diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-01 03:05:57 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-01 03:05:57 +0000 |
| commit | ec60358d52be0dc99f52db94dc95209f1486eac9 (patch) | |
| tree | ae697a01f32bf46443fcdbdefe9873caf62a18b3 /doc/administration | |
| parent | b38cf7ccdf8b7ca90bce587a1bf4765631733017 (diff) | |
| download | gitlab-ce-ec60358d52be0dc99f52db94dc95209f1486eac9.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/administration')
| -rw-r--r-- | doc/administration/index.md | 4 | ||||
| -rw-r--r-- | doc/administration/job_artifacts.md | 2 | ||||
| -rw-r--r-- | doc/administration/pages/index.md | 12 | ||||
| -rw-r--r-- | doc/administration/pages/source.md | 22 | ||||
| -rw-r--r-- | doc/administration/repository_storage_types.md | 2 | ||||
| -rw-r--r-- | doc/administration/smime_signing_email.md | 2 | ||||
| -rw-r--r-- | doc/administration/troubleshooting/debug.md | 14 | ||||
| -rw-r--r-- | doc/administration/troubleshooting/elasticsearch.md | 126 | ||||
| -rw-r--r-- | doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md | 8 | ||||
| -rw-r--r-- | doc/administration/troubleshooting/kubernetes_cheat_sheet.md | 16 | ||||
| -rw-r--r-- | doc/administration/troubleshooting/sidekiq.md | 2 | ||||
| -rw-r--r-- | doc/administration/troubleshooting/test_environments.md | 6 |
12 files changed, 108 insertions, 108 deletions
diff --git a/doc/administration/index.md b/doc/administration/index.md index 6d40039026d..db9ea71ac1f 100644 --- a/doc/administration/index.md +++ b/doc/administration/index.md @@ -193,7 +193,7 @@ Learn how to install, configure, update, and maintain your GitLab instance. - [Debugging tips](troubleshooting/debug.md): Tips to debug problems when things go wrong - [Log system](logs.md): Where to look for logs. - [Sidekiq Troubleshooting](troubleshooting/sidekiq.md): Debug when Sidekiq appears hung and is not processing jobs. -- [Troubleshooting ElasticSearch](troubleshooting/elasticsearch.md) +- [Troubleshooting Elasticsearch](troubleshooting/elasticsearch.md) ### Support Team Docs @@ -213,7 +213,7 @@ who are aware of the risks. - [Useful Linux commands](troubleshooting/linux_cheat_sheet.md) - [Troubleshooting Kubernetes](troubleshooting/kubernetes_cheat_sheet.md) - [Guide to test environments](troubleshooting/test_environments.md) (for Support Engineers) -- [GitLab rails console commands](troubleshooting/gitlab_rails_cheat_sheet.md) (for Support Engineers) +- [GitLab Rails console commands](troubleshooting/gitlab_rails_cheat_sheet.md) (for Support Engineers) - Useful links: - [GitLab Developer Docs](../development/README.md) - [Repairing and recovering broken Git repositories](https://git.seveas.net/repairing-and-recovering-broken-git-repositories.html) diff --git a/doc/administration/job_artifacts.md b/doc/administration/job_artifacts.md index 1ab37824694..63439015856 100644 --- a/doc/administration/job_artifacts.md +++ b/doc/administration/job_artifacts.md @@ -118,7 +118,7 @@ The connection settings match those provided by [Fog](https://github.com/fog), a | `enable_signature_v4_streaming` | Set to true to enable HTTP chunked transfers with [AWS v4 signatures](https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html). Oracle Cloud S3 needs this to be false | true | | `region` | AWS region | us-east-1 | | `host` | S3 compatible host for when not using AWS, e.g. `localhost` or `storage.example.com` | s3.amazonaws.com | -| `endpoint` | Can be used when configuring an S3 compatible service such as [Minio](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) | +| `endpoint` | Can be used when configuring an S3 compatible service such as [MinIO](https://www.minio.io), by entering a URL such as `http://127.0.0.1:9000` | (optional) | | `path_style` | Set to true to use `host/bucket_name/object` style paths instead of `bucket_name.host/object`. Leave as false for AWS S3 | false | | `use_iam_profile` | Set to true to use IAM profile instead of access keys | false diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index 8cce6dbcb97..8d35262b45e 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -115,7 +115,7 @@ since that is needed in all configurations. URL scheme: `http://page.example.io` This is the minimum setup that you can use Pages with. It is the base for all -other setups as described below. Nginx will proxy all requests to the daemon. +other setups as described below. NGINX will proxy all requests to the daemon. The Pages daemon doesn't listen to the outside world. 1. Set the external URL for GitLab Pages in `/etc/gitlab/gitlab.rb`: @@ -139,7 +139,7 @@ Watch the [video tutorial][video-admin] for this configuration. URL scheme: `https://page.example.io` -Nginx will proxy all requests to the daemon. Pages daemon doesn't listen to the +NGINX will proxy all requests to the daemon. Pages daemon doesn't listen to the outside world. 1. Place the certificate and key inside `/etc/gitlab/ssl` @@ -196,7 +196,7 @@ you have IPv6 as well as IPv4 addresses, you can use them both. URL scheme: `http://page.example.io` and `http://domain.com` -In that case, the Pages daemon is running, Nginx still proxies requests to +In that case, the Pages daemon is running, NGINX still proxies requests to the daemon but the daemon is also able to receive requests from the outside world. Custom domains are supported, but no TLS. @@ -227,7 +227,7 @@ world. Custom domains are supported, but no TLS. URL scheme: `https://page.example.io` and `https://domain.com` -In that case, the Pages daemon is running, Nginx still proxies requests to +In that case, the Pages daemon is running, NGINX still proxies requests to the daemon but the daemon is also able to receive requests from the outside world. Custom domains and TLS are supported. @@ -319,7 +319,7 @@ pages: gitlab_pages['http_proxy'] = 'http://example:8080' ``` -1. [Reconfigure Gitlab][reconfigure] for the changes to take effect. +1. [Reconfigure GitLab][reconfigure] for the changes to take effect. ## Activate verbose logging for daemon @@ -426,7 +426,7 @@ Pages are part of the [regular backup][backup] so there is nothing to configure. ## Security -You should strongly consider running GitLab pages under a different hostname +You should strongly consider running GitLab Pages under a different hostname than GitLab to prevent XSS attacks. [backup]: ../../raketasks/backup_restore.md diff --git a/doc/administration/pages/source.md b/doc/administration/pages/source.md index ad2a57e3241..08200f2b426 100644 --- a/doc/administration/pages/source.md +++ b/doc/administration/pages/source.md @@ -93,7 +93,7 @@ since that is needed in all configurations. URL scheme: `http://page.example.io` This is the minimum setup that you can use Pages with. It is the base for all -other setups as described below. Nginx will proxy all requests to the daemon. +other setups as described below. NGINX will proxy all requests to the daemon. The Pages daemon doesn't listen to the outside world. 1. Install the Pages daemon: @@ -136,7 +136,7 @@ The Pages daemon doesn't listen to the outside world. gitlab_pages_options="-pages-domain example.io -pages-root $app_root/shared/pages -listen-proxy 127.0.0.1:8090" ``` -1. Copy the `gitlab-pages` Nginx configuration file: +1. Copy the `gitlab-pages` NGINX configuration file: ```bash sudo cp lib/support/nginx/gitlab-pages /etc/nginx/sites-available/gitlab-pages.conf @@ -155,7 +155,7 @@ The Pages daemon doesn't listen to the outside world. URL scheme: `https://page.example.io` -Nginx will proxy all requests to the daemon. Pages daemon doesn't listen to the +NGINX will proxy all requests to the daemon. Pages daemon doesn't listen to the outside world. 1. Install the Pages daemon: @@ -193,7 +193,7 @@ outside world. gitlab_pages_options="-pages-domain example.io -pages-root $app_root/shared/pages -listen-proxy 127.0.0.1:8090 -root-cert /path/to/example.io.crt -root-key /path/to/example.io.key ``` -1. Copy the `gitlab-pages-ssl` Nginx configuration file: +1. Copy the `gitlab-pages-ssl` NGINX configuration file: ```bash sudo cp lib/support/nginx/gitlab-pages-ssl /etc/nginx/sites-available/gitlab-pages-ssl.conf @@ -219,7 +219,7 @@ that without TLS certificates. URL scheme: `http://page.example.io` and `http://domain.com` -In that case, the pages daemon is running, Nginx still proxies requests to +In that case, the pages daemon is running, NGINX still proxies requests to the daemon but the daemon is also able to receive requests from the outside world. Custom domains are supported, but no TLS. @@ -261,7 +261,7 @@ world. Custom domains are supported, but no TLS. gitlab_pages_options="-pages-domain example.io -pages-root $app_root/shared/pages -listen-proxy 127.0.0.1:8090 -listen-http 192.0.2.2:80" ``` -1. Copy the `gitlab-pages-ssl` Nginx configuration file: +1. Copy the `gitlab-pages-ssl` NGINX configuration file: ```bash sudo cp lib/support/nginx/gitlab-pages /etc/nginx/sites-available/gitlab-pages.conf @@ -284,7 +284,7 @@ world. Custom domains are supported, but no TLS. URL scheme: `https://page.example.io` and `https://domain.com` -In that case, the pages daemon is running, Nginx still proxies requests to +In that case, the pages daemon is running, NGINX still proxies requests to the daemon but the daemon is also able to receive requests from the outside world. Custom domains and TLS are supported. @@ -330,7 +330,7 @@ world. Custom domains and TLS are supported. gitlab_pages_options="-pages-domain example.io -pages-root $app_root/shared/pages -listen-proxy 127.0.0.1:8090 -listen-http 192.0.2.2:80 -listen-https 192.0.2.2:443 -root-cert /path/to/example.io.crt -root-key /path/to/example.io.key ``` -1. Copy the `gitlab-pages-ssl` Nginx configuration file: +1. Copy the `gitlab-pages-ssl` NGINX configuration file: ```bash sudo cp lib/support/nginx/gitlab-pages-ssl /etc/nginx/sites-available/gitlab-pages-ssl.conf @@ -351,7 +351,7 @@ The following information applies only for installations from source. Be extra careful when setting up the domain name in the NGINX config. You must not remove the backslashes. -If your GitLab pages domain is `example.io`, replace: +If your GitLab Pages domain is `example.io`, replace: ```bash server_name ~^.*\.YOUR_GITLAB_PAGES\.DOMAIN$; @@ -401,7 +401,7 @@ Pages access control is disabled by default. To enable it: 1. Create a new [system OAuth application](../../integration/oauth_provider.md#adding-an-application-through-the-profile). This should be called `GitLab Pages` and have a `Redirect URL` of `https://projects.example.io/auth`. It does not need to be a "trusted" - application, but it does need the "api" scope. + application, but it does need the `api` scope. 1. Start the Pages daemon with the following additional arguments: ```shell @@ -443,7 +443,7 @@ Pages are part of the [regular backup][backup] so there is nothing to configure. ## Security -You should strongly consider running GitLab pages under a different hostname +You should strongly consider running GitLab Pages under a different hostname than GitLab to prevent XSS attacks. [backup]: ../../raketasks/backup_restore.md diff --git a/doc/administration/repository_storage_types.md b/doc/administration/repository_storage_types.md index 5f6738dc190..227d6928baf 100644 --- a/doc/administration/repository_storage_types.md +++ b/doc/administration/repository_storage_types.md @@ -10,7 +10,7 @@ that can be: - Mounted to the local disk - Exposed as an NFS shared volume -- Accessed via [gitaly] on its own machine. +- Accessed via [Gitaly] on its own machine. In GitLab, this is configured in `/etc/gitlab/gitlab.rb` by the `git_data_dirs({})` configuration hash. The storage layouts discussed here will apply to any shard diff --git a/doc/administration/smime_signing_email.md b/doc/administration/smime_signing_email.md index 530553ec1c4..60cab22d1f4 100644 --- a/doc/administration/smime_signing_email.md +++ b/doc/administration/smime_signing_email.md @@ -1,6 +1,6 @@ # Signing outgoing email with S/MIME -Notification emails sent by Gitlab can be signed with S/MIME for improved +Notification emails sent by GitLab can be signed with S/MIME for improved security. > **Note:** diff --git a/doc/administration/troubleshooting/debug.md b/doc/administration/troubleshooting/debug.md index 562624fc9dc..be475a0520f 100644 --- a/doc/administration/troubleshooting/debug.md +++ b/doc/administration/troubleshooting/debug.md @@ -89,10 +89,10 @@ in Omnibus, run as root: Many of the tips to diagnose issues below apply to many different situations. We'll use one concrete example to illustrate what you can do to learn what is going wrong. -### 502 Gateway Timeout after unicorn spins at 100% CPU +### 502 Gateway Timeout after Unicorn spins at 100% CPU This error occurs when the Web server times out (default: 60 s) after not -hearing back from the unicorn worker. If the CPU spins to 100% while this in +hearing back from the Unicorn worker. If the CPU spins to 100% while this in progress, there may be something taking longer than it should. To fix this issue, we first need to figure out what is happening. The @@ -100,7 +100,7 @@ following tips are only recommended if you do NOT mind users being affected by downtime. Otherwise skip to the next section. 1. Load the problematic URL -1. Run `sudo gdb -p <PID>` to attach to the unicorn process. +1. Run `sudo gdb -p <PID>` to attach to the Unicorn process. 1. In the gdb window, type: ``` @@ -135,7 +135,7 @@ downtime. Otherwise skip to the next section. exit ``` -Note that if the unicorn process terminates before you are able to run these +Note that if the Unicorn process terminates before you are able to run these commands, gdb will report an error. To buy more time, you can always raise the Unicorn timeout. For omnibus users, you can edit `/etc/gitlab/gitlab.rb` and increase it from 60 seconds to 300: @@ -152,7 +152,7 @@ For source installations, edit `config/unicorn.rb`. #### Troubleshooting without affecting other users -The previous section attached to a running unicorn process, and this may have +The previous section attached to a running Unicorn process, and this may have undesirable effects for users trying to access GitLab during this time. If you are concerned about affecting others during a production system, you can run a separate Rails process to debug the issue: @@ -183,7 +183,7 @@ separate Rails process to debug the issue: ### GitLab: API is not accessible -This often occurs when gitlab-shell attempts to request authorization via the +This