Content

The 1. page content

Introductory

Our Debian servers have been trouble-free for a long time, serving many millions or even hundreds of millions of page requests over the years, even in a single pass, without shutting down, but once in a while these are time consuming and need to be updated. . While it's not as if there is anything wrong with the server, the operating system running on it becomes obsolete, making it more vulnerable to outside attacks - which we get over the years - and over time newer releases of the system include more modern components, which will make it faster and more efficient. Therefore, when another major version comes out of our distribution, it is recommended that you upgrade.

A web server contains a lot of software and especially many configurations and settings, which means a lot of invested work and time, so a complete reinstallation of the server is not an option: during long installation and configuration our web and other services will not be available to our users for a long time. , we may lose customers, which results in a loss of revenue, and last but not least, a long period of downtime results in poor search engine rankings. Fortunately, most Linux distributions, including Debian, have the ability to upgrade on the run at the major version level, minimizing downtime for a one-time reboot.

I've made a description before that A home desktop running Debian 8 (Jessie) has been upgraded to Debian 9, and now we are upgrading a Debian 9 (Stretch) based web server to Debian 10 (Buster). In this example, I specifically a Perfect Server Debian 9 (Stretch) v1.1 I will present this with a version.

It is true that at the time of writing, Debian 11 (Bullseye) is the latest release of the distribution, but on the one hand I promised a perfect server update - not only on a home desktop - and this omission (Debian 9 - Debian 10) I can also replace the upgrade phase in the same step. Also, there are those who have "stuck" with their server even in Debian 9 (Stretch), so they've considered upgrading, so this guide can help.

What's new in Debian 10 (Buster)

Before starting the update, it is recommended that you review the What's new in Debian 10 (Buster)to weigh the importance of the upgrade and the uniqueness and complexity of the components on our server.

Things to do before upgrading

Before we can start the upgrade, there are a few things we need to do to check if our system is up to date with the distribution, and to make sure the upgrade goes smoothly.

System overview

It is a good idea to first review our entire system and gather features and services that may be critical to the upgrade, and for comparison, it's a good idea to take a final look at what's going on before upgrading to make sure everything is working properly. on our server. As I mentioned above, I'm going to update the perfect Debian 9 server here now, so I'll get through the main things quickly.

Query version and release information

First, read about the kernel and Debian version and the distribution release. These can be viewed with the following commands:

uname -a
lsb_release -a
hostnamectl
cat /etc/os-release
cat /etc/debian_version

Websites

Being a web server, it definitely has one or more websites on it. We look at these to see if everything is okay. I have a bare one on this server Wordpress installation, which doesn't contain anything special, I just made it for an earlier installer description, so now check this:

There is no other website here right now. But if you have multiple websites elsewhere, you may want to check them out to see if each one works properly.

Web statistics

One is running on this server Matomo web statistics also, so not only is a measurement code placed on the page that sends the data to an external system, but the statistics system itself runs here, so it's worth looking at this as well:

phpMyAdmin

There is a phpMyAdmin is:

Here, the right-hand panels also show the parameters of the server software (Debian version, MariaDB version, etc.), which you should review again after the upgrade.

ISPConfig

And one ISPConfig:

Roundcube

One Roundcube webmail:

Munin

And finally one Munin server resource statistics:

which is not working properly: it has not drawn graphs since the last kernel update on this server. It may crash somewhat, or it may no longer be compatible with Debian 9 or some of its packages. With a minimal chance, it may even work again in the Debian 10 environment after the upgrade, as I also have a working instance of Munin on my Debian 10 server. Since we are about to update a distribution, it is not worth bothering with it anymore, but it is better to fix things that are not working properly or not at all, so I will not deal with it now.

So these would be version-related information and web apps, but there’s still a lot to do under the hood, and of course your server will pick out what else’s on it is worth reviewing. However, I will not spend any more time here, but we will continue to prepare for the update.

Backup

The security of your data and server settings is paramount, so don't skip this step. Should the distribution upgrade go wrong, in the worst case, we will reload our data into the fresh system after a reinstallation.

In addition to our own personal data and website hosting, it is advisable to save the / Etc also the contents of the directory in which the settings of the used programs are stored. Of course, if a system is optimally built, these parts are usually mounted from a separate hard drive, so if there is any tangle, there is no need to move your data extra during a possible reinstallation, but just re-insert the contents of the other hard drives into the appropriate directories. .

For example, a tar Or the Rsync commands that can be effectively compressed or synchronized. I usually use a combination of the two: I first sync the contents of a web host to another directory with rsync, from where I can update it at any time, and then put it in a third directory with a tar + gzip package where I keep the versions for X time. All this, of course, with scripts automated. So, for example, if any web page were to head up, it would take just a few seconds to run the page to restore the page from the desired version. Of course, there are those who prefer complete backup solutions rather than scripts, for example it's worth a look here.

Checking packages and packages

The last major step before distributing a distribution is a luggage racks and checking and updating packages.

Updating packages

First, update your storage database and packages as usual As root:

apt-get update
apt-get upgrade

Here I had some packages to upgrade, mostly PHP and related packages.

