cal/claude-home
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity
50125d8b39
claude-home/vm-management/scripts/LXC-MIGRATION-GUIDE.md
Cal Corum 4b7eca8a46
All checks were successful
Reindex Knowledge Base / reindex (push) Successful in 3s
Details
docs: add YAML frontmatter to all 151 markdown files 
Adds title, description, type, domain, and tags frontmatter to every
doc for improved KB semantic search. The description field is prepended
to every search chunk, and domain/type/tags enable filtered queries.

Type values: context, guide, runbook, reference, troubleshooting
Domain values match directory structure (networking, docker, etc.)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 09:00:44 -05:00

251 lines
7.1 KiB
Markdown
Raw Blame History

---
title: "LXC Migration Automation Guide"
description: "Step-by-step guide for using lxc-docker-create.sh and fix-docker-apparmor.sh to migrate VMs to LXC containers. Includes complete workflow, data migration commands, time estimates, and troubleshooting."
type: runbook
domain: vm-management
tags: [proxmox, lxc, migration, docker, apparmor, scripts, automation]
---
# LXC Migration Automation Scripts
This guide covers automation scripts for migrating VM-based Docker containers to LXC containers.
## Scripts Overview
### 1. `lxc-docker-create.sh` - LXC Container Creation
Automates the creation of LXC containers with Docker pre-installed and configured for container workloads.
**Usage:**
```bash
./lxc-docker-create.sh <VMID> <HOSTNAME> <IP> <DISK_SIZE> <MEMORY> <CORES> [PROXMOX_HOST]
```
**Example (local Proxmox):**
```bash
./lxc-docker-create.sh 214 docker-pittsburgh-lxc 10.10.0.214 128G 16384 4
```
**Example (remote Proxmox):**
```bash
./lxc-docker-create.sh 214 docker-pittsburgh-lxc 10.10.0.214 128G 16384 4 root@10.10.0.11
```
**What it does:**
- Creates LXC container with specified resources
- Configures AppArmor for Docker compatibility
- Enables nesting and keyctl features
- Installs Docker and docker-compose-plugin
- Sets container to start on boot
**Time:** ~10 minutes (includes Docker installation)
---
### 2. `fix-docker-apparmor.sh` - Docker Compose AppArmor Fix
Adds AppArmor unconfined security options to all services in docker-compose.yml files. Required for Docker containers running inside LXC.
**Usage:**
```bash
./fix-docker-apparmor.sh <LXC_IP> [COMPOSE_DIR]
```
**Example:**
```bash
./fix-docker-apparmor.sh 10.10.0.214
./fix-docker-apparmor.sh 10.10.0.214 /home/cal/container-data
```
**What it does:**
- SSHs into the LXC container
- Finds all docker-compose.yml files
- Adds `security_opt: ["apparmor=unconfined"]` to each service
- Creates backups of original files
**Time:** ~1-2 minutes
---
## Complete Migration Workflow
### Wave 2 Example: VM 114 (Pittsburgh) → LXC 214
#### Step 1: Create LXC Container
```bash
cd /mnt/NV2/Development/claude-home/vm-management/scripts
./lxc-docker-create.sh 214 docker-pittsburgh-lxc 10.10.0.214 128G 16384 4 root@10.10.0.11
```
**Wait ~10 minutes for Docker installation**
#### Step 2: Copy SSH Key (if needed)
```bash
ssh root@10.10.0.11 "cat ~/.ssh/id_rsa.pub | pct exec 214 -- tee /root/.ssh/authorized_keys"
```
Or setup password-less SSH to LXC:
```bash
ssh root@10.10.0.11 "
ssh-keyscan -H 10.10.0.214 >> ~/.ssh/known_hosts 2>/dev/null
pct exec 214 -- mkdir -p /root/.ssh
cat ~/.ssh/id_rsa.pub | pct exec 214 -- tee -a /root/.ssh/authorized_keys
"
```
#### Step 3: Migrate Data
**Option A: rsync from VM (recommended)**
```bash
# From Proxmox host - direct rsync from old VM to new LXC
ssh root@10.10.0.11 "
rsync -avz --info=progress2 \
/mnt/vm114/home/cal/container-data/ \
root@10.10.0.214:/home/cal/container-data/
"
```
**Option B: Mount and copy from backup**
```bash
# If VM is already shut down and you have backups/snapshots
ssh root@10.10.0.11 "
mount /dev/vm114-vg/vm114-data /mnt/vm114
rsync -avz /mnt/vm114/home/cal/container-data/ root@10.10.0.214:/home/cal/container-data/
"
```
#### Step 4: Fix AppArmor in Docker Compose Files
```bash
./fix-docker-apparmor.sh 10.10.0.214
```
#### Step 5: Start Containers
```bash
ssh root@10.10.0.214
# Navigate to service directory
cd /home/cal/container-data/[service-name]
# Start containers
docker compose up -d
# Check status
docker compose ps
docker compose logs -f
```
#### Step 6: Verify and Test
- Test service functionality
- Check container logs for errors
- Verify network connectivity
- Test external access (if applicable)
#### Step 7: Update Documentation
- Mark VM as migrated in wave plan
- Document any issues encountered
- Update service inventory with new IP
---
## Time Estimates
| Step | Duration | Notes |
|------|----------|-------|
| Create LXC | 10 min | Includes Docker installation |
| Setup SSH | 1 min | One-time setup |
| Data migration | Varies | Depends on data size (58GB ≈ 60 min @ 16MB/s) |
| Fix AppArmor | 2 min | Automated script |
| Start containers | 5 min | Per service stack |
| **Total (small data)** | **~20 min** | For <10GB data |
| **Total (large data)** | **~80 min** | For ~60GB data like Wave 1 |
---
## Migration Waves Reference
Based on `vm-management/wave1-migration-results.md`:
### Remaining Migrations
| Wave | VM | Hostname | Services | Data Size | LXC ID | Priority |
|------|-----|----------|----------|-----------|--------|----------|
| 2 | 114 | Pittsburgh | Docker services | ~30GB | 214 | High |
| 3 | 112 | Louisville | Docker services | ~20GB | 212 | High |
| 4 | 115 | Denver | Docker services | ~25GB | 215 | Medium |
| 5 | 113 | Fresno | Docker services | ~15GB | 213 | Medium |
| 6 | Multiple | Misc services | Varies | Varies | TBD | Low |
---
## Troubleshooting
### Container Creation Fails
- **Check:** Template exists: `pct list | grep template`
- **Check:** VMID not in use: `pct list | grep <VMID>`
- **Check:** Sufficient storage: `pvesm status`
### SSH Connection Failed
- **Check:** Container is running: `pct status <VMID>`
- **Check:** SSH key copied: `pct exec <VMID> -- cat /root/.ssh/authorized_keys`
- **Check:** Network connectivity: `ping <IP>`
### Docker Containers Won't Start
- **Check:** AppArmor fix applied: `grep security_opt docker-compose.yml`
- **Check:** Docker service running: `systemctl status docker`
- **Check:** Container logs: `docker compose logs`
### Data Migration Slow
- **Use:** rsync with compression: `rsync -avz`
- **Use:** Direct VM-to-LXC transfer (avoid copying to intermediate location)
- **Monitor:** Network usage: `iftop` or `nload`
---
## Best Practices
1. **Always create backups** before destroying source VMs
2. **Test services** thoroughly before decommissioning VMs
3. **Document changes** in wave results files
4. **Monitor resources** during migration (CPU, RAM, disk I/O)
5. **Schedule migrations** during low-usage periods
6. **Keep scripts updated** with learnings from each wave
---
## Script Maintenance
### Adding New Features
Both scripts are designed to be easily extended:
- **lxc-docker-create.sh**: Add additional package installations, configuration steps, or validation checks
- **fix-docker-apparmor.sh**: Modify the Python script to add additional docker-compose fixes
### Testing Changes
Before using updated scripts in production:
1. Test on a non-critical VM migration
2. Verify all steps complete successfully
3. Check container functionality post-migration
4. Document any new issues or improvements
---
## Related Documentation
- [Wave 1 Migration Results](../wave1-migration-results.md) - Lessons learned from first migration
- [Migration Quick Start](../migration-quick-start.md) - Fast reference guide
- [LXC Migration Plan](../lxc-migration-plan.md) - Overall migration strategy
- [VM Management Context](../CONTEXT.md) - VM infrastructure overview
---
## Support
For issues or questions:
1. Check troubleshooting section above
2. Review wave results for similar issues
3. Check Proxmox logs: `journalctl -u pve-container@<VMID>`
4. Review Docker logs: `docker compose logs`
Reference in New Issue View Git Blame Copy Permalink