本文介绍: 接上一篇本篇重点介绍k8s集群备份gitlab数据,并在虚拟机部署相同版本gitlab然后将备份的数据进行还原恢复

接上一篇 基于helm的方式在k8s集群中部署gitlab – 部署(一)本篇重点介绍k8s集群中备份gitlab数据,并在虚拟机部署相同版本gitlab然后将备份的数据进行还原恢复

1. 备份

由于使用的是minio对象存储然后gitlabingress 使用的是nodeport方式,而默认minio配置域名配置,由于gitlab在14.9以后使用的tootlbox来进行备份的,因此需要更改toolbox引入minioconfigmap配置文件

但是每次upgrade后会覆盖cm文件,因为后面依然需要修改cm,或者使用外置minio

# 查看tootboxcm
kubectl get cm -n jihulab
# 编辑tootboxcm
kubectl edit cm -n jihulab gitlab-toolbox
 ...
 ...
    if [ ! -f "/${secret_dir}/objectstorage/.s3cfg" ]; then
    cat <<EOF > "/${secret_dir}/.s3cfg"
    [default]
    access_key = $(cat /init-secrets/minio/accesskey)
    secret_key = $(cat /init-secrets/minio/secretkey)
    bucket_location = us-east-1
    host_base = minio.bdeet.top:31501  #修改nodeport端口
    host_bucket = minio.bdeet.top:31501/%(bucket)   #修改为nodeport端口
    default_mime_type = binary/octet-stream
    enable_multipart = True
    multipart_max_chunks = 10000
    multipart_chunk_size_mb = 128
    recursive = True
    recv_chunk = 65536
    send_chunk = 65536
    server_side_encryption = False
    signature_v2 = True
    socket_timeout = 300
    use_mime_magic = False
    verbosity = WARNING
    website_endpoint = https://minio.bdeet.top:31501  #修改为nodeport端口
    EOF
...
...

然后deletetoolboxpod执行备份

# 删除pod
kubectl delete pod -n jihulab gitlab-toolbox-7b796575d8-gplhc
# 备份
kubectl exec -it gitlab-toolbox-7b796575d8-7q8mh -n jihulab -- backup-utility

在这里插入图片描述
minio上备份的gitlab数据
在这里插入图片描述

2. 恢复虚拟机上的gitlab

此处跳过安装gitlab到虚拟机上的操作默认已经安装相同版本的gitlab服务

2.1 将minio上的备份文件(gitlab-backups下载下来

2.2 将文件放在相同版本gitlab实例的backup目录下,然后执行restore命令

参考gitlab恢复

cd /var/opt/gitlab/backups
sudo gitlab-backup restore

2.3 配置gitlab实例的对象存储

编辑gitlab.rb文件

...
...
gitlab_rails['object_store']['enabled'] = true
gitlab_rails['object_store']['proxy_download'] = true
gitlab_rails['object_store']['connection'] = {
  'provider' => 'AWS',
  'region' => 'us-east-1',
  'path_style' => 'true',
  'host' => 'minio.bdeet.top:30476',
  'endpoint' => 'https://minio.bdeet.top:30476',
  'aws_access_key_id' => 'NHsiBL6v589G4h1JTn2Kj2sFAV5SxyVLslmoDSWdepqzRs6yYMic3QuKQvTPIXvW',
  'aws_secret_access_key' => 'ye3ySpmaaxCVADAhGz1MbhyBwWnGXW8iJEelVidvq1PZS1fYv6SoQjuTIvZHgHIj'
}

gitlab_rails['object_store']['objects']['artifacts']['bucket'] = 'gitlab-artifacts'
gitlab_rails['object_store']['objects']['external_diffs']['bucket'] = 'gitlab-mr-diffs'
gitlab_rails['object_store']['objects']['lfs']['bucket'] = 'gitlab-lfs'
gitlab_rails['object_store']['objects']['uploads']['bucket'] = 'gitlab-uploads'
gitlab_rails['object_store']['objects']['packages']['bucket'] = 'gitlab-packages'
gitlab_rails['object_store']['objects']['dependency_proxy']['bucket'] = 'gitlab-dependency-proxy'
gitlab_rails['object_store']['objects']['terraform_state']['bucket'] = 'gitlab-terraform-state'
gitlab_rails['object_store']['objects']['ci_secure_files']['bucket'] = 'gitlab-ci-secure-files'
gitlab_rails['object_store']['objects']['pages']['bucket'] = 'gitlab-pages'
gitlab_rails['object_store']['objects']['backups']['bucket'] = 'gitlab-backups'
gitlab_rails['object_store']['objects']['backups']['tmpBucket'] = 'tmp'
gitlab-ctl reconfigure

2.4 gitlab 界面查看测试

k8s上的项目
在这里插入图片描述
之前的文件可以看见,后面上传文件可以上传成功。
在这里插入图片描述

3. 最终形态的values文件

...
...
## 域名配置
  hosts:	
    domain: bdeet.top	
    hostSuffix:	
    externalIP:	
    ssh:	
    gitlab:	
      name: kube.bdeet.top	
      https: true	
    minio:	
      name: minio.bdeet.top	
      https: true	
    registry:	
      name: registry.bdeet.top	
      https: true
...
...
## ldap集成
	    ldap:	
      preventSignin: false	
      servers:	
        main:	
         label: 'LDAP'	
         host: '129.226.208.223'	
         port: 389	
         uid: 'uid'	
         bind_dn: 'cn=ldap,dc=wkx,dc=cn'	
         base: 'dc=wkx,dc=cn'	
         password:	
           secret: ldap-admin	
           key: password	
         encryption: 'plain'
...
...
## 配置邮箱       
	smtp:	
    enabled: true	
    address: smtp.gmail.com	
    port: 587	
    user_name: "kxw12108@gmail.com"	
    ## https://docs.gitlab.com/charts/installation/secrets#smtp-password	
    password:	
      secret: "smtp-gitlab"	
      key: password	
    # domain:	
    authentication: "login"	
    starttls_auto: true	
    openssl_verify_mode: "peer"	
    pool: false	
  ## https://docs.gitlab.com/charts/charts/globals#outgoing-email	
  ## Email persona used in email sent by GitLab	
  email:	
    from: "kxw12108@gmail.com"	
    display_name: "GitLab Administrator"	
    reply_to: "kxw12108@gmail.com"	
    subject_suffix: "GitLab"	
    smime:	
      enabled: false	
      secretName: ""	
      keyName: "tls.key"	
      certName: "tls.crt"
...
...
...
...
nginx-ingress:
  enabled: true
  ...
  ...
    service:
      externalTrafficPolicy: "Local"
      type: "NodePort" #ingresssvc修改为nodeport
    ...
    ...
...
...
  runner:
    registrationToken:
      secret: gitlab-gitlab-runner-secret  # gitlab-runner的secret
...
...
gitlab-runner:
  install: true
  gitlabUrl: https://kube.bdeet.top  #修改gitlab的域名
  rbac:
    create: true
  runners:
    privileged: true #开启特权
    locked: false
    config: |
      [[runners]]
        [runners.kubernetes]
        image = "ubuntu:18.04"
        {{- if .Values.global.minio.enabled }}
        [runners.cache]
          Type = "s3"
          Path = "gitlab-runner"
          Shared = true
          [runners.cache.s3]
            #ServerAddress = {{ include "gitlab-runner.cache-tpl.s3ServerAddress" . }}
            ServerAddress = "https://minio.bdeet.top:31501" #接入对象存储
            BucketName = "runner-cache"
            BucketLocation = "us-east-1"
            Insecure = false
...
...

原文地址:https://blog.csdn.net/weixin_44729138/article/details/134631833

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任

如若转载,请注明出处:http://www.7code.cn/show_25614.html

如若内容造成侵权/违法违规/事实不符,请联系代码007邮箱suwngjj01@126.com进行投诉反馈,一经查实,立即删除

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注