Gitlab從源碼安裝版本遷移到docker版本

Gitlab源碼版本介紹

  1. 版本:gitlab-ce:11.11.3-ce.0
  2. 有LDAP登錄功能
  3. 創建的有runner

遷移前準備工作

  1. 備份舊gitlab數據
  2. 備份configure文件
源碼安裝的gitlab配置文件 docker容器的gitlab配置文件 說明
gitlab.yml gitlab.rb gitlab基本配置包括LDAP等
secrets.yml gitlab-secrets.json 包含祕鑰,防止登錄runner報500錯誤
  1. 獲取和源碼相同版本的docker鏡像

    sudo docker pull gitlab/gitlab-ce:11.11.3-ce.0
    

使用Docker安裝Gitlab

sudo docker run --detach \
  --hostname 172.20.xxx.xxx \
  --publish 443:443 \
  --publish 8090:80 \
  --publish 2222:22 \
  --name gitlab \
  --restart always \
  --privileged=true \
  --volume /srv/gitlab/config:/etc/gitlab \
  --volume /srv/gitlab/logs:/var/log/gitlab \
  --volume /srv/gitlab/data:/var/opt/gitlab \
  gitlab/gitlab-ce:11.11.3-ce.0

備註:如果出現端口被佔用,修改端口,刪除重新創建容器

遷移數據

  1. 遷移備份文件
    將備份的gitlab數據文件複製到掛載的 /srv/gitlab/data/backups目錄中(如:1587580178_2020_04_23_11.11.3_gitlab_backup.tar),最好將文件權限設置爲777.

    進入gitlab容器進行數據恢復
    先關閉相關數據服務

    gitlab-ctl stop unicorn
    gitlab-ctl stop sidekiq
    

    進行數據數據恢復

    gitlab-rake gitlab:backup:restore BACKUP=1587580178_2020_04_23_11.11.3 --trace
    
  2. 遷移配置文件
    參照歷史配置文件修改掛載目錄/srv/gitlab/config中的gitlab.rb和gitlab-secrets.json
    重新加載配置文件

    gitlab-ctl reconfigure
    

可能遇到的問題

  1. 使用LDAP登錄失敗,提示id衝突
    原因:備份文件的包含有users數據,恢復時已經插入數據庫,但數據庫默認自增id還是從1開始,進行LDAP登錄時插入數據的id會重複。
    解決方法:將數據庫的所有表的自增seq進行更新,更新爲當前表總數據條數+1

    ALTER TABLE public.tags OWNER TO gitlab;
    CREATE SEQUENCE IF NOT EXISTS public.tags_id_seq
        START WITH 1
        INCREMENT BY 1
        NO MINVALUE
        NO MAXVALUE
        CACHE 1;
    ALTER TABLE public.tags_id_seq OWNER TO gitlab;
    ALTER SEQUENCE public.tags_id_seq OWNED BY public.tags.id;
    SELECT pg_catalog.setval('public.tags_id_seq', COALESCE((SELECT MAX(id)+1 FROM public.tags), 1), false);
    

    附加自動生成sql語句的Python代碼

    tables = ["table1", "table2"]
    sqlfile = open('sqlfile.sql', 'w')
    for item in tables:
        print("ALTER TABLE public."+item+" OWNER TO gitlab;",file=sqlfile)
        print("CREATE SEQUENCE IF NOT EXISTS public."+item+"_id_seq"+"\n"+
         "    START WITH 1"+"\n"+
         "    INCREMENT BY 1"+"\n"+
         "    NO MINVALUE"+"\n"+
         "    NO MAXVALUE"+"\n"+
         "    CACHE 1;",file=sqlfile)
        print("ALTER TABLE public."+item+"_id_seq OWNER TO gitlab;",file=sqlfile)
        print("ALTER SEQUENCE public."+item+"_id_seq OWNED BY public."+item+".id;",file=sqlfile)
        print("SELECT pg_catalog.setval('public."+item+"_id_seq', COALESCE((SELECT MAX(id)+1 FROM public."+item+"), 1), false);"+"\n",file=sqlfile)
        print("ALTER TABLE ONLY public."+item+" ALTER COLUMN id SET DEFAULT nextval('public."+item+"_id_seq'::regclass);",file=sqlfile)
    sqlfile.close()
    print(len(tables))
    

    備註:tables就自己在數據庫中查吧。
    docker容器進入postgresql

    gitlab-rails dbconsole
    
  2. Gitlab runner界面報500錯誤
    原因:恢復文件中有runner數據,但是沒有恢復gitlab secret配置,導致無法解密runner中的token。
    解決辦法:恢復和以前一樣的secret,或者重置token。

    -- Clear project tokens
    UPDATE projects SET runners_token = null, runners_token_encrypted = null;
    -- Clear group tokens
    UPDATE namespaces SET runners_token = null, runners_token_encrypted = null;
    -- Clear instance tokens
    UPDATE application_settings SET runners_registration_token_encrypted = null;
    -- Clear runner tokens
    UPDATE ci_runners SET token = null, token_encrypted = null;
    
  3. 恢復數據時報數據庫表無權限
    源碼安裝的gitlab備份文件部分:

    ALTER SCHEMA public OWNER TO postgres;
    
    --
    -- Name: SCHEMA public; Type: COMMENT; Schema: -; Owner: postgres
    --	
    
    
    --
    -- Name: abuse_reports; Type: TABLE; Schema: public; Owner: git
    --
    
    CREATE TABLE public.abuse_reports (
        id integer NOT NULL,
        reporter_id integer,
        user_id integer,
        message text,
        created_at timestamp without time zone,
        updated_at timestamp without time zone,
        message_html text,
        cached_markdown_version integer
    );
    
    
    ALTER TABLE public.abuse_reports OWNER TO git;
    
    --
    -- Name: abuse_reports_id_seq; Type: SEQUENCE; Schema: public; Owner: git
    --
    
    CREATE SEQUENCE public.abuse_reports_id_seq
        AS integer
        START WITH 1
        INCREMENT BY 1
        NO MINVALUE
        NO MAXVALUE
        CACHE 1;
    
    
    ALTER TABLE public.abuse_reports_id_seq OWNER TO git;
    
    --
    -- Name: abuse_reports_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: git
    --
    
    ALTER SEQUENCE public.abuse_reports_id_seq OWNED BY public.abuse_reports.id;
    
    

    docker中gitlab備份文件部分:

    ALTER SCHEMA public OWNER TO "gitlab-psql";
    
    --
    -- Name: SCHEMA public; Type: COMMENT; Schema: -; Owner: gitlab-psql
    --
    
    
    --
    -- Name: abuse_reports; Type: TABLE; Schema: public; Owner: gitlab
    --
    
    CREATE TABLE public.abuse_reports (
        id integer NOT NULL,
        reporter_id integer,
        user_id integer,
        message text,
        created_at timestamp without time zone,
        updated_at timestamp without time zone,
        message_html text,
        cached_markdown_version integer
    );
    
    
    ALTER TABLE public.abuse_reports OWNER TO gitlab;
    
    --
    -- Name: abuse_reports_id_seq; Type: SEQUENCE; Schema: public; Owner: gitlab
    --
    
    CREATE SEQUENCE public.abuse_reports_id_seq
        START WITH 1
        INCREMENT BY 1
        NO MINVALUE
        NO MAXVALUE
        CACHE 1;
    
    
    ALTER TABLE public.abuse_reports_id_seq OWNER TO gitlab;
    
    --
    -- Name: abuse_reports_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: gitlab
    --
    
    ALTER SEQUENCE public.abuse_reports_id_seq OWNED BY public.abuse_reports.id;
    
    

    對比兩者的備份文件,發現:

    1. 源碼安裝的gitlab,public schema的Owner是postgres。docker中gitlab的Owner是gitlab-psql。所以遷移數據後需要執行

      ALTER SCHEMA public OWNER TO "gitlab-psql";
      
    2. 源碼安裝的gitlab,tables的Owner是git。docker中gitlab的Owner是gitlab。所以遷移數據後需要執行上面問題1提到的LDAP登錄問題的解決方法提到的語句

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章