Multiple server config -> change one server IP

Hello,

I have a ISPC 3.2.7p1 with multiple server configuration on ubuntu 20.04

One of that server must be moved from US to EU.
Impact of that move : Previous and future server will be exactly identical except an IP change...
Moving server is not Web interface server.
Nevertheles, that's a web server with several domains in production.

I need to make that change not crashing my multiple server conf.
I read several thread on howtoforge and went to the conclusion that I need to :
- modify /etc/hosts file on all server with new IP
- modify IP in ISPC web interface

Is that enough to have ISPC configuration still working after change ?

thank you

 

Thanks for the clarification

As I see my /etc/mysql/mariadb.conf.d/50-server.cnf, nor ssl neither ip limit are set.
Is there a tuto to implement that both security ?

 

VPN is solving both issue : SSL and port open -> I can close port 3306 !
A query regarding VPN : Master is web interface server isn't it ?
All other servers are slaves : you confirm ?
so that I setup my server vpn on ispc master, and, client on other servers...

 

Nice.
Now, I want to sumarize what I will do :
- change my server and so change global IPv4/v6
- change all my website/DNS ips
- install VPN : this will move ALL my IPs to local ones
- Modify on all servers :
* Mariadb users (the one attached to ips to declare loacl ips)
* /etc/hosts : Should I modify that with local ips ? This thread seems to say "yes" : https://www.howtoforge.com/installi...tabase-cluster-on-debian-6.0-with-ispconfig-3
- Modify ISPC ips with local ones

1. in mariadb, I declare
CREATE USER 'root'@'192.168.0.x' IDENTIFIED BY 'myrootpassword';
CREATE USER 'root'@'server2.example.tld' IDENTIFIED BY 'myrootpassword';

server2.example.tld will be taken in /etc/hosts (local ip) or through my DNS (global ip) ?
Closing port 3306, I will see quite quickly if connection is trying to be done with global ip... But, I don't want to crash my conf !

2. Do I have to update ispc on all server to make ip change effective ?

 

Sorry, it is not fully clear.
I will set a VPN : I can connect through private/local = VPN ips, or, through global ips.
In my case, I want to connect to through VPN = private/local ips
You confirm, I'll put private/local ips in /etc/hosts

 

Hello,
I discover that on main server, in phpmyadmin these users

How these users are updated ?
and
on server where IP changed, I see in phpmyadmin in dbispconfig
Server ip is unchanged
How this ip is updated ?
should I run ispconfig update ?
Should I do that manually ?

 

This is what I did.
It copy paste the full config changing only IP. I removed the old one.

And regarding the server where IP changed from x.y.z.t to a.b.c.d,
I see in phpmyadmin (in dbispconfig) : Server ip is unchanged => still x.y.z.t
How this ip is updated to a.b.c.d ?
should I run ispconfig update ?
Should I do that manually ?

 

I did that
and


I look in /var/log/ispconfig but there is no interesting log.
I try
/usr/local/ispconfig/server/server.sh
it says "finished server.php." without any changes... Still same message in web GUI

 

I try flush privilege on my main server
I turn to DEBUG
I review log on both main server and the one with IP changed.
I found on main server : 08.04.2022-20:48 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
Should I remove that file ?

 

Finally, jobs finished and IP is changed in System > Server config
That's a mystery !

 

I thought to move my conf to a conf protected by VPN as proposed by Jesse.
But, quite more experienced, I would like to secure my move to VPN.
The 1st question is obviously the possible security issue with connexion between MariadB on multiple servers.
I strictly follow manual install.
I don't set any ssl connexion for MariadB. Is that connexion between Mariadb servers crypted ?

 

It's clear now. I'd like move to VPN.

I try to make clear how to do that with my multiple server configuration...
it is in production so that it is quite tricky...

Here are the steps I see :
After installing OpenVPN server on my main server and clients on each others.
For ispconfig, I need to change :
MARIADB
- root user: in mysql >CREATE USER 'root'@'internalIP' IDENTIFIED BY 'mypass';
- ispcsrv1, ispcsrv2, etc... users: internal IP > added directly in phpmyadmin (as above)
- in mysql >FLUSH privileges;
ISPC WEB GUI
- System > Server config : modifying each servers with internal IP
- System > Server IP : modifying each servers with internal IP <<- I am Clearly not sure ?

After all that it is not clear to me if mariadb connexion with ispconfig will be through internal IP or external IP and even with server name ?
When I setup and update ispconfig, I define mysql_master_hostname = ns1.mydom.fr and not an IP...

Thank you for your help