diff options
| author | Patrick Steinhardt <psteinhardt@gitlab.com> | 2020-08-05 11:57:19 +0300 |
|---|---|---|
| committer | Patrick Steinhardt <psteinhardt@gitlab.com> | 2020-08-05 13:23:58 +0300 |
| commit | 5b296c0be8158e973fa1b916542f20ddff8b6c9b (patch) | |
| tree | 7a482e15b730f1fe7cb393de045868cf886af4ba /_support/terraform/roles/gitaly/templates/gitaly-gitlab.rb.j2 | |
| parent | 54ca71696b00e80613f3b7c2ac50e967fa706045 (diff) | |
terraform: Create Ansible playbook to roll out configuration
Right now, our Terraform scripts only handle creation of machines in
GCP, but not their respective configuration. As it's a task we're doing
rather frequently which takes some time, this commit creates an Ansible
playbook which automates this task.
On creation of the cluster, our scripts now automatically generate a
`hosts.ini` file containing all necessary connection information. With
this file, the admin may now run `./configure-demo-cluster`, which will
invoke Ansible and automatically generate and apply configuration for
each of the nodes, restarting services as required. The task can be run
repeatedly in order to update configuration on the target nodes.
Diffstat (limited to '_support/terraform/roles/gitaly/templates/gitaly-gitlab.rb.j2')
| -rw-r--r-- | _support/terraform/roles/gitaly/templates/gitaly-gitlab.rb.j2 | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/_support/terraform/roles/gitaly/templates/gitaly-gitlab.rb.j2 b/_support/terraform/roles/gitaly/templates/gitaly-gitlab.rb.j2 new file mode 100644 index 000000000..2f8da8f4e --- /dev/null +++ b/_support/terraform/roles/gitaly/templates/gitaly-gitlab.rb.j2 @@ -0,0 +1,47 @@ +# Disable all other services on the Praefect node +postgresql['enable'] = false +redis['enable'] = false +nginx['enable'] = false +grafana['enable'] = false +puma['enable'] = false +sidekiq['enable'] = false +gitlab_workhorse['enable'] = false +prometheus_monitoring['enable'] = false + +# Enable only the Gitaly service +gitaly['enable'] = true + +# Enable Prometheus if needed +prometheus['enable'] = true + +# Prevent database connections during 'gitlab-ctl reconfigure' +gitlab_rails['rake_cache_clear'] = false +gitlab_rails['auto_migrate'] = false + +# Make Gitaly accept connections on all network interfaces. +# Use firewalls to restrict access to this address/port. +gitaly['listen_addr'] = '0.0.0.0:8075' + +# Enable Prometheus metrics access to Gitaly. You must use firewalls +# to restrict access to this address/port. +gitaly['prometheus_listen_addr'] = '0.0.0.0:9236' + +gitaly['auth_token'] = '{{ praefect_internal_token }}' + +gitlab_shell['secret_token'] = '{{ gitlab_shell_secret_token }}' + +# Configure the gitlab-shell API callback URL. Without this, `git push` will +# fail. This can be your front door GitLab URL or an internal load balancer. +# Examples: 'https://example.gitlab.com', 'http://1.2.3.4' +gitlab_rails['internal_api_url'] = 'http://{{ hostvars[groups['gitlabs'][0]]['internal'] }}' + +# You can include the data dirs for all nodes in the same config, because +# Praefect will only route requests according to the addresses provided in the +# prior step. +git_data_dirs({ +{% for host in groups['gitalies'] %} + 'gitaly-{{ loop.index }}' => { + "path" => "/var/opt/gitlab/git-data" + }, +{% endfor %} +}) |