diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-31 03:07:51 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-31 03:07:51 +0000 |
commit | 83a3209c3f8e5bc055acf80f3440335d2b97133b (patch) | |
tree | 0bb8d48ee018534d319311358f7dab6549b752e1 /doc/administration | |
parent | f6e2f302412fcb32b644b379778964791789cb62 (diff) | |
download | gitlab-ce-83a3209c3f8e5bc055acf80f3440335d2b97133b.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/administration')
16 files changed, 127 insertions, 168 deletions
diff --git a/doc/administration/geo/replication/troubleshooting.md b/doc/administration/geo/replication/troubleshooting.md index 3008cea365c..606e041c956 100644 --- a/doc/administration/geo/replication/troubleshooting.md +++ b/doc/administration/geo/replication/troubleshooting.md @@ -355,6 +355,30 @@ sudo gitlab-ctl reconfigure To help us resolve this problem, consider commenting on [the issue](https://gitlab.com/gitlab-org/gitlab/issues/4489). +### Message: `LOG: invalid CIDR mask in address` + +This happens on wrongly-formatted addresses in `postgresql['md5_auth_cidr_addresses']`. + +```plaintext +2020-03-20_23:59:57.60499 LOG: invalid CIDR mask in address "***" +2020-03-20_23:59:57.60501 CONTEXT: line 74 of configuration file "/var/opt/gitlab/postgresql/data/pg_hba.conf" +``` + +To fix this, update the IP addresses in `/etc/gitlab/gitlab.rb` under `postgresql['md5_auth_cidr_addresses']` +to respect the CIDR format (i.e. `1.2.3.4/32`). + +### Message: `LOG: invalid IP mask "md5": Name or service not known` + +This happens when you have added IP addresses without a subnet mask in `postgresql['md5_auth_cidr_addresses']`. + +```plaintext +2020-03-21_00:23:01.97353 LOG: invalid IP mask "md5": Name or service not known +2020-03-21_00:23:01.97354 CONTEXT: line 75 of configuration file "/var/opt/gitlab/postgresql/data/pg_hba.conf" +``` + +To fix this, add the subnet mask in `/etc/gitlab/gitlab.rb` under `postgresql['md5_auth_cidr_addresses']` +to respect the CIDR format (i.e. `1.2.3.4/32`). + ### Very large repositories never successfully synchronize on the **secondary** node GitLab places a timeout on all repository clones, including project imports diff --git a/doc/administration/high_availability/pgbouncer.md b/doc/administration/high_availability/pgbouncer.md index 1195c736079..f0e76172a00 100644 --- a/doc/administration/high_availability/pgbouncer.md +++ b/doc/administration/high_availability/pgbouncer.md @@ -273,3 +273,11 @@ In case you are experiencing any issues connecting through PgBouncer, the first ``` Additionally, you can check the output from `show databases` in the [Administrative console](#administrative-console). In the output, you would expect to see values in the `host` field for the `gitlabhq_production` database. Additionally, `current_connections` should be greater than 1. + +### Message: `LOG: invalid CIDR mask in address` + +See the suggested fix [in Geo documentation](../geo/replication/troubleshooting.md#message-log--invalid-cidr-mask-in-address). + +### Message: `LOG: invalid IP mask "md5": Name or service not known` + +See the suggested fix [in Geo documentation](../geo/replication/troubleshooting.md#message-log--invalid-ip-mask-md5-name-or-service-not-known). diff --git a/doc/administration/job_artifacts.md b/doc/administration/job_artifacts.md index 6f927d8f920..cc1d744d73b 100644 --- a/doc/administration/job_artifacts.md +++ b/doc/administration/job_artifacts.md @@ -21,7 +21,7 @@ To disable artifacts site-wide, follow the steps below. gitlab_rails['artifacts_enabled'] = false ``` -1. Save the file and [reconfigure GitLab][] for the changes to take effect. +1. Save the file and [reconfigure GitLab](restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. **In installations from source:** @@ -32,7 +32,7 @@ To disable artifacts site-wide, follow the steps below. enabled: false ``` -1. Save the file and [restart GitLab][] for the changes to take effect. +1. Save the file and [restart GitLab](restart_gitlab.md#installations-from-source) for the changes to take effect. ## Storing job artifacts @@ -57,7 +57,7 @@ _The artifacts are stored by default in gitlab_rails['artifacts_path'] = "/mnt/storage/artifacts" ``` -1. Save the file and [reconfigure GitLab][] for the changes to take effect. +1. Save the file and [reconfigure GitLab](restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. **In installations from source:** @@ -73,7 +73,7 @@ _The artifacts are stored by default in path: /mnt/storage/artifacts ``` -1. Save the file and [restart GitLab][] for the changes to take effect. +1. Save the file and [restart GitLab](restart_gitlab.md#installations-from-source) for the changes to take effect. ### Using object storage @@ -153,7 +153,7 @@ _The artifacts are stored by default in } ``` -1. Save the file and [reconfigure GitLab][] for the changes to take effect. +1. Save the file and [reconfigure GitLab](restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. 1. Migrate any existing local artifacts to the object storage: ```shell @@ -186,7 +186,7 @@ _The artifacts are stored by default in region: eu-central-1 ``` -1. Save the file and [restart GitLab][] for the changes to take effect. +1. Save the file and [restart GitLab](restart_gitlab.md#installations-from-source) for the changes to take effect. 