目录
- [1. 背景](#1. 背景)
- [2. 参考](#2. 参考)
- [3. 环境](#3. 环境)
- [4. 过程](#4. 过程)
-
- [4.1 查看原docker启动命令](#4.1 查看原docker启动命令)
- [4.2 打包挂载目录传至新宿主机并创建对应目录](#4.2 打包挂载目录传至新宿主机并创建对应目录)
- [4.3 保存镜像并传至新宿主机下](#4.3 保存镜像并传至新宿主机下)
- [4.4 新宿主机启动GitLab容器](#4.4 新宿主机启动GitLab容器)
- [5 故障](#5 故障)
-
- [5.1 容器不断重启](#5.1 容器不断重启)
- [5.2 权限拒绝](#5.2 权限拒绝)
- [5.3 容器内错误日志](#5.3 容器内错误日志)
- [6 重启容器服务正常](#6 重启容器服务正常)
- [7 总结](#7 总结)
1. 背景
最近接到一个任务,迁移docker到另外一台宿主机上。在迁移过程中发现有docker部署的GitLab。迁移过程中各种排错,现将遇到的问题记录如下
2. 参考
链接: Gitblab docker迁移数据出现权限问题解决
链接: docker 版的 gitlab 数据迁移(单容器版) -- 备份恢复方式
链接: docker下Gitlab如何进行备份恢复与迁移? -- 备份恢复方式
3. 环境
- 操作系统 Centos7
- Docker version 26.0.0, build 2ae903e
- GItLab镜像 twang2218/gitlab-ce-zh
4. 过程
4.1 查看原docker启动命令
javascript
docker run -d --name gitlab \
--restart=always \
-p 8022:22 \
-p 80:80 \
-p 8443:443 \
-v /home/gitlab/etc:/etc/gitlab \
-v /home/gitlab/log:/var/log/gitlab \
-v /home/gitlab/data:/var/opt/gitlab \
twang2218/gitlab-ce-zh- 端口映射
- 8022:22
- 80:80
- 8443:443
- 挂载目录
- /home/gitlab/etc:/etc/gitlab
- /home/gitlab/etc:/etc/gitlab
- /home/gitlab/data:/var/opt/gitlab
4.2 打包挂载目录传至新宿主机并创建对应目录
- 源挂载目录迁移至新宿主机对应路径下
javascript
// 查看新宿主机对应路径
tree -L 1 /home/gitlab
/home/gitlab
├── data
├── docker-compose-gitlab.yml
├── etc
└── log4.3 保存镜像并传至新宿主机下
- 保存源宿主机下镜像twang2218/gitlab-ce-zh
javascript
docker save twang2218/gitlab-ce-zh > gitlab-ce-zh.tar- 在新宿主机下还原镜像
javascript
docker load < gitlab-ce-zh.tar- 新宿主机查看镜像
javascript
docker image ls twang2218/gitlab-ce-zh
// 显示结果
REPOSITORY TAG IMAGE ID CREATED SIZE
twang2218/gitlab-ce-zh latest 18da462b5ff5 5 years ago 1.61GB4.4 新宿主机启动GitLab容器
- 使用同样命令容器
javascript
docker run -d --name gitlab \
--restart=always \
-p 8022:22 \
-p 80:80 \
-p 8443:443 \
-v /home/gitlab/etc:/etc/gitlab \
-v /home/gitlab/log:/var/log/gitlab \
-v /home/gitlab/data:/var/opt/gitlab \
twang2218/gitlab-ce-zh5 故障
5.1 容器不断重启
- 现象:容器不断重启,GitLab服务无法正常运行。
- 定位:查看容器日志
javascript
Preparing services...
Starting services...
/opt/gitlab/embedded/bin/runsvdir-start: line 24: ulimit: pending signals: cannot modify limit: Operation not permitted
/opt/gitlab/embedded/bin/runsvdir-start: line 37: /proc/sys/fs/file-max: Read-only file system
Configuring GitLab package...
Configuring GitLab...
================================================================================
Error executing action `run` on resource 'ruby_block[directory resource: /var/opt/gitlab/git-data/repositories]'
================================================================================- 参考 :Gitblab docker迁移数据出现权限问题解决
- 解决:修改对应宿主机路径权限
javascript
chmod 2770 /home/gitlab/data/git-data/repositories5.2 权限拒绝
- 现象:GitLab服务无法正常运行。
- 定位:查看容器日志
javascript
================================================================================
Error executing action `run` on resource 'execute[/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '1'
---- Begin output of /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions ----
STDOUT: error: could not open /var/opt/gitlab/.ssh/authorized_keys: Permission denied @ rb_sysopen - /var/opt/gitlab/.ssh/authorized_keys
-rw-------. 1 root root 8474 Apr 11 22:27 /var/opt/gitlab/.ssh/authorized_keys
STDERR:
---- End output of /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions ----
Ran /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-keys check-permissions returned 1- 参考 :Gitblab docker迁移数据出现权限问题解决
- 解决:不断执行 docker exec -it gitlab update-permissions
javascript
For a comprehensive list of configuration options please see the Omnibus GitLab readme
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md
If this container fails to start due to permission problems try to fix it by executing:
docker exec -it gitlab update-permissions
docker restart gitlab- 注意 :执行过程中可能爆缺失文件错误,例如: /var/opt/gitlab/gitlab-rails/shared/registry需要手动创建后,继续执行docker exec -it gitlab update-permissions,直至全部执行成功且无报错。
javascript
mkdir /home/gitlab/data/gitlab-rails/shared/registry5.3 容器内错误日志
- 现象 :使用交互模式启动容器排错。
- 先停止并删除之前容器,然后使用以下命令(-i)启动容器查看错误日志
javascript
docker run -i --name gitlab \
--restart=always \
-p 8022:22 \
-p 80:80 \
-p 8443:443 \
-v /home/gitlab/etc:/etc/gitlab \
-v /home/gitlab/log:/var/log/gitlab \
-v /home/gitlab/data:/var/opt/gitlab \
twang2218/gitlab-ce-zh-
定位 :查看日志
2024-04-12_06:53:51.49881 level=error ts=2024-04-12T06:53:51.498534519Z caller=main.go:226 err="open /var/opt/gitlab/alertmanager/data/nflog: permission denied"
-
原因:
- 进入容器内查看 /var/opt/gitlab/alertmanager/,该目录的用户和组是git
javascript
root@14dd4de37cbf:/var/opt/gitlab/alertmanager# ll
total 8
drwxr-x---. 3 gitlab-prometheus root 42 Apr 12 13:36 ./
drwxr-xr-x. 20 root root 4096 Apr 12 13:36 ../
-rw-r--r--. 1 gitlab-prometheus root 283 Apr 12 10:16 alertmanager.yml
drwx------. 2 git git 35 Apr 12 10:16 data/- 实际上应该属于gitlab-prometheus
javascript
git:x:998:998::/var/opt/gitlab:/bin/sh
gitlab-www:x:999:999::/var/opt/gitlab/nginx:/bin/false
gitlab-redis:x:997:997::/var/opt/gitlab/redis:/bin/false
gitlab-psql:x:996:996::/var/opt/gitlab/postgresql:/bin/sh
mattermost:x:994:994::/var/opt/gitlab/mattermost:/bin/sh
registry:x:993:993::/var/opt/gitlab/registry:/bin/sh
gitlab-prometheus:x:992:992::/var/opt/gitlab/prometheus:/bin/sh
gitlab-consul:x:991:991::/var/opt/gitlab/consul:/bin/sh- 解决 :
在容器内修改目录用户和组,
javascript
root@14dd4de37cbf:/var/opt/gitlab/alertmanager# chown -R gitlab-prometheus.gitlab-prometheus data/6 重启容器服务正常
- 关闭并删除之前容器
- 使用正常启动命令重新启动容器
javascript
docker run -d --name gitlab \
--restart=always \
-p 8022:22 \
-p 80:80 \
-p 8443:443 \
-v /home/gitlab/etc:/etc/gitlab \
-v /home/gitlab/log:/var/log/gitlab \
-v /home/gitlab/data:/var/opt/gitlab \
twang2218/gitlab-ce-zh- GitLab服务访问正常
7 总结
GitLab docker迁移工作并不复杂,主要麻烦在GitLab本身的权限上。迁移可通过容器启动日志和容器内交互方式排除故障。