12 files changed, 145 insertions, 48 deletions

diff --git a/doc/administration/auth/ldap.md b/doc/administration/auth/ldap.md
index f6027b2f99e..725fc1f6076 100644
--- a/doc/administration/auth/ldap.md
+++ b/doc/administration/auth/ldap.md
@@ -65,14 +65,14 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
   #
   # Example: 'Paris' or 'Acme, Ltd.'
   label: 'LDAP'
-  
+
   # Example: 'ldap.mydomain.com'
   host: '_your_ldap_server'
   # This port is an example, it is sometimes different but it is always an integer and not a string
   port: 389
-  uid: 'sAMAccountName'
+  uid: 'sAMAccountName' # This should be the attribute, not the value that maps to uid.
   method: 'plain' # "tls" or "ssl" or "plain"
-  
+
   # Examples: 'america\\momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com'
   bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
   password: '_the_password_of_the_bind_user'
diff --git a/doc/administration/environment_variables.md b/doc/administration/environment_variables.md
index 76029b30dd8..b6676026d06 100644
--- a/doc/administration/environment_variables.md
+++ b/doc/administration/environment_variables.md
@@ -20,7 +20,6 @@ Variable | Type | Description
 `GITLAB_EMAIL_FROM`                        | string  | The e-mail address used in the "From" field in e-mails sent by GitLab
 `GITLAB_EMAIL_DISPLAY_NAME`                | string  | The name used in the "From" field in e-mails sent by GitLab
 `GITLAB_EMAIL_REPLY_TO`                    | string  | The e-mail address used in the "Reply-To" field in e-mails sent by GitLab
-`GITLAB_EMAIL_REPLY_TO`                    | string  | The e-mail address used in the "Reply-To" field in e-mails sent by GitLab
 `GITLAB_EMAIL_SUBJECT_SUFFIX`              | string  | The e-mail subject suffix used in e-mails sent by GitLab
 `GITLAB_UNICORN_MEMORY_MIN`                | integer | The minimum memory threshold (in bytes) for the Unicorn worker killer
 `GITLAB_UNICORN_MEMORY_MAX`                | integer | The maximum memory threshold (in bytes) for the Unicorn worker killer
diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md
index 30a4c08508d..6c6942a7bfe 100644
--- a/doc/administration/gitaly/index.md
+++ b/doc/administration/gitaly/index.md
@@ -1,8 +1,8 @@
 # Gitaly
 
-[Gitaly](https://gitlab.com/gitlab-org/gitlay) (introduced in GitLab
+[Gitaly](https://gitlab.com/gitlab-org/gitaly) (introduced in GitLab
 9.0) is a service that provides high-level RPC access to Git
-repositories. As of GitLab 9.0 it is still an optional component with
+repositories. As of GitLab 9.1 it is still an optional component with
 limited scope.
 
 GitLab components that access Git repositories (gitlab-rails,
@@ -11,28 +11,26 @@ not have direct access to Gitaly.
 
 ## Configuring Gitaly
 
-The Gitaly service itself is configured via environment variables.
-These variables are documented [in the gitaly
+The Gitaly service itself is configured via a TOML configuration file.
+This file is documented [in the gitaly
 repository](https://gitlab.com/gitlab-org/gitaly/blob/master/doc/configuration/README.md).
 
-To change a Gitaly environment variable in Omnibus you can use
-`gitaly['env']` in `/etc/gitlab/gitlab.rb`. Changes will be applied
+To change a Gitaly setting in Omnibus you can use
+`gitaly['my_setting']` in `/etc/gitlab/gitlab.rb`. Changes will be applied
 when you run `gitlab-ctl reconfigure`.
 
 ```ruby
-gitaly['env'] = {
-  'GITALY_MY_VARIABLE' => 'value'
-}
+gitaly['prometheus_listen_addr'] = 'localhost:9236'
 ```
 
-To change a Gitaly environment variable in installations from source
-you can edit `/home/git/gitaly/env`.
+To change a Gitaly setting in installations from source you can edit
+`/home/git/gitaly/config.toml`.
 
