15308555518/ seafile-admin-docs
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-admin-docs.git synced 2025-12-25 18:22:48 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

update 12.0 k8s single node & S3 data migration

This commit is contained in:
Junxiang Huang 2025-01-15 18:36:12 +08:00
parent 479f2f3156
commit 8f5da2394f
21 changed files with 710 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
manual/repo/docker/cluster/env
View File

@ -19,6 +19,10 @@ CLUSTER_INIT_ES_PORT=9200 # only valid in config init
CLUSTER_MODE=frontend # backend for backend node
# Seafile admin
INIT_SEAFILE_ADMIN_EMAIL=me@example.com
INIT_SEAFILE_ADMIN_PASSWORD=asecret
# Time zone
TIME_ZONE=UTC

2
manual/repo/docker/cluster/seafile-server.yml
View File

@ -22,6 +22,8 @@ services:
- CLUSTER_INIT_ES_PORT=${CLUSTER_INIT_ES_PORT:-9200}
- CLUSTER_MODE=${CLUSTER_MODE:-frontend}
- TIME_ZONE=${TIME_ZONE:-UTC}
- INIT_SEAFILE_ADMIN_EMAIL=${INIT_SEAFILE_ADMIN_EMAIL:-me@example.com}
- INIT_SEAFILE_ADMIN_PASSWORD=${INIT_SEAFILE_ADMIN_PASSWORD:-asecret}
- INIT_S3_STORAGE_BACKEND_CONFIG=${INIT_S3_STORAGE_BACKEND_CONFIG:-false}
- INIT_S3_COMMIT_BUCKET=${INIT_S3_COMMIT_BUCKET:-}
- INIT_S3_FS_BUCKET=${INIT_S3_FS_BUCKET:-}

108
manual/repo/k8s/ce/seafile-deployment.yaml Normal file
View File

@ -0,0 +1,108 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: seafile
spec:
replicas: 1
selector:
matchLabels:
app: seafile
template:
metadata:
labels:
app: seafile
spec:
containers:
- name: seafile
image: seafileltd/seafile-pro-mc:12.0-latest
env:
- name: TIME_ZONE
valueFrom:
configMapKeyRef:
name: seafile-env
key: TIME_ZONE
- name: SEAFILE_LOG_TO_STDOUT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_LOG_TO_STDOUT
- name: SITE_ROOT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SITE_ROOT
- name: ENABLE_SEADOC
valueFrom:
configMapKeyRef:
name: seafile-env
key: ENABLE_SEADOC
- name: SEADOC_SERVER_URL
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEADOC_SERVER_URL
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_HOST
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_PORT
- name: DB_USER
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_USER
- name: SEAFILE_MYSQL_DB_CCNET_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_CCNET_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
- name: INIT_SEAFILE_ADMIN_EMAIL
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_SEAFILE_ADMIN_EMAIL
- name: JWT_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: seafile-secret
key: JWT_PRIVATE_KEY
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: seafile-secret
key: SEAFILE_MYSQL_DB_PASSWORD
- name: DB_ROOT_PASSWD
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_SEAFILE_MYSQL_ROOT_PASSWORD
- name: INIT_SEAFILE_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_SEAFILE_ADMIN_PASSWORD
volumeMounts:
- name: seafile-data
mountPath: /shared
volumes:
- name: seafile-data
persistentVolumeClaim:
claimName: seafile-data
restartPolicy: Always
imagePullSecrets:
- name: regcred

25
manual/repo/k8s/ce/seafile-env.yaml Normal file
View File

@ -0,0 +1,25 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: seafile-env
data:
# for Seafile server
TIME_ZONE: "UTC"
SEAFILE_LOG_TO_STDOUT: "true"
SITE_ROOT: "/"
ENABLE_SEADOC: "false"
SEADOC_SERVER_URL: "https://seafile.example.com/sdoc-server" # only valid in ENABLE_SEADOC = true
SEAFILE_SERVER_HOSTNAME: "seafile.example.com"
# for database
SEAFILE_MYSQL_DB_HOST: "<your MySQL host>"
SEAFILE_MYSQL_DB_PORT: "3306"
SEAFILE_MYSQL_DB_USER: "seafile"
SEAFILE_MYSQL_DB_CCNET_DB_NAME: "ccnet_db"
SEAFILE_MYSQL_DB_SEAFILE_DB_NAME: "seafile_db"
SEAFILE_MYSQL_DB_SEAHUB_DB_NAME: "seahub_db"
# Init
## for Seafile admin
INIT_SEAFILE_ADMIN_EMAIL: "<Seafile admin's email>"

