It just so happened that system administrators are always suspicious of everything new. Literally everything, from new server platforms to software updates, is perceived with caution, exactly as long as there is no first practical experience of use and positive feedback from colleagues from other enterprises. It is understandable, because when you are literally responsible for the operation of the enterprise and the safety of important information with your head, over time you stop trusting even yourself, not to mention counterparties, subordinates or ordinary users.
Distrust of software updates is due to a lot of unpleasant cases when installing fresh patches led to a drop in performance, changes in the user interface, failure of the information system, or, most unpleasantly, data loss. However, you cannot completely refuse updates, in which case the infrastructure of your enterprise may be attacked by cybercriminals. Suffice it to recall the sensational case of the WannaCry virus, when data stored on millions of computers not updated to the latest version of Windows turned out to be encrypted. This incident not only cost hundreds of system administrators their jobs, but also clearly showed the need for a new policy for updating software products in the enterprise, which would allow combining security and speed of their installation. In anticipation of the Zimbra 8.8.15 LTS release, let's take a look at how you can update the Zimbra Collabration Suite Open-Source Edition to ensure the safety of all critical data.
One of the main features of the Zimbra Collaboration Suite is that almost all of its links can be duplicated. In particular, in addition to the main LDAP-Master server, you can add duplicate LDAP replicas, to which, if necessary, you can transfer the functions of the main LDAP server. You can also duplicate Proxy servers and servers with MTA. Such duplication allows, if necessary, to remove individual infrastructure links from the infrastructure during the upgrade and, thanks to this, reliably protect yourself not only from long downtime, but also from data loss in the event of an unsuccessful upgrade.
Unlike the rest of the infrastructure, duplication of mail storages in the Zimbra Collaboration Suite is not supported. Even if you have multiple mail stores in your infrastructure, each mailbox data can reside on a single mail server. That is why one of the main rules for data safety during updates is timely backup of information in mail storages. The fresher your backup, the more data will be saved in case of an emergency. However, there is a nuance here, which is that the free edition of Zimbra Collaboration Suite does not have a built-in backup mechanism and you will have to use the built-in GNU / Linux tools to create backups. However, if your Zimbra infrastructure has several mail storages, and the size of the mail archive is large enough, then each such backup can take a very long time, and also create a serious load on the local network and on the servers themselves. In addition, during long-term copying, the risks of various force majeure sharply increase. Also, if you perform such a backup without stopping the service, there is a risk that a number of files may not be copied correctly, which will lead to the loss of some data.
That is why, if you need to back up large amounts of information from mail storages, it is better to use incremental backup, which allows you to avoid a complete copy of all information, and back up only those files that appeared or changed after the previous full backup. This greatly speeds up the process of removing backups, and also allows you to quickly start installing updates. You can achieve incremental backups in Zimbra Open-Source Edition using the Zextras Backup modular extension, which is part of the Zextras Suite.
Another powerful tool, Zextras PowerStore, allows the system administrator to dedupe data on the mail store. This means that all identical attachments and duplicate emails on the mail server will be replaced with the same original file, and all duplicates will turn into transparent symlinks. This not only saves a lot of hard disk space, but also greatly reduces the size of the backup, which makes it possible to achieve a reduction in the time of a full backup and, consequently, to perform it much more often.
But the main feature that Zextras PowerStore is able to provide for a secure update is the transfer of mailboxes between mail servers in Zimbra multi-server infrastructures. Thanks to this feature, the system administrator gets the opportunity to do exactly the same with mail storages that we did with MTA and LDAP servers to update them securely. For example, if there are four mail stores in the Zimbra infrastructure, you can try to distribute mailboxes from one of them to the other three, and when the first mail store is empty, you can update it without any fear for the safety of data. If the system administrator has a spare mail store in the infrastructure, he can use it as a temporary storage for mailboxes migrated from the mail stores being upgraded.
The console command allows you to perform such a transfer. DoMoveMailbox. In order to use it to transfer all accounts from the mail storage, you must first obtain their complete list. In order to achieve this, on the mail server we will execute the command zmprov sa zimbraMailHost=mailbox.example.com > accounts.txt. After executing it, we will get the file accounts.txt with a list of all mailboxes in our mail storage. After that, you can immediately use it to transfer accounts to another mail storage. It will look like this, for example:
zxsuite powerstore doMailboxMove reserve_mailbox.example.com input_file accounts.txt stages data
zxsuite powerstore doMailboxMove reserve_mailbox.example.com input_file accounts.txt stages data,account notifications [email protected]
The command is executed twice in order to copy all the data the first time without transferring the account itself, and the second time, since the data is transferred incrementally, copy all the data that appeared after the first transfer, and then transfer the accounts themselves. Please note that account transfers are accompanied by a short period of inaccessibility of the mailbox, and it would be wise to warn users about this. In addition, after the completion of the execution of the second command, a corresponding notification is sent to the administrator's mail. Thanks to it, the administrator can start updating the mail storage as quickly as possible.
If the software on the mail storage is updated by a SaaS provider, it would be much more reasonable to transfer data not by accounts, but by domains located on it. For these purposes, it is enough to slightly modify the input command:
zxsuite powerstore doMailboxMove reserve_mailbox.saas.com domains client1.ru, client2.ru, client3.ru stages data
zxsuite powerstore doMailboxMove secureserver.saas.com domains client1.ru, client2.ru, client3.ru stages data,account notifications [email protected]
After the transfer of accounts and their data from the mail storage is completed, the data on the source server ceases to represent at least some significance, and you can start updating the mail server without any fear for their safety.
For those who seek to minimize downtime when migrating mailboxes, a fundamentally different scenario for using the command is ideal zxsuite powerstore doMailboxMove, the essence of which is that the mailboxes are transferred immediately to the updated servers, without the need to use intermediate servers. In other words, we add a new mail storage to the Zimbra infrastructure, which has already been updated to the latest version, and then simply transfer accounts from an unupdated server to it according to the already familiar scenario and repeat the procedure until all servers in the infrastructure are updated.
This method allows you to transfer accounts once and thereby reduce the time during which mailboxes will remain inaccessible. In addition, only one additional mail server is required for its implementation. However, its use should be treated with caution by those administrators who deploy mail storages on servers of different configurations. The fact is that the transfer of a large number of accounts to a weaker server can negatively affect the availability and responsiveness of the service, which can be quite critical for large enterprises and SaaS providers.
Thus, thanks to Zextras Backup and Zextras PowerStore, the Zimbra system administrator is able to update all nodes of the Zimbra infrastructure without any risk to the information stored on them.
Source: habr.com