Gitlab迁移(亲测)
1. 概述
当前gitlab部署在k8s内,根据基础设施设计此处不合理,需将gitlab迁移至主机部署的gitlab
当前位置:k8s 集群
迁移后位置:云主机部署gitlab
2. Gitlab从Kubernetes迁移到Host
Gitlab Kubernetes: GitLab-CE 14.2.3
Gitlab Host : GitLab-CE 14.2.3
2.1 备份恢复过程
旧服务备份数据
备份命令:
gitlab-rake gitlab:backup:create
生成备份文件/opt/gitlab/backups/1547087542_2022_09_02_13.12.15_gitlab_backup.tar
新服务器准备工作
1. 安装gitlab-ce(保证两个服务器的gitlab版本一致)
2. 修改配置文件
```
vim /etc/gitlab/gitlab.rb
external_url 'https://gitlab.xxx.work'
##配置https
nginx['enable'] = true
nginx['redirect_http_to_https'] = true #http重定向到https
nginx['ssl_certificate'] = "/opt/gitlab/ssl/zzz.zzz.crt" #ssl证书路径
nginx['ssl_certificate_key'] = "/opt/gitlab/ssl/zzz.zzz.key" #ssl秘钥路径
##配置LDAP
gitlab_rails['ldap_enabled'] = true
gitlab_rails['prevent_ldap_sign_in'] = false
gitlab_rails['ldap_servers'] = {
'main' => {
'label' => 'LDAP',
'host' => 'xxx.xxx.xxx.xxx',
'port' => 389,
'uid' => 'sAMAccountName',
'bind_dn' => 'CN=gitlab,CN=Users,DC=xxx,DC=com',
'password' => 'xxxx',
'active_directory' => true,
'allow_username_or_email_login' => true,
'block_auto_created_users' => false,
'base' => 'DC=xxx,DC=com',
'user_filter' => ''
}
}
##配置好以上信息后执行重置命令并重启
gitlab-ctl reconfigure
gitlab-ctl restart
3. 将备份文件放到本地
/opt/gitlab/backups/
4. 修改备份文件权限
chmod 777 /opt/gitlab/backups/1547087542_2022_09_02_13.12.15_gitlab_backup.tar
5. 停止unicorn和sidekiq服务
gitlab-ctl stop unicorn
gitlab-ctl stop sidekiq
6. 恢复备份数据
gitlab-rake gitlab:backup:restore BACKUP=1547087542_2022_09_02_13.12.15
7. 重启gitlab服务
gitlab-ctl start
2.2恢复过程中遇到错误解决
错误 一:监听问题
Restoring PostgreSQL database gitlabhq_production ... ERROR: must be owner of extension pg_trgm ERROR: must be owner of extension btree_gist ERROR: must be owner of extension btree_gist ERROR: must be owner of extension pg_trgm
解决:
vim /var/opt/gitlab/postgresql/data/postgresql.conf listen_addresses = '*' # 最下面新增两行 $ vim /var/opt/gitlab/postgresql/data/pg_hba.conf local all all trust host all all 127.0.0.1/32 trust
错误 二:用户问题
psql not ‘postgres’ superuser 解决: $ su - gitlab-psql $ /opt/gitlab/embedded/bin/psql -h 127.0.0.1 gitlabhq_production psql (9.2.8) Type "help" for help. gitlabhq_production=# ALTER USER gitlab WITH SUPERUSER; ALTER ROLE gitlabhq_production=# CREATE USER postgres SUPERUSER; gitlabhq_production=# \q
错误三:恢复后遇到500问题
问题描述:直接将备份恢复后,在页面上随便都会报500错误,日志提示'Object Storage is not enabled',需要按下文开启lfs功能再恢复数据
# Job Artifacts gitlab_rails['artifacts_enabled'] = true gitlab_rails['artifacts_path'] = "/var/opt/gitlab/gitlab-rails/shared/artifacts" ####! Job artifacts Object Store ####! Docs: https://docs.gitlab.com/ee/administration/job_artifacts.html#using-object-storage gitlab_rails['artifacts_object_store_enabled'] = true gitlab_rails['artifacts_object_store_direct_upload'] = true gitlab_rails['artifacts_object_store_background_upload'] = true gitlab_rails['artifacts_object_store_proxy_download'] = true gitlab_rails['artifacts_object_store_remote_directory'] = "artifacts" gitlab_rails['artifacts_object_store_connection'] = { 'provider' => 'AWS', 'region' => 'eu-west-1', 'aws_access_key_id' => 'Z1Xh28dpKo0Oc9Xjjq35n0lCceGYxHmGwpibz2WQ9acLtiUTBHftVTKxcLiISSld', 'aws_secret_access_key' => 'ebRmMNRHh9R9ve869SkspkC3xMOyPBmo0FGhud4JqBZu7zjuiMCu36xn7aEVNEeT', # # The below options configure an S3 compatible host instead of AWS 'aws_signature_version' => 4, # For creation of signed URLs. Set to 2 if provider does not support v4. 