一直想着把某云服务器上的 CentOS 6.x 系统升级到 CentOS 7.x,近日终于着手升级,本文记录升级过程遇到的一些问题及最终的解决方法。
使用 CentOS 官方的升级工具 CentOS Upgrae Tool 进行升级,根据此工具的官方 Wiki 页面的指引,顺利安装此工具:
1、添加源
[upg]
name=CentOS-$releasever - Upgrade Tool
baseurl=http://dev.centos.org/centos/6/upg/x86_64/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
2、使用 yum 安装此工具及其预升级助手
[root@allen05ren ~]# yum install redhat-upgrade-tool preupgrade-assistant-contents
3、执行此工具的预升级助手查看可用内容
[root@allen05ren ~]# preupg -l
CentOS6_7
4、执行预升级助手进行升级前的检查
[root@ibills ~]# preupg -s CentOS6_7
问题来了:
I/O warning : failed to load external entity "/usr/share/openscap/xsl/security-guide.xsl"
compilation error: file /usr/share/preupgrade/xsl/preup.xsl line 40 element import
xsl:import : unable to load /usr/share/openscap/xsl/security-guide.xsl
I/O warning : failed to load external entity "/usr/share/openscap/xsl/oval-report.xsl"
compilation error: file /usr/share/preupgrade/xsl/preup.xsl line 41 element import
xsl:import : unable to load /usr/share/openscap/xsl/oval-report.xsl
I/O warning : failed to load external entity "/usr/share/openscap/xsl/sce-report.xsl"
compilation error: file /usr/share/preupgrade/xsl/preup.xsl line 42 element import
xsl:import : unable to load /usr/share/openscap/xsl/sce-report.xsl
OpenSCAP Error:: Could not parse XSLT file '/usr/share/preupgrade/xsl/preup.xsl' [oscapxml.c:416]
Unable to open file /root/preupgrade/result.html
Usage: preupg [options]
preupg: error: [Errno 2] No such file or directory: '/root/preupgrade/result.html'
遇到问题那么就找原因和解决方法,通过搜索引擎搜索,找到 CentOS 官方论坛的一篇帖子,帖子中有一回复如下:
Erase the existing version of openscap (I had openscap 1.2) and install openscap-1.0.8-1.0.1 from http://dev.centos.org/centos/6/upg and redo the upgrade.
根据他的方法,把 openscap 软件包的版本降低之后,重新再安装此工具及其预升级助手:
[root@allen05ren ~]# yum erase openscap
[root@allen05ren ~]# yum install http://dev.centos.org/centos/6/upg/x86_64/Packages/openscap-1.0.8-1.0.1.el6.centos.x86_64.rpm
[root@allen05ren ~]# yum install redhat-upgrade-tool preupgrade-assistant-contents
重新执行 preupg -s CentOS6_7 命令:
[root@allen05ren ~]# preupg -s CentOS6_7
Preupg tool doesn't do the actual upgrade.
Please ensure you have backed up your system and/or data in the event of a failed upgrade
that would require a full re-install of the system from installation media.
Do you want to continue? y/n
y
Gathering logs used by preupgrade assistant:
All installed packages : 01/10 ...finished (time 00:00s)
All changed files : 02/10 ...finished (time 00:48s)
Changed config files : 03/10 ...finished (time 00:00s)
All users : 04/10 ...finished (time 00:00s)
...
042/100 ...done (samba shared directories selinux)
043/100 ...done (CUPS Browsing/BrowsePoll configuration)
044/100 ...done (CVS Package Split)
...
|samba shared directories selinux |notapplicable |
|CUPS Browsing/BrowsePoll configuration |notapplicable |
|CVS Package Split |notapplicable |
...
检查需要一些时间,检查的结果会被保存到 /root/preupgrade/result.html,预升级助手的目的可以查看上面给出的此工具的用途说明。/root/preupgrade 目录下还存储了其他一些文件,在升级完成后,可以查看一下。
5、开始执行升级
首先导入 CentOS 7 的CentOS-7 RPM GPG KEY:
[root@allen05ren ~]# rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
执行升级命令:
[root@allen05ren ~]# centos-upgrade-tool-cli --network 7 --instrepo=http://mirror.centos.org/centos/7/os/x86_64/
以上的包仓库也可更换为其他的源地址。
问题又来了:
...
Continue with the upgrade [Y/N]? y
getting boot images...
Downloading failed: invalid data in .treeinfo: No option 'upgrade' in section: 'images-x86_64'
根据提示,.treeinfo 文件中的 ‘images-x86_64’ 部分没有 ‘upgrade’ 选项,查看该文件:
[general]
name = CentOS Linux-7
family = CentOS Linux
timestamp = 1480944027.47
variant =
version = 7
packagedir =
arch = x86_64
[stage2]
mainimage = LiveOS/squashfs.img
[images-x86_64]
kernel = images/pxeboot/vmlinuz
initrd = images/pxeboot/initrd.img
boot.iso = images/boot.iso
[images-xen]
kernel = images/pxeboot/vmlinuz
initrd = images/pxeboot/initrd.img
[checksums]
LiveOS/squashfs.img = sha256:bb4bc180bce57d78e5ea0df91410a006b08966663ef21ff746b4b102852d08bb
repodata/repomd.xml = sha256:27dc6846e9cb739a79b28acdad499c7cc1894781bd92e0adedc646b05cf95d77
images/pxeboot/vmlinuz = sha256:0e9b8a60576744d54c2468fbc84051e09a6090d1b1cfecf9adbdd95b3614a8a2
images/pxeboot/initrd.img = sha256:d012bf47580c63586f02e8247819ea28bd6edc5e3870f13b1efd0130d4593cae
images/efiboot.img = sha256:c43aa456d5de63ffafe9792584aecc167f6de723fdc5ac78b0309f88788c5915
images/boot.iso = sha256:f2f7367deb90a25822947660c71638333ca0eceeabecc2d631be6cd508c24494
确实无此选项,但是根据官方的升级步骤也完全没有错误,经过一顿折腾,找其他的源,发现都是没有此选项(其实后面发送找其他源也是徒劳,因为都是同步的官方源的)。
心想不太可能升级不了,灵机一动 CentOS 不是有旧系统的备份源吗:http://vault.centos.org/,上去就是几个现存的 CentOS 版本目录查看 .treeinfo 文件,皇天不负有心人,7.0.1406、7.1.1503、7.2.1511几个版本都有 ‘upgrade’ 选项,那就选个最新的 7.2.1511 版本,升级完再升级吧:
[general]
name = CentOS-7
family = CentOS
timestamp = 1449700442.21
variant =
version = 7
packagedir =
arch = x86_64
[stage2]
mainimage = LiveOS/squashfs.img
[images-x86_64]
kernel = images/pxeboot/vmlinuz
initrd = images/pxeboot/initrd.img
upgrade = images/pxeboot/upgrade.img
boot.iso = images/boot.iso
[images-xen]
kernel = images/pxeboot/vmlinuz
initrd = images/pxeboot/initrd.img
upgrade = images/pxeboot/upgrade.img
[checksums]
LiveOS/squashfs.img = sha256:1778a13e6a0bd98c0db94c4c068e08f84f6f91cdca7b2a5111aad1b5a181c0c4
repodata/repomd.xml = sha256:13d1072eeb97c6e5a0ab8bcbf5f8b0b82c87c43bf6e4be26983772609b237cb1
images/pxeboot/vmlinuz = sha256:ee2df000e29c79ae96db95f61766a8c5adc527d8c92c4114badedf251f73b20e
images/pxeboot/upgrade.img = sha256:fa54ce9a3aedad9d7de59507410af3eec51ac7e65b45b7ac9a14c971f33e45cf
images/pxeboot/initrd.img = sha256:ad1f8fc2bebe9ec1eb5c36d4c38177e39fe8423602098d60c29804081f81b8bd
images/efiboot.img = sha256:08743dd12b338a6c726dd0d66e2109e18e19db8b6f0191f9882929035e7875a6
images/boot.iso = sha256:9ed9ffb5d89ab8cca834afce354daa70a21dcb410f58287d6316259ff89758f5
把源仓库地址一换,终于顺利下载升级文件开始升级。
[root@allen05ren ~]# centos-upgrade-tool-cli --network 7 --instrepo=http://vault.centos.org/centos/7.2.1511/os/x86_64/
setting up repos...
