FusionSphere PCS 6.5.1.1 Operation Guide (HCS Xen To KVM) 01

FusionSphere PCS
6.5.1.1
Operation Guide (HCS Xen to
KVM)
Issue 01
Date 2019-08-30
HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2019. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: https://e.huawei.com/
Issue 01 (2019-08-30) Huawei Proprietary and Confidential i

Copyright © Huawei Technologies Co.,
Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) About This Document
About This Document
Purpose
This document describes how to obtain, install, operate, and uninstall the FusionSphere
Platform Cross Service (PCS) tool and provides related precautions.
Intended Audience
This document is intended for:
 Switchover planning engineers
 Switchover implementation engineers
 Switchover technical support engineers
 Switchover development engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicates an imminently hazardous situation which, if not

avoided, will result in death or serious injury.
Indicates a potentially hazardous situation which, if not

avoided, could result in death or serious injury.

avoided, may result in minor or moderate injury.

avoided, could result in equipment damage, data loss,
performance deterioration, or unanticipated results.
NOTICE is used to address practices not related to personal
injury.
Issue 01 (2019-08-30) Huawei Proprietary and Confidential ii

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) About This Document
Symbol Description
Calls attention to important information, best practices and

tips.
NOTE is used to address information not related to personal
injury, equipment damage, and environment deterioration.
Change History
Changes between document issues are cumulative. The latest document issue contains all the
changes made in earlier issues.
Issue 01 (2019-08-30)
This issue is the first official release.
Issue 01 (2019-08-30) Huawei Proprietary and Confidential iii

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) Contents
Contents
About This Document....................................................................................................................ii

1 Overview.........................................................................................................................................1
1.1 Introduction....................................................................................................................................................................1
1.2 Switchover Process Overview........................................................................................................................................1
2 Technical Support.........................................................................................................................3
3 Switchover Service and Risk Precautions................................................................................4
3.1 Introduction to the Switchover Service..........................................................................................................................4
3.1.1 Information Collection and Feasibility Analysis.........................................................................................................4
3.1.2 Switchover Plan and Solution Design.........................................................................................................................4
3.1.3 Core Service Switchover Test......................................................................................................................................5
3.2 Switchover Risk..............................................................................................................................................................5
4 Switchover Restrictions................................................................................................................6
4.1 Networking.....................................................................................................................................................................6
4.2 Switchover Network Restrictions...................................................................................................................................7
4.3 Switchover Pre-implementation Requirements..............................................................................................................7
4.4 Switchover Implementation Requirements....................................................................................................................7
4.5 Impact on Services.........................................................................................................................................................7
4.6 Function Restrictions....................................................................................................................................................11
5 Compatibility List.......................................................................................................................13
5.1 Platform Compatibility.................................................................................................................................................13
5.2 Guest OS Support Policies...........................................................................................................................................13
6 Installation and Deployment....................................................................................................14

6.1 Software Obtaining.......................................................................................................................................................14
6.2 Switchover Software Specifications.............................................................................................................................15
6.3 Installation and Deployment.........................................................................................................................................15
6.3.1 Upgrading the HCS Platform to 6.5.1.......................................................................................................................15
6.3.2 Adding the Storage Pool Connected to the Xen AZ to the KVM AZ........................................................................16
6.3.3 Creating the Required Disk Type in KVM AZ..........................................................................................................16
6.3.4 Creating VM Specifications for PCS Controller and PCS Agent..............................................................................16
6.3.5 Registering PCS Controller and PCS Agent Images.................................................................................................17
Issue 01 (2019-08-30) Huawei Proprietary and Confidential iv

Ltd.
FusionSphere PCS
6.3.6 Deploying PCS Controller and PCS Agent VMs on the Target Platform.................................................................18
6.3.7 (Optional) Configuring a Backup Server..................................................................................................................19
6.3.8 Configuring the Cloud Platform................................................................................................................................21
6.3.9 Registering an Agent VM..........................................................................................................................................25
7 System Configuration.................................................................................................................27
7.1 Managing Switchover Obstacle Items..........................................................................................................................27
7.2 Configuring Password Policy.......................................................................................................................................27
7.3 Configuring the Login Timeout Period........................................................................................................................28
7.4 Viewing System Tasks..................................................................................................................................................29
8 Image Switchover........................................................................................................................30
8.1 Registering the Image to Be Switched.........................................................................................................................30
8.2 Creating a Public Image Switchover Plan....................................................................................................................31
8.3 Creating a Private Image Switchover Plan...................................................................................................................33
8.4 Completing Image Switchover and Rollback...............................................................................................................34
9 VM Drill and Switchover..........................................................................................................36

9.1 Registering the VM on Which a Drill Will Be Performed...........................................................................................36
9.2 (Optional) Deleting a Service Instance in the DR Environment..................................................................................37
9.3 Creating a Switchover Plan..........................................................................................................................................37
9.4 Adding a VM to a Switchover Plan..............................................................................................................................41
9.5 Performing Switchover Drill........................................................................................................................................42
9.6 Performing a VM Switchover......................................................................................................................................43
9.7 Confirming Services by the User.................................................................................................................................44
9.8 Rolling Back the Switchover........................................................................................................................................44
9.9 Completing Switchover................................................................................................................................................44
10 Operations After Finish Confirmation..................................................................................45

10.1 Deleting PCS Controller and Agent VMs..................................................................................................................45
10.2 (Optional) Configuring DR Relationships..................................................................................................................45
11 Appendix 1 Common Operations..........................................................................................46

11.1 Verifying Software Packages......................................................................................................................................46
11.2 Guest OSs that Support Switchover...........................................................................................................................46
11.3 Guest OSs that Do Not Support UEFI l After Switchover.........................................................................................51
11.4 Account Information List............................................................................................................................................51
11.5 Changing the Password of User root for a Node........................................................................................................53
11.6 Changing the Password of the User gandalf for a Node.............................................................................................55
11.7 Changing admin User's Password...............................................................................................................................57
11.8 Using PuTTY to Log In to a Node in Key Pair Authentication Mode.......................................................................58
11.9 Restoring Data............................................................................................................................................................60
11.10 Changing Passwords of Interconnection Accounts During the Switchover.............................................................66
11.11 Creating Interconnection Accounts on Cloud Platforms..........................................................................................66
11.12 Replacing the Security Authentication Certificate for Controller Nodes and Agent Nodes....................................66
Issue 01 (2019-08-30) Huawei Proprietary and Confidential v

Ltd.
FusionSphere PCS
11.13 Changing the Password for the GaussDB Administrator on the Controller Node...................................................74
11.14 Changing the Password for Accessing Common Services in GaussDB on the Controller Node.............................75
11.15 Resetting the Password for Accessing Common Services in GaussDB on the Controller Node.............................77
11.16 Configuring the Agent Administrator Account.........................................................................................................79
11.17 Setting the Volume Type Mapping for CSHA and CSDR........................................................................................80
11.17.1 Configuring Storage DR Rules..............................................................................................................................80
11.17.2 Adding Storage DR Rules......................................................................................................................................82
11.18 Returning the Extra Fees of PCS Snapshots During the Switchover and Drill........................................................83
12 Appendix 2 Troubleshooting..................................................................................................84
12.1 Failure to Access the System After a UEFI VM Is Switched.....................................................................................84
12.1.1 Symptom..................................................................................................................................................................84
12.1.2 Possible Causes.......................................................................................................................................................84
12.1.3 Procedure.................................................................................................................................................................84
12.2 NIC Name Change After the Switchover of Windows VMs......................................................................................93
12.3 Agent status display for Abnormal.............................................................................................................................96
12.4 Failed to Execute the Disk Configuration Injection Task During the Drill and Switchover......................................97
12.5 Faulty OS During the Deployment of Controller VMs..............................................................................................98
12.6 Failed to Switch Certain Images During the Concurrent Image Switchover.............................................................99
13 Appendix 3 Obstacle Item Description...............................................................................100

13.1 VM Has vCPU Binding Enabled..............................................................................................................................100
13.2 VM Is Bound to Host...............................................................................................................................................101
13.3 VM Is a Template VM..............................................................................................................................................101
13.4 VMs that Use Shared Disks Are Not All Stopped....................................................................................................102
13.5 Linked Clone Disks Have Been Attached to a VM..................................................................................................103
13.6 ISO File or UVP VMTools Is Mounted to the VM..................................................................................................104
13.7 USB Device Is Mounted to a VM............................................................................................................................104
13.8 VM Is a DR VM.......................................................................................................................................................105
13.9 VM Is an Antivirus Guest VM (GVM)....................................................................................................................106
13.10 VM Is a Secure VM (SVM)...................................................................................................................................106
13.11 GPU Device Is Mounted to a VM..........................................................................................................................107
13.12 HANA Configuration Is Enabled on the VM.........................................................................................................108
13.13 VM Uses Local Disk (Non-Virtualization) Storage...............................................................................................108
13.14 VM Uses SAN Storage (Non-Virtualization).........................................................................................................109
13.15 VM Uses Virtualized Local Hard Disks.................................................................................................................109
13.16 HA Function Is Enabled for the VM, but the Host Group with the HA Function Enabled Does Not Exist in the
Target AZ..........................................................................................................................................................................110
13.17 VM Has a VM Snapshot or Volume Snapshot........................................................................................................111
13.18 Tools (PV Driver) Is Not Running..........................................................................................................................111
13.19 Source VM Is Not in the Running or Stopped State...............................................................................................112
13.20 Disk Configuration of the Source VM Changes After the VM Is Added to a Switchover Plan.............................113
13.21 Source Port Group Uses VXLAN...........................................................................................................................113
Issue 01 (2019-08-30) Huawei Proprietary and Confidential vi

Ltd.
FusionSphere PCS
13.22 Configurations of Whether Memory Overcommitment Is Enabled Are Different for the Source Clusters and
Target Platforms................................................................................................................................................................114
13.23 Configurations of Whether HA Is Enabled Are Different for the Source Clusters and Target Platforms..............115
13.24 Affinity or Anti-affinity Rule Is Configured for the Source VM............................................................................116
13.25 Object Operation Permissions Are Configured for the Source VM.......................................................................116
13.26 Source VM Uses a Passthrough DVS.....................................................................................................................117
13.27 Source VM Uses the Port Group of a DVS in Network Enhancement Mode........................................................118
13.28 QoS (Upper Limit of IOPS) Is Configured for Disks of the Source VM, Which May Affect the Driver Injection
Speed During the Switchover...........................................................................................................................................118
13.29 Source VM Is Configured with a Free Clock.........................................................................................................119
13.30 Source VM Does Not Exist....................................................................................................................................120
13.31 Target Compute Resources Are Unavailable..........................................................................................................120
13.32 VM Uses a Shared Disk.........................................................................................................................................121
13.33 VM Resources (VM, Disk, or VPC) Have Expired...............................................................................................122
13.34 VM Has Been Soft Deleted....................................................................................................................................122
13.35 Target AZ Does Not Have Host Groups that Meet the Tag Requirements.............................................................123
13.36 VM Is Configured with CPU QoS..........................................................................................................................123
13.37 QoS of the Source Disk Type Is Different from That of the Target Disk Type......................................................124
13.38 VM Disk Image Does Not Exist.............................................................................................................................125
13.39 VM Is Attached with Disks That Do Not Share the Storage..................................................................................125
13.40 Disks of the Source VM Are Not in the in-use State (For Example, Maintenance State)......................................126
13.41 Number of Subnets of the Source VM Is Greater than the Number of Drill VLANs............................................126
13.42 Source VM Disk Image Has Not Been Switched Over..........................................................................................127
13.43 Source Image Does Not Support FusionCompute..................................................................................................128
13.44 Source Image Does Not Exist.................................................................................................................................128
13.45 Source Image Has Expired.....................................................................................................................................129
13.46 Resource Tag of the Source VM Flavor Is Not Supported.....................................................................................129
13.47 Guest OS of the Source VM Is Not Supported on the Target Cloud Platform.......................................................130
13.48 Number of Disks Attached to a VM Exceeds 59....................................................................................................131
13.49 Source VM Is a Rapidly Provisioned VM..............................................................................................................131
13.50 Source VM Uses SR-IOV NIC...............................................................................................................................132
13.51 Source Image Is the Image of a Quickly Provisioned VM.....................................................................................133
13.52 Guest OS of the Source image Is Not Supported on the Target Cloud Platform...................................................133
13.53 Different Boot Loader Type Between Source VM and Target Image....................................................................134
13.54 The OS of target platform which only support virtio bus type has more than 25 disks.........................................134
Issue 01 (2019-08-30) Huawei Proprietary and Confidential vii

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Overview
1 Overview
1.1 Introduction
The PCS tool allows HCS 6.5.1 to interconnect with FusionCompute V100R006C10SPH109
standard version and evolves VMs that use advanced SAN storage and FusionStorage to the
HCS 6.5.1 OpenStack cloud platform.
1.2 Switchover Process Overview

1. Preparations before the switchover: Prepare the environment that meets switchover
requirements, HCS 6.5.1 target platform, and PC client.
2. Drill: Before a VM switchover, carry out a drill to ensure that the VM can run properly
on the target platform.
3. Switchover: Switch over VMs from the source platform to the target platform.
4. Test verification: Verify that the switched over system and applications can work
properly.
Issue 01 (2019-08-30) Huawei Proprietary and Confidential 1

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Overview
Upgrade the HCS2.x

platform.
Create target KVM resource

pool using HCS.
Deploy PCS.
Perform the drill.
Complete the drill.
Perform switchover.
Confirm services.
Confirm the switchover.
Clear resource.

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Technical Support
2 Technical Support
A professional technical team is responsible for switchover evaluation, switchover solution

design, and switchover implementation, and provides complete technical support, ensuring
smooth evolution of customer services from the HCS 2.X platform to the HCS 6.5.1 platform.

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Switchover Service and Risk Precautions
3 Switchover Service and Risk Precautions
System switchover, covering system service data, is a high-risk activity and affected by
multiple factors, and therefore the switchover may fail.
You are advised to follow a professional service process to implement the switchover and thus
identify potential risks in advance.
3.1 Introduction to the Switchover Service

The professional switchover service consists of the following phases: information collection,
switchover feasibility analysis, service switchover risk and countermeasures, switchover plan
formulation, switchover solution formulation, switchover tool and solution test, service
switchover implementation, and service switchover acceptance.
3.1.1 Information Collection and Feasibility Analysis

Check whether the guest OS supports the switchover by referring to "Guest OSs that Support
Switchover."
If the guest OS does not support the switchover, the switchover cannot be performed.
The storage can be only advanced SAN storage and FusionStorage.
3.1.2 Switchover Plan and Solution Design

To ensure the efficiency and success rate of switching from Xen to KVM, you are advised to:
 Plan the drill network and prepare test VMs for service verification in advance to achieve
the VM drill purpose.
 Perform switchover in batches if the services deployed on a VM are not coupled with
other VMs.
 Perform the switchover for VMs that are associated with each other in the same batch.
For example, the database service is deployed on vm1, and vm2 needs to access the
database of vm1, or vm3, vm4, vm5, and vm6 provide cluster applications, you are
advised to place vm1 and vm2 in the same batch and vm3, vm4, vm5, and vm6 in the
same batch.

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Switchover Service and Risk Precautions
3.1.3 Core Service Switchover Test

To ensure that services run properly after the core service VMs are switched from Xen to
KVM, you are advised to:
 Clone a VM that has core services by following "Making a VM Clone from a Parent
VM" in the Huawei Cloud Stack 6.5.1 Product Document. Before this, switch over the
cloned VM. After verifying that services are running properly on the cloned VM, switch
over the VM that carries core services.
 If third-party software is deployed on the service VM, contact the third-party vendor for
technical support in advance.
 If the service license deployed on the VM is related to the hardware ESN, the license
may need to be activated again after the VM is switched from Xen to KVM. Contact the
service provider in advance and activate the license again after the switchover.
 If the Windows license is of the OEM type, you need to reactivate the Windows license
after the VM is switched from Xen to KVM.
3.2 Switchover Risk

System switchover is a high-risk activity and may fail to be implemented due to such factors
as the network environment, platform, OS, and old service system. You are advised to back up
core service data before the switchover.

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Switchover Restrictions
4 Switchover Restrictions
4.1 Networking
Figure 4.1 Networking
 Ensure that the ManageOne cloud platform, OpenStack, interconnected FusionCompute

(Xen) platform, and client PC can communicate with each other.
 The target AZ resource pool can access and reuse resources in the existing storage pool
of Xen.
 Ensure that VLANs have been configured on the access switches in the KVM resource
pool and subnets are associated with the VLANs so that the PCS Controller can
communicate with PCS Agent.
 If no SDN is deployed, you need to configure at least N VLANs on the access switches
in the KVM resource pool and associate the VLANs with subnets so that a drill subnet
can be created for each NIC. N indicates the number of VM NICs.
 For details about ports to be opened for switchover, see the FusionSphere PCS 6.5.1
Communication Matrix.

Ltd.
FusionSphere PCS
Ensure that the ports listed in the communication matrix are enabled on the system and
network firewalls. You are advised to disable the firewall on the source system and enable it
after the switchover. You are advised to set the security group policy of the target platform to
ensure that the source platform, target platform, and PC communicate with each other after
successful switchover.
4.2 Switchover Network Restrictions

Only LAN supports switchover. WAN and NAT networks do not support switchover.
Switchover implementation requires no packet loss, no jitter, latency less than 2 ms, and bandwidth greater than
100 Mbit/s. If such QoS requirements are not met, a switchover failure is highly possible.
The executor can access management plane networks of the ManageOne and OpenStack platforms.
4.3 Switchover Pre-implementation Requirements

 The HCS 2.X to be evolved must be upgraded to HCS 6.5.1, and the interconnected
FusionCompute (Xen) must be upgraded to V100R006C10SPH109.
 To avoid time jump after VM switchover, the target and source compute nodes must be
synchronized in time.
 The remaining storage space must be sufficient for snapshot creation during drill, and
driver injection during drill or switch, which will generate about 300 MB data per VM.
 Check the background periodic tasks which will operate source Xen VMs in advance,
and stop these tasks during the switchover window period.
 If a Xen VM has the DR service enabled, disable the DR service before the switchover
and reconfigure DR after the switchover.
4.4 Switchover Implementation Requirements

 Do not change the account role used for interconnection during switchover.
 To change the passwords of interconnection accounts during the switchover, see
Changing Passwords of Interconnection Accounts During the Switchover.
 To switch over a VM or VM template in offline mode, the customer needs to ensure that
there is no operations performed on the VM or VM template and its background periodic
tasks are stopped.
4.5 Impact on Services

 After VM switchover, the customer needs to confirm the correctness of internal services.
 A Windows OEM license may be invalid after the switchover and needs to be
reactivated.

Ltd.
FusionSphere PCS
 After a VM switchover is complete, a snapshot is created by default for the rollback

purpose, and this affects the I/O performance and occupies extra storage space. If the
user confirms that the service is normal, the snapshot is automatically deleted after
completion of the switchover is confirmed on PCS, and rollback is not supported. If the
user confirms that the service is abnormal, the data can be restored to the state before the
switchover after rollback is performed on PCS, and the data generated between the
switchover and the rollback is lost.
 For Xen VMs with historical VM snapshots or volume snapshots, historical snapshot
points are invisible after switchover and these VMs cannot be restored to these points. To
prevent impacts on performance after the switchover, you are advised to delete snapshots
before the switchover.
 All VMs that use the shared volume must be shut down before the switchover.
 After a VM is switched from Xen to KVM, the existing DR needs to be reconfigured by
an administrator.
 Database applications (especially Oracle) and cluster applications (such as MSCS) are
recommended to be switched over using an existing application switchover solution.
 The features of the source and target platforms are different. Therefore, before the
switchover, evaluate the service dependency on features that are not provided by the
target platform.
 Differences between capability and compatibility of Xen and KVM platforms bring the
following effects:
− For VMs that are bound to CPUs or hosts, you need to manually set the binding again
after the switchover.
− For VMs that are bound to hosts and for which resources are reserved, these
configurations need to be configured again after switchover.
− For VMs that are mounted with the CD-ROM drive device/file and Tools ISO, you
need to manually mount the drive again after the switchover.
− For antivirus VMs, reconfigure the antivirus function based on the KVM antivirus
configuration guide.
− For VMs that use GPU devices, reconfigure the GPU based on the KVM GPU
passthrough or virtualization configuration guide.
− For VMs whose IDE disk slot IDs are the same as the SCSI disk slot IDs, the slot IDs
of the SCSI disks in the PRDM mode change.
− For VMs that have IP and MAC binding enabled and use DHCP-based automatic
assigning, the IP and MAC address binding fails after switchover.
− For VMs that use a subnet port group, you need to manually configure the subnet
after the switchover.
− For VMs that are enabled with Guest NUMA (the number of sockets is greater than 2
and Guest NUMA is enabled for the cluster), the VM NUMA topology may change.
− For VMs that have an affinity rule configured, you need to reconfigure the affinity
rule after switchover.
− For VMs that have object operation permissions configured, you need to manually
configure object operation permissions after switchover.
− For VMs that have a free clock configured and whose time is manually adjusted and
does not depend on the NTP server, the host time prevails after the switchover. There
is no time deviation between the time that you manually adjust and the host time.
 For guest OSs, mainly OSs whose warranty periods expire and Unix OSs used at only a
site in South Africa, that are supported by Xen but are not supported by KVM, use new

Ltd.
FusionSphere PCS
guest OSs on the KVM platform. If switchover must be performed, carry out a survey as
required.
 For guest OSs that support UEFI boot in Xen but do not support this function in KVM,
use new Guest OSs on the KVM platform. If switchover must be performed, carry out a
survey as required.
 For USB passthrough VMs, services that depend on the USB device cannot be used in
these VMs after the switchover. Therefore, the customer needs to bind the USB device to
these VMs on the target platform.
 After switchover, Tools is installed by default. And, you can uninstall it.
 Hostname may be changed after switchover when VM configured
DHCLIENT_SET_HOSTNAME=yes, For details, see
https://support.huawei.com/enterprise/en/knowledge/EKB1001577902.
 If there are the following alarms in the system alarm monitoring, an exception may occur
during the PCS switchover. In this case, you are recommended to rectify the fault based
on Huawei Cloud Stack 6.5.1 Product Document. .
ALM-6017 Faulty Host

ALM-6018 Host CPU Usage Exceeds the Threshold
ALM-6019 Host Memory Usage Exceeds the Threshold
ALM-6021 Host Network Port Fault
ALM-6023 Host Storage Link Failure
ALM-6024 Management Storage Link or Authentication Failure
ALM-6030 IP Addresses Conflict
ALM-70086 Certificate Expiration Early Warning
ALM-73011 Key Process Fault
ALM-73014 Integrity of the System File Is Abnormal
ALM-73104 OVS/EVS Service Is Not Responding
ALM-73107 VM Is Abnormally Restarted for Multiple Times
ALM-73203 Component Fault
ALM-73303 VRM Server Disconnected
ALM-73401 Faulty RabbitMQ Service
ALM-73411 Database Files Damage
 The charging function of ManageOne requires the permission of the bss_admin user,
that is, the administrator account for logging in to ManageOne Operation Portal.
Therefore, the charge rate of the VM specifications created during the switchover must
be manually set by the bss_admin user after the switchover based on section "Setting
Charge Rate" in Huawei Cloud Stack 6.5.1 Product Document and the charge rate of the
original VM specifications.
 Currently, no method is available to set snapshots free of charge. Therefore, the snapshot
created during PCS switchover and drill will inevitably be charged during the switchover

Ltd.
FusionSphere PCS
and drill. For details about how to handle the extra snapshot fee, see Returning the Extra
Fees of PCS Snapshots During the Switchover and Drill. However, the snapshot of a VM
or volume is not charged.

Ltd.
FusionSphere PCS
4.6 Function Restrictions

 Support only HCS Standard edition.
 In the HCS scenario, the PCI number changes because the underlying engine changes
after the VM switchover. If the customer has applications that strongly depend on the
PCI number, the functions of the applications are affected after the switchover. You are
not advised to perform the switchover.
 Switchover can be performed only when VMs that use V3 advanced SAN storage and
FusionStorage data storage.
 Xen resource pools using IPv4 cannot be switched over to KVM resource pools using
IPv6.
 Before switching over an antivirus guest VM (GVM), you need to uninstall the GVM
driver from the VM and then switch over the VM.
 To switch over a VM in GPU sharing mode, you need to uninstall the shared memory
driver from the VM and then switch over the VM.
 If other advanced functions, such as AS, ELB, and RDS, are configured for the ECS in
the original AZ, the advanced service configuration will be lost after the switchover.
Make a plan in advance and re-configure the functions after the VM is switched to the
target AZ.
 Support only images in Glance.
 Support only single Region deployment.
 Support only Region Type III.
 Currently PCS does not support SCSI passthrough disk switchover of XEN FC.
 Currently The VM switched by PCS does not support Whole-VM cold Migration.
 The restrictions on the guest OS configuration of the VM to be switched over are as
follows:
− The VM disk peripheral type changes from Xen IDE(pvblk) to virtio-blk or virtio-
scsi. The VM NIC type changes from PVNet to virtio-net. If the internal service of
the VM strongly depends on the peripheral type, the service needs to be adjusted and
adapted.
− The remaining space of the system disk on the Windows VM must be greater than or
equal to 300 MB. The remaining space of the system disk on the Linux VM must be
greater than or equal to 200 MB, and that of the /boot directory must be at least four
times the actual size of initrd.
− Only VMs that use mainstream file systems, such as ext2, ext3, ext4, btrfs, cramfs,
FAT, Minix, MS-DOS, VFAT, XFS, and NTFS, are supported.
− On a Linux VM, data disks that are mounted in UUID, LVM, or partition mode are
remounted based on the configuration in /etc/fstab after the switchover. Data disks
that are mounted in non-mainstream mode (including by-id, by-path, and by-label)
are not automatically mounted after the switchover. You need to manually mount
such data disks.
− VMs cannot be switched over when multiple guest OSs are installed, including
multiple guest OSs installed on multiple partitions on the same disk and multiple
guest OSs installed on different disks.
 Do not perform the online drill on the following Xen VMs or in the following scenarios:

Ltd.
FusionSphere PCS
− Source VMs whose guest OSs do not support online disk snapshots
− Images (Drill can be performed through switchover and rollback.)
− VMs that use non-persistent disks
− VMs that use shared volumes
− VM that has more than 25 disks (or disks in slot ID greater than slot 25) or uses
PRDM disks, and uses the guest OS that does not support virtio-scsi on the target
platform
− DR VMs
− Antivirus service VMs
− Antivirus client VMs
− VMs that use GPUs
− VMs where Tools is not running
− VMs that are not in the running or shutdown state
− VMs with more than 64 vCPUs
− VMs that use MAC addresses used by the target KVM platform
− VMs that use guest OSs not supported by the target KVM platform
− VMs that use UEFI boot firmware not supported by the target KVM platform
− VMs whose CPU quota and disk IOPS exceed the limit supported by the KVM
platform
− Types of DVSs connected to the source platform and target platform are different.
− The source VM or disk has 32 snapshots.
− Source VMs use independent persistent disks and VM snapshots exist.
− The Guest OS Does Not Support Online Drill.
− The Hardware Configuration of Source VM Exceeds the Specifications Supported by
GuestOS.
− iCache Is Configured for a Template VM.
 Xen VM switchover is not supported on the following Xen VMs or in the following
scenarios:
− VMs that use non-persistent disks
− All VMs using the shared volume are not shut down.
− VM that has more than 25 disks (or disks in slot ID greater than slot 25) or uses
PRDM disks, and uses the guest OS that does not support virtio-scsi on the target
platform
− DR VMs
− Antivirus service VMs
− VMs where Tools is not running
− VMs that are not in the running or shutdown state
− VMs that use MAC addresses used by the target KVM platform
− VMs that use guest OSs not supported by the target KVM platform
− VMs that use UEFI boot firmware not supported by the target KVM platform
− VMs whose CPU quota and disk IOPS exceed the limit supported by the KVM
platform
− Types of DVSs connected to the source platform and target platform are different.

Ltd.
FusionSphere PCS
− The Hardware Configuration of Source VM Exceeds the Specifications Supported by

GuestOS.
− iCache Is Configured for a Template VM.
5 Compatibility List
5.1 Platform Compatibility

Table 1.1 Source and target platform compatibility list
Source Platform Type Target Platform Type
HCS 2.06 (the supported earliest version) HCS 6.5.1

FusionCompute V100R006C10SPH109
FusionStorage Block V100R006C30SPC600
(when FusionStorage is used)
5.2 Guest OS Support Policies

Guest OSs running on the cloud computing platform are independent of the release period and
life cycle policy. Huawei defines different support levels for the guest OSs and provides
respective management policies during their life cycle.
For details about the guest OS support policies, contact Huawei technical support.
For a guest OS no longer supported by the Huawei cloud platform, the support team is not obligated to
provide assistance in any switchover problems related to this OS.
For the list of VMs that have reached EOS in HCS 6.5.1, please switch over by application.
For guest OSs that support switchover, see section 11.2"Guest OSs that Support Switchover."

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Installation and Deployment
6 Installation and Deployment
6.1 Software Obtaining

Download the desired documentation package from the Huawei technical support websites:
 For enterprise users: http://support.huawei.com/enterprise
 For telecom carrier users: https://support.huawei.com
Table 1.2 Switchover tool software

Software Description
FusionSphere_PCSA_HCS-6.5.1.1- PCS Agent template file

X86_64.zip
FusionSphere_PCSC_HCS-6.5.1.1- PCS Controller template file
X86_64.zip
FusionCompute FusionCompute V100R006C10 patch
V100R006C10SPH109_Upgrade.zip
FusionSphere SIA 6.5.7_GuestOS-Plug-In GuestOS compatible plug-in mapping
for FusionSphere V100R006C10.zip FusionCompute V100R006C10
FusionSphere SIA 6.5.7_GuestOSDriver GuestOS Tools mapping FusionCompute
for FusionSphere V100R006C10.zip V100R006C10
FusionStorage Block FusionStorage Block mapping version
V100R006C30SPC600 (when
FusionStorage is used)
Table 1.3 Switchover tool software material

Material Description
FusionSphere PCS 6.5.1.1 Operation Operation guide to the tool for switching from
Guide (HCS Xen to KVM) Xen to KVM

Ltd.
FusionSphere PCS
Material Description
FusionCompute V100R006C10SPH109 FusionCompute V100R006C10SPH109

Upgrade Guide 01 (Private Cloud) upgrade guide
FusionCompute V100R006C10SPH109 FusionCompute V100R006C10SPH109 patch
Patch Notes 01 notes
FusionSphere SIA 6.5.7 FusionSphere 6.1 FusionCompute V100R006C10SPH109 guest
GuestOS Compatibility Plug-In OS compatibility plug-in installation guide
Installation Guide 01
FusionSphere SIA 6.5.7 PV Driver FusionSphere SIA 6.5.7 PV Driver
Installation and Upgrade Guide 01 Installation and Upgrade Guide
6.2 Switchover Software Specifications

Controller VMs and injection agent VMs are deployed in HCS 6.5.1 KVM.
Table 1.4 Specifications of the controller VM

Hardware and Software Recommended Configuration
CPU 4 CPUs and above

Memory 5 GB and above
Hard Disk 40 GB and above
Table 1.5 Specifications of the injection agent VM

Hardware and Software Recommended Configuration
CPU 2 CPUs and above

Memory 2 GB and above
Hard Disk 20 GB and above
6.3 Installation and Deployment

6.3.1 Upgrading the HCS Platform to 6.5.1
5. Upgrade the HCS platform (including OpenStack and ManageOne components) to 6.5.1
based on HUAWEI CLOUD Stack 6.5.1 Upgrade Guide.
6. Upgrade FusionCompute to V100R006C10SPH109. For details, see FusionCompute
V100R006C10SPH109 Upgrade Guide 01 (Private Cloud).

Ltd.
FusionSphere PCS
7. Upgrade GuestOS Compatibility Plug-In based on FusionSphere SIA 6.5.7

FusionSphere 6.1 GuestOS Compatibility Plug-In Installation Guide 01.
8. (Optional)Upgrade GuestOS Tools based on FusionSphere SIA 6.5.7 PV Driver
Installation and Upgrade Guide 01.
9. If Huawei FusionStorage Block is used for storage, upgrade FusionStorage to
V100R006C300SPC600 by following the instructions provided in FusionStorage
V100R006C30 Block Storage Service Upgrade Guide.
6.3.2 Adding the Storage Pool Connected to the Xen AZ to the

KVM AZ
Two modes are available for adding a storage pool: Add the source storage pool to the new
AZ and add the source storage pool to the existing AZ. You can select either of the modes
based on the site requirements:
Adding the source storage pool to the new AZ
Use the storage connected to Xen as the storage of the new AZ. For details, see
"Expanding Computing Resources" > "Creating an AZ" in HUAWEI CLOUD Stack
6.5.1 Capacity Expansion Guide.
Adding the source storage pool to the existing AZ
Configure the storage device by following the instructions provided in "Capacity
Expansion for Service Storage" in HUAWEI CLOUD Stack 6.5.1 Capacity Expansion
Guide.
The KVM AZ configuration mode must be consistent with the backend storage configuration mode of
the Xen AZ.
----End
6.3.3 Creating the Required Disk Type in KVM AZ

Create a disk type corresponding to the disk type of the source AZ in the KVM AZ by
following the instructions provided in section "Creating a Disk Type" in HUAWEI CLOUD
Stack 6.5.1 Product Document.
 In a DR environment, pay attention to the following items. Otherwise, the DR function of the KVM
AZ may be unavailable after the switchover.
 You need to configure a storage identifier (storage SN of the backend storage pool) for the disk types
of the backend storage pool connected to KVM.
 Only one backend storage device can be added to the backend storage of the new disk type.
6.3.4 Creating VM Specifications for PCS Controller and PCS

Agent
Log in to Service OM, choose Resource > ECS, and click Create Flavor. Create
specifications on Service OM based on the specifications defined in section 6.2"Switchover
Software Specifications." Set the parameters shown in the following figure and retain the
default values for other parameters.

Ltd.
FusionSphere PCS
6.3.5 Registering PCS Controller and PCS Agent Images

Choose Resources > Images. On the Images page, click Register to register the images of
PCS Controller and PCS Agent with the image service. Select scsi for Disk Device Type of
the PCS Agent image.

Ltd.
FusionSphere PCS
6.3.6 Deploying PCS Controller and PCS Agent VMs on the

Target Platform
Step 2 Register the PCS Controller and PCS Agent images in the PCS standard software package as
public images in the environment through Service OM. For details, see section
6.3.5"Registering PCS Controller and PCS Agent Images."
Step 3 On the ManageOne cloud platform console, create a VPC and VPC subnet for switching
networks.
If no SDN is deployed, you need to configure at least N VLANs on the access switches in the
KVM resource pool and associate the VLANs with subnets so that a drill subnet can be
created for each NIC. N indicates the number of VM NICs.
Step 4 Deploy the PCS Controller and PCS Agent VMs by following the instructions provided in
section "Applying for an ECS" in HUAWEI CLOUD Stack 6.5.1 Product Document. Select
the PCS Controller and PCS Agent images, and associate the VPC and subnet created in Step
3 when creating a NIC.
Step 5 Enable the default security groups of the PCS Controller and PCS Agent VMs to allow traffic
to pass through.

