diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-09 21:09:19 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-09 21:09:19 +0000 |
commit | 254ec28f5448f6f353cd98f637985de3d1405854 (patch) | |
tree | 1c84ed7b7dd32db96454af034cd6c7e90699e76d /doc/administration/gitaly | |
parent | 141902c04943d5fb43c014b8cf42af60a3bc0cdf (diff) | |
download | gitlab-ce-254ec28f5448f6f353cd98f637985de3d1405854.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/administration/gitaly')
-rw-r--r-- | doc/administration/gitaly/praefect.md | 40 |
1 files changed, 31 insertions, 9 deletions
diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md index 0a0e193658e..737deaa7f4e 100644 --- a/doc/administration/gitaly/praefect.md +++ b/doc/administration/gitaly/praefect.md @@ -60,12 +60,18 @@ GitLab](https://about.gitlab.com/install/). - 1 Praefect node (minimal storage required) - 3 Gitaly nodes (high CPU, high memory, fast storage) +- 1 GitLab server You will need the IP/host address for each node. 1. `POSTGRESQL_SERVER_ADDRESS`: the IP/host address of the PostgreSQL server -1. `PRAEFECT_SERVER_ADDRESS`: the IP/host address of the Praefect server -1. `GITALY_SERVER_ADDRESS`: the IP/host address of each Gitaly node +1. `PRAEFECT_HOST`: the IP/host address of the Praefect server +1. `GITALY_HOST`: the IP/host address of each Gitaly server +1. `GITLAB_HOST`: the IP/host address of the GitLab server + +If you are using a cloud provider, you can look up the addresses for each server through your cloud provider's management console. + +If you are using Google Cloud Platform, SoftLayer, or any other vendor that provides a virtual private cloud (VPC) you can use the private addresses for each cloud instance (corresponds to “internal address” for Google Cloud Platform) for `PRAEFECT_HOST`, `GITALY_HOST`, and `GITLAB_HOST`. #### Secrets @@ -183,14 +189,18 @@ application server, or a Gitaly node. 1. Configure **Praefect** to listen on network interfaces by editing `/etc/gitlab/gitlab.rb`: + You will need to replace: + + - `PRAEFECT_HOST` with the IP address or hostname of the Praefect node + ```ruby # Make Praefect accept connections on all network interfaces. # Use firewalls to restrict access to this address/port. - praefect['listen_addr'] = '0.0.0.0:2305' + praefect['listen_addr'] = 'PRAEFECT_HOST:2305' # Enable Prometheus metrics access to Praefect. You must use firewalls # to restrict access to this address/port. - praefect['prometheus_listen_addr'] = '0.0.0.0:9652' + praefect['prometheus_listen_addr'] = 'PRAEFECT_HOST:9652' ``` 1. Configure a strong `auth_token` for **Praefect** by editing @@ -357,14 +367,18 @@ documentation](index.md#3-gitaly-server-configuration). 1. Configure **Gitaly** to listen on network interfaces by editing `/etc/gitlab/gitlab.rb`: + You will need to replace: + + - `GITALY_HOST` with the IP address or hostname of the Gitaly node + ```ruby # Make Gitaly accept connections on all network interfaces. # Use firewalls to restrict access to this address/port. - gitaly['listen_addr'] = '0.0.0.0:8075' + gitaly['listen_addr'] = 'GITALY_HOST:8075' # Enable Prometheus metrics access to Gitaly. You must use firewalls # to restrict access to this address/port. - gitaly['prometheus_listen_addr'] = '0.0.0.0:9236' + gitaly['prometheus_listen_addr'] = 'GITALY_HOST:9236' ``` 1. Configure a strong `auth_token` for **Gitaly** by editing @@ -387,7 +401,7 @@ documentation](index.md#3-gitaly-server-configuration). # Configure the gitlab-shell API callback URL. Without this, `git push` will # fail. This can be your front door GitLab URL or an internal load balancer. # Examples: 'https://example.gitlab.com', 'http://1.2.3.4' - gitlab_rails['internal_api_url'] = 'GITLAB_SERVER_URL' + gitlab_rails['internal_api_url'] = 'http://GITLAB_HOST' ``` 1. Configure the storage location for Git data by setting `git_data_dirs` in @@ -499,12 +513,13 @@ Particular attention should be shown to: You will need to replace: - `PRAEFECT_HOST` with the IP address or hostname of the Praefect node + - `GITLAB_HOST` with the IP address or hostname of the GitLab server - `PRAEFECT_EXTERNAL_TOKEN` with the real secret ```ruby git_data_dirs({ "default" => { - "path" => "/var/opt/gitlab/git-data" + "gitaly_address" => "tcp://GITLAB_HOST:8075" }, "praefect" => { "gitaly_address" => "tcp://PRAEFECT_HOST:2305", @@ -513,6 +528,13 @@ Particular attention should be shown to: }) ``` +1. Allow Gitaly to listen on a tcp port by editing + `/etc/gitlab/gitlab.rb` + + ```ruby + gitaly['listen_addr'] = 'tcp://GITLAB_HOST:8075' + ``` + 1. Configure the `gitlab_shell['secret_token']` so that callbacks from Gitaly nodes during a `git push` are properly authenticated by editing `/etc/gitlab/gitlab.rb`: @@ -526,7 +548,7 @@ Particular attention should be shown to: 1. Configure the `external_url` so that files could be served by GitLab by proper endpoint access by editing `/etc/gitlab/gitlab.rb`: - You will need to replace `GITLAB_SERVER_URL` with the real URL on which + You will need to replace `GITLAB_SERVER_URL` with the real external facing URL on which current GitLab instance is serving: ```ruby |