/named.conf.options /etc/bind/named.conf.local /etc/lvm/lvm.conf # rm /etc/systemd/system/bind9.service.d/bind9.conf /etc/exim4/eximconfig/config/exim4.conf & /etc/exim4/eximconfig/messages/en/eximconfig: TEXT_LOG_ALLOWED --> TEXT_LOG__ALLOWED TEXT_LOG_ETRN_PROHIBITED --> TEXT_LOG__ETRN_PROHIBITED TEXT_LOG_SUBJECT --> TEXT_LOG__SUBJECT #
From: "Michael Paoli" Michael.Paoli@cal.berkeley.edu Subject: BALUG VM Debian oldstable --> stable Date: Sun, 19 Apr 2020 02:08:49 -0700
Okay, one more time ... hopefully relatively smoothly this time. Have done fair bit more thorough testing, essentially on "cloned" virtual machines (while also taking the appropriate precautions to avoid conflicts with the running production).
Anyway, will restart the upgrade process soon. If all goes relatively smoothly, should be complete after a few hours or so.
Services - for the most part will mostly remain up and operational throughout, but there will definitely be at least some disruptions, due to some required reboot(s) and stopping and restarting of services. I'll update once things have completed and things look good ... or any substantially different results.
This BALUG VM is the host that supports essentially all (except some additional DNS slaves) services of: BALUG and likewise excepting list services, for: SF-LUG BerkeleyLUG
references/excerpts: https://lists.balug.org/pipermail/balug-admin/2020-February/001017.html https://lists.balug.org/pipermail/balug-admin/2020-February/001018.html http://linuxmafia.com/pipermail/conspire/2020-April/010521.html http://linuxmafia.com/pipermail/conspire/2020-April/010525.html