# 使用x2openEuler工具评估
# 安装评估工具
# yum install -y x2openEuler

# 执行兼容性评估
# x2openEuler assess –target openEuler-22.03-LTS –output /tmp/assess-report

============================================================
x2openEuler Compatibility Assessment
============================================================
System Information:
Source OS: CentOS Linux 7.9.2009
Target OS: openEuler 22.03 LTS
Assessment Time: 2026-04-03 10:00:00

Software Analysis:
Total Packages: 1234
Compatible: 1156 (93.7%)
Incompatible: 45 (3.6%)
Unknown: 33 (2.7%)

Hardware Analysis:
CPU: Intel Xeon Gold 6248R – Compatible
Memory: 128GB DDR4 – Compatible
Storage: Samsung SSD 970 EVO – Compatible
Network: Intel I350 Gigabit – Compatible

Service Analysis:
sshd: Compatible
nginx: Compatible
mysql: Compatible
redis: Compatible
java-1.8.0-openjdk: Compatible

Incompatible Packages:
– package-a-1.2.3 (dependency issue)
– package-b-2.0.1 (architecture mismatch)
– package-c-3.1.0 (library conflict)

Recommendations:
1. Replace incompatible packages with alternatives
2. Update custom applications for openEuler
3. Test critical services before migration

Report saved to: /tmp/assess-report/
============================================================

# 查看详细评估报告
# cat /tmp/assess-report/software_analysis.csv
Package,Version,Status,Notes
nginx,1.20.1,Compatible,Direct replacement available
mysql,8.0.28,Compatible,Use openEuler repository
redis,6.2.6,Compatible,Direct replacement available
java-1.8.0-openjdk,1.8.0.322,Compatible,Use openEuler repository
python3,3.6.8,Compatible,Version upgrade to 3.9 available

# 检查内核模块兼容性
# lsmod | awk ‘{print $1}’ > /tmp/current_modules.txt

# 对比目标系统模块
# cat /tmp/current_modules.txt | while read module; do
echo “Checking module: $module”
modinfo $module 2>/dev/null | grep -E “filename|license”
done | head -30

Checking module: nfsd
filename: /lib/modules/3.10.0-1160.el7.x86_64/kernel/fs/nfsd/nfsd.ko.xz
license: GPL

Checking module: nfs_acl
filename: /lib/modules/3.10.0-1160.el7.x86_64/kernel/fs/nfs/nfs_acl.ko.xz
license: GPL

Checking module: auth_rpcgss
filename: /lib/modules/3.10.0-1160.el7.x86_64/kernel/net/sunrpc/auth_gss/auth_rpcgss.ko.xz
license: GPL

# 检查系统调用兼容性
# strace -c ls /tmp > /dev/null 2>&1
% time seconds usecs/call calls errors syscall
—— ———– ———– ——— ——— —————-
25.00 0.001234 12 100 read
20.00 0.000987 10 98 write
15.00 0.000765 15 50 open
10.00 0.000543 11 49 close
8.00 0.000432 8 54 stat
—— ———– ———– ——— ——— —————-
100.00 0.004935 351 total

# 检查库依赖
# ldd /usr/bin/nginx | head -20
linux-vdso.so.1 => (0x00007ffc12345000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f1234567000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f1234565000)
libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007f1234500000)
libz.so.1 => /lib64/libz.so.1 (0x00007f1234400000)
libc.so.6 => /lib64/libc.so.6 (0x00007f1234000000)
/lib64/ld-linux-x86-64.so.2 (0x00007f1234600000)

# 安装openEuler系统后查看版本
# cat /etc/os-release
NAME=”openEuler”
VERSION=”22.03 LTS”
ID=”openEuler”
VERSION_ID=”22.03″
PRETTY_NAME=”openEuler 22.03 LTS”
ANSI_COLOR=”0;31″

# 查看内核版本
# uname -r
5.10.0-60.oe2203.x86_64

# 配置软件源
# cat /etc/yum.repos.d/openEuler.repo
[OS]
name=OS
baseurl=https://repo.openeuler.org/openEuler-22.03-LTS/OS/$basearch/
enabled=1
gpgcheck=1
gpgkey=https://repo.openeuler.org/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler

[everything]
name=everything
baseurl=https://repo.openeuler.org/openEuler-22.03-LTS/everything/$basearch/
enabled=1
gpgcheck=1
gpgkey=https://repo.openeuler.org/openEuler-22.03-LTS/everything/$basearch/RPM-GPG-KEY-openEuler

[EPOL]
name=EPOL
baseurl=https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/main/$basearch/
enabled=1
gpgcheck=1
gpgkey=https://repo.openeuler.org/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler

# 更新系统
# yum update -y
Last metadata expiration check: 0:01:00 ago on Fri 03 Apr 2026 10:00:00 AM CST.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Upgrading:
kernel x86_64 5.10.0-60.oe2203 OS 12 M
kernel-devel x86_64 5.10.0-60.oe2203 OS 15 M
systemd x86_64 249-30.oe2203 OS 4.5 M

Transaction Summary
================================================================================
Install 0 Packages
Upgrade 50 Packages

Total download size: 150 M
Is this ok [y/N]: y

# 安装必要软件包
# yum install -y nginx mysql-server redis java-1.8.0-openjdk python3

# 配置网络
# cat /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
BOOTPROTO=static
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=192.168.1.2
DNS2=192.168.1.3

# 重启网络服务
# systemctl restart NetworkManager

# 配置防火墙
# systemctl start firewalld
# systemctl enable firewalld
# firewall-cmd –permanent –add-service=ssh
# firewall-cmd –permanent –add-service=http
# firewall-cmd –permanent –add-service=https
# firewall-cmd –reload
success

# 配置SELinux
# cat /etc/selinux/config
SELINUX=enforcing
SELINUXTYPE=targeted

# 检查SELinux状态
# getenforce
Enforcing

# 使用rsync迁移数据
# 在源服务器上执行
# rsync -avz –progress /data/ root@192.168.1.100:/data/
sending incremental file list
./
file1.dat
file2.dat
dir1/
dir1/file3.dat
dir1/file4.dat

sent 1.23G bytes received 12.34K bytes 10.45M bytes/sec
total size is 1.50G speedup is 1.22

# 使用tar打包迁移
# cd /data
# tar -czvf – . | ssh root@192.168.1.100 “cd /data && tar -xzvf -”
./
./file1.dat
./file2.dat
./dir1/
./dir1/file3.dat
./dir1/file4.dat

# 验证数据完整性
# 源服务器
# find /data -type f -exec md5sum {} \; > /tmp/source_md5.txt

# 目标服务器
# find /data -type f -exec md5sum {} \; > /tmp/target_md5.txt

# 对比MD5
# diff /tmp/source_md5.txt /tmp/target_md5.txt
# 无输出表示数据一致

# 迁移用户和组
# 源服务器导出
# awk -F: ‘$3 >= 1000 {print $0}’ /etc/passwd > /tmp/users.txt
# awk -F: ‘$3 >= 1000 {print $0}’ /etc/group > /tmp/groups.txt
# awk -F: ‘$1 !~ /^#/ {print $0}’ /etc/shadow > /tmp/shadows.txt

# 目标服务器导入
# while read line; do
useradd -M $(echo $line | cut -d: -f1)
done < /tmp/users.txt

# 迁移定时任务
# 源服务器导出
# crontab -l > /tmp/crontab_backup.txt
# for user in $(cut -f1 -d: /etc/passwd); do
crontab -u $user -l > /tmp/crontab_${user}.txt 2>/dev/null
done

# 目标服务器导入
# crontab /tmp/crontab_backup.txt
# for user in $(cut -f1 -d: /etc/passwd); do
if [ -f /tmp/crontab_${user}.txt ]; then
crontab -u $user /tmp/crontab_${user}.txt
fi
done

# 迁移系统配置
# 源服务器导出
# tar -czvf /tmp/sysconfig_backup.tar.gz /etc/sysconfig/ /etc/systemd/ /etc/security/

# 目标服务器导入
# tar -xzvf /tmp/sysconfig_backup.tar.gz -C /

# 迁移日志文件
# rsync -avz /var/log/ root@192.168.1.100:/var/log/history/

# 迁移Java应用
# 检查Java版本
# java -version
openjdk version “1.8.0_322”
OpenJDK Runtime Environment (build 1.8.0_322-b06)
OpenJDK 64-Bit Server VM (build 25.322-b06, mixed mode)

# 安装Java环境
# yum install -y java-1.8.0-openjdk java-1.8.0-openjdk-devel

# 迁移应用
# rsync -avz /opt/app/ root@192.168.1.100:/opt/app/

# 配置环境变量
# cat > /etc/profile.d/app.sh << 'EOF' export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk export APP_HOME=/opt/app export PATH=$PATH:$JAVA_HOME/bin:$APP_HOME/bin EOF # source /etc/profile.d/app.sh # 创建systemd服务 # cat > /etc/systemd/system/fgedu-app.service << 'EOF' [Unit] Description=FGedu Application Service After=network.target [Service] Type=simple User=app Group=app Environment="JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk" ExecStart=/opt/app/bin/startup.sh ExecStop=/opt/app/bin/shutdown.sh Restart=on-failure RestartSec=10 [Install] WantedBy=multi-user.target EOF # systemctl daemon-reload # systemctl enable fgedu-app # systemctl start fgedu-app

# 迁移Web应用（Nginx）
# 安装Nginx
# yum install -y nginx

# 迁移配置文件
# rsync -avz /etc/nginx/ root@192.168.1.100:/etc/nginx/

# 迁移静态文件
# rsync -avz /var/www/html/ root@192.168.1.100:/var/www/html/

# 检查配置
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

# 启动服务
# systemctl enable nginx
# systemctl start nginx

# 迁移Python应用
# 安装Python环境
# yum install -y python3 python3-pip

# 安装依赖
# pip3 install -r requirements.txt

# 迁移应用代码
# rsync -avz /opt/python-app/ root@192.168.1.100:/opt/python-app/

# 创建服务
# cat > /etc/systemd/system/python-app.service << 'EOF' [Unit] Description=Python Application Service After=network.target [Service] Type=simple User=python Group=python WorkingDirectory=/opt/python-app ExecStart=/usr/bin/python3 /opt/python-app/main.py Restart=on-failure [Install] WantedBy=multi-user.target EOF # systemctl daemon-reload # systemctl enable python-app # systemctl start python-app

# 迁移SSH服务
# 备份原配置
# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

# 迁移配置
# rsync -avz /etc/ssh/ root@192.168.1.100:/etc/ssh/

# 检查配置
# sshd -t

# 重启服务
# systemctl restart sshd

# 迁移DNS服务
# 安装BIND
# yum install -y bind bind-utils

# 迁移配置文件
# rsync -avz /etc/named.conf root@192.168.1.100:/etc/
# rsync -avz /var/named/ root@192.168.1.100:/var/named/

# 检查配置
# named-checkconf
# named-checkzone fgedu.net.cn /var/named/fgedu.net.cn.zone
zone fgedu.net.cn/IN: loaded serial 2026040301
OK

# 启动服务
# systemctl enable named
# systemctl start named

# 迁移DHCP服务
# 安装DHCP
# yum install -y dhcp-server

# 迁移配置
# rsync -avz /etc/dhcp/ root@192.168.1.100:/etc/dhcp/

# 启动服务
# systemctl enable dhcpd
# systemctl start dhcpd

# 系统功能测试
# 检查系统服务状态
# systemctl list-units –type=service –state=running
UNIT LOAD ACTIVE SUB DESCRIPTION
auditd.service loaded active running Security Auditing Service
crond.service loaded active running Command Scheduler
fgedu-app.service loaded active running FGedu Application Service
firewalld.service loaded active running firewalld – dynamic firewall daemon
NetworkManager.service loaded active running Network Manager
nginx.service loaded active running The nginx HTTP and reverse proxy server
sshd.service loaded active running OpenSSH server daemon

# 网络连通性测试
# ping -c 3 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.521 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.432 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.398 ms

— 192.168.1.1 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.398/0.450/0.521/0.052 ms

# DNS解析测试
# nslookup www.fgedu.net.cn
Server: 192.168.1.2
Address: 192.168.1.2#53

Name: www.fgedu.net.cn
Address: 192.168.1.100

# Web服务测试
# curl -I http://fgedudb
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 03 Apr 2026 10:00:00 GMT
Content-Type: text/html
Content-Length: 1234
Connection: keep-alive
Last-Modified: Fri, 03 Apr 2026 09:00:00 GMT
ETag: “abc123-def456”
Accept-Ranges: bytes

# 应用功能测试
# 测试应用API
# curl -s http://fgedudb:8080/api/health
{“status”: “healthy”, “version”: “1.0.0”}

# 测试数据库连接
# mysql -h fgedudb -u fgedu_user -p -e “SELECT 1”
Enter password:
+—+
| 1 |
+—+
| 1 |
+—+

# 测试Redis连接
# redis-cli ping
PONG

# 性能基准测试
# 安装测试工具
# yum install -y sysbench

# CPU测试
# sysbench cpu –cpu-max-prime=20000 run
CPU speed:
events per second: 1234.56

# 内存测试
# sysbench memory –memory-block-size=1M –memory-total-size=10G run
Total operations: 10240 (1234.56 per second)

10240.00 MiB transferred (1234.56 MiB/sec)

# 磁盘I/O测试
# sysbench fileio –file-total-size=10G prepare
# sysbench fileio –file-total-size=10G –file-test-mode=rndrw run
File operations:
reads/s: 1234.56
writes/s: 567.89
fsyncs/s: 12.34

# 内核参数调优
# cat >> /etc/sysctl.conf << 'EOF' # 网络优化 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 600 # 内存优化 vm.swappiness = 10 vm.dirty_ratio = 20 vm.dirty_background_ratio = 5 # 文件系统优化 fs.file-max = 6815744 EOF # sysctl -p # 系统限制调优 # cat >> /etc/security/limits.conf << 'EOF' * soft nofile 65535 * hard nofile 65535 * soft nproc 65535 * hard nproc 65535 * soft memlock unlimited * hard memlock unlimited EOF # 服务优化 # 优化Nginx # cat > /etc/nginx/conf.d/performance.conf << 'EOF' worker_processes auto; worker_rlimit_nofile 65535; events { worker_connections 65535; use epoll; multi_accept on; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; gzip on; gzip_min_length 1k; gzip_types text/plain text/css application/json application/javascript; } EOF # systemctl restart nginx

# 配置防火墙规则
# firewall-cmd –permanent –add-rich-rule=’rule family=”ipv4″ source address=”192.168.1.0/24″ service name=”ssh” accept’
# firewall-cmd –permanent –add-rich-rule=’rule family=”ipv4″ source address=”0.0.0.0/0″ service name=”http” accept’
# firewall-cmd –permanent –add-rich-rule=’rule family=”ipv4″ source address=”0.0.0.0/0″ service name=”https” accept’
# firewall-cmd –reload

# 配置SSH安全
# cat >> /etc/ssh/sshd_config << 'EOF' PermitRootLogin no PasswordAuthentication no PubkeyAuthentication yes MaxAuthTries 3 ClientAliveInterval 300 ClientAliveCountMax 2 EOF # systemctl restart sshd # 配置审计 # yum install -y audit # systemctl enable auditd # systemctl start auditd # 添加审计规则 # cat >> /etc/audit/rules.d/audit.rules << 'EOF -w /etc/passwd -p wa -k identity -w /etc/shadow -p wa -k identity -w /etc/sudoers -p wa -k sudoers -w /var/log/secure -p wa -k logins EOF # service auditd restart # 安全扫描 # yum install -y openscap-scanner # oscap xccdf eval --profile standard --report /tmp/scan-report.html /usr/share/xml/scap/ssg/content/ssg-openeuler-ds.xml

# 割接前检查清单
# cat > /tmp/cutover-checklist.txt << 'EOF' 割接前检查清单 ================ 1. 数据备份完成 - [ ] 数据库备份 - [ ] 应用数据备份 - [ ] 配置文件备份 2. 目标系统准备 - [ ] 系统安装完成 - [ ] 网络配置正确 - [ ] 服务安装完成 - [ ] 应用部署完成 3. 功能验证 - [ ] 应用启动正常 - [ ] 数据库连接正常 - [ ] 网络连通正常 - [ ] 安全配置完成 4. 回退准备 - [ ] 回退方案已制定 - [ ] 回退脚本已准备 - [ ] 回退测试已完成 5. 通知 - [ ] 用户通知已发送 - [ ] 运维团队已通知 - [ ] 应急联系人已确认 EOF # 割接执行脚本 # cat > /opt/scripts/cutover.sh << 'EOF' #!/bin/bash LOG_FILE="/var/log/cutover.log" TIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S') log() { echo "[$TIMESTAMP] $1" | tee -a $LOG_FILE } log "=== 开始割接 ===" # 停止源服务器服务 log "停止源服务器服务..." ssh root@source-server "systemctl stop nginx fgedu-app" # 最终数据同步 log "执行最终数据同步..." rsync -avz --delete /data/ root@target-server:/data/ # 更新DNS记录 log "更新DNS记录..." nsupdate << EOF server 192.168.1.2 zone fgedu.net.cn update delete www.fgedu.net.cn A update add www.fgedu.net.cn 300 A 192.168.1.100 send EOF # 启动目标服务器服务 log "启动目标服务器服务..." ssh root@target-server "systemctl start nginx fgedu-app" # 验证服务 log "验证服务状态..." curl -s http://192.168.1.100/health || log "ERROR: 服务验证失败" log "=== 割接完成 ===" EOF # chmod +x /opt/scripts/cutover.sh # 回退脚本 # cat > /opt/scripts/rollback.sh << 'EOF' #!/bin/bash LOG_FILE="/var/log/rollback.log" TIMESTAMP=$(date '+%Y-%m-%d %H:%M:%S') log() { echo "[$TIMESTAMP] $1" | tee -a $LOG_FILE } log "=== 开始回退 ===" # 恢复DNS记录 log "恢复DNS记录..." nsupdate << EOF server 192.168.1.2 zone fgedu.net.cn update delete www.fgedu.net.cn A update add www.fgedu.net.cn 300 A 192.168.1.50 send EOF # 停止目标服务器 log "停止目标服务器服务..." systemctl stop nginx fgedu-app # 启动源服务器 log "启动源服务器服务..." ssh root@source-server "systemctl start nginx fgedu-app" log "=== 回退完成 ===" EOF # chmod +x /opt/scripts/rollback.sh