Ltd.
FusionSphere PCS
1. Log in to ManageOne Operation Portal as an agent administrator or a VDC administrator

and choose Console > Virtual Private Cloud > Security Group.
2. On the displayed page, choose Inbound > Add Rule to create a security group rule, as
shown in the following figure.
Step 6 Log in to a FusionSphere OpenStack node and run the source set_env command to set
environment variables.
Step 7 Run the nova list --all-t command to view the VM list and take a note of the IDs of the PCS
Controller and Agent VMs.
Step 8 Run the neutron net-list command to view the network list and take a note of the network ID
of Public_Service.
Step 9 Run the following command to configure the NIC and IP address of the Tomcat service for
the PCS Controller VM:
nova interface-attach --net-id ${Public_Service} ${server} In this command, $
{Public_Service} indicates the network ID recorded in Step 4, and ${server} is the ID of the
PCS Controller VM.
Step 10 Restart PCS Controller.
 Node names can be customized for Controller and Agent VMs and IP addresses can be allocated
using the platform.
 The password cannot be injected. To change the password, log in to the system as the root user and
change the password of the gandalf or root user after the environment is installed.
----End
6.3.7 (Optional) Configuring a Backup Server
Configure a third-party File Transfer Protocol (FTP) server to back up important data on the controller
node. After the FTP server is configured, the controller node automatically sends important data to the
FTP server at 02:00:00 every day. If a system exception occurs, the backup data can be used to restore
the system.
Step 11 Use PuTTY to log in to the active controller node as user gandalf, run the su - root command
enter the password of user root to switch to user root, and run the TMOUT=0 command to
disable user logout upon system timeout.
Step 12 Run setConfig to configure data backup and enter yes.

Ltd.
FusionSphere PCS
Should we upload the backups to ftp server? (yes/no):
If you enter no, the data backup upload function is disabled.

Step 13 Set the protocol type.
You are advised to select FTPS to enhance file transmission security. If the FTP server does
not support the FTPS protocol, select FTP.
Please input the upload network protocol[ ftp,ftps ], press enter and default
value [ftp] :
Step 14 Set IP Address.

Enter the IP address of an FTP server.
Please input the ftp server ip address, press enter and default value
[127.0.0.1] :
Step 15 Set Port.

Enter the port used by an FTP server.
Please input the ftp server port, press enter and default value [21]
Step 16 Set Username.

Enter the username for logging in to an FTP server.
Please input the ftp upload user name, press enter and default value [admin]
Step 17 Set Password.

Enter the password for logging in to an FTP server.
Please input the ftp upload user password, press enter and default value
[AAAAAQAAAAEAAAAAAAAABQAAAAEAAAAB5Mh8rThC94LDGli4bYNAbYR/VUcSnDS6JLD8XQSx6VkAA
AAQAAAAAAAAAAAtkb3fqf1fBx2B3gwDfcKsAAAAAQAAAAAAAAgEAAAAAQAAAAGdfr4qJTbdEaWANZjlBj
dDAAAAAAAAAACf9DpDZbduCRWT/xt+aAVD/7AaB+g5ED6ytVM3n9W+MQ=] :
Step 18 Set Backup Path.

Enter the relative path in which the backup files are stored.
Please input the ftp upload root directory, press enter and default value [/] :
The configuration information is displayed. If the information is correct, enter yes. Otherwise,
enter no and run the setConfig command again.
Backup configure :
1.Upload network protocol : ftp
2.Ftp server IP : 200.200.0.51
3.Ftp server port : 21
4.Ftp server user name : admin
5.Ftp server user password :

AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABNyiC5bmbz918vZnC9o6hLEdq9mXFBDkirU5Zf/ksjcUAAAAQAA
AAAAAAAABjYVQ22T68GCjb0XPZTaMzAAAAAQAAAAAAAAgEAAAAAQAAAAHUhIldf61AYY80I8CV20o4AAAA
AAAAAAANgB41jRWlS3OQOumtbJjFHhFWZwmAKXjhEj2fZ1Ml/Q=

Ltd.
FusionSphere PCS
6.Ftp server upload root directory : /
Are you sure Save ? (yes/no) :
If the configuration fails, check the following items

 Check whether the management data backup configuration is correct, for example, the username or
password.
 Check whether the network between the controller node and a third-party FTP server is faulty.
 Check whether the disk space of a third-party FTP server is insufficient.
 Check whether the FTP server configuration client does not have permission to create a folder or
file.
If an exception occurs on a third-party FTP server, contact the server administrator to handle this issue.
----End
6.3.8 Configuring the Cloud Platform

Step 19 Create interconnection accounts on the FusionCompute V100R006C10SPH109 platform as
instructed in 11.11"Creating Interconnection Accounts on Cloud Platforms."
Step 20 Enter https://controller_public_IP in the address box of your browser to log in to the
controller VM management page.
Change the default password upon the first login. For details about the default password, see "Account
Information List."
Only one cloud platform can be configured for one controller.
Step 21 Configure the agent administrator account based on "Configuring the Agent Administrator
Account" Take a note of the username and password of the agent administrator and the agent
tenant ID to prepare for registering the cloud platform.
Step 22 On the PCS cloud platform management page, click Add Cloud Platform. On the displayed
page, set basic information for the HCS 6.5.1 ManageOne platform. Set Category to Cloud
Suite, and Version to 6.5. Obtain the values of ManageOne Operation Portal Floating IP
Address and ManageOne Operation Portal Port Number from the LLD file in the
environment. Set Agent Administrator Username, Agent Administrator Password, and
Agent Administrator Tenant ID based on the information of the created agent administrator.
Then, click Next.

Ltd.
FusionSphere PCS
Step 23 Register the HCS FusionSphere OpenStack information.

Log in to a FusionSphere OpenStack node as prompted on the page, run the source set_env
command, and enter related information. If you are not sure about the information, hover the
cursor over the I icon next to each piece of information to obtain related information. Then set
the following parameters:
 Administrator Username: indicates the value of OS_USERNAME.
 Administrator Password: Set this parameter based on the site requirements. The default
value is FusionSphere123.
 Administrator User Domain: indicates the value of OS_USER_DOMAIN_NAME.
The default value is Default.
 Administrator Tenant: indicates the value of OS_TENANT_NAME.
 Administrator Tenant Domain: indicates the value of
OS_PROJECT_DOMAIN_NAME. The default value is Default.
 keystoneURL: indicates the full name of the character string of OS_AUTH_URL.
 Reverse Proxy IP Address: indicates the IP address specified by
OpenStack_reverse_proxy_ip in the LLD.
 VPC Floating IP Address: indicates the IP address specified by VPC_service_floatIp
in the LLD.
 CCS Floating IP Address: indicates the IP address specified by ccs_address in the
LLD.
These three IP addresses can be searched in the LLD configuration file, and the keywords in the LLD
files generated by ManageOne of different versions may be different in case. Therefore, you are advised
to search for the keywords in case-insensitive mode to obtain the IP addresses.

Ltd.
FusionSphere PCS
Then, click Next.
Step 24 Configure the interconnected FusionCompute platform information. Enter the logical host
name of the FusionCompute platform, interconnection username and password configured in
Step 19, and interconnection user password, and click Next.
Step 25 In the Region Type III networking, if no SDN is deployed, you need to enter the information
about the VLAN pool used for the drill. Click Add and enter the available start VLAN ID and
end VLAN ID. You can add multiple VLAN segments. Click Next after the configuration is
complete.

Ltd.
FusionSphere PCS
The VLANs in all VLAN segments must allow traffic to pass through on the hosts in the target AZ. The
VLANs are used to create the drill network during the VM drill in the Region Type III networking.
Theoretically, the number of VLANs in the pool must be greater than or equal to the number of NICs of
a drill VM because the subnet of each NIC uses a VLAN to create a drill subnet. Otherwise, the drill
fails.
Step 26 Confirm the information. Check whether the information configured in the preceding steps is
correct. You can click Previous to roll back and modify the information. If the information is
correct, click Confirm to register the cloud platform.

Ltd.
FusionSphere PCS
 After the cloud platform is successfully registered, its VM list, storage resource list, and network
resource list can be automatically displayed.
 After the cloud platform is added, the user roles cannot be modified.
 To change the passwords of interconnection accounts during the switchover, see Changing
Passwords of Interconnection Accounts During the Switchover.
After the cloud platform is added successfully, the following page is displayed.
To modify information, click Modify in the Operation column to modify the information, or
click Delete and add the information again.
----End
6.3.9 Registering an Agent VM
If multiple VMs need to be switched over and there are sufficient idle resources in the target
environment, multiple agent nodes can be deployed to improve switchover efficiency.
Step 27 On the PCS management page, choose the current platform CloudPlatform and click
Register VMs. On the Register VMs page, select the corresponding tenant/project/agent VM
and click Register.

Ltd.
FusionSphere PCS
Step 28 On the PCS management page, choose Cloud Platform Management > CloudPlatform >
Agents, and click Add Agent. On the Add Agent page, specify Name, set Type to Injection
driver, and select the name of the VM to be registered for VM. Then, click Confirm.
After an agent VM is added, the information about the registered agent VM is displayed on
the Agents page. You can click Modify to change the agent name and type. If an error occurs,
click Delete and add the agent again.
----End

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 System Configuration
7 System Configuration
7.1 Managing Switchover Obstacle Items

Step 29 Choose System > System Configuration > Switchover Obstacle Management. Locate an
obstacle item and click Modify in the Operation column. On the displayed page, select
Adjust VM Later or Ignore for the item and click Confirm.
Step 30 On the Service Configuration page, you can set Check critical items only or Check all
items for VM Switchover Pre-check Configuration and then click Confirm.
----End
7.2 Configuring Password Policy

Step 31 Choose System > Password Policy and click Modify.

Ltd.
FusionSphere PCS
On the displayed page, all parameters are editable, and you can configure them.
Step 32 Click Save to save the configuration.

----End
7.3 Configuring the Login Timeout Period

Step 33 Choose System > Time Management.
Step 34 In the System Timeout area, select a value and click Confirm.

Ltd.
FusionSphere PCS
When the idle time exceeds the value, user logout occurs, and the user needs to log in to the system
again.
Step 35 In the displayed dialog box, click Confirm to complete the configuration.
----End
7.4 Viewing System Tasks

Choose System > System Tasks. On the displayed page, time-consuming tasks or tasks
whose task results cannot be immediately displayed are displayed, and you can view their
status.

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Image Switchover
8 Image Switchover
8.1 Registering the Image to Be Switched

Step 36 On the PCS management page, choose Cloud Platform Management > CloudPlatform.
Click Register Image, select the image to be migrated, and click Register.
1. The image must be switched over before the VM that is created using the image. Otherwise, the
pre-check fails during the VM switchover.
2. Image foolproofness can be used to prevent common VM-related operations rather than
administrators' operations. Therefore, during the switchover, do not delete or modify images on Service
OM and the management interface. Otherwise, exceptions that cannot handle will occur.
3. If the boot firmware of the image is UEFI, ensure that the metadata of the image contains the
hw_firmware_type field, which indicates the image startup type. Otherwise, the VM may fail to be
started during the image switchover or the VM created using the image after the switchover fails to be
started. You can run the following command to view the hw_firmware_type field of the image metadata:
glance image-show $image_id | grep hw_firmware_type
Run the following command to set the hw_firmware_type field of the image metadata, in which
$firmware_type can be bios or uefi:
glance image-update --property hw_firmware_type=$firmware_type $image_id
4. Since the latest ECS console may not support issuing VM of UEFI firmware type, the image you
just updated by above command will not able to be selected while creating VM. If you still want to issue
VM on XEN, you have to update the metadata back with above command.
Step 37 If Serious is displayed for Switchover Pre-check, click the VM name to go to the VM details
page. Click Recheck to view the cause and rectify the fault based on the Obstacle item. After
the processing is complete, click Recheck.

Ltd.
FusionSphere PCS
After the image is registered successfully, the image and the VM are displayed on the VMs tab page of
the cloud platform management page.
The image specifications include only memory parameters.
----End
8.2 Creating a Public Image Switchover Plan

Step 38 Create a switchover plan based on section "Creating a Switchover Plan" and set Project to
Public Image for public images.
The image must be switched over before the VM that is created using the image. Otherwise, the pre-
check fails during the VM switchover.

Ltd.
FusionSphere PCS
Step 39 On the Modify Target Resource tab page, if you want to change the default password of the
image, select Password Protection on the right of the image. The default password is
Image1!2@. If you need to set the password, modify the configuration file before the
switchover. In the /opt/cloudos/pcs/controller/apps/pcs-website/WEB-
INF/classes/conf/switch-vm.conf file, change the value of the adminPass field. If you do not
want to change the default password of the image, deselect Password Protection.
Step 40 For details about other steps, see section 9.3"Creating a Switchover Plan."
----End

Ltd.
FusionSphere PCS
8.3 Creating a Private Image Switchover Plan

Step 41 Create a switchover plan based on section "Creating a Switchover Plan" and set Project to the
project that the image resides for private images, which is similar to common VMs.
Step 42 On the Modify Target Resource tab page, if you want to change the default password of the
image, click Password Protection on the right of the image and select Yes for Set Password
in the displayed dialog box. The default password is Image1!2@. If you need to set the
password, modify the configuration file before the switchover. In the
/opt/cloudos/pcs/controller/apps/pcs-website/WEB-INF/classes/conf/switch-vm.conf file,
change the value of the adminPass field. If you do not want to change the default password
of the image, do not click Password Protection.

Ltd.
FusionSphere PCS
Step 43 For details about other steps, see section 9.3"Creating a Switchover Plan."
----End
8.4 Completing Image Switchover and Rollback

Step 44 The image switchover, rollback, and completion are the same as those of common VMs. For
details, see "VM Drill and Switchover."
Images can be only switched and do not support drilling.

If you need to configure the Cloud-Init function, configure an external network for the temporary VM of
the image after the image switchover is complete and before the confirmation is complete, and install the
Cloud-Init. The external network is used to download the software package required by Cloud-Init from
the external network. For details about how to install Cloud-Init software, see section "Installing Cloud-
Init" in HUAWEI CLOUD Stack 6.5.1 Product Document.
You can switch or drill the VM only after the image switchover is complete.
After the image is successfully switched to the KVM platform, you must manually find the image on
Service OM, click Modify, and select Cloud-Init.
In a DR environment, you need to switch the source images in all regions to the target AZ and ensure
that the disk bus type is the same as the image type to prevent image loss after the DR environment
switchover.
----End

Ltd.
FusionSphere PCS

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 VM Drill and Switchover
9 VM Drill and Switchover
9.1 Registering the VM on Which a Drill Will Be

Performed
Step 45 On the PCS management page, choose Cloud Platform Management > CloudPlatform and
click Register VMs. On the displayed page, select the VM to be switched over and click
Register.
 The Cloud Platform VM List page can be customized by tenant and project.
 A pre-check is performed automatically when the VM to be switched over is registered.
Step 46 If Major is displayed for Switchover Pre-check Result, click the VM name to go to the VM
details page. Then, click Switchover Pre-check to view the cause and rectify the fault based
on information in the Obstacle area. After the processing is complete, click Recheck.

Ltd.
FusionSphere PCS
If the obstacle items do not affect the drill or switchover, set Ignore to them on the System page.
----End
9.2 (Optional) Deleting a Service Instance in the DR

Environment
In a DR environment, after a VM is registered with the cloud platform, delete the service
instance of the Xen VM that has the DR service enabled based on the instance deletion
operations provided in "Cloud Server DR Service" or "Cloud Server High Availability" in
HUAWEI CLOUD Stack 6.5.1 Product Document.
9.3 Creating a Switchover Plan

Step 47 On the PCS management page, choose VM Switchover, click Create Switchover Plan. On
the displayed page, Set Name and configure the following parameters: Set Type to Cloud
Suite, Cloud Suite to the cloud platform to be switched over, Project to the project of the
VM to be switched over, Source AZ to the AZ of the Xen platform, and Target AZ to the
target AZ of the VM to be switched over. Then, click Next.

Ltd.
FusionSphere PCS
Step 48 Select the VM to be operated and click Next.
Step 49 Set the mapping between the source and target resources of the VM to be switched over.

Ltd.
FusionSphere PCS
Set Target Volume Type to the default mapping target volume type. You can click Modify
Target Volume Resource to modify the target volume type.
Step 50 Perform switchover pre-check for the VM to be switched over and process the detection
result.
If Normal is displayed in the Check Result column, no risk item or item that cannot be
switched over is detected on the VM.

Ltd.
FusionSphere PCS
For a VM whose check result is not normal and values, rather than Normal, are displayed in
the Drill Impact or Switchover Impact column in the Obstacle area, click the arrow next to
the VM name to expand the obstacle information.
Based on the information in Obstacle, select Using System Configuration, Ignore, or
Adjust VM Later for Handling Action (Drill) and Handling Action (Switchover). After
doing this, click Next.
Step 51 After confirming that the switchover task information is correct, click Confirm to create the
switchover task.
Step 52 For risk VMs, you need to eliminate the risks on the source platform and then perform a
check again.
Alternatively, choose System > System Configuration > Switchover Obstacle

Management, select Ignore for Default Handling Action (Drill) and Default Handling
Action (Switchover) for the risk item and then click Confirm.

Ltd.
FusionSphere PCS
Step 53 In the switchover task, click the VM name. Under Basic Information, click Switchover Pre-
check and then click Recheck to check the VM again. If the message "the check result is
normal" is displayed, the operation is successful.
----End
9.4 Adding a VM to a Switchover Plan

To add a VM or an image to an existing switchover plan, click More on the right of the
switchover plan and click Add VM.

Ltd.
FusionSphere PCS
The other steps are the same as those in previous section.
9.5 Performing Switchover Drill

Step 54 After a switchover plan is created, choose VM Switchover > Switchover Plan to view the
plan.
Step 55 Locate the row that contains the switchover plan, click More in the Operation column, and
select Add VM to add the VM to be processed to the plan.
Also you can select Modify to modify the VM resource configuration after the switchover, or
Delete to delete the switchover plan.
Step 56 Click Drill in the Operation column. On the displayed page, select the VM to be drilled and
click Confirm. On the displayed page, click Confirm to start the drill.
Step 57 Click the arrow next to the task plan to view the drill progress and result of each VM.
Step 58 Choose VM Switchover > Switchover Task to view the execution result of each task.

Ltd.
FusionSphere PCS
If Succeeded is displayed in the Status column, the VM can be running on the target platform. You can
perform service check for the VM.
Step 59 Click the drill button next to the switchover plan. On the displayed page, locate the row that
contains the drill VM whose status is Succeeded, click Drill. On the displayed Drill page,
select End Drill, select the VM for which drill has been completed, and click Confirm.
The data generated during VM drill is deleted.
Step 60 Choose VM Switchover > Switchover Plan to view the end drill status.
The drill is performed to check whether VMs can run properly after being switched to the KVM
platform. The drill VM is a temporary VM and is deleted after the drill result is confirmed. Therefore,
the drill VM does not occupy the user quota and will not be managed by the ManageOne cloud
management platform. Therefore, it is normal that other management data is not synchronized on the
ManageOne cloud management platform except the VNC login page.
----End
9.6 Performing a VM Switchover

Step 61 Locate a switchover plan and click Switchover in the Operation column. On the Switchover
page, select the target VM, select Switchover, and click Confirm. On the displayed dialog
box, click Confirm to start the switchover.
Step 62 Click the arrow next to the task plan to view the switchover progress and result of each VM.
Step 63 Choose VM Switchover > Switchover Task to view the execution result of each task.

Ltd.
FusionSphere PCS
If Succeeded is displayed in the Status column, the VM can be running on the target platform. You can
perform service check for the VM.
----End
9.7 Confirming Services by the User

After the switchover is successful, users can log in to the VM using VNC from KVM to
confirm services. If any problem occurs, see chapter 12"Appendix 2 Troubleshooting." If
there are other issues, contact technical support.
9.8 Rolling Back the Switchover
This operation restores only data before the switchover. You are advised to back up the VM data, thus
avoiding data loss.
If an exception occurs on the VM that is switched to the target platform, roll back the VM.
Step 64 Locate the row that contains the VM to be rolled back, click More in the Operation column,
and select Rollback. Then, click Confirm in the dialog box that is displayed to start the
rollback operation.
Step 65 Choose VM Switchover > Switchover Task to view the execution result of the rollback task.
----End
9.9 Completing Switchover

If the VM that is switched to the target platform is running properly, locate the row that
contains the switchover task, click Switchover in the Operation column. On the displayed
page, select the target VM, select Finish Confirmation, and click Confirm. In the displayed
page, click Confirm.
Choose VM Switchover > Switchover Task to view the execution result of each task.
After all VMs on a host are switched over and the confirmation is complete, remove the host from the
source platform based on HUAWEI CLOUD Stack 6.5.1 Product Document.
PCS does not create another flavor if there is already one with same parameters. Hence, if there are 2
flavors with same parameters but have different charge fee fate, administrator has to manually create
new flavor and assign fee rate in Operation Management Portal with bss_admin after switch over.
----End

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Operations After Finish Confirmation
10 Operations After Finish Confirmation
10.1 Deleting PCS Controller and Agent VMs

After all VMs are switched over from the Xen platform to the KVM platform and Confirm
Completion is performed for all tasks, stop or delete PCS controller and agent nodes based on
section "Deleting a VM" or "Stopping a VM" in Huawei Cloud Stack 6.5.1 Product
Document to release resources.
 To stop or delete PCS controller and agent nodes, ensure that all switchover tasks are carried out
successfully.
 After the stop or deleting operations, rollback cannot be performed for VMs that are subjected to the
switchover.
10.2 (Optional) Configuring DR Relationships

In a DR scenario, you need to configure the DR relationship after the DR VM is switched to
KVM. For details, see section "Setting the Volume Type Mapping for CSHA and CSDR."
10.3 (Optional) Configuring Backup Relationships

In a Backup scenario, you need to disassociate the server, please refer to Disassociating a
Server from a Backup Policy in HUAWEI CLOUD Stack 6.5.1 Product Document. After the
switchover, you need to create backup task, refer to Creating a Periodic Backup Task in
HUAWEI CLOUD Stack 6.5.1 Product Document.

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Appendix 1 Common Operations
11 Appendix 1 Common Operations
11.1 Verifying Software Packages

 Software packages that have been tampered with or sabotaged during transmission may
pose a security threat to the carrier's network. After obtaining the software packages,
verify their integrity, and do not use them unless they pass the integrity check.
 Each software package has its own digital signature file. The file name extension of a
digital signature file is asc. Usually, the name of the digital signature file is the same as
that of the software package. For example, if the name of the software package is "
FusionSphere PCS.zip ", the name of its digital signature file is " FusionSphere
PCS.zip.asc ".
Step 66 Log in to http://support.huawei.com/enterprise.
Step 67 Download the software digital signature validation tool (PGP Verify) from the following link:
http://support.huawei.com/enterprise/toolsinfo?idAbsPath=0602_ROOT|
8221819&pid=8221819&show=showServiceDetail&versionid=TV1000000014
Step 68 Verify the software package integrity by referring to the OpenPGP Signature Verification
Guide.
----End
11.2 Guest OSs that Support Switchover

No. Guest OS Name
1 CentOS 5.11_64bit
2 CentOS 6.0_32bit
3 CentOS 6.0_64bit
4 CentOS 6.1_32bit
5 CentOS 6.1_64bit
6 CentOS 6.2_32bit
7 CentOS 6.2_64bit
8 CentOS 6.3_32bit
9 CentOS 6.3_64bit

Ltd.
FusionSphere PCS
10 CentOS 6.4_32bit
11 CentOS 6.4_64bit
12 CentOS 6.5_32bit
13 CentOS 6.5_64bit
14 CentOS 6.6_32bit
15 CentOS 6.6_64bit
16 CentOS 6.7_64bit
17 CentOS 6.7_32bit
18 CentOS 6.8_32bit
19 CentOS 6.8_64bit
20 CentOS 6.9_32bit
21 CentOS 6.9_64bit
22 CentOS 6.10_64bit
23 CentOS 7.0_64bit
24 CentOS 7.1_32bit
25 CentOS 7.1_64bit
26 CentOS 7.2_64bit
27 CentOS 7.2_32bit
28 CentOS 7.3_64bit
29 CentOS 7.4_64bit
30 CentOS 7.5_64bit
31 Debian GNU/Linux 7.1.0_32bit
Ltd.
FusionSphere PCS

66 Ubuntu 14.04 server_32bit
67 Ubuntu 14.04 desktop_32bit
68 Ubuntu 14.04 desktop_64bit
70 Ubuntu 14.04.1 server_32bit
74 Ubuntu 14.04.3 desktop_32bit
84 Ubuntu Server 16.04.1_64bit
86 Red Hat Enterprise Linux 6.0_64bit
Ltd.
FusionSphere PCS

111 Rocky Secure Server V6.0.80 64bit
112 Oracle Linux 5.7_64bit
136 SUSE Linux Enterprise Server 11 SP3_32bit
143 openSUSE Leap 15.0_64bit
144 openSUSE 42.1_64bit
147 Fedora 24_64bit
148 Fedora 25_64bit
149 Scientific Linux release 6.3_32bit
Ltd.
FusionSphere PCS

152 EulerOS 2.1_64bit
155 Red Flag Asianux Server 4 SP2_64bit
156 Red Flag Asianux Server 4 SP4_64bit
157 Red Flag Asianux Server 7.3_64bit
158 NeoKylin Linux Advanced Server release 6.5_64bit
159 NeoKylin Linux Trusted OS V6_64bit
160 Deepin GNU/Linux (Server 15)_64bit
161 Astra Linux 1.4_64bit
162 NewStart V4_64bit
163 Windows Server 2008 Enterprise SP1_32bit
164 Windows Server 2008 Enterprise SP1_64bit
165 Windows Server 2008 Standard SP1_32bit
169 Windows Server 2008 DataCenter SP2_32bit
170 Windows Server 2008 R2 Datacenter_64bit
171 Windows Server 2008 R2 Enterprise_64bit
172 Windows Server 2008 R2 Standard_64bit
173 Windows Server 2008 WEB R2_64bit
174 Windows Server 2008 DataCenter R2 SP1_64bit
175 Windows Server 2008 Enterprise R2 SP1_64bit
176 Windows Server 2008 Standard R2 SP1_64bit
177 Windows 7 Ultimate_32bit
178 Windows 7 Ultimate_64bit
179 Windows 7 Professional_32bit
180 Windows 7 Professional_64bit
181 Windows 7 SP1 Ultimate_32bit
182 Windows 7 SP1 Ultimate_64bit
183 Windows 7 SP1 Professional_32bit
184 Windows 10_32bit
185 Windows 10_64bit
186 Windows 10 Enterprise_32bit
187 Windows 10 Enterprise_64bit
188 Windows Server 2012 Datacenter_64bit
189 Windows Server 2012 Standard_64bit
190 Windows Server 2012 R2 Datacenter_64bit
191 Windows Server 2012 R2 Standard_64bit
192 Windows Server 2012 Essentials R2_64bit
193 Windows Server 2016 DataCenter_64bit
194 Windows Server 2016 Standard_64bit

Ltd.
FusionSphere PCS
11.3 Guest OSs that Do Not Support UEFI l After

Switchover
No. Guest OS Name
11.4 Account Information List

To ensure system security, you are advised to periodically change the default passwords of the
internal accounts of PCS using the recommended methods.
The following table lists the common login accounts.
Account Default Account Account Rights Password Protection

Description Policy
PCS login account Username: admin Has the rights of  Change the default
Password: the system password upon the
IaaS@PORTAL- administrator. first login.
CLOUD9!  If you enter incorrect
passwords for three
consecutive times,
the account will be
locked for five
minutes.
OS account Username: gandalf Has the rights of a If you enter incorrect
Password: common OS user. passwords for three
IaaS@OS- consecutive times, the
CLOUD9! account will be locked
for five minutes.
OS account Username: root Has the OS If you enter incorrect
Template import: administrator passwords for three
IaaS@OS- rights. consecutive times, the
CLOUD8! account will be locked
for five minutes.

Ltd.
FusionSphere PCS
Account Default Account Account Rights Password Protection

Description Policy
Common user Username: pcsuser Has the permission If the password is

account of the Password: to log in to and entered incorrectly for
controller node SingleLOUD!1 operate the Gauss five consecutive times,
database database. the account will be
When you connect locked for five minutes.
to the database by Database: pcs
running the psql
command, enter the
database password
in interactive mode.
Otherwise, the
database password
theft may be caused.
Controller node Username: postgres This account is the The account will not be
database Password: super locked if an incorrect
administrator cloudos@123 administrator in password is entered.
account the database and
can be used to
create a database
and user account,
and back up data.
Table 1.1 Internal OS accounts

Account Permission Description
root Has all operation Linux system administrator account

permissions for the system.
bin Default system service System account of the bin service
accounts of the Linux OS.
daemon External users cannot use System account for controlling
these accounts to log in to background processes
the Linux system.
lp Print service account
mail Account for accessing the mailbox
in the /var/mail directory
games Games service account
ftp File Transfer Protocol (FTP) service
account
nobody Default system account of the user
identification service
ntp Default system account of the
Network Time Protocol (NTP)
daemon process

Ltd.
FusionSphere PCS
Account Permission Description
sshd Default system account of the sshd

daemon process
adm adm account
sync Synchronization service account
shutdown Account for the shutdown service
halt Account for the halt service
operator Operation account
systemd-bus- systemd Bus Proxy account
proxy
systemd-network systemd Network Management
account
dbus System message bus account
tss TrouSerS account used for trusted
computing
saslauth Saslauthd Daemon account
rpc RPC service account
unbound Unbound DNS resolver account
polkitd polkit service account
radvd Router Advertisement Daemon
account
rpcuser RPC service account
nfsnobody NFS service account
qemu Simulated I/O account in
virtualization
11.5 Changing the Password of User root for a Node

Scenarios
Change the password for logging in to the operating system (OS) of a host as user root. This
operation helps improve the operation and maintenance security of the system.
Prerequisites
Conditions

Ltd.
FusionSphere PCS
An application, such as PuTTY, which can be used for remote access on various platforms is available.
You have obtained the management IP address of the node.
You have obtained the passwords of user root and user gandalf for logging in to the node.
The default password of user gandalf is IaaS@OS-CLOUD9!, and the default password of user root is
IaaS@OS-CLOUD8!.
Procedure
Step 69 Use PuTTY to log in to the OS of the node.
Ensure that the management IP address and username gandalf are used to establish the
connection.
The system supports the login authentication using a password or private-public key pair. If
you use a private-public key pair to authenticate the login, see section 11.8"Using PuTTY to
Log In to a Node in Key Pair Authentication Mode."
Step 70 Run the following command and enter the password of user root to switch to user root:
su - root
Step 71 Run the following command to disable user logout upon system timeout:
TMOUT=0
Step 72 Run the following command to change the password of user root:
passwd
The following information is displayed:
Changing password for user root.
Changing password for root.
(current) UNIX password:
Step 73 Enter the old password and press Enter.

New Password:
Step 74 Enter a new password and press Enter.

The password must meet the requirements in the following table.

Ltd.
FusionSphere PCS
Parameter Description Example Value
Password  The password must contain at least eight GalaX8800!

characters.
 The password must contain at least three of the
following combinations:
- Uppercase letters
- Lowercase letters
- Digits
- Spaces or special characters `~!@#$
%^&*()-_=+|[{}];:'",<.>/?
 The password cannot contain the username or
the reverse username.
 The password cannot contain a word from the
Linux password dictionary.

Retype new password:
If the following information is displayed, this password cannot be used and you must enter
another one:
BAD PASSWORD: ...
Step 75 Enter the new password again and press Enter.

The password is changed if the following information is displayed:
passwd: all authentication tokens updated successfully.
----End
11.6 Changing the Password of the User gandalf for a

Node
Scenarios
Change the password for logging in to the operating system (OS) of a node as user gandalf.
This operation helps improve the operation and maintenance security of the system.
Prerequisites
Conditions
 You have obtained the management IP address of the node and the password of user
gandalf.
 An application, such as PuTTY, which can be used for remote access on various
platforms is available.

Ltd.
FusionSphere PCS
The default password of user gandalf is IaaS@OS-CLOUD9!.
Procedure
Step 76 Use PuTTY to log in to the OS of the node as user gandalf.
Ensure that the Management IP address is used to establish the connection.
you use a private-public key pair to authenticate the login, see section 11.8"Using PuTTY to
Log In to a Node in Key Pair Authentication Mode."
Step 77 Run the following command to change the password of user gandalf:
passwd
Changing password for user gandalf.
Changing password for gandalf.
(current) UNIX password:

New password:

The password must meet the requirements in the following table.
Password  The password must contain at least eight GalaX8800!

characters.
 The password must contain at least three of
the following combinations:
- Uppercase letters
- Lowercase letters
- Digits
- Spaces or special characters `~!@#$
%^&*()-_=+|[{}];:'",<.>/?
 The password cannot contain the username
or the reverse username.
 The password cannot contain a word from
the Linux password dictionary.

Retype new password:
If the following information is displayed, this password cannot be used and you must enter
another one:

Ltd.
FusionSphere PCS
BAD PASSWORD: ...

The password is successfully changed if the following information is displayed:
passwd: all authentication tokens updated successfully.
----End
11.7 Changing admin User's Password

Scenarios
On the PCS portal, change a user's password to improve the system security.
Prerequisites
Conditions
You have logged in to PCS using the account to be changed.
Procedure
Step 81 In the upper right corner of PCS, click the name of the current login user.
Step 82 Click Change Password.
The Change Password dialog box is displayed.
Step 83 Enter the old password and the new password.
The new password must meet the requirements in the following table:
Parameter Description Example

Value
New  Specifies the password to be set. Galax@8800

Password  Default value: a string of 8 to 32 characters
 The password must contain at least one space or one of
the following special characters: `~!@#$%^&*()-
_=+\|[{}];:'",<.>/?
 The password must contain at least two of the following
combinations:
- Uppercase letters
- Lowercase letters
- Digits
 The password cannot contain the username or the
reverse username.
 The password modification must comply with the
configured password policies.

Ltd.
FusionSphere PCS
Step 84 Click Confirm.

The password is changed.
----End
11.8 Using PuTTY to Log In to a Node in Key Pair

Authentication Mode
Scenarios
Use PuTTY and the required private key to log in to a target node.
Prerequisites
 SSH security hardening has been performed on the target node. Security hardening measures include:
o SSH key pair authentication mode has been enabled and the public key certificate has been
configured on the node.
o SSH password authentication has been disabled.
 You have obtained the private key certificate that matches the public key certificate. If the private key
certificate is encrypted, you also need to obtain the password of the private key certificate.
To obtain the default private key certificate, perform the following:

Visit http://support.huawei.com and log in to the system. Enter FusionSphere default public and
private keys in the search box in the upper-right corner of the web page. Click the first result to obtain
the default public and private key certificate.
Procedure
Step 85 Check whether PuTTY on the local PC has been used to log in to a node in key pair
authentication mode.
 If yes, go to Step 91.
 If no or you cannot confirm, go to Step 86.
Step 86 Run PuTTY and enter the IP address of the target node and the SSH port number (default
value: 22).
Step 87 In the Category area in the left pane, choose Connection > SSH > Auth.
The SSH authentication configuration page is displayed.
Step 88 Click Browse, select the prepared private key certificate in the displayed window, and click
Open.
The file name extension of the private key certificate is *.ppk. Contact the administrator to
obtain the private key certificate.
The following figure shows the SSH authentication configuration page.

Ltd.
FusionSphere PCS
Figure 1.1 Configuring the private key certificate
Step 89 In the Category area in the left pane, select Session.

The main page is displayed.
Step 90 To facilitate subsequent access, create a custom session in Saved Sessions and click Save.
The following figure shows the session configuration page.

Ltd.
FusionSphere PCS
Figure 1.1 Saving a session
After this step, go to Step 92.

Step 91 Select a saved session and click Load.
Step 92 Click Open.
Step 93 Enter the username for logging in to the target node as prompted.
If the private key certificate is an encrypted certificate, enter the password of the private key
certificate as prompted.
The default private key certificate delivered with the version release is an encrypted
certificate, and its default password is Huawei@CLOUD8!.
----End
11.9 Restoring Data

Scenarios
This section guide maintenance engineers to restore the data of controller nodes.
If an exception occurs in the controller node system, you need to restore its data.

Ltd.
FusionSphere PCS
Before you restore data, back up the data on the abnormal controller node to ensure that lost
data can be retrieved after the data restoration.
If the controller node is installed again due to a fault, restore the data by performing operations starting
from 26.
Impact on the System

During data restoration, the processes on the controller nodes are stopped.
After data restoration, the data produced between the backup time and restoration time is lost.
Prerequisites
Conditions
 The required backup file is available on the controller node or a third-party backup
server.
 A local PC is available to access the controller node.
 You have obtained the root user password and the IP address of the Controller node.
 The system is running properly.
 The following conditions are met if the files backed up on the third-party server are used
to restore data:
− The local PC communicates with the third-party backup server properly.
− You have obtained the IP address of the third-party backup server.
− If the third-party backup server uses a Windows operating system (OS), you have
obtained the OS login username and password. If the backup server uses a Linux OS,
you have obtained the password of user root.
− The FTPS Server application is installed on the third-party backup server.
Procedure
Back up the data on the abnormal controller node.
Step 94 Use PuTTY to log in to the controller node.
Ensure that the management plane floating IP address and username gandalf are used to
establish the connection.
you use a private-public key pair to authenticate the login, see section "Using PuTTY to Log
In to a Node in Key Pair Authentication Mode."
su - root
TMOUT=0
Step 97 Run the following command to back up the data:
cronBackupUpload
The backup path is /var/backup/.

Ltd.
FusionSphere PCS
Step 98 Use PuTTY to log in to the controller node.

su - root
TMOUT=0
Step 101 Run the following command to query the IP address of the active controller:
ifconfig
Information similar to the following is displayed:
eth0 ......
inet addr:192.168.40.4 ......
......
eth0:25 ......
inet addr:192.168.40.3 ......
......
Step 102 Obtain the IP address of the controller node and ensure that the IP address is:
 Not the floating IP address displayed in the command output in Step 101.
 The IP address of the active controller node provided in the data plan.
The other IP address provided in the data plan is the IP address of the standby controller node.
Step 103 Use PuTTY to log in to the standby controller node as user gandalf.
Ensure that the IP address of the standby controller node is used to establish the connection.
su - root
Copy the required backup file to the active controller node.
Step 105 Run the following command to check whether any directory containing backup files is
available on the active controller node:
ll Directory containing backup files
The directory is:
 /var/backup/ for automatic backup files
 /var/backup/month/ for automatic monthly backup files

Ltd.
FusionSphere PCS
The data automatically backed up each month is stored only in the /var/backup/month directory.
No directory containing backup files is available on the active controller node if the following
information is displayed:
ls: cannot access /var/backup/: No such file or directory
The directory containing backup files is available on the active controller node and this
directory contains backup data if information similar to the following is displayed:
total 4
drwx------ 4 root root 4096 May 27 17:56 2013-05-27_0000000001
Step 106 Based on the command output in Step 105, check whether any directory containing backup
files is available on the active controller node and the directory contains required backup data.
 If no, go to Step 109.
Step 107 Run the following command to switch to the directory containing backup files on the
controller node:
cd Directory containing backup files
The directory is:
Step 108 Run the following command to copy the required backup file to the /home/GalaX8800
directory on the controller node:
cp -r YYYY-MM-DD_sn /home/GalaX8800
YYYY-MM-DD indicates the date when backup is performed, and sn indicates the serial
number of the backup file.
Go to Step 121 after this step.
Step 109 Use PuTTY to log in to the standby controller node as user gandalf.
Ensure that the IP address of the standby controller node is used to establish the connection.
su - root
TMOUT=0
Step 112 Repeat Step 105 and check whether the directory containing backup files is available on the
standby controller node and the directory contains the required backup file.

Ltd.
FusionSphere PCS
After the system is installed, neither the active or standby controller node contains the /var/backup/
directory. At this time, manually back up the data if the system services are running properly. The
generated data backup file is stored in the /var/backup/ directory. Contact technical support if the
system services are not running properly.
Step 113 Run the following command to copy the backup folder from the backup directory to the
/home/GalaX8800/ directory:
cp -r Directory containing backup files/Backup folder /home/GalaX8800
For example, run the cp -r /var/backup/2015-07-30_0000000001 /home/GalaX8800
command.
The directory is:
Step 114 Run the following command to change the permission for the directory saving the backup
folder:
chmod -R 755 /home/GalaX8800/Backup folder
For example, run the chmod -R 755 /home/GalaX8800/2015-07-30_0000000001/ command.
Step 115 Use WinSCP to copy the required backup file from the /home/GalaX8800 directory to the
local PC.
Step 116 Check the type of the OS used by the third-party backup server.
 If the third-party backup server runs the Windows OS, go to Step 117.
 If the third-party backup server runs the Linux OS, go to Step 119.
Contact the backup server administrator to perform operations on the third-party server if required.
Step 117 Log in to the third-party backup server over a remote desktop connection.
Step 118 Copy the required backup file from the third-party backup server to the local PC.
 Backup file name: YYYY-MM-DD.tar.gz.zip
 Directory containing configuration files:
− Directory configured on the FTPS server\YYYY-MM-DD_sn\DATA\ for automatic
backup files
− Directory configured on the FTPS server\month\YYYY-MM-DD_sn\DATA\ for
automatic monthly backup files.
 Directory containing database files which need to be backed up only when the Gauss
database is being used:
− Directory configured on the FTPS server\YYYY-MM-DD_sn\DB\ for automatic
backup files
− Directory configured on the FTPS server\month\YYYY-MM-DD_sn\DB\ for

Ltd.
FusionSphere PCS
YYYY-MM-DD indicates the backup date, and sn indicates the serial number of a backup file
folder.
Step 119 Use WinSCP to copy the required backup file from the third-party backup server to the local
PC.
 Directory containing configuration files:
− Directory configured on the FTPS server/YYYY-MM-DD_sn/DATA/ for automatic
backup files
− Directory configured on the FTPS server/month/YYYY-MM-DD_sn/DATA/ for
 Directory containing database files which need to be backed up only when the Gauss
database is being used:
− Directory configured on the FTPS server/YYYY-MM-DD_sn/DB/ for automatic
backup files
− Directory configured on the FTPS server/month/YYYY-MM-DD_sn/DB/ for
Step 120 Use WinSCP to copy the required backup file from the local PC to the /home/GalaX8800
directory on the active controller node:
 Directory containing manually-copied configuration files: /home/GalaX8800/YYYY-
MM-DD_sn/DATA/
 Directory containing manually-copied database files: /home/GalaX8800/YYYY-MM-
DD_sn/DB/, which is available only when the Gauss database is being used
Restore data of the controller node.
Ensure that the management IP address of the controller node is used for logging in to the active
controller node. If you use the floating IP address for the login, exceptions will occur during data
restoration.
Step 121 Use PuTTY to log in to the active controller node and switch to user root.
Ensure that username gandalf and the management IP address of the active controller node
are used to establish the connection.
Step 122 Run the following command to restore configuration data of the active controller node:
restoreGeData -t DATA -f /home/GalaX8800/YYYY-MM-DD_sn/DATA/Backup file name
The data is restored if the following information is displayed:
Congratulations! Your restore task ran successfully.
Step 123 Run the following command to restore data in the database of the controller node:
restoreGeData -t DB -f /home/GalaX8800/YYYY-MM-DD_sn/DB/backup file name
The data is restored if the following information is displayed:

Ltd.
FusionSphere PCS
Congratulations! Your restore task ran successfully.
----End
11.10 Changing Passwords of Interconnection Accounts

During the Switchover
Passwords of interconnection accounts can be changed during the switchover to improve
system security or retrieve the passwords. However, password change is risky because the
change will cause communication failures. Therefore, exercise caution when changing the
passwords.
For details about how to change passwords of accounts for logging in to the FusionCompute
Xen platform, see "Operation and Maintenance" > "Maintenance Management" >
"Maintenance Management in Single-Hypervisor Scenarios" > "Security Management" >
"FusionCompute Account Management (Common Mode)" > "Resetting the Password" in
FusionSphere V100R006C10SPH109 Product Documentation (Server Virtualization).
11.11 Creating Interconnection Accounts on Cloud

Platforms
Creating interconnection accounts on FusionCompute V100R006C10SPH109
Log in to the FusionCompute V100R006C10SPH109 management page and create an
interconnection account. Alternatively use user admin.
To create an account, choose System > Rights Management > User Management and click
Add User. On the Add User page, select Interface interconnection user for User Type and
administrator for Subrole and set other parameters as required. Then click OK.
To avoid account conflict, you need to create an account for dual-site management configuration. In the
separation of roles scenarios:
 Log in to the system as the sysadmin user and choose System > Rights Management > User
Management to create an interconnection account.
 Log in to the system as the secadmin user, and choose System > Rights Management > User
Management. Locate the target user, click More in the Operation column, and select Activate
User. In the displayed page, select System administrator for User Type and sysadmin for Subrole
and then click Confirm.
11.12 Replacing the Security Authentication Certificate for

Controller Nodes and Agent Nodes
Scenarios
This section describes how to manually replace the security authentication certificates for the
Controller nodes and Agent nodes when the system is running properly, improving system
O&M security.

Ltd.
FusionSphere PCS
The product supports only level-2 security certificates.

Services will be temporarily interrupted during the certificate replacement. Continue with
other operations after service processes recover.
Prerequisites
Conditions
You have obtained the root certificate, certificate file, and private key file from the third-party Certificate
Authority (CA).
You have obtained PuTTY.
You have obtained WinSCP.
You have obtained the management IP address of the controller node and agent node of the certificate to be
replaced and the passwords of the gandalf user and the root user.
Procedure
Check certificate files on the Agent nodes.
Step 124 Use PuTTY to log in to the Agent nodes one by one.
connection.
Step 125 Run the following command and enter the password of the root user to switch to the root
user:
su – root
TMOUT=0
Step 127 Run the following commands to switch to the directory that contains the certificates:
cd /opt/cloudos/pcs/agent/certs/
ll
total 12
-rw------- 1 root root 1233 Feb 23 12:50 agent.crt
-rw------- 1 root root 1751 Feb 23 12:50 agent.key
-rw------- 1 root root 3567 Feb 23 12:50 ca.crt
In the preceding command output, ca.crt indicates the root certificate, and agent.crt indicates
the server's certificate file, and agent.key indicates the server's private key file.
The new certificate files should be placed in the directory the same as that containing original ones. If
the newly replaced certificate has the same name as the original certificate, you need to back up the
original certificate.
If you have changed the certificate file name, accordingly change it in the configuration file by
following steps provided in (Optional) Modify the configuration file of the agent.

Ltd.
FusionSphere PCS
----End
Replace all certificate files on the Agent nodes.

Step 1 Use WinSCP to copy the obtained server's root certificate, server's certificate, and server's
private key file to the /home/GalaX8800/ directory of the Agent nodes.
Ensure that the gandalf user is used to establish the connection.
Step 2 Run the following command to import the root certificate, server certificate, and server
private key file.
cp /home/GalaX8800/obtained certificate file /opt/cloudos/pcs/agent/certs/
The default password is FusionSphere123. If you have changed the password of private key
file, accordingly change it in the configuration file by following steps provided in (Optional)
Modify the configuration file of the agent.
Step 3 Run the following command to restart the pcs-agent service:

systemctl restart pcs-agent
----End
Check certificate files on the controller nodes.

Step 1 Use PuTTY to log in to the Controller nodes one by one.
connection.
user:
su - root
TMOUT=0
Step 4 Run the following commands to switch to the directory that contains the certificates:
cd /opt/cloudos/pcs/controller/conf
ll
total 208
-rw-r--r-- 1 root root 6561 Feb 23 16:29 catalina.properties
-rw------- 1 root root 216 Feb 23 16:29 gaussdbpwd.conf
-rw-r--r-- 1 root root 3420 Feb 23 16:29 logging.properties

Ltd.
FusionSphere PCS
-rw------- 1 root root 2469 Feb 23 16:29 PcsClientKeyStore.p12

-rw------- 1 root root 1409 Feb 23 16:29 PcsTrustKeyStore.jks
-rw------- 1 root root 1766 Feb 23 16:29 server-private-key.pem
-rw-r--r-- 1 root root 7727 Feb 23 18:52 server.xml
-rw------- 1 root root 1314 Feb 23 16:29 tomcat-server-cert.pem
-rw-r--r-- 1 root root 169585 Feb 23 16:29 web.xml
In the preceding command output, PcsTrustKeyStore.jks indicates the root certificate, and
PcsClientKeyStore.p12 indicates the certificate file.
The new certificate files should be placed in the directory the same as that containing original ones. If
the newly replaced certificate has the same name as the original certificate, you need to back up the
original certificate.
If you have changed the certificate file name, accordingly change it in the configuration file by
following steps provided in (Optional) Modify the configuration file of the controller.
----End
Generate authorization certificates for controller nodes.

Step 1 Use WinSCP to copy the obtained server's root certificate, server's certificate, and server's
private key file to the /home/GalaX8800/ directory of the Controller nodes.
Ensure that the gandalf user is used to establish the connection.
Step 2 Run the following command to switch to the /home/GalaX8800/ directory:
cd /home/Galax8800
Step 3 Run the following command to generate client's certificate files (.pkcs12):
openssl pkcs12 –export –in Client's certificate file name –inkey Client's private key file
name –passin pass: Obtained client's certificate encryption password –out Name of the
client's certificate file (.pkcs12) to be generated –passout pass: Password of the client's
certificate file (.pkcs12) to be generated
For example, if the client's certificate file is agent.crt, client's private key file is agent.key,
the client's certificate encryption password and the password of the client's certificate file
(.pkcs12) to be generated are all FusionSphere123, and the client's certificate file (.pkcs12) to
be generated is PcsClientKeyStore.p12, run the following command:
openssl pkcs12 –export –in agent.crt –inkey agent.key –passin pass:FusionSphere123 –out
PcsClientKeyStore.p12 –passout pass:FusionSphere123
Step 4 Run the following command to generate the truststore certificate (.jks):
keytool –import –alias rootCA –file Root certificate file name –keystore Name of the
trustkeystore file(.jks) to be generated
For example, if the root certificate file is ca.crt, and the truststore certificate file (.jks) to be
generated is PcsTrustKeyStore.jks, run the following command:
keytool –import –alias rootCA –file ca.crt –keystore PcsTrustKeyStore.jks
Step 5 As prompted, enter the user-defined truststore password of the client.
Enter keystore password:

Ltd.
FusionSphere PCS
The default password is FusionSphere123. If you have changed the truststore password,
accordingly change it in the configuration file by following steps provided in (Optional)
Modify the configuration file of the controller.
The passwords of client's keystore and client's truststore must be the same.
Step 6 As prompted, enter the user-defined truststore password of the client again.
Re-enter new password:
Step 7 As prompted, enter y and press Enter to trust this certificate.

Trust this certificate? [no]:
Step 8 The truststore certificate (.jks) has been generated if the following information is displayed:
Certificate was added to keystore
----End
Replace all certificate files on the Controller nodes.

Step 1 Run the following commands to remove certificate file.
cd /opt/cloudos/pcs/controller/conf
rm PcsClientKeyStore.p12 PcsTrustKeyStore.jks
Step 2 Run the following commands to copy certificate file.
cp /home/GalaX8800/Name of the generated truststore certificate file (.jks)
/opt/cloudos/pcs/controller/conf/
cp /home/Galax8800/Name of generated keystore certificate
file(.p12) /opt/cloudos/pcs/controller/conf
Step 3 Run the following command to restart the pcsd service:
systemctl restart pcsd
----End
(Optional) Modify the configuration file of the agent.

Step 1 Use PuTTY to log in to the agent nodes one by one.
connection.
Step 2 Run the following command and enter the password of the root user to switch to the root user:
su – root
TMOUT=0

Ltd.
FusionSphere PCS
Step 4 If you need to modify the private key password, go to Step 5. Otherwise, go to Step 10.
Step 5 Run the following command to invoke the encryption tool:
kmctool –e
Step 6 As prompted, enter the plaintext to be encrypted and press Enter to generate the encrypted
information.
please input password:
Step 7 The encrypted information has been generated if the following information is displayed.
Where cipherLen indicates the ciphertext length and cipher indicates the encrypted ciphertext.
FS_KMC_Encrypt success.
cipherLen=[216]
cipher=[AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4bBZbBW+5q4+0J/
wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKuX79jh3HOKCu+W
hRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==]
Step 8 Run the following command to open the agent.conf configuration file using the vi editor:
vi /opt/cloudos/pcs/agent/conf/agent.conf
Press i to enter the editing mode.
Change the ssl.agent.key.passwd value in the configuration file.
Change the ssl.agent.key.passwd value to the ciphertext noted down in Step 7. The changed
configuration file is as follows:
ssl.agent.key.passwd=AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4b
BZbBW+5q4+0J/wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKu
X79jh3HOKCu+WhRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==
Step 9 Press Esc and enter :wq to save the configuration and exit the vi editor.
Step 10 If you need to modify root certificate file name or file path, go to Step 11. Otherwise, go to
Step 13.
Change the ssl.ca.cert.path value to the latest root certificate path and file name.
Step 13 If you need to modify certificate file name or file path, go to Step 14. Otherwise, go to Step
16.
Change the ssl.agent.cert.path value to the latest server certificate path and file name.

Ltd.
FusionSphere PCS
Step 16 If you need to modify certificate file name or file path, go to Step 17. Otherwise, go to Step
19.
Change the ssl.agent.key.path value to the latest root certificate path and file name.
Step 19 Run the following command to restart the pcs-agent service:
systemctl restart pcs-agent
----End
(Optional) Modify the configuration file of the agent.

Step 1 Use PuTTY to log in to the Controller nodes one by one.
connection.
su – root
TMOUT=0
Step 4 If you need to modify the certificate access password, go to Step 5. Otherwise, go to Step 10.
Step 5 Run the following command to invoke the encryption tool:
kmctool –e
Step 6 As prompted, enter the plaintext to be encrypted and press Enter to generate the encrypted
information.
please input password:
Step 7 The encrypted information has been generated if the following information is displayed.
Where cipherLen indicates the ciphertext length and cipher indicates the encrypted ciphertext.
FS_KMC_Encrypt success.
cipherLen=[216]
cipher=[AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4bBZbBW+5q4+0J/
wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKuX79jh3HOKCu+W
hRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==]
Step 8 Run the following command to open the PcsAgentConfig.conf configuration file using the vi
editor:
vi /opt/cloudos/pcs/controller/apps/pcs-website/WEB-
INF/classes/conf/PcsAgentConfig.conf
Change the keystorepassword value in the configuration file.
Ltd.
FusionSphere PCS
Change the keystorepassword value to the ciphertext noted down in Step 7. The changed
configuration file is as follows:
keystorepassword=AAAAAQAAAAEAAAAAAAAABQAAAAEAAAABEoKhjHVc/5+WP2Mij7mOFLVN4HB4bBZbB
W+5q4+0J/wAAAAQAAAAAAAAAACsxdxm4hxDymyfhnF7TxH4AAAAAQAAAAAAAAgEAAAAAQAAAAEgZKuX79j
h3HOKCu+WhRLUAAAAAAAAAABU32Iet4WHptpa3MZoLkP5D0u72/80I1yioVLk9uf8Yg==
Step 10 If you need to modify truststore certificate file (.jks) name or file path, go to Step 11.
Otherwise, go to Step 13.
editor:
Change the trustkeystore value in the configuration file.
Change the trustkeystore value to the latest truststore certificate file (.jks) path and name.
Step 13 If you need to modify keystore certificate file (.p12) name or file path, go to Step 14.
Otherwise, go to Step 16.
editor:
Change the clientkeystore value in the configuration file.
Change the clientkeystore value to the latest keystore certificate file (.p12) path and name.
Step 16 Run the following command to restart the pcsd service:
systemctl restart pcsd
----End
11.13 Changing the Password for the GaussDB

Administrator on the Controller Node
Scenarios
Change the password of the postgres user for connecting to the Gauss database on the
Controller node. This account is the internal super administrator account of the Gauss
database, and is granted the permission to create databases and users and back up data.

Ltd.
FusionSphere PCS
To ensure database security, change the default password immediately after database
installation and keep changing periodically.
The default password of the postgres user is cloudos@123.
When Controller is deployed in active/standby mode, the changed password of the GaussDB
database on the active Controller node is synchronized to the standby Controller node. You do
not need to change the password of the GaussDB database on the standby Controller node
again.
Prerequisites
Conditions
 You have obtained the management IP address of the active Controller node.
 You have obtained the login passwords of the gandalf user and the root user.
 You have obtained the current password of the Gauss database on the Controller node.
 When Controller is deployed in active/standby mode, ensure that they can communicate
with each other properly.
The default passwords of the gandalf and root users are IaaS@OS-CLOUD9! and IaaS@OS-
CLOUD8!, respectively.
Procedure
Step 17 Use PuTTY to log in to the active Controller node.
connection.
user:
su - root
Step 19 Run the following command to disable logout on timeout:
TMOUT=0
Step 20 Run the following command to change the Gauss database password:
sh /opt/galax/gms/common/modsysinfo/modifyPostgresPwd.sh
The password must meet requirements listed in the following table.

Ltd.
FusionSphere PCS
New password Value: a string of 8 to 30 characters Gaussdb@234

The password must contain at least
three of the following character
types:
Uppercase letters
Lowercase letters
Digits
Special characters: ~!@#$%^&*()-
_=+|[{}];:,<.>/?
The new password cannot be the
same as the old password.
The password cannot be the same as
the password set in the latest 60
days.
The password cannot be the
username or the username in
reversed order.

The password is successfully changed if the following information is displayed:
Password modified successed!
----End
11.14 Changing the Password for Accessing Common

Services in GaussDB on the Controller Node
Scenarios
On PCS, change the database passwords of the Controller nodes to improve system security.
This is a high-risk operation. Do not frequently change the database passwords. If the user
environment imposes high requirements for security, change the passwords periodically.
The default password of the pcsuser user is SingleLOUD!1.
again.

When this operation is performed, all service processes must be stopped. Therefore, do not
perform service provisioning when changing passwords of Controller database accounts.

Ltd.
FusionSphere PCS
Prerequisites
Conditions
 You have obtained the management and floating IP addresses of the Controller node.
 You have obtained the login passwords of the gandalf user and the root user.
 You have obtained the current database password of the Controller node.
Procedure
Do not attempt to interrupt the password change process by pressing Ctrl+C or Ctrl+Z.
Otherwise, service processes may fail to access the database, and service exceptions may
occur. If such an exception occurs, reset the password by performing the operations provided
in "Resetting the Password for Accessing Common Services in GaussDB on the Controller
Node".

su - root
Step 26 Run the following command to disable logout on timeout:
TMOUT=0
Step 27 Run the following command to change the database password of the active Controller:
sh /opt/galax/gms/common/modsysinfo/modifyPcsDbPwd.sh
Step 28 Enter the old database password as prompted and press Enter.
Step 29 Enter a new database password based on requirements in the following table and press Enter.

Ltd.
FusionSphere PCS
New password Value: a string of 8 to 30 characters Galax@123

The password must contain at least one of the
following special characters: ~!@#$%^&*()-
_=+|{};:<.>
The password must contain at least two of the
following character types:
Uppercase letters
Lowercase letters
Digits
The new password cannot be the same as the
old password.
The password cannot be the same as the
password set in the latest 60 days.
The password cannot be the username or the
username in reversed order.

The database password for the active Controller node is changed if the following information
is displayed:
Result:Success
----End
11.15 Resetting the Password for Accessing Common

Services in GaussDB on the Controller Node
Scenarios
On PCS, reset the database passwords of the Controller nodes to improve system security.
This is a high-risk operation. You can reset the password if you have forgotten it. During
routine maintenance, you are advised only to change the password.
The default password of user pcsuser is SingleLOUD!1.
again.

Ltd.
FusionSphere PCS

When this operation is performed, all service processes must be stopped. Therefore, do not
perform service provisioning when changing passwords of Controller database accounts.
Prerequisites
Conditions
 You have obtained the management and floating IP addresses of the Controller node.
 You have obtained the login passwords of the gandalf and root users.
 You have obtained the current database password of the Controller node.
Procedure
Do not attempt to interrupt the password change process by pressing Ctrl+C or Ctrl+Z.
Otherwise, service processes may fail to access the database, and service exceptions may
occur. If such an exception occurs, reset the password by performing the following operations.
If the exception persists after several retries, contact technical support.

su - root
TMOUT=0
Step 34 Run the following command to reset the database password of the active Controller node:
sh /opt/galax/gms/common/modsysinfo/modifyPcsDbPwd.sh reset
Step 35 Enter the administrator password as prompted and press Enter.
The default username of the administrator is postgres, and its default password is cloudos@123.
Step 36 Enter a new database password based on requirements in the following table and press Enter.

Ltd.
FusionSphere PCS
New password Value: a string of 8 to 30 characters Galax@123

The password must contain at least one
of the following special characters: ~!
@#$%^&*()-_=+|{};:<.>
The password must contain at least two
of the following character types:
Uppercase letters
Lowercase letters
Digits
The new password cannot be the same
as the old password.
The password cannot be the same as the
password set in the latest 60 days.
The password cannot be the username
or the username in reversed order.

The database password for the active Controller node is reset if the following information is
displayed:
Result:success.
----End
11.16 Configuring the Agent Administrator Account

In a cloud scenario, an agent administrator must be configured in ManageOne for the project
where the VM to be switched is located. To configure an agent administrator, perform the the
following steps:
Step 38 Use the account and password of the bss_admin user in the LLD to log in to ManageOne
Operation Portal.
Step 39 Choose Tenant > Tenant Agent Maintenance. The Tenant Agent Maintenance page is
displayed.
Step 40 Click Create Agent Administrator, enter a user name and set a password, select the agent
tenant, and click Create. The agent administrator account of the tenant to which the VM to be
switched belongs is created.
Step 41 Click Log Out in the upper right corner to log out of the current bss_admin account. Log in
to ManageOne Operation Portal using the created bss_admin administrator account. Then the
Select Delegating Tenant and Project page is displayed.
Step 42 On the displayed page, click the account icon in the upper right corner and choose My
Settings. Then, record the Tenant ID. Click My Center to return to the Select Delegating

Ltd.
FusionSphere PCS
Tenant and Project page. Select the agent tenant managed by the agent administrator and
click OK. Then the agent administrator can manage the agent VDC tenant and check whether
the VM and project to be switched are in the tenant.
----End
11.17 Setting the Volume Type Mapping for CSHA and

CSDR
11.17.1 Configuring Storage DR Rules
Step 43 Use a browser to log in to ManageOne Maintenance Portal as the admin user.
 Login address: https://IP address of ManageOne Maintenance Portal:31943. You can
obtain the login address on the portal sheet in xxx_export_all_EN.xlsm exported by
HUAWEI CLOUD Stack Deploy.
 Default password of the admin user: Huawei12#$.
Step 44 On the Quick Links tab page in the lower right corner, click Service OM. The Service OM
service management page is displayed.
Step 45 Choose Resource > Storage Service > AZ > Backend Storage. On the Backend Storage
page, locate the storage pool based on the value (FusionCompute) of the Type column. In
the following figure, the storage pool information and disk type correspond to
FusionCompute is xen_pool57 and fc_volume1, respectively. Click the disk type
fc_volume1 to obtain the value of the Availability Zone, in this example, the value of the
Availability Zone is azfc1.

Ltd.
FusionSphere PCS
Step 46 Log in to the FusionCompute web client where the storage pool information xen_pool57 is
configured. Choose Storage > site > Data Store. On the page that is displayed, view the
number of storage devices to get the backend storage pool name, which is xen_pool1.
Step 47 Based on the storage pool information obtained in Step 46, locate the name of another
backend storage corresponding to the same storage pool in the backend storage of Service
OM. As shown in the following figure, the name of another backend storage is V323 and the
disk type is kvm_volume1. Click the disk type kvm_volume1 to obtain the value of the
Availability Zone, in this example, the value of the Availability Zone is az1.dc1.

Ltd.
FusionSphere PCS
Step 49 On the Quick Links tab page in the lower right corner, click eReplication. On the
BCManager service management page that is displayed, choose resources > LocalServer >
autoSite > FusionSphere. If the AZ obtained in Step 45 has an AZ mapping, skip this step.
Otherwise, click Add to add the AZ mapping of CSHA or CSDR.
Step 50 Click the Volume Type Mapping tab to map the volume type of CSHA or CSDR based on
the newly created disk type obtained in Step 46.
The target volume type of CSHA or CSDR can be obtained from the volume type mapping of the
existing FusionCompute type. The volume type of FusionCompute can be obtained in Step 45.
Step 51 Click the Volume Type Mapping tab to delete the volume type mapping of the existing
FusionCompute type. The volume type of FusionCompute can be obtained in Step 45.
----End
11.17.2 Adding Storage DR Rules

Step 53 On the Quick Links tab page in the lower right corner, click FusionSphere CPS. On the
FusionSphere CPS service management page that is displayed, choose O&M > Storage
Disaster Recovery and click Add Disaster Recovery Rule. The Add Disaster Recovery
Rule page is displayed.
Step 54 Configure DR rules based on the backend storage and AZ information obtained in Step 45 in
section "Configuring Storage DR Rules."
On the AZ page, enter the AZ information obtained in in Step 45 in section
11.17.1"Configuring Storage DR Rules." and click to configure backend storage.
On the Configure Backend Storage page, set Storage Name to the backend storage name
obtained in Step 45 in section "Configuring Storage DR Rules." Select all the hosts that
function as controller nodes in Select Hosts to Deploy the Service.

Ltd.
FusionSphere PCS
----End
11.18 Returning the Extra Fees of PCS Snapshots During the

Switchover and Drill
The snapshot function of OpenStack is required during the switchover and drill. However,
ManageOne and OpenStack cannot enable the snapshots to be free of charge. Therefore, the
snapshots generated during the switchover and drill are inevitably charged. You can return the
extra fees as follows:
1. Export the orders generated during the VM switchover. For details, see section
"Exporting and Viewing Orders" in Huawei Cloud Stack 6.5.1 Product Document.
2. Hand over the order to the bss_admin user to return the fees for the drill snapshots
whose names start with Pcs_Drill_Snapshot_ and the switchover snapshots whose
names start with Pcs_Switch_Snapshot_.
----End

Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Appendix 2 Troubleshooting
12 Appendix 2 Troubleshooting
12.1 Failure to Access the System After a UEFI VM Is

Switched
12.1.1 Symptom
After the boot firmware of a VM running the Linux OS is set to UEFI and the OS is
successfully installed on the VM, the VM OS fails to start.
12.1.2 Possible Causes

The VM OS cannot locate the UEFI boot file. Therefore, the OS cannot start.
12.1.3 Procedure
Configure the boot file.
After the OS is successfully installed on the VM, you are required to restart the VM OS. During the OS
restart process, if OS type is Red Hat, press Delete to enter the UEFI setup screen, if Suse, input “exit”
command, Other OS please refer to their official documents. Then perform the following operations:
1. Move the cursor to Boot Maintenance Manager shown in Figure 1 and press Enter.

Ltd.
FusionSphere PCS
Figure 1 Boot Maintenance Manager
2. Move the cursor to Boot From File shown in Figure 2 and press Enter.
Figure 2 Boot From File
3. On the Boot From File screen, move the cursor to the first option NO VOLUME LABEL
shown in Figure 3 and press Enter.

Ltd.
FusionSphere PCS
Figure 3 Boot option
4. Move the cursor to EFI and press Enter.

5. Move the cursor to redhat shown in Figure 4 and press Enter.
Figure 4 EFI redhat option

Ltd.
FusionSphere PCS
6. Move the cursor to grub.efi shown in Figure 5 and press Enter.
Figure 5 Grub.efi option
Make UEFI boot file configuration permanent.
The configured boot file takes effect for only one time. You must perform the following operations to
make the configuration permanent:
1. During the OS restart process, if OS type is Red Hat, press Delete to enter the UEFI setup screen,
if Suse, input “exit” command, Other OS please refer to their official documents. Then select
Boot Maintenance Manager.
2. Move the cursor to Boot Options shown in Figure 6 and press Enter.

Ltd.
FusionSphere PCS
Figure 6 Boot Options
3. Move the cursor to Add Boot Option shown in Figure 7 and press Enter.
Figure 7 Add Boot Option
4. Select grub.efi again by performing 4 to 6 after the screen in 3 is displayed again. Figure 8
shows the displayed screen.

Ltd.
FusionSphere PCS
Figure 8 Boot option
5. After grub.efi is selected, enter the Modify Boot Option Description screen shown Figure 9.
Figure 9 Modify Boot Option Description
6. Press Enter to enter description information for Input the Description shown in Figure 10.

Ltd.
FusionSphere PCS
Figure 10 Input the Description
7. Press Enter to confirm the information. Figure 11 shows the screen.
Figure 11 Boot option confirmation
8. Press F10 to save the configuration and press Y to confirm the operation. Figure 12 shows the
screen for confirming the operation.

Ltd.
FusionSphere PCS
Figure 12 Saving configuration
9. Press Esc to switch to the Boot Option screen and then select Change Boot Order shown in
Figure 13.
Figure 13 Change Boot Order
10. Select Change the order shown in Figure 14.

Ltd.
FusionSphere PCS
Figure 14 Change the order
11. Select the description you entered in 12 and press + to move it to the top. Figure 15 shows the
screen.
Figure 15 Change Boot Order

Ltd.
FusionSphere PCS
12. Press F10 to save the configuration, press Y to confirm the operation, press Esc to switch to the
initial screen, and select Continue.
12.2 NIC Name Change After the Switchover of Windows

VMs
The Windows OS has restrictions on the identification mechanism of NIC devices and NICs.
For details, see https://support.microsoft.com/en-gb/help/269155/error-message-when-you-
try-to-set-an-ip-address-on-a-network-adapter.
If the Windows template VM of the Xen type has a NIC before the switchover, VMs
provisioned by the template may have the following problems after the switchover:
The NIC name is Local Area Connection N, rather than Local Area Connection, where N is a number.
When you rename the NIC Local Area Connection, a message similar to "Cannot rename this connection. A
connection with the name you specified exists. Specify a different name." is displayed on the Windows OS.
If a static IP address has been configured for a NIC on the Windows template VM on the Xen platform, an error
message "The IP address XXX.XXX.XXX.XXX you have entered for this network adapter is already assigned to
another adapter Name of adapter. Name of adapter is hidden from the network and Dial-up Connections folder
because it is not physically in the computer or is a legacy adapter that is not working. If the same address is
assigned to both adapters and they become active, only one of them will use this address. This may result in
incorrect system configuration. Do you want to enter a different IP address for this adapter in the list of IP
addresses in the advanced dialog box? "is displayed when you set the same static IP address for the VMs
provisioned from the template after the switchover. XX.XX.XX.XX indicates the IP address, and #N may be empty
or a number.
To avoid the preceding problems, perform the following steps:
Step 55 Go to the Windows CLI.
Step 56 Run the set devmgr_show_nonpresent_devices=1 command and press Enter.
Step 57 Run the Start DEVMGMT.MSC command and press Enter.
The Device Manager window is displayed.
Step 58 In the Device Manager window, click View and then select Show hidden devices.

Ltd.
FusionSphere PCS
Step 59 Click Network adapters, and check whether network adapters Realtek RTL8139C+ Fast
Ethernet NIC and Xen Net Device Driver #N in the red boxes are displayed in the following
figure.
#N may be empty or a number, that is, multiple network adapters of Xen Net Device Driver
may exist.
Step 60 Right-click Realtek RTL8139C+ Fast Ethernet NIC and all network adapters of Xen Net
Device Driver, and then click Uninstall. In the displayed Confirm Device Uninstall dialog
box, click OK.

Ltd.
FusionSphere PCS
After the uninstallation is complete, the two types of devices are not displayed under
Network adapters in the Device Manager window.
Then, you can change the VM NIC name and network configuration as required. For example,
you can change Local Area Connection 3 to Local Area Connection and set the static IP
address that has been configured in the template for the network adapter.
----End

Ltd.
FusionSphere PCS
12.3 Agent status display for Abnormal

If the floating IP address of the controller node is modified, perform the following operation
on the agent node:
Step 61 Use PuTTY to log in to the active agent node as user gandalf, run the su - root command to
switch to user root, and run the TMOUT=0 command to disable user logout upon system
timeout.
Step 62 Run the sed -i 's/^controller-ip=.*/controller-ip=controller Floating IP address/g'
/opt/cloudos/pcs/agent/conf/controller.conf command to change the controller-ip to
controller Floating IP address.
Step 63 Run the service pcs-agent restart command on the agent node to restart the pcs-agent
process.
Step 64 Wait for 3 minutes and check whether the agent node is normal.
 If yes, no further action is required.
 If no, contact Huawei technical support.
----End
12.4 Failed to Execute the Disk Configuration Injection

Task During the Drill and Switchover
During the batch drill or switchover, unexpected exceptions may occur on an agent VM when
disks are frequently attached to or detached from the VM. Consequently, the task fails to be
executed. This section describes how to handle a specific failure.
Procedure
Step 65 On PCS, choose VM Switchover > Switchover Task and check whether causes for the
injection task failure are as follows:
 The Linux disk fails to be attached to the agent.
 Failed to detach the disk from the agent, please try to perform the operation again.
 The injection tool fails to find the system root partition.
 The injection tool fails to decompress the kernel file. The possible cause is that there is
not enough space in the partition where the kernel file is located.
Step 66 Execute the task again.
 If the fault persists, go to Step 67.
 If the task execution succeeds, no further action is required.
Step 67 On the Cloud Platform Management page of PCS, choose the target platform, view agent
information, and check whether the agent VM is in the normal status.
 If yes, contact technical support.
Step 68 Locate the agent VM, and restart the VM, as shown in the following figure.

Ltd.
FusionSphere PCS
 If the restart fails, go to Step 69.

 If the restart succeeds, go to Step 70.
Step 69 Stop VM firstly, and then Start VM.

Step 70 On the Cloud Platform Management page of PCS, choose the target platform, view agent
information, and check whether the agent VM is in the normal status.
 If no, contact technical support.
Step 71 Execute the task again.
 If the task execution succeeds, no further action is required.
 If the fault persists, contact technical support.
----End
12.5 Faulty OS During the Deployment of Controller VMs

Scenarios
When controller VMs in the standalone mode are faulty, perform the operations provided in
this section to rectify the fault and quickly restore services.
Impacts on the System

Services cannot be provided.
Prerequisites
You have obtained the administrator or the agent administrator account and password of the
ManageOne system.

Ltd.
FusionSphere PCS
You have obtained the IP address and name of the faulty controller node.
You have obtained the password of the admin user for logging in to the faulty PCS system.
Procedure
Step 72 Stop the faulty controller VMs by following the instructions provided in "Stopping a VM" in
Huawei Cloud Stack 6.5.1 Product Document.
Step 73 Deploy a controller VM by following the instructions provided in "Creating a VM from a
Template" in Huawei Cloud Stack 6.5.1 Product Document.
Before the installation, record the original IP address and node name of the faulty controller VM. During
the reinstallation, the information must be the same as the original IP address and node name.
Step 74 Restore the data of the third-party backup server on the controller node. For details, see
section "Restoring Data."
Step 75 After the restoration, log in to the PCS to check whether the services are normal and whether
the data is correct.
 If no, contact technical support.
Step 76 Delete the faulty controller VM. For details, see section "Deleting a VM" in Huawei Cloud
Stack 6.5.1 Product Document.
----End
12.6 Failed to Switch Certain Images During the

Concurrent Image Switchover
Scenarios
The controller node concurrently switches multiple images. However, some images fail to be
switched when you confirm the step of creating images.

Services cannot be provided.
Prerequisites
 You have obtained the username and password of the system administrator or agent
administrator for logging in to FusionSphere OpenStack.
 You have obtained the IP address and name of the faulty controller node.
 You have obtained the password of the administrator for logging in to the faulty PCS
system.

Ltd.
FusionSphere PCS
Procedure
Step 77 Log in to a FusionSphere OpenStack node and run the df -h | grep image_cache command.
Step 78 Check whether the value of Avail is greater than or equal to the total size of all selected
images.
Step 79 If the value of Avail cannot meet the requirement, set the proper size of image cache in CPS
based on Huawei Cloud Stack 6.5.1 Product Document.
----End
13 Appendix 3 Obstacle Item Description
This section describes all the obstacle items supported by PCS, impacts on the drill and
switchover, supported handling actions, and drill and operation suggestions.
13.1 VM Has vCPU Binding Enabled

Obstacle Item Description
Bind a VM and physical CPU cores on a host to limit the range where the CPU cores on the
host can be used. For VMs that have vCPU binding enabled, they are not automatically bound
to physical CPU cores of the host after the switchover.
Impacts on Drill and Handling Actions

 Default impact: Minor
 Default handling action: Ignore
 Optional handling action: Ignore or Adjust VM Later
Impacts on Switchover and Optional Actions


Ltd.
FusionSphere PCS
Operation Guide (HCS Xen to KVM) 4 Appendix 3 Obstacle Item Description
Drill Suggestions
The drill aims to check whether the guest OS and services of the drill VM can be started
properly. You are not advised to manually bind the VM to the physical CPU cores of the host.
If the vCPU core binding is configured using Xen VRM, this feature will be discarded after
the drill.
Switchover Suggestions
If vCPU core binding is configured using Xen VRM, this feature will be discarded after the
switchover.
13.2 VM Is Bound to Host

You can bind a VM to a host to run the VM on a specific host or use a specific peripheral on
the host. After a VM that is bound to a host on the Xen platform is switched over to the target
KVM platform, the VM is not automatically bound to the host.


Drill Suggestions
properly. You are advised not to manually bind the drill VM to the host. If the VM is bound to
the host through Xen VRM, the feature will be lost after the switchover.
If this feature is configured using Xen VRM, this feature will be discarded after the
switchover.

Ltd.
FusionSphere PCS
13.3 VM Is a Template VM
A VM template can be used to implement quick VM deployment. PCS does not support VM
template drill because the VM template is in the shutdown state. You can switch over the VM
template directly. If the VM template is faulty after the switchover, you can perform rollback
on PCS.

 Default impact: Major
 Default handling action: Adjust VM Later
 Optional handling action: Adjust VM Later

 Default impact: None
 Default handling action: N/A
 Optional handling action: N/A
Drill Suggestions
The drill aims to check whether the guest OS and services of the VM can be properly started.
You can switch over the VM template directly. If the VM template is faulty after the
switchover, you can perform rollback on PCS.
During the template VM switchover, the VM is a common VM on the KVM platform.
If the VM is normal, select Finish Confirmation to complete the switchover. PCS
automatically converts the VM to a template.
If the VM is abnormal, perform rollback on PCS to roll back the switchover process. PCS will
restore the Xen template VM to the state before the switchover.
13.4 VMs that Use Shared Disks Are Not All Stopped
If a VM uses a shared disk, the VM cannot be subject to a drill, but can be subject to a
switchover. However, all VMs to which the shared disk is mounted must be shut down. In
addition, during the switchover, no snapshot is created for the shared disk, and data is directly
written to the shared disk. Therefore, after the rollback function of PCS is used to roll back
the VM using the shared disk, the data will be saved on the shared disk and cannot be rolled
back.
If the shared disk is on the RDM data store, that is, the shared disk is an RDM disk, the VM to
which the RDM shared disk is attached does not need to be shut down during the switchover.
However, data is written to the RDM disk during the switchover and cannot be rolled back.

Ltd.
FusionSphere PCS
If cluster services, such as Oracle RAC and MSCS, are running on a VM that uses a shared
disk, you are advised to use the capacity expansion capability at the service layer to perform
the switchover, thus avoiding the potential impact of disk controller changes on services after
the VM switchover.


Drill Suggestions
The drill is not supported.
If cluster services, such as Oracle RAC and MSCS, are running on a VM that uses a shared
disk, you are advised to use the capacity expansion capability at the service layer to perform
the switchover, thus avoiding the potential impact of disk controller changes on services after
the VM switchover.
If PCS is used for the switchover and the shared disk is an RDM disk, you can directly
perform the switchover. Otherwise, you need to shut down all the VMs to which the shared
disk is mounted and perform the switchover at the same time in a window.
13.5 Linked Clone Disks Have Been Attached to a VM

PCS does not support the drill and switchover of VMs that have linked clone disks attached.



Ltd.
FusionSphere PCS
Drill Suggestions
Linked clone VMs cannot be directly switched. Switch over the template that is used for
provisioning linked clone VMs to the KVM platform using PCS and then use the template to
provision linked clone VMs.
13.6 ISO File or UVP VMTools Is Mounted to the VM

The ISO or physical DVD-ROM drive can be mounted to a VM in shared mode or local
mode. After the drill and switchover is performed on the VM, the CD-ROM drive is not
automatically mounted to the target VM.
You can install Tools on a VM by mounting Tools. During this process, an ISO file containing
Tools is mounted to the VM.
After a drill and switchover, the Tools ISO file cannot be automatically mounted to the target
VM.


Drill Suggestions
properly.
You are advised to ignore the obstacle item. If the source DVD-ROM drive is required for the
drill, mount the DVD-ROM drive to the drill VM on the target KVM platform.
You are advised to ignore the obstacle item. If the source CD-ROM drive is required for the
switchover, mount the CD-ROM drive to the target VM on the target KVM platform.

Ltd.
FusionSphere PCS
13.7 USB Device Is Mounted to a VM

A VM can be bound to a USB device on the host to access the USB device, thus meeting
service requirements. The target VM cannot be automatically bound to the USB device after
the drill and switchover because the USB device is on the source host.


Drill Suggestions
properly.
You are advised to ignore the obstacle item. If the drill depends on the USB device but does
not strongly depend on the source USB device, you can bind the USB device of the target
KVM host to the drill VM.
If the drill VM is not on the target KVM host with USB devices, you can migrate the VM to
the target host.
You are advised to ignore the obstacle item. If a USB device is required for the switchover,
install the source USB device on the target KVM host where the VM to be switched is
located, or bind the USB device on the target KVM host to the VM to be switched.
If the switchover VM is not on the target KVM host with USB devices, you can migrate the
VM to the target host.
13.8 VM Is a DR VM
PCS does not support drill or switchover VMs whose DR feature was enabled.


Ltd.
FusionSphere PCS

Drill Suggestions
The switchover is not supported.
13.9 VM Is an Antivirus Guest VM (GVM)

Since FusionSphere virtualization suite V100R006C10 (Xen) and HCS 6.5.1 (KVM) support
different antivirus mechanisms and vendors (for details, see the FusionSphere virtualization
suite compatibility list.), you need to uninstall GVM driver then switch over GVM to the
target KVM platform. After the switchover, adjust the configuration to implement the
interconnection to the secure VM based on the Huawei Cloud Stack 6.5.1 Product Document.
The GVM driver needs to be uninstalled first. Therefore, PCS does not support the online drill
of the GVM.


Drill Suggestions
Uninstall the GVM driver from the VM and perform the switchover. After the switchover is
complete, reconfigure the antivirus service by referring to FusionSphere Huawei Cloud Stack
6.5.1 Product Document.

Ltd.
FusionSphere PCS
13.10 VM Is a Secure VM (SVM)

Since FusionSphere virtualization suite V100R006C10 (Xen) and HCS 6.5.1 (KVM) support
different antivirus mechanisms and vendors (for details, see the FusionSphere virtualization
suite compatibility list.), SVM cannot be switched over to the target KVM platform.


Drill Suggestions
13.11 GPU Device Is Mounted to a VM

With the evolution of GPU device and GPU virtualization technologies, FusionSphere
virtualization suite V100R006C10 (Xen) and HCS 6.5.1 (KVM) support different GPU
models and virtualization technologies. Therefore, after Xen VMs using GPU devices are
switched over to the target KVM platform, GPU devices are not automatically configured. For
details about how to configure GPU devices, see the Huawei Cloud Stack 6.5.1 Product
Document. You need to select a suitable vGPU or passthrough GPU device for the VM.
In addition, VMs with GPU devices do not support the drill.



Ltd.
FusionSphere PCS

Drill Suggestions
13.12 HANA Configuration Is Enabled on the VM

FusionSphere virtualization suite V100R006C10 (Xen) supports the HANA optimization
function to improve VM performance in the HANA service cluster. Currently, FusionSphere
virtualization suite HCS 6.5.1 (KVM) is not certified by HANA. Therefore, after Xen VMs
with HANA optimization function enabled are switched over to the KVM platform, the
HANA service running requirements may not be met.


Drill Suggestions
13.13 VM Uses Local Disk (Non-Virtualization) Storage

VMs that use local disks (non-virtualization) storage cannot be subject to the drill and
switchover.

Ltd.
FusionSphere PCS


Drill Suggestions
13.14 VM Uses SAN Storage (Non-Virtualization)

VMs that use SAN storage (non-virtualization) cannot be subject to the drill and switchover.


Drill Suggestions

Ltd.
FusionSphere PCS
13.15 VM Uses Virtualized Local Hard Disks

VMs that use virtualized local hard disks cannot be subject to the drill and switchover.


Drill Suggestions
13.16 HA Function Is Enabled for the VM, but the Host

Group with the HA Function Enabled Does Not Exist in
the Target AZ
After the VM with HA enabled is switched to the target KVM AZ, whether the HA function is
enabled depends on the configuration of the target AZ. Therefore, if the HA function is
disabled for the target AZ, the HA function for the VM is disabled by default after the
switchover.



Ltd.
FusionSphere PCS
Drill Suggestions
properly. You are advised to ignore the obstacle item.
Before the switchover, plan a host group with the HA function enabled. Then, you can switch
over the VMs with the HA function to be enabled to the host group.
If the HA function cannot be enabled for the target cluster but must be enabled for the VM,
you can enable the HA function for the VM by setting the HA substitute item on the KVM
platform after the VM is switched to the KVM.
13.17 VM Has a VM Snapshot or Volume Snapshot

After a source VM with a VM snapshot or volume snapshot is switched to the KVM platform,
these snapshot points are invisible on the KVM platform, and VMs cannot be restored to these
points.


Drill Suggestions
If a volume snapshot is available, back up the snapshot data in advance. After a VM is
switched to the KVM platform, the volume snapshot is unavailable and cannot be restored to
the time point when the snapshot was taken.

Ltd.
FusionSphere PCS
13.18 Tools (PV Driver) Is Not Running

During the online drill, online snapshots are taken for the VM. To achieve this, Tools must be
installed and be running properly on the VM. During VM switchover, shut down the source
VM in graceful mode to ensure that data on the source VM is stored on the disk. Also, Tools
must be installed and be running properly on the VM.
Therefore, when the VM is in the running state and Tools (PV driver) is not running, the drill
and switchover cannot be performed.


Drill Suggestions
Install Tools on the VM and ensure that Tools is running properly, and then perform the VM
drill.
Install Tools on the VM and ensure that the VM is running properly. Alternatively, log in to
the VM, shut down the VM in graceful mode, and then perform the VM switchover.
13.19 Source VM Is Not in the Running or Stopped State

VMs in only running or stopped state can be subject to the drill and switchover.