11
manual/repo/k8s/ce/seafile-persistentvolume.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: seafile-data
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /opt/seafile-data

10
manual/repo/k8s/ce/seafile-persistentvolumeclaim.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: seafile-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

18
manual/repo/k8s/ce/seafile-secret.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Secret
metadata:
name: seafile-secret
type: Opaque
data:
# for Seafile server
JWT_PRIVATE_KEY: "<your JWT key, can generate from `pwgen -s 40 1`>"
# for database
SEAFILE_MYSQL_DB_PASSWORD: "<MySQL user seafile's passsword>"
# Initialization
## for seafile
INIT_SEAFILE_ADMIN_PASSWORD: "<Seafile admin's password>"
## for db
INIT_SEAFILE_MYSQL_ROOT_PASSWORD: "<MySQL user root's password>"

13
manual/repo/k8s/ce/seafile-service.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: seafile
spec:
selector:
app: seafile
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30000

10
manual/repo/k8s/cluster/seafile-backend-deployment.yaml
View File

@ -147,6 +147,11 @@ spec:
configMapKeyRef:
name: seafile-env
key: INIT_S3_USE_HTTPS
- name: INIT_SEAFILE_ADMIN_EMAIL
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_SEAFILE_ADMIN_EMAIL
- name: JWT_PRIVATE_KEY
valueFrom:
secretKeyRef:
@ -167,6 +172,11 @@ spec:
secretKeyRef:
name: seafile-secret
key: INIT_S3_SECRET_KEY
- name: INIT_SEAFILE_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_SEAFILE_ADMIN_PASSWORD
volumeMounts:
- name: seafile-data
mountPath: /shared

3
manual/repo/k8s/cluster/seafile-env.yaml
View File

@ -20,6 +20,9 @@ data:
# initialization (only valid in first-time deployment and CLUSTER_INIT_MODE = true)
CLUSTER_INIT_MODE: "true"
## for Seafile admin
INIT_SEAFILE_ADMIN_EMAIL: "<Seafile admin's email>"
## for cluster basic service
CLUSTER_INIT_MEMCACHED_HOST: "<your Memcached server host>"

3
manual/repo/k8s/cluster/seafile-secret.yaml
View File

@ -11,6 +11,9 @@ data:
SEAFILE_MYSQL_DB_PASSWORD: "<MySQL user seafile's passsword>"
# Initialization
## for Seafile admin
INIT_SEAFILE_ADMIN_PASSWORD: "<Seafile admin's password>"
## for db
INIT_SEAFILE_MYSQL_ROOT_PASSWORD: "<MySQL user root's password>"

158
manual/repo/k8s/pro/seafile-deployment.yaml Normal file
View File

@ -0,0 +1,158 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: seafile
spec:
replicas: 1
selector:
matchLabels:
app: seafile
template:
metadata:
labels:
app: seafile
spec:
containers:
- name: seafile
image: seafileltd/seafile-pro-mc:12.0-latest
env:
- name: TIME_ZONE
valueFrom:
configMapKeyRef:
name: seafile-env
key: TIME_ZONE
- name: SEAFILE_LOG_TO_STDOUT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_LOG_TO_STDOUT
- name: SITE_ROOT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SITE_ROOT
- name: ENABLE_SEADOC
valueFrom:
configMapKeyRef:
name: seafile-env
key: ENABLE_SEADOC
- name: SEADOC_SERVER_URL
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEADOC_SERVER_URL
- name: DB_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_HOST
- name: DB_PORT
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_PORT
- name: DB_USER
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_USER
- name: SEAFILE_MYSQL_DB_CCNET_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_CCNET_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAFILE_DB_NAME
- name: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
valueFrom:
configMapKeyRef:
name: seafile-env
key: SEAFILE_MYSQL_DB_SEAHUB_DB_NAME
- name: INIT_S3_STORAGE_BACKEND_CONFIG
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_STORAGE_BACKEND_CONFIG
- name: INIT_S3_COMMIT_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_COMMIT_BUCKET
- name: INIT_S3_FS_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_FS_BUCKET
- name: INIT_S3_BLOCK_BUCKET
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_BLOCK_BUCKET
- name: INIT_S3_KEY_ID
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_KEY_ID
- name: INIT_S3_USE_V4_SIGNATURE
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_USE_V4_SIGNATURE
- name: INIT_S3_AWS_REGION
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_AWS_REGION
- name: INIT_S3_HOST
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_HOST
- name: INIT_S3_USE_HTTPS
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_S3_USE_HTTPS
- name: INIT_SEAFILE_ADMIN_EMAIL
valueFrom:
configMapKeyRef:
name: seafile-env
key: INIT_SEAFILE_ADMIN_EMAIL
- name: JWT_PRIVATE_KEY
valueFrom:
secretKeyRef:
name: seafile-secret
key: JWT_PRIVATE_KEY
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: seafile-secret
key: SEAFILE_MYSQL_DB_PASSWORD
- name: DB_ROOT_PASSWD
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_SEAFILE_MYSQL_ROOT_PASSWORD
- name: INIT_S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_S3_SECRET_KEY
- name: INIT_SEAFILE_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: seafile-secret
key: INIT_SEAFILE_ADMIN_PASSWORD
volumeMounts:
- name: seafile-data
mountPath: /shared
volumes:
- name: seafile-data
persistentVolumeClaim:
claimName: seafile-data
restartPolicy: Always
imagePullSecrets:
- name: regcred

36
manual/repo/k8s/pro/seafile-env.yaml Normal file
View File

@ -0,0 +1,36 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: seafile-env
data:
# for Seafile server
TIME_ZONE: "UTC"
SEAFILE_LOG_TO_STDOUT: "true"
SITE_ROOT: "/"
ENABLE_SEADOC: "false"
SEADOC_SERVER_URL: "https://seafile.example.com/sdoc-server" # only valid in ENABLE_SEADOC = true
SEAFILE_SERVER_HOSTNAME: "seafile.example.com"
# for database
SEAFILE_MYSQL_DB_HOST: "<your MySQL host>"
SEAFILE_MYSQL_DB_PORT: "3306"
SEAFILE_MYSQL_DB_USER: "seafile"
SEAFILE_MYSQL_DB_CCNET_DB_NAME: "ccnet_db"
SEAFILE_MYSQL_DB_SEAFILE_DB_NAME: "seafile_db"
SEAFILE_MYSQL_DB_SEAHUB_DB_NAME: "seahub_db"
# Init
## for Seafile admin
INIT_SEAFILE_ADMIN_EMAIL: "<Seafile admin's email>"
## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true)
INIT_S3_STORAGE_BACKEND_CONFIG: "false"
INIT_S3_COMMIT_BUCKET: ""
INIT_S3_FS_BUCKET: ""
INIT_S3_BLOCK_BUCKET: ""
INIT_S3_KEY_ID: ""
INIT_S3_USE_V4_SIGNATURE: "true"
INIT_S3_AWS_REGION: "us-east-1"
INIT_S3_HOST: "s3.us-east-1.amazonaws.com"
INIT_S3_USE_HTTPS: "true"

11
manual/repo/k8s/pro/seafile-persistentvolume.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: seafile-data
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /opt/seafile-data

10
manual/repo/k8s/pro/seafile-persistentvolumeclaim.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: seafile-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

21
manual/repo/k8s/pro/seafile-secret.yaml Normal file
View File

@ -0,0 +1,21 @@
apiVersion: v1
kind: Secret
metadata:
name: seafile-secret
type: Opaque
data:
# for Seafile server
JWT_PRIVATE_KEY: "<your JWT key, can generate from `pwgen -s 40 1`>"
# for database
SEAFILE_MYSQL_DB_PASSWORD: "<MySQL user seafile's passsword>"
# Initialization
## for seafile
INIT_SEAFILE_ADMIN_PASSWORD: "<Seafile admin's password>"
## for db
INIT_SEAFILE_MYSQL_ROOT_PASSWORD: "<MySQL user root's password>"
## For S3 storage backend (only valid in INIT_S3_STORAGE_BACKEND_CONFIG = true)
INIT_S3_SECRET_KEY: ""

13
manual/repo/k8s/pro/seafile-service.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: seafile
spec:
selector:
app: seafile
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30000

14
manual/setup/cluster_deploy_with_k8s.md
View File

@ -1,6 +1,6 @@
# Deploy Seafile cluster with Kubernetes (K8S)
This manual explains how to deploy and run Seafile Server on a Linux server using *Kubernetes* (***k8s*** thereafter).
This manual explains how to deploy and run Seafile cluster on a Linux server using *Kubernetes* (***k8s*** thereafter).
## Prerequisites
@ -29,7 +29,7 @@ For each node, you have to prepare at least **2 cores** cpu, **2G RAM** and 10G
!!! tip "More details about the number of nodes"
1. If your number of nodes does not meet our recommended number (i.e. 3 nodes), please adjust according to the following strategies:
- **2 nodes**: A frontend service and a backend service on the same node
- **1 node**: Please refer [here](./setup_pro_by_docker.md) to deploy Seafile in a single node instead a cluster.
- **1 node**: Please refer [here](./k8s_single_node.md) to deploy Seafile in a K8S single node instead a cluster.
2. If you have more available nodes for Seafile server, please provide them to the Seafile frontend service and **make sure there is only one backend service running**. Here is a simple relationship between the number of Seafile frontent services ($N_f$) and total nodes ($N_t$):
$$
N_f = N_t - 1,
@ -73,7 +73,7 @@ For futher configuration details, you can refer [the official documents](https:/
## Modify `seafile-env.yaml` and `seafile-secret.yaml`
Similar to Docker-base deployment, Seafile cluster in K8S deployment also supports use files to configure startup progress, you can modify common environment variables by
Similar to Docker-base deployment, Seafile cluster in K8S deployment also supports use files to configure startup progress, you can modify common [environment variables](./setup_pro_by_docker.md#downloading-and-modifying-env) by
```sh
nano /opt/seafile-k8s-yaml/seafile-env.yaml
@ -179,7 +179,7 @@ Finally you can use the `tar -zcvf` and `tar -zxvf` commands to package the enti
```
!!! sucess
You can [view the pod's log](#container-management) to check the startup progress is normal or not, you will see the following message if server is running normally:
You can [view the pod's log](#container-management) to check the startup progress is normal or not. You can see the following message if server is running normally:
```
*** Running /etc/my_init.d/01_create_data_links.sh...
@ -210,7 +210,7 @@ Finally you can use the `tar -zcvf` and `tar -zxvf` commands to package the enti
## Container management
Similar to docker installation, you can also manage containers through [some kubectl commands](https://kubernetes.io/docs/reference/kubectl/#operations). For example, you can use the following command to check whether the relevant resources are started successfully and whether the relevant services can be accessed normally. First, execute the following command and remember the pod name with `seafile-` as the prefix (such as seafile-748b695648-d6l4g)
Similar to docker installation, you can also manage containers through [some kubectl commands](https://kubernetes.io/docs/reference/kubectl/#operations). For example, you can use the following command to check whether the relevant resources are started successfully and whether the relevant services can be accessed normally. First, execute the following command and remember the pod name with `seafile-<node type>-` as the prefix (such as `seafile-frontend-748b695648-d6l4g`)
```shell
kubectl get pods
@ -219,13 +219,13 @@ kubectl get pods
You can check a status of a pod by
```shell
kubectl logs seafile-748b695648-d6l4g
kubectl logs seafile-frontend-748b695648-d6l4g
```
and enter a container by
```shell
kubectl exec -it seafile-748b695648-d6l4g -- bash
kubectl exec -it seafile-frontend-748b695648-d6l4g -- bash
```
## Load balance and HTTPS

136
manual/setup/k8s_single_node.md Normal file
View File

@ -0,0 +1,136 @@
# Setup Seafile with a single K8S pod
This manual explains how to deploy and run Seafile server on a Linux server using *Kubernetes* (***k8s*** thereafter) in a single pod (i.e., single node mode). So this document is essentially an extended description of the [Docker-based Seafile single-node deployment](./overview.md) (support both CE and Pro).
For specific environment and configuration requirements, please refer to the description of the [Docker-based Seafile single-node deployment](./setup_pro_by_docker.md#requirements). Please also refer to the description of the ***K8S tool*** section in [here](./cluster_deploy_with_k8s.md#k8s-tools).
## Gettings started
For persisting data using in the docker-base deployment, `/opt/seafile-data`, is still adopted in this manual. What's more, all K8S YAML files will be placed in `/opt/seafile-k8s-yaml` (replace it when following these instructions if you would like to use another path).
By the way, we don't provide the deployment methods of basic services (e.g., **Memcached**, **MySQL** and **Elasticsearch**) and seafile-compatibility components (e.g., **SeaDoc**) for K8S in our document. If you need to install these services in K8S format, ***you can refer to the rewrite method of this document.***
## Down load the YAML files for Seafile Server
=== "Pro edition"
```sh
mkdir -p /opt/seafile-k8s-yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/pro/seafile-deployment.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/pro/seafile-persistentvolume.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/pro/seafile-persistentvolumeclaim.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/pro/seafile-service.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/pro/seafile-env.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/pro/seafile-secret.yaml
```
=== "Community edition"
```sh
mkdir -p /opt/seafile-k8s-yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/ce/seafile-deployment.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/ce/seafile-persistentvolume.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/ce/seafile-persistentvolumeclaim.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/ce/seafile-service.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/ce/seafile-env.yaml
wget -P /opt/seafile-k8s-yaml https://manual.seafile.com/12.0/repo/k8s/ce/seafile-secret.yaml
```
In here we suppose you download the YAML files in `/opt/seafile-k8s-yaml`, which mainly include about:
- `seafile-deployment.yaml` for Seafile server pod management and creation,
- `seafile-service.yaml` for exposing Seafile services to the external network,
- `seafile-persistentVolume.yaml` for defining the location of a volume used for persistent storage on the host
- `seafile-persistentvolumeclaim.yaml` for declaring the use of persistent storage in the container.
For futher configuration details, you can refer [the official documents](https://kubernetes.io/docs/tasks/configure-pod-container/).
## Modify `seafile-env.yaml` and `seafile-secret.yaml`
Similar to Docker-base deployment, Seafile cluster in K8S deployment also supports use files to configure startup progress, you can modify common [environment variables](./setup_pro_by_docker.md#downloading-and-modifying-env) by
```sh
nano /opt/seafile-k8s-yaml/seafile-env.yaml
```
and sensitive information (e.g., password) by
```sh
nano /opt/seafile-k8s-yaml/seafile-secret.yaml
```
!!! note "For `seafile-secret.yaml`"
To modify sensitive information (e.g., password), you need to convert the password into base64 encoding before writing it into the `seafile-secret.yaml` file:
```sh
echo -n '<your-value>' | base64
```
!!! warning
For the fields marked with `<...>` are **required**, please make sure these items are filled in, otherwise Seafile server may not run properly.
## Start Seafile server
You can start Seafile server simply by
```sh
kubectl apply -f /opt/seafile-k8s-yaml/
```
!!! warning
By default, Seafile will access the ***Memcached*** and ***Elasticsearch*** with the specific service name:
- ***Memcached***: `memcached` with port 11211
- ***Elasticsearch***: `elasticsearch` with port 9200
If the above services are:
- Not in your K8S pods (including using an external service)
- With different service name
- With different server port
Please modfiy the files in `/opt/seafile-data/seafile/conf` to make correct the configurations for above services, otherwise the Seafile server cannot start normally. Then restart Seafile server:
```sh
kubectl delete -f /opt/seafile-k8s-yaml/
kubectl apply -f /opt/seafile-k8s-yaml/
```
## Activating the Seafile License
If you have a `seafile-license.txt` license file, simply put it in the volume of the Seafile container. The volumne's default path in the Compose file is `/opt/seafile-data`. If you have modified the path, save the license file under your custom path.
!!! danger "If the license file has a different name or cannot be read, Seafile server will start with in trailer mode with most THREE users"
Then restart Seafile:
```bash
kubectl delete -f /opt/seafile-k8s-yaml/
kubectl apply -f /opt/seafile-k8s-yaml/
```
## Container management
Similar to docker installation, you can also manage containers through [some kubectl commands](https://kubernetes.io/docs/reference/kubectl/#operations). For example, you can use the following command to check whether the relevant resources are started successfully and whether the relevant services can be accessed normally. First, execute the following command and remember the pod name with `seafile-` as the prefix (such as `seafile-748b695648-d6l4g`)
```shell
kubectl get pods
```
You can check a status of a pod by
```shell
kubectl logs seafile-748b695648-d6l4g
```
and enter a container by
```shell
kubectl exec -it seafile-748b695648-d6l4g -- bash
```
## HTTPS
Please refer [here](./cluster_deploy_with_k8s.md#load-balance-and-https) about suggestions of enabling HTTPS in K8S.

262
manual/setup/migrate_backends_data.md
View File

@ -1,203 +1,161 @@
---
status: new
---
# Migrate data between different backends
Seafile supports data migration between filesystem, s3, ceph, swift and Alibaba oss.
Data migration takes 3 steps:
1. Create a new temporary seafile.conf
2. Run migrate.sh to initially migrate objects
3. Run final migration
4. Replace the original seafile.conf
Seafile supports data migration between filesystem, s3, ceph, swift and Alibaba oss by a built-in script. Before migration, you have to ensure that **both S3 hosts can be accessed normally**.
!!! warning "Migration from S3"
Since version 11, when you migrate from S3 to other storage servers, you have to use V4 authentication protocol. This is because version 11 upgrades to Boto3 library, which fails to list objects from S3 when it's configured to use V2 authentication protocol.
## Create a new temporary seafile.conf
## Copy `seafile.conf` and use new S3 configurations
We need to add new backend configurations to this file (including `[block_backend]`, `[commit_object_backend]`, `[fs_object_backend]` options) and save it under a readable path.
Let's assume that we are migrating data to S3 and create temporary seafile.conf under `/opt`
During the migration process, Seafile needs to know where the data will be migrated to. The easiest way is to copy the original `seafile.conf` to a new path, and then use the new S3 configurations in this file.
```
cat > seafile.conf << EOF
[commit_object_backend]
name = s3
bucket = seacomm
key_id = ******
key = ******
=== "Deploy with Docker"
[fs_object_backend]
name = s3
bucket = seafs
key_id = ******
key = ******
!!! warning
For deployment with Docker, the new `seafile.conf` has to **be put in the persistent directory** (e.g., `/opt/seafile-data/seafile.conf`) used by Seafile service. Otherwise the script cannot locate the new configurations file.
[block_backend]
name = s3
bucket = seablk
key_id = ******
key = ******
EOF
```sh
cp /opt/seafile-data/seafile/conf/seafile.conf /opt/seafile-data/seafile.conf
mv seafile.conf /opt
nano /opt/seafile-data/seafile.conf
```
```
=== "Deploy from binary package"
If you want to migrate to a local file system, the seafile.conf temporary configuration example is as follows:
```sh
cp /opt/seafile/conf/seafile.conf /opt/seafile.conf
nano /opt/seafile.conf
```
Then you can follow [here](./setup_with_s3.md) to use the new S3 configurations in the new `seafile.conf`. By the way, if you want to migrate to a local file system, the new `seafile.conf` configurations for S3 example is as follows:
```conf
# ... other configurations
```
cat > seafile.conf << EOF
[commit_object_backend]
name = fs
# the dir configuration is the new seafile-data path
dir = /var/data_backup
[fs_object_backend]
name = fs
# the dir configuration is the new seafile-data path
dir = /var/data_backup
[block_backend]
name = fs
# the dir configuration is the new seafile-data path
dir = /var/data_backup
EOF
mv seafile.conf /opt
```
Repalce the configurations with your own choice.
## Stop Seafile Server
### Migrating to SSE-C Encrypted S3 Storage
Since the data migration process will not affect the operation of the Seafile service, if the original S3 data is operated during this process, the data may not be synchronized with the migrated data. Therefore, we recommend that you stop the Seafile service before executing the migration procedure.
If you are migrating to S3 storage, and want your data to be encrypted at rest, you can configure SSE-C encryption options in the temporary seafile.conf. Note that you have to use Seafile Pro 11 or newer and make sure your S3 storage supports SSE-C.
=== "Deploy with Docker"
```
cat > seafile.conf << EOF
[commit_object_backend]
name = s3
bucket = seacomm
key_id = ******
key = ******
use_v4_signature = true
use_https = true
sse_c_key = XiqMSf3x5ja4LRibBbV0sVntVpdHXl3P
```sh
docker exec -it seafile bash
cd /opt/seafile/seafile-server-latest
./seahub.sh stop
./seafile.sh stop
```
[fs_object_backend]
name = s3
bucket = seafs
key_id = ******
key = ******
use_v4_signature = true
use_https = true
sse_c_key = XiqMSf3x5ja4LRibBbV0sVntVpdHXl3P
=== "Deploy from binary package"
[block_backend]
name = s3
bucket = seablk
key_id = ******
key = ******
use_v4_signature = true
use_https = true
sse_c_key = XiqMSf3x5ja4LRibBbV0sVntVpdHXl3P
EOF
mv seafile.conf /opt
```
`sse_c_key` is a string of 32 characters.
You can generate `sse_c_key` with the following command
```
openssl rand -base64 24
```
## Migrating large number of objects
If you have millions of objects in the storage (especially fs objects), it may take quite long time to migrate all objects. More than half of the time is spent on checking whether an object exists in the destination storage. **Since Pro edition 7.0.8**, a feature is added to speed-up the checking.
Before running the migration script, please set this env variable:
```
export OBJECT_LIST_FILE_PATH=/path/to/object/list/file
```
3 files will be created: `/path/to/object/list/file.commit`,`/path/to/object/list/file.fs`, `/path/to/object/list/file.blocks`.
When you run the script for the first time, the object list file will be filled with existing objects in the destination. Then, when you run the script for the second time, it will load the existing object list from the file, instead of querying the destination. And newly migrated objects will also be added to the file. During migration, the migration process checks whether an object exists by checking the pre-loaded object list, instead of asking the destination, which will greatly speed-up the migration process.
It's suggested that you don't interrupt the script during the "fetch object list" stage when you run it for the first time. Otherwise the object list in the file will be incomplete.
Another trick to speed-up the migration is to increase the number of worker threads and size of task queue in the migration script. You can modify the `nworker` and `maxsize` variables in the following code:
```
class ThreadPool(object):
def __init__(self, do_work, nworker=20):
self.do_work = do_work
self.nworker = nworker
self.task_queue = Queue.Queue(maxsize = 2000)
```
The number of workers can be set to relatively large values, since they're mostly waiting for I/O operations to finished.
## Decrypting encrypted storage backend
If you have an encrypted storage backend (a deprecated feature no long supported now), you can use this script to migrate and decrypt the data from that backend to a new one. You can add the `--decrypt` option, which will decrypt the data while reading it, and then write the unencrypted data to the new backend. Note that you need add this option in all stages of the migration.
```
cd ~/haiwen/seafile-server-latest
./migrate.sh /opt --decrypt
```
```sh
cd /opt/seafile/seafile-server-latest
./seahub.sh stop
./seafile.sh stop
```
## Run migrate.sh to initially migrate objects
This step will migrate **most of** objects from the source storage to the destination storage. You don't need to stop Seafile service at this stage as it may take quite long time to finish. Since the service is not stopped, some new objects may be added to the source storage during migration. Those objects will be handled in the next step.
This step will migrate **most of** objects from the source storage to the destination storage. You don't need to stop Seafile service at this stage as it may take quite long time to finish. Since the service is not stopped, some new objects may be added to the source storage during migration. Those objects will be handled in the next step:
We assume you have installed seafile pro server under `~/haiwen`, enter `~/haiwen/seafile-server-latest` and run migrate.sh with parent path of temporary seafile.conf as parameter, here is `/opt`.
!!! tip "Speed-up migrating large number of objects"
If you have millions of objects in the storage (especially the ***fs*** objects), it may take quite long time to migrate all objects and more than half is using to check whether an object exists in the destination storage. In this situation, you can modify the `nworker` and `maxsize` variables in the `migrate.py`:
```
cd ~/haiwen/seafile-server-latest
./migrate.sh /opt
```py
class ThreadPool(object):
def __init__(self, do_work, nworker=20):
self.do_work = do_work
self.nworker = nworker
self.task_queue = Queue.Queue(maxsize = 2000)
```
```
However, if the two values (i.e., `nworker` and `maxsize`) are too large, the improvement in data migration speed may not be obvious because the disk I/O bottleneck has been reached.
!!! tip
This script is completely reentrant. So you can stop and restart it, or run it many times. It will check whether an object exists in the destination before sending it.
!!! note "Encrypted storage backend data (deprecated)"
If you have an encrypted storage backend, you can use this script to migrate and decrypt the data from that backend to a new one. You can add the `--decrypt` option in calling the script, which will decrypt the data while reading it, and then write the unencrypted data to the new backend:
## Run final migration
```sh
./migrate.sh /opt --decrypt
```
New objects added during the last migration step will be migrated in this step. To prevent new objects being added, you have to stop Seafile service during the final migration operation. This usually take short time. If you have large number of objects, please following the optimization instruction in previous section.
=== "Deploy with Docker"
You just have to stop Seafile and Seahub service, then run the migration script again.
```sh
# make sure you are in the container and in directory `/opt/seafile/seafile-server-latest`
./migrate.sh /shared
# exit container and stop it
exit
docker compose down
```
```
cd ~/haiwen/seafile-server-latest
./migrate.sh /opt
=== "Deploy from binary package"
```
```sh
# make sure you are in the directory `/opt/seafile/seafile-server-latest`
./migrate.sh /opt
```
## Replace the original seafile.conf
!!! success
You can see the following message if the migration process is done:
After running the script, we need replace the original seafile.conf with new one:
```
2025-01-15 05:49:39,408 Start to fetch [commits] object from destination
2025-01-15 05:49:39,422 Start to fetch [fs] object from destination
2025-01-15 05:49:39,442 Start to fetch [blocks] object from destination
2025-01-15 05:49:39,677 [commits] [0] objects exist in destination
2025-01-15 05:49:39,677 Start to migrate [commits] object
2025-01-15 05:49:39,749 [blocks] [0] objects exist in destination
2025-01-15 05:49:39,755 Start to migrate [blocks] object
2025-01-15 05:49:39,752 [fs] [0] objects exist in destination
2025-01-15 05:49:39,762 Start to migrate [fs] object
2025-01-15 05:49:40,602 Complete migrate [commits] object
2025-01-15 05:49:40,626 Complete migrate [blocks] object
2025-01-15 05:49:40,790 Complete migrate [fs] object
Done.
```
```
mv /opt/seafile.conf ~/haiwen/conf
## Replace the original `seafile.conf` and start Seafile
```
After running the script, we recommend that you check whether your data already exists on the new S3 storage backend server (i.e., the migration is successful, and the number and size of files should be the same). Then you can remove the file from the old S3 storage backend and replace the original `seafile.conf` from the new one:
now we only have configurations about backend, more config options, e.g. memcache and quota, can then be copied from the original seafile.conf file.
=== "Deploy with Docker"
After replacing seafile.conf, you can restart seafile server and access the data on the new backend.
```sh
mv /opt/seafile-data/seafile.conf /opt/seafile-data/seafile/conf/seafile.conf
```
=== "Deploy from binary package"
```sh
mv /opt/seafile.conf /opt/seafile/conf/seafile.conf
```
Finally, you can start Seafile server:
=== "Deploy with Docker"
```sh
docker compose up -d
```
=== "Deploy from binary package"
```sh
# make sure you are in the directory `/opt/seafile/seafile-server-latest`
./seahub.sh start
./seafile.sh start
```

1
mkdocs.yml
View File

@ -101,6 +101,7 @@ nav:
- Multiple Storage Backends: setup/setup_with_multiple_storage_backends.md
- Data migration: setup/migrate_backends_data.md
- Use SeaSearch as search engine (Pro): setup/use_seasearch.md
- Setup with Kubernetes (K8S, single pod mode): setup/k8s_single_node.md
- Seafile Docker autostart: setup/seafile_docker_autostart.md
- Deploy with an existing MySQL server: setup/setup_with_an_existing_mysql_server.md
- Use other reverse proxy: setup/use_other_reverse_proxy.md