-```shell
-GITALY_MY_VARIABLE='value'
+```toml
+prometheus_listen_addr = "localhost:9236"
 ```
 
-Changes to `/home/git/gitaly/env` are applied when you run `service
+Changes to `/home/git/gitaly/config.toml` are applied when you run `service
 gitlab restart`.
 
 ## Configuring GitLab to not use Gitaly
@@ -49,15 +47,15 @@ gitaly['enable'] = false
 ```
 
 In source installations, edit `/home/git/gitlab/config/gitlab.yml` and
-make sure `socket_path` in the `gitaly` section is commented out. This
-does not disable the Gitaly service; it only prevents it from being
-used.
+make sure `enabled` in the `gitaly` section is set to 'false'. This
+does not disable the Gitaly service in your init script; it only
+prevents it from being used.
 
 Apply the change with `service gitlab restart`.
 
 ```yaml
   gitaly:
-    # socket_path: tmp/sockets/private/gitlay.socket
+    enabled: false
 ```
 
 ## Disabling or enabling the Gitaly service
diff --git a/doc/administration/high_availability/README.md b/doc/administration/high_availability/README.md
index d5a5aef7ec0..4d3be0ab8f6 100644
--- a/doc/administration/high_availability/README.md
+++ b/doc/administration/high_availability/README.md
@@ -5,6 +5,20 @@ The solution you choose will be based on the level of scalability and
 availability you require. The easiest solutions are scalable, but not necessarily
 highly available.
 
+GitLab provides a service that is usually essential to most organizations: it
+enables people to collaborate on code in a timely fashion. Any downtime should
+therefore be short and planned. Luckily, GitLab provides a solid setup even on
+a single server without special measures. Due to the distributed nature
+of Git, developers can still commit code locally even when GitLab is not
+available. However, some GitLab features such as the issue tracker and
+Continuous Integration are not available when GitLab is down.
+
+**Keep in mind that all Highly Available solutions come with a trade-off between
+cost/complexity and uptime**. The more uptime you want, the more complex the
+solution. And the more complex the solution, the more work is involved in
+setting up and maintaining it. High availability is not free and every HA
+solution should balance the costs against the benefits.
+
 ## Architecture
 
 There are two kinds of setups:
@@ -37,6 +51,10 @@ Block Device) to keep all data in sync. DRBD requires a low latency link to
 remain in sync. It is not advisable to attempt to run DRBD between data centers
 or in different cloud availability zones.
 
+> **Note:** GitLab recommends against choosing this HA method because of the
+  complexity of managing DRBD and crafting automatic failover. This is
+  *compatible* with GitLab, but not officially *supported*.
+
 Components/Servers Required: 2 servers/virtual machines (one active/one passive)
 
 ![Active/Passive HA Diagram](../img/high_availability/active-passive-diagram.png)
diff --git a/doc/administration/high_availability/database.md b/doc/administration/high_availability/database.md
index c22b1af8bfb..da9687aa849 100644
--- a/doc/administration/high_availability/database.md
+++ b/doc/administration/high_availability/database.md
@@ -27,7 +27,7 @@ If you use a cloud-managed service, or provide your own PostgreSQL:
    steps on the download page.
 1. Create/edit `/etc/gitlab/gitlab.rb` and use the following configuration.
    Be sure to change the `external_url` to match your eventual GitLab front-end
-   URL.
+   URL. If there is a directive listed below that you do not see in the configuration, be sure to add it.
 
     ```ruby
     external_url 'https://gitlab.example.com'
@@ -39,6 +39,8 @@ If you use a cloud-managed service, or provide your own PostgreSQL:
     unicorn['enable'] = false
     sidekiq['enable'] = false
     redis['enable'] = false
+    prometheus['enable'] = false
+    gitaly['enable'] = false
     gitlab_workhorse['enable'] = false
     mailroom['enable'] = false
 
diff --git a/doc/administration/high_availability/load_balancer.md b/doc/administration/high_availability/load_balancer.md
index 3245988fc14..359de0efadb 100644
--- a/doc/administration/high_availability/load_balancer.md
+++ b/doc/administration/high_availability/load_balancer.md
@@ -13,12 +13,13 @@ you need to use with GitLab.
 | LB Port | Backend Port | Protocol        |
 | ------- | ------------ | --------------- |
 | 80      | 80           | HTTP  [^1]      |
-| 443     | 443          | HTTPS [^1] [^2] |
+| 443     | 443          | TCP or HTTPS [^1] [^2] |
 | 22      | 22           | TCP             |
 
