You need to sign in or sign up before continuing.

Geo: make SSH replication setup automatic

http://docs.gitlab.com/ee/gitlab-geo/configuration.html and https://gitlab.com/gitlab-org/gitlab-development-kit/blob/master/doc/howto/geo.md include a number of manual steps required to get the secondaries successfully fetching repository data from the primaries over SSH.

This covers some difficult-to-explain territory (SSH public-key auth) and the setup is likely to be error-prone and a support burden as a result.

Rework Geo to re-use the SSH public-key authentication niceties we added in https://gitlab.com/gitlab-org/gitlab-ee/issues/98 . In particular:

Each Geo secondary can be assigned an SSH keypair
The primary can generate the necessary known_hosts data for the secondaries to use automatically
We can communicate both these items through a trusted channel (postgres replication)
The fetch_remote GitLab Shell call now allows an SSH key and known_hosts data to be specified explicitly, so we don't need to change the ssh config of the git users on the secondary nodes

What is it? Why should someone use this feature? What is the underlying (business) problem? How do you use this feature?

Who is this for? Provide one or more use cases.

Make sure these are completed before closing the issue, with a link to the relevant commit.