Automatic merge of gitlab-org/gitlab-ce master

0ce5e435 · GitLab Bot · 39e45d86 · 3deb8f68 · 0ce5e435 · 0ce5e435
Commit 0ce5e435 authored Jul 08, 2019 by GitLab Bot
4 changed files
--- a/doc/administration/auth/smartcard.md
+++ b/doc/administration/auth/smartcard.md
@@ -184,3 +184,31 @@ attribute. As a prerequisite, you must use an LDAP server that:
 1. Save the file and [restart](../restart_gitlab.md#installations-from-source)
   GitLab for the changes to take effect.
+### Require browser session with smartcard sign-in for Git access
+**For Omnibus installations**
+1. Edit `/etc/gitlab/gitlab.rb`:
+    ```ruby
+    gitlab_rails['smartcard_required_for_git_access'] = true
+    ```
+1. Save the file and [reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure)
+   GitLab for the changes to take effect.
+**For installations from source**
+1. Edit `config/gitlab.yml`:
+    ```yaml
+    ## Smartcard authentication settings
+    smartcard:
+      # snip...
+      # Browser session with smartcard sign-in is required for Git access
+      required_for_git_access: true
+    ```
+1. Save the file and [restart](../restart_gitlab.md#installations-from-source)
+   GitLab for the changes to take effect.
--- a/doc/administration/high_availability/consul.md
+++ b/doc/administration/high_availability/consul.md
@@ -6,6 +6,72 @@ As part of its High Availability stack, GitLab Premium includes a bundled versio
 A Consul cluster consists of multiple server agents, as well as client agents that run on other nodes which need to talk to the consul cluster.
+## Prerequisites
+First, make sure to [download/install](https://about.gitlab.com/install/)
+GitLab Omnibus **on each node**.
+Choose an installation method, then make sure you complete steps:
+1. Install and configure the necessary dependencies.
+1. Add the GitLab package repository and install the package.
+When installing the GitLab package, do not supply `EXTERNAL_URL` value.
+## Configuring the Consul nodes
+On each Consul node perform the following:
+1. Make sure you collect [`CONSUL_SERVER_NODES`](database.md#consul-information), which are the IP addresses or DNS records of the Consul server nodes, for the next step, before executing the next step.
+1. Edit `/etc/gitlab/gitlab.rb` replacing values noted in the `# START user configuration` section:
+    ```ruby
+    # Disable all components except Consul
+    roles ['consul_role']
+    # START user configuration
+    # Replace placeholders:
+    #
+    # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
+    # with the addresses gathered for CONSUL_SERVER_NODES
+    consul['configuration'] = {
+      server: true,
+      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z)
+    }
+    # Disable auto migrations
+    gitlab_rails['auto_migrate'] = false
+    #
+    # END user configuration
+    ```
+    > `consul_role` was introduced with GitLab 10.3
+1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes
+   to take effect.
+### Consul checkpoint
+Before moving on, make sure Consul is configured correctly. Run the following
+command to verify all server nodes are communicating:
+```sh
+/opt/gitlab/embedded/bin/consul members
+```
+The output should be similar to:
+```
+Node                 Address               Status  Type    Build  Protocol  DC
+CONSUL_NODE_ONE      XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_consul
+CONSUL_NODE_TWO      XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_consul
+CONSUL_NODE_THREE    XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_consul
+```
+If any of the nodes isn't `alive` or if any of the three nodes are missing,
+check the [Troubleshooting section](#troubleshooting) before proceeding.
 ## Operations
 ### Checking cluster membership

--- a/doc/administration/high_availability/database.md
+++ b/doc/administration/high_availability/database.md
@@ -288,61 +288,10 @@ Make sure you install the necessary dependencies from step 1,
 add GitLab package repository from step 2.
 When installing the GitLab package, do not supply `EXTERNAL_URL` value.
-#### Configuring the Consul nodes
-On each Consul node perform the following:
-1. Make sure you collect [`CONSUL_SERVER_NODES`](#consul-information) before executing the next step.
-1. Edit `/etc/gitlab/gitlab.rb` replacing values noted in the `# START user configuration` section:
-    ```ruby
-    # Disable all components except Consul
-    roles ['consul_role']
-    # START user configuration
-    # Replace placeholders:
-    #
-    # Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z
-    # with the addresses gathered for CONSUL_SERVER_NODES
-    consul['configuration'] = {
-      server: true,
-      retry_join: %w(Y.Y.Y.Y consul1.gitlab.example.com Z.Z.Z.Z)
-    }
-    # Disable auto migrations
-    gitlab_rails['auto_migrate'] = false
-    #
-    # END user configuration
-    ```
-    > `consul_role` was introduced with GitLab 10.3
-1. [Reconfigure GitLab] for the changes to take effect.
-##### Consul Checkpoint
-Before moving on, make sure Consul is configured correctly. Run the following
-command to verify all server nodes are communicating:
-```sh
-/opt/gitlab/embedded/bin/consul members
-```
-The output should be similar to:
-```
-Node                 Address               Status  Type    Build  Protocol  DC
-CONSUL_NODE_ONE      XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_consul
-CONSUL_NODE_TWO      XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_consul
-CONSUL_NODE_THREE    XXX.XXX.XXX.YYY:8301  alive   server  0.9.2  2         gitlab_consul
-```
-If any of the nodes isn't `alive` or if any of the three nodes are missing,
-check the [Troubleshooting section](#troubleshooting) before proceeding.
 #### Configuring the Database nodes
+1. Make sure to [configure the Consul nodes](consul.md).
 1. Make sure you collect [`CONSUL_SERVER_NODES`](#consul-information), [`PGBOUNCER_PASSWORD_HASH`](#pgbouncer-information), [`POSTGRESQL_PASSWORD_HASH`](#postgresql-information), the [number of db nodes](#postgresql-information), and the [network address](#network-information) before executing the next step.
 1. On the master database node, edit `/etc/gitlab/gitlab.rb` replacing values noted in the `# START user configuration` section:
@@ -570,7 +519,7 @@ Check the [Troubleshooting section](#troubleshooting) before proceeding.
 1. [Reconfigure GitLab] for the changes to take effect.
-1. Create a `.pgpass` file so Consule is able to
+1. Create a `.pgpass` file so Consul is able to
   reload pgbouncer. Enter the `PGBOUNCER_PASSWORD` twice when asked:
    ```sh

--- a/doc/user/project/clusters/index.md
+++ b/doc/user/project/clusters/index.md
@@ -5,6 +5,9 @@
 Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes
 cluster in a few steps.
+NOTE: **Scalable app deployment with GitLab and Google Cloud Platform**
+[Watch the webcast](https://about.gitlab.com/webcast/scalable-app-deploy/) and learn how to spin up a Kubernetes cluster managed by Google Cloud Platform (GCP) in a few clicks.
 ## Overview
 With one or more Kubernetes clusters associated to your project, you can use