Repository base is listed more than once in the configuration
Repository updates is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
Repository contrib is listed more than once in the configuration
cmdline-instrepo | 3.6 kB 00:00
cmdline-instrepo/primary_db | 5.3 MB 02:17
epel | 4.3 kB 00:00
epel/primary_db | 5.9 MB 00:05
upg | 1.9 kB 00:00
upg/primary_db | 14 kB 00:00
No upgrade available for the following repos: base extras updates
.treeinfo | 1.1 kB 00:00
Preupgrade assistant risk check found risks for this upgrade.
You can run preupg --riskcheck --verbose to view these risks.
Addressing high risk issues is required before the in-place upgrade
and ignoring these risks may result in a broken upgrade and unsupported upgrade.
Please backup your data.
List of issues:
INPLACERISK: HIGH: We detected some non-CentOS signed packages, you can find the list in /root/preupgrade/./kickstart/noncentospkgs. You need to handle them yourself!
INPLACERISK: HIGH: After upgrading to CentOS 7 there are still some el6 packages left. Add --cleanup-post option to redhat-upgrade-tool if you want to remove them automatically.
INPLACERISK: HIGH: Library pcre (required by NonCentOS signed package(s):nginx ) changed soname between CentOS 6 and CentOS 7
INPLACERISK: HIGH: The service network on CentOS 7 is disabled by default. Enable them via commands: systemctl enable network && systemctl start network.service .
INPLACERISK: HIGH: The service nscd on CentOS 7 is disabled by default. Enable them via commands: systemctl enable nscd && systemctl start nscd.service .
INPLACERISK: HIGH: The service ntpd on CentOS 7 is disabled by default. Enable them via commands: systemctl enable ntpd && systemctl start ntpd.service .
INPLACERISK: HIGH: The service udev-post on CentOS 7 is disabled by default. Enable them via commands: systemctl enable udev-post && systemctl start udev-post.service .
INPLACERISK: HIGH: File /etc/rc.d/rc.local was changed
INPLACERISK: MEDIUM: We detected some packages installed on the system were removed (obsoleted) between CentOS 6 and CentOS 7. This may break the functionality of the packages depending on them.
INPLACERISK: MEDIUM: We detected some packages installed on the system were removed between CentOS 6 and CentOS 7. This may break the functionality of the packages depending on them.
INPLACERISK: MEDIUM: Package ql2500-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package ql23xx-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package bfa-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package ql2100-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package rt61pci-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package coreutils-libs not provided by its replacement coreutils. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package ql2400-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package rt73usb-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: Package ql2200-firmware not provided by its replacement linux-firmware. In-place upgrade might not work properly, will be finished by postupgrade script!
INPLACERISK: MEDIUM: having one of [nss libxcb libdrm libibverbs systemtap libpciaccess nss-sysinit ca-certificates systemtap-devel libX11 tzdata nspr nss-util elfutils-libelf systemtap-runtime openldap systemtap-client audit libX11-common audit-libs elfutils-libs nss-tools librdmacm openscap] package installed breaks upgrade
INPLACERISK: MEDIUM: We detected some soname bumps in the libraries installed on the system. This may break the functionality of some of your 3rd party applications. They may need rebuild. Please check their requirements.
INPLACERISK: MEDIUM: We detected some .so libraries installed on the system were removed between CentOS 6 and CentOS 7. This may break the functionality of some of your 3rd party applications.
INPLACERISK: MEDIUM: The service supervisord is not installed by CentOS signed packages and will not be automatically enabled after in-place upgrade.
INPLACERISK: SLIGHT: We detected some files where modifications are not tracked in the rpms. You may need to check their functionality after successful upgrade.
INPLACERISK: SLIGHT: We detected some files untracked by rpms. Some of these may need manual check/migration after redhat-upgrade-tool and/or can cause conflicts or troubles during the installation. Try to reduce unnecessary untracked files before running redhat-upgrade-tool.
INPLACERISK: SLIGHT: Package procps (required by NonCentOS signed package(s):mysql-community-server ) replaced between CentOS 6 and CentOS 7
INPLACERISK: SLIGHT: We detected some packages installed on the system changed their name between CentOS 6 and CentOS 7. Although they should be compatible, monitoring after the update is recommended.
INPLACERISK: SLIGHT: export shell commands will be deleted from /etc/sysconfig/sshd
INPLACERISK: SLIGHT: Some binaries untracked by RPM were discovered on the system and may need rebuild after upgrade.
INPLACERISK: SLIGHT: Some scripts untracked by RPM were discovered on the system and may not work properly after upgrade.
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/vendor_perl/nginx.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: The perl module /usr/lib64/perl5/vendor_perl/nginx.pm was not installed by any CentOS-signed package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/meld3 is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/meld3-1.0.2.dist-info is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/pip is owned by an RPM package that was not signed by CentOS.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/pip-9.0.1-py2.6.egg is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/pip-9.0.1.dist-info is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/pkg_resources is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/setuptools-28.8.0.dist-info is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/supervisor is owned by an RPM package that was not signed by CentOS.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/supervisor-3.3.1-py2.6.egg is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python2.6/site-packages/supervisor-3.3.1-py2.6.egg-info is not owned by any RPM package.
INPLACERISK: SLIGHT: /usr/lib/python3.4/site-packages/__pycache__ is owned by an RPM package that was not signed by CentOS.
INPLACERISK: SLIGHT: /usr/lib64/python2.6/site-packages/meld3 is owned by an RPM package that was not signed by CentOS.
INPLACERISK: SLIGHT: /usr/lib64/python3.4/site-packages/__pycache__ is owned by an RPM package that was not signed by CentOS.
Continue with the upgrade [Y/N]? y
getting boot images...
vmlinuz-redhat-upgrade-tool | 4.9 MB 02:30
initramfs-redhat-upgrade-tool.img | 42 MB 00:14
setting up update...
finding updates 18% [=============================== ]cmdline-instrepo/filelists_db | 6.2 MB 00:06
finding updates 64% [=========================================================================================================== ]epel/filelists_db | 7.8 MB 00:07
finding updates 100% [=======================================================================================================================================================================](1/360): acl-2.2.51-12.el7.x86_64.rpm | 81 kB 00:01
(2/360): aic94xx-firmware-30-6.el7.noarch.rpm | 23 kB 00:00
(3/360): apr-1.4.8-3.el7.x86_64.rpm | 103 kB 00:02
(4/360): apr-util-1.5.2-6.el7.x86_64.rpm | 92 kB 00:02
(5/360): apr-util-ldap-1.5.2-6.el7.x86_64.rpm | 19 kB 00:00
(6/360): attr-2.4.46-12.el7.x86_64.rpm | 66 kB 00:00
(7/360): authconfig-6.2.8-10.el7.x86_64.rpm | 402 kB 00:05
(8/360): autoconf-2.69-11.el7.noarch.rpm | 701 kB 00:19
(9/360): autogen-libopts-5.18-5.el7.x86_64.rpm | 66 kB 00:01
...
(358/360): zip-3.0-10.el7.x86_64.rpm | 260 kB 00:01
(359/360): zlib-1.2.7-15.el7.x86_64.rpm | 89 kB 00:01
(360/360): zlib-devel-1.2.7-15.el7.x86_64.rpm | 50 kB 00:00
testing upgrade transaction
rpm transaction 100% [=======================================================================================================================================================================]
rpm install 100% [===========================================================================================================================================================================]
setting up system for upgrade
Finished. Reboot to start upgrade.
[root@allen05ren ~]# reboot
注意执行该命令会列举出一些升级的问题,让你确认是否升级,请注意查看并保存列出的这些问题,待升级完成后,根据情况处理这些问题。
6、以为重启之后,升级就算完成了。然而,再 ssh 发现登录不上了:
[allen05ren@ysfaq ~]$ ssh root@x.x.x.x
ssh: connect to host x.x.x.x port 22: Connection refused
好吧,不是还可以登录 web 的终端,登录上,看到确实升级到了 CentOS 7 了,查看 sshd 服务情况,确实服务没启动:
[root@allen05ren ~]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since 三 2017-03-15 15:05:33 CST; 24s ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 1788 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=127)
Main PID: 1696 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/sshd.service
├─1710 sshd: root@pts/0
├─1712 -bash
└─1789 systemctl status sshd
3月 15 15:05:33 allen05ren systemd[1]: sshd.service: control process exited, code=exited status=127
3月 15 15:05:33 allen05ren systemd[1]: Failed to start OpenSSH server daemon.
3月 15 15:05:33 allen05ren systemd[1]: Unit sshd.service entered failed state.
3月 15 15:05:33 allen05ren systemd[1]: sshd.service failed.
那就启动一下看看,发现启动不了,那就重新安装一下 ssh 服务,发现 yum 用不了:
[root@allen05ren ~]# yum
There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:
libsasl2.so.2: cannot open shared object file: No such file or directory
Please install a package which provides this module, or
verify that the module is installed correctly.
It's possible that the above module doesn't match the
current version of Python, which is:
2.7.5 (default, Nov 20 2015, 02:00:19)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
If you cannot solve this problem yourself, please go to
the yum faq at:
http://yum.baseurl.org/wiki/Faq
不行就重新安装一下 yum 看看,看看 rpm 安装了什么版本的 yum,好吧 rpm 也用不了:
[root@allen05ren ~]# rpm -qa|grep yum
grep: error while loading shared libraries: libpcre.so.0: cannot open shared object file: No such file or directory
搜索引擎搜索,发现只要做个软连接就可以了:
[root@allen05ren ~]# ls -l /usr/lib64/libsasl2.so* lrwxrwxrwx 1 root root 17 3月 15 14:14 /usr/lib64/libsasl2.so -> libsasl2.so.3.0.0 lrwxrwxrwx 1 root root 17 3月 15 14:12 /usr/lib64/libsasl2.so.3 -> libsasl2.so.3.0.0 -rwxr-xr-x 1 root root 121296 11月 21 2015 /usr/lib64/libsasl2.so.3.0.0
[root@allen05ren ~]# ln -s /usr/lib64/libsasl2.so.3.0.0 /usr/lib64/libsasl2.so.2
[root@ibills ~]# yum
Loaded plugins: fastestmirror
You need to give some command
Usage: yum [options] COMMAND
List of Commands:
check Check for problems in the rpmdb
check-update Check for available package updates
clean Remove cached data
deplist List a package's dependencies
libpcre.so.0 也软连接一下,都恢复正常了:
[root@allen05ren ~]# ls -l /usr/lib64/libpcre.so*
lrwxrwxrwx 1 root root 16 3月 15 14:13 /usr/lib64/libpcre.so -> libpcre.so.1.2.0
lrwxrwxrwx 1 root root 16 3月 15 14:12 /usr/lib64/libpcre.so.1 -> libpcre.so.1.2.0
-rwxr-xr-x 1 root root 398272 11月 20 2015 /usr/lib64/libpcre.so.1.2.0
[root@allen05ren ~]# ln -s /usr/lib64/libpcre.so.1.2.0 /usr/lib64/libpcre.so.0
[root@allen05ren ~]# rpm -qa|grep yum
yum-metadata-parser-1.1.4-10.el7.x86_64
yum-plugin-fastestmirror-1.1.31-34.el7.noarch
yum-3.4.3-132.el7.centos.0.1.noarch
发现再启动 ssh 服务也可以正常启动了,可以愉快地连接了。
整个升级过程差不多就告一段落了,再继续升级或做一些收尾的工作,比如上面升级时提示存在的哪些问题,然后再执行:
rpm -qa | grep -i el6
查看一下残留的 CentOS 6.x 的文件包,不用的就卸载或卸载后重新安装 CentOS 7.x 的版本,这里就又遇到一个问题:grep 包还是 CentOS 6.x 的版本(虽然不影响使用)且版本号比当前 CentOS 7.x 的版本的版本还高,并且有大量其他包依赖此包,这时候就可以使用 yum 的软件包降版本命令:
yum downgrade grep
至此,整个升级过程完毕!
转自https://blog.ibills.cn/?p=138