By Oben

Server makeover...

The HP Microserver N40L that had been running my Solaris 11 system has been chugging along with huge up times. Early on in the piece my dovecot IMAP server was quitting suddenly and that was leading to problems. I discovered that it was due to a time-travel condition due to changing system time and fixed it with ntpd, but only after upgrading my whole dovecot/postfix system.

And that broke many things... the real problem why all hand rolled servers eventually break is that they are current for only a few months if you're lucky before some bug or major security flaw is found requiring upgrading etc.

Solaris wasn't the easiest platform to compile for either. So I've retired the N40L running Solaris to acting only as my ZFS file system based file server and rsync backups.

Last year I picked up a new HP Gen8 Microserver and put in 16 GB of ECC RAM and a 1265L Xeon Processor which supports a hypervisor setup. I tried KVM on Centos and VMware but ultimately settled on Hyper-V 2012 Core.

I'd moved DNS from BIND on the Solaris machine to a new unbound DNS server and squid proxy to a new FreeBSD virtual machine running on the new machine a while ago, but my mail and web were still running on the old HP N40L.

In the last 2 weeks I've moved those to a new OpenSUSE 13.1 server after briefly considering using Centos 7 that was due to be released. I have avoided all self compilation using pre-built binaries supplied by the distro. Fortunately OpenSUSE has a nice logical file layout which made this easy. Setup was fantastic with only a few gotchas.

I also ditched all MySQL usage and chose to go with PostgreSQL and it has been great. Apache was also left aside in preference for NGINX which has been a real pleasure to setup after I understood how it all worked.

The move was really sparked by the slow decay in the old server. The OpenSSL bugs which were unfixed and the realisation that the mail server was generating backscatter spam as a result of weak setup.

As a part of setting the new mail server up I've been watching the mail log and am seeing so many insights into the nasties that had been exploiting the old server. Spam counts have virtually gone to zero with postscreen and amavis working together. Also being a completely virtual setup it's become a lot easier to manage.

The Gen8 Microserver is a true Proliant in that it has full iLO4 ability and that has meant I can manage the server from anywhere.

Previous

My brief (potential) Tesla Model S ownership ends.

 Next

Move away from unRAID