- Steps
- Upgrade the bundled PostgreSQL chart
- Upgrade steps for 4.0 release
- Upgrade steps for 3.0 release
Upgrade Guide
Before upgrading your GitLab installation, you need to check the changelog corresponding to the specific release you want to upgrade to and look for any release notes that might pertain to the new GitLab chart version.
3.x version of the chart to the latest 4.0 release, you need
to first update to the latest 3.3.x patch release in order for the upgrade to work.
The 4.0 release notes describe the supported upgrade path.2.x version of the chart to the latest 3.0 release, you need
to first update to the latest 2.6.x patch release in order for the upgrade to work.
The 3.0 release notes describe the supported upgrade path.We also recommend that you take a backup first.
Also note that you need to provide all values using helm upgrade --set key=value syntax or -f values.yml instead of using --reuse-values because some of the current values might be deprecated.
--set arguments cleanly, with
helm get values <release name>. If you direct this into a file
(helm get values <release name> > gitlab.yaml), you can safely pass this
file via -f. Thus helm upgrade gitlab gitlab/gitlab -f gitlab.yaml.
This safely replaces the behavior of --reuse-values
Mappings between chart versioning and GitLab versioning can be found here.
Steps
4.0 version of the chart, please follow the manual upgrade steps for 4.0.3.0 version of the chart, please follow the manual upgrade steps for 3.0.The following are the steps to upgrade GitLab to a newer version:
- Check the change log for the specific version you would like to upgrade to
- Go through deployment documentation step by step
-
Extract your previous
--setarguments withhelm get values gitlab > gitlab.yaml - Decide on all the values you need to set
- If you would like to use the GitLab Operator go through the steps outlined in Operator installation
-
Perform the upgrade, with all
--setarguments extracted in step 4helm upgrade gitlab gitlab/gitlab \ --version <new version> \ -f gitlab.yaml \ --set gitlab.migrations.enabled=true \ --set ...
gitlab.migrations.enabled set to false. You will want to
ensure that you explicitly set it back to true for future updates.Upgrade the bundled PostgreSQL chart
As part of the 4.0.0 release of this chart, we upgraded the bundled PostgreSQL chart from 7.7.0 to 8.9.4. This is not a drop in replacement. Manual steps need to be performed to upgrade the database.
The steps have been documented in the 4.0 upgrade steps.
As part of the 3.0.0 release of this chart, we upgraded the bundled PostgreSQL chart from 0.11.0 to 7.7.0. This is not a drop in replacement. Manual steps need to be performed to upgrade the database.
The steps have been documented in the 3.0 upgrade steps.
Upgrade steps for 4.0 release
The 4.0.0 release requires manual steps in order to perform the upgrade.
If you are using the bundled PostgreSQL, the best way to perform this upgrade is to back up your old database, and restore into a new database instance.
Prepare the existing database
postgresql.install is false), you do not need to perform this step.bash -s STAGE with bash -s -- -r RELEASE STAGE in the example commands provided later.kubectl context’s default, you must pass the namespace to the database-upgrade script. Replace bash -s STAGE with bash -s -- -n NAMESPACE STAGE in the example commands provided later. This option can be used along with -r RELEASE. You can set the context’s default namespace by running kubectl config set-context --current --namespace=NAMESPACE, or using kubens from kubectx
The pre stage will create a backup of your database using the backup-utility script in the task-runner pod, which gets saved to the configured s3 bucket (MinIO by default):
# GITLAB_RELEASE should be the version of the chart you are installing, starting with 'v': v4.0.0
curl -s https://gitlab.com/gitlab-org/charts/gitlab/raw/${GITLAB_RELEASE}/scripts/database-upgrade | bash -s pre
Delete existing PostgreSQL data
postgresql.install is false), you do not need to perform this step.The 4.0 release updates the default bundled PostgreSQL version from 10.9.0 to 11.7.0. Since the
data format has changed, upgrading requires removing the existing PostgreSQL StatefulSet before
upgrading to the 4.0 release. The StatefulSet will be recreated in the next step.
kubectl delete statefulset RELEASE-NAME-postgresql
kubectl delete pvc data-RELEASE_NAME-postgresql-0
Upgrade GitLab
Upgrade GitLab following our standard procedure, with the following additions of:
If you are using the bundled PostgreSQL, disable migrations using the following flag on your upgrade command:
--set gitlab.migrations.enabled=false
We will perform the migrations for the Database in a later step for the bundled PostgreSQL.
Restore the Database
postgresql.install is false), you do not need to perform this step.-
Wait for the upgrade to complete for the task-runner pod. RELEASE_NAME should be the name of the GitLab release from
helm listkubectl rollout status -w deployment/RELEASE_NAME-task-runner -
After the task-runner pod is deployed successfully, run the
poststeps:This step will do the following:
- Set replicas to 0 for the
webservice,sidekiq, andgitlab-exporterdeployments. This will prevent any other application from altering the database while the backup is being restored. - Restore the database from the backup created in the pre stage.
- Run database migrations for the new version.
- Unpause the deployments from the first step.
# GITLAB_RELEASE should be the version of the chart you are installing, starting with 'v': v4.0.0 curl -s https://gitlab.com/gitlab-org/charts/gitlab/raw/${GITLAB_RELEASE}/scripts/database-upgrade | bash -s post - Set replicas to 0 for the
Troubleshooting 4.0 release upgrade process
-
If you see any failure during the upgrade, it may be useful to check the description of
gitlab-upgrade-checkpod for details:kubectl get pods -lrelease=RELEASE,app=gitlab kubectl describe pod <gitlab-upgrade-check-pod-full-name>
Upgrade steps for 3.0 release
The 3.0.0 release requires manual steps in order to perform the upgrade.
