Editing Physical to container
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone.
Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | A rough description of how to migrate existing physical server into a [[ | + | A rough description of how to migrate existing physical server into a [[VE]]. |
− | == | + | == Prepare a new “empty” VE == |
+ | For OpenVZ this would mean the following (assume you chose VE ID of 123): | ||
− | + | mkdir /vz/root/123 /vz/private/123 | |
+ | cat /etc/vz/conf/ve-vps.basic.conf-sample > /etc/vz/conf/123.conf | ||
− | |||
− | + | == Preparing to migrate == | |
− | + | Stop most services on a machine to be migrated. “Most” means services such as web server, databases and the like — so you will not loose your data. Just leave the bare minimum (including ssh daemon). | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Copying the data == | == Copying the data == | ||
− | Copy all your data from the machine to an OpenVZ box. Say you'll be using | + | Copy all your data from the machine to an OpenVZ box. Say you'll be using VE with ID of 123, then all the data should be placed to <code>/vz/private/123/</code> directory (so there will be directories such as <code>/vz/private/123/bin</code>, <code>etc</code>, <code>var</code> and so on). This could be done in several ways: |
=== rsync === | === rsync === | ||
− | + | rsync example (run from the new HN): | |
− | + | rsync -arvpz --numeric-ids --exclude dev --exclude proc --exclude tmp -e "ssh -l root@a.b.c.d" root@a.b.c.d:/ /vz/private/123/ | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | rsync - | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
'''Advantage:''' Your system doesn't really go down. | '''Advantage:''' Your system doesn't really go down. | ||
− | |||
− | |||
=== Live CD === | === Live CD === | ||
Line 68: | Line 38: | ||
/usr/src/* | /usr/src/* | ||
− | Then create the tar. But remember, when the system is 'not' using udev, you have to look into /proc/ after creating your | + | Then create the tar. But remember, when the system is 'not' using udev, you have to look into /proc/ after creating your VE because some devices might not exist. (/dev/ptmx or others) |
− | # tar | + | # tar cjpf /tmp/mysystem.tar.bz2 / -X /tmp/excludes.excl |
Naturally, you can only do this when the critical services (MySQL, apache, ..) are stopped and your /tmp filesystem is big enough to contain your tar. | Naturally, you can only do this when the critical services (MySQL, apache, ..) are stopped and your /tmp filesystem is big enough to contain your tar. | ||
− | '''Advantage:''' You don't need to boot from a | + | '''Advantage:''' You don't need to boot from a livecd, so your system doesn't really go down. |
− | == Setting | + | == Setting VE parameters == |
=== OSTEMPLATE === | === OSTEMPLATE === | ||
You have to add <code>OSTEMPLATE=xxx</code> line to <code>/etc/vz/conf/123.conf</code> file, where <code>xxx</code> would be distribution name (like <code>debian-3.0</code>) for vzctl to be able to make changes specific for this distribution. | You have to add <code>OSTEMPLATE=xxx</code> line to <code>/etc/vz/conf/123.conf</code> file, where <code>xxx</code> would be distribution name (like <code>debian-3.0</code>) for vzctl to be able to make changes specific for this distribution. | ||
− | |||
− | |||
=== IP address(es) === | === IP address(es) === | ||
− | Also, you have to supply an IP for a new | + | Also, you have to supply an IP for a new VE: |
vzctl set 123 --ipadd x.x.x.x --save | vzctl set 123 --ipadd x.x.x.x --save | ||
Line 92: | Line 60: | ||
It may be nessessary if server you are migrating is badly configured and it is hard to find all hard-coded net interfaces settings and so on. | It may be nessessary if server you are migrating is badly configured and it is hard to find all hard-coded net interfaces settings and so on. | ||