often occurs when GitLab Shell attempts to request authorization via the internal API (e.g., `http://localhost:8080/api/v4/internal/allowed`), and something in the check fails. There are many reasons why this may happen: @@ -192,7 +192,7 @@ something in the check fails. There are many reasons why this may happen: 1. Error accessing the repository (e.g., stale NFS handles) To diagnose this problem, try to reproduce the problem and then see if there -is a unicorn worker that is spinning via `top`. Try to use the `gdb` +is a Unicorn worker that is spinning via `top`. Try to use the `gdb` techniques above. In addition, using `strace` may help isolate issues: ```shell diff --git a/doc/administration/troubleshooting/elasticsearch.md b/doc/administration/troubleshooting/elasticsearch.md index 13b9c30b29d..37ec32413f8 100644 --- a/doc/administration/troubleshooting/elasticsearch.md +++ b/doc/administration/troubleshooting/elasticsearch.md @@ -1,6 +1,6 @@ -# Troubleshooting ElasticSearch +# Troubleshooting Elasticsearch -Troubleshooting ElasticSearch requires: +Troubleshooting Elasticsearch requires: - Knowledge of common terms. - Establishing within which category the problem fits. @@ -30,7 +30,7 @@ The type of problem will determine what steps to take. The possible troubleshoot ### Search Results workflow -The following workflow is for ElasticSearch search results issues: +The following workflow is for Elasticsearch search results issues: ```mermaid graph TD; @@ -42,11 +42,11 @@ graph TD; B5 --> |Yes| B6 B5 --> |No| B7 B7 --> B8 - B{Is GitLab using<br>ElasticSearch for<br>searching?} + B{Is GitLab using<br>Elasticsearch for<br>searching?} B1[Check Admin Area > Integrations<br>to ensure the settings are correct] B2[Perform a search via<br>the rails console] - B3[If all settings are correct<br>and it still doesn't show ElasticSearch<br>doing the searches, escalate<br>to GitLab support.] - B4[Perform<br>the same search via the<br>ElasticSearch API] + B3[If all settings are correct<br>and it still doesn't show Elasticsearch<br>doing the searches, escalate<br>to GitLab support.] + B4[Perform<br>the same search via the<br>Elasticsearch API] B5{Are the results<br>the same?} B6[This means it is working as intended.<br>Speak with GitLab support<br>to confirm if the issue lies with<br>the filters.] B7[Check the index status of the project<br>containing the missing search<br>results.] @@ -55,7 +55,7 @@ graph TD; ### Indexing workflow -The following workflow is for ElasticSearch indexing issues: +The following workflow is for Elasticsearch indexing issues: ```mermaid graph TD; @@ -67,7 +67,7 @@ graph TD; C --> |No| C6 C6 --> |No| C10 C7 --> |GitLab| C8 - C7 --> |ElasticSearch| C9 + C7 --> |Elasticsearch| C9 C6 --> |Yes| C7 C10 --> |No| C12 C10 --> |Yes| C11 @@ -76,27 +76,27 @@ graph TD; C14 --> |Yes| C15 C14 --> |No| C16 C{Is the problem with<br>creating an empty<br>index?} - C1{Does the gitlab-production<br>index exist on the<br>ElasticSearch instance?} - C2(Try to manually<br>delete the index on the<br>ElasticSearch instance and<br>retry creating an empty index.) - C3{Can indices be made<br>manually on the ElasticSearch<br>instance?} + C1{Does the gitlab-production<br>index exist on the<br>Elasticsearch instance?} + C2(Try to manually<br>delete the index on the<br>Elasticsearch instance and<br>retry creating an empty index.) + C3{Can indices be made<br>manually on the Elasticsearch<br>instance?} C4(Retry the creation of an empty index) - C5(It is best to speak with an<br>ElasticSearch admin concerning the<br>instance's inability to create indices.) + C5(It is best to speak with an<br>Elasticsearch admin concerning the<br>instance's inability to create indices.) C6{Is the indexer presenting<br>errors during indexing?} - C7{Is the error a GitLab<br>error or an ElasticSearch<br>error?} + C7{Is the error a GitLab<br>error or an Elasticsearch<br>error?} C8[Escalate to<br>GitLab support] - C9[You will want<br>to speak with an<br>ElasticSearch admin.] + C9[You will want<br>to speak with an<br>Elasticsearch admin.] C10{Does the index status<br>show 100%?} C11[Escalate to<br>GitLab support] C12{Does re-indexing the project<br> present any GitLab errors?} C13[Rectify the GitLab errors and<br>restart troubleshooting, or<br>escalate to GitLab support.] - C14{Does re-indexing the project<br>present errors on the <br>ElasticSearch instance?} - C15[It would be best<br>to speak with an<br>ElasticSearch admin.] + C14{Does re-indexing the project<br>present errors on the <br>Elasticsearch instance?} + C15[It would be best<br>to speak with an<br>Elasticsearch admin.] C16[This is likely a bug/issue<br>in GitLab and will require<br>deeper investigation. Escalate<br>to GitLab support.] ``` ### Integration workflow -The following workflow is for ElasticSearch integration issues: +The following workflow is for Elasticsearch integration issues: ```mermaid graph TD; @@ -107,7 +107,7 @@ graph TD; D4 --> |No| D5 D4 --> |Yes| D6 D{Is the error concerning<br>the beta indexer?} - D1[It would be best<br>to speak with an<br>ElasticSearch admin.] + D1[It would be best<br>to speak with an<br>Elasticsearch admin.] D2{Is the ICU development<br>package installed?} D3>This package is required.<br>Install the package<br>and retry.] D4{Is the error stemming<br>from the indexer?} @@ -117,7 +117,7 @@ graph TD; ### Performance workflow -The following workflow is for ElasticSearch performance issues: +The following workflow is for Elasticsearch performance issues: ```mermaid graph TD; @@ -128,19 +128,19 @@ graph TD; F4 --> F5 F5 --> |No| F6 F5 --> |Yes| F7 - F{Is the ElasticSearch instance<br>running on the same server<br>as the GitLab instance?} - F1(This is not advised and will cause issues.<br>We recommend moving the ElasticSearch<br>instance to a different server.) - F2{Does the ElasticSearch<br>server have at least 8<br>GB of RAM and 2 CPU<br>cores?} - F3(According to ElasticSearch, a non-prod<br>server needs these as a base requirement.<br>Production often requires more. We recommend<br>you increase the server specifications.) + F{Is the Elasticsearch instance<br>running on the same server<br>as the GitLab instance?} + F1(This is not advised and will cause issues.<br>We recommend moving the Elasticsearch<br>instance to a different server.) + F2{Does the Elasticsearch<br>server have at least 8<br>GB of RAM and 2 CPU<br>cores?} + F3(According to Elasticsearch, a non-prod<br>server needs these as a base requirement.<br>Production often requires more. We recommend<br>you increase the server specifications.) F4(Obtain the <br>cluster health information) F5(Does it show the<br>status as green?) - F6(We recommend you speak with<br>an ElasticSearch admin<br>about implementing sharding.) + F6(We recommend you speak with<br>an Elasticsearch admin<br>about implementing sharding.) F7(Escalate to<br>GitLab support.) ``` ## Troubleshooting walkthrough -Most ElasticSearch troubleshooting can be broken down into 4 categories: +Most Elasticsearch troubleshooting can be broken down into 4 categories: - [Troubleshooting search results](#troubleshooting-search-results) - [Troubleshooting indexing](#troubleshooting-indexing) @@ -150,19 +150,19 @@ Most ElasticSearch troubleshooting can be broken down into 4 categories: Generally speaking, if it does not fall into those four categories, it is either: - Something GitLab support needs to look into. -- Not a true ElasticSearch issue. +- Not a true Elasticsearch issue. -Exercise caution. Issues that appear to be ElasticSearch problems can be OS-level issues. +Exercise caution. Issues that appear to be Elasticsearch problems can be OS-level issues. ### Troubleshooting search results -Troubleshooting search result issues is rather straight forward on ElasticSearch. +Troubleshooting search result issues is rather straight forward on Elasticsearch. -The first step is to confirm GitLab is using ElasticSearch for the search function. +The first step is to confirm GitLab is using Elasticsearch for the search function. To do this: 1. Confirm the integration is enabled in **Admin Area > Settings > Integrations**. -1. Confirm searches utilize ElasticSearch by accessing the rails console +1. Confirm searches utilize Elasticsearch by accessing the rails console (`sudo gitlab-rails console`) and running the following commands: ```rails @@ -173,21 +173,21 @@ To do this: The ouput from the last command is the key here. If it shows: -- `ActiveRecord::Relation`, **it is not** using ElasticSearch. -- `Kaminari::PaginatableArray`, **it is** using ElasticSearch. +- `ActiveRecord::Relation`, **it is not** using Elasticsearch. +- `Kaminari::PaginatableArray`, **it is** using Elasticsearch. -| Not using ElasticSearch | Using ElasticSearch | +| Not using Elasticsearch | Using Elasticsearch | |--------------------------|------------------------------| | `ActiveRecord::Relation` | `Kaminari::PaginatableArray` | -If all the settings look correct and it is still not using ElasticSearch for the search function, it is best to escalate to GitLab support. This could be a bug/issue. +If all the settings look correct and it is still not using Elasticsearch for the search function, it is best to escalate to GitLab support. This could be a bug/issue. -Moving past that, it is best to attempt the same search using the [ElasticSearch Search API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html) and compare the results from what you see in GitLab. +Moving past that, it is best to attempt the same search using the [Elasticsearch Search API](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-search.html) and compare the results from what you see in GitLab. If the results: - Sync up, then there is not a technical "issue" per se. Instead, it might be a problem - with the ElasticSearch filters we are using. This can be complicated, so it is best to + with the Elasticsearch filters we are using. This can be complicated, so it is best to escalate to GitLab support to check these and guide you on the potential on whether or not a feature request is needed. - Do not match up, this indicates a problem with the documents generated from the @@ -197,20 +197,20 @@ If the results: ### Troubleshooting indexing Troubleshooting indexing issues can be tricky. It can pretty quickly go to either GitLab -support or your ElasticSearch admin. +support or your Elasticsearch admin. The best place to start is to determine if the issue is with creating an empty index. -If it is, check on the ElasticSearch side to determine if the `gitlab-production` (the -name for the GitLab index) exists. If it exists, manually delete it on the ElasticSearch +If it is, check on the Elasticsearch side to determine if the `gitlab-production` (the +name for the GitLab index) exists. If it exists, manually delete it on the Elasticsearch side and attempt to recreate it from the [`create_empty_index`](../../integration/elasticsearch.md#gitlab-elasticsearch-rake-tasks) rake task. -If you still encounter issues, try creating an index manually on the ElasticSearch +If you still encounter issues, try creating an index manually on the Elasticsearch instance. The details of the index aren't important here, as we want to test if indices can be made. If the indices: -- Cannot be made, speak with your ElasticSearch admin. +- Cannot be made, speak with your Elasticsearch admin. - Can be made, Escalate this to GitLab support. If the issue is not with creating an empty index, the next step is to check for errors @@ -218,7 +218,7 @@ during the indexing of projects. If errors do occur, they will either stem from - On the GitLab side. You need to rectify those. If they are not something you are familiar with, contact GitLab support for guidance. -- Within the ElasticSearch instance itself. See if the error is [documented and has a fix](../../integration/elasticsearch.md#troubleshooting). If not, speak with your ElasticSearch admin. +- Within the Elasticsearch instance itself. See if the error is [documented and has a fix](../../integration/elasticsearch.md#troubleshooting). If not, speak with your Elasticsearch admin. If the indexing process does not present errors, you will want to check the status of the indexed projects. You can do this via the following rake tasks: @@ -235,8 +235,8 @@ If: If reindexing the project shows: - Errors on the GitLab side, escalate those to GitLab support. -- ElasticSearch errors or doesn't present any errors at all, reach out to your - ElasticSearch admin to check the instance. +- Elasticsearch errors or doesn't present any errors at all, reach out to your + Elasticsearch admin to check the instance. ### Troubleshooting integration @@ -246,7 +246,7 @@ much to "integrate" here. If the issue is: - Not concerning the beta indexer, it is almost always an - ElasticSearch-side issue. This means you should reach out to your ElasticSearch admin + Elasticsearch-side issue. This means you should reach out to your Elasticsearch admin regarding the error(s) you are seeing. If you are unsure here, it never hurts to reach out to GitLab support. - With the beta indexer, check if the ICU development package is installed. @@ -260,48 +260,48 @@ Beyond that, you will want to review the error. If it is: ### Troubleshooting performance -Troubleshooting performance can be difficult on ElasticSearch. There is a ton of tuning +Troubleshooting performance can be difficult on Elasticsearch. There is a ton of tuning that *can* be done, but the majority of this falls on shoulders of a skilled -ElasticSearch administrator. +Elasticsearch administrator. Generally speaking, ensure: -- The ElasticSearch server **is not** running on the same node as GitLab. -- The ElasticSearch server have enough RAM and CPU cores. +- The Elasticsearch server **is not** running on the same node as GitLab. +- The Elasticsearch server have enough RAM and CPU cores. - That sharding **is** being used. -Going into some more detail here, if ElasticSearch is running on the same server as GitLab, resource contention is **very** likely to occur. Ideally, ElasticSearch, which requires ample resources, should be running on its own server (maybe coupled with logstash and kibana). +Going into some more detail here, if Elasticsearch is running on the same server as GitLab, resource contention is **very** likely to occur. Ideally, Elasticsearch, which requires ample resources, should be running on its own server (maybe coupled with logstash and kibana). -When it comes to ElasticSearch, RAM is the key resource. ElasticSearch themselves recommend: +When it comes to Elasticsearch, RAM is the key resource. Elasticsearch themselves recommend: - **At least** 8 GB of RAM for a non-production instance. - **At least** 16 GB of RAM for a production instance. - Ideally, 64 GB of RAM. -For CPU, ElasticSearch recommends at least 2 CPU cores, but ElasticSearch states common +For CPU, Elasticsearch recommends at least 2 CPU cores, but Elasticsearch states common setups use up to 8 cores. For more details on server specs, check out -[ElasticSearch's hardware guide](https://www.elastic.co/guide/en/elasticsearch/guide/current/hardware.html). +[Elasticsearch's hardware guide](https://www.elastic.co/guide/en/elasticsearch/guide/current/hardware.html). -Beyond the obvious, sharding comes into play. Sharding is a core part of ElasticSearch. +Beyond the obvious, sharding comes into play. Sharding is a core part of Elasticsearch. It allows for horizontal scaling of indices, which is helpful when you are dealing with a large amount of data. With the way GitLab does indexing, there is a **huge** amount of documents being -indexed. By utilizing sharding, you can speed up ElasticSearch's ability to locate +indexed. By utilizing sharding, you can speed up Elasticsearch's ability to locate data, since each shard is a Lucene index. If you are not using sharding, you are likely to hit issues when you start using -ElasticSearch in a production environment. +Elasticsearch in a production environment. Keep in mind that an index with only one shard has **no scale factor** and will likely encounter issues when called upon with some frequency. If you need to know how many shards, read -[ElasticSearch's documentation on capacity planning](https://www.elastic.co/guide/en/elasticsearch/guide/2.x/capacity-planning.html), +[Elasticsearch's documentation on capacity planning](https://www.elastic.co/guide/en/elasticsearch/guide/2.x/capacity-planning.html), as the answer is not straight forward. The easiest way to determine if sharding is in use is to check the output of the -[ElasticSearch Health API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html): +[Elasticsearch Health API](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html): - Red means the cluster is down. - Yellow means it is up with no sharding/replication. @@ -311,11 +311,11 @@ For production use, it should always be green. Beyond these steps, you get into some of the more complicated things to check, such as merges and caching. These can get complicated and it takes some time to -learn them, so it is best to escalate/pair with an ElasticSearch expert if you need to +learn them, so it is best to escalate/pair with an Elasticsearch expert if you need to dig further into these. Feel free to reach out to GitLab support, but this is likely to be something a skilled -ElasticSearch admin has more experience with. +Elasticsearch admin has more experience with. ## Common issues @@ -324,12 +324,12 @@ feel free to update that page with issues you encounter and solutions. ## Replication -Setting up ElasticSearch isn't too bad, but it can be a bit finnicky and time consuming. +Setting up Elasticsearch isn't too bad, but it can be a bit finnicky and time consuming. The eastiest method is to spin up a docker container with the required version and bind ports 9200/9300 so it can be used. -The following is an example of running a docker container of ElasticSearch v7.2.0: +The following is an example of running a docker container of Elasticsearch v7.2.0: ```bash docker pull docker.elastic.co/elasticsearch/elasticsearch:7.2.0 @@ -341,5 +341,5 @@ From here, you can: - Grab the IP of the docker container (use `docker inspect <container_id>`) - Use `<IP.add.re.ss:9200>` to communicate with it. -This is a quick method to test out ElasticSearch, but by no means is this a +This is a quick method to test out Elasticsearch, but by no means is this a production solution. diff --git a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md index 4539407d1c1..9d419e23a9f 100644 --- a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md +++ b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md @@ -4,7 +4,7 @@ type: reference # GitLab Rails Console Cheat Sheet -This is the GitLab Support Team's collection of information regarding the GitLab rails +This is the GitLab Support Team's collection of information regarding the GitLab Rails console, for use while troubleshooting. It is listed here for transparency, and it may be useful for users with experience with these tools. If you are currently having an issue with GitLab, it is highly recommended that you check your @@ -822,7 +822,7 @@ License.current # check to make sure it applied From [Zendesk ticket #91083](https://gitlab.zendesk.com/agent/tickets/91083) (internal) -### Poll