Duk wanda ya buƙaci canja wurin akwati na OpenVZ zuwa uwar garken tare da cikakkiyar ƙwarewar KVM aƙalla sau ɗaya a rayuwarsa ya ci karo da wasu matsaloli:
- Yawancin bayanan sun tsufa kuma sun dace da OSes waɗanda suka daɗe sun wuce zagayowar EOL
- Ana ba da bayanai daban-daban koyaushe don tsarin aiki daban-daban, kuma ba a taɓa yin la'akari da kurakurai masu yuwuwa yayin ƙaura
- Wani lokaci dole ne ku yi ma'amala da saitunan da kowane lokaci kuma ba sa son yin aiki bayan ƙaura
Lokacin da kuka canja wurin uwar garken 1, koyaushe kuna iya gyara wani abu akan tashi, amma lokacin da kuka canja wurin tari duka?
A cikin wannan labarin, zan yi ƙoƙarin gaya muku yadda ake yin ƙaura daidai da akwati na OpenVZ zuwa KVM tare da ƙarancin ƙarancin lokaci da sauri ga duk matsalolin.
Ƙananan shirin ilimi: menene OpenVZ kuma menene KVM?
Ba za mu zurfafa cikin ilimin kalmomi ba, amma za mu ce gabaɗaya:
OpenVZ - haɓakawa a matakin tsarin aiki, har ma za ku iya tura shi a kan microwave, tunda babu buƙatar umarnin CPU da fasahar ƙirƙira akan injin mai watsa shiri.
KVM - cikakken ingantaccen aiki, ta amfani da duk ƙarfin CPU kuma yana iya sarrafa komai, ta kowace hanya, yanke shi tsayi da tsayi.
Sabanin sanannen imani cewa a tsakanin masu ba da sabis na OpenVZ za su zama mai yawa, amma KVM ba zai yi - sa'a ga na ƙarshe, KVM yanzu ba a siyar da shi mafi muni fiye da ɗan'uwansa.
Me za mu ɗauka?
A matsayin batutuwa na gwaji don canja wurin, dole ne mu yi amfani da duk gandun dajin na tsarin aiki waɗanda ke samuwa akan OpenVZ: CentOS (Sigar 6 da 7), Ubuntu (14, 16 da 18 LTS), Debian 7.
An ɗauka cewa yawancin kwantena na OpenVZ sun riga sun fara aiki da wani nau'in LAMP, wasu ma suna da takamaiman software. Mafi sau da yawa, waɗannan sun kasance jeri tare da ISPmanager, kwamitin kula da VestaCP (kuma mafi yawan lokuta, ba a sabunta shi ba tsawon shekaru). Hakanan dole ne a yi la'akari da buƙatun canja wurin su.
Ana yin ƙaura yayin adana adireshin IP na kwandon da aka canjawa wuri; za mu ɗauka cewa an adana IP ɗin da kwandon yake da shi akan VM kuma zai yi aiki ba tare da matsala ba.
Kafin canja wurin, bari mu tabbatar cewa muna da komai a hannu:
- OpenVZ uwar garken, cikakken tushen damar shiga injin mai watsa shiri, ikon tsayawa / hawa / farawa / share kwantena
- KVM uwar garken, cikakken tushen damar zuwa injin mai watsa shiri, tare da duk abin da yake nufi. An ɗauka cewa an riga an saita komai kuma an shirya don tafiya.
Bari mu fara canjawa wuri
Kafin mu fara canja wurin, bari mu ayyana sharuɗɗan da za su taimake ka ka guje wa ruɗani:
KVM_NODE - KVM na'ura mai watsa shiri
VZ_NODE - Injin mai watsa shiri na OpenVZ
CTID - Bude VZ ganga
VM - KVM Virtual uwar garken
Ana shirye-shiryen ƙaura da ƙirƙirar injunan kama-da-wane.
Mataki 1
Tun da muna buƙatar matsar da akwati a wani wuri, za mu ƙirƙira VM tare da irin wannan tsari zuwa KVM_NODE.
Muhimmin! Kuna buƙatar ƙirƙirar VM akan tsarin aiki wanda a halin yanzu ke gudana akan CTID. Misali, idan an shigar da Ubuntu 14 akan CTID, to dole ne a sanya Ubuntu 14 akan VM. Ƙananan nau'ikan ba su da mahimmanci kuma rarrabuwar su ba ta da mahimmanci, amma manyan nau'ikan ya kamata su kasance iri ɗaya.
Bayan ƙirƙirar VM, za mu sabunta fakitin akan CTID da VM (kada a ruɗe tare da sabunta OS - ba mu sabunta shi ba, muna sabunta fakitin ne kawai kuma, idan ya zo, sigar OS a cikin babba. sigar).
Ga CentOS wannan tsari yana kama da mara lahani:
# yum clean all
# yum update -yKuma babu ƙarancin lahani ga Ubuntu da Debian:
# apt-get update
# apt-get upgradeMataki 2
Shigar a kan CTID, VZ_NODE и VM mai amfani rsync:
CentOS:
# yum install rsync -yDebian, Ubuntu:
# apt-get install rsync -yBa mu shigar da wani abu ko dai a can ko a can.
Mataki 3
Muna yin tasha CTID a kan VZ_NODE tawaga
vzctl stop CTIDHawan hoton CTID:
vzctl mount CTIDJe zuwa babban fayil /vz/root/CTID da aiwatarwa
mount --bind /dev dev && mount --bind /sys sys && mount --bind /proc proc && chroot .A ƙarƙashin tushen, ƙirƙirar fayil /root/exclude.txt - zai ƙunshi jerin keɓancewa waɗanda ba za su sami sabon sabar ba.
/boot
/proc
/sys
/tmp
/dev
/var/lock
/etc/fstab
/etc/mtab
/etc/resolv.conf
/etc/conf.d/net
/etc/network/interfaces
/etc/networks
/etc/sysconfig/network*
/etc/sysconfig/hwconf
/etc/sysconfig/ip6tables-config
/etc/sysconfig/kernel
/etc/hostname
/etc/HOSTNAME
/etc/hosts
/etc/modprobe*
/etc/modules
/net
/lib/modules
/etc/rc.conf
/usr/share/nova-agent*
/usr/sbin/nova-agent*
/etc/init.d/nova-agent*
/etc/ips
/etc/ipaddrpool
/etc/ips.dnsmaster
/etc/resolv.conf
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-ens3Muna haɗi zuwa KVM_NODE da kaddamar da mu VMta yadda ya yi aiki kuma yana samuwa ta hanyar hanyar sadarwa.
Yanzu komai yana shirye don canja wuri. Tafi!
Mataki 4
Har yanzu a ƙarƙashin sihiri, muna yin
rsync --exclude-from="/root/exclude.txt" --numeric-ids -avpogtStlHz --progress -e "ssh -T -o Compression=no -x" / root@KVM_NODE:/Umurnin rsync zai aiwatar da canja wurin, muna fatan cewa maɓallan sun bayyana - ana aiwatar da canja wurin tare da adana alamomin, haƙƙin samun dama, masu mallaka da ƙungiyoyi, kuma an kashe ɓoyayyen ɓoye don saurin sauri (zaku iya amfani da wasu sauri sauri, amma wannan ba shi da mahimmanci ga wannan aikin) , haka kuma matsawa yana da rauni.
Bayan kammala rsync, fita daga chroot (ta latsa ctrl+d) kuma aiwatar
umount dev && umount proc && umount sys && cd .. && vzctl umount CTIDMataki 5
Bari mu yi matakai da yawa waɗanda za su taimaka mana ƙaddamar da VM bayan canja wurin daga OpenVZ.
A kan sabobin tare da Tsarin bari mu aiwatar da umarni wanda zai taimaka mana mu shiga cikin na'ura mai kwakwalwa ta yau da kullun, misali, ta allon uwar garken VNC
mv /etc/systemd/system/getty.target.wants/[email protected] /etc/systemd/system/getty.target.wants/[email protected]A kan sabobin CentOS 6 и CentOS 7 Tabbatar shigar da sabon kwaya:
yum install kernel-$(uname -r)Ana iya loda uwar garken daga gare ta, amma bayan canja wurin yana iya daina aiki ko a goge shi.
Akan uwar garke CentOS 7 kuna buƙatar amfani da ƙaramin gyara don PolkitD, in ba haka ba uwar garken zai rushe har abada:
getent group polkitd >/dev/null && echo -e "e[1;32mpolkitd group already existse[0m" || { groupadd -r polkitd && echo -e "e[1;33mAdded missing polkitd groupe[0m" || echo -e "e[1;31mAdding polkitd group FAILEDe[0m"; }
getent passwd polkitd >/dev/null
&& echo -e "e[1;32mpolkitd user already existse[0m" || { useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd && echo -e "e[1;33mAdded missing polkitd usere[0m" || echo -e "e[1;31mAdding polkitd user FAILEDe[0m"; }
rpm -Va polkit* && echo -e "e[1;32mpolkit* rpm verification passede[0m" || { echo -e "e[1;33mResetting polkit* rpm user/group ownership & permse[0m"; rpm --setugids polkit polkit-pkla-compat; rpm --setperms polkit polkit-pkla-compat; }A kan duk sabobin, idan mod_fcgid na Apache aka shigar, za mu yi ƙaramin gyara tare da haƙƙoƙi, in ba haka ba rukunin yanar gizon da ke amfani da mod_fcgid za su yi karo da kuskure 500:
chmod +s `which suexec` && apachectl restartKuma abu na ƙarshe yana da amfani ga rarrabawar Ubuntu da Debian. Wannan OS na iya yin karo a cikin taya na har abada tare da kuskure
looping da sauri. kisa kadan
m, amma sauƙi gyarawa, dangane da OS version.
a kan Debian 9 gyaran yayi kama da haka:
muna aiwatarwa
dbus-uuidgenidan muka samu kuskure
/usr/local/lib/libdbus-1.so.3: sigar `LIBDBUS_PRIVATE_1.10.8'
duba kasancewar LIBDBUS
ls -la /lib/x86_64-linux-gnu | grep dbus
libdbus-1.so.3 -> libdbus-1.so.3.14.15
libdbus-1.so.3.14.15 <-- нужен этот
libdbus-1.so.3.14.16idan komai yana cikin tsari, muna yin shi
cd /lib/x86_64-linux-gnu
rm -rf libdbus-1.so.3
ln -s libdbus-1.so.3.14.15 libdbus-1.so.3Idan bai taimaka ba, gwada zaɓi na biyu.
Magani na biyu ga matsalar tare da kisa kadan Ya dace da kusan duk rarrabawar Ubuntu da Debian.
Muna aiwatarwa
bash -x /var/lib/dpkg/info/dbus.postinst configureKuma don Ubuntu 14, Debian 7 Bugu da ƙari, muna yin:
adduser --system --home /nonexistent --no-create-home --disabled-password --group messagebus
rm -rf /etc/init.d/modules_dep.sh Me muka yi? Mun maido da saƙon saƙo, wanda ya ɓace don gudanar da Debian/Ubuntu, kuma mun cire modules_dep, wanda ya fito daga OpenVZ kuma ya tsoma baki tare da loda yawancin kernel modules.
Mataki 6
Muna sake kunna VM, duba cikin VNC yadda ake ci gaba da lodi kuma, da kyau, komai zai kaya ba tare da matsala ba. Ko da yake mai yiyuwa ne wasu takamaiman matsaloli su bayyana bayan hijira, amma sun fi ƙarfin wannan labarin kuma za a gyara su yayin da suka taso.
Ina fatan wannan bayanin yana da amfani! 🙂
source: www.habr.com