 ## GitLab Pages Ports
 
-If you're using GitLab Pages you will need some additional port configurations.
+If you're using GitLab Pages with custom domain support you will need some 
+additional port configurations.
 GitLab Pages requires a separate virtual IP address. Configure DNS to point the
 `pages_external_url` from `/etc/gitlab/gitlab.rb` at the new virtual IP address. See the
 [GitLab Pages documentation][gitlab-pages] for more information.
diff --git a/doc/administration/high_availability/nfs.md b/doc/administration/high_availability/nfs.md
index bf1aa6b9ac5..d8e76d6ab94 100644
--- a/doc/administration/high_availability/nfs.md
+++ b/doc/administration/high_availability/nfs.md
@@ -7,21 +7,39 @@ supported natively in NFS version 4. NFSv3 also supports locking as long as
 Linux Kernel 2.6.5+ is used. We recommend using version 4 and do not
 specifically test NFSv3.
 
-**no_root_squash**: NFS normally changes the `root` user to `nobody`. This is
-a good security measure when NFS shares will be accessed by many different
-users. However, in this case only GitLab will use the NFS share so it
-is safe. GitLab requires the `no_root_squash` setting because we need to
-manage file permissions automatically. Without the setting you will receive
-errors when the Omnibus package tries to alter permissions. Note that GitLab
-and other bundled components do **not** run as `root` but as non-privileged
-users. The requirement for `no_root_squash` is to allow the Omnibus package to
-set ownership and permissions on files, as needed.
+## AWS Elastic File System
+
+GitLab does not recommend using AWS Elastic File System (EFS).
+
+Customers and users have reported that AWS EFS does not perform well for GitLab's
+use-case. There are several issues that can cause problems. For these reasons
+GitLab does not recommend using EFS with GitLab.
+
+- EFS bases allowed IOPS on volume size. The larger the volume, the more IOPS
+  are allocated. For smaller volumes, users may experience decent performance
+  for a period of time due to 'Burst Credits'. Over a period of weeks to months
+  credits may run out and performance will bottom out.
+- For larger volumes, allocated IOPS may not be the problem. Workloads where
+  many small files are written in a serialized manner are not well-suited for EFS.
+  EBS with an NFS server on top will perform much better.
+
+For more details on another person's experience with EFS, see
+[Amazon's Elastic File System: Burst Credits](https://www.rawkode.io/2017/04/amazons-elastic-file-system-burst-credits/)
 
 ### Recommended options
 
 When you define your NFS exports, we recommend you also add the following
 options:
 
+- `no_root_squash` - NFS normally changes the `root` user to `nobody`. This is
+  a good security measure when NFS shares will be accessed by many different
+  users. However, in this case only GitLab will use the NFS share so it
+  is safe. GitLab recommends the `no_root_squash` setting because we need to
+  manage file permissions automatically. Without the setting you may receive
+  errors when the Omnibus package tries to alter permissions. Note that GitLab
+  and other bundled components do **not** run as `root` but as non-privileged
+  users. The recommendation for `no_root_squash` is to allow the Omnibus package
+  to set ownership and permissions on files, as needed.
 - `sync` - Force synchronous behavior. Default is asynchronous and under certain
   circumstances it could lead to data loss if a failure occurs before data has
   synced.
diff --git a/doc/administration/high_availability/redis.md b/doc/administration/high_availability/redis.md
index b4e7bf21e35..0e92f7c5a34 100644
--- a/doc/administration/high_availability/redis.md
+++ b/doc/administration/high_availability/redis.md
@@ -42,10 +42,10 @@ instances run in different machines. If you fail to provision the machines in
 that specific way, any issue with the shared environment can bring your entire
 setup down.
 
-It is OK to run a Sentinel along with a master or slave Redis instance.
-No more than one Sentinel in the same machine though.
+It is OK to run a Sentinel alongside of a master or slave Redis instance.
+There should be no more than one Sentinel on the same machine though.
 
-You also need to take in consideration the underlying network topology,
+You also need to take into consideration the underlying network topology,
 making sure you have redundant connectivity between Redis / Sentinel and
 GitLab instances, otherwise the networks will become a single point of
 failure.
@@ -113,7 +113,7 @@ the Omnibus GitLab package in `5` **independent** machines, both with
 ### Redis setup overview
 
 You must have at least `3` Redis servers: `1` Master, `2` Slaves, and they
-need to be each in a independent machine (see explanation above).
+need to each be on independent machines (see explanation above).
 
 You can have additional Redis nodes, that will help survive a situation
 where more nodes goes down. Whenever there is only `2` nodes online, a failover
@@ -232,7 +232,7 @@ Pick the one that suits your needs.
 This is the section where we install and setup the new Redis instances.
 
 >**Notes:**
-- We assume that you install GitLab and all HA components from scratch. If you
+- We assume that you have installed GitLab and all HA components from scratch. If you
   already have it installed and running, read how to
   [switch from a single-machine installation to Redis HA](#switching-from-an-existing-single-machine-installation-to-redis-ha).
 - Redis nodes (both master and slaves) will need the same password defined in
@@ -245,10 +245,9 @@ The prerequisites for a HA Redis setup are the following:
 
 1. Provision the minimum required number of instances as specified in the
    [recommended setup](#recommended-setup) section.
-1. **Do NOT** install Redis or Redis Sentinel in the same machines your
-   GitLab application is running on. You can however opt in to install Redis
-   and Sentinel in the same machine (each in independent ones is recommended
-   though).
+1. We **Do not** recommend installing Redis or Redis Sentinel in the same machines your
+   GitLab application is running on as this weakens your HA configuration. You can however opt in to install Redis
+   and Sentinel in the same machine.
 1. All Redis nodes must be able to talk to each other and accept incoming
    connections over Redis (`6379`) and Sentinel (`26379`) ports (unless you
    change the default ones).
@@ -492,7 +491,7 @@ which ideally should not have Redis or Sentinels on it for a HA setup.
     redis['master_name'] = 'gitlab-redis'
 
     ## The same password for Redis authentication you set up for the master node.
-    redis['password'] = 'redis-password-goes-here'
+    redis['master_password'] = 'redis-password-goes-here'
 
     ## A list of sentinels with `host` and `port`
     gitlab_rails['redis_sentinels'] = [
diff --git a/doc/administration/integration/plantuml.md b/doc/administration/integration/plantuml.md
index 6515b1a264a..b21817c1fd3 100644
--- a/doc/administration/integration/plantuml.md
+++ b/doc/administration/integration/plantuml.md
@@ -1,6 +1,6 @@
 # PlantUML & GitLab
 
-> [Introduced][ce-7810] in GitLab 8.16.
+> [Introduced][ce-8537] in GitLab 8.16.
 
 When [PlantUML](http://plantuml.com) integration is enabled and configured in
 GitLab we are able to create simple diagrams in AsciiDoc and Markdown documents
@@ -28,7 +28,7 @@ using Tomcat:
 sudo apt-get install tomcat7
 sudo cp target/plantuml.war /var/lib/tomcat7/webapps/plantuml.war
 sudo chown tomcat7:tomcat7 /var/lib/tomcat7/webapps/plantuml.war
-sudo service restart tomcat7
+sudo service tomcat7 restart
 ```
 
 Once the Tomcat service restarts the PlantUML service will be ready and
@@ -93,3 +93,5 @@ Some parameters can be added to the AsciiDoc block definition:
  - *height*: Height attribute added to the img tag.
 
 Markdown does not support any parameters and will always use PNG format.
+
+[ce-8537]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/8537
\ No newline at end of file
diff --git a/doc/administration/integration/terminal.md b/doc/administration/integration/terminal.md
index 3b5ee86b68b..91e844c7b42 100644
--- a/doc/administration/integration/terminal.md
+++ b/doc/administration/integration/terminal.md
@@ -32,7 +32,7 @@ In brief:
 
 As web terminals use WebSockets, every HTTP/HTTPS reverse proxy in front of
 Workhorse needs to be configured to pass the `Connection` and `Upgrade` headers
-through to the next one in the chain. If you installed Gitlab using Omnibus, or
+through to the next one in the chain. If you installed GitLab using Omnibus, or
 from source, starting with GitLab 8.15, this should be done by the default
 configuration, so there's no need for you to do anything.
 
@@ -58,7 +58,7 @@ document for more details.
 If you'd like to disable web terminal support in GitLab, just stop passing
 the `Connection` and `Upgrade` hop-by-hop headers in the *first* HTTP reverse
 proxy in the chain. For most users, this will be the NGINX server bundled with
-Omnibus Gitlab, in which case, you need to:
+Omnibus GitLab, in which case, you need to:
 
 * Find the `nginx['proxy_set_headers']` section of your `gitlab.rb` file
 * Ensure the whole block is uncommented, and then comment out or remove the
diff --git a/doc/administration/polling.md b/doc/administration/polling.md
new file mode 100644
index 00000000000..35aaa20df2c
--- /dev/null
+++ b/doc/administration/polling.md
@@ -0,0 +1,24 @@
+# Polling configuration
+
+The GitLab UI polls for updates for different resources (issue notes, issue
+titles, pipeline statuses, etc.) on a schedule appropriate to the resource.
+
+In "Application settings -> Real-time features" you can configure "Polling
+interval multiplier". This multiplier is applied to all resources at once,
+and decimal values are supported. For the sake of the examples below, we will
+say that issue notes poll every 2 seconds, and issue titles poll every 5
+seconds; these are _not_ the actual values.
+
+- 1 is the default, and recommended for most installations. (Issue notes poll
+every 2 seconds, and issue titles poll every 5 seconds.)
+- 0 will disable UI polling completely. (On the next poll, clients will stop
+polling for updates.)
+- A value greater than 1 will slow polling down. If you see issues with
+database load from lots of clients polling for updates, increasing the
+multiplier from 1 can be a good compromise, rather than disabling polling
+completely. (For example: If this is set to 2, then issue notes poll every 4
+seconds, and issue titles poll every 10 seconds.)
+- A value between 0 and 1 will make the UI poll more frequently (so updates
+will show in other sessions faster), but is **not recommended**. 1 should be
+fast enough. (For example, if this is set to 0.5, then issue notes poll every
+1 second, and issue titles poll every 2.5 seconds.)
diff --git a/doc/administration/raketasks/github_import.md b/doc/administration/raketasks/github_import.md
new file mode 100644
index 00000000000..affb4d17861
--- /dev/null
+++ b/doc/administration/raketasks/github_import.md
@@ -0,0 +1,36 @@
+# GitHub import
+
+>**Note:**
+>
+>  - [Introduced][ce-10308] in GitLab 9.1.
+>  - You need a personal access token in order to retrieve and import GitHub 
+>    projects. You can get it from: https://github.com/settings/tokens
+>  - You also need to pass an username as the second argument to the rake task
+>    which will become the owner of the project.
+
+To import a project from the list of your GitHub projects available:
+
+```bash
+# Omnibus installations
+sudo gitlab-rake import:github[access_token,root,foo/bar]
+
+# Installations from source
+bundle exec rake import:github[access_token,root,foo/bar] RAILS_ENV=production
+```
+
+In this case, `access_token` is your GitHub personal access token, `root`
+is your GitLab username, and  `foo/bar` is the new GitLab namespace/project that 
+will get created from your GitHub project. Subgroups are also possible: `foo/foo/bar`.
+
+
+To import a specific GitHub project (named `foo/github_repo` here):
+
+```bash
+# Omnibus installations
+sudo gitlab-rake import:github[access_token,root,foo/bar,foo/github_repo]
+
+# Installations from source
+bundle exec rake import:github[access_token,root,foo/bar,foo/github_repo] RAILS_ENV=production
+```
+
+[ce-10308]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10308