− | veth inteface may | + | veth inteface may me included into bridge to allow seamless old installation access. |
== Making adjustments == | == Making adjustments == | ||
− | Since | + | Since VE is a bit different than a real physical server, you have to edit some files inside your new VE. |
=== /etc/inittab === | === /etc/inittab === | ||
− | A | + | A VE does not have real ttys, so you have to disable getty in <code>/etc/inittab</code> (i. e. <code>/vz/private/123/etc/inittab</code>). |
− | + | sed -i -e '/getty/d' /vz/private/123/etc/inittab | |
− | sed -i -e ' | ||
=== /etc/mtab === | === /etc/mtab === | ||
Link <code>/etc/mtab</code> to <code>/proc/mounts</code>, for <code>df</code> to work properly: | Link <code>/etc/mtab</code> to <code>/proc/mounts</code>, for <code>df</code> to work properly: | ||
− | ln - | + | rm -f /vz/private/123/etc/mtab |
+ | ln -s /proc/mounts /vz/private/123/etc/mtab | ||
− | {{out|The problem here is | + | {{out|The problem here is VE's root filesystem (<code>/</code>) is mounted not from the VE itself, but rather from the host system. That leaves <code>/etc/mtab</code> in VE without a record for <code>/</code> being mounted, thus df doesn't show it. By linking <code>/etc/mtab → /proc/mounts</code> we make sure /etc/mtab shows what is really mounted in a VE. |
Sure this is not the only way to fix df; you can just manually add a line to <code>/etc/mtab</code> telling <code>/</code> is mounted, and make sure this line will be there after a reboot.}} | Sure this is not the only way to fix df; you can just manually add a line to <code>/etc/mtab</code> telling <code>/</code> is mounted, and make sure this line will be there after a reboot.}} | ||
=== /etc/fstab === | === /etc/fstab === | ||
− | Since you do not have any real disk partitions in a | + | Since you do not have any real disk partitions in a VE, /etc/fstab (or most part of it) is no longer needed. Empty it (excluding the line for /dev/pts): |
− | |||
− | |||
− | |||
− | |||
− | You can also mount a devpts in a running (but not fully functional) | + | cp /vz/private/123/etc/fstab /vz/private/123/etc/fstab.old |
+ | grep devpts /vz/private/123/etc/fstab.old > /vz/private/123/etc/fstab | ||
+ | |||
+ | You can also mount a devpts in a running (but not fully functional) VE: | ||
vzctl exec 123 mount -t devpts none /dev/pts | vzctl exec 123 mount -t devpts none /dev/pts | ||
− | + | === /dev TTY devices === | |
− | + | In order for vzctl enter to work, a VE need to have some entries in /dev. This can either be /dev/ttyp* and /dev/ptyp*, or /dev/ptmx and mounted /dev/pts. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | == | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | In order for vzctl enter to work, a | ||
− | + | ==== /dev/ptmx ==== | |
Check that /dev/ptmx exists. If it does not, create with: | Check that /dev/ptmx exists. If it does not, create with: | ||
− | mknod | + | mknod /vz/private/123/dev/ptmx c 5 2 |
− | + | ==== /dev/pts/ ==== | |
Check that /dev/pts exists. It's a directory, if it does not exist, create with: | Check that /dev/pts exists. It's a directory, if it does not exist, create with: | ||
mkdir /vz/private/123/dev/pts | mkdir /vz/private/123/dev/pts | ||
− | + | ==== /dev/ttyp* and /dev/ptyp* ==== | |
Check that /dev/ttyp* and /dev/ptyp* files are there. If not, you have to create those, either by using /sbin/MAKEDEV, or by copying them from the host system. | Check that /dev/ttyp* and /dev/ptyp* files are there. If not, you have to create those, either by using /sbin/MAKEDEV, or by copying them from the host system. | ||
Line 169: | Line 110: | ||
or | or | ||
cd /vz/private/123/dev && /sbin/MAKEDEV ttyp | cd /vz/private/123/dev && /sbin/MAKEDEV ttyp | ||
