记Gitlab备份与设置自动备份

今天给Gitlab做了一个备份,并且设置了每天自动备份,记录一下。

一、导出全部项目

由于Gitlab Web页面并没有自动备份的相关设置,只有各个项目有一个“导出项目”功能。为了保证安全,先把所有项目全部使用“导出项目”功能导出一遍,并复制出来。通过笔者之前的博文《gitlab迁移记》,可以知道Gitlab导出的项目是存储在/var/opt/gitlab/gitlab-rails/uploads/-/system/import_export_upload/export_file的。

二、设置备份配置

如果是在容器中运行的Gitlab,使用podman exec -it gitlab /bin/bash命令进入容器,修改/etc/gitlab/gitlab.rb,如果是在宿主机直接安装的Gitlab,则直接修改/etc/gitlab/gitlab.rb,打开如下配置:

### Backup Settings
###! Docs: https://docs.gitlab.com/omnibus/settings/backups.html

gitlab_rails['manage_backup_path'] = true 
gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
# gitlab_rails['backup_gitaly_backup_path'] = "/opt/gitlab/embedded/bin/gitaly-backup"

###! Docs: https://docs.gitlab.com/ee/raketasks/backup_restore.html#backup-archive-permissions
gitlab_rails['backup_archive_permissions'] = 0644 

# gitlab_rails['backup_pg_schema'] = 'public'

###! The duration in seconds to keep backups before they are allowed to be deleted
gitlab_rails['backup_keep_time'] = 604800

其中gitlab_rails['backup_keep_time']是设置备份保存时间,以秒为单位,6048007天。

修改好配置后,使用gitlab-ctl reconfigure重新生成配置,再使用gitlab-ctl restart重启gitlab。

三、手动备份

按官方的说法,GitLab 12.2 及之后版本执行
gitlab-rake gitlab:backup:create;GitLab 12.1及之前版本执行gitlab-backup create。不过笔者14.5.0的Gitlab执行的gitlab-rake gitlab:backup:create,也是可以的。

通过帮助可以看出gitlab-backup create就是gitlab-rake gitlab:backup:create的包装命令。

# gitlab-backup create --help
Usage: gitlab-backup create [OPTIONS]

  Create a new backup. Wrapper for `gitlab-rake gitlab:backup:create`.

OPTIONS:

  -h, --help    Display this help message and exits,

  Additional OPTIONS are passed to the underlying command.

也可以直接在宿主机中使用命令podman exec -it gitlab gitlab-backup create或者podman exec -it gitlab gitlab-rake gitlab:backup:create直接备份,不用进入容器中执行。

备份时大概输出情况:

root@10:/# gitlab-rake gitlab:backup:create

2023-06-13 03:34:02 +0000 -- Dumping database ... 
Dumping PostgreSQL database gitlabhq_production ... [DONE]
2023-06-13 03:34:06 +0000 -- done
2023-06-13 03:34:06 +0000 -- Dumping repositories ...

2023-06-13 03:37:04 +0000 -- done
2023-06-13 03:37:04 +0000 -- Dumping uploads ... 
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping builds ... 
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping artifacts ... 
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping pages ... 
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping lfs objects ... 
2023-06-13 03:51:11 +0000 -- done
2023-06-13 03:51:11 +0000 -- Dumping container registry images ... 
2023-06-13 03:51:11 +0000 -- done
Creating backup archive: 1686628281_2023_06_13_14.5.0-ee_gitlab_backup.tar ... done
Uploading backup archive to remote storage  ... skipped
Deleting tmp directories ... done
done
done
done
done
done
done
done
done
Deleting old backups ... done. (0 removed)
Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data 
and are not included in this backup. You will need these files to restore a backup.
Please back them up manually.
Backup task is done.

注意后面的警告,需要手动备份gitlab.rbgitlab-secrets.json

备份路径即为前面配置中设定的路径,默认为/var/opt/gitlab/backups

从备份输出日志可以看到有Dumping uploads,即会备份uploads中的内容,而前面导出项目时,导出的文件就在uploads中,为避免把导出的文件也备份,可以先把导出目录/var/opt/gitlab/gitlab-rails/uploads/-/system/import_export_upload/export_file中的文件删除掉,再进行备份。

四、设置自动备份

手动备份还是比较麻烦,可以借助Linux的crontab设置为自动备份,比如可以设置每小时、每天、每月、每年、每周备份。
crontab配置可以分为系统级的配置和用户级的配置,任选一种即可。

1.系统级配置

crontab系统级配置,可以查看/etc/crontab

# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.

SHELL=/bin/sh
# You can also override PATH, but by default, newer versions inherit it from the environment
#PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed
17 *    * * *   root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6    1 * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )

这个文件分别设置了每小时、每天、每周和每月要执行的任务:

  • /etc/cron.hourly:每小时的17分执行
  • /etc/cron.daily:每天的6点25分执行
  • /etc/cron.weekly:每周周日的6点47分执行
  • /etc/cron.monthly:每月1号的6点52分执行

可以设置Gitlab每天备份,那可以在/etc/cron.daily中添加一个文件gitlab-backup,内容如下:

#!/bin/sh
podman exec -it gitlab gitlab-backup create

如果是宿主机则为:

#!/bin/sh
gitlab-backup create

然后使用chmod +x gitlab-backup命令为其添加上可执行权限。

还有一个目录/etc/cron.d,是自定义计划任务的,格式同/etc/crontab配置。

2.用户级配置

使用crontab -e设置当前用户的计划任务,默认会在/tmp下创建一个文件,笔者的为/tmp/crontab.0kND4I/crontab

# Edit this file to introduce tasks to be run by cron.
# 
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
# 
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
# 
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
# 
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
# 
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
# 
# For more information see the manual pages of crontab(5) and cron(8)
# 
# m h  dom mon dow   command

添加如下一行进行测试:

40-50 * * * * echo "测试" >> ~/a.txt

即在每个小时的40~50分钟时,添加“测试”到~/a.txt文件。

查看计划任务crontab -l

记Gitlab备份与设置自动备份_第1张图片
如果是要添加root用户的计划任务,使用sudo crontab -e -u root,查看使用sudo crontab -l -u root

回到Gitlab备份,非root用户,有sudo权限,则可以使用:

0 2 * * * sudo podman exec -it gitlab gitlab-backup create

每天凌晨2点备份。

欢迎点赞收藏,转载请注明出处!

你可能感兴趣的:(Linux,研发管理,容器,gitlab,备份,backup,导出,export)