GitLab: Difference between revisions
mNo edit summary |
Update current state: Only one instance in gitlab-test, and production instance is open to all users. |
||
Line 15: | Line 15: | ||
** [https://phabricator.wikimedia.org/project/view/5057/ GitLab in Phabricator] |
** [https://phabricator.wikimedia.org/project/view/5057/ GitLab in Phabricator] |
||
}} |
}} |
||
This page contains SRE related topics for GitLab. For GitLab application specific information, please see https://www.mediawiki.org/wiki/GitLab (under Implementation). |
This page contains SRE related topics for GitLab. For GitLab application specific information, please see https://www.mediawiki.org/wiki/GitLab (under Implementation). |
||
Line 23: | Line 22: | ||
* gitlab1001 runs production GitLab serving https://gitlab.wikimedia.org/ |
* gitlab1001 runs production GitLab serving https://gitlab.wikimedia.org/ |
||
* gitlab2001 runs a passive GitLab [[GitLab/Replica|replica]] serving https://gitlab-replica.wikimedia.org/ (WIP) |
* gitlab2001 runs a passive GitLab [[GitLab/Replica|replica]] serving https://gitlab-replica.wikimedia.org/ (WIP) |
||
* gitlab-ansible-test in WMCS gitlab-test project |
* gitlab-ansible-test in WMCS gitlab-test project serving https://gitlab-test.wmcloud.org/ |
||
* gitlab in WMCS gitlab-test project |
|||
== GitLab instances == |
== GitLab instances == |
||
Line 30: | Line 28: | ||
gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in [[gerrit:plugins/gitiles/operations/puppet/+/refs/heads/production/modules/profile/manifests/gitlab.pp|profile::gitlab]]. Additional GitLab specific configuration comes from [[gerrit:plugins/gitiles/operations/gitlab-ansible|gitlab-ansible]]. Its planned to migrate all of the logic to puppet and drop Ansible (see [[phab:T283076|T283076]]). GitLab is installed as a [https://docs.gitlab.com/omnibus/ Omnibus installation] on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the [[mw:GitLab/Initialization|Initialization docs in Mediawiki]]. |
gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in [[gerrit:plugins/gitiles/operations/puppet/+/refs/heads/production/modules/profile/manifests/gitlab.pp|profile::gitlab]]. Additional GitLab specific configuration comes from [[gerrit:plugins/gitiles/operations/gitlab-ansible|gitlab-ansible]]. Its planned to migrate all of the logic to puppet and drop Ansible (see [[phab:T283076|T283076]]). GitLab is installed as a [https://docs.gitlab.com/omnibus/ Omnibus installation] on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the [[mw:GitLab/Initialization|Initialization docs in Mediawiki]]. |
||
GitLab login is implemented with SSO using the [[CAS-SSO|CAS/SSO]]. So users will be redirected to idp.wikimedia.org to login to the SSO portal. |
GitLab login is implemented with SSO using the [[CAS-SSO|CAS/SSO]]. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Authentication is currently open to all users with a Wikimedia developer account. |
||
== GitLab runners == |
== GitLab runners == |
Revision as of 21:22, 4 October 2021
This page contains SRE related topics for GitLab. For GitLab application specific information, please see https://www.mediawiki.org/wiki/GitLab (under Implementation).
GitLab is reachable at https://gitlab.wikimedia.org/. We run multiple instances of GitLab:
- gitlab1001 runs production GitLab serving https://gitlab.wikimedia.org/
- gitlab2001 runs a passive GitLab replica serving https://gitlab-replica.wikimedia.org/ (WIP)
- gitlab-ansible-test in WMCS gitlab-test project serving https://gitlab-test.wmcloud.org/
GitLab instances
gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in profile::gitlab. Additional GitLab specific configuration comes from gitlab-ansible. Its planned to migrate all of the logic to puppet and drop Ansible (see T283076). GitLab is installed as a Omnibus installation on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the Initialization docs in Mediawiki.
GitLab login is implemented with SSO using the CAS/SSO. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Authentication is currently open to all users with a Wikimedia developer account.
GitLab runners
For our current and future runner setups, see GitLab/Gitlab Runner.