This topic describes what you need to prepare before migration.
ECS instances
- For Windows-based instances
If your ECS instance is running the Windows system, you can perform the following steps to share a folder:
- Move data to be migrated to a folder and share the folder. We recommend that you follow
version-specific instructions to share a folder.
For example, if you want to share the subdir subfolder under the dir folder, the path of the shared directory is \hostname\dir\subdir. When you create a source data address, specify /dir/subdir for the sub-directory.
- Modify the settings of the Windows firewall and anti-virus software to enable access to port 445 of the instance from all IP addresses in the VPC where the instance is located. Skip this step if both the Windows firewall and anti-virus software are disabled.
- Add ECS security group rules to enable access to port 445 of the instance from all IP addresses in the VPC where the instance is located.
- Move data to be migrated to a folder and share the folder. We recommend that you follow
version-specific instructions to share a folder.
- For Linux-based instances
If your ECS instance is running the Linux system, you can perform the following steps to share a folder:
- Enable the network file system (NFS) service and share the folder to be migrated.
For more information, see Enable the NFS service. Skip this step if the NFS service has been enabled.
For example, if you want to share the data folder, the path of the shared directory is/data. When you create a source data address, specify /data for the sub-directory.
- Modify the settings of the Linux firewall to enable access to the port of the NFS
service. Use the rpcinfo -p localhost command to view the ports to be enabled for the
portmapper
,mountd
, andnfs
services. For more information, see Firewall settings. If the firewall is disabled, skip this step. - Add ECS security group rules to enable access to the port of the NFS service from all IP addresses in the VPC
where the instance is located.
Warning To ensure data security, we recommend that you disable access to the port of the NFS service from external networks.
- Enable the network file system (NFS) service and share the folder to be migrated.
For more information, see Enable the NFS service. Skip this step if the NFS service has been enabled.
Alibaba Cloud Object Storage Service (OSS)
Create a destination bucket to store the migrated data. For more information, see Create a bucket.
Create and grant permissions to a RAM user
- Log on to the RAM console.
- In the left-side navigation pane, choose .
- On the Create User page, select Console Password Logon and Programmatic Access, and then enter the required RAM user information.
- Save the generated account, password, AccessKey ID, and AccessKey secret.
- Find the RAM user, and click Add Permissions in the Actions column. Grant the read and write permissions on OSS (AliyunOSSFullAccess) and the management permissions on Data Online Transport (AliyunMGWFullAccess) to the RAM user.
- In the left-side navigation pane, choose . On the RAM User Logon page, log on to the official website of Alibaba Cloud as a RAM user.
Appendix: How to use the NFS service
- Assume that you need to configure the /data folder as the source data address. You can perform the following steps:
- Enable the NFS file system.
[root@test ~]# yum install -y nfs-utils
- Share the /data folder. In the /etc/exports file, add the /data *(rw,no_root_squash,insecure) entry.
[root@test ~]# vi /etc/exports #If the port number of mountd is greater than 1024, you need to add the insecure parameter. /data *(rw,no_root_squash,insecure)
NoteWe recommend that you follow the formats required by the /etc/exports file to configure settings. You can run the
man 5 exports
command to view the required formats.If an error occurs during configuration, the file system fails to be mounted on a client.
- Enable the NFS service.
[root@test ~]# systemctl start nfs.service
- View the status of the NFS service. The following information indicates that the service
is running.
[root@test ~]# systemctl status nfs.service â— nfs-server.service - NFS server and services Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled) Active: active (exited) since Thu 2018-12-06 15:47:03 CST; 58s ago Process: 10641 ExecStartPost=/bin/sh -c if systemctl -q is-active gssproxy; then systemctl restart gssproxy ; fi (code=exited, status=0/SUCCESS) Process: 10623 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS) Process: 10621 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS) Main PID: 10623 (code=exited, status=0/SUCCESS) CGroup: /system.slice/nfs-server.service Dec 06 15:47:03 test systemd[1]: Starting NFS server and s... Dec 06 15:47:03 test systemd[1]: Started NFS server and se... Hint: Some lines were ellipsized, use -l to show in full.
- Enable the service to run at startup.
[root@localhost ~]# systemctl enable nginx.service
- View the status of the rpcbind service. The following information indicates that the
service is running.
[root@test ~]# systemctl status rpcbind.service â— rpcbind.service - RPC bind service Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2018-12-06 15:47:03 CST; 7min ago Main PID: 10598 (rpcbind) CGroup: /system.slice/rpcbind.service â""â"€10598 /sbin/rpcbind -w Dec 06 15:47:03 test systemd[1]: Starting RPC bind service... Dec 06 15:47:03 test systemd[1]: Started RPC bind service. Hint: Some lines were ellipsized, use -l to show in full.
- Enable the NFS file system.
- The firewall is used by default for ECS instances that run the CentOS 7 operating
system. You can use the systemctl status firewalld command to check whether the firewall is enabled. If you are using iptables, you
can use the related iptables commands to configure the firewall settings to allow
access to the ports of the NFS service. Configure the firewall settings as follows:
- View the list of ports you need to enable for the NFS service.
[root@test ~]# rpcinfo -p localhost program vers proto port service 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 50382 status 100024 1 tcp 59133 status 100005 1 udp 20048 mountd 100005 1 tcp 20048 mountd 100005 2 udp 20048 mountd 100005 2 tcp 20048 mountd 100005 3 udp 20048 mountd 100005 3 tcp 20048 mountd 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100227 3 tcp 2049 nfs_acl 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100227 3 udp 2049 nfs_acl 100021 1 udp 37473 nlockmgr 100021 3 udp 37473 nlockmgr 100021 4 udp 37473 nlockmgr 100021 1 tcp 37688 nlockmgr 100021 3 tcp 37688 nlockmgr 100021 4 tcp 37688 nlockmgr
- Add the following firewall rules to enable the ports for the
portmapper
,mountd
, andnfs
services. These ports include port 111, port 20048, and port 2049 for the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).Note Themountd
service uses a random port. You must use one of the following methods to retrieve the port number of themountd
service and then configure the firewall settings.- Use the rpcinfo -p localhost command to view the port number that is used by the
mountd
service. - Open the /etc/sysconfig/nfs file, and replace xxx in the
MOUNTD_PORT=xxx
expression with a port number that you want to specify for themountd
service.
- Use the rpcinfo -p localhost command to view the port number that is used by the
- Add the firewall rules by running the following commands:
[root@test ~]# firewall-cmd --zone=public --add-port=111/tcp --permanent success [root@test ~]# firewall-cmd --zone=public --add-port=20048/tcp --permanent success [root@test ~]# firewall-cmd --zone=public --add-port=2049/tcp --permanent success [root@test ~]# firewall-cmd --zone=public --add-port=111/udp --permanent success [root@test ~]# firewall-cmd --zone=public --add-port=20048/udp --permanent success [root@test ~]# firewall-cmd --zone=public --add-port=2049/udp --permanent success
- Update firewall rules by running the following command:
[root@test ~]# firewall-cmd --reload success
- View the list of ports you need to enable for the NFS service.