Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c1203307
Commit
c1203307
authored
Jul 27, 2020
by
Ben Bodenmiller
Committed by
Stan Hu
Jul 27, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Improve details about object storage proxy download
parent
85d00751
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
14 additions
and
6 deletions
+14
-6
doc/administration/object_storage.md
doc/administration/object_storage.md
+14
-6
No files found.
doc/administration/object_storage.md
View file @
c1203307
...
...
@@ -494,16 +494,18 @@ If you configure GitLab to use object storage for CI logs and artifacts,
### Proxy Download
A number of the use cases for object storage allow client traffic to be redirected to the
object storage back end, like when Git clients request large files via LFS or when
downloading CI artifacts and logs.
Clients can download files in object storage by receiving a pre-signed, time-limited URL,
or by GitLab proxying the data from object storage to the client.
Downloading files from object storage directly
helps reduce the amount of egress traffic GitLab
needs to process.
When the files are stored on local block storage or NFS, GitLab has to act as a proxy.
This is not the default behavior with object storage.
The
`proxy_download`
setting controls this behavior: the default is generally
`false`
.
Verify this in the documentation for each use case. Set it to
`true`
so that GitLab proxies
the files.
Verify this in the documentation for each use case. Set it to
`true`
if you want
GitLab to proxy
the files.
When not proxying files, GitLab returns an
[
HTTP 302 redirect with a pre-signed, time-limited object storage URL
](
https://gitlab.com/gitlab-org/gitlab/-/issues/32117#note_218532298
)
.
...
...
@@ -524,7 +526,9 @@ certificate, or may return common TLS errors such as:
x509: certificate signed by unknown authority
```
-
Clients will need network access to the object storage. Errors that might result
-
Clients will need network access to the object storage.
Network firewalls could block access.
Errors that might result
if this access is not in place include:
```
plaintext
...
...
@@ -535,6 +539,10 @@ Getting a `403 Forbidden` response is specifically called out on the
[
package repository documentation
](
packages/index.md#using-object-storage
)
as a side effect of how some build tools work.
Additionally for a short time period users could share pre-signed, time-limited object storage URLs
with others without authentication. Also bandwidth charges may be incurred
between the object storage provider and the client.
### ETag mismatch
Using the default GitLab settings, some object storage back-ends such as
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
