Commit 9cf49145 authored by Nick Thomas's avatar Nick Thomas

Merge branch 'docs-replicate-geo-database' into 'master'

Improve `gitlab-ctl replicate-geo-database` additional opts documentation

Closes #4908 and #4822

See merge request gitlab-org/gitlab-ee!4524
parents 06352bd5 520e6121
...@@ -395,27 +395,29 @@ data before running `pg_basebackup`. ...@@ -395,27 +395,29 @@ data before running `pg_basebackup`.
gitlab-ctl replicate-geo-database --slot-name=secondary_example --host=1.2.3.4 gitlab-ctl replicate-geo-database --slot-name=secondary_example --host=1.2.3.4
``` ```
When prompted, enter the password you set up for the `gitlab_replicator` When prompted, enter the _plaintext_ password you set up for the `gitlab_replicator`
user in the first step. user in the first step.
This command also takes a number of additional options. You can use `--help` This command also takes a number of additional options. You can use `--help`
to list them all, but here are a couple of tips: to list them all, but here are a couple of tips:
- If PostgreSQL is listening on a non-standard port, add `--port=` as well. - If PostgreSQL is listening on a non-standard port, add `--port=` as well.
- If your database is too large to be transferred in 30 minutes, you will need - If your database is too large to be transferred in 30 minutes, you will need
to increase the timeout, e.g., `--backup-timeout=3600` if you expect the to increase the timeout, e.g., `--backup-timeout=3600` if you expect the
initial replication to take under an hour. initial replication to take under an hour.
- Pass `--sslmode=disable` to skip PostgreSQL TLS authentication altogether - Pass `--sslmode=disable` to skip PostgreSQL TLS authentication altogether
(e.g., you know the network path is secure, or you are using a site-to-site (e.g., you know the network path is secure, or you are using a site-to-site
VPN). This is **not** safe over the public Internet! VPN). This is **not** safe over the public Internet!
- You can read more details about each `sslmode` in the - You can read more details about each `sslmode` in the
[PostgreSQL documentation](https://www.postgresql.org/docs/9.6/static/libpq-ssl.html#LIBPQ-SSL-PROTECTION); [PostgreSQL documentation](https://www.postgresql.org/docs/9.6/static/libpq-ssl.html#LIBPQ-SSL-PROTECTION);
the instructions above are carefully written to ensure protection against the instructions above are carefully written to ensure protection against
both passive eavesdroppers and active "man-in-the-middle" attackers. both passive eavesdroppers and active "man-in-the-middle" attackers.
- Change the `--slot-name` to the name of the replication slot - Change the `--slot-name` to the name of the replication slot
to be used on the primary database. The script will attempt to create the to be used on the primary database. The script will attempt to create the
replication slot automatically if it does not exist. replication slot automatically if it does not exist.
- If you're repurposing an old server into a Geo secondary, you'll need to - If you're repurposing an old server into a Geo secondary, you'll need to
add `--force` to the command line. add `--force` to the command line.
- When not in a production machine you can disable backup step if you
really sure this is what you want by adding `--skip-backup`
1. Verify that the secondary is configured correctly and that the primary is 1. Verify that the secondary is configured correctly and that the primary is
reachable: reachable:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment