Debian Squeeze (6) ends support – time to upgrade

openlogo-nd-100February 29th, 2016 marks the end of LTS Support for Debian Squeeze, which is still used by many of our customers.  This means that updates for known security issues will no longer be produced and over time, a server running this version will become vulnerable to being exploited.

Squeeze was released in 2011 and was our recommended distribution at the time, however if you're still running it now is the time to upgrade to a new version.  Wheezy (Debian 7), and Jessie (Debian 8) have been released since then.  Debian is known for having a relatively easy in-place upgrade system, compared to other distributions.  However, there are still potential problems with any upgrade, so be prepared to fix up configuration problems that might prevent your server from operating properly after the upgrade.

There are a couple of factors that would make upgrading more of an involved process.  If you have a control panel such as Plesk or Cpanel, the upgrade will be different and this guide doesn't cover that.

If you have web applications installed, they might be dependant on a particular version of php, and the upgrade may change the php version and break your web application.  For popular web applications and frameworks such as WordPress and Drupal, this should not be a problem if the application/framework itself is up to date.  Check the requirements of your application and make sure it is updated before you update Debian.

You can find more details about Debian upgrades at our dist upgrade page. You can also find a handy script which automates the upgrade at https://github.com/pbkwee/deghost.  (Run that with --to-jessie to get from Squeeze to Jessie)

Upgrade to Wheezy

You probably want to end up on Debian Jessie, the current stable version, but you can't upgrade directly from Squeeze to Jessie in a manual upgrade, first you need to upgrade to Wheezy then complete the upgrade to Jessie as detailed in the next section.

Debian's official guide to upgrading to Wheezy is at https://www.debian.org/releases/wheezy/amd64/release-notes/ch-upgrading.html.  That includes handling advanced details such as apt pinning and package holds, which probably aren't relevant if you've got a standard install.

If you want to upgrade manually, the main steps for a Wheezy upgrade are:

  • Take a backup.  Go to https://rimuhosting.com/cp/vps/backup.jsp and click "Run Backup"  You should also consider backing up data separately, e.g. taking a database dump.
  • Log on to your VPS via ssh
  • To make sure you have enough disk space, run df -h.  You should be fine if there is 1G or more available on your main partition.
  • Before you upgrade, make sure squeeze is up to date: apt-get update; apt-get dist-upgrade; apt-get clean
  • make sure there are no problems with the packaging system: dpkg --audit.  This command won't produce any output if everything is OK.
  • Comment out any backports or unofficial sources in /etc/apt/sources.list and /etc/apt/sources.list.d/*
  • Change /etc/apt.sources.list to point to Wheezy, eg.
    deb http://http.us.debian.org/debian wheezy main
    deb http://security.debian.org/ wheezy/updates main

    and update the package list: apt-get update

  • Now it's time to run the update.  This might take up to an hour or more, depending on the state of your system: apt-get dist-upgrade
  • While the update proceeds, periodically check the output, as it will occasionally stop to ask questions like "A new version of configuration file xxx is available, but the version installed currently has been locally modified. What do you want to do about modified configuration file xxx?"  Answering "install the package maintainer's version" will result in keeping the system as standard as possible, but it may remove customisations needed to keep your server operating as intended.  Answering "keep the local version currently installed" will keep your customisations, but your configuration may not work on the updated system.  Make a note of any files you're unsure of to check later.
  • run apt-get clean to delete package files that were downloaded during the upgrade.
  • (optional - recommended) Go to https://rimuhosting.com/cp/vps/kernel.jsp and select the latest 4.1 series kernel (currently 4.1.17-rh17.xenU.x86_64), which will work fine for Wheezy.
  • If you didn't already do so in the step above, reboot the system.
  • Check the system is functioning as expected.  Update any configuration files that need updating.

The most common problem upgrading from Squeeze to Wheezy is changes in the Dovecot configuration (i.e. email access).  You should "install the package maintainer's version" for Dovecot related files, re-apply any customisations to that, and you may need to move certificate files as well, and double check that the configuration points to the correct certificate files.

Upgrading to Jessie

Jessie is the latest version of Debian, and our current recommended distro.  These instructions describe the second part of the manual upgrade from Wheezy to Jessie.

