Support for Server-Side Backups (Gitaly direct to Object Storage)
Summary
GitLab 16.5 introduced the Server-Side backup strategy, however upon reading the documentation, it seems support for this is missing from the GitLab Helm Chart for 16.5.0.
Omnibus configuration docs:
https://docs.gitlab.com/ee/administration/gitaly/configure_gitaly.html#configure-s3-storage
Server-Side Backup Epic: gitlab-org&10826
Adding this functionality into the kubernetes based deployment would be a huge win and alleviate a lot of the stability issues backing up large kubernetes based installations.
Current behavior
- The gitaly config toml template is missing a variablized [backup] section: https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/charts/gitlab/charts/gitaly/templates/_configmap_spec.yaml?ref_type=heads#L14
- I didn't spend a ton of time looking, but I would guess that Gitaly would need to be configured to support IRSA (This is how we have the rest of our GitLab services setup to interact with AWS S3).
Expected behavior
The Gitaly subchart should configure the [backup] section in Gitaly's config.toml, and the configuration should be configurable by the parent chart values.
Versions
- Chart: v7.5.0
- Platform:
- Cloud: EKS
- Kubernetes: 1.25.12
- Client: 1.25.12
- Server: 1.25.12
Acceptance criteria
(copied from #5062 (comment 1619263205))
We need to translate the expectations into the chart, and to the CNG container (toolbox)
-
Enable configuration of backup
section ingitlab/gitaly
chart'sconfig.toml.tpl
(including tests) -
Update the CNG content for toolbox
, such thatbackup-utility
can pass along the variable to the underlying Rake command (create and restore) -
Document how to configure the appropriate secrets, configuration, and backup in a secure fashion