https://docs.gitlab.com/ee/administration/high_availability/gitlab.html

https://about.gitlab.com/high-availability/

https://www.oschina.net/translate/gitlab-high-availability?lang=chs

gitlab目录结构:

find / -name gitlab |grep -v "^/opt/"
/run/gitlab          # pid目录 
/etc/gitlab            # 配置目录
/var/log/gitlab     # 日志目录
/var/opt/gitlab     # 应用数据保存目录,要同步的主要是这里的部分数据
/opt/gitlab           # bin程序目录

架构图:

git1

git2:

(gitlab 允许多个节点,多活)

postgresql集群:

redis集群(哨兵模式)

MFS网络文件存储

# MFS集群部署见 http://www.cnblogs.com/linkenpark/p/7416998.html

redis集群(哨兵模式):http://blog.51cto.com/tianshili/1759289

# PostgreSQL 主从集群部署 http://www.cnblogs.com/linkenpark/p/8339936.html

安装postgresql扩展pg_trgm

yum -y install postgresql96-contrib-9.6.8    # 默认的 yum -y install postgresql-contrib

创建用户及库

su - postgres

psql

create role gitlab login encrypted password 'pass';

\du   ;显示用户

create database gitlabhq_production owner=gitlab ENCODING = 'UTF8';

\l     ;列出数据库

;添加pg_trgm扩展

CREATE EXTENSION pg_trgm;

在MFS服务端根目录下创建一个项目给gitlab用

mkdir gitlab

cd gitlab; mkdir -p .ssh gitlab-rails/uploads gitlab-rails/shared gitlab-ci/builds git-data

git1、git2 挂载MFS目录

mkdir -p /var/opt/gitlab/.ssh /var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/shared /var/opt/gitlab/gitlab-ci/builds /var/opt/gitlab/git-data

cat /etc/fstab

mfsmount /var/opt/gitlab/.ssh    fuse    mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/gitlab/.ssh,mfspassword=passwd,_netdev 0 0

mfsmount /var/opt/gitlab/gitlab-rails/uploads    fuse    mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/gitlab/gitlab-rails/uploads,mfspassword=passwd,_netdev 0 0

mfsmount /var/opt/gitlab/gitlab-rails/shared    fuse    mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/gitlab/gitlab-rails/shared,mfspassword=passwd,_netdev 0 0

mfsmount /var/opt/gitlab/gitlab-ci/builds    fuse    mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/gitlab/gitlab-ci/builds,mfspassword=passwd,_netdev 0 0

mfsmount /var/opt/gitlab/git-data    fuse    mfsmaster=mfsmaster,mfsport=9421,mfssubfolder=/gitlab/git-data,mfspassword=passwd,_netdev 0 0

git1、git2安装gitlab

添加gitlab yum源

cat /etc/yum.repos.d/gitlab-ce.repo

[gitlab-ce]

name=Gitlab CE Repository

baseurl=https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el$releasever/

gpgcheck=0

enabled=1
yum install -y curl policycoreutils-python openssh-server sudo systemctl enable sshd 
systemctl start sshd 
firewall-cmd --permanent --add-service=http 
systemctl reload firewalld

yum -y install postfix 
systemctl enable postfix 
systemctl start postfix

yum install -y gitlab-ce

gitlab启动脚本
cat /etc/systemd/system/gitlab.service
[Unit]

Description=gitlab

[Service]

Type=oneshot

RemainAfterExit=yes

ExecStart=/bin/gitlab-ctl start

ExecStop=/bin/gitlab-ctl stop

[Install]

WantedBy=multi-user.target

systemctl enable gitlab


git1配置
grep -Ev "^#|^$" /etc/gitlab/gitlab.rb
external_url 'http://git.conf.com'

gitlab_rails['time_zone'] = 'Asia/Shanghai'

# Disable components that will not be on the GitLab application server

roles ['application_role']

# Prevent GitLab from starting if MFS data mounts are not available

high_availability['mountpoint'] = '/var/opt/gitlab/git-data'

