Skip to content

Fix Pages object storage rendering and volume mounting

Balasankar 'Balu' C requested to merge mount-pages-object-storage into master

What does this MR do?

  1. Ensure Pages object storage configuration is loaded only when needed (and thus doesn't inadvertently disable consolidated object storage)
  2. Use Minio for Pages too, because even for the workaround we need it.
    1. Create gitlab-pages bucket
    2. Use Minio configuration in pages.object_store key also.

Related issues

#1678 (closed)

Test details

I am testing the hybrid-GitLab-Pages scenario, with the following details. The package for the VM came from gitlab-org/omnibus-gitlab!4740 (merged), so that I can use the new pages_role.

  1. Configure an omnibus-gitlab VM with the following /etc/gitlab/gitlab.rb

    roles ['pages_role']

pages_external_url 'http://<pages root domain>'

gitlab_pages['gitlab_server'] = 'https://gitlab.<k8s root domain>'
gitlab_pages['api_secret_key'] = 'dGhpc2lzYWJvZ3VzdGhpcnR5dHdvY2hhcmFjdGVycHc='   # base64 encoded version of `thisisabogusthirtytwocharacterpw`
gitlab_pages['domain_config_source'] = 'gitlab'    # Get domain configurations from GitLab, not from disk.

  2. Create k8s secret for API Secret key

    $ kubectl create secret generic balu-pages-api-secret --from-literal="shared_secret=dGhpc2lzYWJvZ3VzdGhpcnR5dHdvY2hhcmFjdGVycHc="

  3. Modify Minio connection configuration to use FQDN of Minio instance instead of service name as endpoint. I used 59962acd.

  4. Spin up a GitLab instance in the k8s cluster with the following values file

    global:
  hosts:
    domain: <k8s root domain>
    externalIP: <external ip>
  ingress:
    configureCertmanager: false
    tls:
      secretName: <HTTPS certificate secret>
  pages:
    host: <pages root domain>
    port: 80
    path: /srv/gitlab/shared/pages
    artifactsServer: true
    objectStore:
      bucket: gitlab-artifacts
    apiSecret:
      secret: balu-pages-api-secret
      key: shared_secret
gitlab-runner:
  runners:
    privileged: true

  5. Enable the necessary feature flags, by running the following command from task-runner pod

    $ gitlab-rails runner "Feature.enable(:zip_pages_deployments); Feature.enable(:pages_serve_from_deployments);"

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

  • Merge Request Title and Description are up to date, accurate, and descriptive
  • MR targeting the appropriate branch
  • MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

  • Test plan indicating conditions for success has been posted and passes
  • Documentation created/updated
  • Tests added
  • Integration tests added to GitLab QA
  • Equivalent MR/issue for omnibus-gitlab opened
Edited by Jason Plum

Merge request reports