One command to setup Geo per server
Now that Geo is setup, we should think about how we can make this much easier to setup for customers. We should find a way to be able to eliminate all the steps and config changes where possible.
The sys admin should execute on the primary: gitlab-ctl set-geo-primary-node
And then, on the secondary: gitlab-ctl set-geo-secondary-node https://gitlab.example.com
Everything should be configured and start replicating.
Proposal
Automate initial setup of the primary
- automate self-signed TLS certificate generation for PostgreSQL #2925 (closed)
- automate the configuration of the
listen_address
andtrust_auth_cidr_addresses
addresses (we don't need the secondary for these) - automatically check NTP is enabled
- automatically check authorized keys are stored in the db
- automatically check hashed storage is enabled
Automate setup and adding of the secondary
Perhaps add a new API route so that gitlab-ctl set-geo-secondary-node
can communicate information about itself to the primary.
- automatically provide the secondary IP address which can be used to configure the
md5_auth_cidr_addresses
- we could prompt them to provide a different IP, and check the IPs can talk to each other on the required ports
- automatically add the secondary node eliminating to the primary (removes https://docs.gitlab.com/ee/gitlab-geo/database.html#step-2-add-the-secondary-gitlab-node)
- automatically download the self-signed certificate for PostgreSQL from the primary
- automatically check NTP is enabled
- automatically start initial replication
- automatically copy db encryption key
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.