Tools to help migration from RHEL4 to CentOS8

Question

I have a bunch of legacy servers (about 30) running undocumented code that still run on RHEL4. Some newer servers run on CentOS5 or 6, but most of them are RHEL4. Following a security audit, management has finally agreed that something needs to be done and the servers need to be migrated to something from this (or next) decade. The servers mostly run open source applications, like cacti, mysql, php, apache, perl with some of them having Oracle bindings to query such databases.

This, or course means re-installation (on VMs or maybe containerizing what can be easily done), but I haven't found a plan/checklist/automation tool to help me get started.

So - I figure this roughly needs to get done:

1. Clean installation of target OS (CentOS8) - this can be done in a VM, converted to a template and deployed as needed
2. Networking settings (ips, routes, iptables rules, dns, ntp, snmp, ssh host keys) need to be ported over. In case of networking I'd need to convert the old /etc/sysconfig/network-scripts/if-,route- into proper NetworkManager configuration. Is there a tool that already automates this?
3. Migration of old users + their home folders to the new servers. I hacked something together but needs testing (https://github.com/mad-ady/os-migration/blob/master/user-accounts-source.sh). I also need to transfer their crontabs (local mails are not important).
4. Install missing packages that were installed on the source (I have something to extract them from yum history: https://github.com/mad-ady/os-migration/blob/master/yum-packages-source.sh, but RHEL4 didn't use yum by default).
5. Identify non-default configuration from /etc, transfer (and test/adapt) it for the new CentOS version. Not sure how to find just the changed configuration on the original host though...
6. Transfer legacy applications, websites, do step by step tests and make changes as needed (like older mysqls had different authentication than newer versions). Attempt to do in-place upgrades to newer software versions (e.g. from Cacti 0.8 -> 0.9 -> 1.0, etc) while keeping old data, accounts, etc.

I was thinking of writing ansible playbooks to do all this in the hopes that it would make future upgrades easier, but writing playbooks has a higher overhead than actually doing the one-time config, so I'm not sure it's worth the effort...

I'm sure I'm forgetting a lot of stuff that needs to be taking care of, so here is my question:

Is there a recommended way of doing such upgrades? Are there tools, scripts, procedures that can help me make it less painful?

Thanks for any advice!

Answer 1

It seems that you have herited from an unmaintained IT environment.

According to me, it worth the effort of developping a playbook to build/configure the new centos8 systems (packages, network cfg, users, ssh keys...).

But the applications migration would have to be done manually, because each case would be different. You have to understand how the app is started (/etc/rc3.d should be a good starting point), what are the dependencies (lib/packages) and how those deps were installed (tarball ? package ?), is there any crontab associated, what are the new lib versions available on centos8, is there any application code changes involved by the new library version, is there any config file syntax changes.

Try to build an application matrix from old production, and deploy a test environment for each application you have identified. Once everything is working fine, you can think on how you can speed up deployment on new prod environment, and also deal with data migration.

It will be a long task if you are alone. I hope that your management is ok to pay for being helped.

Good luck !