Commit 0748e128 authored by James Ramsay's avatar James Ramsay

Change references to GitLab Geo to Geo

parent 027c60bd
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
> **Alpha** development. Do not use this as your only Disaster Recovery > **Alpha** development. Do not use this as your only Disaster Recovery
> strategy as you may lose data. > strategy as you may lose data.
GitLab Geo replicates your database and your Git repositories. We will Geo replicates your database and your Git repositories. We will
support and replicate more data in the future, that will enable you to support and replicate more data in the future, that will enable you to
fail-over with minimal effort, in a disaster situation. fail-over with minimal effort, in a disaster situation.
...@@ -147,7 +147,7 @@ secondary domain, like changing Git remotes and API URLs. ...@@ -147,7 +147,7 @@ secondary domain, like changing Git remotes and API URLs.
### Step 5. (Optional) Add secondary Geo replicas to a promoted primary ### Step 5. (Optional) Add secondary Geo replicas to a promoted primary
Promoting a secondary to primary using the process above does not enable Promoting a secondary to primary using the process above does not enable
GitLab Geo on the new primary. Geo on the new primary.
To bring a new secondary online, follow the To bring a new secondary online, follow the
[Geo setup instructions](../../gitlab-geo/README.md#setup-instructions). [Geo setup instructions](../../gitlab-geo/README.md#setup-instructions).
......
...@@ -25,14 +25,14 @@ instructions will break installations using older versions of OpenSSH, such as ...@@ -25,14 +25,14 @@ instructions will break installations using older versions of OpenSSH, such as
those included with CentOS 6 as of September 2017. If you want to use this those included with CentOS 6 as of September 2017. If you want to use this
feature for CentOS 6, follow [the instructions on how to build and install a custom OpenSSH package](#compiling-a-custom-version-of-openssh-for-centos-6) before continuing. feature for CentOS 6, follow [the instructions on how to build and install a custom OpenSSH package](#compiling-a-custom-version-of-openssh-for-centos-6) before continuing.
## Fast lookup is required for GitLab Geo ## Fast lookup is required for Geo
By default, GitLab manages an `authorized_keys` file, which contains all the By default, GitLab manages an `authorized_keys` file, which contains all the
public SSH keys for users allowed to access GitLab. However, to maintain a public SSH keys for users allowed to access GitLab. However, to maintain a
single source of truth, [Geo](../../gitlab-geo/README.md) needs to be configured to perform SSH fingerprint single source of truth, [Geo](../../gitlab-geo/README.md) needs to be configured to perform SSH fingerprint
lookups via database lookup. lookups via database lookup.
As part of [setting up GitLab Geo](../../gitlab-geo/README.md#setup-instructions), As part of [setting up Geo](../../gitlab-geo/README.md#setup-instructions),
you will be required to follow the steps outlined below for both the primary and you will be required to follow the steps outlined below for both the primary and
secondary nodes, but note that the `Write to "authorized keys" file` checkbox secondary nodes, but note that the `Write to "authorized keys" file` checkbox
only needs to be unchecked on the primary node since it will be reflected only needs to be unchecked on the primary node since it will be reflected
......
...@@ -29,7 +29,7 @@ Any change in the URL will need to be reflected on disk (when groups / users or ...@@ -29,7 +29,7 @@ Any change in the URL will need to be reflected on disk (when groups / users or
projects are renamed). This can add a lot of load in big installations, projects are renamed). This can add a lot of load in big installations,
especially if using any type of network based filesystem. especially if using any type of network based filesystem.
For GitLab Geo in particular: Geo does work with legacy storage, but in some For Geo in particular: Geo does work with legacy storage, but in some
edge cases due to race conditions it can lead to errors when a project is edge cases due to race conditions it can lead to errors when a project is
renamed multiple times in short succession, or a project is deleted and renamed multiple times in short succession, or a project is deleted and
recreated under the same name very quickly. We expect these race events to be recreated under the same name very quickly. We expect these race events to be
......
# GitLab Geo # Geo
Geo feature requires that we orchestrate a lot of components together. Geo feature requires that we orchestrate a lot of components together.
