Gitlab 版本升级

原创

劉志仁 2024-03-27 15:35:49 博主文章分类：工具类 ©著作权

©著作权归作者所有：来自51CTO博客作者劉志仁的原创作品，请联系作者获取转载授权，否则将追究法律责任

gitlab部署

下载指定rpm版本

https://packages.gitlab.com/gitlab/gitlab-ce 社区版本

https://packages.gitlab.com/gitlab/gitlab-ee 企业版

本次使用gitlab-ce-12.1.17-ce.0.el7.x86_64.rpm版本: https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-12.1.17-ce.0.el7.x86_64.rpm

rpm安装方式：rpm -ivh gitlab-ce-12.1.17-ce.0.el7.x86_64.rpm

gitlab默认目录结构

安装包的文件存储位置查找：rpm -qal |grep gitlab
/opt/gitlab/ ## 主目录
/etc/gitlab/ ## 放置配置文件
/var/opt/gitlab/ ## 各个组件
/var/log/gitlab/ ## 放置日志文件

检查gitlab各组件状态：gitlab-ctl status
执行配置：gitlab-ctl reconfigure
重启gitlab：gitlab-ctl restart
停止gitlab：gitlab-ctl stop
启动gitlab：gitlab-ctl start

启动或者停止某个组件：
gitlab-ctl stop nginx
gitlab-ctl start nginx

常用配置文件

cat /etc/gitlab/gitlab.rb

各类邮箱SMTP配置： https://docs.gitlab.com/omnibus/settings/smtp.html#testing-the-smtp-configuration


cat /etc/gitlab/gitlab.rb
# url
external_url 'https://gitlab.xxx.cn/'

# disable projects features builds
gitlab_rails['gitlab_default_projects_features_builds'] = false

# LDAP 
gitlab_rails['ldap_enabled'] = true
gitlab_rails['prevent_ldap_sign_in'] = false
gitlab_rails['ldap_servers'] = {
'main' => {
  'label' => 'LDAP',
  'host' =>  'ldap.xxxx.com',
  'port' => 389,
  'uid' => 'uid',
  'encryption' => 'plain',
  'verify_certificates' => true,
  'bind_dn' => 'cn=admin,dc=xxx,dc=com',
  'password' => 'xxx',
  'verify_certificates' => true,
  'tls_options' => {
    'ca_file' => '',
    'ssl_version' => '',
    'ciphers' => '',
    'cert' => '',
    'key' => ''
  },
  'timeout' => 10,
  'active_directory' => true,
  'allow_username_or_email_login' => false,
  'block_auto_created_users' => false,
  'base' => 'ou=People,dc=xxx,dc=com',
  'user_filter' => '',
  'attributes' => {
    'username' => ['uid'],
    'email' => ['mail'],
    'name' => 'cn',
    'first_name' => 'givenName',
    'last_name' => 'sn'
  },
  'lowercase_usernames' => false,
# EE Only
  'group_base' => '',
  'admin_group' => '',
  'external_groups' => [],
  'sync_ssh_keys' => false
  }
}

### 阿里云 邮箱 SMTP
gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.qiye.aliyun.com"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "devops@xxxx.com"
gitlab_rails['smtp_password'] = "xxxx"
gitlab_rails['smtp_domain'] = "devops"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['gitlab_email_from'] = 'devops@xxx.com'



# disable ping
gitlab_rails['usage_ping_enabled'] = false

# enable backup manage
gitlab_rails['manage_backup_path'] = true
gitlab_rails['backup_path'] = "/data/gitlab/backups"

# repository dir
git_data_dirs({
  "default" => {
    "path" => "/data/gitlab/git-data"
   }
})

# git user home
user['home'] = "/data/gitlab/git-home"

# advanced path settings
gitlab_rails['shared_path'] = '/data/gitlab/gitlab-rails/shared'
gitlab_ci['builds_directory'] = '/data/gitlab/gitlab-ci/builds'
gitlab_rails['uploads_directory'] = "/data/gitlab/gitlab-rails/uploads"

# mount check
high_availability['mountpoint'] = ["/data"]

# nginx ssl
nginx['enable'] = true
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/data/gitlab/ssl-xxx/xxx.cn.pem"
nginx['ssl_certificate_key'] = "/data/gitlab/ssl-xxx/xxx.cn.key"

验证邮箱是否正常发送:

gitlab]# gitlab-rails console 
Notify.test_email('xxx@xxx.com', '邮件标题', '邮件正文').deliver_now

等待返回结果。

备份路径

# crontab -l
15 04 * * 2-6  umask 0077; tar cfz /data/gitlab/backups/$(date "+etc-gitlab-\%s.tgz") -C / etc/gitlab
#00 03 * * * /usr/bin/gitlab-rake gitlab:backup:create STRATEGY=copy
00 03 * * * /usr/bin/gitlab-backup create
* * */1 * * find /data/gitlab/backups/ -mtime +2 -name "*_gitlab_backup.tar" -exec rm -f {} \; > /dev/null 2>&1

版本升级动作

查看当前版本：cat /opt/gitlab/embedded/service/gitlab-rails/VERSION

gitlab-rake gitlab:env:info

git config --global user.name "Administrator"

git config --global user.email "admin@example.com"

git clone git@192.168.170.135:root/test001.git

cd test001

touch README.md

git add README.md

git commit -m "add README"

git push -u origin master

rpm -Uvh gitlab-ee-11.11.8-ee.0.el7.x86_64.rpm

1. 根据官网，需要进行几次升级迭代才行：

https://docs.gitlab.com/ce/update/

注意：特定版本升级需要更新到指定版本才行；要不然数据库会报错；后续会留坑

8.11.Z -> 8.12.0 -> 8.17.7 -> 9.5.10 -> 10.8.7 -> 11.11.8 -> 12.0.12 -> 12.1.17 -> 12.10.14 -> 13.0.14 -> 13.1.11 -> latest 13.12.Z -> latest 14.0.Z -> latest 14.Y.Z

2. 下载对应的rpm包：https://packages.gitlab.com/gitlab/gitlab-ce，可以利用搜索快速找出需要的版本

3. 上传到对应的机器

4. 先停部分服务

gitlab-ctl stop puma

gitlab-ctl stop sidekiq

gitlab-ctl stop nginx

5. 升级后启动之前的三个服务，等几分钟后查看页面及数据是否正常

rpm -Uvh gitlab-ce-12.10.14-ce.0.el7.x86_64.rpm

gitlab-ctl start puma

gitlab-ctl start sidekiq

gitlab-ctl start nginx

6. 备份升级后的gitlab数据：

/usr/bin/gitlab-rake gitlab:backup:create

7. 重复停服务，升级，起服务，备份操作，直到目标版本

Gitlab结合LDAP遇到问题：

参考地址：https://forum.gitlab.com/t/could-not-authenticate-you-from-ldapmain-because-undefined-method-provider-for-nil-nilclass/2583

Could not authenticate you from Ldapmain because "Undefined method `provider' for nil:nilclass".

2022-05-18T02:58:40.541Z: (ldapmain) Callback phase initiated.

2022-05-18T02:58:40.649Z: (LDAP) Error saving user uid=zhangsan,ou=people,dc=test_domain,dc=com (zhangsan@xxxxx.com): ["Email domain is not authorized for sign-up"]

2022-05-18T02:58:40.652Z: (ldapmain) Authentication failure! ldap_error: NoMethodError, undefined method `provider' for nil:NilClass

解决方法：

以管理员身份登录，转到管理区域 >> 设置 >> 注册限制。

这是反映来自服务器的 dns 后缀的域列表（添加ldap的url后缀）。

Gitlab 版本升级_ide