diff options
Diffstat (limited to 'doc/administration/operations')
-rw-r--r-- | doc/administration/operations/cleaning_up_redis_sessions.md | 8 | ||||
-rw-r--r-- | doc/administration/operations/extra_sidekiq_processes.md | 10 | ||||
-rw-r--r-- | doc/administration/operations/fast_ssh_key_lookup.md | 19 | ||||
-rw-r--r-- | doc/administration/operations/filesystem_benchmarking.md | 8 | ||||
-rw-r--r-- | doc/administration/operations/index.md | 6 | ||||
-rw-r--r-- | doc/administration/operations/moving_repositories.md | 16 | ||||
-rw-r--r-- | doc/administration/operations/puma.md | 6 | ||||
-rw-r--r-- | doc/administration/operations/rails_console.md | 8 | ||||
-rw-r--r-- | doc/administration/operations/sidekiq_memory_killer.md | 6 | ||||
-rw-r--r-- | doc/administration/operations/speed_up_ssh.md | 3 | ||||
-rw-r--r-- | doc/administration/operations/ssh_certificates.md | 17 | ||||
-rw-r--r-- | doc/administration/operations/unicorn.md | 10 |
12 files changed, 62 insertions, 55 deletions
diff --git a/doc/administration/operations/cleaning_up_redis_sessions.md b/doc/administration/operations/cleaning_up_redis_sessions.md index 8f90231a713..6513a4ed4c8 100644 --- a/doc/administration/operations/cleaning_up_redis_sessions.md +++ b/doc/administration/operations/cleaning_up_redis_sessions.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Cleaning up stale Redis sessions @@ -21,7 +21,7 @@ prefixed with `session:gitlab:`, so they would look like `session:gitlab:976aa289e2189b17d7ef525a6702ace9`. Below we describe how to remove the keys in the old format. -NOTE: **Note:** +NOTE: The instructions below must be modified in accordance with your configuration settings if you have used the advanced Redis settings outlined in diff --git a/doc/administration/operations/extra_sidekiq_processes.md b/doc/administration/operations/extra_sidekiq_processes.md index 5de79882083..1f611a50a53 100644 --- a/doc/administration/operations/extra_sidekiq_processes.md +++ b/doc/administration/operations/extra_sidekiq_processes.md @@ -1,7 +1,7 @@ --- stage: Enablement group: Distribution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Run multiple Sidekiq processes **(CORE ONLY)** @@ -11,7 +11,7 @@ These processes can be used to consume a dedicated set of queues. This can be used to ensure certain queues always have dedicated workers, no matter the number of jobs that need to be processed. -NOTE: **Note:** +NOTE: The information in this page applies only to Omnibus GitLab. ## Available Sidekiq queues @@ -209,7 +209,7 @@ sidekiq['queue_groups'] = [ ### Disable Sidekiq cluster -CAUTION: **Warning:** +WARNING: Sidekiq cluster is [scheduled](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/240) to be the only way to start Sidekiq in GitLab 14.0. @@ -341,7 +341,7 @@ being equal to `max_concurrency`. Running a single Sidekiq process is the default in GitLab 12.10 and earlier. -CAUTION: **Warning:** +WARNING: Running Sidekiq directly is scheduled to be removed in GitLab [14.0](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/240). @@ -376,7 +376,7 @@ This tells the additional processes how often to check for enqueued jobs. ## Troubleshoot using the CLI -CAUTION: **Warning:** +WARNING: It's recommended to use `/etc/gitlab/gitlab.rb` to configure the Sidekiq processes. If you experience a problem, you should contact GitLab support. Use the command line at your own risk. diff --git a/doc/administration/operations/fast_ssh_key_lookup.md b/doc/administration/operations/fast_ssh_key_lookup.md index c8830a45fb2..b93af074795 100644 --- a/doc/administration/operations/fast_ssh_key_lookup.md +++ b/doc/administration/operations/fast_ssh_key_lookup.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Fast lookup of authorized SSH keys in the database @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1631) in [GitLab Starter](https://about.gitlab.com/pricing/) 9.3. > - [Available in](https://gitlab.com/gitlab-org/gitlab/-/issues/3953) GitLab Community Edition 10.4. -NOTE: **Note:** +NOTE: This document describes a drop-in replacement for the `authorized_keys` file. For normal (non-deploy key) users, consider using [SSH certificates](ssh_certificates.md). They are even faster, but are not a @@ -28,7 +28,8 @@ GitLab Shell solves this by providing a way to authorize SSH users via a fast, indexed lookup in the GitLab database. This page describes how to enable the fast lookup of authorized SSH keys. -> **Warning:** OpenSSH version 6.9+ is required because +WARNING: +OpenSSH version 6.9+ is required because `AuthorizedKeysCommand` must be able to accept a fingerprint. These instructions will break installations using older versions of OpenSSH, such as those included with CentOS 6 as of September 2017. If you want to use this @@ -80,18 +81,18 @@ Confirm that SSH is working by commenting out your user's key in the `authorized A successful pull would mean that GitLab was able to find the key in the database, since it is not present in the file anymore. -NOTE: **Note:** +NOTE: For Omnibus Docker, `AuthorizedKeysCommand` is setup by default in GitLab 11.11 and later. -NOTE: **Note:** +NOTE: For Installations from source, the command would be located at `/home/git/gitlab-shell/bin/gitlab-shell-authorized-keys-check` if [the install from source](../../install/installation.md#install-gitlab-shell) instructions were followed. You might want to consider creating a wrapper script somewhere else since this command needs to be owned by `root` and not be writable by group or others. You could also consider changing the ownership of this command as required, but that might require temporary ownership changes during `gitlab-shell` upgrades. -CAUTION: **Caution:** +WARNING: Do not disable writes until SSH is confirmed to be working perfectly, because the file will quickly become out-of-date. @@ -139,7 +140,7 @@ the database. The following instructions can be used to build OpenSSH 7.5: ```shell sudo su - cd /tmp - curl --remote-name https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz + curl --remote-name "https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz" tar xzvf openssh-7.5p1.tar.gz yum install rpm-build gcc make wget openssl-devel krb5-devel pam-devel libX11-devel xmkmf libXt-devel ``` diff --git a/doc/administration/operations/filesystem_benchmarking.md b/doc/administration/operations/filesystem_benchmarking.md index c55f253b772..9072214eb02 100644 --- a/doc/administration/operations/filesystem_benchmarking.md +++ b/doc/administration/operations/filesystem_benchmarking.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Filesystem Performance Benchmarking @@ -71,7 +71,7 @@ operations per second. ### Simple benchmarking -NOTE: **Note:** +NOTE: This test is naive but may be useful if `fio` is not available on the system. It's possible to receive good results on this test but still have poor performance due to read speed and various other diff --git a/doc/administration/operations/index.md b/doc/administration/operations/index.md index 864bbb3233e..b15417ea8d9 100644 --- a/doc/administration/operations/index.md +++ b/doc/administration/operations/index.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Performing Operations in GitLab diff --git a/doc/administration/operations/moving_repositories.md b/doc/administration/operations/moving_repositories.md index b311bee1a5b..7cc15f9cea4 100644 --- a/doc/administration/operations/moving_repositories.md +++ b/doc/administration/operations/moving_repositories.md @@ -1,7 +1,7 @@ --- stage: Create group: Gitaly -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -48,13 +48,13 @@ We look at three scenarios: - The target directory contains an outdated copy of the repositories. - How to deal with thousands of repositories. -DANGER: **Warning:** +WARNING: Each of the approaches we list can or does overwrite data in the target directory `/mnt/gitlab/repositories`. Do not mix up the source and the target. ### Recommended approach in all cases -GitLab's [backup and restore capability](../../raketasks/backup_restore.md) should be used. Git +The GitLab [backup and restore capability](../../raketasks/backup_restore.md) should be used. Git repositories are accessed, managed, and stored on GitLab servers by Gitaly as a database. Data loss can result from directly accessing and copying Gitaly's files using tools like `rsync`. @@ -94,7 +94,7 @@ If you want to compress the data before it goes over the network ### The target directory contains an outdated copy of the repositories: use `rsync` -DANGER: **Warning:** +WARNING: Using `rsync` to migrate Git data can cause data loss and repository corruption. [These instructions are being reviewed](https://gitlab.com/gitlab-org/gitlab/-/issues/270422). @@ -115,7 +115,7 @@ If you want to see progress, replace `-a` with `-av`. #### Single `rsync` to another server -DANGER: **Warning:** +WARNING: Using `rsync` to migrate Git data can cause data loss and repository corruption. [These instructions are being reviewed](https://gitlab.com/gitlab-org/gitlab/-/issues/270422). @@ -129,7 +129,7 @@ sudo -u git sh -c 'rsync -a --delete /var/opt/gitlab/git-data/repositories/. \ ### Thousands of Git repositories: use one `rsync` per repository -DANGER: **Warning:** +WARNING: Using `rsync` to migrate Git data can cause data loss and repository corruption. [These instructions are being reviewed](https://gitlab.com/gitlab-org/gitlab/-/issues/270422). @@ -150,7 +150,7 @@ longer exist at the source.** #### Parallel `rsync` for all repositories known to GitLab -DANGER: **Warning:** +WARNING: Using `rsync` to migrate Git data can cause data loss and repository corruption. [These instructions are being reviewed](https://gitlab.com/gitlab-org/gitlab/-/issues/270422). @@ -211,7 +211,7 @@ cat /home/git/transfer-logs/* | sort | uniq -u |\ #### Parallel `rsync` only for repositories with recent activity -DANGER: **Warning:** +WARNING: Using `rsync` to migrate Git data can cause data loss and repository corruption. [These instructions are being reviewed](https://gitlab.com/gitlab-org/gitlab/-/issues/270422). diff --git a/doc/administration/operations/puma.md b/doc/administration/operations/puma.md index 5104b65c86d..44ac014650e 100644 --- a/doc/administration/operations/puma.md +++ b/doc/administration/operations/puma.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Switching to Puma diff --git a/doc/administration/operations/rails_console.md b/doc/administration/operations/rails_console.md index dac36135a8e..b40560bf6e5 100644 --- a/doc/administration/operations/rails_console.md +++ b/doc/administration/operations/rails_console.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # The Rails Console @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w The [Rails console](https://guides.rubyonrails.org/command_line.html#rails-console). provides a way to interact with your GitLab instance from the command line. -CAUTION: **Caution:** +WARNING: The Rails console interacts directly with GitLab. In many cases, there are no handrails to prevent you from permanently modifying, corrupting or destroying production data. If you would like to explore the Rails console diff --git a/doc/administration/operations/sidekiq_memory_killer.md b/doc/administration/operations/sidekiq_memory_killer.md index 0de8b681dd8..c7f00d05213 100644 --- a/doc/administration/operations/sidekiq_memory_killer.md +++ b/doc/administration/operations/sidekiq_memory_killer.md @@ -1,7 +1,7 @@ --- stage: Enablement group: Memory -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Sidekiq MemoryKiller @@ -35,7 +35,9 @@ The MemoryKiller is controlled using environment variables. - `SIDEKIQ_DAEMON_MEMORY_KILLER`: defaults to 1. When set to 0, the MemoryKiller works in _legacy_ mode. Otherwise, the MemoryKiller works in _daemon_ mode. - In _legacy_ mode, the MemoryKiller checks the Sidekiq process RSS after each job. + In _legacy_ mode, the MemoryKiller checks the Sidekiq process RSS + ([Resident Set Size](https://github.com/mperham/sidekiq/wiki/Memory#rss)) + after each job. In _daemon_ mode, the MemoryKiller checks the Sidekiq process RSS every 3 seconds (defined by `SIDEKIQ_MEMORY_KILLER_CHECK_INTERVAL`). diff --git a/doc/administration/operations/speed_up_ssh.md b/doc/administration/operations/speed_up_ssh.md index 6dc83c42f53..2f3cf40a222 100644 --- a/doc/administration/operations/speed_up_ssh.md +++ b/doc/administration/operations/speed_up_ssh.md @@ -3,3 +3,6 @@ redirect_to: 'fast_ssh_key_lookup.md' --- This document was moved to [another location](fast_ssh_key_lookup.md). + +<!-- This redirect file can be deleted after February 1, 2021. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/operations/ssh_certificates.md b/doc/administration/operations/ssh_certificates.md index 7cbd8c74f90..c0525cf6258 100644 --- a/doc/administration/operations/ssh_certificates.md +++ b/doc/administration/operations/ssh_certificates.md @@ -1,7 +1,7 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # User lookup via OpenSSH's AuthorizedPrincipalsCommand @@ -9,17 +9,18 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Available in](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/19911) GitLab > Community Edition 11.2. -GitLab's default SSH authentication requires users to upload their SSH +The default SSH authentication for GitLab requires users to upload their SSH public keys before they can use the SSH transport. -In centralized (e.g. corporate) environments this can be a hassle -operationally, particularly if the SSH keys are temporary keys issued -to the user, e.g. ones that expire 24 hours after issuing. +In centralized (for example, corporate) environments this can be a hassle +operationally, particularly if the SSH keys are temporary keys issued to the +user, including ones that expire 24 hours after issuing. In such setups some external automated process is needed to constantly upload the new keys to GitLab. -> **Warning:** OpenSSH version 6.9+ is required because that version +WARNING: +OpenSSH version 6.9+ is required because that version introduced the `AuthorizedPrincipalsCommand` configuration option. If using CentOS 6, you can [follow these instructions](fast_ssh_key_lookup.html#compiling-a-custom-version-of-openssh-for-centos-6) diff --git a/doc/administration/operations/unicorn.md b/doc/administration/operations/unicorn.md index 80dafde14aa..03995ee05ba 100644 --- a/doc/administration/operations/unicorn.md +++ b/doc/administration/operations/unicorn.md @@ -1,12 +1,12 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +stage: Enablement +group: Distribution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Understanding Unicorn and unicorn-worker-killer -NOTE: **Note:** +NOTE: Starting with GitLab 13.0, Puma is the default web server used in GitLab all-in-one package based installations as well as GitLab Helm chart deployments. @@ -51,7 +51,7 @@ master process has PID 56227 below. The main tunable options for Unicorn are the number of worker processes and the request timeout after which the Unicorn master terminates a worker process. See the [Omnibus GitLab Unicorn settings -documentation](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/unicorn.html) +documentation](https://docs.gitlab.com/omnibus/settings/unicorn.html) if you want to adjust these settings. ## unicorn-worker-killer |