'endpoint' => 'http://minio地址:9000', # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces 'host' => 'localhost', 'path_style' => true # Use 'host/bucket_name/object' instead of 'bucket_name.host/object' } ### Git LFS gitlab_rails['lfs_enabled'] = true gitlab_rails['lfs_storage_path'] = "/var/opt/gitlab/gitlab-rails/shared/lfs-objects" gitlab_rails['lfs_object_store_enabled'] = true gitlab_rails['lfs_object_store_direct_upload'] = true gitlab_rails['lfs_object_store_background_upload'] = true gitlab_rails['lfs_object_store_proxy_download'] = true gitlab_rails['lfs_object_store_remote_directory'] = "lfs-objects" gitlab_rails['lfs_object_store_connection'] = { 'provider' => 'AWS', 'region' => 'eu-west-1', 'aws_access_key_id' => 'Z1Xh28dpKo0Oc9Xjjq35n0lCceGYxHmGwpibz2WQ9acLtiUTBHftVTKxcLiISSld', 'aws_secret_access_key' => 'ebRmMNRHh9R9ve869SkspkC3xMOyPBmo0FGhud4JqBZu7zjuiMCu36xn7aEVNEeT#', # # The below options configure an S3 compatible host instead of AWS 'aws_signature_version' => 4, # For creation of signed URLs. Set to 2 if provider does not support v4. # 'endpoint' => 'https://s3.amazonaws.com', # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces 'host' => 'localhost', 'endpoint' => 'http://minio地址:9000', 'path_style' => true # # 'path_style' => false # Use 'host/bucket_name/object' instead of 'bucket_name.host/object' } ### GitLab uploads ###! Docs: https://docs.gitlab.com/ee/administration/uploads.html gitlab_rails['uploads_storage_path'] = "/var/opt/gitlab/gitlab-rails/public" gitlab_rails['uploads_base_dir'] = "uploads/-/system" gitlab_rails['uploads_object_store_enabled'] = true gitlab_rails['uploads_object_store_direct_upload'] = true gitlab_rails['uploads_object_store_background_upload'] = true gitlab_rails['uploads_object_store_proxy_download'] = true gitlab_rails['uploads_object_store_remote_directory'] = "uploads" gitlab_rails['uploads_object_store_connection'] = { 'provider' => 'AWS', 'region' => 'eu-west-1', 'aws_access_key_id' => 'Z1Xh28dpKo0Oc9Xjjq35n0lCceGYxHmGwpibz2WQ9acLtiUTBHftVTKxcLiISSld', 'aws_secret_access_key' => 'ebRmMNRHh9R9ve869SkspkC3xMOyPBmo0FGhud4JqBZu7zjuiMCu36xn7aEVNEeT', # # # The below options configure an S3 compatible host instead of AWS 'host' => 'localhost', 'aws_signature_version' => 4, # For creation of signed URLs. Set to 2 if provider does not support v4. 'endpoint' => 'http://minio地址:9000', # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces 'path_style' => true # Use 'host/bucket_name/object' instead of 'bucket_name.host/object' }
错误四:其他密钥问题
问题描述
gitlab代码仓库迁移数据后,在测试的时候发现有的功能按键点击出现500的错误,经过查资料解决了问题。现在把解决步骤整理一下
1.覆盖原来的gitlab的db_key_base到新的gitlab,db_key_base的位置在/etc/gitlab/gitlab-secrets.json
2.不同版本执行命令不同
CE版本执行
sudo gitlab-rails runner "Project.where.not(import_url: nil).each { |p| p.import_data.destroy if p.import_data }"
EE版本执行
sudo gitlab-rails runner "Project.where(mirror: false).where.not(import_url: nil).each { |p| p.import_data.destroy if p.import_data }"
执行完重启gitlab:gitlab-ctl restart
3.如果执行第二步没有生效,可以尝试如下操作
覆盖老的gitlab的secrets.yaml文件到新gitlab仓库的secrets.yaml 文件,文件的位置在:
/opt/gitlab/embedded/service/gitlab-rails/config/secrets.yaml
重启gitlab后发现之前500的页面可以正常访问了