当前位置: 首页 > article >正文

基于helm的方式在k8s集群中部署gitlab - 备份恢复(二)

接上一篇 基于helm的方式在k8s集群中部署gitlab - 部署(一),本篇重点介绍在k8s集群中备份gitlab的数据,并在虚拟机上部署相同版本的gitlab,然后将备份的数据进行还原恢复

文章目录

    • 1. 备份
    • 2. 恢复到虚拟机上的gitlab
      • 2.1 将minio上的备份文件(gitlab-backups)下载下来
      • 2.2 将文件放在相同版本gitlab实例的backup目录下,然后执行restore命令
      • 2.3 配置gitlab实例的对象存储
      • 2.4 gitlab 界面查看并测试
    • 3. 最终形态的values文件

1. 备份

由于使用的是minio对象存储,然后gitlab的ingress 使用的是nodeport的方式,而默认的minio的配置是域名配置,由于gitlab在14.9以后使用的tootlbox来进行备份的,因此需要更改toolbox引入minio的configmap配置文件。

但是每次upgrade后会覆盖cm文件,因为后面依然需要修改cm,或者使用外置minio。

# 查看tootbox的cm
kubectl get cm -n jihulab
# 编辑tootbox的cm
kubectl edit cm -n jihulab gitlab-toolbox
 ...
 ...
    if [ ! -f "/${secret_dir}/objectstorage/.s3cfg" ]; then
    cat <<EOF > "/${secret_dir}/.s3cfg"
    [default]
    access_key = $(cat /init-secrets/minio/accesskey)
    secret_key = $(cat /init-secrets/minio/secretkey)
    bucket_location = us-east-1
    host_base = minio.bdeet.top:31501  #修改为nodeport的端口
    host_bucket = minio.bdeet.top:31501/%(bucket)   #修改为nodeport的端口
    default_mime_type = binary/octet-stream
    enable_multipart = True
    multipart_max_chunks = 10000
    multipart_chunk_size_mb = 128
    recursive = True
    recv_chunk = 65536
    send_chunk = 65536
    server_side_encryption = False
    signature_v2 = True
    socket_timeout = 300
    use_mime_magic = False
    verbosity = WARNING
    website_endpoint = https://minio.bdeet.top:31501  #修改为nodeport的端口
    EOF
...
...

然后delete掉toolbox的pod,执行备份

# 删除pod
kubectl delete pod -n jihulab gitlab-toolbox-7b796575d8-gplhc
# 备份
kubectl exec -it gitlab-toolbox-7b796575d8-7q8mh -n jihulab -- backup-utility

在这里插入图片描述
minio上备份的gitlab数据
在这里插入图片描述

2. 恢复到虚拟机上的gitlab

此处跳过安装gitlab到虚拟机上的操作,默认已经安装相同版本的gitlab服务

2.1 将minio上的备份文件(gitlab-backups)下载下来

2.2 将文件放在相同版本gitlab实例的backup目录下,然后执行restore命令

参考gitlab恢复

cd /var/opt/gitlab/backups
sudo gitlab-backup restore

2.3 配置gitlab实例的对象存储

编辑gitlab.rb文件

...
...
gitlab_rails['object_store']['enabled'] = true
gitlab_rails['object_store']['proxy_download'] = true
gitlab_rails['object_store']['connection'] = {
  'provider' => 'AWS',
  'region' => 'us-east-1',
  'path_style' => 'true',
  'host' => 'minio.bdeet.top:30476',
  'endpoint' => 'https://minio.bdeet.top:30476',
  'aws_access_key_id' => 'NHsiBL6v589G4h1JTn2Kj2sFAV5SxyVLslmoDSWdepqzRs6yYMic3QuKQvTPIXvW',
  'aws_secret_access_key' => 'ye3ySpmaaxCVADAhGz1MbhyBwWnGXW8iJEelVidvq1PZS1fYv6SoQjuTIvZHgHIj'
}

gitlab_rails['object_store']['objects']['artifacts']['bucket'] = 'gitlab-artifacts'
gitlab_rails['object_store']['objects']['external_diffs']['bucket'] = 'gitlab-mr-diffs'
gitlab_rails['object_store']['objects']['lfs']['bucket'] = 'gitlab-lfs'
gitlab_rails['object_store']['objects']['uploads']['bucket'] = 'gitlab-uploads'
gitlab_rails['object_store']['objects']['packages']['bucket'] = 'gitlab-packages'
gitlab_rails['object_store']['objects']['dependency_proxy']['bucket'] = 'gitlab-dependency-proxy'
gitlab_rails['object_store']['objects']['terraform_state']['bucket'] = 'gitlab-terraform-state'
gitlab_rails['object_store']['objects']['ci_secure_files']['bucket'] = 'gitlab-ci-secure-files'
gitlab_rails['object_store']['objects']['pages']['bucket'] = 'gitlab-pages'
gitlab_rails['object_store']['objects']['backups']['bucket'] = 'gitlab-backups'
gitlab_rails['object_store']['objects']['backups']['tmpBucket'] = 'tmp'
gitlab-ctl reconfigure

2.4 gitlab 界面查看并测试

k8s上的项目
在这里插入图片描述
之前的文件可以看见,后面上传的文件也可以上传成功。
在这里插入图片描述

3. 最终形态的values文件

...
...
## 域名配置
  hosts:	
    domain: bdeet.top	
    hostSuffix:	
    externalIP:	
    ssh:	
    gitlab:	
      name: kube.bdeet.top	
      https: true	
    minio:	
      name: minio.bdeet.top	
      https: true	
    registry:	
      name: registry.bdeet.top	
      https: true
...
...
## ldap集成
	    ldap:	
      preventSignin: false	
      servers:	
        main:	
         label: 'LDAP'	
         host: '129.226.208.223'	
         port: 389	
         uid: 'uid'	
         bind_dn: 'cn=ldap,dc=wkx,dc=cn'	
         base: 'dc=wkx,dc=cn'	
         password:	
           secret: ldap-admin	
           key: password	
         encryption: 'plain'
...
...
## 配置邮箱       
	smtp:	
    enabled: true	
    address: smtp.gmail.com	
    port: 587	
    user_name: "kxw12108@gmail.com"	
    ## https://docs.gitlab.com/charts/installation/secrets#smtp-password	
    password:	
      secret: "smtp-gitlab"	
      key: password	
    # domain:	
    authentication: "login"	
    starttls_auto: true	
    openssl_verify_mode: "peer"	
    pool: false	
  ## https://docs.gitlab.com/charts/charts/globals#outgoing-email	
  ## Email persona used in email sent by GitLab	
  email:	
    from: "kxw12108@gmail.com"	
    display_name: "GitLab Administrator"	
    reply_to: "kxw12108@gmail.com"	
    subject_suffix: "GitLab"	
    smime:	
      enabled: false	
      secretName: ""	
      keyName: "tls.key"	
      certName: "tls.crt"
...
...
...
...
nginx-ingress:
  enabled: true
  ...
  ...
    service:
      externalTrafficPolicy: "Local"
      type: "NodePort" #ingress的svc修改为nodeport
    ...
    ...
...
...
  runner:
    registrationToken:
      secret: gitlab-gitlab-runner-secret  # gitlab-runner的secret
...
...
gitlab-runner:
  install: true
  gitlabUrl: https://kube.bdeet.top  #修改gitlab的域名
  rbac:
    create: true
  runners:
    privileged: true #开启特权
    locked: false
    config: |
      [[runners]]
        [runners.kubernetes]
        image = "ubuntu:18.04"
        {{- if .Values.global.minio.enabled }}
        [runners.cache]
          Type = "s3"
          Path = "gitlab-runner"
          Shared = true
          [runners.cache.s3]
            #ServerAddress = {{ include "gitlab-runner.cache-tpl.s3ServerAddress" . }}
            ServerAddress = "https://minio.bdeet.top:31501" #接入对象存储
            BucketName = "runner-cache"
            BucketLocation = "us-east-1"
            Insecure = false
...
...

http://www.kler.cn/a/154203.html

相关文章:

  • VMware 中 虚拟机【Linux系统】固定 ip 访问
  • 前端基础(四十一):实时获取麦克风音量
  • Linux dpkg命令详解
  • reactflow 中 selectionMode 组件作用
  • Solana 区块链的技术解析及未来展望 #dapp开发#公链搭建
  • HOW - PPT 制作系列(一)
  • 【Java Spring】SpringBoot 配置文件
  • 速通MySql
  • 熬夜会秃头——beta冲刺Day4
  • MySQL备份与恢复(重点)
  • Golang笔记|Atomic
  • 【一周安全资讯1202】信安标委发布《网络安全标准实践指南—网络安全产品互联互通 告警信息格式》;网络安全纳入注册会计师考试科目
  • Android 手机屏幕适配方式和原理
  • (一)Tiki-taka算法(TTA)求解无人机三维路径规划研究(MATLAB)
  • 【UGUI】Unity为下拉菜单添加选项(DropDown)
  • SQL Server对象类型(7)——4.7.触发器(Trigger)
  • 自定义类型-结构体,联合体和枚举-C语言
  • matlab 无迹卡尔曼滤波
  • 力扣129. 求根节点到叶节点数字之和
  • Git自动化利器:使用Node.js脚本定制化提交消息处理
  • 电大搜题微信公众号详解,助力学习者轻松考试
  • web:very_easy_sql(sql、ssrf、gopher协议sql注入)
  • zookeeper集群+kaafka集群
  • 二叉树遍历及应用
  • 大厂面试整理
  • Linux操作系统 2.Linux基础命令