2023-07-07: Site-wide outage triggered by restart of stale terraform pipeline
Customer Impact
Users experienced site-wide outage:
- Customers were receiving 503 errors from
2023-07-07 16:25 UTC
to18:42 UTC
for Web & API during this time gitlab.com was not useable. - Background jobs (sidekiq) were degraded until 19:00 UTC.
- Registry was unavailable for users who did not have the DNS record cached from 2023-07-07 16:25 UTC to 19:36 UTC.
Current Status
- We've confirmed all services are restored.
- Git Operations are operational, a limited number of customers were impacted by a git configuration change earlier today. Affected customers have been notified. A review will be posted following our investigation here: #15999 (closed)
See Timeline for status changes over time. See Status Page for latest status of all services.
More information will be added as we investigate the issue. For customers believed to be affected by this incident, please subscribe to this issue or monitor our status page for further updates.
📝 Summary for CMOC notice / Exec summary:
- Customer Impact: Site-wide outage.
- Service Impact: ServiceWeb ServiceAPI ServiceContainer Registry ServiceCI Runners
- Impact Duration: ~16:15 UTC - 19:36 (231 minutes)
- Root cause: RootCauseConfig-Change https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt/-/pipelines/2020162
📚 References and helpful links
Recent Events (available internally only):
- Feature Flag Log - Chatops to toggle Feature Flags Documentation
- Infrastructure Configurations
- GCP Events (e.g. host failure)
Deployment Guidance
- Deployments Log | Gitlab.com Latest Updates
- Reach out to Release Managers for S1/S2 incidents to discuss Rollbacks, Hot Patching or speeding up deployments. | Rollback Runbook | Hot Patch Runbook
Use the following links to create related issues to this incident if additional work needs to be completed after it is resolved:
- Corrective action ❙ Infradev
- Incident Review ❙ Infra investigation followup
- Confidential Support contact ❙ QA investigation
Next steps
Complete Incident Review #15999 (closed) and complete corrective action:
- https://gitlab.com/gitlab-com/gl-infra/reliability/-/issues/24177
- reliability#24178
- reliability#24179
- Corrective Action: Create Runbook for customer ... (reliability#24095 - closed)
- Knowledge sharing: Redis (scalability#2432)
- Introduce terraform workflow for creating new p... (reliability#24117 - closed)
- Split Terraform state for Gitaly and Patroni in... (reliability#24093)
- Prevent terraform applies from outdated commits (reliability#24099)
- Corrective Action: Improve safety around Terraf... (reliability#24078)
- Create data disk snapshots in TF using the loca... (reliability#24126)
- Corrective action: Ensure Pingdom alerts reach ... (reliability#24106)
- Change default process_mode of resource groups ... (gitlab-org/gitlab#419428)
- gitlab-org/gitaly#4620
- https://gitlab.com/gitlab-com/gl-infra/gitlab-dedicated/incident-management/-/issues/39
Note: In some cases we need to redact information from public view. We only do this in a limited number of documented cases. This might include the summary, timeline or any other bits of information, laid out in out handbook page. Any of this confidential data will be in a linked issue, only visible internally. By default, all information we can share, will be public, in accordance to our transparency value.