1. Overview
This document is a migration guide for RCDevs products between two servers. The installation is not covered by this guide.
2. Requirements
You need root access to the old server and the new server. Products you want to migrate should be installed on the new server.
3. RCDevs Products
This section covers these products:
- WebADM (webadm)
- Radius Bridge (radiusd)
- LDAP Bridge (ldproxy)
- Directory Server (slapd)
- Publishing Proxy (waproxy)
- HSMHub Server (hsmhubd)
You need to use only the command lines for products installed on your server. You can list installed products with this command:
ls /opt
3.1 Backup
You need to back up each product and copy files to the new server. Each product will be restarted. Check the versions for choosing the right backup method:
cat /opt/webadm/VERSION | head -1
cat /opt/radiusd/VERSION | head -1
cat /opt/ldproxy/VERSION | head -1
cat /opt/slapd/VERSION | head -1
cat /opt/waproxy/VERSION | head -1
cat /opt/hsmhubd/VERSION | head -1
3.1.1 Versions after 2017
This method is preferred and covers these versions:
webadm >= 1.5.9
radiusd >= 1.2.9
ldproxy >= 1.0.6
slapd >= 1.0.6
waproxy >= 1.1.2
hsmhubd >= 1.0.2
Create backup files:
/opt/hsmhubd/bin/backup hsmhubd.rcdevs.gz
/opt/ldproxy/bin/backup ldproxy.rcdevs.gz
/opt/radiusd/bin/backup radiusd.rcdevs.gz
/opt/slapd/bin/backup slapd.rcdevs.gz
/opt/waproxy/bin/backup waproxy.rcdevs.gz
/opt/webadm/bin/backup webadm.rcdevs.gz
Copy files from the old server to the new server, replace <new_server_ip> with the corresponding IP address:
scp *.rcdevs.gz root@<new_server_ip>:.
3.1.2 Versions before 2017
Create backup files:
/opt/hsmhubd/bin/hsmhubd stop
tar -caf hsmhubd.rcdevs.gz -C /opt/hsmhubd conf logs temp
service hsmhubd start
/opt/ldproxy/bin/ldproxy stop
tar -caf ldproxy.rcdevs.gz -C /opt/ldproxy conf logs temp
service ldproxy start
/opt/radiusd/bin/radiusd stop
tar -caf radiusd.rcdevs.gz -C /opt/radiusd conf logs temp
service radiusd start
/opt/slapd/bin/slapd stop
tar -caf slapd.rcdevs.gz -C /opt/slapd data conf logs temp
service slapd start
/opt/waproxy/bin/waproxy stop
tar -caf waproxy.rcdevs.gz -C /opt/waproxy conf logs temp
service waproxy start
/opt/webadm/bin/webadm stop
tar -caf webadm.rcdevs.gz -C /opt/webadm pki conf logs temp
service webadm start
Copy files from the old server to the new server, replace <new_server_ip> with the corresponding IP address:
scp *.rcdevs.gz root@<new_server_ip>:.
3.2 Restore
Restore all products which are present. This will overwrite all configuration files on the new server:
/opt/hsmhubd/bin/restore hsmhubd.rcdevs.gz
/opt/ldproxy/bin/restore ldproxy.rcdevs.gz
/opt/radiusd/bin/restore radiusd.rcdevs.gz
/opt/slapd/bin/restore slapd.rcdevs.gz
/opt/waproxy/bin/restore waproxy.rcdevs.gz
/opt/webadm/bin/restore webadm.rcdevs.gz
Now, you can check that each product is running and test it:
service hsmhubd status
service ldproxy status
service radiusd status
service slapd status
service waproxy status
service webadm status
Note
The license is produced for specifics IP addresses, so you may need to assign the IP from the old server to the new server.
4. SQL database
If you use MySQL or MariaDB, you can proceed as follows. If you use another product, please refer to your furnisher. The new MySQL server should be well configured, running and empty. You can migrate WebADM without migrating your SQL backend if you use a remote SQL server.
4.1 Backup
Create a backup file as root, enter an empty password if you don’t use it:
mysqldump --all-databases -p | gzip > webadm.sql.gz
Copy the file from the old server to the new server, replace <new_server_ip> with the corresponding IP address:
scp webadm.sql.gz root@<new_server_ip>:.
4.2 Restore
The following command erases all databases inside the MySQL server, including users table, and replace it with the backup:
zcat webadm.sql.gz | mysql -p; mysql_upgrade
5. LDAP database
Our directory is covered by chapter 3 with slapd. If you use another LDAP backend, please refer to your provider. You can migrate WebADM without migrating your LDAP backend if you use a remote LDAP server.