Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy

Lessons Learned:

Novell® Open Enterprise Server Upgrades Made Easy

© Novell, Inc. All rights reserved.2

Martin WeissTechnical Specialist

[email protected]

Glen DavisTechnical Project Manager

[email protected]

Kyle BradfordTechnical Support Engineer

[email protected]

mailto:[email protected]




Agenda

• Before starting the migration

• OES implementation guidelines

• Migration processes

• The OES 2 migration toolkit

Before Starting the Migration


Reasons for Migrating

End of NetWare® General Support3rd party support has waned

March 7, 2010 – Start extended support

New FeaturesDynamic storage technology,Domain Services for WindowsVirtualizationEnhanced scalability – 64-bit support

Linux and Open SourceNew possibilities

Linux certifications


Building Your Knowledge Novell® Open Enterprise Server 2 Upgrade Resources

LearningResources

• Training Courses– Migration and upgrade– Free Training

• Best Practices Guide– Live document– User comments– Quick response time– Real migration scenarios

• Novell Community– Upgrade/migration articles– Novell CoolSolutions– Wiki– Migration forums

• Social Media– Twitter: twitter.com/novelloes– Linkedin Groups– Facebook– YouTube

http://www.novell.com/training/freelearning/


Pre-Upgrade/Migration -Analyze and Review the Environment

Know your Environment

• Analyze using Novell Support Advisor• Verify and document the Source

Environment

Review, Fix & Stabilize

• Solve existing issues• Apply latest patches before upgrading

Analyze the Services

• File, Print, DNS, DHCP, Access Protocols• Check that the OES2 services fulfill your

requirements


Plan the New Environment

New Environment

Create a written concept

Design your target platform•OES2 SP2 Services•32 or 64 bit•RAM replacement Other Applications

•Anti-Virus & Backup•GroupWise•ZENworks• Identity Manager


Prepare Your Existing Environment (1)

AutoYaST +ZLM Server

Source for Installand Update

Easy Post-installation

Frozen PatchLevels

Faster thanCD/DVD

Based onTemplates

eDirectory™ Server

Cluster Node

Remote / Special Purpose


Prepare Your Existing Environment (2)

Name Resolution

•DNS•SLP•HOSTS

(Old, new, & temp servers)

Timesync

•Migrate from Timesync to NTP

Edirectory™ Security

•Verify SDI + PKI•Can the CA Keys be

exported?•Use SDIDIAG and

iManager PKI Plugin

eDirectory Core

•Review structure, partitioning, replication

•Versions, Patchlevel, and Schema (at 8.8?)

•Unique naming, ID, and Posix Attributes

Novell® Open Enterprise ServerThings to Think About



•Define and Follow your “new” standardsStandards

•Linux is case sensitive (User, Groups and other objects)•UniquenessNaming

•Local EXT3 and LVM• /boot / (root) /tmp /var /homeFile System Layout

• Install only what is really required and used•1. Install, 2. Patch, 3. Configure

Packet / Pattern Detection

•Use Bonding for fault tolerance (active-backup)LAN Connectivity

•Use DM-MPIO if possible,know if it is cluster or stand-alone

•Verify certification of storage infrastructure for SLES

SAN and Storage Connectivity



•DNS (same as on NetWare)•Changes in SLP (move to OpenSLP)•HOSTS

Name Resolution

•Move from Timesync to NTPDTimesync

•NMAS + Universal Password + Password Policies•Implement Universal Password for AFP and CIFS?eDirectory™

•For what do we need LUM?•Convert lower, persistent search, cache only, alternate

servers

Linux User Mgmt

•Where to put them in eDirectory?•Install user vs. LDAP proxy users•One proxy user per service per location / server•Security

LDAP Proxy Users

•LDAP integrated “Linux” DHCPDHCP



•Same as on NetWare®DNS

•Novell Storage Services™

•Distributed File System•Dynamic Storage Technology

File Services

•NCP™ / CIFS / AFP / NFS / NetStorage•CPFL & DFS / DST Support•Pure-FTP + Gateway

