Skip to content

Remove NFS requirement for Toolkit

Grant Young requested to merge gy-remove-nfs-requirement3 into main

What does this MR do?

MR removes the NFS requirement for the Toolkit, which it used previously to propagate select files across nodes. Instead a selection of different methods are used for each case depending on the circumstance:

  • Secrets are now loaded into the controller's memory on a best effort basis and propagated accordingly
  • SSH keys, where file permissions can change depending on OS, are copied over to the controller and then propagated out accordingly before being deleted on the controller.

NFS is still offered as an optional separate setup for use cases where NFS is desired over Object Storage for GitLab data.

This work has had many revisions due to various limitations and restrictions in Ansible while trying to meet GitLab's requirements. The new methods are more involved as a result due to the lack of simple permanence NFS gave us but as detailed in #645 (closed) NFS is becoming too much of a burden to keep. A full debrief will follow.

Related issues

Closes #645 (closed)

Testing status:

  • Omnibus (All)
  • Omnibus (Single Playbook)
  • Cloud Native Hybrid (All)
  • Cloud Native Hybrid (Single Playbook)
  • Geo

Author's checklist

When ready for review, the Author applies the workflowready for review label and mention @gl-quality/get-maintainers:

  • Merge request:
    • Corresponding Issue raised and reviewed by the GET maintainers team.
    • Merge Request Title and Description are up-to-date, accurate, and descriptive
    • MR targeting the appropriate branch
    • MR has a green pipeline
    • MR has no new security alerts in the widget from the Secret Detection and IaC Scan (SAST) jobs.
  • Code:
    • Check the area changed works as expected. Consider testing it in different environment sizes (1k,3k,10k,etc.).
    • Documentation created/updated in the same MR.
    • If this MR adds an optional configuration - check that all permutations continue to work.
    • For Terraform changes: set up a previous version environment, then run a terraform plan with your new changes and ensure nothing will be destroyed. If anything will be destroyed and this can't be avoided please add a comment to the current MR.
  • Create any follow-up issue(s) to support the new feature across other supported cloud providers or advanced configurations. Create 1 issue for each provider/configuration. Contact the Quality Enablement team if unsure.
Edited by Grant Young

Merge request reports

Loading