Gitlab迁移(亲测)

1. 概述

当前gitlab部署在k8s内,根据基础设施设计此处不合理,需将gitlab迁移至主机部署的gitlab

当前位置:k8s 集群

迁移后位置:云主机部署gitlab

2. Gitlab从Kubernetes迁移到Host

Gitlab Kubernetes: GitLab-CE 14.2.3

Gitlab Host : GitLab-CE 14.2.3

2.1 备份恢复过程

旧服务备份数据

备份命令:

gitlab-rake gitlab:backup:create

生成备份文件/opt/gitlab/backups/1547087542_2022_09_02_13.12.15_gitlab_backup.tar

新服务器准备工作

 

1. 安装gitlab-ce(保证两个服务器的gitlab版本一致)

2. 修改配置文件

    ```

    vim /etc/gitlab/gitlab.rb

        external_url 'https://gitlab.xxx.work'

        ##配置https        

   nginx['enable'] = true         

   nginx['redirect_http_to_https'] = true #http重定向到https         

   nginx['ssl_certificate'] = "/opt/gitlab/ssl/zzz.zzz.crt" #ssl证书路径         

   nginx['ssl_certificate_key'] = "/opt/gitlab/ssl/zzz.zzz.key" #ssl秘钥路径

  ##配置LDAP

  gitlab_rails['ldap_enabled'] = true         

  gitlab_rails['prevent_ldap_sign_in'] = false         

  gitlab_rails['ldap_servers'] = {         

  'main' => {         

  'label' => 'LDAP',         

  'host' => 'xxx.xxx.xxx.xxx',        

   'port' => 389,         

  'uid' => 'sAMAccountName',        

   'bind_dn' => 'CN=gitlab,CN=Users,DC=xxx,DC=com',         

  'password' => 'xxxx',         

  'active_directory' => true,        

  'allow_username_or_email_login' => true,        

  'block_auto_created_users' => false,         

  'base' => 'DC=xxx,DC=com',         

  'user_filter' => ''         

  }         

  }

##配置好以上信息后执行重置命令并重启

gitlab-ctl reconfigure

gitlab-ctl restart

3. 将备份文件放到本地

    /opt/gitlab/backups/

4. 修改备份文件权限

    chmod 777 /opt/gitlab/backups/1547087542_2022_09_02_13.12.15_gitlab_backup.tar

5. 停止unicorn和sidekiq服务

    gitlab-ctl stop unicorn

    gitlab-ctl stop sidekiq

6. 恢复备份数据

    gitlab-rake gitlab:backup:restore BACKUP=1547087542_2022_09_02_13.12.15

7. 重启gitlab服务

    gitlab-ctl start

2.2恢复过程中遇到错误解决

错误 一:监听问题

Restoring PostgreSQL database gitlabhq_production ... ERROR:  must be owner of extension pg_trgm
ERROR:  must be owner of extension btree_gist
ERROR:  must be owner of extension btree_gist
ERROR:  must be owner of extension pg_trgm

解决:

vim /var/opt/gitlab/postgresql/data/postgresql.conf
listen_addresses = '*'
# 最下面新增两行
$ vim /var/opt/gitlab/postgresql/data/pg_hba.conf
local   all         all                               trust
host    all         all                               127.0.0.1/32 trust

  

错误 二:用户问题

psql  not ‘postgres’ superuser
解决:

$ su - gitlab-psql
$ /opt/gitlab/embedded/bin/psql -h 127.0.0.1 gitlabhq_production
psql (9.2.8)
Type "help" for help.
 
gitlabhq_production=# ALTER USER gitlab WITH SUPERUSER;
ALTER ROLE
gitlabhq_production=# CREATE USER postgres SUPERUSER;
gitlabhq_production=# \q

  

错误三:恢复后遇到500问题

问题描述:直接将备份恢复后,在页面上随便都会报500错误,日志提示'Object Storage is not enabled',需要按下文开启lfs功能再恢复数据

# Job Artifacts
gitlab_rails['artifacts_enabled'] = true
gitlab_rails['artifacts_path'] = "/var/opt/gitlab/gitlab-rails/shared/artifacts"
####! Job artifacts Object Store
####! Docs: https://docs.gitlab.com/ee/administration/job_artifacts.html#using-object-storage
gitlab_rails['artifacts_object_store_enabled'] = true
gitlab_rails['artifacts_object_store_direct_upload'] = true
gitlab_rails['artifacts_object_store_background_upload'] = true
gitlab_rails['artifacts_object_store_proxy_download'] = true
gitlab_rails['artifacts_object_store_remote_directory'] = "artifacts"
gitlab_rails['artifacts_object_store_connection'] = {
  'provider' => 'AWS',
  'region' => 'eu-west-1',
  'aws_access_key_id' => 'Z1Xh28dpKo0Oc9Xjjq35n0lCceGYxHmGwpibz2WQ9acLtiUTBHftVTKxcLiISSld',
  'aws_secret_access_key' => 'ebRmMNRHh9R9ve869SkspkC3xMOyPBmo0FGhud4JqBZu7zjuiMCu36xn7aEVNEeT',
  # # The below options configure an S3 compatible host instead of AWS
    'aws_signature_version' => 4, # For creation of signed URLs. Set to 2 if provider does not support v4.
    'endpoint' => 'http://minio地址:9000', # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
    'host' => 'localhost',
    'path_style' => true # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
}

### Git LFS
gitlab_rails['lfs_enabled'] = true
gitlab_rails['lfs_storage_path'] = "/var/opt/gitlab/gitlab-rails/shared/lfs-objects"
gitlab_rails['lfs_object_store_enabled'] = true
gitlab_rails['lfs_object_store_direct_upload'] = true
gitlab_rails['lfs_object_store_background_upload'] = true
gitlab_rails['lfs_object_store_proxy_download'] = true
gitlab_rails['lfs_object_store_remote_directory'] = "lfs-objects"
gitlab_rails['lfs_object_store_connection'] = {
  'provider' => 'AWS',
  'region' => 'eu-west-1',
  'aws_access_key_id' => 'Z1Xh28dpKo0Oc9Xjjq35n0lCceGYxHmGwpibz2WQ9acLtiUTBHftVTKxcLiISSld',
  'aws_secret_access_key' => 'ebRmMNRHh9R9ve869SkspkC3xMOyPBmo0FGhud4JqBZu7zjuiMCu36xn7aEVNEeT#',
  # # The below options configure an S3 compatible host instead of AWS
   'aws_signature_version' => 4, # For creation of signed URLs. Set to 2 if provider does not support v4.
  # 'endpoint' => 'https://s3.amazonaws.com', # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
    'host' => 'localhost',
    'endpoint' => 'http://minio地址:9000',
    'path_style' => true
#   # 'path_style' => false # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
}

### GitLab uploads
###! Docs: https://docs.gitlab.com/ee/administration/uploads.html
gitlab_rails['uploads_storage_path'] = "/var/opt/gitlab/gitlab-rails/public"
gitlab_rails['uploads_base_dir'] = "uploads/-/system"
gitlab_rails['uploads_object_store_enabled'] = true
gitlab_rails['uploads_object_store_direct_upload'] = true
gitlab_rails['uploads_object_store_background_upload'] = true
gitlab_rails['uploads_object_store_proxy_download'] = true
gitlab_rails['uploads_object_store_remote_directory'] = "uploads"
gitlab_rails['uploads_object_store_connection'] = {
   'provider' => 'AWS',
   'region' => 'eu-west-1',
   'aws_access_key_id' => 'Z1Xh28dpKo0Oc9Xjjq35n0lCceGYxHmGwpibz2WQ9acLtiUTBHftVTKxcLiISSld',
   'aws_secret_access_key' => 'ebRmMNRHh9R9ve869SkspkC3xMOyPBmo0FGhud4JqBZu7zjuiMCu36xn7aEVNEeT',
#   # # The below options configure an S3 compatible host instead of AWS
    'host' => 'localhost',
    'aws_signature_version' => 4, # For creation of signed URLs. Set to 2 if provider does not support v4.
    'endpoint' => 'http://minio地址:9000', # default: nil - Useful for S3 compliant services such as DigitalOcean Spaces
    'path_style' => true # Use 'host/bucket_name/object' instead of 'bucket_name.host/object'
}
View Code

 

错误四:其他密钥问题

问题描述

gitlab代码仓库迁移数据后,在测试的时候发现有的功能按键点击出现500的错误,经过查资料解决了问题。现在把解决步骤整理一下

1.覆盖原来的gitlab的db_key_base到新的gitlab,db_key_base的位置在/etc/gitlab/gitlab-secrets.json

2.不同版本执行命令不同

CE版本执行

sudo gitlab-rails runner "Project.where.not(import_url: nil).each { |p| p.import_data.destroy if p.import_data }"

EE版本执行

sudo gitlab-rails runner "Project.where(mirror: false).where.not(import_url: nil).each { |p| p.import_data.destroy if p.import_data }"

执行完重启gitlab:gitlab-ctl restart

3.如果执行第二步没有生效,可以尝试如下操作

覆盖老的gitlab的secrets.yaml文件到新gitlab仓库的secrets.yaml 文件,文件的位置在:

/opt/gitlab/embedded/service/gitlab-rails/config/secrets.yaml

重启gitlab后发现之前500的页面可以正常访问了

 

posted @ 2023-02-22 10:19  木易-故事里的人  阅读(1042)  评论(0编辑  收藏  举报