For the Database we need to setup a streaming replication. Any operation on disk For the Database we need to setup a streaming replication. Any operation on disk
......
# GitLab Geo # Geo (Geo Replication)
> **Notes:** > **Notes:**
- GitLab Geo is part of [GitLab Premium][ee]. - Geo is part of [GitLab Premium][ee].
- Introduced in GitLab Enterprise Edition 8.9. - Introduced in GitLab Enterprise Edition 8.9.
We recommend you use it with at least GitLab Enterprise Edition 10.0 for We recommend you use it with at least GitLab Enterprise Edition 10.0 for
basic Geo features, or latest version for a better experience. basic Geo features, or latest version for a better experience.
- You should make sure that all nodes run the same GitLab version. - You should make sure that all nodes run the same GitLab version.
- GitLab Geo requires PostgreSQL 9.6 and Git 2.9 in addition to GitLab's usual - Geo requires PostgreSQL 9.6 and Git 2.9 in addition to GitLab's usual
[minimum requirements](../install/requirements.md) [minimum requirements](../install/requirements.md)
- Using GitLab Geo in combination with High Availability is considered **GA** in GitLab Enterprise Edition 10.4 - Using Geo in combination with High Availability is considered **GA** in GitLab Enterprise Edition 10.4
>**Note:** >**Note:**
GitLab Geo changes significantly from release to release. Upgrades **are** Geo changes significantly from release to release. Upgrades **are**
supported and [documented](#updating-the-geo-nodes), but you should ensure that supported and [documented](#updating-the-geo-nodes), but you should ensure that
you're following the right version of the documentation for your installation! you're following the right version of the documentation for your installation!
The best way to do this is to follow the documentation from the `/help` endpoint The best way to do this is to follow the documentation from the `/help` endpoint
on your **primary** node, but you can also navigate to [this page on GitLab.com](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/doc/gitlab-geo/README.md) on your **primary** node, but you can also navigate to [this page on GitLab.com](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/doc/gitlab-geo/README.md)
and choose the appropriate release from the `tags` dropdown, e.g., `v10.0.0-ee`. and choose the appropriate release from the `tags` dropdown, e.g., `v10.0.0-ee`.
GitLab Geo allows you to replicate your GitLab instance to other geographical Geo allows you to replicate your GitLab instance to other geographical
locations as a read-only fully operational version. locations as a read-only fully operational version.
## Overview ## Overview
...@@ -31,7 +31,7 @@ Your Geo instance can be used for cloning and fetching projects, in addition to ...@@ -31,7 +31,7 @@ Your Geo instance can be used for cloning and fetching projects, in addition to
reading any data. This will make working with large repositories over large reading any data. This will make working with large repositories over large
distances much faster. distances much faster.
![GitLab Geo overview](img/geo-overview.png) ![Geo overview](img/geo-overview.png)
When Geo is enabled, we refer to your original instance as a **primary** node When Geo is enabled, we refer to your original instance as a **primary** node
and the replicated read-only ones as **secondaries**. and the replicated read-only ones as **secondaries**.
...@@ -57,9 +57,9 @@ custom integrations and internal workflows ...@@ -57,9 +57,9 @@ custom integrations and internal workflows
## Architecture ## Architecture
The following diagram illustrates the underlying architecture of GitLab Geo: The following diagram illustrates the underlying architecture of Geo:
![GitLab Geo architecture](img/geo-architecture.png) ![Geo architecture](img/geo-architecture.png)
[Source diagram](https://docs.google.com/drawings/d/1Abw0P_H0Ew1-2Lj_xPDRWP87clGIke-1fil7_KQqrtE/edit) [Source diagram](https://docs.google.com/drawings/d/1Abw0P_H0Ew1-2Lj_xPDRWP87clGIke-1fil7_KQqrtE/edit)
...@@ -88,7 +88,7 @@ current version of OpenSSH: ...@@ -88,7 +88,7 @@ current version of OpenSSH:
* Ubuntu 16.04 * Ubuntu 16.04
Note that CentOS 6 and 7.0 ship with an old version of OpenSSH that do not Note that CentOS 6 and 7.0 ship with an old version of OpenSSH that do not
support a feature that Geo requires. See the [documentation on GitLab Geo SSH support a feature that Geo requires. See the [documentation on Geo SSH
access](../administration/operations/fast_ssh_key_lookup.md) for more details. access](../administration/operations/fast_ssh_key_lookup.md) for more details.