Ltd.
FusionSphere PCS
Drill Suggestions
If a VM is in the transient state (for example, switching or creating), perform the drill after the
VM is in the running or stopped state. If a VM is in the hibernated state, you can wake up or
shut down the VM, change the VM to the running or stopped state, and then perform the drill.
If a VM is in the transient state (for example, switching or creating), perform the switchover
after the VM is in the running or stopped state. If a VM is in the hibernated state, you can
wake up or shut down the VM, change the VM to the running or stopped state, and then
perform the switchover.
13.20 Disk Configuration of the Source VM Changes After

the VM Is Added to a Switchover Plan
The disk configuration of the source VM changes after the VM is added to a switchover plan.


Drill Suggestions
13.21 Source Port Group Uses VXLAN

FusionSphere virtualization suite V100R006C10 (Xen) supports the configuration of VTEP
networks for uplinks of DVSs so that VMs can use VXLAN networks when FusionManager

Ltd.
FusionSphere PCS
is used. FusionSphere virtualization suite HCS 6.5.1 (KVM) does not support this
configuration. Therefore, VXLAN cannot be used after VMs are switched over to the target
KVM platform.
Therefore, PCS does not support the drill and switchover of such VMs.


Drill Suggestions
The drill is not supported. To perform the drill, change the CPU quota of the source VM to a
value supported by the target KVM platform.
13.22 Configurations of Whether Memory

Overcommitment Is Enabled Are Different for the Source
Clusters and Target Platforms
If the configurations about whether the memory overcommitment is enabled are different for
the source cluster and the target platforms selected in the switchover plan, the memory
overcommitment rate of the host where the VM is located may be different after the
switchover.



Ltd.
FusionSphere PCS
Drill Suggestions
You are advised to ignore the obstacle item.
On the target KVM platform, set a cluster with the same configuration about whether the
memory overcommitment is enabled as that of the Xen platform. For VMs whose the
configuration about whether memory overcommitment is enabled must be retained, switch
over them to the cluster that you set. For other VMs, switch over them to other clusters.
13.23 Configurations of Whether HA Is Enabled Are

Different for the Source Clusters and Target Platforms
If the configurations about whether HA is enabled are different for the source cluster and the
target platform selected in the switchover plan, the HA function attribute may change.


Drill Suggestions
You are advised to ignore the obstacle item.
On the target KVM platform, set a cluster with the same configuration about whether HA is
enabled as that of the Xen platform. For VMs whose the configuration about whether HA is
enabled must be retained, switch over them to the cluster that you set. For other VMs, switch
over them to other clusters.

Ltd.
FusionSphere PCS
13.24 Affinity or Anti-affinity Rule Is Configured for the

Source VM
If the source VM is configured with affinity or anti-affinity rules such as resource groups and
rule groups, these rules will not be retained after the switchover. You need to reconfigure
these rules on the target platform.


Drill Suggestions
13.25 Object Operation Permissions Are Configured for

the Source VM
If object operation permissions are configured for the source VM, these permissions are not
retained after the switchover. You need to reconfigure the permissions on the target platform.



Ltd.
FusionSphere PCS
Drill Suggestions
During the drill, you need to perform operations, such as creating and deleting a VM
snapshot, on the source VM. Before the drill, ensure that the operation permissions are not
disabled.
During the switchover, you need to perform operations, such as powering off and powering
on, on the source VM. Before the switchover, ensure that the operation permissions are not
disabled.
You are advised to ignore the obstacle item. Before the switchover, record the operation
permissions that need to be disabled on the VM. After the VM is switched to the KVM
platform, reconfigure the object permissions of the VM.
13.26 Source VM Uses a Passthrough DVS

If the source VM uses the port group of the VMDQ-enabled DVS, the switchover of the VM
is not supported.


Drill Suggestions

Ltd.
FusionSphere PCS
13.27 Source VM Uses the Port Group of a DVS in

Network Enhancement Mode
If the source VM uses the port group of the DVS in the network enhancement mode, the
switchover of the VM is not supported.


Drill Suggestions
13.28 QoS (Upper Limit of IOPS) Is Configured for Disks

of the Source VM, Which May Affect the Driver Injection
Speed During the Switchover
If the QoS (upper limit of IOPS) is configured for disks of the source VM, the driver injection
speed is affected during the switchover and drill. As a result, the VM switchover and drill
slow down. The interconnected FusionCompute (Xen) platform does not support disk QoS
association on ServiceOM. Therefore, if the disk QoS is configured on FusionCompute, this
feature will be discarded after the switchover.


Ltd.
FusionSphere PCS

Drill Suggestions
Before the drill, cancel the IOPS upper limit of the disk.
Before the switchover, cancel the IOPS upper limit of the disk.
13.29 Source VM Is Configured with a Free Clock

The clock policy of the source VM does not need to be synchronized with the host clock. That
is, a free clock is configured, and you can set the VM time. If the time set on the VM is
different from that on the host, the difference is cleared after the VM is switched over to the
KVM platform. In this way, the time on the target VM is different from that on the source
VM.


Drill Suggestions
 If the internal time of the VM depends on the periodic synchronization of the third-party
NTP server, ignore the obstacle item and perform the drill.
 If the internal time of the VM is manually configured and is different from the host time,
check the impact of the time change on services. If the impact is acceptable, ignore the
obstacle item and perform the drill.
 If the internal time of the VM depends on the periodic synchronization of the third-party
NTP server, ignore the obstacle item and perform the switchover.
 If the internal time of the VM is manually configured and is different from the host time,
check the impact of the time change on services. If the impact is acceptable, ignore the
obstacle item and perform the switchover.

Ltd.
FusionSphere PCS
13.30 Source VM Does Not Exist

If the source VM has been deleted from the source platform during VM switchover, the
switchover task will fail.


Drill Suggestions
The source VM has been deleted and no drill is required. You are advised to delete the VM
from PCS.
The source VM has been deleted and no switchover is required. You are advised to delete the
VM from PCS.
13.31 Target Compute Resources Are Unavailable

During VM switchover, the target compute resource (cluster or host) selected for the VM
during the switchover plan creation is deleted from the target platform, and the switchover
task fails.



Ltd.
FusionSphere PCS
Drill Suggestions
Modify the switchover plan to which the VM is added, select target compute resources for the
VM, and perform the drill.
Modify the switchover plan to which the VM is added, select target compute resources for the
VM, and perform the switchover.
13.32 VM Uses a Shared Disk

During the online drill, online snapshots are taken for a VM. If a VM has shared disks, a
snapshot cannot be created for the VM. Therefore, the PCS does not support online drill for
such VMs.


 Default impact: None
 Default handling action: N/A
 Optional handling action: N/A
Drill Suggestions
The drill cannot be performed.
This obstacle item has no impacts on the switchover. For details, see "VMs that Use Shared
Disks Are Not All Stopped". To perform the switchover, stop all VMs that use the shared
disks.
13.33 VM Resources (VM, Disk, or VPC) Have Expired

The cloud scenario resources have expired. As a result, users have no permission to perform a
drill or switchover.

Ltd.
FusionSphere PCS


Drill Suggestions
The drill is not supported. Renew the lease of the resources and then perform pre-detection
again.
The switchover is not supported. Renew the lease of the resources and then perform pre-
detection again.
13.34 VM Has Been Soft Deleted

The VM to be switched and drilled is moved to the recycle bin. As a result, users have no
operation permission to drill and switch the VM.


Drill Suggestions
The drill is not supported. Restore the VM from the recycle bin in advance to perform drill.
The switchover is not supported. Restore the VM from the recycle bin in advance to perform
switchover.

Ltd.
FusionSphere PCS
13.35 Target AZ Does Not Have Host Groups that Meet the
Tag Requirements
The target AZ does not have host groups that meet the tag requirements. As a result, the cross-
AZ cold migration of the VM to the KVM AZ fails.


Drill Suggestions
The drill is not supported. Configure host groups that meet requirements in advance.
The switchover is not supported. Configure host groups that meet requirements in advance.
13.36 VM Is Configured with CPU QoS

The CPU QoS specification is configured for a VM on ServiceOM. Although the QoS
configuration parameters have different names in Xen and KVM, they are essentially the
same. Therefore, the original CPU QoS converts and sets the equivalent new QoS.

Default impact: Minor
Default handling action: Ignore
Optional handling action: Ignore or Adjust VM Later

Default impact: Minor
Default handling action: Ignore

Ltd.
FusionSphere PCS
Drill Suggestions
The drill is not affected.
The switchover is not affected.
13.37 QoS of the Source Disk Type Is Different from That

of the Target Disk Type
Each disk of the VM to be switched has a target disk type. If the source disk type is
configured with QoS and the QoS settings of the target disk type are different from those of
the source disk type, the cross-AZ cold migration will fail.

Default impact: Major
Default handling action: Adjust VM Later
Optional handling action: Adjust VM Later

Drill Suggestions
Adjust the QoS of the target disk type.
Adjust the QoS of the target disk type.
13.38 VM Disk Image Does Not Exist

Before the VM switchover, the corresponding image must be switched over. If the image does
not exist, the system does not check whether the image switchover has been completed during
VM switchover, and the image information about the VM will not be updated after the
switchover.

Ltd.
FusionSphere PCS


Drill Suggestions
properly. You are advised to ignore this item.
You are advised to ignore this item.
13.39 VM Is Attached with Disks That Do Not Share the

Storage
Cross-AZ cold migration cannot be performed for disks that do not share the storage.


Drill Suggestions
The drill is not supported. Before the switchover, configure the shared storage for the disks;
alternatively, back up and then uninstall the disks that do not share the storage.
The switchover is not supported. Before the switchover, configure the shared storage for the
disks; alternatively, back up and then uninstall the disks that do not share the storage.

Ltd.
FusionSphere PCS
13.40 Disks of the Source VM Are Not in the in-use State

(For Example, Maintenance State)
The volume cannot be attached to or detached from the VM when the VM disk is being
expanded or in states other than in-use.


Drill Suggestions
13.41 Number of Subnets of the Source VM Is Greater

than the Number of Drill VLANs
In non-SDN scenario, each NIC belongs to a different subnet, and each drill subnet needs to
be automatically created based on available VLAN IDs. Therefore, each subnet must have a
corresponding VLAN.


Default impact: None
Default handling action: N/A
Optional handling action: N/A

Ltd.
FusionSphere PCS
Drill Suggestions
The switchover is not affected.
13.42 Source VM Disk Image Has Not Been Switched

Over
Before the VM switchover, the VM image must be switched over.
Deleting the target image after switching will also cause this item failed. You need to remove
this image from switch plan and re-add it, and they re-switch it.


Drill Suggestions
13.43 Source Image Does Not Support FusionCompute

The image to be switched over does not support the Xen platform.


Ltd.
FusionSphere PCS

Drill Suggestions
The drill is not supported. Select an image on the Xen platform for the drill.
The switchover is not supported. Select an image on the Xen platform for the switchover.
13.44 Source Image Does Not Exist

The image to be switched over does not exist.


Drill Suggestions
13.45 Source Image Has Expired

The image to be switched over has expired.

Ltd.
FusionSphere PCS


Drill Suggestions
13.46 Resource Tag of the Source VM Flavor Is Not

Supported
The ultra-large memory tag on the Xen platform is used only for the VM flavors in the SAP
HANA resource pool. PCS does not support the switchover of such VMs.
The "GPU passthrough - accelerated" tag on the Xen platform is used only for VMs that use
NVIDIA Tesla M60 GPU. The KVM platform does not support this type of GPU. Therefore,
VMs with this type of GPU cannot be switched over.
The KVM platform does not support the "GPU virtualization - accelerated" tag. Therefore,
VMs with this type of GPU cannot be switched over.
VMs with disk-intensive flavors use local disks. PCS does not support the switchover of local
disks.
VMs with disk-intensive (network enhanced) flavors use local disks. PCS does not support
the switchover of local disks.



Ltd.
FusionSphere PCS
Drill Suggestions
13.47 Guest OS of the Source VM Is Not Supported on the

Target Cloud Platform
The Xen and KVM platforms support different guest OSs. If the guest OS of the VM can not
be switched on the target platform, the switchover is not allowed.


Drill Suggestions
If the OS type of a VM is displayed as Other on FusionCompute due to inconsistent VM
names on Service OM and FusionCompute, stop the VM on FusionCompute, correct the guest
OS type, start the VM on ManageOne Operation Management Portal, and then perform the
drill again. If a message is displayed, indicating that the guest OS is not supported, the drill is
not supported.
If the OS type of a VM is displayed as Other on FusionCompute due to inconsistent VM
names on Service OM and FusionCompute, stop the VM on FusionCompute, correct the guest
OS type, start the VM on ManageOne Operation Management Portal, and then perform the
switchover again. If a message is displayed, indicating that the guest OS is not supported, the
switchover is not supported.

Ltd.
FusionSphere PCS
13.48 Number of Disks Attached to a VM Exceeds 59

A maximum of 60 disks can be attached to a VM due to the platform capability limitation. A
cloud disk needs to be attached to the PCS Agent VM. Therefore, if the original VM has 60
disks, you need to remove one disk before performing the switchover.


Drill Suggestions
13.49 Source VM Is a Rapidly Provisioned VM

If the source VM is a rapidly provisioned VM, switchover and drill are not supported.


Drill Suggestions

Ltd.
FusionSphere PCS
13.50 Source VM Uses SR-IOV NIC

If an SR-IOV NIC is used by the source VM through FusionCompute, switchover and drill are
not supported.


Drill Suggestions
13.51 Source Image Is the Image of a Quickly Provisioned

VM
If the source image is the image of a rapidly provisioned VM, switchover and drill are not
supported.



Ltd.
FusionSphere PCS

Drill Suggestions
13.52 Guest OS of the Source image Is Not Supported on t
he Target Cloud Platform
The Xen and KVM platforms support different guest OSs. If the guest OS of image is not
supported on the target platform, the image cannot be switched over.


Drill Suggestions
13.53 Different Boot Loader Type Between Source VM and

Target Image
If your image boot loader type should be UEFI but BIOS was specified, and it happens that
you forgot to confirm the OS running state during the switchover, there might be a situation

Ltd.
FusionSphere PCS
that your image switchover task is success, but the VM that issued from the new target image
can not boot up. Therefore, this obstacle item will check if the source VM’s boot loader type
from FusionCompute equals to that of target image.


Drill Suggestions
The drill is not supported. Please correct the Boot Loader type in image first.
The switchover is not supported. Please correct the Boot Loader type in image first.
13.54 The OS of target platform which only support virtio

bus type has more than 25 disks
The OS of the target platform for some source VMs only supports the virtio bus. Each virtio
bus supports attachment of up to 25 disks. A source VM with more than 25 disks attached
cannot be switched over.


Drill Suggestions

Ltd.
FusionSphere PCS
The switchover is not supported. If the number of disks on the VM can be decreased to less th
an 25, back up data and uninstall some disks before performing the switchover..

Ltd.

FusionSphere PCS 6.5.1.1 Operation Guide (HCS Xen To KVM) 01

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FusionSphere PCS 6.5.1.1 Operation Guide (HCS Xen To KVM) 01

Uploaded by

Copyright:

Available Formats

FusionSphere PCS

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Issue 01 (2019-08-30) Huawei Proprietary and Confidential i

About This Document

Indicates an imminently hazardous situation which, if not

Indicates a potentially hazardous situation which, if not

Indicates a potentially hazardous situation which, if not

Indicates a potentially hazardous situation which, if not

Issue 01 (2019-08-30) Huawei Proprietary and Confidential ii

Calls attention to important information, best practices and

Issue 01 (2019-08-30) Huawei Proprietary and Confidential iii

About This Document....................................................................................................................ii

6 Installation and Deployment....................................................................................................14

Issue 01 (2019-08-30) Huawei Proprietary and Confidential iv

9 VM Drill and Switchover..........................................................................................................36

10 Operations After Finish Confirmation..................................................................................45

11 Appendix 1 Common Operations..........................................................................................46

Issue 01 (2019-08-30) Huawei Proprietary and Confidential v

13 Appendix 3 Obstacle Item Description...............................................................................100

Issue 01 (2019-08-30) Huawei Proprietary and Confidential vi

Issue 01 (2019-08-30) Huawei Proprietary and Confidential vii

1.2 Switchover Process Overview

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 1

Upgrade the HCS2.x

Create target KVM resource

Perform the drill.

Complete the drill.

Confirm the switchover.

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 2

A professional technical team is responsible for switchover evaluation, switchover solution

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 3

3 Switchover Service and Risk Precautions

3.1 Introduction to the Switchover Service

3.1.1 Information Collection and Feasibility Analysis

3.1.2 Switchover Plan and Solution Design

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 4

3.1.3 Core Service Switchover Test

3.2 Switchover Risk

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 5

 Ensure that the ManageOne cloud platform, OpenStack, interconnected FusionCompute

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 6

4.2 Switchover Network Restrictions

4.3 Switchover Pre-implementation Requirements

4.4 Switchover Implementation Requirements

4.5 Impact on Services

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 7

 After a VM switchover is complete, a snapshot is created by default for the rollback

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 8

ALM-6017 Faulty Host

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 9

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 10

4.6 Function Restrictions

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 11

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 12

− The Hardware Configuration of Source VM Exceeds the Specifications Supported by

5.1 Platform Compatibility

HCS 2.06 (the supported earliest version) HCS 6.5.1

5.2 Guest OS Support Policies

Issue 01 (2019-08-30) Huawei Proprietary and Confidential 13

6 Installation and Deployment

6.1 Software Obtaining