自定义 Apache 服务器的迁移计划

您应该查看创建迁移而生成的迁移计划文件。请先自定义该文件,然后再执行迁移。 迁移计划的详细信息用于从来源中提取工作负载容器工件。

本文档介绍了迁移内容以及在执行迁移和生成部署工件之前您可以考虑的自定义种类。

须知事项

本文档假设您已经创建迁移并已有迁移计划文件。

修改迁移计划

复制并分析文件系统后,您可以在指定输出路径 ANALYSIS_OUTPUT_PATH/config.yaml 中创建的新目录中找到迁移计划。

根据需要修改迁移计划,然后保存更改。

迁移计划结构

Apache2 工作负载的迁移计划具有以下结构,您可以按照以下部分中的说明进行自定义。

apacheServer:   # Apache configuration for directories on the system   # Content is the configuration as understood by apache   directories:   - Content: |-       Options FollowSymLinks       AllowOverride None       Require all denied     Path: /   - Content: |-       AllowOverride None       Require all granted     Path: /usr/share   - Content: |-       Options Indexes FollowSymLinks       AllowOverride None       Require all granted     Path: /var/www/   - Content: "#\tOptions Indexes FollowSymLinks\n#\tAllowOverride None\n#\tRequire       all granted"     Path: /srv/   - Content: |-       #   AllowOverride None       #   Require all denied     Path: /   # Environment variables used by apache   envVars:   - Value: www-data     Var: APACHE_RUN_USER   - Value: www-data     Var: APACHE_RUN_GROUP   - Value: /var/run/apache2$SUFFIX/apache2.pid     Var: APACHE_PID_FILE   - Value: /var/run/apache2$SUFFIX     Var: APACHE_RUN_DIR   - Value: /var/lock/apache2$SUFFIX     Var: APACHE_LOCK_DIR   - Value: /var/log/apache2$SUFFIX     Var: APACHE_LOG_DIR   - Value: C     Var: LANG   # The port the service will listen on   listen:   - "80"   - "443"   # Apache modules to be loaded and installed   loadModules:   - Module: access_compat_module   - Module: alias_module   - Module: auth_basic_module   - Module: authn_core_module   - Module: authn_file_module   - Module: authz_core_module   - Module: authz_host_module   - Module: authz_user_module   - Module: autoindex_module   - Module: deflate_module   - Module: dir_module   - Module: env_module   - Module: filter_module   - Module: mime_module   - Module: mpm_prefork_module   - Module: negotiation_module   - Module: php7_module   - Module: proxy_module   - Module: proxy_fcgi_module   - Module: reqtimeout_module   - Module: rewrite_module   - Module: setenvif_module   - Module: socache_shmcb_module   - Module: ssl_module   - Module: status_module   # The sites to be extracted   virtualHosts:   - address: '*:80'     documentRoot: /var/www/html     # should the site be enabled in extracted VM     includeInContainerImage: true     originalConfig: |-       # The ServerName directive sets the request scheme, hostname and port that       # the server uses to identify itself. This is used when creating       # redirection URLs. In the context of virtual hosts, the ServerName       # specifies what hostname must appear in the request's Host: header to       # match this virtual host. For the default virtual host (this file) this       # value is not decisive as it is used as a last resort host regardless.       # However, you must set it for any further virtual host explicitly.       #ServerName www.example.com        ServerAdmin webmaster@localhost       DocumentRoot /var/www/html        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,       # error, crit, alert, emerg.       # It is also possible to configure the loglevel for particular       # modules, e.g.       #LogLevel info ssl:warn        ErrorLog ${APACHE_LOG_DIR}/error.log       CustomLog ${APACHE_LOG_DIR}/access.log combined        # For most configuration files from conf-available/, which are       # enabled or disabled at a global level, it is possible to       # include a line for only one particular virtual host. For example the       # following line enables the CGI configuration for this host only       # after it has been globally disabled with "a2disconf".       #Include conf-available/serve-cgi-bin.conf     serverName: server-0   - address: '*:443'     # The location of the site content (will be copied to the same location the extracted container)     documentRoot: /var/www/html     includeInContainerImage: false     originalConfig: |-       ServerAdmin admin@example.com       DocumentRoot /var/www/html       SSLEngine on       SSLCertificateFile /etc/ssl/certs/c2d-temporary-self-signed-cert.pem       SSLCertificateKeyFile /etc/ssl/private/c2d-temporary-self-signed-cert.key        <Directory /var/www/html>       Options -Indexes       AllowOverride FileInfo       </Directory>     serverName: server-1 php:   # list of php modules to be installed in the extracted container (add/remove entries to change what will be installed)   modules:   - calendar   - ctype   - curl   - exif   - ffi   - fileinfo   - filter   - gd   - gettext   - iconv   - json   - mysqli   - pcntl   - pdo   - pdo_mysql   - posix   - shmop   - sockets   - sysvmsg   - sysvsem   - sysvshm   - tokenizer   - xsl

配置目录的安全政策

directories 部分中,您可以应用特定配置,以对某些目录强制执行安全政策。如需填写和修改计划的这一部分,请使用 Directory 指令的语法。

加载和安装模块

loadModules 部分中,您可以指定要加载并安装的模块。Migrate to Containers 会通过扫描原始配置来自动检测所需的模块,其中包含 LoadModule 指令

支持的模块

access_compat_module alias_module auth_basic_module authn_core_module authn_file_module authz_core_module authz_host_module authz_user_module autoindex_module deflate_module dir_module env_module expires_module filter_module mime_module mpm_prefork_module negotiation_module php7_module proxy_fcgi_module proxy_module remoteip_module reqtimeout_module rewrite_module setenvif_module socache_shmcb_module ssl_module status_module

指定和配置虚拟主机

virtualHosts 部分中,Migrate to Containers 将复制 <VirtualHost></VirtualHost>中的所有指令。

address 字段中,网站的 IP 地址会被替换为 *

originalConfig 下,DocumentRoot 字段指定 Apache 提供请求文件的路径。对于 DocumentRoot 中指定的每个路径,Migrate to Containers 将执行以下操作:

  • 将每个路径压缩为一个单独的 tar 文件。
  • 复制工件中的 tar 文件以进行提取。
  • 使用 Dockerfile 中的 ADD --chown 选项更改 Docker 映像中用户的权限。

查看 PHP 扩展

Migrate to Containers 会自动检测虚拟机中安装的 PHP 模块,并将其包含在迁移计划的 php 部分下。请查看本部分并根据需要添加或移除模块。

后续步骤