I have written migration plans for Ubuntu upgrades before.
What makes it different this time is the hybrid Docker containers that I have used in places and the support for virtual IP (VIP) in Digital Ocean, my current hosting provider. In theory this should make upgrading / migrating servers a lot easier. With the new Ubuntu 16.04 LTS release I will be putting this to the test.
The above describes the current setup. The Internet facing side goes through a VIP which points to a load balancer. The load balancer proxies the request to the relevant application which are running in containers. Each application goes through another VIP which goes to a standard database install on another Digital Ocean instance.
The load balancer allows the applications to scale out as well as handle any SSL termination.
The last remaining pieces before moving to a new OS would be to create a DockerFile for the load balancer as well as the database so that they are not dependent on the OS. The idea is to use a container manager like Kubernetes or something similar.
The first thing after provisioning a 16.04 instance is to move the applications to the new server. This will require Docker as well as all the configuration files to be moved over. In theory this should be fairly easy to start up once complete. This will allow the application to test any issues with the new distribution allowing easy failover using the load balancer running a hot backup of the old instances.
If I wasn’t so paranoid I would’ve moved my database and remove the old instance to save money. However if anything does go wrong on the new distribution then I will be relying on my database backup which currently runs every 4 hours. This can be increased to say every 5 minutes but restoring data is not as easy as an immutable container.
I think deploying a database using Docker will be the next step. It will be easier to do this rather than the load balancer because there are no SSL certificates that needs to be reissues and I currently don’t know how it will handle the SSL if the container was rebuilt. The existing server will be running for a period of time for failover purposes using the VIP to redirect traffic. I would imagine using the VIP to redirect will require connections to be renegotiated.
Last but not least the load balancer is also built into a container and the whole stack has moved from the old OS.
I’m currently testing out the database Docker image and hopefully it will be complete very soon. The load balancer SSLs are slightly harder to test without interruption to the current services.