Skip to main content

Server Migration Report Mwanga Tower → PSSSF Tower

Overview

This report documents the migration of servers from the Mwanga Tower Office to the new PSSSF Tower New Office. The infrastructure included:

  • 2 Dell PowerEdge R330 servers
  • 1 Lenovo Legion tower server
  • 1 Cisco switch
  • 1 UPS
  • 1 Rack cabinet

The goal of the migration was to relocate the servers while maintaining network accessibility and minimizing downtime.

Preparation

Before the migration, full snapshots of the Ubuntu servers (non-virtualized) were created using LVM disk images. Due to time constraints, this was completed for two of the three servers.

The previous network setup used three static IPs from Maisha Broadband, with each server connected directly to the ISP. The planned transition to a static IP from Yas was delayed, resulting in downtime for the development servers of approximately 3–4 days.

Network Configuration Challenges

Initial assumptions that the migration would be plug-and-play with the Yas router proved incorrect. Legacy Netplan configurations with hardcoded static IPs prevented DHCP assignment. Adjustments included:

  1. Two servers were reconfigured to use DHCP (dhcp4: true).
  2. One server required a hardcoded IP due to the Cisco switch assigning an unexpected 10.x.x.x address, likely from previous configurations.

All three servers were successfully connected to the Cisco switch and linked to the Huawei router provided by Yas. Private IPs were assigned:

  • 192.168.100.100
  • 192.168.100.101
  • 192.168.100.102

Accessing the server terminals required manual VGA connections due to unavailable iDRAC passwords on the Dell servers.

Restoring External Connectivity

Without a static public IP from Yas, external access required an alternative solution:

  1. A Netbird zero-trust VPN connected a Digital Ocean droplet to the on-premises infrastructure, making the 192.168.x.x servers reachable externally.
  2. All external traffic now uses a single public IP: 209.38.172.139 from Digital Ocean.
  3. HAProxy was configured as a TCP/HTTP reverse proxy to route traffic based on domain names.

The HAProxy configuration supports:

  • HTTPS via TCP passthrough with SNI
  • HTTP via host header routing

This setup restored external access while avoiding reliance on a static public IP from Yas.

Network Topology

Conclusion

The server migration required careful planning, troubleshooting, and adjustments to network configurations. Despite ISP delays and legacy settings, the migration successfully achieved:

  • Relocation of all servers to the new PSSSF Tower office
  • Restored internal and external connectivity
  • Implementation of HAProxy to manage traffic through a single public IP (209.38.172.139)

The infrastructure is now fully operational. Any future issues within this new setup are expected and will be addressed promptly as they arise.