centos7迁移龙蜥anolis8.8

重点：

在开始升级之前，需要对系统盘以及数据盘进行一次快照备份，避免出现问题无法回退

一、外网迁移

1.阿里云yum

#设置为阿里云yum源
rm -rf /etc/yum.repos.d/bak && mkdir -p /etc/yum.repos.d/bak && mv /etc/yum.repos.d/* /etc/yum.repos.d/bak


cat > /etc/yum.repos.d/CentOS-Base.repo <<-'EOF'
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/os/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#released updates 
[updates]
name=CentOS-$releasever - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/updates/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/extras/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/centosplus/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/centosplus/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/contrib/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/contrib/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF

cd /etc/yum.repos.d


ls



#添加访问互联路由
cat > /etc/resolv.conf <<EOF
nameserver 114.114.114.114
nameserver 223.5.5.5
nameserver 8.8.8.8
EOF

cat /etc/resolv.conf

yum -y install wget

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo


yum clean all && yum makecache && yum update -y

yum -y install vim net-tools lrzsz unzip gcc telnet wget sshpass curl

2.关闭防火墙，把root用户放出来

#设置防火墙为 Iptables 并设置空规则
systemctl  stop firewalld  &&  systemctl  disable firewalld  && systemctl status firewalld


#关闭 SELINUX
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config


#把root用户放出来
sed -i 's/#PermitRootLogin yes/PermitRootLogin yes/g' /etc/ssh/sshd_config

grep PermitRootLogin /etc/ssh/sshd_config

systemctl restart sshd

3. 安装迁移工具

cd /etc/yum.repos.d/

wget https://mirrors.openanolis.cn/anolis/migration/anolis-migration.repo -O /etc/yum.repos.d/anolis-migration.repo

ls


yum install -y python-pip


yum remove -y python-requests python-urllib3; /usr/bin/pip2 uninstall requests urllib3 -y 2>/dev/null || echo "not installed"


yum -y install leapp

4 迁移评估

成功部署工具后，运行工具的评估命令来对系统环境进行扫描评估：

leapp preupgrade --no-rhsm

上述命令是默认评估迁移到带 ANCK 内核的龙蜥OS，如果你想评估迁移到带 RHCK 内核的龙蜥OS请执行下面的命令

leapp preupgrade --no-rhsm --disablerepo=anolis_plus

解决方案，在新的 Anolis OS 8 中不再支持 pam_pkcs11 ，所以我们直接选择删除该不支持的选项：

leapp answer --section remove_pam_pkcs11_module_check.confirm=True

5 迁移实施

解决了评估报告中所有影响就地迁移的问题后，即可实施迁移。-升级过程大概在10分钟左右

leapp upgrade --no-rhsm

上述命令是默认迁移到带 ANCK 内核的龙蜥OS，如果你想迁移到带 RHCK 内核的龙蜥OS请执行下面的命令

leapp upgrade --no-rhsm --disablerepo=anolis_plus

第一次重启需要耗费相对较长的时间，建议可以在vnc端进行查看，大约在10-15分钟左右，第一次重启会在一个initramfs内，将7的包，升级到8

reboot

二、内网迁移

离线仓库搭建
在内网搭建龙蜥镜像站
CentOS7下同步阿里云CentOS7镜像建本地yum仓库基本步骤

1、更新本地yum-关闭防火墙

# 将vim设置为黏贴模式，防止复制时自动缩进
echo "set paste" >> /root/.vimrc

#设置防火墙为 Iptables 并设置空规则
systemctl  stop firewalld  &&  systemctl  disable firewalld  && systemctl status firewalld


#关闭 SELINUX
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config


cd /etc/yum.repos.d/

rm -rf /etc/yum.repos.d/bak && mkdir -p /etc/yum.repos.d/bak && mv /etc/yum.repos.d/* /etc/yum.repos.d/bak



cat > /etc/yum.repos.d/bd7.repo <<-'EOF'
[base]
name=CentOS- Base - 192.168.1.3
failovermethod=priority
baseurl=http://192.168.1.3/centos7/base/
enable=1
gpgcheck=0
 
#released updates 
[updates]
name=CentOS- Updates - 192.168.1.3
failovermethod=priority
baseurl=http://192.168.1.3/centos7/updates/
enable=1
gpgcheck=0
 
