LXD/OpenVZ migration
If you are running an OpenVZ based virtualization and want to switch to LXD. These are some notes that will help you through the process of migration. After setting your LXD host using our LXD tutorial/how-to page, you should have a working LXD host.
Mīlle viae dūcunt hominēs per saecula Rōmam (“a thousand roads lead men forever to Rome”). There are for sure many ways you can accomplish this. The two approaches that will be presented are working and are not that complicated.
Migration with rootfs switch
Creating the container
Firstly we need to create the container that will be the final container on LXD.
root # lxc init -p default -p prf-funtoo funtoo-westmere-lxd-image openvz-migrant
This will create container openvz-test using the funtoo-westmere-lxd-image as our base image and add the default and prf-funtoo profiles to to the container config.
root # lxc ls +--------------------+---------+----------------------+------------------------------------------------+------------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +--------------------+---------+----------------------+------------------------------------------------+------------+-----------+ | openvz-migrant | STOPPED | | | PERSISTENT | 0 | +--------------------+---------+----------------------+------------------------------------------------+------------+-----------+
Switching the rootfs
Now let's switch the rootfs. Go to your storage pool for LXD (default location: /var/lib/lxd/storage-pools/default/containers/) and locate our openvz-migrant directory. Delete the rootfs and replace it with openvz conatiner's rootfs.
Correcting the uid/gid ownership
You are almost there, all that is needed is to correct the owner of the container. Since LXD runs unprivileged containers by default all the files get their uid and gid remapped according to the volatile.idmap.next property in lxc config.
root # lxc config show openvz-migrant architecture: x86_64 config: image.architecture: x86_64 image.description: Funtoo Westmere Pure64 Hardened image.name: intel64-westmere-pure64-funtoo-current-hardened-2017-09-08 image.os: funtoo image.release: "1.0" image.variant: current volatile.base_image: f9c30a7fe070ecd1ab8ed5f2df36f3624cf44f3f46b62dd9039b84ac5f461318 volatile.eth0.hwaddr: 00:16:3e:9e:59:ed volatile.eth0.name: eth0 volatile.idmap.base: "0" volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]' volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]' volatile.last_state.power: STOPPED devices: {} ephemeral: false profiles: - default - prf-funtoo stateful: false description: ""
As you can see the container got created with uid/gid 100000:65536 map (first number is the uid of uid 0 in the container, second number is the range of ids). LXD comes with a handy utility called fuidshift. Let's see how we can use it to shift the uid/gid range of the imported rootfs.
root # fuidshift -h Usage: fuidshift directory [-t] [-r] <range1> [<range2> ...] -t implies test mode. No file ownerships will be changed. -r means reverse, that is shift the uids out of the container. A range is [u
Very good then, we will be shifting both uid and gid from 0 to 100000 with the range of 65536 ids.
root # ls -alF total 8 drwxr-xr-x 1 root root 78 Nov 4 02:17 ./ drwxr-xr-x 1 root root 218 Nov 4 02:17 ../ -r-------- 1 root root 2610 Nov 4 02:30 backup.yaml -rw-r--r-- 1 root root 341 Sep 11 15:17 metadata.yaml drwxr-xr-x 1 root root 122 Dec 10 2016 rootfs/ drwxr-xr-x 1 root root 24 Sep 11 15:15 templates/ root # fuidshift /var/lib/lxd/storage-pools/default/containers/openvz-test/rootfs b:0:100000:65536 root # ls -alF total 8 drwxr-xr-x 1 100000 100000 78 Nov 4 02:17 ./ drwxr-xr-x 1 root root 218 Nov 4 02:17 ../ -r-------- 1 root root 2610 Nov 4 02:30 backup.yaml -rw-r--r-- 1 root root 341 Sep 11 15:17 metadata.yaml drwxr-xr-x 1 100000 100000 122 Dec 10 2016 rootfs/ drwxr-xr-x 1 root root 24 Sep 11 15:15 templates/
So we started with root:root as the owner and finished with 100000:100000.
Migration using lxd import
TODO