Skip to content

One command to setup Geo per server

Now that Geo is setup, we should think about how we can make this much easier to setup for customers. We should find a way to be able to eliminate all the steps and config changes where possible.

The sys admin should execute on the primary: gitlab-ctl set-geo-primary-node And then, on the secondary: gitlab-ctl set-geo-secondary-node https://gitlab.example.com

Everything should be configured and start replicating.

Proposal

Automate initial setup of the primary

  • automate self-signed TLS certificate generation for PostgreSQL #2925 (closed)
  • automate the configuration of the listen_address and trust_auth_cidr_addresses addresses (we don't need the secondary for these)
  • automatically check NTP is enabled
  • automatically check authorized keys are stored in the db
  • automatically check hashed storage is enabled

Automate setup and adding of the secondary

Perhaps add a new API route so that gitlab-ctl set-geo-secondary-node can communicate information about itself to the primary.

  • automatically provide the secondary IP address which can be used to configure the md5_auth_cidr_addresses
    • we could prompt them to provide a different IP, and check the IPs can talk to each other on the required ports
  • automatically add the secondary node eliminating to the primary (removes https://docs.gitlab.com/ee/gitlab-geo/database.html#step-2-add-the-secondary-gitlab-node)
  • automatically download the self-signed certificate for PostgreSQL from the primary
  • automatically check NTP is enabled
  • automatically start initial replication
  • automatically copy db encryption key

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

Edited by 🤖 GitLab Bot 🤖