A Gitlab 11.0 instance has been running on a 15-year-old server. Since it has few users and infrequent access, it wasn’t included in a high-availability cluster platform. However, recently, developers have frequently reported that Gitlab is unavailable. After thorough investigation, it was found that the physical server crashes after running for a while. To resolve this issue, we plan to migrate Gitlab to Proxmox VE, making it easier to back up and quickly recover from failures (by restoring the entire virtual machine).

The migration process generally consists of several steps: exporting the source Gitlab data, creating a virtual machine in Proxmox VE and installing the Centos operating system, deploying the same version of Gitlab on Centos as the original server (higher versions will fail to import the backup data), copying the Gitlab backup from the source server to the target Gitlab’s backup directory, importing the backup data, starting Gitlab and verifying remote login, port mapping, and modifying Gitlab configuration files.

Exporting Source Gitlab Data

Log in to the source server and check the Gitlab configuration file “gitlab.rb” for the backup path settings. After performing the export operation, the backup file will be generated in this directory. Use the command `grep backup_path gitlab.rb | grep -v \#` to search for the backup path, which is “/data/backups.”

Before the backup, the directory “/data/backups” is empty. Now, execute the command `gitlab-rake gitlab:backup:create` to export the data.

If all goes well, a compressed file with a “.tar” extension will be generated. There’s no need to unzip this file; simply copy it to the target system’s Gitlab backup directory.

Preparing the Target Server Environment

Create a virtual machine in Proxmox VE and allocate appropriate resources. Next, install the Centos 7 operating system on the virtual machine, set up the network parameters so it can access the internet, which will make it easier to install Gitlab using “yum.”

Disable the Centos “firewalld” service (the server is in an internal network, so a host firewall is unnecessary) and set “selinux” from “enforce” to “disabled” to reduce interference. Manually execute the command `yum install https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el7/gitlab-ce-11.0.0-ce.0.el7.x86_64.rpm` to install Gitlab online. As previously emphasized, it is best to use the same version. If necessary, upgrade Gitlab after importing the backup and verifying normal operation.

After installing Gitlab on the target system, it’s best to keep the configuration consistent with the source system. So, copy the configuration file “gitlab.rb” from the source system and replace the default configuration file “gitlab” generated by the target system. In addition, the “gitlab-secrets.json” file from the source system also needs to be migrated to the target system.

Since Gitlab code needs to be accessed via SSH from an external network, the SSH port is set to “22055”. There are two places to modify for SSH-related settings: one is in `/etc/ssh/sshd_config`, and the other is in Gitlab’s “gitlab.rb” configuration file.

To modify the SSHD service port to “22055”, use a text editor like vi or a tool like sed to change the default port from “22” to “22055”, save the changes, and restart the SSHD service.

Using a text editor or sed, modify the SSH port in “gitlab.rb” to “22055”. This modification is around line 351 in the file. In the vi editor, you can quickly search for the keyword “/ssh_port.”

After preparing everything, run the command `gitlab-ctl reconfigur` to check the configuration and runtime environment. If there are no errors, Gitlab should run normally.

Importing Backup Data on the Target Server

Copy the backup file from the source Gitlab to the target system’s backup directory “/data/backups”. Execute the command `gitlab-rake gitlab:backup:restore BACKUP=1702870559_2023_12_18_11.0.0` to restore the data. Note that the “BUCKUP” value is the first part of the backup file name, taking only the numeric portion.

After the import is complete, run `gitlab-ctl start` to start the Gitlab service. On a remote browser, enter the IP address of the system where Gitlab is located, input the username and password, and verify the correctness and validity of the restored data.

SSH Internal and External Network Penetration

Install the Rinetd software on the border device. For Centos 7, simply run `yum install rinetd` and the installation will be completed in a moment. Edit the file “/etc/rinetd” and add a new line `142.87.62.195 22055 172.16.28.66 22055`. Save the changes, and run `/etc/init.d/rinetd start` to start the service. Use an SSH client to connect to the system “142.87.62.195” via port “22055” to verify the correctness and effectiveness of the configuration. If there are no issues, proceed to remotely pull or sync projects using git.