[debops.gitlab] Remove Redis from GitLab playbook

The 'debops.gitlab' playbook will no longer install Redis by default;
Redis support on GitLab host needs to be enabled explicitly via Ansible
inventory.

The 'debops.gitlab' role will use the Ansible local facts maintained by
the 'debops.redis_server' role to configure Redis access.
parent 0b8bcb12
......@@ -483,9 +483,9 @@ stages:
'gitlab role':
<<: *test_role_3rd_deps
variables:
JANE_TEST_PLAY: '${DEBOPS_PLAYBOOKS}/service/postgresql_server.yml ${DEBOPS_PLAYBOOKS}/service/gitlab.yml'
JANE_INVENTORY_GROUPS: 'debops_service_postgresql_server,debops_service_gitlab'
JANE_INVENTORY_HOSTVARS: 'redis__overcommit_memory_enable=false postgresql__delegate_to=localhost'
JANE_TEST_PLAY: '${DEBOPS_PLAYBOOKS}/service/postgresql_server.yml ${DEBOPS_PLAYBOOKS}/service/redis_server.yml ${DEBOPS_PLAYBOOKS}/service/gitlab.yml'
JANE_INVENTORY_GROUPS: 'debops_service_postgresql_server,debops_service_redis_server,debops_service_gitlab'
JANE_INVENTORY_HOSTVARS: 'postgresql__delegate_to=localhost'
JANE_DIFF_PATTERN: '.*/debops.gitlab/.*'
JANE_LOG_PATTERN: '\[debops\.gitlab\]'
VAGRANT_MASTER_MEMORY: '4096'
......
......@@ -52,6 +52,15 @@ Changed
it will only be installed on newer OS releases (Debian Buster, Ubuntu
Bionic).
- [debops.gitlab] The role has been updated to use Ansible local facts managed
by the :ref:`debops.redis_server` Ansible role. Redis Server support has been
removed from the GitLab playbook and needs to be explicitly enabled in the
inventory for GitLab to be installed correctly. This will allow to select
between local Server or Sentinel instance, to support clustered environments.
Check the :ref:`upgrade_notes` for issues with upgrading Redis Server support
on existing GitLab hosts.
Fixed
~~~~~
......
......@@ -13,14 +13,6 @@
- role: debops.gitlab/env
tags: [ 'role::gitlab', 'role::postgresql' ]
- role: debops.sysfs/env
tags: [ 'role::sysfs', 'role::secret' ]
- role: debops.secret
tags: [ 'role::secret', 'role::sysfs' ]
secret__directories:
- '{{ sysfs__secret__directories | d([]) }}'
- role: debops.system_groups
tags: [ 'role::system_groups' ]
......@@ -31,7 +23,6 @@
- '{{ nginx__apt_preferences__dependent_list }}'
- '{{ nodejs__apt_preferences__dependent_list }}'
- '{{ postgresql__apt_preferences__dependent_list }}'
- '{{ redis__apt_preferences__dependent_list }}'
- '{{ ruby__apt_preferences__dependent_list }}'
- '{{ gitlab__apt_preferences__dependent_list }}'
......@@ -46,27 +37,17 @@
- role: debops.etc_services
tags: [ 'role::etc_services' ]
etc_services__dependent_list:
- '{{ redis__etc_services__dependent_list }}'
- '{{ gitlab__etc_services__dependent_list }}'
- role: debops.ferm
tags: [ 'role::ferm', 'skip::ferm' ]
ferm__dependent_rules:
- '{{ nginx__ferm__dependent_rules }}'
- '{{ redis__ferm__dependent_rules }}'
- role: debops.ruby
tags: [ 'role::ruby' ]
ruby__dev_support: True
- role: debops.sysfs
tags: [ 'role::sysfs' ]
sysfs__dependent_attributes:
- '{{ redis__sysfs__dependent_attributes }}'
- role: debops.redis
tags: [ 'role::redis' ]
- role: debops.postgresql
tags: [ 'role::postgresql' ]
postgresql__dependent_roles:
......