1. Migrate any existing local artifacts to the object storage: ```shell @@ -205,13 +205,13 @@ by the `gitlab:artifacts:migrate` script. In order to migrate back to local storage: 1. Set both `direct_upload` and `background_upload` to false in `gitlab.rb`, under the artifacts object storage settings. -1. [reconfigure GitLab][]. +1. [Reconfigure GitLab](restart_gitlab.md#omnibus-gitlab-reconfigure). 1. Run `gitlab-rake gitlab:artifacts:migrate_to_local`. 1. Disable object_storage for artifacts in `gitlab.rb`: - Set `gitlab_rails['artifacts_object_store_enabled'] = false`. - Comment out all other `artifacts_object_store` settings, including the entire `artifacts_object_store_connection` section, including the closing `}`. -1. [reconfigure GitLab][]. +1. [Reconfigure GitLab](restart_gitlab.md#omnibus-gitlab-reconfigure). ## Expiring artifacts @@ -231,7 +231,7 @@ steps below. gitlab_rails['expire_build_artifacts_worker_cron'] = "50 * * * *" ``` -1. Save the file and [reconfigure GitLab][] for the changes to take effect. +1. Save the file and [reconfigure GitLab](restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. **In installations from source:** @@ -243,7 +243,7 @@ steps below. cron: "50 * * * *" ``` -1. Save the file and [restart GitLab][] for the changes to take effect. +1. Save the file and [restart GitLab](restart_gitlab.md#installations-from-source) for the changes to take effect. ## Validation for dependencies @@ -295,7 +295,7 @@ and [projects APIs](../api/projects.md). ## Implementation details When GitLab receives an artifacts archive, an archive metadata file is also -generated by [GitLab Workhorse]. This metadata file describes all the entries +generated by [GitLab Workhorse](https://gitlab.com/gitlab-org/gitlab-workhorse). This metadata file describes all the entries that are located in the artifacts archive itself. The metadata file is in a binary format, with additional GZIP compression. @@ -304,14 +304,10 @@ and disk I/O. It instead inspects the metadata file which contains all the relevant information. This is especially important when there is a lot of artifacts, or an archive is a very large file. -When clicking on a specific file, [GitLab Workhorse] extracts it +When clicking on a specific file, [GitLab Workhorse](https://gitlab.com/gitlab-org/gitlab-workhorse) extracts it from the archive and the download begins. This implementation saves space, memory and disk I/O. -[reconfigure gitlab]: restart_gitlab.md#omnibus-gitlab-reconfigure "How to reconfigure Omnibus GitLab" -[restart gitlab]: restart_gitlab.md#installations-from-source "How to restart GitLab" -[gitlab workhorse]: https://gitlab.com/gitlab-org/gitlab-workhorse "GitLab Workhorse repository" - ## Troubleshooting ### Job artifacts using too much disk space diff --git a/doc/administration/monitoring/github_imports.md b/doc/administration/monitoring/github_imports.md index c732730e869..6d5915930b2 100644 --- a/doc/administration/monitoring/github_imports.md +++ b/doc/administration/monitoring/github_imports.md @@ -1,7 +1,7 @@ # Monitoring GitHub imports >**Note:** -Available since [GitLab 10.2][14731]. +Available since [GitLab 10.2](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/14731). The GitHub importer exposes various Prometheus metrics that you can use to monitor the health and progress of the importer. @@ -97,5 +97,3 @@ The name of the project is stored in the `project` label in the format This metric tracks the number of imported repositories across all projects. This metric does not expose any labels. - -[14731]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/14731 diff --git a/doc/administration/monitoring/ip_whitelist.md b/doc/administration/monitoring/ip_whitelist.md index 700bcc978e0..1b0ea1744d9 100644 --- a/doc/administration/monitoring/ip_whitelist.md +++ b/doc/administration/monitoring/ip_whitelist.md @@ -5,8 +5,8 @@ NOTE: **Note:** We intend to [rename IP whitelist as `IP allowlist`](https://gitlab.com/gitlab-org/gitlab/-/issues/7554). -GitLab provides some [monitoring endpoints] that provide health check information -when probed. +GitLab provides some [monitoring endpoints](../../user/admin_area/monitoring/health_check.md) +that provide health check information when probed. To control access to those endpoints via IP whitelisting, you can add single hosts or use IP ranges: @@ -19,7 +19,7 @@ hosts or use IP ranges: gitlab_rails['monitoring_whitelist'] = ['127.0.0.0/8', '192.168.0.1'] ``` -1. Save the file and [reconfigure] GitLab for the changes to take effect. +1. Save the file and [reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab for the changes to take effect. --- @@ -35,8 +35,4 @@ hosts or use IP ranges: - 192.168.0.1 ``` -1. Save the file and [restart] GitLab for the changes to take effect. - -[reconfigure]: ../restart_gitlab.md#omnibus-gitlab-reconfigure -[restart]: ../restart_gitlab.md#installations-from-source -[monitoring endpoints]: ../../user/admin_area/monitoring/health_check.md +1. Save the file and [restart](../restart_gitlab.md#installations-from-source) GitLab for the changes to take effect. diff --git a/doc/administration/monitoring/performance/grafana_configuration.md