If you are using the bundled PostgreSQL, the best way to perform this upgrade is to backup your old database, and restore into a new database instance. We’ve automated some of the steps, as an alternative, you can perform the steps manually.
Prepare the existing database
postgresql.install is false), you do not need to perform this step.bash -s STAGE with bash -s -- -r RELEASE STAGE in the example commands provided later.kubectl context’s default, you must pass the namespace to the database-upgrade script. Replace bash -s STAGE with bash -s -- -n NAMESPACE STAGE in the example commands provided later. This option can be used along with -r RELEASE. You can set the context’s default namespace by running kubectl config set-context --current --namespace=NAMESPACE, or using kubens from kubectx
The pre stage will create a backup of your database using the backup-utility script in the task-runner pod, which gets saved to the configured s3 bucket (MinIO by default):
# GITLAB_RELEASE should be the version of the chart you are installing, starting with 'v': v3.0.0
curl -s https://gitlab.com/gitlab-org/charts/gitlab/-/raw/${GITLAB_RELEASE}/scripts/database-upgrade | bash -s pre
Prepare the cluster database secrets
NOTICE: If you are not using the bundled PostgreSQL chart (
postgresql.installis false):
- If you have supplied
global.psql.password.key, you do not need to perform this step.- If you have supplied
global.psql.password.secret, additionally setglobal.psql.password.keyto the name of your existing key to bypass this step.
The secret key for the application database key is changing from postgres-password, to postgresql-password. Use one of the two steps described below to update your database password secret:
-
If you’d like to use an auto-generated PostgreSQL password, delete the existing secret to allow the upgrade to generate a new password for you. RELEASE-NAME should be the name of the GitLab release from
helm list:# Create a local copy of the old secret in case we need to restore the old database kubectl get secret RELEASE-NAME-postgresql-password -o yaml > postgresql-password.backup.yaml # Delete the secret so a new one can be created kubectl delete secret RELEASE-NAME-postgresql-password -
If you want to use the same password, edit the secret, and change the key from
postgres-passwordtopostgresql-password. Additionally, we need a secret for the superuser account. Add a key for that userpostgresql-postgres-password:# Encode the superuser password into base64 echo SUPERUSER_PASSWORD | base64 kubectl edit secret RELEASE-NAME-postgresql-password # Make the appropriate changes in your EDITOR window
Delete existing services
The 3.0 release updates an immutable field in the NGINX Ingress, this requires us to first delete all the services
before upgrading. You can see more details in our troubleshooting documentation, under Immutable Field Error, spec.clusterIP.
-
Remove all affected services. RELEASE_NAME should be the name of the GitLab release from
helm list:kubectl delete services -lrelease=RELEASE_NAME
LoadBalancer for NGINX Ingress from this chart, if in use. See
global Ingress settings documentation for more details regarding
externalIP. You may be required to update DNS records!Upgrade GitLab
Upgrade GitLab following our standard procedure, with the following additions of:
If you are using the bundled PostgreSQL, disable migrations using the following flag on your upgrade command:
--set gitlab.migrations.enabled=false
We will perform the migrations for the Database in a later step for the bundled PostgreSQL.
Restore the Database
postgresql.install is false), you do not need to perform this step.-
Wait for the upgrade to complete for the task-runner pod. RELEASE_NAME should be the name of the GitLab release from
helm listkubectl rollout status -w deployment/RELEASE_NAME-task-runner -
After the task-runner pod is deployed successfully, run the
poststeps:This step will do the following:
- Set replicas to 0 for the
webservice,sidekiq, andgitlab-exporterdeployments. This will prevent any other application from altering the database while the backup is being restored. - Restore the database from the backup created in the pre stage.
- Run database migrations for the new version.
- Unpause the deployments from the first step.
# GITLAB_RELEASE should be the version of the chart you are installing, starting with 'v': v3.0.0 curl -s https://gitlab.com/gitlab-org/charts/gitlab/-/raw/${GITLAB_RELEASE}/scripts/database-upgrade | bash -s post - Set replicas to 0 for the
Troubleshooting 3.0 release upgrade process
- Make sure that you are using Helm 2.14.3 or >= 2.16.1 due to the bug in 2.15.x.
-
If you see any failure during the upgrade, it may be useful to check the description of
gitlab-upgrade-checkpod for details:kubectl get pods -lrelease=RELEASE,app=gitlab kubectl describe pod <gitlab-upgrade-check-pod-full-name> -
You may face the error below when running
helm upgrade:Error: kind ConfigMap with the name "gitlab-gitlab-shell-sshd" already exists in the cluster and wasn't defined in the previous release. Before upgrading, please either delete the resource from the cluster or remove it from the chart Error: UPGRADE FAILED: kind ConfigMap with the name "gitlab-gitlab-shell-sshd" already exists in the cluster and wasn't defined in the previous release. Before upgrading, please either delete the resource from the cluster or remove it from the chartThe error message can also mention other configmaps like
gitlab-redis-health,gitlab-redis-headless, etc. To fix it, make sure that the services were removed as mentioned in the upgrade steps for 3.0 release. After that, also delete the configmaps shown in the error message with:kubectl delete configmap <configmap-name>.