unicorn requests by seconds +### Poll Unicorn requests by seconds ```ruby require 'rubygems' @@ -898,13 +898,13 @@ See <https://github.com/mperham/sidekiq/wiki/Signals#ttin>. ## Redis -### Connect to redis (omnibus) +### Connect to Redis (omnibus) ```sh /opt/gitlab/embedded/bin/redis-cli -s /var/opt/gitlab/redis/redis.socket ``` -### Connect to redis (HA) +### Connect to Redis (HA) ```sh /opt/gitlab/embedded/bin/redis-cli -h <host ip> -a <password> diff --git a/doc/administration/troubleshooting/kubernetes_cheat_sheet.md b/doc/administration/troubleshooting/kubernetes_cheat_sheet.md index 1247060058b..233cfb9f7cf 100644 --- a/doc/administration/troubleshooting/kubernetes_cheat_sheet.md +++ b/doc/administration/troubleshooting/kubernetes_cheat_sheet.md @@ -15,7 +15,7 @@ If you are on a [paid tier](https://about.gitlab.com/pricing/) and are not sure to use these commands, it is best to [contact Support](https://about.gitlab.com/support/) and they will assist you with any issues you are having. -## Generic kubernetes commands +## Generic Kubernetes commands - How to authorize to your GCP project (can be especially useful if you have projects under different GCP accounts): @@ -33,7 +33,7 @@ and they will assist you with any issues you are having. kubectl proxy ``` -- How to ssh to a Kubernetes node and enter the container as root +- How to SSH to a Kubernetes node and enter the container as root <https://github.com/kubernetes/kubernetes/issues/30656>: - For GCP, you may find the node name and run `gcloud compute ssh node-name`. @@ -72,12 +72,12 @@ and they will assist you with any issues you are having. This is the principle of Kubernetes, read [Twelve-factor app](https://12factor.net/) for details. -## GitLab-specific kubernetes information +## GitLab-specific Kubernetes information -- Minimal config that can be used to test a Kubernetes helm chart can be found +- Minimal config that can be used to test a Kubernetes Helm chart can be found [here](https://gitlab.com/gitlab-org/charts/gitlab/issues/620). -- Tailing logs of a separate pod. An example for a unicorn pod: +- Tailing logs of a separate pod. An example for a Unicorn pod: ```bash kubectl logs gitlab-unicorn-7656fdd6bf-jqzfs -c unicorn @@ -101,7 +101,7 @@ and they will assist you with any issues you are having. ``` - Check all events in the `gitlab` namespace (the namespace name can be different if you - specified a different one when deploying the helm chart): + specified a different one when deploying the Helm chart): ```bash kubectl get events -w --namespace=gitlab @@ -140,8 +140,8 @@ and they will assist you with any issues you are having. - Check the output of `kubectl get events -w --all-namespaces`. - Check the logs of pods within `gitlab-managed-apps` namespace. - - On the side of GitLab check sidekiq log and kubernetes log. When GitLab is installed - via Helm Chart, `kubernetes.log` can be found inside the sidekiq pod. + - On the side of GitLab check Sidekiq log and Kubernetes log. When GitLab is installed + via Helm Chart, `kubernetes.log` can be found inside the Sidekiq pod. - How to get your initial admin password <https://docs.gitlab.com/charts/installation/deployment.html#initial-login>: diff --git a/doc/administration/troubleshooting/sidekiq.md b/doc/administration/troubleshooting/sidekiq.md index fdafac8420e..41657368ea4 100644 --- a/doc/administration/troubleshooting/sidekiq.md +++ b/doc/administration/troubleshooting/sidekiq.md @@ -238,7 +238,7 @@ workers.each do |process_id, thread_id, work| end ``` -### Remove sidekiq jobs for given parameters (destructive) +### Remove Sidekiq jobs for given parameters (destructive) ```ruby # for jobs like this: diff --git a/doc/administration/troubleshooting/test_environments.md b/doc/administration/troubleshooting/test_environments.md index f1cdaf580a3..d0f670a5663 100644 --- a/doc/administration/troubleshooting/test_environments.md +++ b/doc/administration/troubleshooting/test_environments.md @@ -49,7 +49,7 @@ gitlab/gitlab-ee:11.5.3-ee.0 #### SAML for Authentication -We can use the [test-saml-idp Docker image](https://hub.docker.com/r/jamedjo/test-saml-idp) +We can use the [`test-saml-idp` Docker image](https://hub.docker.com/r/jamedjo/test-saml-idp) to do the work for us: ```sh @@ -91,7 +91,7 @@ gitlab_rails['omniauth_providers'] = [ See [the GDK SAML documentation](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/saml.md). -### ElasticSearch +### Elasticsearch ```sh docker run -d --name elasticsearch \ @@ -101,7 +101,7 @@ docker.elastic.co/elasticsearch/elasticsearch:5.5.1 ``` Then confirm it works in the browser at `curl http://<IP_ADDRESS>:9200/_cat/health`. -ElasticSearch's default username is `elastic` and password is `changeme`. +Elasticsearch's default username is `elastic` and password is `changeme`. ### PlantUML |