Nfo's picture

Good morning:

I have a virtual machine with Gitlab 15.2.2. This machine has Debian 9 which is no longer supported as of June 2022.

I would like to update the machine to a newer version. What would be the correct way to do it?

Some time ago I updated this machine from an older one. The process I did was to deploy a new virtual machine and then transfer a backup and the database. Is there a manual that I can follow to carry out the whole process?

Thank you :)

Forum: 
Tags: 
Jeremy Davis's picture

In the general case of TurnKey, you have 2 options:

  1. Migrate your data to a newer release of the same server
  2. Do a Debian "in place" upgrade

The first option is our general recommendation and essentially what you've done before. Although we haven't maintained our GitLab appliance due to the issues we've had with it and the high maintenance overhead. I do hope to resolve that at some point, but it does make this option a bit problematic at the moment.

As such, I recommend the second option:

The other option is to do a Debian style "in place" OS upgrade. Technically we don't support "in place" upgrades, but that's only because we don't have the spare cycles to exhaustively test that pathway. We don't explicitly do anything that should cause issues with the process though, so I would expect it to work fine. Many others have done it and no major issues have been reported, so you should be good. I'm also happy to do my best to help out if you get stuck. The downside is that you won't get all of the tweaks that we apply to the newer releases. But that shouldn't be an issue. And anything that is an issue, I can assist you to fix (hopefully).

The best and most complete documentation on doing a Stretch -> Buster upgrade can be found in the specific section of the Debian Buster/10 Release Notes. It's probably a bit over the top really and a number of steps can probably safely be skipped. I suggest that you also do an internet search for something like "upgrade debian stretch to buster" for some less convoluted and explicit instructions on upgrading to give you some more ideas about that. Worst case scenario, following the Debian docs should get you over the line.

The only bit that might catch you up is the way that the TurnKey repository signing keys are managed now. You'll need to ensure that you have all the right keys. I have previously posted instructions on how to do that. Please note though, that explicitly covers upgrade from Buster -> Bullseye, so be sure to change the CODENAME appropriately (to 'buster').

Obviously, don't do that on your production machine unless you have a full OS backup/snapshot. There's no option to rollback a failed Debian upgrade, so if it fails completely, you'll need to be sure you can go back to your original state. It may even be best to do a trial upgrade in a separate VM created from a snapshot of the current server before you do it for real?

Once you've done the Stretch/9 -> Buster/10 upgrade successfully and everything is working as it should, you could consider going the next step. That is a Buster/10 -> Bullseye/11 upgrade too!? Note that you must do the upgrades in order of release - i.e. DON'T try to upgrade from Stretch/9 -> Bullseye/11!. You must go Stretch/9 -> Buster/10 -> Bullseye/11.

Everything I've noted above re the upgrade to Buster, will also generally apply to upgrading to Bullseye. The steps are similarly documented in the in the specific section of the Debian Bullseye/11 Release Notes. To ensure you don't miss it, I repeat; DO NOT try to skip Debian releases - it will definitely cause issues!

I hope that helps and good luck!

Nfo's picture

I'm going to try option 2 on a cloned virtual machine. I am informing you of the process and the commands that I have used to be able to reach the "bullseye" objective
 

Thank you very much for your answer Jeremy!

Nfo's picture

Good morning, after reading your post I have started to work, I have successfully updated to version 10:


and then I have managed to upload to 11 successfully, although when making updates it throws me errors in the links:


I see that it can be done well and that gitlab works correctly, so I'm going to do more tests and outline the whole process to get it right the first time. I will update the post in case someone else needs to do this step in the future.

Thanks Jeremy!

PS: I'm going to need help at some fixed point!
1. The menu that has the turnkey as soon as the virtual machine starts has disappeared... I'll weigh this for later.

 

Jeremy Davis's picture

Great work! Looks like it went relatively successfully!? Good news.

The "menu that has the turnkey as soon as the virtual machine starts" that you refer to is called "Confconsole". It's operation changed a little from v16.x onwards. I'm not 100% sure, but I suspect that removing, then reinstalling Confconsole and Inithooks might fix it:

apt purge --autoremove -y confconsole inithooks
apt install --reinstall -y confconsole inithooks
Nfo's picture

Remenber make backup before start the process

The first step is to update the GPG keys to avoid update errors. We must install dirmngr for the management and revocation of certificates.

sudo apt-get install dirmngr

The next step is to download the GPG licenses required for the upgrade:

wget https://github.com/turnkeylinux/turnkey-keyring/raw/master/turnkey-relea...

And finally we add the key to our keychain:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1C7082DDE779614F

The next step is to make a backup copy of the list of repositories in case we need to review it later:

sudo cp /etc/apt/sources.list.d/sources.list /etc/apt/sources.list.d/sources.list.Stretch.bak

Finally, we are going to edit the list so that it locates Debian version 10 so that we can install it:

sudo nano /etc/apt/sources.list.d/sources.list

In the Window that appears, we must delete all the lines and add the following:

deb http://archive.turnkeylinux.org/debian buster main
deb http://deb.debian.org/debian buster main contrib
deb http://deb.debian.org/debian buster-updates main contrib
deb http://deb.debian.org/debian buster-backports main contrib
deb http://security.debian.org/debian-security/buster/updates main contrib

We save by pressing the / and then pressing Y. With this configuration we are ready to start with the update, we execute the following commands:

sudo apt-get update
sudo apt-get upgrade

We will have to review all the configuration that it will ask us to see if we have changed any important file. In my case I can modify all with Y.

sudo apt-get dist-upgrade
sudo apt full-upgrade

sudo apt autoremove
sudo apt clean
sudo apt autoclean

sudo reboot

 

You can check if all works fine!

Nfo's picture

The first step is to add the key to our keychain:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 06320D6CBA57F60C

The next step is to make a backup copy of the list of repositories in case we need to review it later:

sudo cp /etc/apt/sources.list.d/sources.list /etc/apt/sources.list.d/sources.list.Buster.bak

Finally, we are going to edit the list so that it locates Debian version 11 so that we can install it:

sudo nano /etc/apt/sources.list.d/sources.list

In the Window that appears, we must delete all the lines and add the following:

deb http://deb.debian.org/debian bullseye main
deb http://deb.debian.org/debian bullseye-updates main
deb http://security.debian.org/debian-security bullseye-security main contrib
deb http://archive.turnkeylinux.org/debian/ bullseye main

We save by pressing the / and then pressing Y. With this configuration we are ready to start with the update, we execute the following commands:

sudo apt-get update
sudo apt-get upgrade

We will have to review all the configuration that it will ask us to see if we have changed any important file. In my case I can modify all with Y.

sudo apt-get dist-upgrade
sudo apt full-upgrade

We clean the temporary updates:

sudo apt autoremove
sudo apt clean
sudo apt autoclean

We restart the server to check that everything works correctly:

sudo reboot

Jeremy Davis's picture

Glad to see that it looks like it all went pretty smoothly! Well done. Thanks too for posting back with your notes! I'm sure that it will help others! :)

Nfo's picture

Good morning, I have come to add more changes to the configuration since my gitlab, although it does not give an error, does not update me to the latest version, I remain at 15.2.5.

To solve the problem, you have to edit the gitlab-ce.list file so that it continues updating the application.

sudo nano /etc/apt/sources.list.d/gitlab-ce.list

you need change strench to buster in this file:

---------------------------------------------------------------------

# this file was created by TurnKey Linux for use with the
# repository at https://packages.gitlab.com/gitlab/gitlab-ce

deb [signed-by=/usr/share/keyrings/gitlab-ce.gpg] https://packages.gitlab.com/gitlab/gitlab-ce/debian/ buster main
deb-src [signed-by=/usr/share/keyrings/gitlab-ce.gpg] https://packages.gitlab.com/gitlab/gitlab-ce/debian/ buster main

---------------------------------------------------------------------

Save the file and try to update. Works fine

Jeremy Davis's picture

Rereading this thread, you updated to Bullseye didn't you? I would expect it to be 'bullseye' (not 'buster')!?

If you tried 'bullseye' and it didn't work, then perhaps they haven't provided a 'bullseye' base release yet?

If it works well enough for you as-is, then that's fine, but I suggest that you retry updating to 'bullseye' as soon as it becomes available.

Nfo's picture

Yes, it is updated to bullseye, but for gitlab it does not locate or download the latest version (gitlab-ce.list), hence the modification of the configuration for the gitlab file and being able to continue with the updates.

Everything works correctly.

Thank you Jeremy

Jeremy Davis's picture

Thanks for the clarification and for reporting for the benefit of others..

That sounds like a GitLab bug of some sort? I suggest that you keep this workaround in mind and retry "bullseye" in the future if/when you have further issues with updates, etc. Clearly it's required at the moment, but it might cause issues in the future (e.g. it's probably the first thing to check if a similar difficulty upgrading occurs in the future).

Add new comment