I Put Rocky Linux into Revenue Service Today

I’ve been toying around and testing Rocky Linux 8.6 with Virtualmin 7.1 Pro for a couple of weeks, looking for bugs and quirks, Finding few of any consequence, I started today to move some of my personally-owned, monetized sites to what had been my testing server. So it’s a momentous day.

The losing server is running CentOS 7.9, also with Virtualmin. It still runs fine; but I didn’t want to wait until the night before CentOS 7 goes EOL to find a replacement for it.

Once all of the sites are migrated, the losing server will be wiped and reprovisioned, Rocky Linux and Virtualmin installed, and it will be used as a replacement for another server running CentOS 7.9 and cPanel. And then lather, rinse, repeat for another server.

Basically, I have one more server than I need, so all the migrations can be done without downtime or risk. As each is vacated, it gets redeployed as the destination for the next batch of sites to be migrated.

The other advantage is that all the IP’s are immaculate, so I don’t have to worry about inheriting IP’s with horrid reputations.

As an aside to an aside, I’ve been playing around with other CentOS replacements for about a year on a local testing server in my office. I decided I liked Rocky best. It also seems to get along well with Virtualmin, whereas some of the others didn’t.

All in all, I’m a happy guy.

Richard

I moved two more revenue sites, the site that I use for my personal email (there’s nothing on the one-page Web site except political memes), and a dedicated honeypot site over since yesterday.

The big real-life test I’m doing now is the email, especially the spam filtering. The ratio of spam to legit mail on my personal email address is about 10:1, so that will make a good test. So far, no spam has slipped through; and to my knowledge, there have been no false positives.

I’m doing “sea trials” with my own sites before moving clients onto the Rocky Linux / Virtualmin combination. That’s really what I’m testing – the combination of the two. So far, the glitches have been minor and not anything clients would notice, much less care about.

For example, I can’t move backup files between the new server and other Virtualmin servers that I own via the GUI. That may be due to non-standard SSH ports on all the servers. But it’s not something clients would be doing anyway, so I’m not too concerned. (Hell, even I never tried it until yesterday. I usually do that stuff in the shell.)

There also seems to be a bug in the Backblaze transport protocol on Virtualmin. I think it actually connects using the S3 protocols, which I haven’t had any success with using any panel. I just use rclone. I suspect it will be fixed before long.

There’s also another glitch when creating more than one alias to a domain: You have to click on the dashboard in between making aliases. I doubt anyone will even notice that one; and if they do, the workaround is easy.

As for the mail, the default Virtualmin setup using Postfix and Dovercot worked perfectly on Rocky Linux. It worked right out of the box. I did nothing other than set up rDNS and add some custom rules to SpamAssassin.

smtp-test887×783 118 KB

Let’s see…

ConfigServer firewall works fine. (It does need syslog, rsyslog, or syslog-ng installed.)

phpMyAdmin and Roundcube work fine using the Virtualmin install script.

Awstats works fine.

Webalizer works fine.

The status monitors, service controls, and all the other GUI interfaces to systemctl work fine.

I haven’t installed the filtering plugin to Roundcube because filtering is available in Usermin using procmail, and I don’t know if I want to run procmail and sieve on the same server.

In a nutshell, everything important works fine. If I had to onboard clients today, I’d feel pretty comfortable about it. The few glitches are trivial and likely will be fixed anyway before long.

By the way, the reason I’m posting this is because Rocky Linux is relatively new, and Virtualmin isn’t as popular as it deserves to be. Consequently, there’s very little information out there about the Rocky Linux / Virtualmin combination. I figure I may as well share my observations for others who might be interested.

I moved the last two sites over on Friday. They were the most difficult ones because they are heavily database-dependent; and PHP 8 is less-forgiving than PHP 7.

The site that was most involved collects reports of malicious activity from CSF running on all the servers I manage, as well as honeypots and spam submissions on production mail forms, and compiles them into ephemeral blocklists. (IP’s that behave themselves are automatically purged after a few days.) That site turned out to be a bear. The Virtualmin import went smoothly; but PHP 8 puked on minor bugs that PHP 7 has been gleefully ignoring for all these years.

In other words, I was the culprit, not Rocky Linux, Virtualmin, PHP, nor Mariadb. I should have gone over my code and the database itself more thoroughly before migrating the site.

Nonetheless, the site was never down. It was just underfed. It was getting only about half the input it usually does because not all my scripts were affected. It seems to be completely functional now. We’ll see.

So the server is now in full production use. I’m keeping the losing server running for the time being until I go over the sites I want to move to it. I’m not ready to do that migration yet. It’s planned to be from cPanel on CentOS 7.9 to Virtualmin on Rocky 8.x; so an examination with a fine-toothed comb is in order.

We also haven’t ruled out using cPanel’s “ELevate” thing. I’ve never had any problems migrating cPanel sites to Virtualmin; but the ones I’m thing about (all owned by the same client) goes back to PHP3 days and has been on cPanel since… well, pretty much forever. There also are something like 10,000 files I have to go through.

Then again, I could set up a server and migrate everything except the mail, and do all the testing in preview mode with the losing server still online. I really want to get away from cPanel because the price increases never end. The cost of overlapping the two servers isn’t a big deal.

But I digress.

The nutshell version of my story is that Virtualmin on Rocky Linux seems to be a happy marriage. I tried it on Oracle, AlmaLinux, and a few oddball forks, with less-than-wonderful results. So of the Linuxes that I’ve tried, I’m comfortable saying that Rocky Linux is the best RH-compatible OS if you want to run Virtualmin. It’s been pretty much trouble-free.

Richard

I spun up a third Rocky Linux server last night.

The configuration is pretty much the same as the first two, which have been happily humming along since they were installed. I basically start with minimal and let Virtualmin do its thing; then install multiple PHP’s and the more common extensions (from Remi’s repo), rsyslog, CSF, Roundcube, phpMyAdmin, Rclone, and a few other odds and ends.

This Rocky Linux / Virtualmin install replaced a CentOS 7 / cPanel system. Everything went smoothly, including migrating the backups into Virtualmin.

The second install (basically the same setup) was a few weeks ago and involved migrating about 20 accounts from CentOS 7 / Cpanel server into the new Rocky Linux / Virtualmin server. I was more concerned about the cPanel → Virtualmin change because I thought some clients would complain. But so far, none of them have seemed to notice. I’d hazard a guess that they don’t even know they were migrated.

I have one more planned. I have to do some work to that one pre-migration.

Richard

Spun up another new Rocky Linux server today. This is Number 4. It’s running Virtualmin on top of it, just like the others. They make a nice pair.

This was originally going to be the last one for a while; but I have a fifth planned now. I’m going to leave a server that’s currently running CentOS 7.9 in revenue status after upgrading it to Rocky and it will handle only mail. The Web stuff will be hosted by the server I spun up today. They get an enormous amount of mail, so it makes sense to keep that load on one server to speed up the Web response on the other. Also, that server has immaculate IP’s that I want to keep.

Also, the next one will be an in-place migration from cPanel on CentOS 7.9 to Virtualmin on Rocky, so it will probably take a couple of hours. But the Web site will be online the whole time. The only delays will be contact form responses, which don’t matter because I’ll do it off-hours.

At some point I also plan to build a new local fileserver and testing server for the office, with the same configuration as the revenue servers.

Life is good.

Richard