Professional Documents
Culture Documents
6.5.1.1
Operation Guide (HCS Xen to
KVM)
Issue 01
Date 2019-08-30
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Website: https://e.huawei.com/
Purpose
This document describes how to obtain, install, operate, and uninstall the FusionSphere
Platform Cross Service (PCS) tool and provides related precautions.
Intended Audience
This document is intended for:
Switchover planning engineers
Switchover implementation engineers
Switchover technical support engineers
Switchover development engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Symbol Description
Change History
Changes between document issues are cumulative. The latest document issue contains all the
changes made in earlier issues.
Issue 01 (2019-08-30)
This issue is the first official release.
Contents
2 Technical Support.........................................................................................................................3
3 Switchover Service and Risk Precautions................................................................................4
3.1 Introduction to the Switchover Service..........................................................................................................................4
3.1.1 Information Collection and Feasibility Analysis.........................................................................................................4
3.1.2 Switchover Plan and Solution Design.........................................................................................................................4
3.1.3 Core Service Switchover Test......................................................................................................................................5
3.2 Switchover Risk..............................................................................................................................................................5
4 Switchover Restrictions................................................................................................................6
4.1 Networking.....................................................................................................................................................................6
4.2 Switchover Network Restrictions...................................................................................................................................7
4.3 Switchover Pre-implementation Requirements..............................................................................................................7
4.4 Switchover Implementation Requirements....................................................................................................................7
4.5 Impact on Services.........................................................................................................................................................7
4.6 Function Restrictions....................................................................................................................................................11
5 Compatibility List.......................................................................................................................13
5.1 Platform Compatibility.................................................................................................................................................13
5.2 Guest OS Support Policies...........................................................................................................................................13
6.3.6 Deploying PCS Controller and PCS Agent VMs on the Target Platform.................................................................18
6.3.7 (Optional) Configuring a Backup Server..................................................................................................................19
6.3.8 Configuring the Cloud Platform................................................................................................................................21
6.3.9 Registering an Agent VM..........................................................................................................................................25
7 System Configuration.................................................................................................................27
7.1 Managing Switchover Obstacle Items..........................................................................................................................27
7.2 Configuring Password Policy.......................................................................................................................................27
7.3 Configuring the Login Timeout Period........................................................................................................................28
7.4 Viewing System Tasks..................................................................................................................................................29
8 Image Switchover........................................................................................................................30
8.1 Registering the Image to Be Switched.........................................................................................................................30
8.2 Creating a Public Image Switchover Plan....................................................................................................................31
8.3 Creating a Private Image Switchover Plan...................................................................................................................33
8.4 Completing Image Switchover and Rollback...............................................................................................................34
11.13 Changing the Password for the GaussDB Administrator on the Controller Node...................................................74
11.14 Changing the Password for Accessing Common Services in GaussDB on the Controller Node.............................75
11.15 Resetting the Password for Accessing Common Services in GaussDB on the Controller Node.............................77
11.16 Configuring the Agent Administrator Account.........................................................................................................79
11.17 Setting the Volume Type Mapping for CSHA and CSDR........................................................................................80
11.17.1 Configuring Storage DR Rules..............................................................................................................................80
11.17.2 Adding Storage DR Rules......................................................................................................................................82
11.18 Returning the Extra Fees of PCS Snapshots During the Switchover and Drill........................................................83
12 Appendix 2 Troubleshooting..................................................................................................84
12.1 Failure to Access the System After a UEFI VM Is Switched.....................................................................................84
12.1.1 Symptom..................................................................................................................................................................84
12.1.2 Possible Causes.......................................................................................................................................................84
12.1.3 Procedure.................................................................................................................................................................84
12.2 NIC Name Change After the Switchover of Windows VMs......................................................................................93
12.3 Agent status display for Abnormal.............................................................................................................................96
12.4 Failed to Execute the Disk Configuration Injection Task During the Drill and Switchover......................................97
12.5 Faulty OS During the Deployment of Controller VMs..............................................................................................98
12.6 Failed to Switch Certain Images During the Concurrent Image Switchover.............................................................99
13.22 Configurations of Whether Memory Overcommitment Is Enabled Are Different for the Source Clusters and
Target Platforms................................................................................................................................................................114
13.23 Configurations of Whether HA Is Enabled Are Different for the Source Clusters and Target Platforms..............115
13.24 Affinity or Anti-affinity Rule Is Configured for the Source VM............................................................................116
13.25 Object Operation Permissions Are Configured for the Source VM.......................................................................116
13.26 Source VM Uses a Passthrough DVS.....................................................................................................................117
13.27 Source VM Uses the Port Group of a DVS in Network Enhancement Mode........................................................118
13.28 QoS (Upper Limit of IOPS) Is Configured for Disks of the Source VM, Which May Affect the Driver Injection
Speed During the Switchover...........................................................................................................................................118
13.29 Source VM Is Configured with a Free Clock.........................................................................................................119
13.30 Source VM Does Not Exist....................................................................................................................................120
13.31 Target Compute Resources Are Unavailable..........................................................................................................120
13.32 VM Uses a Shared Disk.........................................................................................................................................121
13.33 VM Resources (VM, Disk, or VPC) Have Expired...............................................................................................122
13.34 VM Has Been Soft Deleted....................................................................................................................................122
13.35 Target AZ Does Not Have Host Groups that Meet the Tag Requirements.............................................................123
13.36 VM Is Configured with CPU QoS..........................................................................................................................123
13.37 QoS of the Source Disk Type Is Different from That of the Target Disk Type......................................................124
13.38 VM Disk Image Does Not Exist.............................................................................................................................125
13.39 VM Is Attached with Disks That Do Not Share the Storage..................................................................................125
13.40 Disks of the Source VM Are Not in the in-use State (For Example, Maintenance State)......................................126
13.41 Number of Subnets of the Source VM Is Greater than the Number of Drill VLANs............................................126
13.42 Source VM Disk Image Has Not Been Switched Over..........................................................................................127
13.43 Source Image Does Not Support FusionCompute..................................................................................................128
13.44 Source Image Does Not Exist.................................................................................................................................128
13.45 Source Image Has Expired.....................................................................................................................................129
13.46 Resource Tag of the Source VM Flavor Is Not Supported.....................................................................................129
13.47 Guest OS of the Source VM Is Not Supported on the Target Cloud Platform.......................................................130
13.48 Number of Disks Attached to a VM Exceeds 59....................................................................................................131
13.49 Source VM Is a Rapidly Provisioned VM..............................................................................................................131
13.50 Source VM Uses SR-IOV NIC...............................................................................................................................132
13.51 Source Image Is the Image of a Quickly Provisioned VM.....................................................................................133
13.52 Guest OS of the Source image Is Not Supported on the Target Cloud Platform...................................................133
13.53 Different Boot Loader Type Between Source VM and Target Image....................................................................134
13.54 The OS of target platform which only support virtio bus type has more than 25 disks.........................................134
1 Overview
1.1 Introduction
The PCS tool allows HCS 6.5.1 to interconnect with FusionCompute V100R006C10SPH109
standard version and evolves VMs that use advanced SAN storage and FusionStorage to the
HCS 6.5.1 OpenStack cloud platform.
Deploy PCS.
Perform switchover.
Confirm services.
Clear resource.
2 Technical Support
System switchover, covering system service data, is a high-risk activity and affected by
multiple factors, and therefore the switchover may fail.
You are advised to follow a professional service process to implement the switchover and thus
identify potential risks in advance.
4 Switchover Restrictions
4.1 Networking
Figure 4.1 Networking
Ensure that the ports listed in the communication matrix are enabled on the system and
network firewalls. You are advised to disable the firewall on the source system and enable it
after the switchover. You are advised to set the security group policy of the target platform to
ensure that the source platform, target platform, and PC communicate with each other after
successful switchover.
guest OSs on the KVM platform. If switchover must be performed, carry out a survey as
required.
For guest OSs that support UEFI boot in Xen but do not support this function in KVM,
use new Guest OSs on the KVM platform. If switchover must be performed, carry out a
survey as required.
For USB passthrough VMs, services that depend on the USB device cannot be used in
these VMs after the switchover. Therefore, the customer needs to bind the USB device to
these VMs on the target platform.
After switchover, Tools is installed by default. And, you can uninstall it.
Hostname may be changed after switchover when VM configured
DHCLIENT_SET_HOSTNAME=yes, For details, see
https://support.huawei.com/enterprise/en/knowledge/EKB1001577902.
If there are the following alarms in the system alarm monitoring, an exception may occur
during the PCS switchover. In this case, you are recommended to rectify the fault based
on Huawei Cloud Stack 6.5.1 Product Document. .
and drill. For details about how to handle the extra snapshot fee, see Returning the Extra
Fees of PCS Snapshots During the Switchover and Drill. However, the snapshot of a VM
or volume is not charged.
− Source VMs whose guest OSs do not support online disk snapshots
− Images (Drill can be performed through switchover and rollback.)
− VMs that use non-persistent disks
− VMs that use shared volumes
− VM that has more than 25 disks (or disks in slot ID greater than slot 25) or uses
PRDM disks, and uses the guest OS that does not support virtio-scsi on the target
platform
− DR VMs
− Antivirus service VMs
− Antivirus client VMs
− VMs that use GPUs
− VMs where Tools is not running
− VMs that are not in the running or shutdown state
− VMs with more than 64 vCPUs
− VMs that use MAC addresses used by the target KVM platform
− VMs that use guest OSs not supported by the target KVM platform
− VMs that use UEFI boot firmware not supported by the target KVM platform
− VMs whose CPU quota and disk IOPS exceed the limit supported by the KVM
platform
− Types of DVSs connected to the source platform and target platform are different.
− The source VM or disk has 32 snapshots.
− Source VMs use independent persistent disks and VM snapshots exist.
− The Guest OS Does Not Support Online Drill.
− The Hardware Configuration of Source VM Exceeds the Specifications Supported by
GuestOS.
− iCache Is Configured for a Template VM.
Xen VM switchover is not supported on the following Xen VMs or in the following
scenarios:
− VMs that use non-persistent disks
− All VMs using the shared volume are not shut down.
− VM that has more than 25 disks (or disks in slot ID greater than slot 25) or uses
PRDM disks, and uses the guest OS that does not support virtio-scsi on the target
platform
− DR VMs
− Antivirus service VMs
− VMs where Tools is not running
− VMs that are not in the running or shutdown state
− VMs that use MAC addresses used by the target KVM platform
− VMs that use guest OSs not supported by the target KVM platform
− VMs that use UEFI boot firmware not supported by the target KVM platform
− VMs whose CPU quota and disk IOPS exceed the limit supported by the KVM
platform
− Types of DVSs connected to the source platform and target platform are different.
5 Compatibility List
For details about the guest OS support policies, contact Huawei technical support.
For a guest OS no longer supported by the Huawei cloud platform, the support team is not obligated to
provide assistance in any switchover problems related to this OS.
For the list of VMs that have reached EOS in HCS 6.5.1, please switch over by application.
For guest OSs that support switchover, see section 11.2"Guest OSs that Support Switchover."
FusionSphere PCS 6.5.1.1 Operation Operation guide to the tool for switching from
Guide (HCS Xen to KVM) Xen to KVM
Material Description
The KVM AZ configuration mode must be consistent with the backend storage configuration mode of
the Xen AZ.
----End
In a DR environment, pay attention to the following items. Otherwise, the DR function of the KVM
AZ may be unavailable after the switchover.
You need to configure a storage identifier (storage SN of the backend storage pool) for the disk types
of the backend storage pool connected to KVM.
Only one backend storage device can be added to the backend storage of the new disk type.
Step 6 Log in to a FusionSphere OpenStack node and run the source set_env command to set
environment variables.
Step 7 Run the nova list --all-t command to view the VM list and take a note of the IDs of the PCS
Controller and Agent VMs.
Step 8 Run the neutron net-list command to view the network list and take a note of the network ID
of Public_Service.
Step 9 Run the following command to configure the NIC and IP address of the Tomcat service for
the PCS Controller VM:
nova interface-attach --net-id ${Public_Service} ${server} In this command, $
{Public_Service} indicates the network ID recorded in Step 4, and ${server} is the ID of the
PCS Controller VM.
Step 10 Restart PCS Controller.
Node names can be customized for Controller and Agent VMs and IP addresses can be allocated
using the platform.
The password cannot be injected. To change the password, log in to the system as the root user and
change the password of the gandalf or root user after the environment is installed.
----End
Configure a third-party File Transfer Protocol (FTP) server to back up important data on the controller
node. After the FTP server is configured, the controller node automatically sends important data to the
FTP server at 02:00:00 every day. If a system exception occurs, the backup data can be used to restore
the system.
Step 11 Use PuTTY to log in to the active controller node as user gandalf, run the su - root command
enter the password of user root to switch to user root, and run the TMOUT=0 command to
disable user logout upon system timeout.
Step 12 Run setConfig to configure data backup and enter yes.
The configuration information is displayed. If the information is correct, enter yes. Otherwise,
enter no and run the setConfig command again.
Backup configure :
----End
Change the default password upon the first login. For details about the default password, see "Account
Information List."
Only one cloud platform can be configured for one controller.
Step 21 Configure the agent administrator account based on "Configuring the Agent Administrator
Account" Take a note of the username and password of the agent administrator and the agent
tenant ID to prepare for registering the cloud platform.
Step 22 On the PCS cloud platform management page, click Add Cloud Platform. On the displayed
page, set basic information for the HCS 6.5.1 ManageOne platform. Set Category to Cloud
Suite, and Version to 6.5. Obtain the values of ManageOne Operation Portal Floating IP
Address and ManageOne Operation Portal Port Number from the LLD file in the
environment. Set Agent Administrator Username, Agent Administrator Password, and
Agent Administrator Tenant ID based on the information of the created agent administrator.
Then, click Next.
These three IP addresses can be searched in the LLD configuration file, and the keywords in the LLD
files generated by ManageOne of different versions may be different in case. Therefore, you are advised
to search for the keywords in case-insensitive mode to obtain the IP addresses.
Step 24 Configure the interconnected FusionCompute platform information. Enter the logical host
name of the FusionCompute platform, interconnection username and password configured in
Step 19, and interconnection user password, and click Next.
Step 25 In the Region Type III networking, if no SDN is deployed, you need to enter the information
about the VLAN pool used for the drill. Click Add and enter the available start VLAN ID and
end VLAN ID. You can add multiple VLAN segments. Click Next after the configuration is
complete.
The VLANs in all VLAN segments must allow traffic to pass through on the hosts in the target AZ. The
VLANs are used to create the drill network during the VM drill in the Region Type III networking.
Theoretically, the number of VLANs in the pool must be greater than or equal to the number of NICs of
a drill VM because the subnet of each NIC uses a VLAN to create a drill subnet. Otherwise, the drill
fails.
Step 26 Confirm the information. Check whether the information configured in the preceding steps is
correct. You can click Previous to roll back and modify the information. If the information is
correct, click Confirm to register the cloud platform.
After the cloud platform is successfully registered, its VM list, storage resource list, and network
resource list can be automatically displayed.
After the cloud platform is added, the user roles cannot be modified.
To change the passwords of interconnection accounts during the switchover, see Changing
Passwords of Interconnection Accounts During the Switchover.
After the cloud platform is added successfully, the following page is displayed.
To modify information, click Modify in the Operation column to modify the information, or
click Delete and add the information again.
----End
If multiple VMs need to be switched over and there are sufficient idle resources in the target
environment, multiple agent nodes can be deployed to improve switchover efficiency.
Step 27 On the PCS management page, choose the current platform CloudPlatform and click
Register VMs. On the Register VMs page, select the corresponding tenant/project/agent VM
and click Register.
Step 28 On the PCS management page, choose Cloud Platform Management > CloudPlatform >
Agents, and click Add Agent. On the Add Agent page, specify Name, set Type to Injection
driver, and select the name of the VM to be registered for VM. Then, click Confirm.
After an agent VM is added, the information about the registered agent VM is displayed on
the Agents page. You can click Modify to change the agent name and type. If an error occurs,
click Delete and add the agent again.
----End
7 System Configuration
Step 30 On the Service Configuration page, you can set Check critical items only or Check all
items for VM Switchover Pre-check Configuration and then click Confirm.
----End
On the displayed page, all parameters are editable, and you can configure them.
Step 34 In the System Timeout area, select a value and click Confirm.
When the idle time exceeds the value, user logout occurs, and the user needs to log in to the system
again.
Step 35 In the displayed dialog box, click Confirm to complete the configuration.
----End
8 Image Switchover
1. The image must be switched over before the VM that is created using the image. Otherwise, the
pre-check fails during the VM switchover.
2. Image foolproofness can be used to prevent common VM-related operations rather than
administrators' operations. Therefore, during the switchover, do not delete or modify images on Service
OM and the management interface. Otherwise, exceptions that cannot handle will occur.
3. If the boot firmware of the image is UEFI, ensure that the metadata of the image contains the
hw_firmware_type field, which indicates the image startup type. Otherwise, the VM may fail to be
started during the image switchover or the VM created using the image after the switchover fails to be
started. You can run the following command to view the hw_firmware_type field of the image metadata:
Run the following command to set the hw_firmware_type field of the image metadata, in which
$firmware_type can be bios or uefi:
4. Since the latest ECS console may not support issuing VM of UEFI firmware type, the image you
just updated by above command will not able to be selected while creating VM. If you still want to issue
VM on XEN, you have to update the metadata back with above command.
Step 37 If Serious is displayed for Switchover Pre-check, click the VM name to go to the VM details
page. Click Recheck to view the cause and rectify the fault based on the Obstacle item. After
the processing is complete, click Recheck.
After the image is registered successfully, the image and the VM are displayed on the VMs tab page of
the cloud platform management page.
The image specifications include only memory parameters.
----End
The image must be switched over before the VM that is created using the image. Otherwise, the pre-
check fails during the VM switchover.
Step 39 On the Modify Target Resource tab page, if you want to change the default password of the
image, select Password Protection on the right of the image. The default password is
Image1!2@. If you need to set the password, modify the configuration file before the
switchover. In the /opt/cloudos/pcs/controller/apps/pcs-website/WEB-
INF/classes/conf/switch-vm.conf file, change the value of the adminPass field. If you do not
want to change the default password of the image, deselect Password Protection.
Step 40 For details about other steps, see section 9.3"Creating a Switchover Plan."
----End
Step 42 On the Modify Target Resource tab page, if you want to change the default password of the
image, click Password Protection on the right of the image and select Yes for Set Password
in the displayed dialog box. The default password is Image1!2@. If you need to set the
password, modify the configuration file before the switchover. In the
/opt/cloudos/pcs/controller/apps/pcs-website/WEB-INF/classes/conf/switch-vm.conf file,
change the value of the adminPass field. If you do not want to change the default password
of the image, do not click Password Protection.
Step 43 For details about other steps, see section 9.3"Creating a Switchover Plan."
----End
In a DR environment, you need to switch the source images in all regions to the target AZ and ensure
that the disk bus type is the same as the image type to prevent image loss after the DR environment
switchover.
----End
The Cloud Platform VM List page can be customized by tenant and project.
A pre-check is performed automatically when the VM to be switched over is registered.
Step 46 If Major is displayed for Switchover Pre-check Result, click the VM name to go to the VM
details page. Then, click Switchover Pre-check to view the cause and rectify the fault based
on information in the Obstacle area. After the processing is complete, click Recheck.
If the obstacle items do not affect the drill or switchover, set Ignore to them on the System page.
----End
Step 49 Set the mapping between the source and target resources of the VM to be switched over.
Set Target Volume Type to the default mapping target volume type. You can click Modify
Target Volume Resource to modify the target volume type.
Step 50 Perform switchover pre-check for the VM to be switched over and process the detection
result.
If Normal is displayed in the Check Result column, no risk item or item that cannot be
switched over is detected on the VM.
For a VM whose check result is not normal and values, rather than Normal, are displayed in
the Drill Impact or Switchover Impact column in the Obstacle area, click the arrow next to
the VM name to expand the obstacle information.
Based on the information in Obstacle, select Using System Configuration, Ignore, or
Adjust VM Later for Handling Action (Drill) and Handling Action (Switchover). After
doing this, click Next.
Step 51 After confirming that the switchover task information is correct, click Confirm to create the
switchover task.
Step 52 For risk VMs, you need to eliminate the risks on the source platform and then perform a
check again.
Step 53 In the switchover task, click the VM name. Under Basic Information, click Switchover Pre-
check and then click Recheck to check the VM again. If the message "the check result is
normal" is displayed, the operation is successful.
----End
Step 55 Locate the row that contains the switchover plan, click More in the Operation column, and
select Add VM to add the VM to be processed to the plan.
Also you can select Modify to modify the VM resource configuration after the switchover, or
Delete to delete the switchover plan.
Step 56 Click Drill in the Operation column. On the displayed page, select the VM to be drilled and
click Confirm. On the displayed page, click Confirm to start the drill.
Step 57 Click the arrow next to the task plan to view the drill progress and result of each VM.
Step 58 Choose VM Switchover > Switchover Task to view the execution result of each task.
If Succeeded is displayed in the Status column, the VM can be running on the target platform. You can
perform service check for the VM.
Step 59 Click the drill button next to the switchover plan. On the displayed page, locate the row that
contains the drill VM whose status is Succeeded, click Drill. On the displayed Drill page,
select End Drill, select the VM for which drill has been completed, and click Confirm.
The data generated during VM drill is deleted.
Step 60 Choose VM Switchover > Switchover Plan to view the end drill status.
The drill is performed to check whether VMs can run properly after being switched to the KVM
platform. The drill VM is a temporary VM and is deleted after the drill result is confirmed. Therefore,
the drill VM does not occupy the user quota and will not be managed by the ManageOne cloud
management platform. Therefore, it is normal that other management data is not synchronized on the
ManageOne cloud management platform except the VNC login page.
----End
If Succeeded is displayed in the Status column, the VM can be running on the target platform. You can
perform service check for the VM.
----End
This operation restores only data before the switchover. You are advised to back up the VM data, thus
avoiding data loss.
If an exception occurs on the VM that is switched to the target platform, roll back the VM.
Step 64 Locate the row that contains the VM to be rolled back, click More in the Operation column,
and select Rollback. Then, click Confirm in the dialog box that is displayed to start the
rollback operation.
Step 65 Choose VM Switchover > Switchover Task to view the execution result of the rollback task.
----End
After all VMs on a host are switched over and the confirmation is complete, remove the host from the
source platform based on HUAWEI CLOUD Stack 6.5.1 Product Document.
PCS does not create another flavor if there is already one with same parameters. Hence, if there are 2
flavors with same parameters but have different charge fee fate, administrator has to manually create
new flavor and assign fee rate in Operation Management Portal with bss_admin after switch over.
----End
To stop or delete PCS controller and agent nodes, ensure that all switchover tasks are carried out
successfully.
After the stop or deleting operations, rollback cannot be performed for VMs that are subjected to the
switchover.
10 CentOS 6.4_32bit
11 CentOS 6.4_64bit
12 CentOS 6.5_32bit
13 CentOS 6.5_64bit
14 CentOS 6.6_32bit
15 CentOS 6.6_64bit
16 CentOS 6.7_64bit
17 CentOS 6.7_32bit
18 CentOS 6.8_32bit
19 CentOS 6.8_64bit
20 CentOS 6.9_32bit
21 CentOS 6.9_64bit
22 CentOS 6.10_64bit
23 CentOS 7.0_64bit
24 CentOS 7.1_32bit
25 CentOS 7.1_64bit
26 CentOS 7.2_64bit
27 CentOS 7.2_32bit
28 CentOS 7.3_64bit
29 CentOS 7.4_64bit
30 CentOS 7.5_64bit
31 Debian GNU/Linux 7.1.0_32bit
32 Debian GNU/Linux 7.1.0_64bit
33 Debian GNU/Linux 7.2.0_32bit
34 Debian GNU/Linux 7.2.0_64bit
35 Debian GNU/Linux 7.3.0_32bit
36 Debian GNU/Linux 7.3.0_64bit
37 Debian GNU/Linux 7.4.0_32bit
38 Debian GNU/Linux 7.4.0_64bit
39 Debian GNU/Linux 7.5.0_32bit
40 Debian GNU/Linux 7.5.0_64bit
41 Debian GNU/Linux 7.6.0_32bit
42 Debian GNU/Linux 7.6.0_64bit
43 Debian GNU/Linux 7.7.0_32bit
44 Debian GNU/Linux 7.7.0_64bit
45 Debian GNU/Linux 7.8.0_32bit
46 Debian GNU/Linux 7.8.0_64bit
47 Debian GNU/Linux 7.10.0_32bit
48 Debian GNU/Linux 7.10.0_64bit
49 Debian GNU/Linux 8.0.0_32bit
50 Debian GNU/Linux 8.0.0_64bit
51 Debian GNU/Linux 8.2.0_64bit
52 Debian GNU/Linux 8.2.0_32bit
53 Debian GNU/Linux 8.4.0_64bit
54 Debian GNU/Linux 8.4.0_32bit
55 Debian GNU/Linux 8.5.0_64bit
56 Debian GNU/Linux 8.5.0_32bit
Issue 01 (2019-08-30) Huawei Proprietary and Confidential 47
Copyright © Huawei Technologies Co.,
Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Appendix 1 Common Operations
PCS login account Username: admin Has the rights of Change the default
Password: the system password upon the
IaaS@PORTAL- administrator. first login.
CLOUD9! If you enter incorrect
passwords for three
consecutive times,
the account will be
locked for five
minutes.
OS account Username: gandalf Has the rights of a If you enter incorrect
Password: common OS user. passwords for three
IaaS@OS- consecutive times, the
CLOUD9! account will be locked
for five minutes.
OS account Username: root Has the OS If you enter incorrect
Template import: administrator passwords for three
IaaS@OS- rights. consecutive times, the
CLOUD8! account will be locked
for five minutes.
Prerequisites
Conditions
An application, such as PuTTY, which can be used for remote access on various platforms is available.
You have obtained the management IP address of the node.
You have obtained the passwords of user root and user gandalf for logging in to the node.
The default password of user gandalf is IaaS@OS-CLOUD9!, and the default password of user root is
IaaS@OS-CLOUD8!.
Procedure
Step 69 Use PuTTY to log in to the OS of the node.
Ensure that the management IP address and username gandalf are used to establish the
connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section 11.8"Using PuTTY to
Log In to a Node in Key Pair Authentication Mode."
Step 70 Run the following command and enter the password of user root to switch to user root:
su - root
Step 71 Run the following command to disable user logout upon system timeout:
TMOUT=0
Step 72 Run the following command to change the password of user root:
passwd
The following information is displayed:
Changing password for user root.
Changing password for root.
(current) UNIX password:
If the following information is displayed, this password cannot be used and you must enter
another one:
BAD PASSWORD: ...
----End
Prerequisites
Conditions
You have obtained the management IP address of the node and the password of user
gandalf.
An application, such as PuTTY, which can be used for remote access on various
platforms is available.
Procedure
Step 76 Use PuTTY to log in to the OS of the node as user gandalf.
Ensure that the Management IP address is used to establish the connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section 11.8"Using PuTTY to
Log In to a Node in Key Pair Authentication Mode."
Step 77 Run the following command to change the password of user gandalf:
passwd
The following information is displayed:
Changing password for user gandalf.
Changing password for gandalf.
(current) UNIX password:
If the following information is displayed, this password cannot be used and you must enter
another one:
----End
Prerequisites
Conditions
You have logged in to PCS using the account to be changed.
Procedure
Step 81 In the upper right corner of PCS, click the name of the current login user.
Step 82 Click Change Password.
The Change Password dialog box is displayed.
Step 83 Enter the old password and the new password.
The new password must meet the requirements in the following table:
Prerequisites
SSH security hardening has been performed on the target node. Security hardening measures include:
o SSH key pair authentication mode has been enabled and the public key certificate has been
configured on the node.
o SSH password authentication has been disabled.
You have obtained the private key certificate that matches the public key certificate. If the private key
certificate is encrypted, you also need to obtain the password of the private key certificate.
Procedure
Step 85 Check whether PuTTY on the local PC has been used to log in to a node in key pair
authentication mode.
If yes, go to Step 91.
If no or you cannot confirm, go to Step 86.
Step 86 Run PuTTY and enter the IP address of the target node and the SSH port number (default
value: 22).
Step 87 In the Category area in the left pane, choose Connection > SSH > Auth.
The SSH authentication configuration page is displayed.
Step 88 Click Browse, select the prepared private key certificate in the displayed window, and click
Open.
The file name extension of the private key certificate is *.ppk. Contact the administrator to
obtain the private key certificate.
The following figure shows the SSH authentication configuration page.
Before you restore data, back up the data on the abnormal controller node to ensure that lost
data can be retrieved after the data restoration.
If the controller node is installed again due to a fault, restore the data by performing operations starting
from 26.
Prerequisites
Conditions
The required backup file is available on the controller node or a third-party backup
server.
A local PC is available to access the controller node.
You have obtained the root user password and the IP address of the Controller node.
The system is running properly.
The following conditions are met if the files backed up on the third-party server are used
to restore data:
− The local PC communicates with the third-party backup server properly.
− You have obtained the IP address of the third-party backup server.
− If the third-party backup server uses a Windows operating system (OS), you have
obtained the OS login username and password. If the backup server uses a Linux OS,
you have obtained the password of user root.
− The FTPS Server application is installed on the third-party backup server.
Procedure
Back up the data on the abnormal controller node.
Step 94 Use PuTTY to log in to the controller node.
Ensure that the management plane floating IP address and username gandalf are used to
establish the connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section "Using PuTTY to Log
In to a Node in Key Pair Authentication Mode."
Step 95 Run the following command and enter the password of user root to switch to user root:
su - root
Step 96 Run the following command to disable user logout upon system timeout:
TMOUT=0
Step 97 Run the following command to back up the data:
cronBackupUpload
The backup path is /var/backup/.
eth0:25 ......
inet addr:192.168.40.3 ......
......
Step 102 Obtain the IP address of the controller node and ensure that the IP address is:
Not the floating IP address displayed in the command output in Step 101.
The IP address of the active controller node provided in the data plan.
The other IP address provided in the data plan is the IP address of the standby controller node.
Step 103 Use PuTTY to log in to the standby controller node as user gandalf.
Ensure that the IP address of the standby controller node is used to establish the connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section "Using PuTTY to Log
In to a Node in Key Pair Authentication Mode."
Step 104 Run the following command and enter the password of user root to switch to user root:
su - root
Copy the required backup file to the active controller node.
Step 105 Run the following command to check whether any directory containing backup files is
available on the active controller node:
ll Directory containing backup files
The directory is:
/var/backup/ for automatic backup files
/var/backup/month/ for automatic monthly backup files
The data automatically backed up each month is stored only in the /var/backup/month directory.
No directory containing backup files is available on the active controller node if the following
information is displayed:
ls: cannot access /var/backup/: No such file or directory
The directory containing backup files is available on the active controller node and this
directory contains backup data if information similar to the following is displayed:
total 4
drwx------ 4 root root 4096 May 27 17:56 2013-05-27_0000000001
Step 106 Based on the command output in Step 105, check whether any directory containing backup
files is available on the active controller node and the directory contains required backup data.
If yes, go to Step 107.
If no, go to Step 109.
Step 107 Run the following command to switch to the directory containing backup files on the
controller node:
cd Directory containing backup files
The directory is:
/var/backup/ for automatic backup files
/var/backup/month/ for automatic monthly backup files
Step 108 Run the following command to copy the required backup file to the /home/GalaX8800
directory on the controller node:
cp -r YYYY-MM-DD_sn /home/GalaX8800
YYYY-MM-DD indicates the date when backup is performed, and sn indicates the serial
number of the backup file.
Go to Step 121 after this step.
Step 109 Use PuTTY to log in to the standby controller node as user gandalf.
Ensure that the IP address of the standby controller node is used to establish the connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section "Using PuTTY to Log
In to a Node in Key Pair Authentication Mode."
Step 110 Run the following command and enter the password of user root to switch to user root:
su - root
Step 111 Run the following command to disable user logout upon system timeout:
TMOUT=0
Step 112 Repeat Step 105 and check whether the directory containing backup files is available on the
standby controller node and the directory contains the required backup file.
If yes, go to Step 113.
If no, go to Step 117.