#additional packages that may be useful
[extras]
name=CentOS- Extras - 192.168.1.3
failovermethod=priority
baseurl=http://192.168.1.3/centos7/extras/
enable=1
gpgcheck=0
 
#additional packages that may be useful
[epel]
name=CentOS- Epel - 192.168.1.3
failovermethod=priority
baseurl=http://192.168.1.3/centos7/epel/
enable=1
gpgcheck=0
EOF


yum -y install wget

yum -y install vim net-tools lrzsz unzip gcc telnet wget sshpass curl dnf


yum clean all && yum makecache && yum update -y

2、安装迁移工具

cd /etc/yum.repos.d/


wget http://192.168.1.3/anolis/migration/anolis-migration.repo -O /etc/yum.repos.d/anolis-migration.repo

sed -i "s#baseurl=https://mirrors.openanolis.cn/#baseurl=http://192.168.1.3/#" /etc/yum.repos.d/anolis-migration.repo
sed -i "s#gpgkey=https://mirrors.openanolis.cn/#gpgkey=http://192.168.1.3/#" /etc/yum.repos.d/anolis-migration.repo


yum install -y python-pip
yum remove -y python-requests python-urllib3; /usr/bin/pip2 uninstall requests urllib3 -y 2>/dev/null || echo "not installed"
yum -y install leapp

#执行下述命令将 /etc/leapp/files/leapp_upgrade_repositories.repo 里面的baseurl地址替换为本地源地址
leapp customrepo --seturl http://192.168.1.3/anolis/8.8

3、迁移评估

解决Possible problems with remote login using root account

sed -i 's/#PermitRootLogin yes/PermitRootLogin yes/g' /etc/ssh/sshd_config

grep PermitRootLogin /etc/ssh/sshd_config

systemctl restart sshd

成功部署工具后，运行工具的评估命令来对系统环境进行扫描评估：

# ANCK 内核：ANCK 内核通常用于网络计算领域，提供了一些专门针对网络性能和计算需求优化的功能。它可能包含一些特定的网络协议栈、流量控制技术或其他网络相关的功能。

leapp preupgrade --no-rhsm

上述命令是默认评估迁移到带 ANCK 内核的龙蜥OS，如果你想评估迁移到带 RHCK 内核的龙蜥OS请执行下面的命令

# RHCK 内核：RHCK 内核是指 Red Hat 兼容的内核，通常是 Red Hat Enterprise Linux（RHEL）发行版中使用的内核。这个内核经过 Red Hat 的测试和验证，保证在 RHEL 系统上稳定运行并获得支持。

leapp preupgrade --no-rhsm --disablerepo=anolis_plus

3.1基于评估报告处理迁移前问题

#解决方案，在新的 Anolis OS 8 中不再支持 pam_pkcs11 ，所以我们直接选择删除该不支持的选项：

cat /var/log/leapp/answerfile

leapp answer --section remove_pam_pkcs11_module_check.confirm=True

4、迁移实施

解决了评估报告中所有影响就地迁移的问题后，即可实施迁移。

leapp upgrade --no-rhsm

上述命令是默认迁移到带 ANCK 内核的龙蜥OS，如果你想迁移到带 RHCK 内核的龙蜥OS请执行下面的命令

leapp upgrade --no-rhsm --disablerepo=anolis_plus

接下来需要执行 reboot 命令，reboot后OS进入一个隔离环境自动进行实质的迁移操作。
待系统迁移完成后，OS 会再次自动重启进入迁移后的系统。这一步骤涉及到2次OS重启以及相关的迁移操作故耗时较长。

5、报错

============================================================
                     UPGRADE INHIBITED                      
============================================================

Upgrade has been inhibited due to the following problems:
    1. Inhibitor: Possible problems with remote login using root account
   


#解决
sed -i 's/#PermitRootLogin yes/PermitRootLogin yes/g' /etc/ssh/sshd_config

grep PermitRootLogin /etc/ssh/sshd_config

systemctl restart sshd

原文地址：https://blog.csdn.net/qq_35583325/article/details/136555773

免责声明：本站文章内容转载自网络资源，如本站内容侵犯了原著者的合法权益，可联系本站删除。更多内容请关注自学内容网（zxcms.com）！