......@@ -347,27 +347,27 @@ gitlab_backup_keep_time: '{{ (60 * 60 * 24 * 7) }}'
# .. envvar:: gitlab_redis_host [[[
#
# Define hostname of redis server to use.
gitlab_redis_host: '{{ ansible_local.redis.host
if (ansible_local|d() and ansible_local.redis|d() and
ansible_local.redis.host|d())
gitlab_redis_host: '{{ ansible_local.redis_server.host
if (ansible_local|d() and ansible_local.redis_server|d() and
ansible_local.redis_server.host|d())
else "localhost" }}'
# ]]]
# .. envvar:: gitlab_redis_port [[[
#
# Define port of redis server to use.
gitlab_redis_port: '{{ ansible_local.redis.port
if (ansible_local|d() and ansible_local.redis|d() and
ansible_local.redis.port|d())
gitlab_redis_port: '{{ ansible_local.redis_server.port
if (ansible_local|d() and ansible_local.redis_server|d() and
ansible_local.redis_server.port|d())
else "6379" }}'
# ]]]
# .. envvar:: gitlab_redis_password [[[
#
# Define the Redis authentication password to use
gitlab_redis_password: '{{ ansible_local.redis.password
if (ansible_local|d() and ansible_local.redis|d() and
ansible_local.redis.password|d())
gitlab_redis_password: '{{ ansible_local.redis_server.password
if (ansible_local|d() and ansible_local.redis_server|d() and
ansible_local.redis_server.password|d())
else "" }}'
# ]]]
......
......@@ -46,6 +46,14 @@ not tested and may result in a broken installation or data corruption.
You can install the PostgreSQL database using its DebOps role.
See the :ref:`debops.postgresql_server` role documentation for more details.
Redis support
-------------
Currently the ``debops.gitlab`` role expects a Redis Server instance installed
on the host, for example by the :ref:`debops.redis_server` Ansible role.
Support for distributed Redis Server service managed by Redis Sentinel is
planned for a future release.
Support for other services
--------------------------
......@@ -66,7 +74,7 @@ Example inventory
To enable GitLab service on a host, it needs to be included in the
``[debops_service_gitlab]`` Ansible inventory group. You should also enable
a suitable PostgreSQL database.
a suitable PostgreSQL database and Redis Server service.
Example Ansible inventory:
......@@ -78,6 +86,9 @@ Example Ansible inventory:
[debops_service_postgresql_server]
hostname
[debops_service_redis_server]
hostname
[debops_service_gitlab]
hostname
......
......@@ -26,6 +26,28 @@ and any new accounts created by the system will use subsequent UIDs/GIDs.
You can also update the UID/GID ranges manually, or select different UID/GID
ranges for the ``root`` account in the role defaults.
Changes to Redis support in GitLab
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- The Redis support has been removed from the :ref:`debops.gitlab` playbook.
Since GitLab still requires Redis to work properly, you need to enable
:ref:`debops.redis_server` role explicitly for the GitLab host. GitLab
installation instructions have been updated to reflect this fact.
- To manage Redis on existing GitLab installations, you should enable the
:ref:`debops.redis_server` role on them and run the Redis and GitLab
playbooks afterwards. The existing Redis instance will be stopped and new
Redis instance will be set up, with the same TCP port and password. Since the
database will be empty, Gitaly service might stop working. After running the
Redis Server and GitLab playbooks, restart the entire GitLab slice to
re-populate Redis. You might expect existing GitLab sessions to be invalid
and users to have to log in again.
- The :ref:`debops.redis_server` role will configure APT preferences on Debian
Stretch to install Redis from the ``stretch-backports`` repository. The
playbook run on existing installations will not upgrade the packages
automatically, but you might expect it on normal system upgrade.
v0.8.0 (2018-08-06)
-------------------
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment