This page describes an OTRS migration from one Linux server to another. The background: I had an existing version 3.1.x installation of the OTRS Help Desk system that needed to be upgraded to the latest version (at the time, 3.2.9) and migrated from an Ubuntu 12.04 system to a CentOS 6.1 system. The goal was to create an installation that could be upgraded using the RPM packages provided by OTRS themselves. The version of OTRS in use was the free open-source version.
The OTRS Migration Procedure:
Part I. Install the basics on your CentOS system
1. Install Apache and SSH server, configure SSH server to start on boot, and set up iptables
$ yum install httpd $ yum install sshd $ yum install system-config-firewall-tui $ system-config-firewall-tui $ chkconfig --level 2345 sshd on
In firewall setup, select ssh and http.
2. (Optional) Set SELinux to permissive
$ vi /etc/selinux/config
Change SELINUX=enabled to SELINUX=permissive.
Part II. Prepare your CentOS system for OTRS
1) Ensure system is updated
$ yum upgrade
a) Also enable unattended updates
$ yum install yum-cron $ chkconfig yum-cron on $ vi /etc/sysconfig/yum-cron
2) Install and start MySQL (CentOS 6 package is same version as Ubuntu 12.04, so no compatibility problems)
$ yum install mysql-server $ service mysqld start
3) Set root password for MySQL
$ mysqladmin -u root password 'PASSWORD'
(At this point you may also wish to remove any ‘test’ or ‘anonymous’ MySQL databases and users. See this StackExchange thread.)
4) Install the latest OTRS packages
a) Install a bunch of Perl dependencies
$ yum install perl-core perl-Crypt-SSLeay perl-LDAP mod_perl perl-TimeDate perl-Net-DNS perl-XML-Parser
b) Install procmail
$ yum install procmail
c) Install OTRS
$ cd /opt $ wget http://ftp.otrs.org/pub/otrs/RPMS/rhel/6/otrs-3.2.9-01.noarch.rpm $ chmod 755 otrs-3.2.9-01.noarch.rpm $ rpm -ivh otrs-3.2.9-01.noarch.rpm
(OTRS installs to /opt/otrs and adds Apache config to /etc/httpd/conf.d)
d) Add ‘otrs’ user if none exists (OTRS 3.2 setup did this automatically)
$ useradd -d /opt/otrs/ -c 'otrs' otrs $ usermod -G apache otrs
e) Specify a shell so ‘otrs’ user can run commands (you’ll need this later):
Find the otrs user in /etc/passwd:
otrs:x:503:48:OTRS System User:/opt/otrs/:/bin/false
Change to:
otrs:x:503:48:OTRS System User:/opt/otrs/:/bin/bash
5) Set up the Apache virtual host
vi /etc/httpd/conf/httpd.conf
Ensure “Listen 80” is specified.
Still in httpd.conf, add to bottom of file:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
# Redirect so 169.237.01.01 redirects to otrs
RedirectMatch permanent (.*)/$ http://help-desk.myserver.com/otrs/index.pl
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/httpd/error.log
# Possible values include: debug, info, notice, warn, error,
# crit, alert, emerg.
LogLevel warn
CustomLog /var/log/httpd/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
Restart Apache, visit http://help-desk.myserver.com/ in your web browser (should see default OTRS page)
6) Set Apache and MySQL to start at normal runlevels
$ chkconfig --list httpd httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off $ chkconfig --level 2345 httpd on $ chkconfig --list httpd httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off $ chkconfig --list mysqld mysqld 0:off 1:off 2:off 3:off 4:off 5:off 6:off $ chkconfig --level 2345 mysqld on $ chkconfig --list mysqld mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Part III: Retrieve database and custom files from existing OTRS system
On your existing Ubuntu system:
1) Stop cron
$ service cron stop
2) Stop Apache
$ service apache2 stop
3) Dump database
$ mysqldump -uroot -p otrs > otrs_07162013.sql
4) Stop MySQL
$ service mysql stop
5) Transfer MySQLdump file and the customized OTRS files to help-desk.myserver.com
$ scp otrs_07162013.sql yourname@help-desk.myserver.com:/home/you/.
Our custom files were as follows:
/opt/otrs/Kernel/Config.pm /opt/otrs/Kernel/Config/GenericAgent.pm /opt/otrs/Kernel/Config/Files/ZZZAuto.pm /opt/otrs/Kernel/Config/Files/Ticket.xml (This one caused problems, so do not copy; see #13 in Part IV below. In general it seems like a bad idea to try to migrate files in Config/ other than Config.pm, GenericAgent.pm and ZZZAuto.pm.) /opt/otrs/Kernel/Output/HTML/DashboardTicketGeneric.pm /opt/otrs/Kernel/Output/HTML/Standard/AgentTicketActionCommon.dtl (Not needed anymore, replaced by OTRS ITSM packages installed on our new server) /opt/otrs/Kernel/Output/HTML/Standard/AgentDashboardTicketGeneric.dtl /opt/otrs/Kernel/Output/HTML/Standard/AgentDashboard.dtl
Part IV: Install database and settings on new OTRS system
On your CentOS 6 system:
1) Stop all your services
$ service httpd stop $ service crond stop $ service postfix stop
2) Create database, create otrs MySQL user, load mysqldump file
$ mysql -uroot -p mysql> CREATE DATABASE otrs DEFAULT CHARACTER SET = 'utf8'; mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, LOCK TABLES, CREATE TEMPORARY TABLES ON `otrs`.* TO 'otrs'@'localhost' IDENTIFIED BY 'PASSWORD'; FLUSH PRIVILEGES; mysql> USE otrs; mysql> SOURCE /path/to/otrs_07162013.sql;
3) Move your custom files into the right places
Paths are same as specified in Part III Step 5 (/opt/otrs). I copied all OTRS 3.2 files to .bak versions before overwriting them.
Since you’re now running a version 3.1 database behind the 3.2 code base, you need to treat this as an upgrade procedure from here on. This is similar to the UPGRADING file included with the OTRS download.
4) Verify your file permissions are correct
$ cd /opt/otrs/ $ bin/otrs.SetPermissions.pl --otrs-user=otrs --web-user=apache --otrs-group=apache --web-group=apache /opt/otrs
5) Double-check to see you have all the Perl dependencies
$ bin/otrs.CheckModules.pl
Result: 1 missing required dependency (perl-YAML-XS), several missing recommended dependencies. To fix:
a) Add RPMforge repository:
$ rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt $ wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm $ rpm -ivh rpmforge-release-0.5.2-2.el6.rf.*.rpm
b) Install required dependency:
$ yum install perl-YAML-LibYAML
c) Install 1 recommended depdendency (for faster Javascript handling):
$ yum install perl-JSON-XS
d) Install 3 recommended depdendencies (for stats):
$ yum install perl-GD $ yum install perl-GD-Text-Util $ yum install perl-GD-Graph
e) Install 1 recommended depdendency (for PDF output):
$ yum install perl-PDF-API2
f) Install 1 recommended depdendency (for faster CSV handling):
$ yum install perl-Text-CSV_XS
6) Check the MySQL database schema (no problems reported)
$ bin/otrs.CheckDB.pl
7) Migrate the database (run as otrs user, not as root)
$ su - otrs $ scripts/DBUpdate-to-3.2.pl
(no problems reported)
8) Run the config rebuild and clear cache scripts
$ bin/otrs.RebuildConfig.pl $ bin/otrs.DeleteCache.pl
9) Start up services
$ service cron start $ service postfix start $ service httpd start
10) Go to http://help-desk.myserver.com/ and see if you can log in
(It works, awesome)
11) OTRS crontab (email fetches, etc.) isn’t running, so start it
$ su - otrs $ /opt/otrs/bin/Cron.sh
a) Verify that otrs user is showing the right crontab
$ crontab -u otrs -l
b) Verified that Cron.sh is executed on system boot.
12) Go into the web interface Package Manager, fix any broken modules
a) Uninstalled ‘Support’ module, reported as incompatible with OTRS 3.2; replaced with latest version from online repository
b) Install ITSM package
($ wget http://ftp.otrs.org/pub/otrs/itsm/bundle32/ITSM-3.2.7.opm – then upload through Package Manager UI)
Failed with error:
Backend ERROR: OTRS-CGI-10 Perl: 5.10.1 OS: linux Time: Tue Jul 16 10:33:04 2013 Message: Got a packet bigger than 'max_allowed_packet' bytes
Added to /etc/my.cnf to allow bigger file sizes (ITSM package is ~17MB, MySQL default max file size is 16M):
max_allowed_packet = 20M
Then restarted MySQL:
$ service mysqld restart
After this, ITSM took a little while to install but completed successfully.
c) Install latest iPhone handler
Installed from online repository in Package Manager GUI.
(Steps 13-15 are settings specific to our OTRS install; these were migrated successfully so I skipped these steps. They may be necessary in future upgrades.)
13) Set up email accounts
http://help-desk.myserver.com/otrs/index.pl?Action=AdminSysConfig; Subaction=Edit;SysConfigSubGroup=Core%3A%3ASendmail; SysConfigGroup=Framework
Make sure the “SendmailModule” (the first field) is set to SMTPTLS (campus SMTP). Other settings:
Host: smtp.ournetwork.com User: otrsuser Pass: PASSWORD Port: 587
14) Reset the CustomerDBLink variable
http://help-desk.myserver.com/otrs/index.pl?Action=AdminSysConfig; Subaction=Edit;SysConfigSubGroup=Frontend%3A%3AAgent; SysConfigGroup=Ticket
Set CustomerDBLink to:
$Env{"CGIHandle"}?Action=AdminCustomerUser;Subaction=Change;
ID=$LQData{"CustomerUserID"};Search=%2A;Nav=Agent
15. Re-enable any toolbar buttons that were disabled.
http://help-desk.myserver.com/otrs/index.pl?Action=AdminSysConfig; Subaction=Edit;SysConfigSubGroup=Frontend%3A%3AAgent%3A%3A ToolBarModule;SysConfigGroup=Ticket
13) Tested receiving and replying to tickets; clicking “Reply” gave Internal Server Error — /var/log/httpd/error.log reported “Can’t use an undefined value as an ARRAY reference at /opt/otrs//Kernel/Modules/AgentTicketCompose.pm line 1527”.
Fixed by restoring our custom /opt/otrs/Kernel/Config/Files/Ticket.xml with the version provided in OTRS 3.2.
14) Set servername to Our-Ticket in Kernel/Config.pm
$Self->{ServerName} = 'Our-Ticket';
15) Open our pfSense firewall so new OTRS system is accessible from outside our network
added 169.237.01.01 to WEBSERVERS alias
16) Scan server with Zenmap to see if it’s running any weird services
(Only sees ports 80 and 22 = correct result):
Completed Service scan at 11:27, 6.02s elapsed (2 services on 1 host) Initiating OS detection (try #1) against help-desk.myserver.com (169.237.01.01) Retrying OS detection (try #2) against help-desk.myserver.com (169.237.01.01) NSE: Script scanning 169.237.01.01. Initiating NSE at 11:27 Completed NSE at 11:27, 0.43s elapsed Nmap scan report for help-desk.myserver.com (169.237.01.01) Host is up (0.0013s latency). Not shown: 998 filtered ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 5.3 (protocol 2.0) | ssh-hostkey: 1024 2d:fb:7c:0c:04:ef:70:71:11:a4:d5:8e:5f:4b:4e:29 (DSA) |_2048 69:00:77:b4:85:1d:0d:51:43:c0:e3:7f:96:9f:4a:9d (RSA) 80/tcp open http Apache httpd 2.2.15 ((CentOS)) |_http-methods: No Allow or Public header in OPTIONS response (status code 301) |_http-favicon: Unknown favicon MD5: 49BF194D1ECCB1E5110957D14559D33D |_http-title: Login - OTRS ITSM 3.2.7 MAC Address: 00:50:56:9F:76:89 (VMware)
17) Add the OTRS system to our BackupPC server so it gets backed up properly
a) On backuppc, copy /var/backuppc/.ssh/id_rsa.pub to help-desk.myserver.com
$ scp id_rsa.pub you@help-desk.myserver.com:/home/you
b) On help-desk.myserver.com, add id_rsa.pub to root’s authorized keys
$ cd /root $ cat id_rsa.pub > .ssh/authorized_keys
c) On BackupPC server, check to see that you have password-less login from backuppc user to root@help-desk.myserver.com
$ su backuppc $ ssh root@help-desk.myserver.com
You should be logged into help-desk.myserver.com without a password prompt.
d) Add help-desk.myserver.com to BackupPC web interface, ensure rsync is selected as transfer type, add /etc, /home, /opt, and /var as backup directories
e) Start a full backup and see if it works.
Job completed successfully in about 2 minutes, .73 GB transferred.
18) Repaired “New Email Ticket” link in Dashboard
a) Updated Kernel/Config/Files/Ticket.xml to change the toolbar link for “New Email Ticket” to a correct query string:
Action=AgentTicketEmail;Subaction=StoreNew;ExpandCustomerName=2;
Default link was Action=AgentTicketEmail; which caused OTRS to render a blank page.
b) Ran bin/otrs.RebuildConfig.pl to complete change.
Part V: Cleanup
1. Ran one last full backup of help-desk.myserver.com from BackupPC server
Completed successfully in 2.5 minutes, 1.27 GB transferred.
2. Disabled further backups of old help desk server in BackupPC
Edit Host Config for old help desk, change Schedule -> Blackouts -> BackupsDisable to 2
3. Powered off old help desk server
$ poweroff
4. Removed old help desk server (169.237.01.02) from WEBSERVERS alias on pfSense firewall.