This part of the upgrade is similar to the upgrade from Squeeze to Wheezy.  If you are following straight on from the first part, you probably would not take another VPS backup, although you might want to make a copy of configuration files you have changed during that upgrade.   Note Jessie uses systemd which requires features which aren't in old kernels, so make sure the kernel is updated first (see above.)

The apt sources list lines to use are:

deb http://http.us.debian.org/debian/ jessie main
deb http://security.debian.org/ jessie/updates main

See our dist upgrade page for more details.   In Jessie, Apache has changed from version 2.2 to version 2.4, and this comes with some significant changes in configuration file syntax.  Again, it's likely best to "install the package maintainer's version" for Apache related files, and fix up the configuration to re-add your customisations.

Despite being more work, it's preferable to do the complete upgrade to Jessie rather than just upgrading to Wheezy.  Jessie software is more current, and it should receive LTS support until 2020, while Wheezy support will end in 2018.

If you would like assistance upgrading servers, RimuHosting can help.  Just put in a sysadmin work ticket at https://rimuhosting.com/ticket/startticket.jsp.  A straightforward squeeze-wheezy-jessie upgrade will take our experienced sysadmins less than 2 hours, as long as there aren't dependencies on outdated software.

Posted in HOWTO, Rimuhosting, Security | Tagged , , | Leave a comment

VM hosting now available at NextDC in Sydney

Screen Shot 2016-01-13 at 2.45.32 PMWe are happy to announce we are now offering VM hosting out of the NextDC facility in Sydney!   Some highlights:

  • Uptime Institute Tier III certification.
  • N+1 power and cooling.
  • Hot and cold aisles for peak cooling power efficiency.
  • Cardboard- (and dust-) free data halls.
  • Locked cabinets.
  • Inert gas fire suppressant.
  • Financially stable, publicly listed data center company.
  • Fenced, secure bio-metric entry, 24x7 staffed and CCTV.
  • Host servers are all latest generation dual processor Intel E5 servers with 128GB of DDR4 memory and blazing fast SSD storage.
  • Reliable, fast and affordable data transfer (from 0.07AUD/GB)

Pricing from around AUD 35/m.  Order (or price up) a Sydney VM here.

Continue reading

Posted in Rimuhosting | Tagged , , | Leave a comment

Don’t let the OOM killer stop MySQL

MySQLMany of our customers are successfully using MySQL (or MariaDB) databases on their servers, and they usually run fine as installed and do not need any special attention. However, occasionally problems can occur with MySQL, and this may indicate that some manual tuning is required. One scenario is when the system is short of memory, sometimes MySQL will be killed by the system since MySQL can be a big memory user. Continue reading

Posted in HOWTO, Rimuhosting | Tagged , , | 1 Comment

Using Vagrant to Manage Rimu VPS systems

Vagrant is high level wrapper around virtualization and configuration management
software. It simplifies the creation and management of easily reproduceable
environments. It is particularly suited for development and test enviroments
where servers are brought up and down frequently. It can also be used to bootstrap
production systems.

It can be used with configuration management software such as salt, puppet, chef
and others to easily provision systems.

Many software projects now ship a Vagrantfile which allows their users to quickly
setup and test the software using Vagrant.

Continue reading

Posted in HOWTO, Rimuhosting | Tagged , , , , | Leave a comment

WordPress + nginx quick setup

wordpress-logo-notext-rgbWordPress is a very popular blogging platform. We have a number of posts on how to set it up and keep it up to date on here already. In general those methods focus on deploying under the Apache web server.

Recently we were pointed to a scripted method developed by they guys at rtcamp.com. They have a bunch of python scripts that have developed into a pretty neat tool-set for fast easy WordPress setup under Nginx.

You can use an existing mysql database service or let the tool install the latest version of the high performance mariadb database.

EasyEngine also configures email so you can get all those useful notices from your new wordpress install. And sets up basic security to help you get started with confidence.

It includes change control using git, which should be very handy for developers. And implements a built in backup function (ee site backup) and the ability to update wordpress from the command line.