After the system is installed, neither the active or standby controller node contains the /var/backup/
directory. At this time, manually back up the data if the system services are running properly. The
generated data backup file is stored in the /var/backup/ directory. Contact technical support if the
system services are not running properly.
Step 113 Run the following command to copy the backup folder from the backup directory to the
/home/GalaX8800/ directory:
cp -r Directory containing backup files/Backup folder /home/GalaX8800
For example, run the cp -r /var/backup/2015-07-30_0000000001 /home/GalaX8800
command.
The directory is:
/var/backup/ for automatic backup files
/var/backup/month/ for automatic monthly backup files
Step 114 Run the following command to change the permission for the directory saving the backup
folder:
chmod -R 755 /home/GalaX8800/Backup folder
For example, run the chmod -R 755 /home/GalaX8800/2015-07-30_0000000001/ command.
Step 115 Use WinSCP to copy the required backup file from the /home/GalaX8800 directory to the
local PC.
Go to Step 121 after this step.
Step 116 Check the type of the OS used by the third-party backup server.
If the third-party backup server runs the Windows OS, go to Step 117.
If the third-party backup server runs the Linux OS, go to Step 119.
Contact the backup server administrator to perform operations on the third-party server if required.
Step 117 Log in to the third-party backup server over a remote desktop connection.
Step 118 Copy the required backup file from the third-party backup server to the local PC.
Go to Step 120 after this step.
Backup file name: YYYY-MM-DD.tar.gz.zip
Directory containing configuration files:
− Directory configured on the FTPS server\YYYY-MM-DD_sn\DATA\ for automatic
backup files
− Directory configured on the FTPS server\month\YYYY-MM-DD_sn\DATA\ for
automatic monthly backup files.
Directory containing database files which need to be backed up only when the Gauss
database is being used:
− Directory configured on the FTPS server\YYYY-MM-DD_sn\DB\ for automatic
backup files
− Directory configured on the FTPS server\month\YYYY-MM-DD_sn\DB\ for
automatic monthly backup files.
YYYY-MM-DD indicates the backup date, and sn indicates the serial number of a backup file
folder.
Step 119 Use WinSCP to copy the required backup file from the third-party backup server to the local
PC.
Backup file name: YYYY-MM-DD.tar.gz.zip
Directory containing configuration files:
− Directory configured on the FTPS server/YYYY-MM-DD_sn/DATA/ for automatic
backup files
− Directory configured on the FTPS server/month/YYYY-MM-DD_sn/DATA/ for
automatic monthly backup files.
Directory containing database files which need to be backed up only when the Gauss
database is being used:
− Directory configured on the FTPS server/YYYY-MM-DD_sn/DB/ for automatic
backup files
− Directory configured on the FTPS server/month/YYYY-MM-DD_sn/DB/ for
automatic monthly backup files.
Step 120 Use WinSCP to copy the required backup file from the local PC to the /home/GalaX8800
directory on the active controller node:
Backup file name: YYYY-MM-DD.tar.gz.zip
Directory containing manually-copied configuration files: /home/GalaX8800/YYYY-
MM-DD_sn/DATA/
Directory containing manually-copied database files: /home/GalaX8800/YYYY-MM-
DD_sn/DB/, which is available only when the Gauss database is being used
Restore data of the controller node.
Ensure that the management IP address of the controller node is used for logging in to the active
controller node. If you use the floating IP address for the login, exceptions will occur during data
restoration.
Step 121 Use PuTTY to log in to the active controller node and switch to user root.
Ensure that username gandalf and the management IP address of the active controller node
are used to establish the connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section "Using PuTTY to Log
In to a Node in Key Pair Authentication Mode."
Step 122 Run the following command to restore configuration data of the active controller node:
restoreGeData -t DATA -f /home/GalaX8800/YYYY-MM-DD_sn/DATA/Backup file name
The data is restored if the following information is displayed:
Congratulations! Your restore task ran successfully.
Step 123 Run the following command to restore data in the database of the controller node:
restoreGeData -t DB -f /home/GalaX8800/YYYY-MM-DD_sn/DB/backup file name
The data is restored if the following information is displayed:
----End
To avoid account conflict, you need to create an account for dual-site management configuration. In the
separation of roles scenarios:
Log in to the system as the sysadmin user and choose System > Rights Management > User
Management to create an interconnection account.
Log in to the system as the secadmin user, and choose System > Rights Management > User
Management. Locate the target user, click More in the Operation column, and select Activate
User. In the displayed page, select System administrator for User Type and sysadmin for Subrole
and then click Confirm.
Prerequisites
Conditions
You have obtained the root certificate, certificate file, and private key file from the third-party Certificate
Authority (CA).
You have obtained PuTTY.
You have obtained WinSCP.
You have obtained the management IP address of the controller node and agent node of the certificate to be
replaced and the passwords of the gandalf user and the root user.
Procedure
Check certificate files on the Agent nodes.
Step 124 Use PuTTY to log in to the Agent nodes one by one.
Ensure that the management IP address and username gandalf are used to establish the
connection.
Step 125 Run the following command and enter the password of the root user to switch to the root
user:
su – root
Step 126 Run the following command to disable user logout upon system timeout:
TMOUT=0
Step 127 Run the following commands to switch to the directory that contains the certificates:
cd /opt/cloudos/pcs/agent/certs/
ll
Information similar to the following is displayed:
total 12
-rw------- 1 root root 1233 Feb 23 12:50 agent.crt
-rw------- 1 root root 1751 Feb 23 12:50 agent.key
-rw------- 1 root root 3567 Feb 23 12:50 ca.crt
In the preceding command output, ca.crt indicates the root certificate, and agent.crt indicates
the server's certificate file, and agent.key indicates the server's private key file.
The new certificate files should be placed in the directory the same as that containing original ones. If
the newly replaced certificate has the same name as the original certificate, you need to back up the
original certificate.
If you have changed the certificate file name, accordingly change it in the configuration file by
following steps provided in (Optional) Modify the configuration file of the agent.
----End
The default password is FusionSphere123. If you have changed the password of private key
file, accordingly change it in the configuration file by following steps provided in (Optional)
Modify the configuration file of the agent.
In the preceding command output, PcsTrustKeyStore.jks indicates the root certificate, and
PcsClientKeyStore.p12 indicates the certificate file.
The new certificate files should be placed in the directory the same as that containing original ones. If
the newly replaced certificate has the same name as the original certificate, you need to back up the
original certificate.
If you have changed the certificate file name, accordingly change it in the configuration file by
following steps provided in (Optional) Modify the configuration file of the controller.
----End
The default password is FusionSphere123. If you have changed the truststore password,
accordingly change it in the configuration file by following steps provided in (Optional)
Modify the configuration file of the controller.
The passwords of client's keystore and client's truststore must be the same.
Step 6 As prompted, enter the user-defined truststore password of the client again.
Re-enter new password:
Step 8 The truststore certificate (.jks) has been generated if the following information is displayed:
Certificate was added to keystore
----End
Step 4 If you need to modify the private key password, go to Step 5. Otherwise, go to Step 10.
Step 5 Run the following command to invoke the encryption tool:
kmctool –e
Step 6 As prompted, enter the plaintext to be encrypted and press Enter to generate the encrypted
information.
please input password:
Step 7 The encrypted information has been generated if the following information is displayed.
Where cipherLen indicates the ciphertext length and cipher indicates the encrypted ciphertext.
FS_KMC_Encrypt success.
cipherLen=[216]
cipher=[AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4bBZbBW+5q4+0J/
wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKuX79jh3HOKCu+W
hRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==]
Step 8 Run the following command to open the agent.conf configuration file using the vi editor:
vi /opt/cloudos/pcs/agent/conf/agent.conf
Press i to enter the editing mode.
Change the ssl.agent.key.passwd value in the configuration file.
Change the ssl.agent.key.passwd value to the ciphertext noted down in Step 7. The changed
configuration file is as follows:
ssl.agent.key.passwd=AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4b
BZbBW+5q4+0J/wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKu
X79jh3HOKCu+WhRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==
Step 9 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 10 If you need to modify root certificate file name or file path, go to Step 11. Otherwise, go to
Step 13.
Step 11 Run the following command to open the agent.conf configuration file using the vi editor:
vi /opt/cloudos/pcs/agent/conf/agent.conf
Press i to enter the editing mode.
Change the ssl.ca.cert.path value to the latest root certificate path and file name.
Step 12 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 13 If you need to modify certificate file name or file path, go to Step 14. Otherwise, go to Step
16.
Step 14 Run the following command to open the agent.conf configuration file using the vi editor:
vi /opt/cloudos/pcs/agent/conf/agent.conf
Press i to enter the editing mode.
Change the ssl.agent.cert.path value to the latest server certificate path and file name.
Step 15 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 16 If you need to modify certificate file name or file path, go to Step 17. Otherwise, go to Step
19.
Step 17 Run the following command to open the agent.conf configuration file using the vi editor:
vi /opt/cloudos/pcs/agent/conf/agent.conf
Press i to enter the editing mode.
Change the ssl.agent.key.path value to the latest root certificate path and file name.
Step 18 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 19 Run the following command to restart the pcs-agent service:
systemctl restart pcs-agent
----End
Step 7 The encrypted information has been generated if the following information is displayed.
Where cipherLen indicates the ciphertext length and cipher indicates the encrypted ciphertext.
FS_KMC_Encrypt success.
cipherLen=[216]
cipher=[AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4bBZbBW+5q4+0J/
wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKuX79jh3HOKCu+W
hRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==]
Step 8 Run the following command to open the PcsAgentConfig.conf configuration file using the vi
editor:
vi /opt/cloudos/pcs/controller/apps/pcs-website/WEB-
INF/classes/conf/PcsAgentConfig.conf
Press i to enter the editing mode.
Change the keystorepassword value in the configuration file.
Issue 01 (2019-08-30) Huawei Proprietary and Confidential 72
Copyright © Huawei Technologies Co.,
Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Appendix 1 Common Operations
Change the keystorepassword value to the ciphertext noted down in Step 7. The changed
configuration file is as follows:
keystorepassword=AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4bBZbB
W+5q4+0J/wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKuX79j
h3HOKCu+WhRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==
Step 9 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 10 If you need to modify truststore certificate file (.jks) name or file path, go to Step 11.
Otherwise, go to Step 13.
Step 11 Run the following command to open the PcsAgentConfig.conf configuration file using the vi
editor:
vi /opt/cloudos/pcs/controller/apps/pcs-website/WEB-
INF/classes/conf/PcsAgentConfig.conf
Press i to enter the editing mode.
Change the trustkeystore value in the configuration file.
Change the trustkeystore value to the latest truststore certificate file (.jks) path and name.
Step 12 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 13 If you need to modify keystore certificate file (.p12) name or file path, go to Step 14.
Otherwise, go to Step 16.
Step 14 Run the following command to open the PcsAgentConfig.conf configuration file using the vi
editor:
vi /opt/cloudos/pcs/controller/apps/pcs-website/WEB-
INF/classes/conf/PcsAgentConfig.conf
Press i to enter the editing mode.
Change the clientkeystore value in the configuration file.
Change the clientkeystore value to the latest keystore certificate file (.p12) path and name.
Step 15 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 16 Run the following command to restart the pcsd service:
systemctl restart pcsd
----End
To ensure database security, change the default password immediately after database
installation and keep changing periodically.
The default password of the postgres user is cloudos@123.
When Controller is deployed in active/standby mode, the changed password of the GaussDB
database on the active Controller node is synchronized to the standby Controller node. You do
not need to change the password of the GaussDB database on the standby Controller node
again.
Prerequisites
Conditions
An application, such as PuTTY, which can be used for remote access on various
platforms is available.
You have obtained the management IP address of the active Controller node.
You have obtained the login passwords of the gandalf user and the root user.
You have obtained the current password of the Gauss database on the Controller node.
When Controller is deployed in active/standby mode, ensure that they can communicate
with each other properly.
The default passwords of the gandalf and root users are IaaS@OS-CLOUD9! and IaaS@OS-
CLOUD8!, respectively.
Procedure
Step 17 Use PuTTY to log in to the active Controller node.
Ensure that the management IP address and username gandalf are used to establish the
connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section "Using PuTTY to Log
In to a Node in Key Pair Authentication Mode."
Step 18 Run the following command and enter the password of the root user to switch to the root
user:
su - root
Step 19 Run the following command to disable logout on timeout:
TMOUT=0
Step 20 Run the following command to change the Gauss database password:
sh /opt/galax/gms/common/modsysinfo/modifyPostgresPwd.sh
Step 21 Enter the old password and press Enter.
Step 22 Enter a new password and press Enter.
The password must meet requirements listed in the following table.
----End
Prerequisites
Conditions
An application, such as PuTTY, which can be used for remote access on various
platforms is available.
You have obtained the management and floating IP addresses of the Controller node.
You have obtained the login passwords of the gandalf user and the root user.
You have obtained the current database password of the Controller node.
The default passwords of the gandalf and root users are IaaS@OS-CLOUD9! and IaaS@OS-
CLOUD8!, respectively.
Procedure
Do not attempt to interrupt the password change process by pressing Ctrl+C or Ctrl+Z.
Otherwise, service processes may fail to access the database, and service exceptions may
occur. If such an exception occurs, reset the password by performing the operations provided
in "Resetting the Password for Accessing Common Services in GaussDB on the Controller
Node".
----End
When Controller is deployed in active/standby mode, the changed password of the GaussDB
database on the active Controller node is synchronized to the standby Controller node. You do
not need to change the password of the GaussDB database on the standby Controller node
again.
Prerequisites
Conditions
An application, such as PuTTY, which can be used for remote access on various
platforms is available.
You have obtained the management and floating IP addresses of the Controller node.
You have obtained the login passwords of the gandalf and root users.
You have obtained the current database password of the Controller node.
The default passwords of the gandalf and root users are IaaS@OS-CLOUD9! and IaaS@OS-
CLOUD8!, respectively.
Procedure
Do not attempt to interrupt the password change process by pressing Ctrl+C or Ctrl+Z.
Otherwise, service processes may fail to access the database, and service exceptions may
occur. If such an exception occurs, reset the password by performing the following operations.
If the exception persists after several retries, contact technical support.
----End
Tenant and Project page. Select the agent tenant managed by the agent administrator and
click OK. Then the agent administrator can manage the agent VDC tenant and check whether
the VM and project to be switched are in the tenant.
----End
Step 46 Log in to the FusionCompute web client where the storage pool information xen_pool57 is
configured. Choose Storage > site > Data Store. On the page that is displayed, view the
number of storage devices to get the backend storage pool name, which is xen_pool1.
Step 47 Based on the storage pool information obtained in Step 46, locate the name of another
backend storage corresponding to the same storage pool in the backend storage of Service
OM. As shown in the following figure, the name of another backend storage is V323 and the
disk type is kvm_volume1. Click the disk type kvm_volume1 to obtain the value of the
Availability Zone, in this example, the value of the Availability Zone is az1.dc1.
Step 48 Use a browser to log in to ManageOne Maintenance Portal as the admin user.
Login address: https://IP address of ManageOne Maintenance Portal:31943. You can
obtain the login address on the portal sheet in xxx_export_all_EN.xlsm exported by
HUAWEI CLOUD Stack Deploy.
Default password of the admin user: Huawei12#$.
Step 49 On the Quick Links tab page in the lower right corner, click eReplication. On the
BCManager service management page that is displayed, choose resources > LocalServer >
autoSite > FusionSphere. If the AZ obtained in Step 45 has an AZ mapping, skip this step.
Otherwise, click Add to add the AZ mapping of CSHA or CSDR.
Step 50 Click the Volume Type Mapping tab to map the volume type of CSHA or CSDR based on
the newly created disk type obtained in Step 46.
The target volume type of CSHA or CSDR can be obtained from the volume type mapping of the
existing FusionCompute type. The volume type of FusionCompute can be obtained in Step 45.
Step 51 Click the Volume Type Mapping tab to delete the volume type mapping of the existing
FusionCompute type. The volume type of FusionCompute can be obtained in Step 45.
----End
----End
12 Appendix 2 Troubleshooting
12.1.3 Procedure
Configure the boot file.
After the OS is successfully installed on the VM, you are required to restart the VM OS. During the OS
restart process, if OS type is Red Hat, press Delete to enter the UEFI setup screen, if Suse, input “exit”
command, Other OS please refer to their official documents. Then perform the following operations:
1. Move the cursor to Boot Maintenance Manager shown in Figure 1 and press Enter.
2. Move the cursor to Boot From File shown in Figure 2 and press Enter.
3. On the Boot From File screen, move the cursor to the first option NO VOLUME LABEL
shown in Figure 3 and press Enter.
The configured boot file takes effect for only one time. You must perform the following operations to
make the configuration permanent:
1. During the OS restart process, if OS type is Red Hat, press Delete to enter the UEFI setup screen,
if Suse, input “exit” command, Other OS please refer to their official documents. Then select
Boot Maintenance Manager.
2. Move the cursor to Boot Options shown in Figure 6 and press Enter.
3. Move the cursor to Add Boot Option shown in Figure 7 and press Enter.
4. Select grub.efi again by performing 4 to 6 after the screen in 3 is displayed again. Figure 8
shows the displayed screen.
5. After grub.efi is selected, enter the Modify Boot Option Description screen shown Figure 9.
6. Press Enter to enter description information for Input the Description shown in Figure 10.
8. Press F10 to save the configuration and press Y to confirm the operation. Figure 12 shows the
screen for confirming the operation.
9. Press Esc to switch to the Boot Option screen and then select Change Boot Order shown in
Figure 13.
11. Select the description you entered in 12 and press + to move it to the top. Figure 15 shows the
screen.
12. Press F10 to save the configuration, press Y to confirm the operation, press Esc to switch to the
initial screen, and select Continue.
Step 58 In the Device Manager window, click View and then select Show hidden devices.
Step 59 Click Network adapters, and check whether network adapters Realtek RTL8139C+ Fast
Ethernet NIC and Xen Net Device Driver #N in the red boxes are displayed in the following
figure.
#N may be empty or a number, that is, multiple network adapters of Xen Net Device Driver
may exist.
Step 60 Right-click Realtek RTL8139C+ Fast Ethernet NIC and all network adapters of Xen Net
Device Driver, and then click Uninstall. In the displayed Confirm Device Uninstall dialog
box, click OK.
After the uninstallation is complete, the two types of devices are not displayed under
Network adapters in the Device Manager window.
Then, you can change the VM NIC name and network configuration as required. For example,
you can change Local Area Connection 3 to Local Area Connection and set the static IP
address that has been configured in the template for the network adapter.
----End
Procedure
Step 65 On PCS, choose VM Switchover > Switchover Task and check whether causes for the
injection task failure are as follows:
The Linux disk fails to be attached to the agent.
Failed to detach the disk from the agent, please try to perform the operation again.
The injection tool fails to find the system root partition.
The injection tool fails to decompress the kernel file. The possible cause is that there is
not enough space in the partition where the kernel file is located.
Step 66 Execute the task again.
If the fault persists, go to Step 67.
If the task execution succeeds, no further action is required.
Step 67 On the Cloud Platform Management page of PCS, choose the target platform, view agent
information, and check whether the agent VM is in the normal status.
If no, go to Step 68.
If yes, contact technical support.
Step 68 Locate the agent VM, and restart the VM, as shown in the following figure.
Prerequisites
You have obtained the administrator or the agent administrator account and password of the
ManageOne system.
You have obtained the IP address and name of the faulty controller node.
You have obtained the password of the admin user for logging in to the faulty PCS system.
Procedure
Step 72 Stop the faulty controller VMs by following the instructions provided in "Stopping a VM" in
Huawei Cloud Stack 6.5.1 Product Document.
Step 73 Deploy a controller VM by following the instructions provided in "Creating a VM from a
Template" in Huawei Cloud Stack 6.5.1 Product Document.
Before the installation, record the original IP address and node name of the faulty controller VM. During
the reinstallation, the information must be the same as the original IP address and node name.
Step 74 Restore the data of the third-party backup server on the controller node. For details, see
section "Restoring Data."
Step 75 After the restoration, log in to the PCS to check whether the services are normal and whether
the data is correct.
If yes, go to Step 76.
If no, contact technical support.
Step 76 Delete the faulty controller VM. For details, see section "Deleting a VM" in Huawei Cloud
Stack 6.5.1 Product Document.
----End
Prerequisites
You have obtained the username and password of the system administrator or agent
administrator for logging in to FusionSphere OpenStack.
You have obtained the IP address and name of the faulty controller node.
You have obtained the password of the administrator for logging in to the faulty PCS
system.
Procedure
Step 77 Log in to a FusionSphere OpenStack node and run the df -h | grep image_cache command.
Step 78 Check whether the value of Avail is greater than or equal to the total size of all selected
images.
Step 79 If the value of Avail cannot meet the requirement, set the proper size of image cache in CPS
based on Huawei Cloud Stack 6.5.1 Product Document.
----End
This section describes all the obstacle items supported by PCS, impacts on the drill and
switchover, supported handling actions, and drill and operation suggestions.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are not advised to manually bind the VM to the physical CPU cores of the host.
If the vCPU core binding is configured using Xen VRM, this feature will be discarded after
the drill.
Switchover Suggestions
If vCPU core binding is configured using Xen VRM, this feature will be discarded after the
switchover.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are advised not to manually bind the drill VM to the host. If the VM is bound to
the host through Xen VRM, the feature will be lost after the switchover.
Switchover Suggestions
If this feature is configured using Xen VRM, this feature will be discarded after the
switchover.
13.3 VM Is a Template VM
Obstacle Item Description
A VM template can be used to implement quick VM deployment. PCS does not support VM
template drill because the VM template is in the shutdown state. You can switch over the VM
template directly. If the VM template is faulty after the switchover, you can perform rollback
on PCS.
Drill Suggestions
The drill aims to check whether the guest OS and services of the VM can be properly started.
You can switch over the VM template directly. If the VM template is faulty after the
switchover, you can perform rollback on PCS.
Switchover Suggestions
During the template VM switchover, the VM is a common VM on the KVM platform.
If the VM is normal, select Finish Confirmation to complete the switchover. PCS
automatically converts the VM to a template.
If the VM is abnormal, perform rollback on PCS to roll back the switchover process. PCS will
restore the Xen template VM to the state before the switchover.
13.4 VMs that Use Shared Disks Are Not All Stopped
Obstacle Item Description
If a VM uses a shared disk, the VM cannot be subject to a drill, but can be subject to a
switchover. However, all VMs to which the shared disk is mounted must be shut down. In
addition, during the switchover, no snapshot is created for the shared disk, and data is directly
written to the shared disk. Therefore, after the rollback function of PCS is used to roll back
the VM using the shared disk, the data will be saved on the shared disk and cannot be rolled
back.
If the shared disk is on the RDM data store, that is, the shared disk is an RDM disk, the VM to
which the RDM shared disk is attached does not need to be shut down during the switchover.
However, data is written to the RDM disk during the switchover and cannot be rolled back.
If cluster services, such as Oracle RAC and MSCS, are running on a VM that uses a shared
disk, you are advised to use the capacity expansion capability at the service layer to perform
the switchover, thus avoiding the potential impact of disk controller changes on services after
the VM switchover.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
If cluster services, such as Oracle RAC and MSCS, are running on a VM that uses a shared
disk, you are advised to use the capacity expansion capability at the service layer to perform
the switchover, thus avoiding the potential impact of disk controller changes on services after
the VM switchover.
If PCS is used for the switchover and the shared disk is an RDM disk, you can directly
perform the switchover. Otherwise, you need to shut down all the VMs to which the shared
disk is mounted and perform the switchover at the same time in a window.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
Linked clone VMs cannot be directly switched. Switch over the template that is used for
provisioning linked clone VMs to the KVM platform using PCS and then use the template to
provision linked clone VMs.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly.
You are advised to ignore the obstacle item. If the source DVD-ROM drive is required for the
drill, mount the DVD-ROM drive to the drill VM on the target KVM platform.
Switchover Suggestions
You are advised to ignore the obstacle item. If the source CD-ROM drive is required for the
switchover, mount the CD-ROM drive to the target VM on the target KVM platform.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly.
You are advised to ignore the obstacle item. If the drill depends on the USB device but does
not strongly depend on the source USB device, you can bind the USB device of the target
KVM host to the drill VM.
If the drill VM is not on the target KVM host with USB devices, you can migrate the VM to
the target host.
Switchover Suggestions
You are advised to ignore the obstacle item. If a USB device is required for the switchover,
install the source USB device on the target KVM host where the VM to be switched is
located, or bind the USB device on the target KVM host to the VM to be switched.
If the switchover VM is not on the target KVM host with USB devices, you can migrate the
VM to the target host.
13.8 VM Is a DR VM
Obstacle Item Description
PCS does not support drill or switchover VMs whose DR feature was enabled.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
Uninstall the GVM driver from the VM and perform the switchover. After the switchover is
complete, reconfigure the antivirus service by referring to FusionSphere Huawei Cloud Stack
6.5.1 Product Document.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are advised to ignore the obstacle item.
Switchover Suggestions
Before the switchover, plan a host group with the HA function enabled. Then, you can switch
over the VMs with the HA function to be enabled to the host group.
If the HA function cannot be enabled for the target cluster but must be enabled for the VM,
you can enable the HA function for the VM by setting the HA substitute item on the KVM
platform after the VM is switched to the KVM.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are advised to ignore the obstacle item.
Switchover Suggestions
If a volume snapshot is available, back up the snapshot data in advance. After a VM is
switched to the KVM platform, the volume snapshot is unavailable and cannot be restored to
the time point when the snapshot was taken.
Drill Suggestions
Install Tools on the VM and ensure that Tools is running properly, and then perform the VM
drill.
Switchover Suggestions
Install Tools on the VM and ensure that the VM is running properly. Alternatively, log in to
the VM, shut down the VM in graceful mode, and then perform the VM switchover.
Drill Suggestions
If a VM is in the transient state (for example, switching or creating), perform the drill after the
VM is in the running or stopped state. If a VM is in the hibernated state, you can wake up or
shut down the VM, change the VM to the running or stopped state, and then perform the drill.
Switchover Suggestions
If a VM is in the transient state (for example, switching or creating), perform the switchover
after the VM is in the running or stopped state. If a VM is in the hibernated state, you can
wake up or shut down the VM, change the VM to the running or stopped state, and then
perform the switchover.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The drill is not supported.
is used. FusionSphere virtualization suite HCS 6.5.1 (KVM) does not support this
configuration. Therefore, VXLAN cannot be used after VMs are switched over to the target
KVM platform.
Therefore, PCS does not support the drill and switchover of such VMs.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
The drill is not supported. To perform the drill, change the CPU quota of the source VM to a
value supported by the target KVM platform.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are advised to ignore the obstacle item.
Switchover Suggestions
You are advised to ignore the obstacle item.
On the target KVM platform, set a cluster with the same configuration about whether the
memory overcommitment is enabled as that of the Xen platform. For VMs whose the
configuration about whether memory overcommitment is enabled must be retained, switch
over them to the cluster that you set. For other VMs, switch over them to other clusters.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are advised to ignore the obstacle item.
Switchover Suggestions
You are advised to ignore the obstacle item.
On the target KVM platform, set a cluster with the same configuration about whether HA is
enabled as that of the Xen platform. For VMs whose the configuration about whether HA is
enabled must be retained, switch over them to the cluster that you set. For other VMs, switch
over them to other clusters.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
During the drill, you need to perform operations, such as creating and deleting a VM
snapshot, on the source VM. Before the drill, ensure that the operation permissions are not
disabled.
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are advised to ignore the obstacle item.
Switchover Suggestions
During the switchover, you need to perform operations, such as powering off and powering
on, on the source VM. Before the switchover, ensure that the operation permissions are not
disabled.
You are advised to ignore the obstacle item. Before the switchover, record the operation
permissions that need to be disabled on the VM. After the VM is switched to the KVM
platform, reconfigure the object permissions of the VM.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
Before the drill, cancel the IOPS upper limit of the disk.
Switchover Suggestions
Before the switchover, cancel the IOPS upper limit of the disk.
Drill Suggestions
If the internal time of the VM depends on the periodic synchronization of the third-party
NTP server, ignore the obstacle item and perform the drill.
If the internal time of the VM is manually configured and is different from the host time,
check the impact of the time change on services. If the impact is acceptable, ignore the
obstacle item and perform the drill.
Switchover Suggestions
If the internal time of the VM depends on the periodic synchronization of the third-party
NTP server, ignore the obstacle item and perform the switchover.
If the internal time of the VM is manually configured and is different from the host time,
check the impact of the time change on services. If the impact is acceptable, ignore the
obstacle item and perform the switchover.
Drill Suggestions
The source VM has been deleted and no drill is required. You are advised to delete the VM
from PCS.
Switchover Suggestions
The source VM has been deleted and no switchover is required. You are advised to delete the
VM from PCS.
Drill Suggestions
Modify the switchover plan to which the VM is added, select target compute resources for the
VM, and perform the drill.
Switchover Suggestions
Modify the switchover plan to which the VM is added, select target compute resources for the
VM, and perform the switchover.
Drill Suggestions
The drill cannot be performed.
Switchover Suggestions
This obstacle item has no impacts on the switchover. For details, see "VMs that Use Shared
Disks Are Not All Stopped". To perform the switchover, stop all VMs that use the shared
disks.
Drill Suggestions
The drill is not supported. Renew the lease of the resources and then perform pre-detection
again.
Switchover Suggestions
The switchover is not supported. Renew the lease of the resources and then perform pre-
detection again.
Drill Suggestions
The drill is not supported. Restore the VM from the recycle bin in advance to perform drill.
Switchover Suggestions
The switchover is not supported. Restore the VM from the recycle bin in advance to perform
switchover.
13.35 Target AZ Does Not Have Host Groups that Meet the
Tag Requirements
Obstacle Item Description
The target AZ does not have host groups that meet the tag requirements. As a result, the cross-
AZ cold migration of the VM to the KVM AZ fails.
Drill Suggestions
The drill is not supported. Configure host groups that meet requirements in advance.
Switchover Suggestions
The switchover is not supported. Configure host groups that meet requirements in advance.
Drill Suggestions
The drill is not affected.
Switchover Suggestions
The switchover is not affected.
Drill Suggestions
Adjust the QoS of the target disk type.
Switchover Suggestions
Adjust the QoS of the target disk type.
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are advised to ignore this item.
Switchover Suggestions
You are advised to ignore this item.
Drill Suggestions
The drill is not supported. Before the switchover, configure the shared storage for the disks;
alternatively, back up and then uninstall the disks that do not share the storage.
Switchover Suggestions
The switchover is not supported. Before the switchover, configure the shared storage for the
disks; alternatively, back up and then uninstall the disks that do not share the storage.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not affected.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported. Select an image on the Xen platform for the drill.
Switchover Suggestions
The switchover is not supported. Select an image on the Xen platform for the switchover.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
If the OS type of a VM is displayed as Other on FusionCompute due to inconsistent VM
names on Service OM and FusionCompute, stop the VM on FusionCompute, correct the guest
OS type, start the VM on ManageOne Operation Management Portal, and then perform the
drill again. If a message is displayed, indicating that the guest OS is not supported, the drill is
not supported.
Switchover Suggestions
If the OS type of a VM is displayed as Other on FusionCompute due to inconsistent VM
names on Service OM and FusionCompute, stop the VM on FusionCompute, correct the guest
OS type, start the VM on ManageOne Operation Management Portal, and then perform the
switchover again. If a message is displayed, indicating that the guest OS is not supported, the
switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
13.52 Guest OS of the Source image Is Not Supported on t
he Target Cloud Platform
Obstacle Item Description
The Xen and KVM platforms support different guest OSs. If the guest OS of image is not
supported on the target platform, the image cannot be switched over.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported.
that your image switchover task is success, but the VM that issued from the new target image
can not boot up. Therefore, this obstacle item will check if the source VM’s boot loader type
from FusionCompute equals to that of target image.
Drill Suggestions
The drill is not supported. Please correct the Boot Loader type in image first.
Switchover Suggestions
The switchover is not supported. Please correct the Boot Loader type in image first.
Drill Suggestions
The drill is not supported.
Switchover Suggestions
The switchover is not supported. If the number of disks on the VM can be decreased to less th
an 25, back up data and uninstall some disks before performing the switchover..