今天给Gitlab做了一个备份,并且设置了每天自动备份,记录一下。
由于Gitlab Web页面并没有自动备份的相关设置,只有各个项目有一个“导出项目”功能。为了保证安全,先把所有项目全部使用“导出项目”功能导出一遍,并复制出来。通过笔者之前的博文《gitlab迁移记》,可以知道Gitlab导出的项目是存储在/var/opt/gitlab/gitlab-rails/uploads/-/system/import_export_upload/export_file
的。
如果是在容器中运行的Gitlab,使用podman exec -it gitlab /bin/bash
命令进入容器,修改/etc/gitlab/gitlab.rb
,如果是在宿主机直接安装的Gitlab,则直接修改/etc/gitlab/gitlab.rb
,打开如下配置:
### Backup Settings
###! Docs: https://docs.gitlab.com/omnibus/settings/backups.html
gitlab_rails['manage_backup_path'] = true
gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"
# gitlab_rails['backup_gitaly_backup_path'] = "/opt/gitlab/embedded/bin/gitaly-backup"
###! Docs: https://docs.gitlab.com/ee/raketasks/backup_restore.html#backup-archive-permissions
gitlab_rails['backup_archive_permissions'] = 0644
# gitlab_rails['backup_pg_schema'] = 'public'
###! The duration in seconds to keep backups before they are allowed to be deleted
gitlab_rails['backup_keep_time'] = 604800
其中gitlab_rails['backup_keep_time']
是设置备份保存时间,以秒为单位,604800
为7
天。
修改好配置后,使用gitlab-ctl reconfigure
重新生成配置,再使用gitlab-ctl restart
重启gitlab。
按官方的说法,GitLab 12.2 及之后版本执行
gitlab-rake gitlab:backup:create
;GitLab 12.1及之前版本执行gitlab-backup create
。不过笔者14.5.0的Gitlab执行的gitlab-rake gitlab:backup:create
,也是可以的。
通过帮助可以看出gitlab-backup create
就是gitlab-rake gitlab:backup:create
的包装命令。
# gitlab-backup create --help
Usage: gitlab-backup create [OPTIONS]
Create a new backup. Wrapper for `gitlab-rake gitlab:backup:create`.
OPTIONS:
-h, --help Display this help message and exits,
Additional OPTIONS are passed to the underlying command.
也可以直接在宿主机中使用命令podman exec -it gitlab gitlab-backup create
或者podman exec -it gitlab gitlab-rake gitlab:backup:create
直接备份,不用进入容器中执行。
备份时大概输出情况:
root@10:/# gitlab-rake gitlab:backup:create
2023-06-13 03:34:02 +0000 -- Dumping database ...
Dumping PostgreSQL database gitlabhq_production ... [DONE]
2023-06-13 03:34:06 +0000 -- done
2023-06-13 03:34:06 +0000 -- Dumping repositories ...
2023-06-13 03:37:04 +0000 -- done
2023-06-13 03:37:04 +0000 -- Dumping uploads ...
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping builds ...
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping artifacts ...
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping pages ...
2023-06-13 03:51:10 +0000 -- done
2023-06-13 03:51:10 +0000 -- Dumping lfs objects ...
2023-06-13 03:51:11 +0000 -- done
2023-06-13 03:51:11 +0000 -- Dumping container registry images ...
2023-06-13 03:51:11 +0000 -- done
Creating backup archive: 1686628281_2023_06_13_14.5.0-ee_gitlab_backup.tar ... done
Uploading backup archive to remote storage ... skipped
Deleting tmp directories ... done
done
done
done
done
done
done
done
done
Deleting old backups ... done. (0 removed)
Warning: Your gitlab.rb and gitlab-secrets.json files contain sensitive data
and are not included in this backup. You will need these files to restore a backup.
Please back them up manually.
Backup task is done.
注意后面的警告,需要手动备份gitlab.rb
和gitlab-secrets.json
。
备份路径即为前面配置中设定的路径,默认为/var/opt/gitlab/backups
。
从备份输出日志可以看到有Dumping uploads
,即会备份uploads
中的内容,而前面导出项目时,导出的文件就在uploads
中,为避免把导出的文件也备份,可以先把导出目录/var/opt/gitlab/gitlab-rails/uploads/-/system/import_export_upload/export_file
中的文件删除掉,再进行备份。
手动备份还是比较麻烦,可以借助Linux的crontab
设置为自动备份,比如可以设置每小时、每天、每月、每年、每周备份。
crontab
配置可以分为系统级的配置和用户级的配置,任选一种即可。
crontab
系统级配置,可以查看/etc/crontab
:
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
# You can also override PATH, but by default, newer versions inherit it from the environment
#PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
这个文件分别设置了每小时、每天、每周和每月要执行的任务:
/etc/cron.hourly
:每小时的17分执行/etc/cron.daily
:每天的6点25分执行/etc/cron.weekly
:每周周日的6点47分执行/etc/cron.monthly
:每月1号的6点52分执行可以设置Gitlab每天备份,那可以在/etc/cron.daily
中添加一个文件gitlab-backup
,内容如下:
#!/bin/sh
podman exec -it gitlab gitlab-backup create
如果是宿主机则为:
#!/bin/sh
gitlab-backup create
然后使用chmod +x gitlab-backup
命令为其添加上可执行权限。
还有一个目录/etc/cron.d
,是自定义计划任务的,格式同/etc/crontab
配置。
使用crontab -e
设置当前用户的计划任务,默认会在/tmp
下创建一个文件,笔者的为/tmp/crontab.0kND4I/crontab
:
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).
#
# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/
#
# For more information see the manual pages of crontab(5) and cron(8)
#
# m h dom mon dow command
添加如下一行进行测试:
40-50 * * * * echo "测试" >> ~/a.txt
即在每个小时的40~50分钟时,添加“测试”到~/a.txt
文件。
查看计划任务crontab -l
:
如果是要添加root
用户的计划任务,使用sudo crontab -e -u root
,查看使用sudo crontab -l -u root
。
回到Gitlab备份,非root用户,有sudo权限,则可以使用:
0 2 * * * sudo podman exec -it gitlab gitlab-backup create
每天凌晨2点备份。
欢迎点赞收藏,转载请注明出处!