Over the past few days, I’ve been setting up a new Xen environment for my Jabber server and getting everything working with it. It proved more difficult than I would have imagined, mostly due to the fact that I wanted to be as seamless as possible. I used jabberd2 on the new environment, which uses a completely different storage backend than jabberd1.4 did. Jabberd1.4 uses a series of XML files, while jabberd2 uses a database backend (mysql in my case). This basically means that there was no direct upgrade path. There was a script included in the jabberd2 sources that was supposed to perform the migration, but it wouldn’t even run due to coding errors. I found another script that did the job, but it required that I install Ruby and mysql support for Ruby before it would even run. The former was pretty simple since it was available in RPM form, but the latter needed done manually. Since I have no experience with Ruby, this took a while. Once I got the script working, migrating things was easy.

There are a few differences that I found strange as well. Jabberd1.4 allowed for serving multiple domains just by adding a few lines in the configuration file, but jabberd2 requires that you run multiple session manager (sm) processes, one per domain. It seems like it could be a waste of resources if only one server is involved, but I believe that jabberd2 is made to be modular so it can be distributed across multiple servers to spread load or achieve redundancy. When considering it in that light, it makes sense. I also had to make a few DNS changes to get things working properly as well. The new Xen environment doesn’t have the same IP address as the neir.org domain, so the DNS records provide the link between the two.

One of the main benefits of the new Jabber server is that it allows for end-to-end encryption right inside the protocol. The old version had SSL support, but it didn’t cover the transmissions between servers, and settings had to be altered for client-to-server encryption. One thing that I found curious is that only one server I connect to actually performs server-to-server encryption – Matt’s server. Not even Google has it turned on with its Jabber-based Gmail/Google Talk system. Kind of surprising in my eyes. At least I can talk to Matt securely!

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>