Continue reading

Posted in HOWTO | Tagged , , , | Leave a comment

Credit card processor change

4442855985_235331b281_oFYI our original credit card processor (WorldPay) has pulled out of the New Zealand market.  We are now using a different credit card processor (BNZ).

You may find that the transaction description that appears on your CC statement is slightly different.  It should still clearly identify the payment as being to RimuHosting (including for customers of our other services, like LaunchtimeVPS Zonomi DNS Hosting, Bakop, Pingability and 25 Mail St

The new processor provides more detailed 'declined' error messages.  Which should make resolving any payment issues a little easier.

We continue to be able to charge in USD, AUD, EUR, GBP and NZD.  Some credit card issuers are adding on fees for USD transactions on USD accounts if the credit card processor is overseas.  If you see any extra fees please do let know the details.  It would be good to know which card issuers are guilty of this practice and what they are charging.

Image credit: gdsdigital

Posted in Rimuhosting | Leave a comment

Running Vagrant in your VPS

vagrantVagrant is often used to set up development environments in a standardized way, so that your software project deployed via vagrant has a standard environment with all the operating system components and set-up it needs to work properly. It creates a virtual machine to provide this environment, so that different developers can work on it without needing to reconfigure their workstations to the requirements of the application.

If you want to use vagrant on a rimu server, you'll have no problems with a rimuhosting dedicated server. However, if the project budget doesn't stretch that far yet, what other options do you have? Normally you can't create virtual machines on your ri.mu VPS, because it's a virtual machine itself, and currently virtual machines can't be nested inside other virtual machines. However, you can use Vagrant's docker provider, which uses linux containers to provide the virtual machine. This works because linux containers, unlike virtual machines, will run inside the XEN virtual machines that are used for ri.mu VPSs.

In this post, I show how to set up a Debian docker container with systemd and an ssh server, so we can ssh into it and it behaves like a regular VM. (This is not the "Docker way" of doing things, but it works well with Vagrant.) Continue reading

Posted in HOWTO, Rimuhosting | Tagged , , , | Leave a comment

Getting help

sandrThe following conversation plays out in our inbox and Live Chat a good few times a week.

In fact, you may have received a link to this post from one of those places.

If so, then the dialog below could be an easy way for you to better understand your situation and to get the quickest resolution to your problem...

"Is there a problem in $datacentername?"

There might be.  There are lots of servers and switches in each of the data centers we use.

A better opener might be something like "When I go to $someurl it says $something and instead it should be loading $suchandsuchapage".

Let us know:

  • what you are doing (URL you are on, command you are running, ...),
  • what you are seeing, and
  • what you expect to see.

Continue reading

Posted in Rimuhosting | Tagged | Leave a comment

Restoring an Exploited WordPress files

wordpress-hackedI previously had a 10 step process to replace all the files in a wordpress, this got rid of most file based exploits.

Since then i have written a shell script that pretty much incorperates that

wget http://blog.rimuhosting.com/files/restorewordpress.sh
chmod +x restorewordpress.sh
./restorewordpress.sh /full/path/to/documentroot

Note: This does not do custom themes or plugins (only ones from wordpress.com), and its a good idea to double check the wp-config.php is clean, either before, or immediately after doing this.

Please let me know if you have any issues at all with this script, or modifications needing to be made.

Posted in Featured, HOWTO | Tagged , , , , | Leave a comment

Free Kubernetes hosting for developers

KubernetesRimuHosting are working on a command line tool set to easily setup and manage a Kubernetes cluster.  We are currently in a trial phase.

During this phase we will be providing free Kubernetes cluster hosting to developers needing an easy-to-setup, publicly-accessible Kubernetes cluster to hack on.

Just email support at rimuhosting, mention this blog post URL and give us a brief summary of what you plan to do.  We will help get you setup with your own Kubernetes cluster for a few months (no cost).

If you are heading to KubeCon this month, this could be the perfect setup for trying out different recipes.

For more details on our Kubernetes management tool stack see our project at https://github.com/pbkwee/rimuhosting-k8s .  We invite you to fork the project and contribute improvements.  Let us know what you are working on: $$$ bounties are on offer.

Posted in Rimuhosting | Tagged , , , | Leave a comment