Migrating from CentOS to Rocky Linux: A Practical Conversion Guide
Why CentOS Is No Longer an Option
CentOS Linux 8 reached end of life on December 31, 2021 — years earlier than expected. CentOS Stream is a rolling release that sits upstream of RHEL, not downstream, making it unsuitable as a production replacement. CentOS 7 reached end of life on June 30, 2024.
Rocky Linux fills the gap: it's a downstream RHEL rebuild, binary-compatible, community-maintained, and committed to the long-term stable release model CentOS used to provide. This guide covers converting existing CentOS 8 or CentOS Stream 8 systems to Rocky Linux 8, and migrating CentOS 7 systems to Rocky Linux 9 via a fresh OS upgrade path.
Migration vs. Fresh Install
You have two options:
In-place conversion (CentOS 8 → Rocky Linux 8): The migrate2rocky script swaps out the distribution packages while preserving all installed software, configuration, and data. Suitable for servers you can't easily reprovisioned.
Fresh install + restore (CentOS 7 → Rocky Linux 9): Since the major version jump changes too much (Python 2→3, systemd behavior, libraries), a fresh Rocky Linux 9 install with configuration/data migration is often safer and cleaner.
Pre-Migration Checklist
Before running any migration:
# 1. Snapshot or backup the system (VM snapshot, disk backup)
# This is non-negotiable. If migration fails mid-way, you need a restore point.
# 2. Check current OS version
cat /etc/centos-release
cat /etc/os-release
# 3. Check available disk space (need ~3GB for package downloads)
df -h /
# 4. Check for third-party repositories that may conflict
yum repolist
ls /etc/yum.repos.d/
# 5. Note what's currently running
systemctl list-units --type=service --state=running > /tmp/services-before.txt
yum list installed > /tmp/packages-before.txt
# 6. Check kernel version
uname -r
# 7. Disable or note any SELinux policies you've customized
getenforce
sestatus
Migrating CentOS 8 / CentOS Stream 8 to Rocky Linux 8
Step 1: Download migrate2rocky
# Download the official migration script
curl -O https://raw.githubusercontent.com/rocky-linux/rocky-tools/main/migrate2rocky/migrate2rocky.sh
# Verify it's what you expect — review it before running
less migrate2rocky.sh
# Make executable
chmod +x migrate2rocky.sh
Step 2: Run the Migration
# Run migration (takes 10-30 minutes depending on package count)
sudo bash migrate2rocky.sh -r
# The -r flag means: convert this system to Rocky Linux
# The script will:
# 1. Add Rocky Linux GPG keys and repos
# 2. Remove CentOS-specific packages
# 3. Install Rocky Linux equivalents
# 4. Update all packages to Rocky Linux versions
Monitor progress — the script is verbose and will log what it's replacing. It will stop and report if it encounters an unresolvable conflict.
Step 3: Reboot
sudo reboot
Step 4: Verify Migration
# Confirm you're on Rocky Linux
cat /etc/rocky-release
cat /etc/os-release
# Example output:
# Rocky Linux release 8.x (Green Obsidian)
# NAME="Rocky Linux"
# Check kernel
uname -r
# Verify no CentOS packages remain
rpm -qa | grep centos
# Check all repos are Rocky Linux
yum repolist
# Compare running services to pre-migration list
systemctl list-units --type=service --state=running > /tmp/services-after.txt
diff /tmp/services-before.txt /tmp/services-after.txt
Handling Third-Party Repositories
The migration script may have disabled third-party repos that had CentOS-specific URLs. Check and re-enable as needed:
# Check disabled repos
yum repolist disabled
# Common repos that need updating:
# EPEL — re-enable for Rocky Linux 8
sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
# IUS, Remi, etc. — find their Rocky Linux repo URLs
# Check the repo's website for Rocky Linux / RHEL 8 packages
# Re-enable a repo
sudo yum-config-manager --enable <repo-id>
Migrating CentOS 7 to Rocky Linux 9 (Fresh Install Path)
Because CentOS 7 is EOL and the jump to Rocky 9 spans two major versions, the safest approach is a fresh installation with data migration.
Step 1: Document the Current System
# Save installed package list
rpm -qa --qf "%{NAME}\n" | sort > /tmp/packages-centos7.txt
# Save service states
systemctl list-unit-files --type=service | grep enabled > /tmp/services-centos7.txt
# Save network config
ip addr > /tmp/network-config.txt
cat /etc/sysconfig/network-scripts/ifcfg-* >> /tmp/network-config.txt
# Save crontabs
crontab -l > /tmp/root-crontab.txt 2>/dev/null
for user in $(awk -F: '{ print $1 }' /etc/passwd); do
crontab -u "$user" -l 2>/dev/null | grep -v "^no crontab" && echo "--- $user ---"
done > /tmp/user-crontabs.txt
# Back up application data and configs
rsync -av /etc/ /backup/etc/
rsync -av /var/www/ /backup/var-www/ 2>/dev/null
rsync -av /home/ /backup/home/
Step 2: Install Rocky Linux 9
Install from the official Rocky Linux 9 ISO onto the target system or provision a new VM with Rocky Linux 9.
