Upgrading your webservers from Ubuntu Xenial to Ubuntu Bionic
Last updated: September 15th 2019
In this article we will go through your options for upgrading your webserver to the latest version of Ubuntu.
The "old" Ubuntu Xenial is a Long Term Support release, which is officially supported until 2021, while Ubuntu Bionic is supported til 2023. This essentially means that at the time of writing (2018) you have lots of time to do the upgrade, or you can even skip this version of Ubuntu entirely and go for the next Ubuntu LTS release in 2020.
The (probably) easiest way:
Just migrate your website
Here we will just be creating a new server based on a Ubuntu Bionic image and migrate our website / app data as we would do when moving between any two servers.
Pre-requisites
- You have access to control DNS for any domains that point to your server
- You don't need to, or it would be easy to migrate core components or special server configuration
Usually this approach is the easiest. You will have to judge what is right for you.
Set up a new Ubuntu Bionic server and copy your data
With Webdock it is easy to get a fresh LAMP (Apache) or LEMP (Nginx) webserver based on Ubuntu Bionic. Simply create a server, and you are ready to go.
Usually it is easy to migrate a standard website. Your configuration may differ, so this guide may not be right for you, but in general the steps are:
Pro hackers might do it this way:
- SSH in to your server and go to /var/www/html
- Run
mysqldump -u USER -pPASSWORD DATABASENAME > mydb.sql
- Run
zip -r mysite.zip .
- Now SSH in to your new server and go to /var/www/html
- Run
wget https://mywebsiteaddress.host.webdock.io/mysite.zip
- Unzip all your data
unzip mysite.zip; rm ./mysite.zip;
- Set correct ownership of files
chown -R www-data:www-data .
- Import your database
mysql -u USER -pPASSWORD DATABASENAME < mydb.sql
Remember this is the username and password on the NEW server. - Remember to delete the sql dump
rm ./mydb.sql
- Update your website config with the new database name, user and password
- Now point your DNS records to your new server, set your server identity and re-generate SSL certificates
Alternatively:
Simply download your files using FTP and export your DB data using PHPMyadmin and then transfer it to your new server. This will be a lot slower than the method above.
Remember to update your website configuration to use the new database credentials, point over your DNS to the new server and re-generate SSL certificates.
The riskier / harder way: Upgrade your system
This guide works for Webdock LAMP/LEMP server stacks. Your results may vary.
With Webdock it is easy to do this in a safe manner. What you would do is make a new snapshot of your existing webserver. Next you would create a new server based on this image. Now you have a staging server on which you can run the upgrade and make sure everything works.
Next you can re-do the steps on your live system if you feel brave, or you can simply take a new snapshot of your staging server and use that to restore your live server. If you have done everything correctly, you should now see no more than ~2-5 seconds of downtime while your live server reboots after being restored.
Start the upgrade
We are opening port 1022 as when you are doing the upgrade over SSH the upgrade tool will open an emergency SSH connection on that port in case anything goes wrong.
apt update; apt install update-manager-core -y; ufw allow 1022; do-release-upgrade -d;
Answer the questions on-screen
...
If you continue, an additional ssh daemon will be started at port
'1022'.
Do you want to continue?
Continue [yN] <--y
...
Starting additional sshd
To make recovery in case of failure easier, an additional sshd will
be started on port '1022'. If anything goes wrong with the running
ssh you can still connect to the additional one.
If you run a firewall, you may need to temporarily open this port. As
this is potentially dangerous it's not done automatically. You can
open the port with e.g.:
'iptables -I INPUT -p tcp --dport 1022 -j ACCEPT'
To continue please press [ENTER] <--ENTER
...
Third party sources disabled
Some third party entries in your sources.list were disabled. You can
re-enable them after the upgrade with the 'software-properties' tool
or your package manager.
To continue please press [ENTER] <--ENTER
Here you can hit d to see which packages will be removed from the system. It is generally a good idea to do so, so you know what you might need to re-install later. Hit q to return to the upgrade.
Fetching and installing the upgrade can take several hours. Once the
download has finished, the process cannot be canceled.
Continue [yN] Details [d] <--y
┌────────────────────────────────┤ Configuring openssh-server ├────────────────────────────────┐
│ sshd_config: A new version (/tmp/file89l4Ov) of configuration file /etc/ssh/sshd_config is │
│ available, but the version installed currently has been locally modified. │
│ │
│ What do you want to do about modified configuration file sshd_config? │
│ │
│ install the package maintainer's version │
│ keep the local version currently installed │
│ show the differences between the versions │
│ show a side-by-side difference between the versions │
│ start a new shell to examine the situation │
│ │
│ │
│ <Ok>
If you are using Nginx, you will be asked this question:
Configuration file '/etc/nginx/nginx.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** nginx.conf (Y/I/N/O/D/Z) [default=N] ? <--ENTER
┌────────────────────────────────┤ Configuring unattended-upgrades ├────────────────────────────────┐
│ A new version (/etc/apt/apt.conf.d/50unattended-upgrades.ucftmp) of configuration file │
│ /etc/apt/apt.conf.d/50unattended-upgrades is available, but the version installed currently has │
│ been locally modified. │
│ │
│ What do you want to do about modified configuration file 50unattended-upgrades? │
│ │
│ install the package maintainer's version │
│ keep the local version currently installed │
│ show the differences between the versions │
│ show a side-by-side difference between the versions │
│ show a 3-way difference between available versions │
│ do a 3-way merge between available versions │
│ start a new shell to examine the situation │
│ │
│ │
│ <Ok>
Here you can hit d to see which packages will be removed from the system. It is generally a good idea to do so, so you know what you might need to re-install later. Hit q to return to the upgrade.
Remove obsolete packages?
55 packages are going to be removed.
Continue [yN] Details [d] <--y
Restart required
To finish the upgrade, a restart is required.
If you select 'y' the system will be restarted.
Continue [yN] <--y
You will now be disconnected. You can ping your server to watch when it comes back up - a Webdock server should come up in -10 seconds.
Close the firewall port we opened earlier
ufw deny 1022
Re-enable unattended security upgrades
cat > /etc/apt/apt.conf.d/50unattended-upgrades << EOF
Unattended-Upgrade::Allowed-Origins {
"Ubuntu bionic-security";
};
Unattended-Upgrade::Package-Blacklist {
//
};
EOF
Re-install packages which are typically removed during the upgrade
We have to add our PPAs again as the ones on the system point to Xenial packages
add-apt-repository ppa:certbot/certbot -y apt-add-repository ppa:nginx/development -y apt-add-repository ppa:ondrej/apache2 -y apt-add-repository ppa:ondrej/php -y
If you are using a different version of PHP on your server, you should of course replace the version number here with what you are using
apt update; apt upgrade -y; apt autoremove -y; apt install php-imagick php7.2-curl -y; # if you are using Nginx apt install python-certbot-nginx -y # if you are using Apache apt install python-certbot-apache -y
Answer the questions on screen
You may want to install the new versions of the php.ini files, but be aware this might break your php application
┌────────────────────────────────┤ Modified configuration file ├────────────────────────────────┐
│ php.ini: A new version (/usr/lib/php/7.2/php.ini-production.cli) of configuration file │
│ /etc/php/7.2/cli/php.ini is available, but the version installed currently has been locally │
│ modified. │
│ │
│ What do you want to do about modified configuration file php.ini? │
│ │
│ install the package maintainer's version │
│ keep the local version currently installed │
│ show the differences between the versions │
│ show a side-by-side difference between the versions │
│ start a new shell to examine the situation │
│ │
│ │
│ <Ok>
┌────────────────────────────────┤ Modified configuration file ├────────────────────────────────┐
│ php.ini: A new version (/usr/lib/php/7.2/php.ini-production) of configuration file │
│ /etc/php/7.2/fpm/php.ini is available, but the version installed currently has been locally │
│ modified. │
│ │
│ What do you want to do about modified configuration file php.ini? │
│ │
│ install the package maintainer's version │
│ keep the local version currently installed │
│ show the differences between the versions │
│ show a side-by-side difference between the versions │
│ start a new shell to examine the situation │
│ │
│ │
│ <Ok>
Restart PHP-FPM and your web server
If you are using Nginx
systemctl restart php7.2-fpm; systemctl restart nginx;
If you are using Apache
systemctl restart php7.2-fpm; systemctl restart apache2;
Your server is now upgraded!
Your server is now upgraded and you should test that everything works. You should also be aware that when upgrading like this, the new way of configuring network interfaces - Netplan more information here - will not be active and your network config is left unchanged in /etc/network/interfaces.
Webdock has auto-detection if how networks are managed in your container, so migrating this container across the Webdock platform will work just fine.
We can upgrade your server for you
Be in touch with Webdock support and we will sort out a custom Service Level Agreement that works for you!
Related articles
-
Upgrading your webservers from Ubuntu Bionic to Ubuntu Focal
In this article we go through the steps you need to take to upgrade a web server (LAMP or LEMP) to the new Ubuntu 20.04 Focal Fossa
Last updated: July 15th 2020
-
Upgrading your webservers from Ubuntu Focal to Ubuntu Jammy
In this article we go through the steps you need to take to upgrade a web server (LAMP or LEMP) to the new Ubuntu 22.04 Jammy Jellyfish
Last updated: May 11th 2022