You are browsing a read-only backup copy of Wikitech. The primary site can be found at wikitech.wikimedia.org

GitLab: Difference between revisions

From Wikitech-static
Jump to navigation Jump to search
imported>Jobo
mNo edit summary
imported>Dduvall
mNo edit summary
Line 11: Line 11:
* External resources:
* External resources:
** [https://gitlab.wikimedia.org/ Production GitLab]
** [https://gitlab.wikimedia.org/ Production GitLab]
** [https://docs.gitlab.com GitLab docs]
** [https://docs.gitlab.com GitLab docs]  
** [https://www.mediawiki.org/wiki/GitLab GitLab in MediaWiki]
** [https://www.mediawiki.org/wiki/GitLab GitLab in MediaWiki]
** [https://phabricator.wikimedia.org/project/view/5057/ GitLab in Phabricator]
** [https://phabricator.wikimedia.org/project/view/5057/ GitLab in Phabricator]
Line 25: Line 25:
* gitlab-ansible-test in WMCS gitlab-test project
* gitlab-ansible-test in WMCS gitlab-test project
* gitlab in WMCS gitlab-test project
* gitlab in WMCS gitlab-test project
== GitLab instances ==


gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in [[gerrit:plugins/gitiles/operations/puppet/+/refs/heads/production/modules/profile/manifests/gitlab.pp|profile::gitlab]]. Additional GitLab specific configuration comes from [[gerrit:plugins/gitiles/operations/gitlab-ansible|gitlab-ansible]]. Its planned to migrate all of the logic to puppet and drop Ansible (see [[phab:T283076|T283076]]). GitLab is installed as a [https://docs.gitlab.com/omnibus/ Omnibus installation] on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the [[mw:GitLab/Initialization|Initialization docs in Mediawiki]].
gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in [[gerrit:plugins/gitiles/operations/puppet/+/refs/heads/production/modules/profile/manifests/gitlab.pp|profile::gitlab]]. Additional GitLab specific configuration comes from [[gerrit:plugins/gitiles/operations/gitlab-ansible|gitlab-ansible]]. Its planned to migrate all of the logic to puppet and drop Ansible (see [[phab:T283076|T283076]]). GitLab is installed as a [https://docs.gitlab.com/omnibus/ Omnibus installation] on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the [[mw:GitLab/Initialization|Initialization docs in Mediawiki]].


GitLab login is implemented with SSO using the [[CAS-SSO|CAS/SSO]]. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Groups <code>ops</code>, <code>wmf</code> or <code>nda</code> are needed to access GitLab currently.<ref>https://gerrit.wikimedia.org/r/c/operations/puppet/+/709383/2/hieradata/role/common/idp.yaml#175</ref>
GitLab login is implemented with SSO using the [[CAS-SSO|CAS/SSO]]. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Groups <code>ops</code>, <code>wmf</code> or <code>nda</code> are needed to access GitLab currently.<ref>https://gerrit.wikimedia.org/r/c/operations/puppet/+/709383/2/hieradata/role/common/idp.yaml#175</ref>
== GitLab runners ==
For our current and future runner setups, see [[GitLab/Gitlab Runner]].


[[Category:SRE Service Operations]]
[[Category:SRE Service Operations]]

Revision as of 17:10, 2 September 2021


This page contains SRE related topics for GitLab. For GitLab application specific information, please see https://www.mediawiki.org/wiki/GitLab (under Implementation).

GitLab is reachable at https://gitlab.wikimedia.org/. We run multiple instances of GitLab:

GitLab instances

gitlab1001 and gitlab2001 are setup using puppet and Ansible. The base configuration currently lives in profile::gitlab. Additional GitLab specific configuration comes from gitlab-ansible. Its planned to migrate all of the logic to puppet and drop Ansible (see T283076). GitLab is installed as a Omnibus installation on all instances. So all GitLab components are installed using the official packages and are executed on a single host. The reasons for this setup can be found in the Initialization docs in Mediawiki.

GitLab login is implemented with SSO using the CAS/SSO. So users will be redirected to idp.wikimedia.org to login to the SSO portal. Groups ops, wmf or nda are needed to access GitLab currently.[1]

GitLab runners

For our current and future runner setups, see GitLab/Gitlab Runner.