Physical to container
A rough description of how to migrate existing physical server into a VE.
Contents
Prepare a new “empty” VE
For OpenVZ this would mean the following (assume you chose VE ID of 123):
mkdir /vz/root/123 /vz/private/123 cat /etc/vz/conf/ve-vps.basic.conf-sample > /etc/vz/conf/123.conf
Preparing to migrate
Stop most services on a machine to be migrated. “Most” means services such as web server, databases and the like — so you will not loose your data. Just leave the bare minimum (including ssh daemon).
Copying the data
Copy all your data from the machine to an OpenVZ box. Say you'll be using VE with ID of 123, then all the data should be placed to /vz/private/123/ directory (so there will be directories such as /vz/private/123/bin, etc, var and so on). This could be done in several ways:
rsync
rsync example (run from the new HN):
rsync -arvpz --numeric-ids --exclude dev --exclude proc --exclude tmp -e "ssh -l root@a.b.c.d" root@a.b.c.d:/ /vz/private/123/
Advantage: Your system doesn't really go down.
Live CD
Another way to do is using a live cd, booting up and use tar to dump the complete disk in a tar you save over the network or on a USB device.
Tar
Another approach is using tar and excluding some dirs, you could do it like this:
Create a file /tmp/excludes.excl with these contents:
.bash_history /dev/* /mnt/* /tmp/* /proc/* /sys/* /usr/src/*
Then create the tar. But remember, when the system is 'not' using udev, you have to look into /proc/ after creating your VE because some devices might not exist. (/dev/ptmx or others)
# tar cjpf /tmp/mysystem.tar.bz2 / -X /tmp/excludes.excl
Naturally, you can only do this when the critical services (MySQL, apache, ..) are stopped and your /tmp filesystem is big enough to contain your tar.
Advantage: You don't need to boot from a livecd, so your system doesn't really go down.
Setting VE parameters
OSTEMPLATE
You have to add OSTEMPLATE=xxx line to /etc/vz/conf/123.conf file, where xxx would be distribution name (like debian-3.0) for vzctl to be able to make changes specific for this distribution.
IP address(es)
Also, you have to supply an IP for a new VE:
vzctl set 123 --ipadd x.x.x.x --save
Making adjustments
Since VE is a bit different than a real physical server, you have to edit some files inside your new VE.
/etc/inittab
A VE does not have real ttys, so you have to disable getty in /etc/inittab (i. e. /vz/private/123/etc/inittab).
sed -i -e '/getty/d' /vz/private/123/etc/inittab
/etc/mtab
Link /etc/mtab to /proc/mounts:
rm -f /vz/private/123/etc/mtab ln -s /proc/mounts /vz/private/123/etc/mtab
/etc/fstab
Since you do not have any real disk partitions in a VE, /etc/fstab (or most part of it) is no longer needed. Empty it (excluding the line for /dev/pts):
cp /vz/private/123/etc/fstab /vz/private/123/etc/fstab.old grep devpts /vz/private/123/etc/fstab.old > /vz/private/123/etc/fstab
You can also mount a devpts in a running (but not fully functional) VE:
vzctl exec 123 mount -t devpts none /dev/pts
/dev TTY devices
In order for vzctl enter to work, a VE need to have some entries in /dev. This can either be /dev/ttyp* and /dev/ptyp*, or /dev/ptmx and mounted /dev/pts.
/dev/ptmx
Check that /dev/ptmx exists. If it does not, create with:
mknod /vz/private/123/dev/ptmx c 5 2
/dev/pts/
Check that /dev/pts exists. It's a directory, if it does not exist, create with:
mkdir /vz/private/123/dev/pts
/dev/ttyp* and /dev/ptyp*
Check that /dev/ttyp* and /dev/ptyp* files are there. If not, you have to create those, either by using /sbin/MAKEDEV, or by copying them from the host system.
To copy:
cp -a /dev/ttyp* /dev/ptyp* /vz/private/123/dev/
To recreate with MAKEDEV, either
/sbin/MAKEDEV -d /vz/private/123/dev ttyp ptyp
or
cd /vz/private/123/dev && /sbin/MAKEDEV ttyp
Other devices
/dev/urandom
Check that /dev/urandom exists. If it does not, create with:
mknod /vz/private/123/dev/urandom c 1 9
Services
Some system services can or should be disabled. A few good candidates are:
- acpid (not needed)
- checkfs, checkroot (no filesystem checking is required in VE)
- clock (no clock setting is required/allowed in VE)
- consolefont (VE does not have a console)
- hdparm (VE does not have real hard drives)
- klogd (unless you use iptables to LOG some packets)
- keymaps (VE does not have a real keyboard)
To see which services are enabled:
- RedHat/Fedora/SUSE: /sbin/chkconfig --list
- Debian: *FIXME*
- Gentoo: /sbin/rc-update show
To disable the service:
- RedHat/Fedora/SUSE: /sbin/chkconfig --del SERVICENAME
- Debian: *FIXME*
- Gentoo: /sbin/rc-update del SERVICENAME
Other
There might be other adjustments needed. Please add those here if you have more info.
Starting a new VE
Try to start your new VE:
vzctl start 123
Now check that everything works fine. If not, see #Troubleshooting below.
Troubleshooting
Can't enter VE
If you can not enter your VE (using vzctl enter), you should be able to at least execute commands in it.
First, see the #/dev TTY devices section above.
Next, check if devpts is mounted:
vzctl exec 123 mount | grep pts
If it is not mounted, mount it:
vzctl exec 123 mount -t devpts none /dev/pts
Then, add the appropriate mount command to VE's startup scripts. On some distros, you need to have the appropriate line in VE's /etc/fstab.
Other problems
If anything goes wrong, try to find out why and fix. If you have enough Linux experience, it can be handled. Also check out IRC and please report back on this page.
Success Stories
- Debian 3.1 Sarge with MySQL, apache2, PowerDNS --stoffell 08:41, 8 February 2007 (EST)
- Red Hat 7.2 with MySQL 3.23, apache, Chilisoft --stoffell 13:26, 9 February 2007 (EST)
- Gentoo with Courier, Postfix, MySQL, Apache2 --bfrackie 19:00, 18 March 2007 (EST)