Search for withheld packages

In the next step, we will look for the retained packages. Here are some of the retained packages listed in the previous update, for example, and we'll look at them again:

apt-get upgrade

As well as some packages to look at apt-cache policy with the command why they are withheld:

As you can see, in this example a Sury.org external package is installed on this server, where a newer version of the PHP packages in question is currently available, but the package manager has withheld them.

Since this is specifically an external repository, you could even leave them out, but if you want to update everything exactly, run the following command at to update withheld packages:

apt-get --with-new-pkgs upgrade

Here, of course, press Yes and the packages will be updated and configured.

As a by-product of this, as you can see in the picture above, a package has become redundant and will be removed at the end of this section.

Then we'll look at that apt-mark also packages retained with the showhold command:

apt-mark showhold

Or even the dpkg You can also search for them with the command:

dpkg --get-selections | grep hold

He didn't find anything here with me, so there's nothing more to do with it. However, if you list packages here, you can unlock them with the following command:

apt-mark unhold <csomagnév>

Then run the package update again to update these packages as well.

Search for broken packages

In this step, use dpkg to find broken or partially / partially configured packages:

dpkg --audit

 The dpkg command --audit switch from the manual page:

man dpkg

[...]
       -C, --audit [package-name...]
              Performs database sanity and consistency checks for package-name or all packages if
              omitted  (per  package  checks  since  dpkg  1.17.10).   For  example, searches for
              packages that have been installed only  partially  on  your  system  or  that  have
              missing, wrong or obsolete control data or files. dpkg will suggest what to do with
              them to get them fixed.
[...]

If you find faulty packages, dpkg will suggest what to do with them to fix them.

I haven't found any such packages with me, so I'll move on.

Search for obsolete packages

Obsolete packages are either no longer in the package, have been considered obsolete, or have not been installed from standard Debian repositories, such as compiled from source, and so on. We also need to review these to see if we have such packages, and if so, whether they could be a barrier to a successful distribution upgrade.

Search for obsolete packages in aptitude Or the apt-show-versions commands. All must be installed before use, none of which are installed on Debian systems by default:

apt-get install aptitude
apt-get install apt-show-versions

If they are already installed, you can use the following commands to find your obsolete packages (the first two commands are equivalent):

aptitude search '~o'
aptitude search ?obsolete
apt-show-versions | grep 'No available version'

He also found three with me. If these commands issue packages here, consider removing them manually and from the APT package manager source list (/ Etc / apt / sources.list file) (s). In this case, you can re-install them after the upgrade, if they still exist for Debian 10. However, if you do not want to uninstall the software listed here because you know its function, such as it is an integral part of your system, dependencies on other programs, etc., then find out for yourself whether Debian 10 still exists, has been updated, etc. .

In this case, the Jailkit program found here was installed during the server installation, but it was not installed from a package, but we compiled the Debian package from the downloaded sourcebecause it was not in the Debian 9 repository. So this system has jailkit version 2.20. The good news is that we don't need to remove this because Debian 10 (Buster) backports luggage already in the Version 2.21, so an update will be added because the backports container has been in use since the server was installed.

It also found older kernel packages that are no longer used by the system. These will not interfere with the update, so we can leave them as well; after upgrading the main version of Debian, there will still be more obsolete, unused kernel packages here, so we'll clean them up in the end.

So if you don't have an outdated package that might be preventing you from upgrading, we can move on. However, if you see packages here that we are unsure about the function or importance of, check for packages.debian.org and remove those packages if necessary.

Search for third-party packages

Then look for packages from third parties. Updating these packages to the new major version of Debian is uncertain and may cause problems. So check for packages that are not installed from official Debian repositories. There may be overlaps with obsolete packages, such as a package installed from a source for which there is no update, which also gets the obsolete flag, and because it is not installed from the official package repository, it is also considered third-party. You can use the aptitude command to list these packages before:

aptitude search '~i(!~ODebian)'

I have the output of this command:

Here, too, we need to consider what to do with these packages. In this example, the jailkit package will reappear for the first time, as we have already examined above, and an update will be required, and the other php packages will be from the Sury.org repository, which is a reliable source, and from which we will get updates for Debian. In 10 too. So now there is nothing to do with them either. However, if you are using packages that also come from other repositories, go to the repository's website to see if it will work with Debian 10.

If you change the at any time / Etc / apt / sources.list our files, such as removing or adding repositories, then always run the repository database update to keep our package management up to date:

apt-get update

Remove packages that have become redundant

Even remove automatically installed package dependencies that are no longer needed by any other package:

apt autoremove

There may be many packages here, depending on the components of the system, so on the one hand we will free up storage space, and on the other hand the upgrade will be faster if you have to work with fewer packages, so your system will be cleaner.

Empty the package cache

Before emptying the packet cache, you can see its size a du You can see the free space by looking at the command and then viewing it again after cleaning. To do this, run the following commands:

du -sh /var/cache/apt/archives
apt-get clean
du -sh /var/cache/apt/archives

I have about 213 Mb space available now:

On other systems, these stored packets can take up much more space than just a little-used experimental server.

A next page we will continue to upgrade the distribution to Debian 10 (Buster).

Navigation