You are browsing a read-only backup copy of Wikitech. The live site can be found at wikitech.wikimedia.org

GitLab/Test Instance

From Wikitech-static
< GitLab
Revision as of 09:28, 29 November 2022 by imported>Jelto (change OS of test instance to bullseye)
Jump to navigation Jump to search

A production-like test instance can be used to test changes, updates and prototype code. The WMCS/VPS instance gitlab-prod-1001.devtools.eqiad1.wikimedia.cloud uses mostly identical Puppet configuration and is accessible using wmcloud SSO for users with wmf/nda permissions. The instance can be reached at https://gitlab.devtools.wmcloud.org/

The test instance does not share data (user, repos, groups) with the production instance. So if you need them for testing, you have to migrate this data or request certain groups.

Resetting test instance

Snapshot and restore is not supported in WMCS currently. If changes modify the test instance significantly, we advice to create an additional, temporary instance (see below). Minor changes can be tested by creating backups of certain config files, undo changes or disable puppet temporarily. However the test instance gitlab-prod-1001 must not differ from the actual puppet configuration.

Setup new test instances

If changes modify the test instance significantly, we advice to create an additional, temporary test instance in the WMCS/VPS project devtools. Follow steps below to create a additional instance:

  • Create VM in WMCS project devtools, flavor g3.cores2.ram4.disk20, image debian-11.0-bullseye (please note the current GitLab test instance needs a bullseye upgrade T318521)
  • Create floating IP and link it with new vm (quota increase may needed)
  • Create DNS A record for floating IP in zone wmcloud.org
  • Set at least the following hieradata for the host:
    profile::gitlab::passive_host: '<instance-name>.devtools.wmcloud.org'
profile::gitlab::cert_path: '/etc/letsencrypt/live/<instance-name>.devtools.wmcloud.org/fullchain.pem'
profile::gitlab::key_path: '/etc/letsencrypt/live/<instance-name>.devtools.wmcloud.org/privkey.pem'
profile::gitlab::service_ip_v4: '<floating-ip>'
profile::gitlab::service_name: '<instance-name>.devtools.wmcloud.org'
  • Assign puppet role::gitlab to new instance
  • Edit /etc/interfaces similar to gitlab-prod-1001
  • Wait for puppet run/force puppet run on new instance
  • Run initial cerbot command (see todo below, will be added to puppet):
    certbot certonly --standalone --preferred-challenges http -d <instance-name>.devtools.wmcloud.org
  • Verify installation by login to the instance by using the new DNS entry. Login should be able using SSO (wmcloud idp has wildcard for wmcloud.org)
  • Optionally:

Open todos

  • move initial certbot command to puppet/verify if this is needed
  • simplify hiera data so that hostname has to be set only once
  • automate configuration for /etc/interfaces in puppet
  • verify steps above
Retrieved from "https://wikitech-static.wikimedia.org/w/index.php?title=GitLab/Test_Instance&oldid=595295"