Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
8db0efc8
Commit
8db0efc8
authored
Sep 07, 2017
by
Nick Thomas
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Document that primary Geo nodes do not need SSH private keys
parent
fed8ebc8
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
29 additions
and
61 deletions
+29
-61
doc/gitlab-geo/configuration.md
doc/gitlab-geo/configuration.md
+9
-26
doc/gitlab-geo/configuration_source.md
doc/gitlab-geo/configuration_source.md
+3
-23
doc/gitlab-geo/disaster-recovery.md
doc/gitlab-geo/disaster-recovery.md
+17
-12
No files found.
doc/gitlab-geo/configuration.md
View file @
8db0efc8
...
...
@@ -62,15 +62,13 @@ logins opened on all nodes as we will be moving back and forth.
sudo -i
```
1.
Added in GitLab 9.1:
Execute the command below to define the node as primary Geo node:
1. Execute the command below to define the node as primary Geo node:
```
gitlab-ctl set-geo-primary-node
```
This command will use your defined `
external_url
` in `
gitlab.rb
` and pre-generated SSH key pairs.
Read more in [additional info for SSH key pairs](#additional-information-for-the-ssh-key-pairs).
This command will use your defined `
external_url
` in `
gitlab.rb
`
### Step 2. Updating the `
known_hosts
` file of the secondary nodes
...
...
@@ -282,29 +280,14 @@ Just omit the first step that sets up the primary node.
## Additional information for the SSH key pairs
When adding a new Geo node, you must provide an SSH public key of the user that
your GitLab instance runs on (unless changed, should be the user `
git
`). This
user will act as a "normal user" who fetches from the primary Geo node.
If for any reason you generate the key using a different name from the default
`
id_rsa
`, or you want to generate an extra key only for the repository
synchronization feature, you can do so, but you have to create/modify your
`
~/.ssh/config
` (for the `
git
` user).
When adding a new **secondary** Geo node, you must provide an SSH public key for
the system user that your GitLab instance runs as (unless changed, should be the
user `
git
`). This user will act as a "normal user" who fetches from the primary
Geo node.
This is an example on how to change the default key for all remote hosts:
```bash
Host * # Match all remote hosts
IdentityFile ~/.ssh/mycustom.key # The location of your private key
```
This is how to change it for an specific host:
```bash
Host example.com # The FQDN of the primary Geo node
HostName example.com # The FQDN of the primary Geo node
IdentityFile ~/.ssh/mycustom.key # The location of your private key
```
Omnibus automatically generates `
~git/.ssh/id_rsa
` and `
~git/.ssh/id_rsa.pub
`
files on secondary Geo nodes. Primaries do not need these files, and you should
not create them manually.
### Upgrading Geo
...
...
doc/gitlab-geo/configuration_source.md
View file @
8db0efc8
...
...
@@ -63,32 +63,12 @@ logins opened on all nodes as we will be moving back and forth.
sudo -i
```
1. (Source install only): Create a new SSH key pair for the primary node. Choose the default location
and leave the password blank by hitting 'Enter' three times:
1. Add this node as the Geo primary by running:
```bash
sudo -u git -H ssh-keygen -b 4096 -C 'Primary GitLab Geo node'
bundle exec rake geo:set_primary_node
```
Read more in [additional info for SSH key pairs](#additional-information-for-the-ssh-key-pairs).
1. Get the contents of `
id_rsa.pub
` for the git user:
```
sudo -u git cat /home/git/.ssh/id_rsa.pub
```
1. Visit the primary node's **Admin Area ➔ Geo Nodes** (`
/admin/geo_nodes
`) in
your browser.
1. Add the primary node by providing its full URL and the public SSH key
you created previously. Make sure to check the box 'This is a primary node'
when adding it.
![Add new primary Geo node](img/geo_nodes_add_new.png)
1. Click the **Add node** button.
### Step 2. Updating the `
known_hosts
` file of the secondary nodes
1. SSH into the **secondary** node and login as root:
...
...
@@ -318,7 +298,7 @@ Point your users to the [after setup steps](after_setup.md).
## Adding another secondary Geo node
To add another Geo node in an already Geo configured infrastructure, just follow
[
the steps starting f
or
m step 2
](
#step-2-updating-the-known_hosts-file-of-the-secondary-nodes
)
.
[
the steps starting f
ro
m step 2
](
#step-2-updating-the-known_hosts-file-of-the-secondary-nodes
)
.
Just omit the first step that sets up the primary node.
## Additional information for the SSH key pairs
...
...
doc/gitlab-geo/disaster-recovery.md
View file @
8db0efc8
...
...
@@ -21,19 +21,25 @@ You must make the changes in the exact specific order:
1.
Take down your primary node (or make sure it will not go up during this
process or you may lose data)
2.
Wait for any database replication to finish
3.
Promote the Postgres in your secondary node as primary
4.
Log-in to your secondary node with a user with
`sudo`
permission
5.
Open the interactive rails console:
`sudo gitlab-rails console`
and execute:
1.
Wait for any database replication to finish
1.
Promote the Postgres in your secondary node as primary
1.
Modify the
`gitlab.rb`
for both nodes to reflect their new statuses
1.
Log-in to your secondary node with a user with
`sudo`
permission
1.
**Remove**
the Geo SSH client keys (this is very important!):
```bash
sudo rm ~git/.ssh/id_rsa ~git/.ssh/id_rsa.pub
```
1.
Open the interactive rails console:
`sudo gitlab-rails console`
and execute:
*
List your primary node and note down it's id:
```ruby
Gitlab::Geo.primary_node
```
*
Turn your primary into a secondary
:
*
Remove the old primary node
:
```ruby
Gitlab::Geo.primary_node.
update(primary: false)
Gitlab::Geo.primary_node.
destroy
```
* List your secondary nodes and note down the id of the one you want to promote:
...
...
@@ -51,12 +57,11 @@ You must make the changes in the exact specific order:
Gitlab::Geo.primary_node.oauth_application.destroy!
Gitlab::Geo.primary_node.system_hook.destroy!
```
* And refresh your old primary node to behave correctly as secondary (assuming id is `1`)
```ruby
GeoNode.find(1).save!
```
* To exit the interactive console, type: `exit`
6
.
Rsync everything in
`/var/opt/gitlab/gitlab-rails/uploads`
and
1
.
Rsync everything in
`/var/opt/gitlab/gitlab-rails/uploads`
and
`/var/opt/gitlab/gitlab-rails/shared`
from your old node to the new one.
To bring your old primary node back into use as a working secondary, you need to
run
`gitlab-ctl reconfigure`
against the node and then follow the
[
setup instructions
](
README.md
)
again, as if for a secondary node, from step 3.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment