gitlab-ctl get-redis-master fails when sentinels are using TLS
Summary
When running gitlab-ctl get-redis-master
on a rails node that is connected to sentinel ports that are using tls, the command fails unable to fetch. This is because we are not passing the --tls
flag to the redis-cli command being used here.
Steps to reproduce
- Setup a Gitlab multi-node architecture that includes sentinels
- Generate SSL certificates for all redis and sentinel nodes
- Configure the gitlab instances to use the certificates for redis and sentinel tls. (And trust the certifiates from the other nodes needing to reach redis or sentinel).
- Once everything is confirmed working, GitLab working as normal. Try running
gitlab-ctl get-redis-master
from one of the rails nodes (what have been configured to look at sentinels).
What is the current bug behavior?
Error fetching redis master information. Example:
gitlab-ctl get-redis-master
Error fetching Redis master information from sentinel running at `172.18.0.70:26379`. Trying a different sentinel node.
Error fetching Redis master information from sentinel running at `172.18.0.71:26379`. Trying a different sentinel node.
Error fetching Redis master information from sentinel running at `172.18.0.72:26379`. Trying a different sentinel node.
Failed to fetch Redis master host and port.
What is the expected correct behavior?
Sucessfully able to get the redis master information. Example:
gitlab-ctl get-redis-master
Redis master found at host 172.18.0.60 listening on port 6379