diff options
Diffstat (limited to 'doc/administration/geo/setup/database.md')
| -rw-r--r-- | doc/administration/geo/setup/database.md | 224 |
1 files changed, 110 insertions, 114 deletions
diff --git a/doc/administration/geo/setup/database.md b/doc/administration/geo/setup/database.md index c0ed7829fce..8a919a0a269 100644 --- a/doc/administration/geo/setup/database.md +++ b/doc/administration/geo/setup/database.md @@ -8,7 +8,7 @@ type: howto # Geo database replication **(PREMIUM SELF)** This document describes the minimal required steps to replicate your primary -GitLab database to a secondary node's database. You may have to change some +GitLab database to a secondary site's database. You may have to change some values, based on attributes including your database's setup and size. NOTE: @@ -41,31 +41,31 @@ instructions on setting up replication with a Patroni cluster. ### PostgreSQL replication -The GitLab **primary** node where the write operations happen connects to -the **primary** database server, and **secondary** nodes +The GitLab **primary** site where the write operations happen connects to +the **primary** database server, and **secondary** sites connect to their own database servers (which are read-only). We recommend using [PostgreSQL replication slots](https://medium.com/@tk512/replication-slots-in-postgresql-b4b03d277c75) -to ensure that the **primary** node retains all the data necessary for the **secondary** nodes to +to ensure that the **primary** site retains all the data necessary for the **secondary** sites to recover. See below for more details. The following guide assumes that: - You are using Omnibus and therefore you are using PostgreSQL 12 or later which includes the [`pg_basebackup` tool](https://www.postgresql.org/docs/12/app-pgbasebackup.html). -- You have a **primary** node already set up (the GitLab server you are +- You have a **primary** site already set up (the GitLab server you are replicating from), running Omnibus' PostgreSQL (or equivalent version), and - you have a new **secondary** server set up with the same + you have a new **secondary** site set up with the same [versions of PostgreSQL](../index.md#requirements-for-running-geo), - OS, and GitLab on all nodes. + OS, and GitLab on all sites. WARNING: Geo works with streaming replication. Logical replication is not supported at this time. There is an [issue where support is being discussed](https://gitlab.com/gitlab-org/gitlab/-/issues/7420). -#### Step 1. Configure the **primary** server +#### Step 1. Configure the **primary** site -1. SSH into your GitLab **primary** server and login as root: +1. SSH into your GitLab **primary** site and login as root: ```shell sudo -i @@ -81,13 +81,13 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o gitlab_rails['geo_node_name'] = '<site_name_here>' ``` -1. Reconfigure the **primary** node for the change to take effect: +1. Reconfigure the **primary** site for the change to take effect: ```shell gitlab-ctl reconfigure ``` -1. Execute the command below to define the node as **primary** node: +1. Execute the command below to define the site as **primary** site: ```shell gitlab-ctl set-geo-primary-node @@ -154,17 +154,17 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o 1. Configure PostgreSQL to listen on network interfaces: For security reasons, PostgreSQL does not listen on any network interfaces - by default. However, Geo requires the **secondary** node to be able to - connect to the **primary** node's database. For this reason, we need the address of - each node. + by default. However, Geo requires the **secondary** site to be able to + connect to the **primary** site's database. For this reason, we need the IP address of + each site. NOTE: For external PostgreSQL instances, see [additional instructions](external_database.md). If you are using a cloud provider, you can lookup the addresses for each - Geo node through your cloud provider's management console. + Geo site through your cloud provider's management console. - To lookup the address of a Geo node, SSH in to the Geo node and execute: + To lookup the address of a Geo site, SSH in to the Geo site and execute: ```shell ## @@ -183,11 +183,11 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o | Configuration | Address | |:----------------------------------------|:----------------------------------------------------------------------| - | `postgresql['listen_address']` | **Primary** node's public or VPC private address. | - | `postgresql['md5_auth_cidr_addresses']` | **Primary** and **Secondary** nodes' public or VPC private addresses. | + | `postgresql['listen_address']` | **Primary** site's public or VPC private address. | + | `postgresql['md5_auth_cidr_addresses']` | **Primary** and **Secondary** sites' public or VPC private addresses. | If you are using Google Cloud Platform, SoftLayer, or any other vendor that - provides a virtual private cloud (VPC) you can use the **primary** and **secondary** nodes + provides a virtual private cloud (VPC) you can use the **primary** and **secondary** sites private addresses (corresponds to "internal address" for Google Cloud Platform) for `postgresql['md5_auth_cidr_addresses']` and `postgresql['listen_address']`. @@ -201,10 +201,10 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o `127.0.0.1`. For more information, see [omnibus-5258](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5258). Depending on your network configuration, the suggested addresses may not - be correct. If your **primary** node and **secondary** nodes connect over a local + be correct. If your **primary** site and **secondary** sites connect over a local area network, or a virtual network connecting availability zones like [Amazon's VPC](https://aws.amazon.com/vpc/) or [Google's VPC](https://cloud.google.com/vpc/) - you should use the **secondary** node's private address for `postgresql['md5_auth_cidr_addresses']`. + you should use the **secondary** site's private address for `postgresql['md5_auth_cidr_addresses']`. Edit `/etc/gitlab/gitlab.rb` and add the following, replacing the IP addresses with addresses appropriate to your network configuration: @@ -225,19 +225,18 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o ## Primary address ## - replace '<primary_node_ip>' with the public or VPC address of your Geo primary node ## - postgresql['listen_address'] = '<primary_node_ip>' + postgresql['listen_address'] = '<primary_site_ip>' ## # Allow PostgreSQL client authentication from the primary and secondary IPs. These IPs may be # public or VPC addresses in CIDR format, for example ['198.51.100.1/32', '198.51.100.2/32'] ## - postgresql['md5_auth_cidr_addresses'] = ['<primary_node_ip>/32', '<secondary_node_ip>/32'] + postgresql['md5_auth_cidr_addresses'] = ['<primary_site_ip>/32', '<secondary_site_ip>/32'] ## ## Replication settings - ## - set this to be the number of Geo secondary nodes you have ## - postgresql['max_replication_slots'] = 1 + # postgresql['max_replication_slots'] = 1 # Set this to be the number of Geo secondary nodes if you have more than one # postgresql['max_wal_senders'] = 10 # postgresql['wal_keep_segments'] = 10 @@ -248,10 +247,10 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o gitlab_rails['auto_migrate'] = false ``` -1. Optional: If you want to add another **secondary** node, the relevant setting would look like: +1. Optional: If you want to add another **secondary** site, the relevant setting would look like: ```ruby - postgresql['md5_auth_cidr_addresses'] = ['<primary_node_ip>/32', '<secondary_node_ip>/32', '<another_secondary_node_ip>/32'] + postgresql['md5_auth_cidr_addresses'] = ['<primary_site_ip>/32', '<secondary_site_ip>/32', '<another_secondary_site_ip>/32'] ``` You may also want to edit the `wal_keep_segments` and `max_wal_senders` to match your @@ -288,20 +287,20 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o 1. Now that the PostgreSQL server is set up to accept remote connections, run `netstat -plnt | grep 5432` to make sure that PostgreSQL is listening on port - `5432` to the **primary** server's private address. + `5432` to the **primary** site's private address. 1. A certificate was automatically generated when GitLab was reconfigured. This is used automatically to protect your PostgreSQL traffic from eavesdroppers, but to protect against active ("man-in-the-middle") attackers, - the **secondary** node needs a copy of the certificate. Make a copy of the PostgreSQL - `server.crt` file on the **primary** node by running this command: + the **secondary** site needs a copy of the certificate. Make a copy of the PostgreSQL + `server.crt` file on the **primary** site by running this command: ```shell cat ~gitlab-psql/data/server.crt ``` Copy the output into a clipboard or into a local file. You - need it when setting up the **secondary** node! The certificate is not sensitive + need it when setting up the **secondary** site! The certificate is not sensitive data. However, this certificate is created with a generic `PostgreSQL` Common Name. For this, @@ -324,7 +323,7 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o #### Step 2. Configure the **secondary** server -1. SSH into your GitLab **secondary** server and login as root: +1. SSH into your GitLab **secondary** site and login as root: ```shell sudo -i @@ -338,28 +337,28 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o ``` NOTE: - This step is important so we don't try to execute anything before the node is