File Access Protocols

•One driver store only•Use DNS for Print Manager name resolution•Use DSServer2/DSServer3 for LDAP fault tolerance

iPrint

•Install only where required•Keep plugins currentiManager

•See Novell® Cluster Services SessionCluster Services

Migration Processes: Step-by-Step


Migration Step-by-StepeDirectory™ Server

Install New Server

Add Replicas

Change Replica Type

Move CA and Verify SDI

Move IDM Driversets

Change Login Process

Verify and Monitor

Uninstall Old Server

To Rollback – just reverse the process


Migration Step-by-StepCluster (Rolling Upgrade)

Remove NetWare Node

Re-add Server as a Linux Node

Migrate Resources to Linux Node

Repeat steps 1-3 for all Nodes

Do Final Conversion after

all nodesare Linux

Advantages•No new hardware•Less effort

Disadvantage•High risk


Migration Step-by-StepCluster (Build a New Cluster)

Build New Linux Cluster

Move Data using Migration Toolkit or SAN Replication

Change Login Script/ DNS Entries, UNC paths

Remove old Servers from the tree and clean

up eDirectory™

Congratulate yourself on a successful Migration!

Advantages•Lowest Risk•Chance for re-design, consolidation & Test

Disadvantage•More Effort


Migration Step-by-StepRemote Server / Special Purpose

Install New Server

Move / Migrateeach Service

UninstallOld Server

•Assign the zones to the new DNS server•Reconfigure clients & serversDNS Migration

•Use Migration Toolkit•Clean up before migrating

DHCPMigration

•Use Migration Toolkit•Disable Login & Clear connections for final delta-sync•Modify Login Scripts

File Migration

•Use Migration Toolkit•Copy/Consolidate and change DNS•Remove old queues and gateways

iPrintMigration

•Move User per user /department basedUser Migration

•Find and Remove existing dependencies•use DNS (CNAME) where possible•use loginscript

Dependency Cleanup

Migration Processes: Transfer-ID


Migration “Transfer-ID” eDirectory™ Server

Post-Migration and CleanupClean Up eDirectory Check eDirectory

Use Migration ToolsTransfer eDirectory and Identity Verify Log Files

Install New ServerInstall Pre-Migration Pattern Install into the same context as

the Source


Migration “Transfer-ID”Cluster Node

Not needed!


Migration “Transfer-ID” Remote Server / Special Purpose

Post-Migration & Cleanup

Clean Up eDirectory Configure and Check Services

Install New ServerInstall Services that will

Migrate (NSS, iPrint)Install Pre-Migration

PatternInstall into same context

as Source

Use Migration ToolsTransfer eDirectory™

and IdentitityTransfer Services - File,

Print, iFolder, DHCP Verify Log Files


Transfer-ID vs. Step-by-Step

Transfer-ID ComparisonAdvantages•No new name or IP

Address required•No change in login scripts

required•No change in eDirectory™

attributes required•Fast

Disadvantages•High Risk•No easy rollback•No chance to test•No chance to increase the

load•No chance to re-design


Transfer-ID vs. Step-by-StepRecommendation and Best Practice

• Start with Step-by-Step and use Transfer-ID later• Find and remove your dependencies• Remove forgotten “old, inherited stuff”• Split services logical from server names• Review your design and re-design• Use DNS Name resolution where possible• Use secondary IP-addresses

• Note: Transfer-ID only migrates some applications

The Novell® Open Enterprise Server 2 Migration Toolkit


Screenshot of the GUI


Supported Platforms

Migration Tools Support Matrix

Source OS Support• 5.1 SP8• 6.0 SP5a• 6.5SP6 or later• OES1 Linux• OES2 Linux• Windows

NT/2K/2k2

eDirectory™

• 8.6.2 or later• 8.7.X• 8.8.X

File Systems• Source NetWare®

NSS and Traditional

• Source Linux NSS, NCP™ and POSIX

• Target OES2NSS, NCP and POSIX

Note – Only OES2 is supported as a destination OS,for NetWare destinations, use the older SCMT.


Migration Tools Features

Migration Tools

Migrates Several

OES Services

Transfer-ID Migration

Scheduling

E-mail Notification

CLI Tools

File SystemiPrintCIFSAFPDHCPFTPiFolderNTPArchive & Versioning

Service Migrations

Non-destructive

migration and consolidation


File System: Migration Procedure

•Many Command Line parameters (see migfiles)

•The GUI uses a SCMT like approach

–Drag/drop directories or volumes to the target

–Select date/time or pattern based filters

•Uses SMS and nbackup to move data

–System meta data preservation = SMS Backup


File System: Tips and Tricks

Load TSAFS with /cluster and/showclustervolumesonnode on thesource server

Use NSS /NOQUOTACHECKING onthe target server


iPrint: Migration Procedure

iPrint data migrated•Printer objects, printer drivers, driver profiles, print

managers, ACL's, banners and printer pools

Using the GUI•Select the active print managers on both the source

and the target•Select all or required printers to migrate

Printer Migration Naming•Printers can keep the same name and context in

eDirectory™. The original eDirectory print objects are renamed


iPrint: Migration Key Points

• TID 7004455 is the official iPrint migration best practices guide

• The Migration tool for iPrint– Requires successful iprntman authentication– Creates duplicate printer objects (NetWare® to Linux)– Option to “migrate” objects to same container (rename _NW)– Is a non-risk procedure if choosing 'Consolidate'– Creates /opt/novell/iprint/bin/psmimport.xml– Does not configure workstations to point new print manager

http://www.novell.com/support/php/search.do?cmd=displayKC&do%3Cbr%20/%3EcType=kc&externalId=7004455&sliceId=2&docTypeID=DT_TID_1_1&d%3Cbr%20/%3EialogID=85546648&stateId=0%200%2085548020


iPrint: Workstation Migration

iPrint printers installed to workstation consist of the following:

• Printer agent name (without eDirectory™ context)• Address to which Print Manager is bound

Two strategies to point installed printers to a new server:● Address binding (TID 7005255)

– PSMHostAddress value within etc/opt/novell/iprint/conf/ipsmd.conf

●iPrint printer agent redirection (TID 3006726)

http://www.novell.com/support/php/search.do?cmd=displayKC&do%3Cbr%20/%3EcType=kc&externalId=7005255



DHCP: Migration Procedure

• NetWare® DHCP configuration is mapped to Linux DHCP

– The NetWare schema and Linux schema in eDirectory™ are different

– All the subnets get migrated inside a single DHCP service (dhcpService object) including leases

• The GUI and the CLI support three levels of migration– Server Level:

Migrates NetWare server with all the associated subnets– Subnet Level:

Migrates the selected NetWare subnets only– Tree Level:

Migrates all the servers in the tree with the associated data

After the Migration toNovell® Open Enterprise Server


Activation / Implementation of NEW Features

Wait some timebefore new features

are activated

Make sure themigration was

successful

Monitor the systemFix any problems

Implement any additional features(DST, DFS, DsfW,

ifolder)


References

Upgrade Community - http://www.novell.com/communities/coolsolutions/upgradetooes

Upgrading to OES Guide - http://www.novell.com/documentation/oes2/upgrade_to_oes_lx/ page=/documentation/oes2/upgrade_to_oes_lx/data/front.html

iPrint Migration Best Practices – TID 7004455

Other iPrint Resources – TIDS 7004109 , 7005255, 7004910

http://www.novell.com/communities/coolsolutions/upgradetooes





Questions and Answers

Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.

General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Supporting Slides


Migration Tools Features (Continued)

• Disable login during data migration– User logins are disabled during data migration for better data

integrity and to minimize open file errors

• Sync enhancements– Files skipped due to open file errors are migrated during

sync, meta data changes like trustee addition etc.

• Multiple path selection– Drag and Drop multiple paths during consolidation

• Non-English character directories– Non-English character support using Novell® Client

• Support for cluster data migration

Documents

Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy