Ẹnikẹni ti o nilo lati gbe eiyan OpenVZ kan si olupin kan pẹlu agbara agbara KVM ni kikun ni o kere ju lẹẹkan ninu igbesi aye wọn ti ni awọn iṣoro diẹ:
- Pupọ julọ alaye naa jẹ igba atijọ ati pe o wulo fun awọn OS ti o ti kọja akoko EOL gigun
- O yatọ si alaye ti wa ni nigbagbogbo pese fun orisirisi awọn ọna šiše, ati awọn ti ṣee ṣe aṣiṣe nigba ijira ti wa ni ko kà
- Nigba miiran o ni lati koju pẹlu awọn atunto ti gbogbo bayi ati lẹhinna ko fẹ lati ṣiṣẹ lẹhin ijira
Nigbati o ba gbe olupin 1 lọ, o le ṣatunṣe ohunkan nigbagbogbo lori fifo, ṣugbọn nigbati o ba gbe gbogbo iṣupọ kan?
Ninu nkan yii Emi yoo gbiyanju lati sọ fun ọ bi o ṣe le jade ni deede ohun elo OpenVZ kan si KVM pẹlu akoko idinku kekere ati ojutu iyara si gbogbo awọn iṣoro.
Eto ẹkọ kekere kan: kini OpenVZ ati kini KVM?
A kii yoo jinlẹ si imọ-ọrọ, ṣugbọn a yoo sọ ni awọn ofin gbogbogbo:
OpenVZ - agbara agbara ni ipele eto iṣẹ, o le paapaa gbe lọ sori makirowefu kan, nitori ko si iwulo fun awọn ilana Sipiyu ati awọn imọ-ẹrọ agbara lori ẹrọ agbalejo.
KVM - agbara agbara ni kikun, lilo gbogbo agbara ti Sipiyu ati ti o lagbara lati ṣe afihan ohunkohun, ni ọna eyikeyi, gige ni gigun ati wiwọn.
Ni idakeji si igbagbọ olokiki pe laarin awọn olupese alejo gbigba OpenVZ yoo di apọju, ṣugbọn KVM kii yoo - ni da fun igbehin, KVM ko buru ju arakunrin rẹ lọ.
Kini a yoo gbe lọ?
Gẹgẹbi awọn koko-ọrọ idanwo fun gbigbe, a ni lati lo gbogbo igbo ti awọn ọna ṣiṣe ti o wa lori OpenVZ: CentOS (awọn ẹya 6 ati 7), Ubuntu (14, 16 ati 18 LTS), Debian 7.
O ti ro pe pupọ julọ awọn apoti OpenVZ ti nṣiṣẹ tẹlẹ diẹ ninu iru LAMP, ati diẹ ninu paapaa ni sọfitiwia kan pato. Nigbagbogbo, iwọnyi jẹ awọn atunto pẹlu ISPmanager, igbimọ iṣakoso VestaCP (ati nigbagbogbo julọ, kii ṣe imudojuiwọn fun awọn ọdun). Awọn ibeere gbigbe wọn gbọdọ tun ṣe akiyesi.
Iṣilọ ni a ṣe lakoko titọju adiresi IP ti eiyan ti o ti gbe; a yoo ro pe IP ti eiyan naa ni ti wa ni fipamọ sori VM ati pe yoo ṣiṣẹ laisi awọn iṣoro.
Ṣaaju gbigbe, jẹ ki a rii daju pe a ni ohun gbogbo ni ọwọ:
- Olupin OpenVZ, iwọle kikun root si ẹrọ agbalejo, agbara lati da duro / gbe / bẹrẹ / paarẹ awọn apoti
- Olupin KVM, iwọle ni kikun si ẹrọ agbalejo, pẹlu gbogbo eyiti o tumọ si. O ti ro pe ohun gbogbo ti wa ni tunto ati setan lati lọ.
Jẹ ki a bẹrẹ gbigbe
Ṣaaju ki a to bẹrẹ gbigbe, jẹ ki a ṣalaye awọn ofin ti yoo ṣe iranlọwọ fun ọ lati yago fun iporuru:
KVM_NODE - KVM ogun ẹrọ
VZ_NODE - OpenVZ ẹrọ ogun
CTID - OpenVZ eiyan
VM - KVM foju olupin
Ngbaradi fun ijira ati ṣiṣẹda foju ero.
Igbesẹ 1
Niwon a nilo lati gbe eiyan si ibikan, a yoo ṣẹda VM pẹlu kan iru iṣeto ni lati KVM_NODE.
Pataki! O nilo lati ṣẹda VM kan lori ẹrọ ṣiṣe ti o nṣiṣẹ lọwọlọwọ lori CTID. Fun apẹẹrẹ, ti o ba ti fi Ubuntu 14 sori CTID, lẹhinna Ubuntu 14 gbọdọ wa ni fi sori ẹrọ lori VM. Awọn ẹya kekere ko ṣe pataki ati pe iyatọ wọn ko ṣe pataki, ṣugbọn awọn ẹya pataki yẹ ki o jẹ kanna.
Lẹhin ṣiṣẹda VM, a yoo ṣe imudojuiwọn awọn idii lori CTID ati lori VM (kii ṣe idamu pẹlu imudojuiwọn OS - a ko ṣe imudojuiwọn rẹ, a ṣe imudojuiwọn awọn idii nikan ati, ti o ba de, ẹya OS laarin akọkọ version).
Fun CentOS ilana yii dabi laiseniyan:
# yum clean all
# yum update -yAti pe ko kere si laiseniyan fun Ubuntu ati Debian:
# apt-get update
# apt-get upgradeIgbesẹ 2
Fi sori ẹrọ lori CTID, VZ_NODE и VM ohun elo rsync:
CentOS:
# yum install rsync -yDebian, Ubuntu:
# apt-get install rsync -yA ko fi ohunkohun miiran boya nibẹ tabi nibẹ.
Igbesẹ 3
A ṣe idaduro CTID on VZ_NODE egbe
vzctl stop CTIDIṣagbesori aworan CTID:
vzctl mount CTIDLọ si folda /vz/root/CTID ati ṣiṣe
mount --bind /dev dev && mount --bind /sys sys && mount --bind /proc proc && chroot .Labẹ gbongbo, ṣẹda faili kan /root/exclude.txt - yoo ni atokọ ti awọn imukuro ti kii yoo gba si olupin tuntun
/boot
/proc
/sys
/tmp
/dev
/var/lock
/etc/fstab
/etc/mtab
/etc/resolv.conf
/etc/conf.d/net
/etc/network/interfaces
/etc/networks
/etc/sysconfig/network*
/etc/sysconfig/hwconf
/etc/sysconfig/ip6tables-config
/etc/sysconfig/kernel
/etc/hostname
/etc/HOSTNAME
/etc/hosts
/etc/modprobe*
/etc/modules
/net
/lib/modules
/etc/rc.conf
/usr/share/nova-agent*
/usr/sbin/nova-agent*
/etc/init.d/nova-agent*
/etc/ips
/etc/ipaddrpool
/etc/ips.dnsmaster
/etc/resolv.conf
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-ens3A sopọ mọ KVM_NODE ki o si lọlẹ wa VMki o ṣiṣẹ ati ki o wa lori nẹtiwọki.
Bayi ohun gbogbo ti šetan fun gbigbe. Lọ!
Igbesẹ 4
Si tun labẹ awọn lọkọọkan, a ṣe
rsync --exclude-from="/root/exclude.txt" --numeric-ids -avpogtStlHz --progress -e "ssh -T -o Compression=no -x" / root@KVM_NODE:/Aṣẹ rsync yoo ṣe gbigbe, a nireti pe awọn bọtini naa han gbangba - gbigbe naa ni a ṣe pẹlu titọju awọn aami, awọn ẹtọ iwọle, awọn oniwun ati awọn ẹgbẹ, ati fifi ẹnọ kọ nkan jẹ alaabo fun iyara nla (o le lo diẹ ninu awọn cipher yiyara, ṣugbọn eyi kii ṣe pataki pupọ fun iṣẹ-ṣiṣe yii), bakanna bi funmorawon jẹ alaabo.
Lẹhin ti pari rsync, jade kuro ni chroot (nipa titẹ ctrl+d) ki o si ṣiṣẹ
umount dev && umount proc && umount sys && cd .. && vzctl umount CTIDIgbesẹ 5
Jẹ ki a ṣe awọn igbesẹ pupọ ti yoo ṣe iranlọwọ fun wa lati ṣe ifilọlẹ VM lẹhin gbigbe lati OpenVZ.
Lori awọn olupin pẹlu Eto eto jẹ ki a ṣe aṣẹ kan ti yoo ṣe iranlọwọ fun wa wọle si console deede, fun apẹẹrẹ, nipasẹ iboju olupin VNC kan
mv /etc/systemd/system/getty.target.wants/[email protected] /etc/systemd/system/getty.target.wants/[email protected]Lori awọn olupin CentOS 6 и CentOS 7 Rii daju lati fi ekuro titun kan sori ẹrọ:
yum install kernel-$(uname -r)Olupin naa le jẹ fifuye lati ọdọ rẹ, ṣugbọn lẹhin gbigbe o le da iṣẹ duro tabi paarẹ.
Lori olupin CentOS 7 o nilo lati lo atunṣe kekere kan fun PolkitD, bibẹẹkọ olupin yoo jamba lailai:
getent group polkitd >/dev/null && echo -e "e[1;32mpolkitd group already existse[0m" || { groupadd -r polkitd && echo -e "e[1;33mAdded missing polkitd groupe[0m" || echo -e "e[1;31mAdding polkitd group FAILEDe[0m"; }
getent passwd polkitd >/dev/null
&& echo -e "e[1;32mpolkitd user already existse[0m" || { useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd && echo -e "e[1;33mAdded missing polkitd usere[0m" || echo -e "e[1;31mAdding polkitd user FAILEDe[0m"; }
rpm -Va polkit* && echo -e "e[1;32mpolkit* rpm verification passede[0m" || { echo -e "e[1;33mResetting polkit* rpm user/group ownership & permse[0m"; rpm --setugids polkit polkit-pkla-compat; rpm --setperms polkit polkit-pkla-compat; }Lori gbogbo awọn olupin, ti mod_fcgid fun Apache ti fi sii, a yoo ṣe atunṣe kekere kan pẹlu awọn ẹtọ, bibẹẹkọ awọn aaye lilo mod_fcgid yoo jamba pẹlu aṣiṣe 500:
chmod +s `which suexec` && apachectl restartAti ohun ti o kẹhin jẹ iwulo fun Ubuntu ati awọn pinpin Debian. OS yii le ja sinu bata ayeraye pẹlu aṣiṣe kan
looping ju sare. throttling ipaniyan kekere kan
unpleasant, ṣugbọn awọn iṣọrọ ti o wa titi, da lori awọn OS version.
Ni Debian 9 atunṣe naa dabi eyi:
a gbe jade
dbus-uuidgenti a ba gba aṣiṣe
/usr/local/lib/libdbus-1.so.3: ẹya `LIBDBUS_PRIVATE_1.10.8′ ko ri
ṣayẹwo niwaju LIBDBUS
ls -la /lib/x86_64-linux-gnu | grep dbus
libdbus-1.so.3 -> libdbus-1.so.3.14.15
libdbus-1.so.3.14.15 <-- нужен этот
libdbus-1.so.3.14.16ti ohun gbogbo ba wa ni ibere, a ṣe
cd /lib/x86_64-linux-gnu
rm -rf libdbus-1.so.3
ln -s libdbus-1.so.3.14.15 libdbus-1.so.3Ti ko ba ṣe iranlọwọ, gbiyanju aṣayan keji.
Awọn keji ojutu si isoro pẹlu throttling ipaniyan kekere kan Dara fun gbogbo awọn pinpin Ubuntu ati Debian.
A gbe jade
bash -x /var/lib/dpkg/info/dbus.postinst configureAti fun Ubuntu 14, Debian 7 Ni afikun, a ṣe:
adduser --system --home /nonexistent --no-create-home --disabled-password --group messagebus
rm -rf /etc/init.d/modules_dep.sh Kí la ti ṣe? A mu pada messagebus, eyi ti o ti sonu lati ṣiṣe Debian/Ubuntu, ati ki o kuro modules_dep, eyi ti o wa lati OpenVZ ati idilọwọ awọn ikojọpọ ti ọpọlọpọ awọn ekuro modulu.
Igbesẹ 6
A tun atunbere VM, ṣayẹwo ni VNC bi ikojọpọ ti nlọsiwaju ati pe, ni pipe, ohun gbogbo yoo gbe laisi awọn iṣoro. Bó tilẹ̀ jẹ́ pé ó ṣeé ṣe kó jẹ́ pé àwọn ìṣòro kan pàtó máa fara hàn lẹ́yìn tí wọ́n ṣí kiri, wọ́n ré kọjá ààlà àpilẹ̀kọ yìí, a óò sì tún wọn ṣe bí wọ́n bá ti dìde.
Mo nireti pe alaye yii wulo! 🙂
orisun: www.habr.com