fully configured. + This step is important so we don't try to execute anything before the site is fully configured. -1. [Check TCP connectivity](../../raketasks/maintenance.md) to the **primary** node's PostgreSQL server: +1. [Check TCP connectivity](../../raketasks/maintenance.md) to the **primary** site's PostgreSQL server: ```shell - gitlab-rake gitlab:tcp_check[<primary_node_ip>,5432] + gitlab-rake gitlab:tcp_check[<primary_site_ip>,5432] ``` NOTE: If this step fails, you may be using the wrong IP address, or a firewall may - be preventing access to the server. Check the IP address, paying close + be preventing access to the site. Check the IP address, paying close attention to the difference between public and private addresses and ensure - that, if a firewall is present, the **secondary** node is permitted to connect to the - **primary** node on port 5432. + that, if a firewall is present, the **secondary** site is permitted to connect to the + **primary** site on port 5432. -1. Create a file `server.crt` in the **secondary** server, with the content you got on the last step of the **primary** node's setup: +1. Create a file `server.crt` in the **secondary** site, with the content you got on the last step of the **primary** site's setup: ```shell editor server.crt ``` -1. Set up PostgreSQL TLS verification on the **secondary** node: +1. Set up PostgreSQL TLS verification on the **secondary** site: Install the `server.crt` file: @@ -374,9 +373,9 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o PostgreSQL now only recognizes that exact certificate when verifying TLS connections. The certificate can only be replicated by someone with access - to the private key, which is **only** present on the **primary** node. + to the private key, which is **only** present on the **primary** site. -1. Test that the `gitlab-psql` user can connect to the **primary** node's database +1. Test that the `gitlab-psql` user can connect to the **primary** site's database (the default Omnibus database name is `gitlabhq_production`): ```shell @@ -386,7 +385,7 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o -U gitlab_replicator \ -d "dbname=gitlabhq_production sslmode=verify-ca" \ -W \ - -h <primary_node_ip> + -h <primary_site_ip> ``` NOTE: @@ -397,11 +396,11 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o When prompted enter the _plaintext_ password you set in the first step for the `gitlab_replicator` user. If all worked correctly, you should see - the list of **primary** node's databases. + the list of **primary** site's databases. A failure to connect here indicates that the TLS configuration is incorrect. - Ensure that the contents of `~gitlab-psql/data/server.crt` on the **primary** node - match the contents of `~gitlab-psql/.postgresql/root.crt` on the **secondary** node. + Ensure that the contents of `~gitlab-psql/data/server.crt` on the **primary** site + match the contents of `~gitlab-psql/.postgresql/root.crt` on the **secondary** site. 1. Configure PostgreSQL: @@ -420,14 +419,14 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o ## ## Secondary address - ## - replace '<secondary_node_ip>' with the public or VPC address of your Geo secondary node + ## - replace '<secondary_site_ip>' with the public or VPC address of your Geo secondary site ## - postgresql['listen_address'] = '<secondary_node_ip>' - postgresql['md5_auth_cidr_addresses'] = ['<secondary_node_ip>/32'] + postgresql['listen_address'] = '<secondary_site_ip>' + postgresql['md5_auth_cidr_addresses'] = ['<secondary_site_ip>/32'] ## - ## Database credentials password (defined previously in primary node) - ## - replicate same values here as defined in primary node + ## Database credentials password (defined previously in primary site) + ## - replicate same values here as defined in primary site ## postgresql['sql_replication_password'] = '<md5_hash_of_your_password>' postgresql['sql_user_password'] = '<md5_hash_of_your_password>' @@ -435,7 +434,7 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o ``` For external PostgreSQL instances, see [additional instructions](external_database.md). - If you bring a former **primary** node back online to serve as a **secondary** node, then you also must remove `roles(['geo_primary_role'])` or `geo_primary_role['enable'] = true`. + If you bring a former **primary** site back online to serve as a **secondary** site, then you also must remove `roles(['geo_primary_role'])` or `geo_primary_role['enable'] = true`. 1. Reconfigure GitLab for the changes to take effect: @@ -451,24 +450,24 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o #### Step 3. Initiate the replication process -Below we provide a script that connects the database on the **secondary** node to -the database on the **primary** node, replicates the database, and creates the +Below we provide a script that connects the database on the **secondary** site to +the database on the **primary** site, replicates the database, and creates the needed files for streaming replication. The directories used are the defaults that are set up in Omnibus. If you have changed any defaults, configure it as you see fit replacing the directories and paths. WARNING: -Make sure to run this on the **secondary** server as it removes all PostgreSQL's +Make sure to run this on the **secondary** site as it removes all PostgreSQL's data before running `pg_basebackup`. -1. SSH into your GitLab **secondary** server and login as root: +1. SSH into your GitLab **secondary** site and login as root: ```shell sudo -i ``` -1. Choose a database-friendly name to use for your **secondary** node to +1. Choose a database-friendly name to use for your **secondary** site to use as the replication slot name. For example, if your domain is `secondary.geo.example.com`, you may use `secondary_example` as the slot name as shown in the commands below. @@ -476,13 +475,13 @@ data before running `pg_basebackup`. 1. Execute the command below to start a backup/restore and begin the replication WARNING: - Each Geo **secondary** node must have its own unique replication slot name. + Each Geo **secondary** site must have its own unique replication slot name. Using the same slot name between two secondaries breaks PostgreSQL replication. ```shell gitlab-ctl replicate-geo-database \ - --slot-name=<secondary_node_name> \ - --host=<primary_node_ip> \ + --slot-name=<secondary_site_name> \ + --host=<primary_site_ip> \ --sslmode=verify-ca ``` @@ -516,7 +515,7 @@ data before running `pg_basebackup`. - Change the `--slot-name` to the name of the replication slot to be used on the **primary** database. The script attempts to create the replication slot automatically if it does not exist. - - If you're repurposing an old server into a Geo **secondary** node, you must + - If you're repurposing an old site into a Geo **secondary** site, you must add `--force` to the command line. - When not in a production machine you can disable backup step if you really sure this is what you want by adding `--skip-backup` @@ -540,7 +539,7 @@ see [High Availability with Omnibus GitLab](../../postgresql/replication_and_fai To change the password for the [replication user](https://wiki.postgresql.org/wiki/Streaming_Replication) when using Omnibus-managed PostgreSQL instances: -On the GitLab Geo **primary** server: +On the GitLab Geo **primary** site: 1. The default value for the replication user is `gitlab_replicator`, but if you've set a custom replication user in your `/etc/gitlab/gitlab.rb` under the `postgresql['sql_replication_user']` setting, make sure to @@ -574,19 +573,18 @@ On the GitLab Geo **primary** server: sudo gitlab-ctl restart postgresql ``` -Until the password is updated on any **secondary** servers, the [PostgreSQL log](../../logs.md#postgresql-logs) on +Until the password is updated on any **secondary** sites, the [PostgreSQL log](../../logs/index.md#postgresql-logs) on the secondaries will report the following error message: ```console FATAL: could not connect to the primary server: FATAL: password authentication failed for user "gitlab_replicator" ``` -On all GitLab Geo **secondary** servers: +On all GitLab Geo **secondary** sites: 1. The first step isn't necessary from a configuration perspective, because the hashed `'sql_replication_password'` - is not used on the GitLab Geo **secondary**. However in the event that **secondary** needs to be promoted - to the GitLab Geo **primary**, make sure to match the `'sql_replication_password'` in the secondary - server configuration. + is not used on the GitLab Geo **secondary** sites. However in the event that **secondary** site needs to be promoted + to the GitLab Geo **primary**, make sure to match the `'sql_replication_password'` in the **secondary** site configuration. Edit `/etc/gitlab/gitlab.rb`: @@ -616,6 +614,28 @@ In GitLab 14.0, Patroni replaced `repmgr` as the supported NOTE: If you still haven't [migrated from repmgr to Patroni](#migrating-from-repmgr-to-patroni) you're highly advised to do so. +### Migrating from repmgr to Patroni + +1. Before migrating, we recommend that there is no replication lag between the **primary** and **secondary** sites and that replication is paused. In GitLab 13.2 and later, you can pause and resume replication with `gitlab-ctl geo-replication-pause` and `gitlab-ctl geo-replication-resume` on a Geo secondary database node. +1. Follow the [instructions to migrate repmgr to Patroni](../../postgresql/replication_and_failover.md#switching-from-repmgr-to-patroni). When configuring Patroni on each **primary** site database node, add `patroni['replication_slots'] = { '<slot_name>' => 'physical' }` +to `gitlab.rb` where `<slot_name>` is the name of the replication slot for your **secondary** site. This ensures that Patroni recognizes the replication slot as permanent and not drop it upon restarting. +1. If database replication to the **secondary** site was paused before migration, resume replication once Patroni is confirmed working on the **primary** site. + +### Migrating a single PostgreSQL node to Patroni + +Before the introduction of Patroni, Geo had no Omnibus support for HA setups on the **secondary** site. + +With Patroni it's now possible to support that. To migrate the existing PostgreSQL to Patroni: + +1. Make sure you have a Consul cluster setup on the secondary (similar to how you set it up on the **primary** site). +1. [Configure a permanent replication slot](#step-1-configure-patroni-permanent-replication-slot-on-the-primary-site). +1. [Configure the internal load balancer](#step-2-configure-the-internal-load-balancer-on-the-primary-site). +1. [Configure a PgBouncer node](#step-3-configure-pgbouncer-nodes-on-the-secondary-site) +1. [Configure a Standby Cluster](#step-4-configure-a-standby-cluster-on-the-secondary-site) + on that single node machine. + +You end up with a “Standby Cluster” with a single node. That allows you to later on add additional Patroni nodes by following the same instructions above. + ### Patroni support Patroni is the official replication management solution for Geo. It @@ -648,11 +668,11 @@ and other database best practices. ##### Step 1. Configure Patroni permanent replication slot on the primary site -To set up database replication with Patroni on a secondary node, we must -configure a _permanent replication slot_ on the primary node's Patroni cluster, +To set up database replication with Patroni on a secondary site, we must +configure a _permanent replication slot_ on the primary site's Patroni cluster, and ensure password authentication is used. -For each Patroni instance on the primary site **starting on the Patroni +On each node running a Patroni instance on the primary site **starting on the Patroni Leader instance**: 1. SSH into your Patroni instance and login as root: @@ -755,7 +775,7 @@ backend postgresql Refer to your preferred Load Balancer's documentation for further guidance. -##### Step 3. Configure a PgBouncer node on the secondary site +##### Step 3. Configure PgBouncer nodes on the secondary site A production-ready and highly available configuration requires at least three Consul nodes, a minimum of one PgBouncer node, but it's recommended to have @@ -764,7 +784,7 @@ more than one PgBouncer service nodes. The internal load balancer provides a sin endpoint for connecting to the PgBouncer cluster. For more information, see [High Availability with Omnibus GitLab](../../postgresql/replication_and_failover.md). -Follow the minimal configuration for the PgBouncer node: +On each node running a PgBouncer instance on the **secondary** site: 1. SSH into your PgBouncer node and login as root: @@ -820,11 +840,10 @@ Follow the minimal configuration for the PgBouncer node: ##### Step 4. Configure a Standby cluster on the secondary site NOTE: -If you are converting a secondary site to a Patroni Cluster, you must start -on the PostgreSQL instance. It becomes the Patroni Standby Leader instance, -and then you can switchover to another replica if you need. +If you are converting a secondary site with a single PostgreSQL instance to a Patroni Cluster, you must start on the PostgreSQL instance. It becomes the Patroni Standby Leader instance, +and then you can switch over to another replica if you need. -For each Patroni instance on the secondary site: +For each node running a Patroni instance on the secondary site: 1. SSH into your Patroni node and login as root: @@ -894,39 +913,29 @@ For each Patroni instance on the secondary site: gitlab-ctl start patroni ``` -### Migrating from repmgr to Patroni - -1. Before migrating, we recommend that there is no replication lag between the primary and secondary sites and that replication is paused. In GitLab 13.2 and later, you can pause and resume replication with `gitlab-ctl geo-replication-pause` and `gitlab-ctl geo-replication-resume` on a Geo secondary database node. -1. Follow the [instructions to migrate repmgr to Patroni](../../postgresql/replication_and_failover.md#switching-from-repmgr-to-patroni). When configuring Patroni on each primary site database node, add `patroni['replication_slots'] = { '<slot_name>' => 'physical' }` -to `gitlab.rb` where `<slot_name>` is the name of the replication slot for your Geo secondary. This ensures that Patroni recognizes the replication slot as permanent and not drop it upon restarting. -1. If database replication to the secondary was paused before migration, resume replication once Patroni is confirmed working on the primary. - -### Migrating a single PostgreSQL node to Patroni - -Before the introduction of Patroni, Geo had no Omnibus support for HA setups on the secondary node. +### Migrating a single tracking database node to Patroni -With Patroni it's now possible to support that. To migrate the existing PostgreSQL to Patroni: +Before the introduction of Patroni, Geo had no Omnibus support for HA setups on +the secondary site. -1. Make sure you have a Consul cluster setup on the secondary (similar to how you set it up on the primary). -1. [Configure a permanent replication slot](#step-1-configure-patroni-permanent-replication-slot-on-the-primary-site). -1. [Configure the internal load balancer](#step-2-configure-the-internal-load-balancer-on-the-primary-site). -1. [Configure a PgBouncer node](#step-3-configure-a-pgbouncer-node-on-the-secondary-site) -1. [Configure a Standby Cluster](#step-4-configure-a-standby-cluster-on-the-secondary-site) - on that single node machine. +With Patroni, it's now possible to support that. Due to some restrictions on the +Patroni implementation on Omnibus that do not allow us to manage two different +clusters on the same machine, we recommend setting up a new Patroni cluster for +the tracking database by following the same instructions above. -You end up with a "Standby Cluster" with a single node. That allows you to later on add additional Patroni nodes -by following the same instructions above. +The secondary nodes backfill the new tracking database, and no data +synchronization is required. ### Configuring Patroni cluster for the tracking PostgreSQL database -Secondary sites use a separate PostgreSQL installation as a tracking database to +**Secondary** sites use a separate PostgreSQL installation as a tracking database to keep track of replication status and automatically recover from potential replication issues. Omnibus automatically configures a tracking database when `roles(['geo_secondary_role'])` is set. If you want to run this database in a highly available configuration, don't use the `geo_secondary_role` above. Instead, follow the instructions below. -A production-ready and secure setup requires at least three Consul nodes, two +A production-ready and secure setup for the tracking PostgreSQL DB requires at least three Consul nodes, two Patroni nodes and one PgBouncer node on the secondary site. Because of [omnibus-6587](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6587), Consul can't track multiple @@ -935,9 +944,9 @@ services, so these must be different than the nodes used for the Standby Cluster Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) and other database best practices. -#### Step 1. Configure a PgBouncer node on the secondary site +#### Step 1. Configure PgBouncer nodes on the secondary site -Follow the minimal configuration for the PgBouncer node for the tracking database: +On each node running the PgBouncer service for the PostgreSQL tracking database: 1. SSH into your PgBouncer node and login as root: @@ -999,7 +1008,7 @@ Follow the minimal configuration for the PgBouncer node for the tracking databas #### Step 2. Configure a Patroni cluster -For each Patroni instance on the secondary site for the tracking database: +On each node running a Patroni instance on the secondary site for the PostgreSQL tracking database: 1. SSH into your Patroni node and login as root: @@ -1063,7 +1072,7 @@ For each Patroni instance on the secondary site for the tracking database: gitlab-ctl reconfigure ``` -#### Step 3. Configure the tracking database on the secondary nodes +#### Step 3. Configure the tracking database on the secondary sites For each node running the `gitlab-rails`, `sidekiq`, and `geo-logcursor` services: @@ -1100,19 +1109,6 @@ For each node running the `gitlab-rails`, `sidekiq`, and `geo-logcursor` service gitlab-rake db:migrate:geo ``` -### Migrating a single tracking database node to Patroni - -Before the introduction of Patroni, Geo had no Omnibus support for HA setups on -the secondary node. - -With Patroni, it's now possible to support that. Due to some restrictions on the -Patroni implementation on Omnibus that do not allow us to manage two different -clusters on the same machine, we recommend setting up a new Patroni cluster for -the tracking database by following the same instructions above. - -The secondary nodes backfill the new tracking database, and no data -synchronization is required. - ## Troubleshooting Read the [troubleshooting document](../replication/troubleshooting.md). |