This topic describes what you need to prepare before migration.

ECS instances

You can perform the following steps to share a folder on an Elastic Compute Service (ECS) instance:
Note You can only use Data Transport to migrate data from an ECS instance that is located in a VPC rather than a classic network.
  • For Windows-based instances
    If your ECS instance is running the Windows system, you can perform the following steps to share a folder:
    1. Move data to be migrated to a folder and share the folder. We recommend that you follow version-specific instructions to share a folder.

      For example, if you want to share the subdir subfolder under the dir folder, the path of the shared directory is \hostname\dir\subdir. When you create a source data address, specify /dir/subdir for the sub-directory.

    2. Modify the settings of the Windows firewall and anti-virus software to enable access to port 445 of the instance from all IP addresses in the VPC where the instance is located. Skip this step if both the Windows firewall and anti-virus software are disabled.
    3. Add ECS security group rules to enable access to port 445 of the instance from all IP addresses in the VPC where the instance is located.
  • For Linux-based instances
    If your ECS instance is running the Linux system, you can perform the following steps to share a folder:
    1. Enable the network file system (NFS) service and share the folder to be migrated. For more information, see Enable the NFS service. Skip this step if the NFS service has been enabled.

      For example, if you want to share the data folder, the path of the shared directory is/data. When you create a source data address, specify /data for the sub-directory.

    2. Modify the settings of the Linux firewall to enable access to the port of the NFS service. Use the rpcinfo -p localhost command to view the ports to be enabled for the portmapper, mountd, and nfs services. For more information, see Firewall settings. If the firewall is disabled, skip this step.
    3. Add ECS security group rules to enable access to the port of the NFS service from all IP addresses in the VPC where the instance is located.
      Warning To ensure data security, we recommend that you disable access to the port of the NFS service from external networks.

Alibaba Cloud Object Storage Service (OSS)

Create a destination bucket to store the migrated data. For more information, see Create a bucket.

Create and grant permissions to a RAM user

  1. Log on to the RAM console.
  2. In the left-side navigation pane, choose Identities > Users > Create User.
  3. On the Create User page, select Console Password Logon and Programmatic Access, and then enter the required RAM user information.
  4. Save the generated account, password, AccessKey ID, and AccessKey secret.
  5. Find the RAM user, and click Add Permissions in the Actions column. Grant the read and write permissions on OSS (AliyunOSSFullAccess) and the management permissions on Data Online Transport (AliyunMGWFullAccess) to the RAM user.
  6. In the left-side navigation pane, choose Overview > RAM user logon. On the RAM User Logon page, log on to the official website of Alibaba Cloud as a RAM user.

Appendix: How to use the NFS service

Before using the NFS service, you need to enable the NFS service and configure the firewall settings to allow access to the port of the NFS service.
  • Assume that you need to configure the /data folder as the source data address. You can perform the following steps:
    1. Enable the NFS file system. 
      [root@test ~]# yum install -y nfs-utils
    2. Share the /data folder. In the /etc/exports file, add the /data *(rw,no_root_squash,insecure) entry. 
      [root@test ~]# vi /etc/exports

#If the port number of mountd is greater than 1024, you need to add the insecure parameter.
/data *(rw,no_root_squash,insecure)
      Note

      We recommend that you follow the formats required by the /etc/exports file to configure settings. You can run the man 5 exports command to view the required formats.

      If an error occurs during configuration, the file system fails to be mounted on a client.

    3. Enable the NFS service. 
      [root@test ~]# systemctl start nfs.service
    4. View the status of the NFS service. The following information indicates that the service is running. 
      [root@test ~]# systemctl status nfs.service
â— nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; disabled; vendor preset: disabled)
Active: active (exited) since Thu 2018-12-06 15:47:03 CST; 58s ago
Process: 10641 ExecStartPost=/bin/sh -c if systemctl -q is-active gssproxy; then systemctl restart gssproxy ; fi (code=exited, status=0/SUCCESS)
Process: 10623 ExecStart=/usr/sbin/rpc.nfsd $RPCNFSDARGS (code=exited, status=0/SUCCESS)
Process: 10621 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
Main PID: 10623 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/nfs-server.service


Dec 06 15:47:03 test systemd[1]: Starting NFS server and s...
Dec 06 15:47:03 test systemd[1]: Started NFS server and se...
Hint: Some lines were ellipsized, use -l to show in full.
    5. Enable the service to run at startup. 
      [root@localhost ~]# systemctl enable nginx.service
    6. View the status of the rpcbind service. The following information indicates that the service is running. 
      [root@test ~]# systemctl status rpcbind.service
â— rpcbind.service - RPC bind service
Loaded: loaded (/usr/lib/systemd/system/rpcbind.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2018-12-06 15:47:03 CST; 7min ago
Main PID: 10598 (rpcbind)
CGroup: /system.slice/rpcbind.service
â""â"€10598 /sbin/rpcbind -w


Dec 06 15:47:03 test systemd[1]: Starting RPC bind service...
Dec 06 15:47:03 test systemd[1]: Started RPC bind service.
Hint: Some lines were ellipsized, use -l to show in full.
  • The firewall is used by default for ECS instances that run the CentOS 7 operating system. You can use the systemctl status firewalld command to check whether the firewall is enabled. If you are using iptables, you can use the related iptables commands to configure the firewall settings to allow access to the ports of the NFS service. Configure the firewall settings as follows:
    1. View the list of ports you need to enable for the NFS service. 
      [root@test ~]# rpcinfo -p localhost
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  50382  status
    100024    1   tcp  59133  status
    100005    1   udp  20048  mountd
    100005    1   tcp  20048  mountd
    100005    2   udp  20048  mountd
    100005    2   tcp  20048  mountd
    100005    3   udp  20048  mountd
    100005    3   tcp  20048  mountd
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    3   tcp   2049  nfs_acl
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100227    3   udp   2049  nfs_acl
    100021    1   udp  37473  nlockmgr
    100021    3   udp  37473  nlockmgr
    100021    4   udp  37473  nlockmgr
    100021    1   tcp  37688  nlockmgr
    100021    3   tcp  37688  nlockmgr
    100021    4   tcp  37688  nlockmgr
    2. Add the following firewall rules to enable the ports for the portmapper, mountd, and nfs services. These ports include port 111, port 20048, and port 2049 for the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
      Note The mountd service uses a random port. You must use one of the following methods to retrieve the port number of the mountd service and then configure the firewall settings.
      • Use the rpcinfo -p localhost command to view the port number that is used by the mountd service.
      • Open the /etc/sysconfig/nfs file, and replace xxx in the MOUNTD_PORT=xxx expression with a port number that you want to specify for the mountd service.
    3. Add the firewall rules by running the following commands: 
      [root@test ~]# firewall-cmd --zone=public --add-port=111/tcp --permanent
success
[root@test ~]# firewall-cmd --zone=public --add-port=20048/tcp --permanent
success
[root@test ~]# firewall-cmd --zone=public --add-port=2049/tcp --permanent
success
[root@test ~]# firewall-cmd --zone=public --add-port=111/udp --permanent
success
[root@test ~]# firewall-cmd --zone=public --add-port=20048/udp --permanent
success
[root@test ~]# firewall-cmd --zone=public --add-port=2049/udp --permanent
success
    4. Update firewall rules by running the following command: 
      [root@test ~]# firewall-cmd --reload
success