Step 3: Re-provision the System
# On the new Rocky Linux 9 system:
# Install comparable packages
# Match your package list, substituting for any CentOS 7 packages
# that have been renamed or replaced
# Enable EPEL for Rocky Linux 9
sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
# Restore data
rsync -av /backup/home/ /home/
rsync -av /backup/var-www/ /var/www/
# Restore configs (review before blindly copying — configs may have changed format)
# Copy selectively, e.g.:
cp /backup/etc/nginx/nginx.conf /etc/nginx/nginx.conf
cp /backup/etc/my.cnf /etc/my.cnf
Post-Migration Validation
For both in-place and fresh installs:
# 1. Verify SELinux status
getenforce # Should be Enforcing on production systems
# 2. Check for packages with unresolved dependencies
dnf check
# 3. Verify all expected services are running
systemctl status nginx mysql postgresql # adjust for your stack
# 4. Test application endpoints
curl -I http://localhost/
curl -f http://localhost/health
# 5. Check logs for errors post-migration
journalctl -p err --since "1 hour ago"
# 6. Verify firewall rules
firewall-cmd --list-all
# 7. Run your test suite or smoke tests
Rocky Linux vs AlmaLinux: Which to Choose
Both Rocky Linux and AlmaLinux are CentOS replacements with RHEL binary compatibility. The choice is mostly organizational:
| Rocky Linux | AlmaLinux | |
|---|---|---|
| Governance | Rocky Enterprise Software Foundation | AlmaLinux OS Foundation |
| Backing | Community | CloudLinux |
| RHEL compatibility | 1:1 binary | 1:1 binary (ABI compatible) |
| Certifications | In progress | Some achieved |
| Kernel Live Patching | Via ELRepo | Via TuxCare/AlmaLinux |
Both are viable. Pick based on which community, commercial support agreements, or existing internal experience fits your organization.
Quick Reference
# Post-migration: update everything to latest
sudo dnf update -y
# Install development tools
sudo dnf groupinstall "Development Tools" -y
# Enable CodeReady Linux Builder (equivalent to CentOS PowerTools)
sudo dnf config-manager --set-enabled crb
sudo dnf install crb-release -y # alternative method
# Check Rocky Linux version
cat /etc/rocky-release
# Subscribe to Rocky Linux security announcements
# https://lists.resf.org/archives/list/[email protected]/
Rocky Linux's strength is exactly what CentOS 8 had before EOL: a stable, freely available RHEL-compatible platform. If your team knows RHEL or CentOS, Rocky Linux requires essentially no retraining.
Was this article helpful?
Linux Systems Engineer
Everything runs on Linux — I make sure it runs well. From kernel tuning to systemd debugging, I live in the terminal. If your server is misbehaving, I've probably seen that exact dmesg output before.
Related Articles
RHEL 9 Subscription Manager: Attaching Entitlements, Enabling Repos, and Going Offline
A practical guide to RHEL 9's subscription management — attaching entitlements, enabling the right repositories, creating local mirrors for air-gapped environments, and managing subscriptions at scale.
Linux Package Management: apt, dnf, and zypper Compared
Install, update, and manage packages across Ubuntu (apt), RHEL (dnf/yum), and SUSE (zypper) — repositories, GPG keys, version pinning, and automation.
RHEL 9 Performance Tuning: tuned, sysctl, and CPU/Memory Optimization
How to tune RHEL 9 performance using tuned profiles, sysctl parameters, CPU governors, NUMA topology, and memory settings — for database servers, web workloads, and latency-sensitive applications.
Rocky Linux 9 Server Hardening: Security Baseline from First Boot
A production security baseline for Rocky Linux 9 — covering SELinux configuration, firewalld rules, SSH hardening, auditd, AIDE integrity checking, and CIS Benchmark compliance checks.
Alpine Linux apk Reference: Package Management, Repositories, and System Administration
A complete reference for Alpine Linux's apk package manager — adding packages, managing repositories, pinning versions, building custom packages, and running Alpine as a minimal server OS.
openSUSE MicroOS and Transactional Updates: Atomic System Updates with Btrfs Snapshots
How openSUSE's transactional-update and Btrfs snapshot integration enables atomic, rollback-safe system updates — and how MicroOS takes this to a fully immutable, container-optimized OS.
More in Linux
View all →Linux Control Groups (cgroups V2): Limiting CPU And Memory For Production Workloads
If you're running production workloads without cgroup constraints, you're one runaway process away from a bad day. Here's everything you need to configure...
Alpine Linux for Docker: Building Minimal, Secure Container Images
How to use Alpine Linux as a Docker base image effectively — understanding musl libc compatibility, multi-stage builds, layer optimization, and the security trade-offs versus glibc-based distributions.
openSUSE and SUSE Linux Enterprise: YaST Administration and zypper Package Management
A practical guide to SUSE Linux administration — using YaST for system configuration, zypper for package management, managing repositories, and understanding the differences between openSUSE Leap, Tumbleweed, and SUSE Linux Enterprise.
Ubuntu 24.04 LTS Server Setup for Production: From Bare Metal to Hardened Baseline
A complete walkthrough for turning a fresh Ubuntu 24.04 LTS installation into a production-ready server — from initial SSH lockdown to swap configuration and kernel parameter tuning.