GitLab备份及恢复
gitlab相关信息
gitlab服务器地址: 192.168.1.100
gitlab版本: 10.1.0-ee
安装方式: Omnibus GitLab
主要备份文件
- 配置文件: /etc/gitlab/gitlab.rb
- 认证文件(很重要):/etc/gitlab/gitlab-secrets.json
- 打包好的备份数据文件位于:/var/opt/gitlab/backups/, 文件名:(如:1611370331_2021_01_23_10.1.0-ee_gitlab_backup.tar)
备份
创建备份文件,默认备份文件保存目录:/var/opt/gitlab/backups,可从配置文件中查看
gitlab-rake gitlab:backup:create12.2或更高版本
sudo gitlab-backup create恢复
下载gitlab-ee:10.1.0版本镜像
docker pull gitlab/gitlab-ee:10.1.0-ee.0修改sshd的默认端口
将22端口修改为222端口或其它端口
目的:将22端口留给gitlab使用,因为docker启动需要映射端口,非22端口,git地址格式有变化
sudo vim /etc/ssh/sshd_config
# What ports, IPs and protocols we listen for
Port 222使用docker启动gitalb
sudo docker run --detach \
--hostname gitlab \
--publish 443:443 --publish 80:80 --publish 22:22 \
--name gitlab \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab \
--volume /srv/gitlab/logs:/var/log/gitlab \
--volume /srv/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ee:10.1.0-ee.0| 本地位置 | docker内部地址 | 用途 |
|---|---|---|
/srv/gitlab/data | /var/opt/gitlab | 用于存储应用程序数据。 |
/srv/gitlab/logs | /var/log/gitlab | 用于存储日志。 |
/srv/gitlab/config | /etc/gitlab | 用于存储GitLab配置文件。 |
初始化可能需要很长时间,查看日志,跟踪过程:
sudo docker logs -f gitlabgitlab容器启动成功后恢复数据
1.将备份文件gitlab.rb和gitlab-secrets.json导入到/srv/gitlab/config/目录
2.将备份的数据文件(如:1611370331_2021_01_23_10.1.0-ee_gitlab_backup.tar)导入到/srv/gitlab/data/backups/目录下,并修改所属用户和所属组为(998.998),对应容器里面的git用户.
# 移动备份的数据文件,以及修改所属用户和组
sudo mv /tmp/1611370331_2021_01_23_10.1.0-ee_gitlab_backup.tar /srv/gitlab/data/backups/
sudo su -
cd /srv/gitlab/data/backups/
chown 998.998 1611370331_2021_01_23_10.1.0-ee_gitlab_backup.tar
# 将备份的配置文件和认证文件copy到/srv/gitlab/config/
cp /tmp/gitlab.rb /tmp/gitlab-secrets.json /srv/gitlab/config/3.恢复gitlab数据
# Stop the processes that are connected to the database
docker exec -it gitlab gitlab-ctl stop unicorn
docker exec -it gitlab gitlab-ctl stop puma
docker exec -it gitlab gitlab-ctl stop sidekiq
# Verify that the processes are all down before continuing
docker exec -it gitlab gitlab-ctl status
# 运行还原,当备份目录下只有一个备份文件,可以不用BACKUP=<timestamp>指定备份文件
# force=yes: 不询问是否生成authorized_keys文件,并且对于删除数据表,启用"写入authorized_keys文件"设置以及更新LDAP提供程序的警告,假设为 "yes"
docker exec -it gitlab gitlab-rake gitlab:backup:restore force=yes BACKUP=1611370331_2021_01_23_10.1.0-ee
docker restart gitlab
# Check GitLab
docker exec -it gitlab gitlab-rake gitlab:check SANITIZE=true4.恢复完成即可使用各自账号正常访问
5.若需要修改配置,编辑配置文件:/srv/gitlab/config/gitlab.rb,保存,然后重启gitlab容器即可
如external_url 'http://gitlab.example.com'或者端口# gitlab_rails['gitlab_shell_ssh_port'] = 22
定时备份任务
将192.168.1.100(xxx-001)上的三个文件备份到了192.168.1.200(xxx-001)的/data/gitlab-backup目录,保留两天的数据文件
备份脚本
/root/script/gitlab-backup.sh
#!/bin/bash
cp /etc/gitlab/gitlab.rb /var/opt/gitlab/backups
cp /etc/gitlab/gitlab-secrets.json /var/opt/gitlab/backups
# config file, secrets file
scp /etc/gitlab/gitlab.rb swift@192.168.1.200:/data/gitlab-backup
scp /etc/gitlab/gitlab-secrets.json swift@192.168.1.200:/data/gitlab-backup
#create gitlab data backup
gitlab-rake gitlab:backup:create
backfile=$(find /var/opt/gitlab/backups/ -name "*_10.1.0-ee_gitlab_backup.tar" -type f -mtime -1 |grep $(date +%d) |tail -n 1)
scp ${backfile} swift@192.168.1.200:/data/gitlab-backup
find /var/opt/gitlab/backups/ -name "*_10.1.0-ee_gitlab_backup.tar" -type f -mtime +1 -exec rm -rf {} \;
定时任务
00 4 * * * /bin/bash /root/script/gitlab-backup.sh >/root/script/gitlab-backup.log 2>&1gitlab升级后,脚本调整
/root/script/gitlab-backup.sh
#!/bin/bash
# config file, secrets file
echo "scp /var/opt/gitlab-16/config/gitlab.rb && /var/opt/gitlab-16/config/gitlab-secrets.json >>> swift@192.168.1.200:/data/gitlab-backup/gitlab-config/"
scp /var/opt/gitlab-16/config/gitlab.rb swift@192.168.1.200:/data/gitlab-backup/gitlab-config/$(date +%Y_%m_%d)_gitlab.rb
scp /var/opt/gitlab-16/config/gitlab-secrets.json swift@192.168.1.200:/data/gitlab-backup/gitlab-config/$(date +%Y_%m_%d)_gitlab-secrets.json
#create gitlab data backup
echo "$(date +%Y/%m/%d_%H:%M:%S) create gitlab data backup"
docker exec -i gitlab-ee gitlab-rake gitlab:backup:create
echo "Find today's backup files"
#backfile=$(find /var/opt/gitlab-16/data/backups/ -name "*_16.6.0-ee_gitlab_backup.tar" -type f -mtime -1 |grep $(date +%d) |tail -n 1)
backfile=$(find /var/opt/gitlab-16/data/backups/ -name "*_16.6.0-ee_gitlab_backup.tar" -type f -mtime -1 |tail -n 1)
echo "scp backup files >>> swift@192.168.1.200:/data/gitlab-backup"
scp ${backfile} swift@192.168.1.200:/data/gitlab-backup
echo "Delete data one day ago"
find /var/opt/gitlab-16/data/backups/ -name "*_16.6.0-ee_gitlab_backup.tar" -type f -mtime +1 -exec rm -rf {} \;目标机器(192.168.1.200)文件保留定时任务
# gitlab backup find
00 5 * * * find /data/gitlab-backup -name "*_16.6.0-ee_gitlab_backup.tar" -type f -mtime +1 -exec rm -rf {} \;
00 5 * * * find /data/gitlab-backup/gitlab-config -name "*gitlab*" -type f -mtime +7 -exec rm -rf {} \;查看备份文件
swift@xxx-001:~$ ls /data/gitlab-backup/gitlab-config
2024_07_26_gitlab.rb 2024_07_28_gitlab.rb 2024_07_30_gitlab.rb 2024_08_01_gitlab.rb
2024_07_26_gitlab-secrets.json 2024_07_28_gitlab-secrets.json 2024_07_30_gitlab-secrets.json 2024_08_01_gitlab-secrets.json
2024_07_27_gitlab.rb 2024_07_29_gitlab.rb 2024_07_31_gitlab.rb 2024_08_02_gitlab.rb
2024_07_27_gitlab-secrets.json 2024_07_29_gitlab-secrets.json 2024_07_31_gitlab-secrets.json 2024_08_02_gitlab-secrets.json
swift@xxx-001:~$ ls /data/gitlab-backup
1722456044_2024_07_31_16.6.0-ee_gitlab_backup.tar 1722542446_2024_08_01_16.6.0-ee_gitlab_backup.tar gitlab-config gitlab.rb gitlab-secrets.json更多内容,请查看官方文档
docker安装gitlab文档: https://docs.gitlab.com/omnibus/docker/
备份及恢复文档: https://docs.gitlab.com/ee/raketasks/backup_restore.html