### LDAP ### LDAP
...@@ -145,7 +145,7 @@ If you installed GitLab using the Omnibus packages (highly recommended): ...@@ -145,7 +145,7 @@ If you installed GitLab using the Omnibus packages (highly recommended):
as the **secondary** Geo node. Do not create an account or login to the new as the **secondary** Geo node. Do not create an account or login to the new
secondary node. secondary node.
1. [Upload the GitLab License](../user/admin_area/license.md) on the **primary** 1. [Upload the GitLab License](../user/admin_area/license.md) on the **primary**
Geo node to unlock GitLab Geo. Geo node to unlock Geo.
1. [Setup the database replication](database.md) (`primary (read-write) <-> 1. [Setup the database replication](database.md) (`primary (read-write) <->
secondary (read-only)` topology). secondary (read-only)` topology).
1. [Configure fast lookup of authorized SSH keys in the database](../administration/operations/fast_ssh_key_lookup.md), 1. [Configure fast lookup of authorized SSH keys in the database](../administration/operations/fast_ssh_key_lookup.md),
...@@ -165,7 +165,7 @@ If you installed GitLab from source: ...@@ -165,7 +165,7 @@ If you installed GitLab from source:
will serve as the **secondary** Geo node. Do not create an account or login will serve as the **secondary** Geo node. Do not create an account or login
to the new secondary node. to the new secondary node.
1. [Upload the GitLab License](../user/admin_area/license.md) on the **primary** 1. [Upload the GitLab License](../user/admin_area/license.md) on the **primary**
Geo node to unlock GitLab Geo. Geo node to unlock Geo.
1. [Setup the database replication](database_source.md) (`primary (read-write) 1. [Setup the database replication](database_source.md) (`primary (read-write)
<-> secondary (read-only)` topology). <-> secondary (read-only)` topology).
1. [Configure fast lookup of authorized SSH keys in the database](../administration/operations/fast_ssh_key_lookup.md), 1. [Configure fast lookup of authorized SSH keys in the database](../administration/operations/fast_ssh_key_lookup.md),
...@@ -176,19 +176,19 @@ If you installed GitLab from source: ...@@ -176,19 +176,19 @@ If you installed GitLab from source:
[install-ee-source]: https://docs.gitlab.com/ee/install/installation.html "GitLab Enterprise Edition installation from source" [install-ee-source]: https://docs.gitlab.com/ee/install/installation.html "GitLab Enterprise Edition installation from source"
## Configuring GitLab Geo ## Configuring Geo
Read through the [GitLab Geo configuration](configuration.md) documentation. Read through the [Geo configuration](configuration.md) documentation.
## Updating the Geo nodes ## Updating the Geo nodes
Read how to [update your Geo nodes to the latest GitLab version](updating_the_geo_nodes.md). Read how to [update your Geo nodes to the latest GitLab version](updating_the_geo_nodes.md).
## Configuring GitLab Geo HA ## Configuring Geo HA
Read through the [Geo High Availability documentation](ha.md). Read through the [Geo High Availability documentation](ha.md).
## Configuring GitLab Geo with Object storage ## Configuring Geo with Object storage
When you have object storage enabled, please consult the When you have object storage enabled, please consult the
[Geo with Object Storage](object_storage.md) documentation. [Geo with Object Storage](object_storage.md) documentation.
...@@ -224,13 +224,13 @@ example: ...@@ -224,13 +224,13 @@ example:
This message shows that Geo detected that a repository update was needed for project 1. This message shows that Geo detected that a repository update was needed for project 1.
## Security of GitLab Geo ## Security of Geo
Read the [security review](security-review.md) page. Read the [security review](security-review.md) page.
## Tuning Geo ## Tuning Geo
Read the [GitLab Geo tuning](tuning.md) documentation. Read the [Geo tuning](tuning.md) documentation.
## Troubleshooting ## Troubleshooting
......
# GitLab Geo configuration # Geo configuration
>**Note:** >**Note:**
This is the documentation for the Omnibus GitLab packages. For installations This is the documentation for the Omnibus GitLab packages. For installations
from source, follow the [**GitLab Geo nodes configuration for installations from source, follow the [**Geo nodes configuration for installations
from source**](configuration_source.md) guide. from source**](configuration_source.md) guide.
## Configuring a new secondary node ## Configuring a new secondary node
...@@ -169,7 +169,7 @@ on the secondary. ...@@ -169,7 +169,7 @@ on the secondary.
### Step 5. Enable Git access over HTTP/HTTPS ### Step 5. Enable Git access over HTTP/HTTPS
GitLab Geo synchronizes repositories over HTTP/HTTPS, and therefore requires this clone Geo synchronizes repositories over HTTP/HTTPS, and therefore requires this clone
method to be enabled. Navigate to **Admin Area ➔ Settings** method to be enabled. Navigate to **Admin Area ➔ Settings**
(`/admin/application_settings`) on the primary node, and set (`/admin/application_settings`) on the primary node, and set
`Enabled Git access protocols` to `Both SSH and HTTP(S)` or `Only HTTP(S)`. `Enabled Git access protocols` to `Both SSH and HTTP(S)` or `Only HTTP(S)`.
...@@ -187,7 +187,7 @@ The initial replication, or 'backfill', will probably still be in progress. You ...@@ -187,7 +187,7 @@ The initial replication, or 'backfill', will probably still be in progress. You
can monitor the synchronization process on each geo node from the primary can monitor the synchronization process on each geo node from the primary
node's Geo Nodes dashboard in your browser. node's Geo Nodes dashboard in your browser.
![GitLab Geo dashboard](img/geo-node-dashboard.png) ![Geo dashboard](img/geo-node-dashboard.png)
If your installation isn't working properly, check the If your installation isn't working properly, check the
[troubleshooting document](troubleshooting.md). [troubleshooting document](troubleshooting.md).
...@@ -218,7 +218,7 @@ Currently, this is what is synced: ...@@ -218,7 +218,7 @@ Currently, this is what is synced:
## Selective synchronization ## Selective synchronization
GitLab Geo supports selective synchronization, which allows admins to choose Geo supports selective synchronization, which allows admins to choose
which projects should be synchronized by secondary nodes. which projects should be synchronized by secondary nodes.
It is important to note that selective synchronization does not: It is important to note that selective synchronization does not:
......
# GitLab Geo configuration # Geo configuration
>**Note:** >**Note:**
This is the documentation for installations from source. For installations This is the documentation for installations from source. For installations
using the Omnibus GitLab packages, follow the using the Omnibus GitLab packages, follow the
[**Omnibus GitLab Geo nodes configuration**](configuration.md) guide. [**Omnibus Geo nodes configuration**](configuration.md) guide.
## Configuring a new secondary node ## Configuring a new secondary node
...@@ -111,7 +111,7 @@ update-ca-certificates ...@@ -111,7 +111,7 @@ update-ca-certificates
### Step 5. Enable Git access over HTTP/HTTPS ### Step 5. Enable Git access over HTTP/HTTPS
GitLab Geo synchronizes repositories over HTTP/HTTPS, and therefore requires this clone Geo synchronizes repositories over HTTP/HTTPS, and therefore requires this clone
method to be enabled. Navigate to **Admin Area ➔ Settings** method to be enabled. Navigate to **Admin Area ➔ Settings**
(`/admin/application_settings`) on the primary node, and set (`/admin/application_settings`) on the primary node, and set
`Enabled Git access protocols` to `Both SSH and HTTP(S)` or `Only HTTP(S)`. `Enabled Git access protocols` to `Both SSH and HTTP(S)` or `Only HTTP(S)`.
......
# GitLab Geo database replication # Geo database replication
>**Note:** >**Note:**
This is the documentation for the Omnibus GitLab packages. For installations This is the documentation for the Omnibus GitLab packages. For installations
...@@ -104,7 +104,7 @@ The following guide assumes that: ...@@ -104,7 +104,7 @@ The following guide assumes that:
1. Configure PostgreSQL to listen on network interfaces 1. Configure PostgreSQL to listen on network interfaces
For security reasons, PostgreSQL does not listen on any network interfaces For security reasons, PostgreSQL does not listen on any network interfaces
by default. However, GitLab Geo requires the secondary to be able to by default. However, Geo requires the secondary to be able to
connect to the primary's database. For this reason, we need the address of connect to the primary's database. For this reason, we need the address of
each node. Note: For external PostgreSQL instances, see [additional instructions][external postgresql]. each node. Note: For external PostgreSQL instances, see [additional instructions][external postgresql].
...@@ -439,7 +439,7 @@ The `geo_primary_role` makes configuration changes to `pg_hba.conf` and ...@@ -439,7 +439,7 @@ The `geo_primary_role` makes configuration changes to `pg_hba.conf` and
``` ```
## ##
## GitLab Geo Primary ## Geo Primary
## - pg_hba.conf ## - pg_hba.conf
## ##
host replication gitlab_replicator <trusted secondary IP>/32 md5 host replication gitlab_replicator <trusted secondary IP>/32 md5
...@@ -480,7 +480,7 @@ instructions for [enabling tracking database on the secondary server][tracking]. ...@@ -480,7 +480,7 @@ instructions for [enabling tracking database on the secondary server][tracking].
## MySQL replication ## MySQL replication
MySQL replication is not supported for GitLab Geo. MySQL replication is not supported for Geo.
## Troubleshooting ## Troubleshooting
......
# GitLab Geo database replication # Geo database replication
>**Note:** >**Note:**
This is the documentation for installations from source. For installations This is the documentation for installations from source. For installations
...@@ -142,7 +142,7 @@ The following guide assumes that: ...@@ -142,7 +142,7 @@ The following guide assumes that:
nodes that you may potentially have (at least 1). nodes that you may potentially have (at least 1).
For security reasons, PostgreSQL by default only listens on the local For security reasons, PostgreSQL by default only listens on the local
interface (e.g. 127.0.0.1). However, GitLab Geo needs to communicate interface (e.g. 127.0.0.1). However, Geo needs to communicate
between the primary and secondary nodes over a common network, such as a between the primary and secondary nodes over a common network, such as a
corporate LAN or the public Internet. For this reason, we need to corporate LAN or the public Internet. For this reason, we need to
configure PostgreSQL to listen on more interfaces. configure PostgreSQL to listen on more interfaces.
...@@ -383,7 +383,7 @@ The replication process is now over. ...@@ -383,7 +383,7 @@ The replication process is now over.
## MySQL replication ## MySQL replication
MySQL replication is not supported for GitLab Geo. MySQL replication is not supported for Geo.
## Troubleshooting ## Troubleshooting
......
# GitLab Geo High Availability # Geo High Availability
This document describes a minimal reference architecture for running GitLab Geo This document describes a minimal reference architecture for running Geo
in a high availability configuration. If your HA setup differs from the one in a high availability configuration. If your HA setup differs from the one
described, it is possible to adapt these instructions to your needs. described, it is possible to adapt these instructions to your needs.
...@@ -17,11 +17,11 @@ one geographic location can communicate with each other using their private IP a ...@@ -17,11 +17,11 @@ one geographic location can communicate with each other using their private IP a
The IP addresses given are examples and may be different depending on the The IP addresses given are examples and may be different depending on the
network topology of your deployment. network topology of your deployment.
The only external way to access the two GitLab Geo deployments is by HTTPS at The only external way to access the two Geo deployments is by HTTPS at
`gitlab.us.example.com` and `gitlab.eu.example.com` in the example above. `gitlab.us.example.com` and `gitlab.eu.example.com` in the example above.
NOTE: **Note:** > **Note:** The primary and secondary Geo deployments must be able to
The primary and secondary GitLab Geo deployments must be able to communicate to each other over HTTPS. > communicate to each other over HTTPS.
## Redis and PostgreSQL High Availability ## Redis and PostgreSQL High Availability
...@@ -130,7 +130,7 @@ the addresses of the remote endpoints for PostgreSQL and Redis will need to be s ...@@ -130,7 +130,7 @@ the addresses of the remote endpoints for PostgreSQL and Redis will need to be s
On the secondary the remote endpoint for the PostgreSQL Geo database will On the secondary the remote endpoint for the PostgreSQL Geo database will
be specified. be specified.
1. Edit `/etc/gitlab/gitlab.rb` and ensure the following to disable PostgreSQL and Redis from running locally. Configure the secondary to connect to the GitLab Geo tracking database. 1. Edit `/etc/gitlab/gitlab.rb` and ensure the following to disable PostgreSQL and Redis from running locally. Configure the secondary to connect to the Geo tracking database.
```ruby ```ruby
......
# GitLab Geo with Object storage # Geo with Object storage
GitLab Geo can be used in combination with Object Storage (AWS S3, or Geo can be used in combination with Object Storage (AWS S3, or
other compatible object storage). other compatible object storage).
## Configuration ## Configuration
......
The following security review of the GitLab Geo feature set focuses on security The following security review of the Geo feature set focuses on security
aspects of the feature as they apply to customers running their own GitLab aspects of the feature as they apply to customers running their own GitLab
instances. The review questions are based in part on the [application security architecture](https://www.owasp.org/index.php/Application_Security_Architecture_Cheat_Sheet) instances. The review questions are based in part on the [application security architecture](https://www.owasp.org/index.php/Application_Security_Architecture_Cheat_Sheet)
questions from [owasp.org](https://www.owasp.org). questions from [owasp.org](https://www.owasp.org).
......
# GitLab Geo Troubleshooting # Geo Troubleshooting
>**Note:** >**Note:**
This list is an attempt to document all the moving parts that can go wrong. This list is an attempt to document all the moving parts that can go wrong.
...@@ -21,7 +21,7 @@ to help identify if something is wrong: ...@@ -21,7 +21,7 @@ to help identify if something is wrong:
- Is the node's secondary tracking database connected? - Is the node's secondary tracking database connected?
- Is the node's secondary tracking database up-to-date? - Is the node's secondary tracking database up-to-date?
![GitLab Geo health check](img/geo-node-healthcheck.png) ![Geo health check](img/geo-node-healthcheck.png)
There is also an option to check the status of the secondary node by running a special rake task: There is also an option to check the status of the secondary node by running a special rake task:
......
# Tuning GitLab Geo # Tuning Geo
## Changing the sync capacity values ## Changing the sync capacity values
......
...@@ -5,7 +5,7 @@ different steps. ...@@ -5,7 +5,7 @@ different steps.
## General update steps ## General update steps
In order to update the GitLab Geo nodes when a new GitLab version is released, In order to update the Geo nodes when a new GitLab version is released,
all you need to do is update GitLab itself: all you need to do is update GitLab itself:
1. Log into each node (primary and secondaries) 1. Log into each node (primary and secondaries)
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# Using a Geo Server # Using a Geo Server
After you set up the [database replication and configure the GitLab Geo nodes][req], After you set up the [database replication and configure the Geo nodes][req],
there are a few things to consider: there are a few things to consider:
1. Users need an extra step to be able to fetch code from the secondary and push 1. Users need an extra step to be able to fetch code from the secondary and push
......
...@@ -105,7 +105,7 @@ features of GitLab work with MySQL/MariaDB: ...@@ -105,7 +105,7 @@ features of GitLab work with MySQL/MariaDB:
1. MySQL support for subgroups was [dropped with GitLab 9.3][post]. 1. MySQL support for subgroups was [dropped with GitLab 9.3][post].
See [issue #30472][30472] for more information. See [issue #30472][30472] for more information.
1. GitLab Geo does [not support MySQL](https://docs.gitlab.com/ee/gitlab-geo/database.html#mysql-replication). 1. Geo does [not support MySQL](https://docs.gitlab.com/ee/gitlab-geo/database.html#mysql-replication).
1. [Zero downtime migrations][zero] do not work with MySQL 1. [Zero downtime migrations][zero] do not work with MySQL
1. [Database load balancing](../administration/database_load_balancing.md) is 1. [Database load balancing](../administration/database_load_balancing.md) is
supported only for PostgreSQL. supported only for PostgreSQL.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment