Merge branch 'update-ha-db-docs' into 'master'

Rename the Alpha PG HA documentation to just the PG HA documentation See merge request gitlab-org/gitlab-ee!3151

Merge branch 'update-ha-db-docs' into 'master'
Rename the Alpha PG HA documentation to just the PG HA documentation See merge request gitlab-org/gitlab-ee!3151
7e8fca42 · Marin Jankovski · 6652f967 · 41f6edbe · 7e8fca42
Commit 7e8fca42 authored Oct 24, 2017 by Marin Jankovski
Show whitespace changes
Inline Side-by-side

Showing with 206 additions and 110 deletions

doc/administration/high_availability/alpha_database.md doc/administration/high_availability/alpha_database.md +206 -110

No files found.
--- a/doc/administration/high_availability/alpha_database.md
+++ b/doc/administration/high_availability/alpha_database.md
-# Omnibus GitLab PostgreSQL High Availability
+# Configuring a Database for GitLab HA
-> Available in [Omnibus GitLab Enterprise Edition Premium](https://about.gitlab.com/gitlab-ee/).
+There are multiple ways in which you can achieve Database High Availability
+for use with GitLab:
-CAUTION: **Warning:**
+* Use bundled services and configuration provided by the Omnibus GitLab package.
-This functionality should be considered **beta**, use with caution.
+This option is available with [Enterprise Edition Premium](https://about.gitlab.com/gitlab-ee/) license.
+* Use a cloud hosted solution
+* Install and manage the database and other components yourself
-## Overview
+> Important notes:
+- Please read [database requirements document](https://docs.gitlab.com/ee/install/requirements.html#database) for more information on supported databases.
-GitLab supports multiple options for its database backend:
+- This document will focus only on configuration supported with [GitLab Enterprise Edition Premium](https://about.gitlab.com/gitlab-ee/), using the Omnibus GitLab package.
+- If you are a Community Edition or Enterprise Edition Starter user, consider using a cloud hosted solution.
+- This document will not cover installations from source.
-1. Using the Omnibus GitLab package to configure PG in HA setup (Enterprise Premium only).
+>
-1. Using GitLab with an [externally managed PostgreSQL service](../external_database.md).
+- If HA setup is not what you were looking for,  see the [database configuration document](http://docs.gitlab.com/omnibus/settings/database.html)
-   This could be a cloud provider, your own service, or for a non-HA option.
+for the Omnibus GitLab packages.
-1. Using the Omnibus Gitlab Community or Enterprise Starter Edition packages with
-   a [single PostgreSQL instance](http://docs.gitlab.com/omnibus/settings/database.html).
-This document focuses on the first option.
+## Overview
-## Preparation
+>
+Please read this document fully before attempting to configure PostgreSQL HA
+for GitLab.
-The recommended configuration for a PostgreSQL HA setup requires:
+The recommended configuration for a PostgreSQL HA requires:
- A minimum of three consul server nodes
+- A minimum of three database nodes
- A minimum of two database nodes
  - Each node will run the following services:
-    - PostgreSQL - The database itself
+    - `PostgreSQL` - The database itself
-    - repmgrd - A service to monitor, and handle failover in case of a master failure
+    - `repmgrd` - A service to monitor, and handle failover in case of a failure
-    - Consul - Used for service discovery, to alert other nodes when failover occurs
+    - `Consul` agent - Used for service discovery, to alert other nodes when failover occurs
- At least one separate node for running the `pgbouncer` service.
+- A minimum of three `Consul` server nodes
+- A minimum of one `pgbouncer` service node
+You also need to take into consideration the underlying network topology,
+making sure you have redundant connectivity between all Database and GitLab instances,
+otherwise the networks will become a single point of failure.
 ## Required information
-**Network information for all nodes**
+Before proceeding with configuration, you will need to collect all the necessary
+information.
+### Network information
- DNS names - By default, `repmgr` and `pgbouncer` use DNS to locate nodes
+PostgreSQL does not listen on any network interface by default. It needs to know
- IP address - PostgreSQL does not listen on any network interface by default.
+which IP address to listen on in order to be accessible to other services.
-  It needs to know which IP address to listen on in order to use the network
+Similarly, PostgreSQL access is controlled based on the network source.
-  interface. It can be set to `0.0.0.0` to listen on all interfaces. It cannot
+This is why you will need:
+> IP address of each nodes network interface
+- This can be set to `0.0.0.0` to listen on all interfaces. It cannot
  be set to the loopack address `127.0.0.1`
- Network Address - PostgreSQL access is controlled based on the network source.
-  This can be in subnet (i.e. `192.168.0.0/255.255.255.0`) or CIDR (i.e.
+> Network Address
+- This can be in subnet (i.e. `192.168.0.0/255.255.255.0`) or CIDR (i.e.
  `192.168.0.0/24`) form.
-**User information for `pgbouncer` service**
+### User information
- The service runs as the same user as the database, default of `gitlab-psql`
+Various services require different configuration to secure
- The service will have a regular database user account generated for it
+the communication as well as information required for running the service.
- Default username is `pgbouncer`. In the rest of the documentation we will
+Bellow you will find details on each service and the minimum required
-  refer to this username as `PGBOUNCER_USERNAME`
+information you need to provide.
- Password for `pgbouncer` service. In the rest of the documentation we will
-  refer to this password as `PGBOUNCER_PASSWORD`
+#### Consul
- Password hash for `pgbouncer` service generated from the `pgbouncer` username
-  and password pair with:
+When using default setup, minimum configuration requires:
+- `CONSUL_DATABASE_PASSWORD`. Password for the database user.
+- `CONSUL_PASSWORD_HASH`. This is a hash generated out of consul username/password pair.
+Can be generated with:
    ```sh
-    echo -n 'PASSWORD+USERNAME' | md5sum
+    echo -n 'CONSUL_DATABASE_PASSWORDCONSUL_USERNAME' | md5sum
    ```
+- You'll also need to supply the IP addresses or DNS records of Consul
+server nodes.
-    In the rest of the documentation we will refer to this hash as `PGBOUNCER_PASSWORD_HASH`
+Few notes on the service itself:
- This password will be stored in the following locations:
-  - `/etc/gitlab/gitlab.rb`: hashed, and in plain text
+- The service runs under a system account, by default `gitlab-consul`.
+  - If you are using a different username, you will have to specify it. We
+will refer to it with `CONSUL_USERNAME`,
+- There will be a database user created with read only access to the repmgr
+database
+- Passwords will be stored in the following locations:
+  - `/etc/gitlab/gitlab.rb`: hashed
  - `/var/opt/gitlab/pgbouncer/pg_auth`: hashed
+  - `/var/opt/gitlab/gitlab-consul/.pgpass`: plaintext
-**User information for the Repmgr service**
+#### PostgreSQL
- The service runs under the same system account as the database by default.
+When configuring PostgreSQL, we will set `max_wal_senders` to one more than
- The service requires a superuser database account be generated for it. This
+the number of database nodes in the cluster.
-  defaults to `gitlab_repmgr`
+This is used to prevent replication from using up all of the
+available database connections.
-**User information for the Consul service**
+> Note:
+- In this document we are assuming 3 database nodes, which makes this configuration:
- The consul service runs under a dedicated system account by default,
+```
-  `gitlab-consul`. In the rest of the documentation we will refer to this
+postgresql['max_wal_senders'] = 4
-  username as `CONSUL_USERNAME`
+```
- There will be a database user created with read only access to the repmgr
-  database
+As previously mentioned, you'll have to prepare the network subnets that will
- Password for the database user. In the rest of the documentation we will
+be allowed to authenticate with the database.
-  refer to this password as `CONSUL_DATABASE_PASSWORD`
+You'll also need to supply the IP addresses or DNS records of Consul
- Password hash for `gitlab-consul` service generated from the `gitlab-consul`
+server nodes.
-  username and password pair with:
+#### Pgbouncer
+When using default setup, minimum configuration requires:
+- `PGBOUNCER_PASSWORD`. This is a password for pgbouncer service.
+- `PGBOUNCER_PASSWORD_HASH`. This is a hash generated out of pgbouncer username/password pair.
+Can be generated with:
    ```sh
-      echo -n 'PASSWORD+USERNAME' | md5sum
+    echo -n 'PGBOUNCER_PASSWORDPGBOUNCER_USERNAME' | md5sum
    ```
+- `PGBOUNCER_NODE`, is the IP address or a FQDN of the node running Pgbouncer.
-      In the rest of the documentation we will refer to this hash as `CONSUL_PASSWORD_HASH`
+Few notes on the service itself:
- This password will be stored in the following locations:
-  - `/etc/gitlab/gitlab.rb`: hashed
+- The service runs as the same system account as the database
+  - In the package, this is by default `gitlab-psql`
+- If you use a non-default user account for Pgbouncer service (by default `pgbouncer`), you will have to specify this username. We will refer to this requirement with `PGBOUNCER_USERNAME`.
+- The service will have a regular database user account generated for it
+  - This defaults to `repmgr`
+- Passwords will be stored in the following locations:
+  - `/etc/gitlab/gitlab.rb`: hashed, and in plain text
  - `/var/opt/gitlab/pgbouncer/pg_auth`: hashed
-  - `/var/opt/gitlab/gitlab-consul/.pgpass`: plaintext
-**The number of nodes in the database cluster**
+#### Repmgr
-When configuring PostgreSQL, we will set `max_wal_senders` to one more than
+When using default setup, you will only have to prepare the network subnets that will
-this number. This is used to prevent replication from using up all of the
+be allowed to authenticate with the service.
-available database connections.
+Few notes on the service itself:
+- The service runs under the same system account as the database
+  -  In the package, this is by default `gitlab-psql`
+- The service will have a superuser database user account generated for it
+  - This defaults to `gitlab_repmgr`
 ## Installing Omnibus GitLab
 First, make sure to [download/install](https://about.gitlab.com/installation)
 GitLab Omnibus **on each node**.
-Just follow **steps 1 and 2**, do not complete any other steps shown in the
+Make sure you install the necessary dependencies from step 1,
-page above.
+add GitLab package repository from step 2.
+When installing the GitLab package, do not supply `EXTERNAL_URL` value.
 ## Initial node configuration
 Each node needs to be configured to run only the services it needs.
-### Configuring the Consul server nodes
+### Consul nodes
 On each Consul node perform the following:
+1. Make sure you collect all required information before executing the next step.
+See `START user configuration` section in the next step for required information.
 1. Edit `/etc/gitlab/gitlab.rb`:
    ```ruby
@@ -125,15 +177,18 @@ On each Consul node perform the following:
    postgresql['enable'] = false
    redis['enable'] = false
    sidekiq['enable'] = false
+    prometheus['enable'] = false
    unicorn['enable'] = false
    consul['enable'] = true
    # START user configuration
-    # Please set the real values as explained in Required Information section
+    # Replace placeholders:
    #
+    # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
+    # with real information.
    consul['configuration'] = {
      server: true,
-      retry_join: %w(NAMES OR IPS OF ALL CONSUL NODES)
+      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z)
    }
    #
    # END user configuration
@@ -141,51 +196,63 @@ On each Consul node perform the following:
 1. [Reconfigure GitLab] for the changes to take effect.
-### Configuring the Database nodes
+After this is completed on each Consul server node, proceed further.
+### Database nodes
 On each database node perform the following:
+1. Make sure you collect all required information before executing the next step.
+See `START user configuration` section in the next step for required information.
 1. Edit `/etc/gitlab/gitlab.rb`:
    ```ruby
-    # Disable all components except PostgreSQL
+    # Disable all components except PostgreSQL and Repmgr and Consul
-    postgresql['enable'] = true
    bootstrap['enable'] = false
+    gitaly['enable'] = false
+    mailroom['enable'] = false
    nginx['enable'] = false
    unicorn['enable'] = false
    sidekiq['enable'] = false
    redis['enable'] = false
-    gitaly['enable'] = false
    gitlab_workhorse['enable'] = false
    mailroom['enable'] = false
+    prometheus['enable'] = false
+    repmgr['enable'] = true
+    postgresql['enable'] = true
+    consul['enable'] = true
    # PostgreSQL configuration
    postgresql['listen_address'] = '0.0.0.0'
-    postgresql['trust_auth_cidr_addresses'] = %w(127.0.0.0/24)
-    postgresql['md5_auth_cidr_addresses'] = %w(0.0.0.0/0)
    postgresql['hot_standby'] = 'on'
    postgresql['wal_level'] = 'replica'
    postgresql['shared_preload_libraries'] = 'repmgr_funcs'
-    # repmgr configuration
-    repmgr['enable'] = true
    # Disable automatic database migrations
    gitlab_rails['auto_migrate'] = false
-    # Enable the consul agent
+    # Configure the consul agent
-    consul['enable'] = true
    consul['services'] = %w(postgresql)
    # START user configuration
    # Please set the real values as explained in Required Information section
    #
-    postgresql['pgbouncer_user'] = 'PGBOUNCER_USER'
+    # Replace PGBOUNCER_PASSWORD_HASH with a generated md5 value
-    postgresql['pgbouncer_user_password'] = 'PGBOUNCER_PASSWORD_HASH' # This is the hash generated in the preparation section
+    postgresql['pgbouncer_user_password'] = 'PGBOUNCER_PASSWORD_HASH'
+    # Replace X with value of number of db nodes + 1
    postgresql['max_wal_senders'] = X
-    repmgr['trust_auth_cidr_addresses'] = %w(XXX.XXX.XXX.XXX/YY) # This should be the CIDR of the network(s) your database nodes are on
+    # Replace XXX.XXX.XXX.XXX/YY with Network Address
+    postgresql['trust_auth_cidr_addresses'] = %w(XXX.XXX.XXX.XXX/YY)
+    repmgr['trust_auth_cidr_addresses'] = %w(XXX.XXX.XXX.XXX/YY)
+    # Replace placeholders:
+    #
+    # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
+    # with real information.
    consul['configuration'] = {
-      retry_join: %w(NAMES OR IPS OF ALL CONSUL NODES)
+      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z)
    }
    #
    # END user configuration
@@ -193,34 +260,44 @@ On each database node perform the following:
 1. [Reconfigure GitLab] for the changes to take effect.
+> Please note:
+- If you want your database to listen on a specific interface, change the config:
+`postgresql['listen_address'] = '0.0.0.0'`
+- If your Pgbouncer service runs under a different user account,
+you also need to specify: `postgresql['pgbouncer_user'] = PGBOUNCER_USERNAME` in
+your configuration
+`
 ### Configuring the Pgbouncer node
 1. Edit `/etc/gitlab/gitlab.rb`:
    ```ruby
-    # Disable all components except Pgbouncer
+    # Disable all components except Pgbouncer and Consul agent
-    postgresql['enable'] = false
    bootstrap['enable'] = false
+    gitaly['enable'] = false
+    mailroom['enable'] = false
    nginx['enable'] = false
+    redis['enable'] = false
+    prometheus['enable'] = false
+    postgresql['enable'] = false
    unicorn['enable'] = false
    sidekiq['enable'] = false
-    redis['enable'] = false
-    gitaly['enable'] = false
    gitlab_workhorse['enable'] = false
-    mailroom['enable'] = false
    pgbouncer['enable'] = true
+    consul['enable'] = true
-    # Configure pgbouncer
+    # Configure Pgbouncer
    pgbouncer['admin_users'] = %w(pgbouncer gitlab-consul)
-    pgbouncer['listen_address'] = '0.0.0.0'
-    # Enable the consul agent
+    # Configure Consul agent
-    consul['enable'] = true
    consul['watchers'] = %w(postgresql)
    # START user configuration
    # Please set the real values as explained in Required Information section
-    #
+    # Replace CONSUL_PASSWORD_HASH with with a generated md5 value
+    # Replace PGBOUNCER_PASSWORD_HASH with with a generated md5 value
    pgbouncer['users'] = {
      'gitlab-consul': {
        password: 'CONSUL_PASSWORD_HASH'
@@ -229,8 +306,12 @@ On each database node perform the following:
        password: 'PGBOUNCER_PASSWORD_HASH'
      }
    }
+    # Replace placeholders:
+    #
+    # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
+    # with real information.
    consul['configuration'] = {
-      retry_join: %w(NAMES OR IPS OF ALL CONSUL NODES)
+      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z)
    }
    #
    # END user configuration
@@ -246,6 +327,9 @@ attributes set, but the following need to be set.
 1. Edit `/etc/gitlab/gitlab.rb`:
    ```ruby
+    # Disable PostgreSQL on the application node
+    postgresql['enable'] = false
    gitlab_rails['db_host'] = 'PGBOUNCER_NODE'
    gitlab_rails['db_port'] = 6432
    ```
@@ -257,7 +341,7 @@ attributes set, but the following need to be set.
 After reconfigure successfully runs, the following steps must be completed to
 get the cluster up and running.
-### Consul post-configuration
+### Consul
 Verify the nodes are all communicating:
@@ -274,7 +358,11 @@ NODE_TWO    XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_cluste
 NODE_THREE  XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_cluster
 ```
-### Primary database node post-configuration
+### Database nodes
+#### Primary node
+Select one node as a primary node.
 1. Open a database prompt:
@@ -285,12 +373,12 @@ NODE_THREE  XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_cluste
 1. Enable the `pg_trgm` extension:
    ```sh
-    gitlabhq_production=# CREATE EXTENSION pg_trgm;
+    CREATE EXTENSION pg_trgm;
+    ```
    # Output:
    CREATE EXTENSION
-    ```
 1. Exit the database prompt by typing `\q` and Enter.
 1. Verify the cluster is initialized with one node:
@@ -306,14 +394,18 @@ NODE_THREE  XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_cluste
     ----------+----------|----------|----------------------------------------
     * master  | HOSTNAME |          | host=HOSTNAME user=gitlab_repmgr dbname=gitlab_repmgr
     ```
+1. Note down the value in the `Name` column. We will refer to it in the next section
+as `MASTER_NODE_NAME`.
-### Standby nodes post-configuration
+#### Secondary nodes
 1. Setup the repmgr standby:
    ```sh
-    sudo gitlab-ctl repmgr standby setup MASTER_NODE
+    sudo gitlab-ctl repmgr standby setup MASTER_NODE_NAME
    ```
+    Do note that this will remove the existing data on the node. The command
+    has a wait time.
 1. Verify the node now appears in the cluster:
@@ -326,11 +418,13 @@ NODE_THREE  XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_cluste
     ```
     Role      | Name    | Upstream  | Connection String
     ----------+---------|-----------|------------------------------------------------
-     * master  | MASTER  |           | host=MASTER_HOSTNAME  user=gitlab_repmgr dbname=gitlab_repmgr
+     * master  | MASTER  |           | host=MASTER_NODE_NAME user=gitlab_repmgr dbname=gitlab_repmgr
       standby | STANDBY | MASTER    | host=STANDBY_HOSTNAME user=gitlab_repmgr dbname=gitlab_repmgr
     ```
-### Pgbouncer node post-configuration
+Repeat the above steps on all secondary nodes.
+### Pgbouncer node
 1. Create a `.pgpass` file user for the `CONSUL_USER` account to be able to
   reload pgbouncer. Confirm the password twice when asked:
@@ -367,11 +461,13 @@ NODE_THREE  XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_cluste
     (2 rows)
     ```
-1. It may be necessary to manually run migrations:
+### Application node
-     ```sh
+Ensure that all migrations ran:
-     sudo gitlab-rake gitlab:db:configure
-     ```
+```sh
+sudo gitlab-rake gitlab:db:configure
+```
 ## Ensure GitLab is running