b/doc/administration/monitoring/performance/grafana_configuration.md index 3b7cd8950ec..3c26e399c7f 100644 --- a/doc/administration/monitoring/performance/grafana_configuration.md +++ b/doc/administration/monitoring/performance/grafana_configuration.md @@ -80,7 +80,7 @@ For more information see the [InfluxDB Management README](https://gitlab.com/git You can now import a set of default dashboards that will give you a good start on displaying useful information. GitLab has published a set of default -[Grafana dashboards][grafana-dashboards] to get you started. Clone the +[Grafana dashboards](https://gitlab.com/gitlab-org/grafana-dashboards) to get you started. Clone the repository or download a zip/tarball, then follow these steps to import each JSON file. @@ -102,11 +102,9 @@ navigate away. Repeat this process for each dashboard you wish to import. Alternatively you can automatically import all the dashboards into your Grafana -instance. See the README of the [Grafana dashboards][grafana-dashboards] +instance. See the README of the [Grafana dashboards](https://gitlab.com/gitlab-org/grafana-dashboards) repository for more information on this process. -[grafana-dashboards]: https://gitlab.com/gitlab-org/grafana-dashboards - ## Integration with GitLab UI > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/61005) in GitLab 12.1. diff --git a/doc/administration/monitoring/performance/index.md b/doc/administration/monitoring/performance/index.md index 6569f6a8c6d..3305ea33f2e 100644 --- a/doc/administration/monitoring/performance/index.md +++ b/doc/administration/monitoring/performance/index.md @@ -36,7 +36,8 @@ including (but not limited to): - Ruby garbage collection statistics. Metrics data is written to [InfluxDB](https://www.influxdata.com/products/influxdb-overview/) -over [UDP][influxdb-udp]. Stored data can be visualized using [Grafana](https://grafana.com) or any other application that +over [UDP](https://docs.influxdata.com/influxdb/v0.9/write_protocols/udp/). +Stored data can be visualized using [Grafana](https://grafana.com) or any other application that supports reading data from InfluxDB. Alternatively data can be queried using the InfluxDB CLI. @@ -70,5 +71,3 @@ half above the interval. For example, for a user defined interval of 15 seconds the actual interval can be anywhere between 7.5 and 22.5. The interval is re-generated for every sampling run instead of being generated once and re-used for the duration of the process' lifetime. - -[influxdb-udp]: https://docs.influxdata.com/influxdb/v0.9/write_protocols/udp/ diff --git a/doc/administration/monitoring/performance/influxdb_configuration.md b/doc/administration/monitoring/performance/influxdb_configuration.md index b81f0ce1506..8478272897b 100644 --- a/doc/administration/monitoring/performance/influxdb_configuration.md +++ b/doc/administration/monitoring/performance/influxdb_configuration.md @@ -4,10 +4,10 @@ CAUTION: **InfluxDB is deprecated in favor of Prometheus:** InfluxDB support is scheduled to be removed in GitLab 13.0. You are advised to use [Prometheus](../prometheus/index.md) instead. -The default settings provided by [InfluxDB] are not sufficient for a high traffic -GitLab environment. The settings discussed in this document are based on the -settings GitLab uses for GitLab.com, depending on your own needs you may need to -further adjust them. +The default settings provided by [InfluxDB](https://www.influxdata.com/products/influxdb-overview/) +are not sufficient for a high traffic GitLab environment. The settings discussed in +this document are based on the settings GitLab uses for GitLab.com. Depending on +your own needs, you may need to further adjust them. If you are intending to run InfluxDB on the same server as GitLab, make sure you have plenty of RAM since InfluxDB can use quite a bit depending on traffic. @@ -23,12 +23,13 @@ Unless you are going with a budget setup, it's advised to run it separately. Note that the RAM and storage requirements can differ greatly depending on the amount of data received/stored. To limit the amount of stored data users can -look into [InfluxDB Retention Policies][influxdb-retention]. +look into +[InfluxDB Retention Policies](https://docs.influxdata.com/influxdb/v0.9/query_language/database_management/#retention-policy-management). ## Installation Installing InfluxDB is out of the scope of this document. Please refer to the -[InfluxDB documentation]. +[InfluxDB documentation](https://docs.influxdata.com/influxdb/v0.9/). ## InfluxDB Server Settings @@ -43,7 +44,8 @@ InfluxDB needs to be restarted. InfluxDB comes with different storage engines and as of InfluxDB 0.9.5 a new storage engine is available, called [TSM Tree](https://www.influxdata.com/blog/new-storage-engine-time-structured-merge-tree/). -All users **must** use the new `tsm1` storage engine as this [will be the default engine][tsm1-commit] in +All users **must** use the new `tsm1` storage engine as this +[will be the default engine](https://github.com/influxdata/influxdb/commit/15d723dc77651bac83e09e2b1c94be480966cb0d) in upcoming InfluxDB releases. Make sure you have the following in your configuration file: @@ -67,9 +69,9 @@ file: ### HTTP -HTTP is required when using the [InfluxDB CLI] or other tools such as Grafana, -thus it should be enabled. When enabling make sure to _also_ enable -authentication: +HTTP is required when using the [InfluxDB CLI](https://docs.influxdata.com/influxdb/v0.9/tools/shell/) +or other tools such as Grafana, thus it should be enabled. When enabling +make sure to _also_ enable authentication: ```toml [http] @@ -129,14 +131,15 @@ using _at least_ 100 MB. When enabling UDP, users should take care to not expose the port to the public, as doing so will allow anybody to write data into your InfluxDB database (as -[InfluxDB's UDP protocol][udp] doesn't support authentication). We recommend either +[InfluxDB's UDP protocol](https://docs.influxdata.com/influxdb/v0.9/write_protocols/udp/) +doesn't support authentication). We recommend either whitelisting the allowed IP addresses/ranges, or setting up a VLAN and only allowing traffic from members of said VLAN. ## Create a new admin user If you want to [enable authentication](#http), you might want to [create an -admin user][influx-admin]: +admin user](https://docs.influxdata.com/influxdb/v0.9/administration/authentication_and_authorization/#create-a-new-admin-user): ```shell influx -execute "CREATE USER jeff WITH PASSWORD '1234' WITH ALL PRIVILEGES" @@ -186,11 +189,3 @@ Read more on: - [GitLab Configuration](gitlab_configuration.md) - [InfluxDB Schema](influxdb_schema.md) - [Grafana Install/Configuration](grafana_configuration.md) - -[influxdb-retention]: https://docs.influxdata.com/influxdb/v0.9/query_language/database_management/#retention-policy-management -[influxdb documentation]: https://docs.influxdata.com/influxdb/v0.9/ -[influxdb cli]: https://docs.influxdata.com/influxdb/v0.9/tools/shell/ -[udp]: https://docs.influxdata.com/influxdb/v0.9/write_protocols/udp/ -[influxdb]: https://www.influxdata.com/products/influxdb-overview/ -[tsm1-commit]: https://github.com/influxdata/influxdb/commit/15d723dc77651bac83e09e2b1c94be480966cb0d -[influx-admin]: https://docs.influxdata.com/influxdb/v0.9/administration/authentication_and_authorization/#create-a-new-admin-user diff --git a/doc/administration/monitoring/performance/performance_bar.md b/doc/administration/monitoring/performance/performance_bar.md index 13474e2a183..89246bc9782 100644 --- a/doc/administration/monitoring/performance/performance_bar.md +++ b/doc/administration/monitoring/performance/performance_bar.md @@ -10,9 +10,9 @@ It allows you to see (from left to right): - the current host serving the page - time taken and number of DB queries; click through for details of these queries ![SQL profiling using the Performance Bar](img/performance_bar_sql_queries.png) -- time taken and number of [Gitaly] calls; click through for details of these calls +- time taken and number of [Gitaly](../../gitaly/index.md) calls; click through for details of these calls ![Gitaly profiling using the Performance Bar](img/performance_bar_gitaly_calls.png) -- time taken and number of [Rugged] calls; click through for details of these calls +- time taken and number of [Rugged](../../high_availability/nfs.md#improving-nfs-performance-with-gitlab) calls; click through for details of these calls ![Rugged profiling using the Performance Bar](img/performance_bar_rugged_calls.png) - time taken and number of Redis calls; click through for details of these calls ![Redis profiling using the Performance Bar](img/performance_bar_redis_calls.png) @@ -68,6 +68,3 @@ display it. You can toggle the Bar using the same shortcut. ![GitLab Performance Bar Admin Settings](img/performance_bar_configuration_settings.png) - -[Gitaly]: ../../gitaly/index.md -[Rugged]: ../../high_availability/nfs.md#improving-nfs-performance-with-gitlab diff --git a/doc/administration/monitoring/prometheus/gitlab_metrics.md b/doc/administration/monitoring/prometheus/gitlab_metrics.md index 897f9592d84..11fda995955 100644 --- a/doc/administration/monitoring/prometheus/gitlab_metrics.md +++ b/doc/administration/monitoring/prometheus/gitlab_metrics.md @@ -170,7 +170,7 @@ Some basic Ruby runtime metrics are available: | Metric | Type | Since | Description | |:------------------------------------ |:--------- |:----- |:----------- | | `ruby_gc_duration_seconds` | Counter | 11.1 | Time spent by Ruby in GC | -| `ruby_gc_stat_...` | Gauge | 11.1 | Various metrics from [GC.stat] | +| `ruby_gc_stat_...` | Gauge | 11.1 | Various metrics from [GC.stat](https://ruby-doc.org/core-2.6.5/GC.html#method-c-stat) | | `ruby_file_descriptors` | Gauge | 11.1 | File descriptors per process | | `ruby_memory_bytes` | Gauge | 11.1 | Memory usage by process | | `ruby_sampler_duration_seconds` | Counter | 11.1 | Time spent collecting stats | @@ -179,8 +179,6 @@ Some basic Ruby runtime metrics are available: | `ruby_process_resident_memory_bytes` | Gauge | 12.0 | Memory usage by process | | `ruby_process_start_time_seconds` | Gauge | 12.0 | UNIX timestamp of process start time | -[GC.stat]: https://ruby-doc.org/core-2.6.5/GC.html#method-c-stat - ## Unicorn Metrics Unicorn specific metrics, when Unicorn is used. diff --git a/doc/administration/monitoring/prometheus/index.md b/doc/administration/monitoring/prometheus/index.md index da368327c5e..03d86012cc7 100644 --- a/doc/administration/monitoring/prometheus/index.md +++ b/doc/administration/monitoring/prometheus/index.md @@ -10,7 +10,7 @@ > - Prometheus and its exporters don't authenticate users, and will be available > to anyone who can access them. -[Prometheus] is a powerful time-series monitoring service, providing a flexible +[Prometheus](https://prometheus.io) is a powerful time-series monitoring service, providing a flexible platform for monitoring GitLab and other software products. GitLab provides out of the box monitoring with Prometheus, providing easy access to high quality time-series monitoring of GitLab services. @@ -43,13 +43,13 @@ To disable Prometheus and all of its exporters, as well as any added in the futu prometheus_monitoring['enable'] = false ``` -1. Save the file and [reconfigure GitLab][reconfigure] for the changes to +1. Save the file and [reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. ### Changing the port and address Prometheus listens on NOTE: **Note:** -The following change was added in [GitLab Omnibus 8.17][1261]. Although possible, +The following change was added in [GitLab Omnibus 8.17](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1261). Although possible, it's not recommended to change the port Prometheus listens on, as this might affect or conflict with other services running on the GitLab server. Proceed at your own risk. @@ -75,7 +75,7 @@ To change the address/port that Prometheus listens on: prometheus['listen_address'] = '0.0.0.0:9090' ``` -1. Save the file and [reconfigure GitLab][reconfigure] for the changes to +1. Save the file and [reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect ### Adding custom scrape configs @@ -151,7 +151,7 @@ To use an external Prometheus server: } ``` -1. [Reconfigure GitLab][reconfigure] to apply the changes. +1. [Reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) to apply the changes. 1. Edit the Prometheus server's configuration file. 1. Add each node's exporters to the Prometheus server's [scrape target configuration](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#%3Cscrape_config%3E). @@ -217,17 +217,17 @@ You can visit `http://localhost:9090` for the dashboard that Prometheus offers b >**Note:** If SSL has been enabled on your GitLab instance, you may not be able to access -Prometheus on the same browser as GitLab if using the same FQDN due to [HSTS][hsts]. We plan to -[provide access via GitLab][multi-user-prometheus], but in the interim there are +Prometheus on the same browser as GitLab if using the same FQDN due to [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). We plan to +[provide access via GitLab](https://gitlab.com/gitlab-org/multi-user-prometheus), but in the interim there are some workarounds: using a separate FQDN, using server IP, using a separate browser for Prometheus, resetting HSTS, or -having [NGINX proxy it][nginx-custom-config]. +having [NGINX proxy it](https://docs.gitlab.com/omnibus/settings/nginx.html#inserting-custom-nginx-settings-into-the-gitlab-server-block). The performance data collected by Prometheus can be viewed directly in the Prometheus console, or through a compatible dashboard tool. The Prometheus interface provides a [flexible query language](https://prometheus.io/docs/prometheus/latest/querying/basics/) to work with the collected data where you can visualize the output. For a more fully featured dashboard, Grafana can be used and has -[official support for Prometheus][prom-grafana]. +[official support for Prometheus](https://prometheus.io/docs/visualization/grafana/). Sample Prometheus queries: @@ -305,7 +305,7 @@ The GitLab exporter allows you to measure various GitLab metrics, pulled from Re > - Introduced in GitLab 9.0. > - Pod monitoring introduced in GitLab 9.4. -If your GitLab server is running within Kubernetes, Prometheus will collect metrics from the Nodes and [annotated Pods](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config) in the cluster, including performance data on each container. This is particularly helpful if your CI/CD environments run in the same cluster, as you can use the [Prometheus project integration][prometheus integration] to monitor them. +If your GitLab server is running within Kubernetes, Prometheus will collect metrics from the Nodes and [annotated Pods](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config) in the cluster, including performance data on each container. This is particularly helpful if your CI/CD environments run in the same cluster, as you can use the [Prometheus project integration](../../../user/project/integrations/prometheus.md) to monitor them. To disable the monitoring of Kubernetes: @@ -316,14 +316,5 @@ To disable the monitoring of Kubernetes: prometheus['monitor_kubernetes'] = false ``` -1. Save the file and [reconfigure GitLab][reconfigure] for the changes to +1. Save the file and [reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. - -[hsts]: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security -[multi-user-prometheus]: https://gitlab.com/gitlab-org/multi-user-prometheus -[nginx-custom-config]: https://docs.gitlab.com/omnibus/settings/nginx.html#inserting-custom-nginx-settings-into-the-gitlab-server-block -[prometheus]: https://prometheus.io -[prom-grafana]: https://prometheus.io/docs/visualization/grafana/ -[reconfigure]: ../../restart_gitlab.md#omnibus-gitlab-reconfigure -[1261]: https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1261 -[prometheus integration]: ../../../user/project/integrations/prometheus.md diff --git a/doc/administration/monitoring/prometheus/node_exporter.md b/doc/administration/monitoring/prometheus/node_exporter.md index bcacfaa3be5..d75b04f1ccd 100644 --- a/doc/administration/monitoring/prometheus/node_exporter.md +++ b/doc/administration/monitoring/prometheus/node_exporter.md @@ -4,8 +4,8 @@ Available since Omnibus GitLab 8.16. For installations from source you'll have to install and configure it yourself. -The [node exporter] allows you to measure various machine resources such as -memory, disk and CPU utilization. +The [node exporter](https://github.com/prometheus/node_exporter) allows you to measure +various machine resources such as memory, disk and CPU utilization. To enable the node exporter: @@ -17,14 +17,10 @@ To enable the node exporter: node_exporter['enable'] = true ``` -1. Save the file and [reconfigure GitLab][reconfigure] for the changes to - take effect +1. Save the file and [reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) + for the changes to take effect Prometheus will now automatically begin collecting performance data from the node exporter exposed under `localhost:9100`. [← Back to the main Prometheus page](index.md) - -[node exporter]: https://github.com/prometheus/node_exporter -[prometheus]: https://prometheus.io -[reconfigure]: ../../restart_gitlab.md#omnibus-gitlab-reconfigure diff --git a/doc/administration/monitoring/prometheus/pgbouncer_exporter.md b/doc/administration/monitoring/prometheus/pgbouncer_exporter.md index ba7fc74f269..ba8e464efcb 100644 --- a/doc/administration/monitoring/prometheus/pgbouncer_exporter.md +++ b/doc/administration/monitoring/prometheus/pgbouncer_exporter.md @@ -1,10 +1,10 @@ # PgBouncer exporter >**Note:** -Available since [Omnibus GitLab 11.0][2493]. For installations from source -you'll have to install and configure it yourself. +Available since [Omnibus GitLab 11.0](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/2493). +For installations from source you'll have to install and configure it yourself. -The [PgBouncer exporter] allows you to measure various PgBouncer metrics. +The [PgBouncer exporter](https://github.com/stanhu/pgbouncer_exporter) allows you to measure various PgBouncer metrics. To enable the PgBouncer exporter: @@ -16,19 +16,13 @@ To enable the PgBouncer exporter: pgbouncer_exporter['enable'] = true ``` -1. Save the file and [reconfigure GitLab][reconfigure] for the changes to +1. Save the file and [reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. Prometheus will now automatically begin collecting performance data from the PgBouncer exporter exposed under `localhost:9188`. -The PgBouncer exporter will also be enabled by default if the [`pgbouncer_role`][postgres roles] +The PgBouncer exporter will also be enabled by default if the [`pgbouncer_role`](https://docs.gitlab.com/omnibus/roles/#postgres-roles) role is enabled. [← Back to the main Prometheus page](index.md) - -[2493]: https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/2493 -[PgBouncer exporter]: https://github.com/stanhu/pgbouncer_exporter -[postgres roles]: https://docs.gitlab.com/omnibus/roles/#postgres-roles -[prometheus]: https://prometheus.io -[reconfigure]: ../../restart_gitlab.md#omnibus-gitlab-reconfigure diff --git a/doc/administration/monitoring/prometheus/redis_exporter.md b/doc/administration/monitoring/prometheus/redis_exporter.md index 177ecc329ba..76f4add0c1b 100644 --- a/doc/administration/monitoring/prometheus/redis_exporter.md +++ b/doc/administration/monitoring/prometheus/redis_exporter.md @@ -1,11 +1,12 @@ # Redis exporter >**Note:** -Available since [Omnibus GitLab 8.17][1118]. For installations from source -you'll have to install and configure it yourself. +Available since [Omnibus GitLab 8.17](https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1118). +For installations from source you'll have to install and configure it yourself. -The [Redis exporter] allows you to measure various [Redis] metrics. For more -information on what's exported [read the upstream documentation][redis-exp]. +The [Redis exporter](https://github.com/oliver006/redis_exporter) allows you to measure +various [Redis](https://redis.io) metrics. For more information on what's exported, +[read the upstream documentation](https://github.com/oliver006/redis_exporter/blob/master/README.md#whats-exported). To enable the Redis exporter: @@ -17,17 +18,10 @@ To enable the Redis exporter: redis_exporter['enable'] = true ``` -1. Save the file and [reconfigure GitLab][reconfigure] for the changes to - take effect +1. Save the file and [reconfigure GitLab](../../restart_gitlab.md#omnibus-gitlab-reconfigure) + for the changes to take effect. Prometheus will now automatically begin collecting performance data from the Redis exporter exposed under `localhost:9121`. [← Back to the main Prometheus page](index.md) - -[1118]: https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/1118 -[redis]: https://redis.io -[redis exporter]: https://github.com/oliver006/redis_exporter -[redis-exp]: https://github.com/oliver006/redis_exporter/blob/master/README.md#whats-exported -[prometheus]: https://prometheus.io -[reconfigure]: ../../restart_gitlab.md#omnibus-gitlab-reconfigure diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index ad0a828afa0..84133205bd3 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -4,14 +4,14 @@ description: 'Learn how to administer GitLab Pages.' # GitLab Pages administration -> - [Introduced][ee-80] in GitLab EE 8.3. -> - Custom CNAMEs with TLS support were [introduced][ee-173] in GitLab EE 8.5. -> - GitLab Pages [was ported][ce-14605] to Community Edition in GitLab 8.17. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/80) in GitLab EE 8.3. +> - Custom CNAMEs with TLS support were [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/173) in GitLab EE 8.5. +> - GitLab Pages [was ported](https://gitlab.com/gitlab-org/gitlab-foss/issues/14605) to Community Edition in GitLab 8.17. > - Support for subgroup project's websites was > [introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/30548) in GitLab 11.8. GitLab Pages allows for hosting of static sites. It must be configured by an -administrator. Separate [user documentation][pages-userguide] is available. +administrator. Separate [user documentation](../../user/project/pages/index.md) is available. NOTE: **Note:** This guide is for Omnibus GitLab installations. If you have installed @@ -20,11 +20,11 @@ GitLab from source, see ## Overview -GitLab Pages makes use of the [GitLab Pages daemon], a simple HTTP server +GitLab Pages makes use of the [GitLab Pages daemon](https://gitlab.com/gitlab-org/gitlab-pages), a simple HTTP server written in Go that can listen on an external IP address and provide support for custom domains and custom certificates. It supports dynamic certificates through SNI and exposes pages using HTTP2 by default. -You are encouraged to read its [README][pages-readme] to fully understand how +You are encouraged to read its [README](https://gitlab.com/gitlab-org/gitlab-pages/blob/master/README.md) to fully understand how it works. In the case of [custom domains](#custom-domains) (but not @@ -124,9 +124,9 @@ The Pages daemon doesn't listen to the outside world. pages_external_url 'http://example.io' ``` -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). -Watch the [video tutorial][video-admin] for this configuration. +Watch the [video tutorial](https://youtu.be/dD8c7WNcc6s) for this configuration. ### Wildcard domains with TLS support @@ -156,7 +156,7 @@ outside world. where `pages-nginx.crt` and `pages-nginx.key` are the SSL cert and key, respectively. -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). ### Additional configuration for Docker container @@ -171,7 +171,7 @@ behavior: gitlab_pages['inplace_chroot'] = true ``` -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). NOTE: **Note:** `inplace_chroot` option might not work with the other features, such as [Pages Access Control](#access-control). @@ -213,7 +213,7 @@ world. Custom domains are supported, but no TLS. `192.0.2.2` and `2001::2` are the secondary IPs the GitLab Pages daemon listens on. If you don't have IPv6, you can omit the IPv6 address. -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). ### Custom domains with TLS support @@ -247,7 +247,7 @@ world. Custom domains and TLS are supported. `192.0.2.2` and `2001::2` are the secondary IPs where the GitLab Pages daemon listens on. If you don't have IPv6, you can omit the IPv6 address. -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). ### Custom domain verification @@ -304,7 +304,7 @@ Pages access control is disabled by default. To enable it: gitlab_pages['access_control'] = true ``` -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). 1. Users can now configure it in their [projects' settings](../../user/project/pages/pages_access_control.md). #### Disabling public access to all Pages websites @@ -340,7 +340,7 @@ pages: gitlab_pages['http_proxy'] = 'http://example:8080' ``` -1. [Reconfigure GitLab][reconfigure] for the changes to take effect. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. ### Using a custom Certificate Authority (CA) @@ -389,7 +389,7 @@ Follow the steps below to configure verbose logging of GitLab Pages daemon. gitlab_pages['log_verbose'] = true ``` -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). ## Change storage path @@ -404,7 +404,7 @@ are stored. gitlab_rails['pages_path'] = "/mnt/storage/pages" ``` -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). ## Configure listener for reverse proxy requests @@ -427,7 +427,7 @@ Omnibus GitLab 11.1. gitlab_pages['listen_proxy'] = "localhost:10080" ``` -1. [Reconfigure GitLab][reconfigure]. +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). ## Set maximum pages size @@ -559,7 +559,7 @@ then you must use the following procedure to configure [access control](#access- ## Backup -GitLab Pages are part of the [regular backup][backup], so there is no separate backup to configure. +GitLab Pages are part of the [regular backup](../../raketasks/backup_restore.md), so there is no separate backup to configure. ## Security @@ -610,16 +610,3 @@ The fix is to correct the source file permissions and restart Pages: sudo chmod 644 /opt/gitlab/embedded/ssl/certs/cacert.pem sudo gitlab-ctl restart gitlab-pages ``` - -[backup]: ../../raketasks/backup_restore.md -[ce-14605]: https://gitlab.com/gitlab-org/gitlab-foss/issues/14605 -[ee-80]: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/80 -[ee-173]: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/173 -[gitlab pages daemon]: https://gitlab.com/gitlab-org/gitlab-pages -[NGINX configs]: https://gitlab.com/gitlab-org/gitlab/tree/8-5-stable-ee/lib/support/nginx -[pages-readme]: https://gitlab.com/gitlab-org/gitlab-pages/blob/master/README.md -[pages-userguide]: ../../user/project/pages/index.md -[reconfigure]: ../restart_gitlab.md#omnibus-gitlab-reconfigure -[restart]: ../restart_gitlab.md#installations-from-source -[gitlab-pages]: https://gitlab.com/gitlab-org/gitlab-pages/tree/v0.2.4 -[video-admin]: https://youtu.be/dD8c7WNcc6s diff --git a/doc/administration/pages/source.md b/doc/administration/pages/source.md index 87f0afeca12..94d2c5420aa 100644 --- a/doc/administration/pages/source.md +++ b/doc/administration/pages/source.md @@ -17,12 +17,12 @@ Pages to the latest supported version. ## Overview -GitLab Pages makes use of the [GitLab Pages daemon], a simple HTTP server +GitLab Pages makes use of the [GitLab Pages daemon](https://gitlab.com/gitlab-org/gitlab-pages), a simple HTTP server written in Go that can listen on an external IP address and provide support for custom domains and custom certificates. It supports dynamic certificates through SNI and exposes pages using HTTP2 by default. -You are encouraged to read its [README][pages-readme] to fully understand how -it works. +You are encouraged to read its [README](https://gitlab.com/gitlab-org/gitlab-pages/blob/master/README.md) +to fully understand how it works. In the case of [custom domains](#custom-domains) (but not [wildcard domains](#wildcard-domains)), the Pages daemon needs to listen on @@ -55,7 +55,7 @@ Before proceeding with the Pages configuration, make sure that: Pages artifacts. 1. (Optional) You have a **wildcard certificate** for the Pages domain if you decide to serve Pages (`*.example.io`) under HTTPS. -1. (Optional but recommended) You have configured and enabled the [Shared Runners][] +1. (Optional but recommended) You have configured and enabled the [Shared Runners](../../ci/runners/README.md) so that your users don't have to bring their own. ### DNS configuration @@ -144,7 +144,7 @@ The Pages daemon doesn't listen to the outside world. ``` 1. Restart NGINX -1. [Restart GitLab][restart] +1. [Restart GitLab](../restart_gitlab.md#installations-from-source) ### Wildcard domains with TLS support @@ -201,7 +201,7 @@ outside world. ``` 1. Restart NGINX -1. [Restart GitLab][restart] +1. [Restart GitLab](../restart_gitlab.md#installations-from-source) ## Advanced configuration @@ -272,7 +272,7 @@ world. Custom domains are supported, but no TLS. `0.0.0.0` with `192.0.2.1`, where `192.0.2.1` the primary IP where GitLab listens to. 1. Restart NGINX -1. [Restart GitLab][restart] +1. [Restart GitLab](../restart_gitlab.md#installations-from-source) ### Custom domains with TLS support @@ -341,7 +341,7 @@ world. Custom domains and TLS are supported. `0.0.0.0` with `192.0.2.1`, where `192.0.2.1` the primary IP where GitLab listens to. 1. Restart NGINX -1. [Restart GitLab][restart] +1. [Restart GitLab](../restart_gitlab.md#installations-from-source) ## NGINX caveats @@ -402,7 +402,7 @@ Pages access control is disabled by default. To enable it: access_control: true ``` -1. [Restart GitLab][restart]. +1. [Restart GitLab](../restart_gitlab.md#installations-from-source). 1. Create a new [system OAuth application](../../integration/oauth_provider.md#adding-an-application-through-the-profile). This should be called `GitLab Pages` and have a `Redirect URL` of `https://projects.example.io/auth`. It does not need to be a "trusted" @@ -435,7 +435,7 @@ are stored. path: /mnt/storage/pages ``` -1. [Restart GitLab][restart] +1. [Restart GitLab](../restart_gitlab.md#installations-from-source) ## Set maximum Pages size @@ -445,21 +445,9 @@ The default is 100MB. ## Backup -Pages are part of the [regular backup][backup] so there is nothing to configure. +Pages are part of the [regular backup](../../raketasks/backup_restore.md) so there is nothing to configure. ## Security You should strongly consider running GitLab Pages under a different hostname than GitLab to prevent XSS attacks. - -[backup]: ../../raketasks/backup_restore.md -[ee-80]: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/80 -[ee-173]: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/173 -[gitlab pages daemon]: https://gitlab.com/gitlab-org/gitlab-pages -[NGINX configs]: https://gitlab.com/gitlab-org/gitlab/tree/8-5-stable-ee/lib/support/nginx -[pages-readme]: https://gitlab.com/gitlab-org/gitlab-pages/blob/master/README.md -[pages-userguide]: ../../user/project/pages/index.md -[restart]: ../restart_gitlab.md#installations-from-source -[gitlab-pages]: https://gitlab.com/gitlab-org/gitlab-pages/tree/v0.4.0 -[gl-example]: https://gitlab.com/gitlab-org/gitlab/blob/master/lib/support/init.d/gitlab.default.example -[shared runners]: ../../ci/runners/README.md |