− | |||
====/dev/null==== | ====/dev/null==== | ||
− | Make sure sure /dev/null is not a file or directory | + | Make sure sure /dev/null is not a file or directory, if unsure remove and recreate, If this is not correct sshd will not start correctly |
rm -f /vz/private/123/dev/null | rm -f /vz/private/123/dev/null | ||
− | mknod | + | mknod /vz/private/123/dev/null c 1 3 |
+ | === Other devices === | ||
+ | ===/proc=== | ||
+ | Make sure the /proc directory exists | ||
+ | ls -la /vz/private/123/ | grep proc | ||
+ | If it does'nt exist, Make it | ||
+ | mkdir /vz/private/123/proc | ||
==== /dev/urandom ==== | ==== /dev/urandom ==== | ||
Check that /dev/urandom exists. If it does not, create with: | Check that /dev/urandom exists. If it does not, create with: | ||
− | mknod | + | mknod /vz/private/123/dev/urandom c 1 9 |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
=== /etc/init.d services === | === /etc/init.d services === | ||
− | Some system services can (or in some cases should) be disabled | + | Some system services can (or in some cases should) be disabled. A few good candidates are: |
* acpid, amd (not needed) | * acpid, amd (not needed) | ||
− | * checkfs, checkroot (no filesystem checking is required in | + | * checkfs, checkroot (no filesystem checking is required in VE) |
− | * clock (no clock setting is required/allowed in | + | * clock (no clock setting is required/allowed in VE) |
− | * consolefont ( | + | * consolefont (VE does not have a console) |
− | * hdparm ( | + | * hdparm (VE does not have real hard drives) |
* klogd (unless you use iptables to LOG some packets) | * klogd (unless you use iptables to LOG some packets) | ||
− | * keymaps ( | + | * keymaps (VE does not have a real keyboard) |
− | * kudzu ( | + | * kudzu (VE does not have real hardware) |
− | * lm_sensors ( | + | * lm_sensors (VE does not have access to hardware sensors) |
− | * microcodectl ( | + | * microcodectl (VE can not update CPU microcode) |
− | * netplugd ( | + | * netplugd (VE does not have real Ethernet device) |
− | |||
− | |||
− | |||
− | |||
To see which services are enabled: | To see which services are enabled: | ||
* RedHat/Fedora/SUSE: <code>/sbin/chkconfig --list</code> | * RedHat/Fedora/SUSE: <code>/sbin/chkconfig --list</code> | ||
− | * Debian: | + | * Debian: <code>Use ' rcconf ' (ncurses) or update-rc.d |
− | ( See: http://www.debianadmin.com/manage-linux-init-or-startup-scripts.html ) | + | ( See: http://www.debianadmin.com/manage-linux-init-or-startup-scripts.html )</code> |
* Gentoo: <code>/sbin/rc-update show</code> | * Gentoo: <code>/sbin/rc-update show</code> | ||
To disable the service: | To disable the service: | ||
− | * RedHat/Fedora/SUSE: <code>/sbin/chkconfig SERVICENAME | + | * RedHat/Fedora/SUSE: <code>/sbin/chkconfig --del SERVICENAME </code> |
* Debian: <code>' update-rc.d -f hdparm remove '</code> | * Debian: <code>' update-rc.d -f hdparm remove '</code> | ||
* Gentoo: <code>/sbin/rc-update del SERVICENAME</code> | * Gentoo: <code>/sbin/rc-update del SERVICENAME</code> | ||
− | === Disable | + | === Other === |
− | You should disable your old physical | + | There might be other adjustments needed. Please add those here if you have more info. |
+ | ==== Disable Old Physical Interface ==== | ||
+ | You should disable your old physical interface from starting at boot time | ||
− | + | In Fedora, edit /vz/private/{VEID}/etc/sysconfig/network-scripts/ifcfg-eth''x'' | |
− | |||
Make the following look like this: | Make the following look like this: | ||
− | + | onboot=no | |
+ | |||
+ | Other Distros: *FIXME* | ||
+ | |||
+ | --> Centos 5: | ||
− | + | o ' system-config-network-gui ' from X is the best interface as of May 2007; the commandline variant is not as useful. | |
− | |||
− | |||
− | + | --> Debian and related (Ubuntu, etc): | |
− | + | o Edit /etc/network/interfaces | |
− | Edit /etc/network/interfaces | ||
<pre> | <pre> | ||
Line 248: | Line 177: | ||
# The loopback interface | # The loopback interface | ||
# automatically added when upgrading | # automatically added when upgrading | ||
− | auto lo eth0 | + | auto lo eth0 eth0:1 eth0:2 |
+ | # eth0:2 eth0:3 | ||
iface lo inet loopback | iface lo inet loopback | ||
− | iface eth0 inet | + | iface eth0 inet dhcp |
− | + | # address 10.0.0.4 | |
− | + | # netmask 255.0.0.0 | |
− | + | # network 10.0.0.0 | |
− | + | # broadcast 10.0.0.255 | |
− | |||
− | + | iface eth0:1 inet static | |
+ | address 10.0.0.4 | ||
+ | netmask 255.0.0.0 | ||
+ | broadcast 255.255.255.255 | ||
− | + | iface eth0:2 inet static | |
− | + | address 192.168.2.250 | |
− | + | netmask 255.255.255.0 | |
− | + | broadcast 255.255.255.255 | |
− | |||
− | |||
− | |||
− | |||
− | |||
+ | #iface eth0:3 inet static | ||
+ | # address 10.0.81.4 | ||
+ | # netmask 255.255.255.0 | ||
+ | # broadcast 255.255.255.255 | ||
</pre> | </pre> | ||
− | + | o You can either comment out the interface stanza(s), or take it out of the "auto" line(s). | |
− | |||
− | |||
− | |||
− | |||
− | + | --> Suse *Fixme if inaccurate* | |
− | |||
− | |||
− | |||
− | |||
− | + | o Use Yast | |
− | |||
− | == Starting a new | + | == Starting a new VE == |
− | Try to start your new | + | Try to start your new VE: |
vzctl start 123 | vzctl start 123 | ||
Now check that everything works fine. If not, see [[#Troubleshooting]] below. | Now check that everything works fine. If not, see [[#Troubleshooting]] below. | ||
− | |||
== Troubleshooting == | == Troubleshooting == | ||
− | + | === Can't enter VE === | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | === Can't enter | ||
− | If you can not enter your | + | If you can not enter your VE (using <code>vzctl enter</code>), you should be able to at least execute commands in it. |
− | First, see the [[# | + | First, see the [[#/dev TTY devices]] section above. |
Next, check if devpts is mounted: | Next, check if devpts is mounted: | ||
Line 317: | Line 231: | ||
vzctl exec 123 mount -t devpts none /dev/pts | vzctl exec 123 mount -t devpts none /dev/pts | ||
− | Then, add the appropriate mount command to | + | Then, add the appropriate mount command to VE's startup scripts. On some distros, you need to have the appropriate line in VE's /etc/fstab. |
− | In Fedora, try commenting out any '''udev''' entries in /vz/private/{ | + | In Fedora, try commenting out any '''udev''' entries in /vz/private/{VEID}/etc/rc.sysinit |
− | vi /vz/private/{ | + | vi /vz/private/{VEID}/etc/rc.sysinit |
Locate the '''udev''' entry from within vim | Locate the '''udev''' entry from within vim | ||
/udev | /udev | ||
Line 329: | Line 243: | ||
If anything goes wrong, try to find out why and fix. If you have enough Linux experience, it can be handled. Also check out IRC and please report back on this page. | If anything goes wrong, try to find out why and fix. If you have enough Linux experience, it can be handled. Also check out IRC and please report back on this page. | ||
− | == | + | == Success Stories == |
− | + | - Debian 3.1 Sarge with MySQL, apache2, PowerDNS | |
− | + | --[[User:Stoffell|stoffell]] 08:41, 8 February 2007 (EST) | |
− | + | ||
+ | - Red Hat 7.2 with MySQL 3.23, apache, Chilisoft --[[User:Stoffell|stoffell]] 13:26, 9 February 2007 (EST) | ||
+ | |||
+ | - Gentoo with Courier, Postfix, MySQL, Apache2 | ||
+ | --[[User:bfrackie|bfrackie]] 19:00, 18 March 2007 (EST) | ||
− | + | - AltLinux Master with qmail, MySQL, Apache, etc - to Debian/testing with OpenVZ --[[User:alexkuklin|alexkuklin]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
[[Category:HOWTO]] | [[Category:HOWTO]] | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |