Weitere ähnliche Inhalte Ähnlich wie Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy (20) Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy2. Martin Weiss
Technical Specialist
mw@novell.com
Glen Davis
Technical Project Manager
gldavis@novell.com
Kyle Bradford
Technical Support Engineer
kwbradford@novell.com
2 © Novell, Inc. All rights reserved.
3. Agenda
• Before starting the migration
• OES implementation guidelines
• Migration processes
• The OES 2 migration toolkit
3 © Novell, Inc. All rights reserved.
5. Reasons for Migrating
End of NetWare General Support
®
3rd party support has waned
March 7, 2010 – Start extended support
New Features
Dynamic storage technology,
Domain Services for Windows
Virtualization
Enhanced scalability – 64-bit support
Linux and Open Source
New possibilities
Linux certifications
5 © Novell, Inc. All rights reserved.
6. Building Your Knowledge
Novell Open Enterprise Server 2 Upgrade Resources
®
• Best Practices Guide
• Training Courses – Live document
– Migration and upgrade – User comments
– Free Training – Quick response time
– Real migration scenarios
Learning
Resources
• Novell Community • Social Media
– Upgrade/migration articles – Twitter: twitter.com/novelloes
– Novell CoolSolutions – Linkedin Groups
– Wiki – Facebook
– Migration forums – YouTube
6 © Novell, Inc. All rights reserved.
7. Pre-Upgrade/Migration -
Analyze and Review the Environment
• Analyze using Novell Support Advisor
• Verify and document the Source
Know your
Environment Environment
• Solve existing issues
Review, Fix • Apply latest patches before upgrading
& Stabilize
• File, Print, DNS, DHCP, Access Protocols
• Check that the OES2 services fulfill your
Analyze the
Services requirements
7 © Novell, Inc. All rights reserved.
8. Plan the New Environment
Design your target
platform
• OES2 SP2 Services
• 32 or 64 bit
• RAM replacement
Other Applications
• Anti-Virus & Backup
Create a written
• GroupWise
concept
• ZENworks
• Identity Manager
New
Environment
8 © Novell, Inc. All rights reserved.
9. Prepare Your Existing Environment (1)
Source for Install
and Update
eDirectory ™
Server
Based on Easy Post-
Templates installation
AutoYaST + Cluster Node
ZLM Server
Remote /
Faster than Frozen Patch Special
CD/DVD Levels Purpose
9 © Novell, Inc. All rights reserved.
10. Prepare Your Existing Environment (2)
Name Resolution Timesync
• DNS • Migrate from
• SLP Timesync to NTP
• HOSTS
(Old, new, & temp
servers)
Edirectory Security
™
eDirectory Core
• Verify SDI + PKI • Review structure,
• Can the CA Keys be partitioning,
exported? replication
• Use SDIDIAG and • Versions, Patchlevel,
iManager PKI Plugin and Schema (at 8.8?)
• Unique naming, ID,
and Posix Attributes
10 © Novell, Inc. All rights reserved.
12. Novell Open Enterprise Server
®
Things to Think About
Standards • Define and Follow your “new” standards
• Linux is case sensitive (User, Groups and other objects)
Naming • Uniqueness
• Local EXT3 and LVM
File System Layout • /boot / (root) /tmp /var /home
Packet / Pattern • Install only what is really required and used
Detection • 1. Install, 2. Patch, 3. Configure
LAN Connectivity • Use Bonding for fault tolerance (active-backup)
SAN and Storage • Use DM-MPIO if possible,know if it is cluster or stand-
alone
Connectivity • Verify certification of storage infrastructure for SLES
12 © Novell, Inc. All rights reserved.
13. Novell Open Enterprise Server
®
Things to Think About
Name •DNS (same as on NetWare)
•Changes in SLP (move to OpenSLP)
Resolution •HOSTS
Timesync •Move from Timesync to NTPD
eDirectory ™
•NMAS + Universal Password + Password Policies
•Implement Universal Password for AFP and CIFS?
Linux User •For what do we need LUM?
•Convert lower, persistent search, cache only, alternate
Mgmt servers
LDAP Proxy •Where to put them in eDirectory?
•Install user vs. LDAP proxy users
•One proxy user per service per location / server
Users •Security
DHCP •LDAP integrated “Linux” DHCP
13 © Novell, Inc. All rights reserved.
14. Novell Open Enterprise Server
®
Things to Think About
DNS •Same as on NetWare ®
•Novell Storage Services
File Services
™
•Distributed File System
•Dynamic Storage Technology
File Access •NCP / CIFS / AFP / NFS / NetStorage
™
•CPFL & DFS / DST Support
Protocols •Pure-FTP + Gateway
•One driver store only
iPrint •Use DNS for Print Manager name resolution
•Use DSServer2/DSServer3 for LDAP fault tolerance
iManager •Install only where required
•Keep plugins current
Cluster Services •See Novell Cluster Services Session
®
14 © Novell, Inc. All rights reserved.
16. Migration Step-by-Step
eDirectory Server ™
Install New
Server
Uninstall
Add Replicas
Old Server
Verify and Change
Monitor Replica Type
Change Login Move CA and
Process Verify SDI
Move IDM
Driversets
To Rollback – just reverse the process
16 © Novell, Inc. All rights reserved.
17. Migration Step-by-Step
Cluster (Rolling Upgrade)
Remove
Advantages
NetWare Node •No new hardware
•Less effort
Do Final
Conversion after Re-add Server
all nodes as a Linux Node
are Linux
Disadvantage
•High risk
Migrate
Repeat steps 1-3 Resources to
for all Nodes Linux Node
17 © Novell, Inc. All rights reserved.
18. Migration Step-by-Step
Cluster (Build a New Cluster)
Advantages
Build New Linux Cluster •Lowest Risk
•Chance for re-
design,
consolidation &
Test
Congratulate yourself on Move Data using Migration
a successful Migration! Toolkit or SAN Replication
Disadvantage
•More Effort
Remove old Servers Change Login Script/
from the tree and clean DNS Entries, UNC paths
up eDirectory ™
18 © Novell, Inc. All rights reserved.
19. Migration Step-by-Step
Remote Server / Special Purpose
•Assign the zones to the new DNS server
DNS Migration •Reconfigure clients & servers
DHCP •Use Migration Toolkit
Install New Server •Clean up before migrating
Migration
•Use Migration Toolkit
•Disable Login & Clear connections for final delta-
File Migration sync
•Modify Login Scripts
Uninstall Move / Migrate iPrint •Use Migration Toolkit
Old Server each Service •Copy/Consolidate and change DNS
Migration •Remove old queues and gateways
User Migration •Move User per user /department based
•Find and Remove existing dependencies
Dependency •use DNS (CNAME) where possible
Cleanup •use loginscript
19 © Novell, Inc. All rights reserved.
21. Migration “Transfer-ID”
eDirectory Server ™
Install New Server
Install into the same context as
Install Pre-Migration Pattern the Source
Use Migration Tools
Transfer eDirectory and Identity Verify Log Files
Post-Migration and Cleanup
Clean Up eDirectory Check eDirectory
21 © Novell, Inc. All rights reserved.
23. Migration “Transfer-ID”
Remote Server / Special Purpose
Install New Server
Install Services that will Install Pre-Migration Install into same context
Migrate (NSS, iPrint) Pattern as Source
Use Migration Tools
Transfer eDirectory ™
Transfer Services - File, Verify Log Files
and Identitity Print, iFolder, DHCP
Post-Migration & Cleanup
Clean Up eDirectory Configure and Check Services
23 © Novell, Inc. All rights reserved.
24. Transfer-ID vs. Step-by-Step
Transfer-ID Comparison
Advantages Disadvantages
• No new name or IP • High Risk
Address required • No easy rollback
• No change in login scripts • No chance to test
required • No chance to increase the
• No change in eDirectory ™
load
attributes required • No chance to re-design
• Fast
24 © Novell, Inc. All rights reserved.
25. Transfer-ID vs. Step-by-Step
Recommendation and Best Practice
• Start with Step-by-Step and use Transfer-ID later
• Find and remove your dependencies
• Remove forgotten “old, inherited stuff”
• Split services logical from server names
• Review your design and re-design
• Use DNS Name resolution where possible
• Use secondary IP-addresses
• Note: Transfer-ID only migrates some applications
25 © Novell, Inc. All rights reserved.
28. Supported Platforms
Migration Tools Support Matrix
Source OS eDirectory ™
File Systems
Support • 8.6.2 or later • Source NetWare ®
• 5.1 SP8 • 8.7.X NSS and
• 6.0 SP5a • 8.8.X Traditional
• 6.5SP6 or later • Source Linux
NSS, NCP and
™
• OES1 Linux POSIX
• OES2 Linux • Target OES2
• Windows NSS, NCP and
NT/2K/2k2 POSIX
Note – Only OES2 is supported as a destination OS,
for NetWare destinations, use the older SCMT.
28 © Novell, Inc. All rights reserved.
29. Migration Tools Features
Migrates
Service Migrations
Several
OES File System
Services
iPrint
CLI Tools
Transfer-ID
Migration
CIFS
AFP
Migration DHCP
Tools FTP
Non- iFolder
destructive
migration and
consolidation
Scheduling
NTP
Archive & Versioning
E-mail
Notification
29 © Novell, Inc. All rights reserved.
30. File System: Migration Procedure
•Many Command Line parameters (see migfiles)
•The GUI uses a SCMT like approach
–Drag/drop directories or volumes to the target
–Select date/time or pattern based filters
•Uses SMS and nbackup to move data
–System meta data preservation = SMS Backup
30 © Novell, Inc. All rights reserved.
31. File System: Tips and Tricks
Load TSAFS with /cluster and
/showclustervolumesonnode on the
source server
Use NSS /NOQUOTACHECKING on
the target server
31 © Novell, Inc. All rights reserved.
32. iPrint: Migration Procedure
iPrint data migrated
• Printer objects, printer drivers, driver profiles, print
managers, ACL's, banners and printer pools
Using the GUI
• Select the active print managers on both the source
and the target
• Select all or required printers to migrate
Printer Migration Naming
• Printers can keep the same name and context in
eDirectory . The original eDirectory print objects are
™
renamed
32 © Novell, Inc. All rights reserved.
33. iPrint: Migration Key Points
• TID 7004455 is the official iPrint migration best
practices guide
• The Migration tool for iPrint
– Requires successful iprntman authentication
– Creates duplicate printer objects (NetWare to Linux)
®
– Option to “migrate” objects to same container (rename _NW)
– Is a non-risk procedure if choosing 'Consolidate'
– Creates /opt/novell/iprint/bin/psmimport.xml
– Does not configure workstations to point new print manager
33 © Novell, Inc. All rights reserved.
34. iPrint: Workstation Migration
iPrint printers installed to workstation consist of
the following:
• Printer agent name (without eDirectory™ context)
• Address to which Print Manager is bound
Two strategies to point installed printers to a
new server:
● Address binding (TID 7005255)
– PSMHostAddress value within etc/opt/novell/iprint/conf/ipsmd.conf
●iPrint printer agent redirection (TID 3006726)
34 © Novell, Inc. All rights reserved.
35. DHCP: Migration Procedure
• NetWare DHCP configuration is mapped to
®
Linux DHCP
– The NetWare schema and Linux schema in eDirectory are ™
different
– All the subnets get migrated inside a single DHCP service
(dhcpService object) including leases
• The GUI and the CLI support three levels of migration
– Server Level:
Migrates NetWare server with all the associated subnets
– Subnet Level:
Migrates the selected NetWare subnets only
– Tree Level:
Migrates all the servers in the tree with the associated data
35 © Novell, Inc. All rights reserved.
37. Activation / Implementation of NEW Features
Wait some time
before new features
are activated
Implement any
Make sure the
additional features migration was
(DST, DFS, DsfW, successful
ifolder)
Fix any problems Monitor the system
37 © Novell, Inc. All rights reserved.
38. References
Upgrade Community -
http://www.novell.com/communities/coolsolutions/upgradetooes
Upgrading to OES Guide -
http://www.novell.com/documentation/oes2/upgrade_to_oes_lx/
page=/documentation/oes2/upgrade_to_oes_lx/data/front.html
iPrint Migration Best Practices – TID 7004455
Other iPrint Resources – TIDS 7004109 , 7005255, 7004910
38 © Novell, Inc. All rights reserved.
41. Unpublished Work of Novell, Inc. All Rights Reserved.
This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc.
Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope
of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified,
translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc.
Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General Disclaimer
This document is not to be construed as a promise by any participating company to develop, deliver, or market a
product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in
making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents
of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any
particular purpose. The development, release, and timing of features or functionality described for Novell products
remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to
make changes to its content, at any time, without obligation to notify any person or entity of such revisions or
changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc.
in the United States and other countries. All third-party trademarks are the property of their respective owners.
43. Migration Tools Features (Continued)
• Disable login during data migration
– User logins are disabled during data migration for better data
integrity and to minimize open file errors
• Sync enhancements
– Files skipped due to open file errors are migrated during
sync, meta data changes like trustee addition etc.
• Multiple path selection
– Drag and Drop multiple paths during consolidation
• Non-English character directories
– Non-English character support using Novell® Client
• Support for cluster data migration
43 © Novell, Inc. All rights reserved.