diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-18 09:45:46 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-18 09:45:46 +0000 |
commit | a7b3560714b4d9cc4ab32dffcd1f74a284b93580 (patch) | |
tree | 7452bd5c3545c2fa67a28aa013835fb4fa071baf /doc/administration/packages | |
parent | ee9173579ae56a3dbfe5afe9f9410c65bb327ca7 (diff) | |
download | gitlab-ce-a7b3560714b4d9cc4ab32dffcd1f74a284b93580.tar.gz |
Add latest changes from gitlab-org/gitlab@14-8-stable-eev14.8.0-rc42
Diffstat (limited to 'doc/administration/packages')
-rw-r--r-- | doc/administration/packages/container_registry.md | 48 | ||||
-rw-r--r-- | doc/administration/packages/dependency_proxy.md | 49 | ||||
-rw-r--r-- | doc/administration/packages/index.md | 2 |
3 files changed, 94 insertions, 5 deletions
diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md index 43293385ed9..33a5311709f 100644 --- a/doc/administration/packages/container_registry.md +++ b/doc/administration/packages/container_registry.md @@ -662,14 +662,14 @@ configurable in future releases. The Registry server listens on localhost at port `5000` by default, which is the address for which the Registry server should accept connections. -In the examples below we set the Registry's port to `5001`. +In the examples below we set the Registry's port to `5010`. **Omnibus GitLab** 1. Open `/etc/gitlab/gitlab.rb` and set `registry['registry_http_addr']`: ```ruby - registry['registry_http_addr'] = "localhost:5001" + registry['registry_http_addr'] = "localhost:5010" ``` 1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. @@ -681,7 +681,7 @@ In the examples below we set the Registry's port to `5001`. ```yaml http: - addr: localhost:5001 + addr: localhost:5010 ``` 1. Save the file and restart the Registry server. @@ -1379,7 +1379,7 @@ project or branch name. Special characters can include: To get around this, you can [change the group path](../../user/group/index.md#change-a-groups-path), [change the project path](../../user/project/settings/index.md#renaming-a-repository) or change the -branch name. Another option is to create a [push rule](../../push_rules/push_rules.md) to prevent +branch name. Another option is to create a [push rule](../../user/project/repository/push_rules.md) to prevent this at the instance level. ### Image push errors @@ -1548,6 +1548,46 @@ To fix this you can do one of two things: We use a concrete example to illustrate how to diagnose a problem with the S3 setup. +#### Investigate a cleanup policy + +If you're unsure why your cleanup policy did or didn't delete a tag, execute the policy line by line +by running the below script from the [Rails console](../../administration/operations/rails_console.md). +This can help diagnose problems with the policy. + +```ruby +repo = ContainerRepository.find(<project_id>) +policy = repo.project.container_expiration_policy + +tags = repo.tags +tags.map(&:name) + +tags.reject!(&:latest?) +tags.map(&:name) + +regex_delete = ::Gitlab::UntrustedRegexp.new("\\A#{policy.name_regex}\\z") +regex_retain = ::Gitlab::UntrustedRegexp.new("\\A#{policy.name_regex_keep}\\z") + +tags.select! { |tag| regex_delete.match?(tag.name) && !regex_retain.match?(tag.name) } + +tags.map(&:name) + +now = DateTime.current +tags.sort_by! { |tag| tag.created_at || now }.reverse! # Lengthy operation + +tags = tags.drop(policy.keep_n) +tags.map(&:name) + +older_than_timestamp = ChronicDuration.parse(policy.older_than).seconds.ago + +tags.select! { |tag| tag.created_at && tag.created_at < older_than_timestamp } + +tags.map(&:name) +``` + +- The script builds the list of tags to delete (`tags`). +- `tags.map(&:name)` prints a list of tags to remove. This may be a lengthy operation. +- After each filter, check the list of `tags` to see if it contains the intended tags to destroy. + #### Unexpected 403 error during push A user attempted to enable an S3-backed Registry. The `docker login` step went diff --git a/doc/administration/packages/dependency_proxy.md b/doc/administration/packages/dependency_proxy.md index b3dc6ffc2b2..93c6585230f 100644 --- a/doc/administration/packages/dependency_proxy.md +++ b/doc/administration/packages/dependency_proxy.md @@ -199,6 +199,55 @@ This section describes the earlier configuration format. 1. [Restart GitLab](../restart_gitlab.md#installations-from-source "How to restart GitLab") for the changes to take effect. +#### Migrate local Dependency Proxy blobs and manifests to object storage + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/79663) in GitLab 14.8. + +After [configuring object storage](#using-object-storage), +use the following task to migrate existing Dependency Proxy blobs and manifests from local storage +to remote storage. The processing is done in a background worker and requires no downtime. + +For Omnibus GitLab: + +```shell +sudo gitlab-rake "gitlab:dependency_proxy:migrate" +``` + +For installations from source: + +```shell +RAILS_ENV=production sudo -u git -H bundle exec rake gitlab:dependency_proxy:migrate +``` + +You can optionally track progress and verify that all packages migrated successfully using the +[PostgreSQL console](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-bundled-postgresql-database): + +- For Omnibus GitLab instances: `sudo gitlab-rails dbconsole` +- For installations from source: `sudo -u git -H psql -d gitlabhq_production` + +Verify that `objectstg` (where `file_store = '2'`) has the count of all Dependency Proxy blobs and +manifests for each respective query: + +```shell +gitlabhq_production=# SELECT count(*) AS total, sum(case when file_store = '1' then 1 else 0 end) AS filesystem, sum(case when file_store = '2' then 1 else 0 end) AS objectstg FROM dependency_proxy_blobs; + +total | filesystem | objectstg +------+------------+----------- + 22 | 0 | 22 + +gitlabhq_production=# SELECT count(*) AS total, sum(case when file_store = '1' then 1 else 0 end) AS filesystem, sum(case when file_store = '2' then 1 else 0 end) AS objectstg FROM dependency_proxy_manifests; + +total | filesystem | objectstg +------+------------+----------- + 10 | 0 | 10 +``` + +Verify that there are no files on disk in the `dependency_proxy` folder: + +```shell +sudo find /var/opt/gitlab/gitlab-rails/shared/dependency_proxy -type f | grep -v tmp | wc -l +``` + ## Disabling Authentication Authentication was introduced in 13.7 as part of [enabling private groups to use the diff --git a/doc/administration/packages/index.md b/doc/administration/packages/index.md index eea4964efbe..abf5c46114b 100644 --- a/doc/administration/packages/index.md +++ b/doc/administration/packages/index.md @@ -240,7 +240,7 @@ You can optionally track progress and verify that all packages migrated successf - `sudo gitlab-rails dbconsole` for Omnibus GitLab instances. - `sudo -u git -H psql -d gitlabhq_production` for source-installed instances. -Verify `objectstg` below (where `store=2`) has count of all packages: +Verify `objectstg` below (where `file_store = '2'`) has count of all packages: ```shell gitlabhq_production=# SELECT count(*) AS total, sum(case when file_store = '1' then 1 else 0 end) AS filesystem, sum(case when file_store = '2' then 1 else 0 end) AS objectstg FROM packages_package_files; |