2024-02-26: SLO violations for API error rates on GitLab.com
Customer Impact
Users experience 500 errors when requesting some paths:
GET /api/:version/internal/kubernetes/agent_info
GET /api/:version/internal/kubernetes/modules/starboard_vulnerability/policies_configuration
The impact was limited to users who connect Kubernetes clusters to GitLab using the GitLab Agent
See the incident review issue for a full timeline, impact and corrective actions.
Current Status
The root cause of the incident has been identified as a post-deploy migration in gitlab-org/gitlab!144939 (merged). This was resolved by removing the not null constraint in gitlab-org/gitlab!145790 (merged).
📝 Summary for CMOC notice / Exec summary:
- Customer Impact: 500 errors for users of the GitLab Agent. 8 customer tickets were filed and there were approximately 1000 unique projects affected.
- Service Impact: ServiceAPI ServiceKAS
- Impact Duration: 08:50 - 13:00 (4h10m)
- Root cause: Post deploy migration that added a not null constraint in a post-deploy migration
📚 References and helpful links
Recent Events (available internally only):
- Feature Flag Log - Chatops to toggle Feature Flags Documentation
- Infrastructure Configurations
- GCP Events (e.g. host failure)
Deployment Guidance
- Deployments Log | Gitlab.com Latest Updates
- Reach out to Release Managers for S1/S2 incidents to discuss Rollbacks, Hot Patching or speeding up deployments. | Rollback Runbook | Hot Patch Runbook
Use the following links to create related issues to this incident if additional work needs to be completed after it is resolved:
- Corrective action ❙ Infradev
- Incident Review ❙ Infra investigation followup
- Confidential Support contact ❙ QA investigation
Note: In some cases we need to redact information from public view. We only do this in a limited number of documented cases. This might include the summary, timeline or any other bits of information, laid out in our handbook page. Any of this confidential data will be in a linked issue, only visible internally. By default, all information we can share, will be public, in accordance to our transparency value.
Security Note: If anything abnormal is found during the course of your investigation, please do not hesitate to contact security.