Docker环境GitLab服务器迁移实战
概述
本文记录的是基于Docker部署的GitLab实例,从一台Linux服务器迁移到另一台服务器的全过程。迁移过程中涉及数据目录同步、容器启动配置以及权限修复等关键步骤。
操作步骤
1. 停止原服务器上的GitLab容器
在源服务器上执行停止命令,确保容器正常关闭后再进行后续操作:
root@source-host:~# docker stop gitlab.corp内部.cn
gitlab.corp内部.cn
2. 同步数据目录到目标服务器
使用rsync命令将GitLab容器所使用的数据存储目录整体传输到新服务器。在局域网环境下,传输速度通常可以达到很高水平:
root@source-host:/mnt/storage01/gitlab# rsync -avz gitlab.corp内部.cn user@192.168.5.88:/mnt/storage01
The authenticity of host '192.168.5.88 (192.168.5.88)' can't be established.
ECDSA key fingerprint is SHA256:AbCdEfGhIjKlMnOpQrStUvWxYz0123456789ABCDEFGHIJ.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.5.88' (ECDSA) to the list of known hosts.
user@192.168.5.88's password:
sending incremental file list
gitlab.corp内部.cn/
gitlab.corp内部.cn/docker-compose.yml
gitlab.corp内部.cn/config/
gitlab.corp内部.cn/config/gitlab-secrets.json
gitlab.corp内部.cn/config/gitlab.rb
gitlab.corp内部.cn/logs/
gitlab.corp内部.cn/logs/sshd/current
gitlab.corp内部.cn/logs/sshd/lock
gitlab.corp内部.cn/data/
sent 1,023,458,912 bytes received 201,547 bytes 13,204,587.39 bytes/sec
total size is 5,312,847,118 speedup is 5.19
root@source-host:/mnt/storage01/gitlab#
3. 验证docker-compose.yml配置文件
在目标服务器上检查docker-compose.yml文件内容,确保路径配置正确:
root@target-host:/mnt/storage01/gitlab.corp内部.cn# vi docker-compose.yml
配置文件内容如下:
version: '3.6'
services:
web:
image: 'registry.gitlab.cn/omnibus/gitlab-jh:16.7.6'
restart: always
container_name: gitlab.corp内部.cn
hostname: 'gitlab.corp内部.cn'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://gitlab.corp内部.cn'
gitlab_rails['gitlab_shell_ssh_port'] = 2224
ports:
- '60002:443'
- '8929:80'
- '2224:22'
dns:
- 192.168.5.254
volumes:
- '/mnt/storage01/gitlab.corp内部.cn/config:/etc/gitlab'
- '/mnt/storage01/gitlab.corp内部.cn/logs:/var/log/gitlab'
- '/mnt/storage01/gitlab.corp内部.cn/data:/var/opt/gitlab'
- '/home/certd/gitlab.corp内部.cn:/etc/gitlab/ssl'
shm_size: '256m'
4. 启动GitLab容器
使用docker-compose命令启动容器:
root@target-host:/mnt/storage01/gitlab.corp内部.cn# docker-compose up -d
Creating network "gitlabcorp_default" with the default driver
Pulling web (registry.gitlab.cn/omnibus/gitlab-jh:16.7.6)...
16.7.6: Pulling from omnibus/gitlab-jh
d66d6a6a3687: Pull complete
69b4e98ec663: Pull complete
33d64feb3e33: Pull complete
92f2674f9018: Pull complete
ef32215ff226: Pull complete
e6ccdd486b58: Pull complete
4475ff4ff63c: Pull complete
7940e6d9c9c9: Pull complete
Digest: sha256:cc8f7b21c95d6b3a4f5e8a9c1d7e3f2b4a6c8d0e2f4a6b8c0d2e4f6a8b0c2d4e
Status: Downloaded newer image for registry.gitlab.cn/omnibus/gitlab-jh:16.7.6
Creating gitlab.corp内部.cn ... done
查看容器运行状态:
root@target-host:/mnt/storage01/gitlab.corp内部.cn# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a1923b7c8e55 registry.gitlab.cn/omnibus/gitlab-jh:16.7.6 "/assets/wrapper" About a minute ago Up About a minute (health: starting) 0.0.0.0:2224->22/tcp, :::2224->22/tcp, 0.0.0.0:8929->80/tcp, :::8929->80/tcp, 0.0.0.0:60002->443/tcp, :::60002->443/tcp gitlab.corp内部.cn
5. 处理权限问题
多次检查容器状态,发现容器状态显示为unhealthy:
root@target-host:/mnt/storage01/gitlab.corp内部.cn# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a1923b7c8e55 registry.gitlab.cn/omnibus/gitlab-jh:16.7.6 "/assets/wrapper" 8 minutes ago Up 6 minutes (unhealthy) 0.0.0.0:2224->22/tcp, :::2224->22/tcp, 0.0.0.0:8929->80/tcp, :::8929->80/tcp, 0.0.0.0:60002->443/tcp, :::60002:443/tcp gitlab.corp内部.cn
通过docker logs查看日志,发现关键错误信息:
……很长的日志……
2024-03-19_03:43:09.98701 22197:M 19 Mar 2024 03:43:09.986 # Fatal error loading the DB: Permission denied. Exiting.
……后边还有……
这是由于数据传输过程中文件权限丢失导致的。执行以下命令修复权限:
root@target-host:/mnt/storage01/gitlab.corp内部.cn# docker exec -it gitlab.corp内部.cn update-permissions
该命令执行完成后,重新启动容器:
root@target-host:/mnt/storage01/gitlab.corp内部.cn# docker-compose restart
Restarting gitlab.corp内部.cn ... done
root@target-host:/mnt/storage01/gitlab.corp内部.cn# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a1923b7c8e55 registry.gitlab.cn/omnibus/gitlab-jh:16.7.6 "/assets/wrapper" 10 minutes ago Up About a minute (healthy) 0.0.0.0:2224->22/tcp, :::2224->22/tcp, 0.0.0.0:8929->80/tcp, :::8929->80/tcp, 0.0.0.0:60002->443/tcp, :::60002->443/tcp gitlab.corp内部.cn
容器状态显示为healthy后,即可通过浏览器正常访问GitLab。
6. 配置重新加载
当修改了gitlab.rb配置文件或在Web管理界面更改某些设置后,配置不会立即生效。此时如果直接重启容器,可能会中断用户正在进行的操作。可以通过以下命令在容器内部执行配置重新加载:
gitlab-ctl reconfigure
该命令会重新应用所有配置项,使更改立即生效。
