Geo: Redirect requests for unsynchronized repositories to the primary
Problem to solve
Sometimes customers enable selective sync in order to limit the storage space (and cost) required on a secondary. However, they have made a "best guess" attempt to predict which projects are needed and some users may want to access a project from a secondary that was not yet synced.
When a customer is using selective sync, make it so that when they clone a repo that is not in the local geo node, instead of simply giving an error, it redirects/proxy them to the primary node. This way, users can always use the geo node hostname for their clones, without having to check if the repo they want to clone is present in the geo node or not.
Intended users
Delaney, Parker, Sasha
Further details
This feature would also mean that using a single URL that is geolocation aware would work for all projects from all locations. For example:
- Developer in Germany accesses
git.example.com
- Developer is directed to German Geo node that has selective sync enabled
- German node redirects/proxies to US Geo node for projects that are not (yet) synced
Proposal
Implement the different required operations:
- HTTP, clone/pull - gitlab#202035 (closed)
- HTTP, push - gitlab#202036 (closed)
- SSH, clone/pull - gitlab#202037 (closed)
- SSH, push - gitlab#202038 (closed)
Also, decide separately if configuration is required because
- if we're basing the reason for it's need on the fact that it could mean a user may gain access to a project they are not permitted to then this scenario already exists as all user access/permissions etc exists on the Primary (and replicated to secondaries)
- if it's deemed the configuration option is needed then it should apply to both HTTP and SSH transports and so should be easier to implement once the redirecting/proxying logic has been put in place
What does success look like, and how can we measure that?
Users are automatically redirected to the primary when a secondary node does not have the repository included in selective sync.
Links / references
Customer ticket: https://gitlab.zendesk.com/agent/tickets/144276 (internal use)
- Show closed items