OpenVZ Forum


Home » General » Support » Migrate from KVM to OpenVZ (Problems due migration)
Migrate from KVM to OpenVZ [message #51901] Sun, 01 March 2015 16:42 Go to next message
gilgameshfreedom is currently offline  gilgameshfreedom
Messages: 3
Registered: March 2015
Junior Member
From: *is74.ru
Hello!

I had migrated the KVM-based CentOS 7 server to OpenVZ container according this manual (openvz.org/Physical_to_container). I solved most of the problems in the migration process such a disabling unneeded services, removing linux capabilities from files and others. But some problems remain unsolved. For example, the firewalld service isn't working:

[root@redmine /]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
   Active: active (running) since Sun 2015-03-01 10:35:28 EST; 57min ago
 Main PID: 115 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─115 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Mar 01 10:35:28 redmine.juscom.ru systemd[1]: Started firewalld - dynamic firewall daemon.
Mar 01 10:35:28 redmine.juscom.ru firewalld[115]: 2015-03-01 10:35:28 ERROR: ebtables not usable, disabling ethernet bridge firewall.


In addition, here is a list of all the problems that appear during the boot process:
egrep -Ri '(fail|err|emerg|alert)' /var/log/messages
Mar  1 10:35:26 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-ip6tables': Permission denied
Mar  1 10:35:26 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-iptables': Permission denied
Mar  1 10:35:26 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-arptables': Permission denied
Mar  1 10:35:26 redmine systemd-sysctl: Failed to write '16' to '/proc/sys/kernel/sysrq': Permission denied
Mar  1 10:35:26 redmine systemd-sysctl: Failed to write '1' to '/proc/sys/kernel/core_uses_pid': Permission denied
Mar  1 10:35:26 redmine systemd: systemd-sysctl.service: main process exited, code=exited, status=1/FAILURE
Mar  1 10:35:26 redmine systemd: Failed to start Apply Kernel Variables.
Mar  1 10:35:26 redmine systemd: Unit systemd-sysctl.service entered failed state.
Mar  1 10:35:26 redmine systemd: systemd-vconsole-setup.service: main process exited, code=exited, status=1/FAILURE
Mar 01 10:35:28 redmine.juscom.ru systemd[1]: Started firewalld - dyna
Mar  1 10:35:26 redmine systemd: Failed to start Setup Virtual Console.
Mar  1 10:35:26 redmine systemd: Unit systemd-vconsole-setup.service entered failed state.
Mar  1 10:35:27 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-ip6tables': Permission denied
Mar  1 10:35:27 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-iptables': Permission denied
Mar  1 10:35:27 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-arptables': Permission denied
Mar  1 10:35:27 redmine systemd-sysctl: Failed to write '16' to '/proc/sys/kernel/sysrq': Permission denied
Mar  1 10:35:27 redmine systemd-sysctl: Failed to write '1' to '/proc/sys/kernel/core_uses_pid': Permission denied
Mar  1 10:35:28 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-ip6tables': Permission denied
Mar  1 10:35:28 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-iptables': Permission denied
Mar  1 10:35:28 redmine systemd-sysctl: Failed to write '0' to '/proc/sys/net/bridge/bridge-nf-call-arptables': Permission denied
Mar  1 10:35:28 redmine systemd-sysctl: Failed to write '16' to '/proc/sys/kernel/sysrq': Permission denied
Mar  1 10:35:28 redmine systemd-sysctl: Failed to write '1' to '/proc/sys/kernel/core_uses_pid': Permission denied
Mar  1 10:35:28 redmine firewalld: 2015-03-01 10:35:28 ERROR: ebtables not usable, disabling ethernet bridge firewall.


What can I don in this situation?
Re: Migrate from KVM to OpenVZ [message #51902 is a reply to message #51901] Mon, 02 March 2015 07:22 Go to previous messageGo to next message
Krejza9 is currently offline  Krejza9
Messages: 3
Registered: November 2014
Junior Member
From: 82.100.5*
Hi, this is normal, because OpenVZ can't emulate /proc and /sys openvz.org/Vzctl_for_upstream_kernel#Limitations
I have similar problem forum.openvz.org/index.php?t=tree&th=12799&unread=1& amp;S=c8d97b0f508d35e8985c314148106914
and no one answer for many months.
This forum is death.
Re: Migrate from KVM to OpenVZ [message #51903 is a reply to message #51902] Mon, 02 March 2015 07:42 Go to previous messageGo to next message
gilgameshfreedom is currently offline  gilgameshfreedom
Messages: 3
Registered: March 2015
Junior Member
From: *is74.ru
Thanks for the reply. I have just turned off the firewalld service and have moved its rules above in the Host node. Besides we can to comment out all of the messages in the /lib/sysctl.d/* directory in order to the sysctl errors in the message log disappeared.
Re: Migrate from KVM to OpenVZ [message #51904 is a reply to message #51901] Mon, 02 March 2015 09:47 Go to previous messageGo to next message
Krejza9 is currently offline  Krejza9
Messages: 3
Registered: November 2014
Junior Member
From: *bcmkt.net
but this only hide problem not solve it Wink
Re: Migrate from KVM to OpenVZ [message #51905 is a reply to message #51904] Mon, 02 March 2015 10:02 Go to previous message
gilgameshfreedom is currently offline  gilgameshfreedom
Messages: 3
Registered: March 2015
Junior Member
From: *is74.ru
In my case the main problem was that firewall rules weren't working because the firewalld service didn't start. As I said I had moved its rules above in the Host node and problem had solved.
Previous Topic: Multiple IPs from multiple Networks
Next Topic: Selecting the network card
Goto Forum:
  


Current Time: Thu Jul 18 21:36:58 GMT 2019