Atomicorp

I'm thinking of doing a Migration rather than an in-place upgrade for a particular system (Plesk 10.4.4 on Centos 6 to Plesk 12.5).

If I do a Migration, I figure I should use Centos 7 on the target, along with Apache 2.4 to allow native php-fpm.

Am I jumping the gun, or is the Centos 7 and Apache 2.4 combination now mature enough for use with ASL and Plesk 12.5 in a production environment?

And on the flip side, are ASL and Plesk 12.5 happy enough with Centos 7 and Apache 2.4?

Are there any gotchas?

I know Centos 7 and Apache 2.4 are both officially supported by ASL and by Plesk 12.5, but "supported" is different to "works perfectly" (which is how I'd describe the situation with Centos 6).

That's a really good question. Have the exact same upgrade pencilled in for 2016 and was pondering the same... The only addition to this was SNI (for secured connections).

CentOS 7 is supported, the gotchas so to speak are that you'll have a bit of a culture change with systemd. Tools like chkconfig & psmon aren't needed/used in that environment (as much) since systemd fills that roll (very well!), and in addition CGROUPS are tightly integrated by default.

ASL has changed the name of the kernel package from "kernel" to "kernel-asl" to facilitate parallel kernel installs

Some other components, like mod_rpaf, are replaced by mod_remoteip (native to apache 2.4), and we are shifting more of the workload from mod_evasive into mod_qos with EL7.

I've been doing some testing and so far so good.

Plesk 12.5 is wonderful, and so is Centos 7. I've not had any problems with ASL with any of this either, other than mod_evasive triggering like mad on one particular test site.

One related "bug" I've found is that Plesk doesn't think mod_evasive24 is loaded, even though it is. That's a cosmetic though though, and not important.

I have yet to figure out what to do about anti-virus and anti-spam though, because I really, really want to switch to Postfix.
I'll continue this in the thread I opened a while ago on this particular topic.

Im using sagator with postfix for the clam & spamassassin integration.

You mentioned sagator before, and I wasn't particularly impressed because the project hadn't been updated in ages.
But looking again just now, it has been recently updated to 1.3.1 with, for example, support for Clamav 0.99 and system, with 1.3.2 due out any second now.

Might Centos 7 RPMs be on the cards in the Atomic Repo please? The manual installation instructions are a bit overwhelming, and I'd be a little afraid of leaving something vial out that might compromise the system in one way or another.

faris wrote:Might Centos 7 RPMs be on the cards in the Atomic Repo please? The manual installation instructions are a bit overwhelming, and I'd be a little afraid of leaving something vial out that might compromise the system in one way or another.

RPM packages for Sagator are already available and actively maintained in EPEL for CentOS 5, 6 and 7.

Really? Now that's interesting! You really are a wonderful source of knowledge.

Veel dank.

Alsjeblieft

I've just had a play with sagator, and while there's nothing much wrong with it, it *appears* to have one fatal flaw - it can't mark messages as spam if they score X while dropping if they score Y (Y>X).

Amavisd-new can do this.

What I'm not clear on at the moment is how sagator is able to refuse test viruses at the SMTP level while amavisd-new does not appear to be able to do so.