# PostgreSQL connection details

postgresql['enable'] = false

gitlab_rails['db_adapter'] = "postgresql"

gitlab_rails['db_encoding'] = "utf8"

gitlab_rails['db_database'] = "gitlabhq_production"

gitlab_rails['db_username'] = "gitlab"

gitlab_rails['db_password'] = "db_password"

gitlab_rails['db_host'] = "172.16.3.203"

gitlab_rails['db_port'] = 5432

# Redis connection details(单实例、或主从集群)

redis['enable'] = false

gitlab_rails['redis_host'] = "172.16.3.203"

gitlab_rails['redis_port'] = 6379

gitlab_rails['redis_password'] = "redis_password"

gitlab_rails['redis_database'] = 0

# Redis connection details(哨兵集群)

# redis连接方式只设置一种就可以,CE版也可以连接redis sentinel集群

redis['enable'] = false

gitlab_rails['redis_sentinels'] = [

    {'host' => 'sentinel-0.conf.com', 'port' => 26379},

    {'host' => 'sentinel-1.conf.com', 'port' => 26379},

    {'host' => 'sentinel-2.conf.com', 'port' => 26379},

    {'host' => 'sentinel-3.conf.com', 'port' => 26379},

]

redis['master_name'] = 'mymaster'

redis['master_password'] = 'redis_auth_pass'

gitlab_rails['redis_database'] = 0

# nginx enable

nginx['enable'] = true

使配置生效

gitlab-ctl reconfigure

如要再次初始化数据,运行 gitlab-rake gitlab:setup(一般前面执行了gitlab-ctl reconfigure已经初始化发数据)

gitlab-ctl start

git2配置

从git1把/etc/gitlab/gitlab-secrets.json 复制到 git2的/etc/gitlab目录下

touch /etc/gitlab/skip-auto-migrations

grep -v "^#" /etc/gitlab/gitlab.rb

external_url 'http://git.conf.com'


gitlab_rails['time_zone'] = 'Asia/Shanghai'

# Disable components that will not be on the GitLab application server

roles ['application_role']

# Prevent GitLab from starting if MFS data mounts are not available

high_availability['mountpoint'] = '/var/opt/gitlab/git-data'

# disable automatic database migrations

gitlab_rails['auto_migrate'] = false

# PostgreSQL connection details

postgresql['enable'] = false

gitlab_rails['db_adapter'] = "postgresql"

gitlab_rails['db_encoding'] = "utf8"

gitlab_rails['db_database'] = "gitlabhq_production"

gitlab_rails['db_username'] = "gitlab"

gitlab_rails['db_password'] = "db_password"

gitlab_rails['db_host'] = "172.16.3.203"

gitlab_rails['db_port'] = 5432

# Redis connection details(单实例、或主从集群)

redis['enable'] = false

gitlab_rails['redis_host'] = "172.16.3.203"

gitlab_rails['redis_port'] = 6379

gitlab_rails['redis_password'] = "redis_password"

gitlab_rails['redis_database'] = 0

# Redis connection details(哨兵集群)

# redis连接方式只设置一种就可以,CE版也可以连接redis sentinel集群

redis['enable'] = false

gitlab_rails['redis_sentinels'] = [

    {'host' => 'sentinel-0.conf.com', 'port' => 26379},

    {'host' => 'sentinel-1.conf.com', 'port' => 26379},

    {'host' => 'sentinel-2.conf.com', 'port' => 26379},

    {'host' => 'sentinel-3.conf.com', 'port' => 26379},

]

redis['master_name'] = 'mymaster'

redis['master_password'] = 'redis_auth_pass'

gitlab_rails['redis_database'] = 0

# nginx enable

nginx['enable'] = true

gitlab-ctl reconfigure

gitlab-ctl start

如有更多的 second app 请参照git2配置

# 前端负载均衡

前端再分别对http负载(可用nginx反向代理)

ssh(可用HAproxy代理,或nginx TCP代理)

由其他gitlab服务器数据迁移到此gitlab集群

原gitlab服务器数据备份

可以通过/etc/gitlab/gitlab.rb配置文件来修改默认存放备份文件的目录

 gitlab_rails['backup_path'] = "/var/opt/gitlab/backups"

/var/opt/gitlab/backups修改为你想存放备份的目录即可, 修改完成之后使用gitlab-ctl reconfigure命令重载配置文件即可.

/opt/gitlab/bin/gitlab-rake gitlab:backup:create        #执行备份命令

如 /var/opt/gitlab/backups/1524449406_2018_04_23_10.6.4_gitlab_backup.tar

把 备份的数据 1524449406_2018_04_23_10.6.4_gitlab_backup.tar 复制到 gitlab集群的第一个节点的/var/opt/gitlab/backups目录下

chmod 777  /var/opt/gitlab/backups/1524449406_2018_04_23_10.6.4_gitlab_backup.tar

    # 停止相关数据连接服务

    gitlab-ctl stop unicorn

    gitlab-ctl stop sidekiq

umount /var/opt/gitlab/gitlab-rails/uploads       # 由于恢复时会把该目录重启命令成 /var/opt/gitlab/gitlab-rails/uploads.时间戳 ,生产新的/var/opt/gitlab/gitlab-rails/uploads目录,但该目录被挂载了会提示设备busy

umount /var/opt/gitlab/gitlab-ci/builds          # 由于恢复时会把该目录重启命令成/var/opt/gitlab/gitlab-ci/builds.时间戳 ,生产新的/var/opt/gitlab/gitlab-ci/builds目录,但该目录被挂载了会提示设备busy

gitlab-rake gitlab:backup:restore BACKUP=1524449406_2018_04_23_10.6.4    #执行恢复备份

mv /var/opt/gitlab/gitlab-rails/uploads /var/opt/gitlab/gitlab-rails/uploads_ok

mkdir -p  /var/opt/gitlab/gitlab-rails/uploads

mount /var/opt/gitlab/gitlab-rails/uploads

cp -ap /var/opt/gitlab/gitlab-rails/uploads_ok/* /var/opt/gitlab/gitlab-rails/uploads

mv /var/opt/gitlab/gitlab-ci/builds  /var/opt/gitlab/gitlab-ci/builds_ok

mkdir -p /var/opt/gitlab/gitlab-ci/builds

mount /var/opt/gitlab/gitlab-ci/builds

cp -rp /var/opt/gitlab/gitlab-ci/builds_ok/* /var/opt/gitlab/gitlab-ci/builds

gitlab-ctl start unicorn

gitlab-ctl start sidekiq

完成恢复

# key认证问题

可能报错:

报错情况1:(key没有从master复制过来)

IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:9DdK4jo9LPLg7snd/vueT3wI2dy0hb7CVYRRGOTU8TY.
Please contact your system administrator.
Add correct host key in /c/Users/cd/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /c/Users/cd/.ssh/known_hosts:4
ECDSA host key for git.tuandai888.com has changed and you have requested strict checking.
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

报错情况2:(从master复制过来的key权限没设置好)

ssh_exchange_identification: Connection closed by remote host
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

解决方法:

把master的 /etc/ssh/*key* 文件全部复制到从节点来,并注意权限与master的设置一样,

scp root@[master_IP]:/etc/ssh/*key* /etc/ssh

chown root:ssh_keys ssh_host_ecdsa_key ssh_host_ed25519_key ssh_host_rsa_key

# 注意

只有连接Postgresql master库, gitlab才能正常使用。因为gitlab web登录时就要求写数据库。连接到postgresql从库,gitlab web登录失败,报500错。ssh连接仓库正常。

												


											
gitlab HA集群的更多相关文章
	

    
								
  1. 安装spark ha集群
		
    安装spark ha集群 1.默认安装好hadoop+zookeeper 2.安装scala 1.解压安装包 tar zxvf scala-2.11.7.tgz 2.配置环境变量 vim /etc/p ...
    
		
    2. 
						
  2. Hadoop的HA集群启动和停止流程
		
    假设我们有3台虚拟机,主机名分别是hadoop01.hadoop02和hadoop03. 这3台虚拟机的Hadoop的HA集群部署计划如下: 3台虚拟机的Hadoop的HA集群部署计划 hadoop0 ...
    
		
    3. 
						
  3. corosync+pacemaker实现高可用(HA)集群
		
    corosync+pacemaker实现高可用(HA)集群(一)     重要概念 在准备部署HA集群前,需要对其涉及的大量的概念有一个初步的了解,这样在实际部署配置时,才不至于不知所云 资源.服务与 ...
    
		
    4. 
						
  4. 使用QJM部署HDFS HA集群
		
    一.所需软件 1. JDK版本 下载地址:http://www.oracle.com/technetwork/java/javase/index.html 版本: jdk-7u79-linux-x64 ...
    
		
    5. 
						
