diff options
Diffstat (limited to 'doc/install/aws/index.md')
| -rw-r--r-- | doc/install/aws/index.md | 68 |
1 files changed, 33 insertions, 35 deletions
diff --git a/doc/install/aws/index.md b/doc/install/aws/index.md index ee4f759be3a..c2b1198940b 100644 --- a/doc/install/aws/index.md +++ b/doc/install/aws/index.md @@ -315,10 +315,8 @@ persistence and is used for certain types of the GitLab application. 1. Navigate back to the ElastiCache dashboard. 1. Select **Redis** on the left menu and click **Create** to create a new - Redis cluster. Depending on your load, you can choose whether to enable - cluster mode or not. Even without cluster mode on, you still get the - chance to deploy Redis in multi availability zones. In this guide, we chose - not to enable it. + Redis cluster. Do not enable **Cluster Mode** as it is [not supported](../../administration/high_availability/redis.md#provide-your-own-redis-instance-core-only). Even without cluster mode on, you still get the + chance to deploy Redis in multiple availability zones. 1. In the settings section: 1. Give the cluster a name (`gitlab-redis`) and a description. 1. For the version, select the latest of `5.0` series (e.g., `5.0.6`). @@ -383,6 +381,37 @@ EC2 instances running Linux use private key files for SSH authentication. You'll Storing private key files on your bastion host is a bad idea. To get around this, use SSH agent forwarding on your client. See [Securely Connect to Linux Instances Running in a Private Amazon VPC](https://aws.amazon.com/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/) for a step-by-step guide on how to use SSH agent forwarding. +## Setting up Gitaly + +CAUTION: **Caution:** In this architecture, having a single Gitaly server creates a single point of failure. This limitation will be removed once [Gitaly HA](https://gitlab.com/groups/gitlab-org/-/epics/842) is released. + +Gitaly is a service that provides high-level RPC access to Git repositories. +It should be enabled and configured on a separate EC2 instance in one of the +[private subnets](#subnets) we configured previously. + +Let's create an EC2 instance where we'll install Gitaly: + +1. From the EC2 dashboard, click **Launch instance**. +1. Choose an AMI. In this example, we'll select the **Ubuntu Server 18.04 LTS (HVM), SSD Volume Type**. +1. Choose an instance type. We'll pick a **c5.xlarge**. +1. Click **Configure Instance Details**. + 1. In the **Network** dropdown, select `gitlab-vpc`, the VPC we created earlier. + 1. In the **Subnet** dropdown, select `gitlab-private-10.0.1.0` from the list of subnets we created earlier. + 1. Double check that **Auto-assign Public IP** is set to `Use subnet setting (Disable)`. + 1. Click **Add Storage**. +1. Increase the Root volume size to `20 GiB` and change the **Volume Type** to `Provisoned IOPS SSD (io1)`. (This is an arbitrary size. Create a volume big enough for your repository storage requirements.) + 1. For **IOPS** set `1000` (20 GiB x 50 IOPS). You can provision up to 50 IOPS per GiB. If you select a larger volume, increase the IOPS accordingly. Workloads where many small files are written in a serialized manner, like `git`, requires performant storage, hence the choice of `Provisoned IOPS SSD (io1)`. +1. Click on **Add Tags** and add your tags. In our case, we'll only set `Key: Name` and `Value: Gitaly`. +1. Click on **Configure Security Group** and let's **Create a new security group**. + 1. Give your security group a name and description. We'll use `gitlab-gitaly-sec-group` for both. + 1. Create a **Custom TCP** rule and add port `8075` to the **Port Range**. For the **Source**, select the `gitlab-loadbalancer-sec-group`. +1. Click **Review and launch** followed by **Launch** if you're happy with your settings. +1. Finally, acknowledge that you have access to the selected private key file or create a new one. Click **Launch Instances**. + + > **Optional:** Instead of storing configuration _and_ repository data on the root volume, you can also choose to add an additional EBS volume for repository storage. Follow the same guidance as above. See the [Amazon EBS pricing](https://aws.amazon.com/ebs/pricing/). + +Now that we have our EC2 instance ready, follow the [documentation to install GitLab and set up Gitaly on its own server](../../administration/gitaly/index.md#running-gitaly-on-its-own-server). + ## Deploying GitLab inside an auto scaling group We'll use AWS's wizard to deploy GitLab and then SSH into the instance to @@ -551,37 +580,6 @@ sudo gitlab-ctl status If everything looks good, you should be able to reach GitLab in your browser. -### Setting up Gitaly - -CAUTION: **Caution:** In this architecture, having a single Gitaly server creates a single point of failure. This limitation will be removed once [Gitaly HA](https://gitlab.com/groups/gitlab-org/-/epics/842) is released. - -Gitaly is a service that provides high-level RPC access to Git repositories. -It should be enabled and configured on a separate EC2 instance in one of the -[private subnets](#subnets) we configured previously. - -Let's create an EC2 instance where we'll install Gitaly: - -1. From the EC2 dashboard, click **Launch instance**. -1. Choose an AMI. In this example, we'll select the **Ubuntu Server 18.04 LTS (HVM), SSD Volume Type**. -1. Choose an instance type. We'll pick a **c5.xlarge**. -1. Click **Configure Instance Details**. - 1. In the **Network** dropdown, select `gitlab-vpc`, the VPC we created earlier. - 1. In the **Subnet** dropdown, select `gitlab-private-10.0.1.0` from the list of subnets we created earlier. - 1. Double check that **Auto-assign Public IP** is set to `Use subnet setting (Disable)`. - 1. Click **Add Storage**. -1. Increase the Root volume size to `20 GiB` and change the **Volume Type** to `Provisoned IOPS SSD (io1)`. (This is an arbitrary size. Create a volume big enough for your repository storage requirements.) - 1. For **IOPS** set `1000` (20 GiB x 50 IOPS). You can provision up to 50 IOPS per GiB. If you select a larger volume, increase the IOPS accordingly. Workloads where many small files are written in a serialized manner, like `git`, requires performant storage, hence the choice of `Provisoned IOPS SSD (io1)`. -1. Click on **Add Tags** and add your tags. In our case, we'll only set `Key: Name` and `Value: Gitaly`. -1. Click on **Configure Security Group** and let's **Create a new security group**. - 1. Give your security group a name and description. We'll use `gitlab-gitaly-sec-group` for both. - 1. Create a **Custom TCP** rule and add port `8075` to the **Port Range**. For the **Source**, select the `gitlab-loadbalancer-sec-group`. -1. Click **Review and launch** followed by **Launch** if you're happy with your settings. -1. Finally, acknowledge that you have access to the selected private key file or create a new one. Click **Launch Instances**. - - > **Optional:** Instead of storing configuration _and_ repository data on the root volume, you can also choose to add an additional EBS volume for repository storage. Follow the same guidance as above. See the [Amazon EBS pricing](https://aws.amazon.com/ebs/pricing/). - -Now that we have our EC2 instance ready, follow the [documentation to install GitLab and set up Gitaly on its own server](../../administration/gitaly/index.md#running-gitaly-on-its-own-server). - ### Using Amazon S3 object storage GitLab stores many objects outside the Git repository, many of which can be |