Migrate jump server installation from one server to another
How to move the Ezeelogin bastion host from one server to another(MIGRATION)?
Overview: This article offers a step-by-step guide on how to migrate an Ezeelogin jump server from one server to another.
1. How do we migrate the Ezeelogin installation from one server to another?
Step 1(A): If you are using the Ezeelogin master-slave configuration, you should verify and confirm that the database is in sync.
Refer to this article to verify database connectivity.
Step 1(B): Run the script /usr/local/sbin/backup_ezlogin.php on the current server to create the backup archive.
The backup archive would be created in /var/ezlogin.xx.bin
root@old_gateway_server:~# /usr/local/sbin/backup_ezlogin.php
root@old_gateway_server:~# ls /var/
ezlogin_backup_v7.27.6_b381_Sat_May_21_2022_14_33_28_UTC.bin
The contents in users' home directories will not be backed up automatically.
You will need to manually transfer the contents, including the keys, to the new primary server.
The directory /var/log/ezlogin stores the user SSH sessions that are recorded. This directory could run into a huge size ( 1GB >) which would cause the backup script to take a long to complete ( The log directory has to be tarred and then gzip'ed compressed which is time-consuming and resource intensive). In such, cases it's advisable to skip the log directory while running the backup script as follows:
root@old_gateway_server:~# /usr/local/sbin/backup_ezlogin.php -nologs
After restoring a backup, you would need to copy or rsync /var/log/ezlogin directory to the new server.
root@old_gateway_server:~# rsync -rt /var/log/ezlogin/* root@new_primary_ip:/var/log/ezlogin/
Step 1(C): Make sure that Ezeelogin's licensed IP is changed to a new IP from the customer portal.
If you are using an owned license, then you can skip this step.
Step 1(D): Install the same dependencies. Make sure that the new server has the same versions of PHP and MySQL server, and also install the webserver, PHP modules, and Ioncube.
Refer to this article to install the same versions in different OS: Setup and Configure Jump Server.
Step 1(E): Move the executable ezlogin.xx.bin archive to the new server, and execute the .bin file.
root@old_gateway_server:~# scp /var/ezlogin_backup_v7.27.6_b381_Sat_May_21_2022_14_33_28_UTC.bin
root@new_gateway_server_ip:/root/
root@new_gateway_server:~# sh ezlogin.xx.bin
- Follow the on-screen instructions and confirm everything is working in the new server such as (login to GUI, Ezsh shell, remote server, etc.
In case of any error, while restoring check the restore log. Refer to the below step to find the log.
root@new_gateway_server :~# tail /var/log/ezlogin_restore.log
Refer to this article to fix the PHP limit error while restoring.
2. How to restore slave/secondary installation?
We don't need to migrate and restore the slave/secondary node, as the master and slave nodes are identical. We can install a slave node identical to the master node.
Refer to this article to install the slave node.
3. How to restore logs from the old slave server to the new slave server?
You can use the following steps to restore logs in the primary when you skip the log directory from the backup.
Step 3(A): Copy logs from the old slave server to the new slave. Run the below command on the old slave server.
root@old_secondary_server:~# rsync -rt /var/log/ezlogin/* root@new_slave_ip:/var/log/ezlogin
Step 3(B): Run the below script on the new slave server to re-populate SSH logs.
root@new_secondary_server:~# /usr/local/ezlogin/eztool.php -reimport_logs
Step 3(C): Click on the view icon on the new slave Ezeelogin SSH log from GUI to confirm log files have been copied and repopulated.
Refer to the screenshot below.
Contact support with any error messages you may have.