  5. Storm-1.0.1+ZooKeeper-3.4.8+Netty-4.1.3 HA集群安装
		
    Storm-1.0.1+ZooKeeper-3.4.8+Netty-4.1.3 HA集群安装 下载Storm-1.0.1 http://mirrors.tuna.tsinghua.edu.cn/apa ...
    
		
    6. 
						
  6. 菜鸟玩云计算之十九:Hadoop 2.5.0 HA 集群安装第2章
		
    菜鸟玩云计算之十九:Hadoop 2.5.0 HA 集群安装第2章 cheungmine, 2014-10-26 在上一章中,我们准备好了计算机和软件.本章开始部署hadoop 高可用集群. 2 部署 ...
    
		
    7. 
						
  7. 菜鸟玩云计算之十八:Hadoop 2.5.0 HA 集群安装第1章
		
    菜鸟玩云计算之十八:Hadoop 2.5.0 HA 集群安装第1章 cheungmine, 2014-10-25 0 引言 在生产环境上安装Hadoop高可用集群一直是一个需要极度耐心和体力的细致工作 ...
    
		
    8. 
						
  8. 架构之高可用性(HA)集群(Keepalived)
		
    Keepalived简介 Keepalived是Linux下一个轻量级别的高可用解决方案.高可用(High Avalilability,HA),其实两种不同的含义:广义来讲,是指整个系统的高可用行,狭 ...
    
		
    9. 
						
  9. 手动部署 kubernetes HA 集群
		
    前言 关于kubernetes HA集群部署的方式有很多种(这里的HA指的是master apiserver的高可用),比如通过keepalived vip漂移的方式.haproxy/nginx负载均 ...
    
		
    10. 
		

	


随机推荐
	

    
									
  1. POJ-1753 Flip Game (BFS+状态压缩)
			
    Description Flip game is played on a rectangular 4x4 field with two-sided pieces placed on each of i ...
    
			
    2. 
						
  2. HDU-1163 Eddy's digital Roots(九余数定理)
			
    Eddy's digital Roots Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 65536/32768 K (Java/Oth ...
    
			
    3. 
						
  3. 使用opatch工具 打补丁Patch 21352635 -(Database Patch Set Update 11.2.0.4.8)
			
    Patch 21352635 - Database Patch Set Update 11.2.0.4.8 一.OPatch工具检查及升级 OPatch工具包,在安装目录$ORACLE_HOME下,P ...
    
			
    4. 
						
  4. overflow属性-摘自网友
			
    关于我们 版权声明 网站地图 前端观察 专注于网站前端设计与前端开发 用IE6抢不到火车票的!!! Home 首页 CSS样式之美 Front News前端资讯 JavascriptAjax与JS技术 ...
    
			
    5. 
						
  5. 如何合理的规划一次jvm性能调优
			
    https://blog.csdn.net/miracle_8/article/details/78347172 摘要: JVM性能调优涉及到方方面面的取舍,往往是牵一发而动全身,需要全盘考虑各方面的 ...
    
			
    6. 
						
  6. linux make virtual memory more efficient three  components
			
    Page Cache This is used to speed up access to images and data on disk. As pages are read into memory ...
    
			
    7. 
						
  7. C# 值类型与引用类型 (上)
			
    1. 主要内容 类型的基本概念 值类型深入 引用类型深入 值类型与引用类型的比较及应用 2. 基本概念 C#中,变量是值还是引用仅取决于其数据类型. C#的基本数据类型都以平台无关的方式来定义,C#的 ...
    
			
    8. 
						
  8. hdu 2874 Connections between cities(st&rmq LCA)
			
    Connections between cities Time Limit: 10000/5000 MS (Java/Others)    Memory Limit: 32768/32768 K (J ...
    
			
    9. 
						
  9. 玩转X-CTR100 l STM32F4 l PS2无线手柄-4WD智能小车
			
    我造轮子,你造车,创客一起造起来!更多塔克创新资讯[塔克社区 www.xtark.cn ][塔克博客 www.cnblogs.com/xtark/ ] 前面已介绍X-CTR100控制器解码PS2无线手 ...
    
			
    10. 
						
  10. Hibernate和Spring整合出现懒加载异常:org.hibernate.LazyInitializationException: could not initialize proxy - no Session
			
    出现问题:  SSH整合项目里,项目目录结构如下: 在EmployeeAction.java的list()方法里将employees的list放入到request的Map中. EmployeeActi ...
    
			
    11.