From d8c3208aee1da616fd9472ddbf5cb84daf31490b Mon Sep 17 00:00:00 2001 From: Corey O'Brien Date: Wed, 2 May 2018 20:35:53 -0400 Subject: [PATCH 1/5] Split workhorse to seperate container and allow for additional configuration --- .../charts/unicorn/templates/deployment.yaml | 88 ++++++++++++++++++- charts/gitlab/charts/unicorn/values.yaml | 8 ++ 2 files changed, 93 insertions(+), 3 deletions(-) diff --git a/charts/gitlab/charts/unicorn/templates/deployment.yaml b/charts/gitlab/charts/unicorn/templates/deployment.yaml index eb06a22673..fc931ba1f8 100644 --- a/charts/gitlab/charts/unicorn/templates/deployment.yaml +++ b/charts/gitlab/charts/unicorn/templates/deployment.yaml @@ -59,12 +59,84 @@ spec: mountPath: '/etc/gitlab' readOnly: true containers: - - name: {{ .Chart.Name }} + - name: {{ .Chart.Name }}-unicorn image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - /bin/bash + - -ec + - > + /home/git/gitlab/bin/bundle exec unicorn + -E production + -c /home/git/gitlab/config/unicorn.rb + /home/git/gitlab/config.ru + & exec tail -f /var/log/gitlab/* ports: - containerPort: {{ .Values.service.internalPort }} name: unicorn + env: + - name: GITALY_FEATURE_DEFAULT_ON + value: "1" + - name: CONFIG_TEMPLATE_DIRECTORY + value: '/var/opt/gitlab/templates' + - name: CONFIG_DIRECTORY + value: '/var/opt/gitlab/config/gitlab/' +{{- if .Values.metrics.enabled }} + - name: prometheus_multiproc_dir + value: /metrics +{{- end }} + volumeMounts: +{{- if .Values.metrics.enabled }} + - name: unicorn-metrics + mountPath: '/metrics' +{{- end }} + - name: unicorn-config + mountPath: '/var/opt/gitlab/templates' + - name: unicorn-secrets + mountPath: '/etc/gitlab' + readOnly: true + - name: unicorn-secrets + mountPath: /home/git/gitlab/config/secrets.yml + subPath: rails-secrets/secrets.yml + - name: unicorn-config + mountPath: '/home/git/gitlab/config/initializers/smtp_settings.rb' + subPath: smtp_settings.rb + - name: uploads + mountPath: /home/git/gitlab/public/uploads + - name: lfs-objects + mountPath: /home/git/gitlab/shared/lfs-objects + livenessProbe: + exec: + command: + - /bin/bash + - -ec + - printf "GET / HTTP/1.1\n\n" > /dev/tcp/127.0.0.1/8080 + initialDelaySeconds: 20 + timeoutSeconds: 30 + periodSeconds: 60 + # readinessProbe: + # httpGet: + # path: / + # port: {{ .Values.service.internalPort }} + resources: +{{ toYaml .Values.resources | indent 12 }} + - name: {{ .Chart.Name }}-workhorse + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - gitlab-workhorse + - -listenAddr + - 0.0.0.0:8181 + - -documentRoot + - /home/git/gitlab/public + - -secretPath + - /home/git/gitlab/.gitlab_workhorse_secret + - -config + - /var/opt/gitlab/config/gitlab/workhorse-config.toml +{{- if .Values.workhorse.extraArgs }} +{{ toYaml .Values.workhorse.extraArgs | indent 12 }} +{{- end }} + ports: - containerPort: {{ .Values.service.workhorseInternalPort }} name: workhorse env: @@ -98,10 +170,16 @@ spec: - name: unicorn-config mountPath: '/home/git/gitlab/config/initializers/smtp_settings.rb' subPath: smtp_settings.rb + - name: uploads + mountPath: /home/git/gitlab/public/uploads + - name: lfs-objects + mountPath: /home/git/gitlab/shared/lfs-objects livenessProbe: exec: command: - - /scripts/healthcheck + - /bin/bash + - -ec + - printf "GET / HTTP/1.1\n\n" > /dev/tcp/127.0.0.1/8181 initialDelaySeconds: 20 timeoutSeconds: 30 periodSeconds: 60 @@ -110,7 +188,7 @@ spec: # path: / # port: {{ .Values.service.internalPort }} resources: -{{ toYaml .Values.resources | indent 12 }} +{{ toYaml .Values.workhorse.resources | indent 12 }} volumes: {{- if .Values.metrics.enabled }} - name: unicorn-metrics @@ -184,6 +262,10 @@ spec: - name: unicorn-secrets emptyDir: medium: "Memory" + - name: uploads + emptyDir: {} + - name: lfs-objects + emptyDir: {} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/charts/gitlab/charts/unicorn/values.yaml b/charts/gitlab/charts/unicorn/values.yaml index 55d0bfcb3e..8e4d6bf2dd 100644 --- a/charts/gitlab/charts/unicorn/values.yaml +++ b/charts/gitlab/charts/unicorn/values.yaml @@ -32,6 +32,14 @@ workerProcesses: 2 workerTimeout: 60 workhorse: sentryDSN: "" + extraArgs: [] + resources: + # limits: + # cpu: 1 + # memory: 2G + requests: + cpu: 50m + memory: 200Mi omniauth: providers: [] # - name: google_oauth2 -- GitLab From 7f082d42b77906f587469b5a08cad508eab91b39 Mon Sep 17 00:00:00 2001 From: Corey O'Brien Date: Thu, 3 May 2018 09:21:22 -0400 Subject: [PATCH 2/5] Add docs --- doc/installation/command-line-options.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/doc/installation/command-line-options.md b/doc/installation/command-line-options.md index 15368dc559..8eb3eb785a 100644 --- a/doc/installation/command-line-options.md +++ b/doc/installation/command-line-options.md @@ -250,8 +250,11 @@ Tables below contain all the possible charts configurations that can be supplied | gitlab.unicorn.registry.certificate.secret | Registry certificate | gitlab-registry | | gitlab.unicorn.registry.certificate.key | Registry certificate key | registry-auth.key | | gitlab.unicorn.resources.requests.cpu | Unicorn minimum cpu | 200m | -| gitlab.unicorn.resources.requests.memory | Unicorn minimum memory | 1.4G | +| gitlab.unicorn.resources.requests.memory | Unicorn minimum memory | 2G | | gitlab.unicorn.workhorse.sentryDSN | DSN for Sentry instance for error reporting | "" | +| gitlab.unicorn.workhorse.extraArgs | Additional options for workhorse | "" | +| gitlab.unicorn.workhorse.resources.requests.cpu | Workhorse minimum cpu | 50m | +| gitlab.unicorn.workhorse.resources.requests.memory | Workhorse minimum memory | 200Mi | | gitlab.migrations.image.repository | Migrations image repository | registry.gitlab.com/gitlab-org/build/cng/gitlab-rails-ee | | gitlab.migrations.image.tag | Migrations image tag | latest | | gitlab.migrations.image.pullPolicy | Migrations pull policy | Always | -- GitLab From 98cebbd3d0370efedca5c464c6662807376287ac Mon Sep 17 00:00:00 2001 From: Corey O'Brien Date: Thu, 3 May 2018 09:41:47 -0400 Subject: [PATCH 3/5] Add changelog --- changelogs/unreleased/249-workhorseconfig.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changelogs/unreleased/249-workhorseconfig.yml diff --git a/changelogs/unreleased/249-workhorseconfig.yml b/changelogs/unreleased/249-workhorseconfig.yml new file mode 100644 index 0000000000..cdb3f2df03 --- /dev/null +++ b/changelogs/unreleased/249-workhorseconfig.yml @@ -0,0 +1,5 @@ +--- +title: Added configuration options for workhorse +merge_request: 261 +author: Corey O'Brien +type: added -- GitLab From 2d595ac9822dc32af481f77afbbec4ddd9f668ed Mon Sep 17 00:00:00 2001 From: Corey O'Brien Date: Thu, 3 May 2018 10:47:55 -0400 Subject: [PATCH 4/5] Share artifacts and use sane container names --- charts/gitlab/charts/unicorn/templates/deployment.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/gitlab/charts/unicorn/templates/deployment.yaml b/charts/gitlab/charts/unicorn/templates/deployment.yaml index fc931ba1f8..1e1da2fb60 100644 --- a/charts/gitlab/charts/unicorn/templates/deployment.yaml +++ b/charts/gitlab/charts/unicorn/templates/deployment.yaml @@ -59,7 +59,7 @@ spec: mountPath: '/etc/gitlab' readOnly: true containers: - - name: {{ .Chart.Name }}-unicorn + - name: unicorn image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} args: @@ -105,6 +105,8 @@ spec: mountPath: /home/git/gitlab/public/uploads - name: lfs-objects mountPath: /home/git/gitlab/shared/lfs-objects + - name: artifacts + mountPath: /home/git/gitlab/shared/artifacts livenessProbe: exec: command: @@ -120,7 +122,7 @@ spec: # port: {{ .Values.service.internalPort }} resources: {{ toYaml .Values.resources | indent 12 }} - - name: {{ .Chart.Name }}-workhorse + - name: workhorse image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} args: @@ -174,6 +176,8 @@ spec: mountPath: /home/git/gitlab/public/uploads - name: lfs-objects mountPath: /home/git/gitlab/shared/lfs-objects + - name: artifacts + mountPath: /home/git/gitlab/shared/artifacts livenessProbe: exec: command: @@ -266,6 +270,8 @@ spec: emptyDir: {} - name: lfs-objects emptyDir: {} + - name: artifacts + emptyDir: {} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} -- GitLab From 8d5a72564fd7ae0448355d998864f5a368ef5e9f Mon Sep 17 00:00:00 2001 From: Corey O'Brien Date: Thu, 3 May 2018 11:52:29 -0400 Subject: [PATCH 5/5] Slightly more limited scope for shared folders --- .../gitlab/charts/unicorn/templates/deployment.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/gitlab/charts/unicorn/templates/deployment.yaml b/charts/gitlab/charts/unicorn/templates/deployment.yaml index 1e1da2fb60..5e3c121878 100644 --- a/charts/gitlab/charts/unicorn/templates/deployment.yaml +++ b/charts/gitlab/charts/unicorn/templates/deployment.yaml @@ -102,11 +102,11 @@ spec: mountPath: '/home/git/gitlab/config/initializers/smtp_settings.rb' subPath: smtp_settings.rb - name: uploads - mountPath: /home/git/gitlab/public/uploads + mountPath: /home/git/gitlab/public/uploads/tmp - name: lfs-objects - mountPath: /home/git/gitlab/shared/lfs-objects + mountPath: /home/git/gitlab/shared/lfs-objects/tmp - name: artifacts - mountPath: /home/git/gitlab/shared/artifacts + mountPath: /home/git/gitlab/shared/artifacts/tmp livenessProbe: exec: command: @@ -173,11 +173,11 @@ spec: mountPath: '/home/git/gitlab/config/initializers/smtp_settings.rb' subPath: smtp_settings.rb - name: uploads - mountPath: /home/git/gitlab/public/uploads + mountPath: /home/git/gitlab/public/uploads/tmp - name: lfs-objects - mountPath: /home/git/gitlab/shared/lfs-objects + mountPath: /home/git/gitlab/shared/lfs-objects/tmp - name: artifacts - mountPath: /home/git/gitlab/shared/artifacts + mountPath: /home/git/gitlab/shared/artifacts/tmp livenessProbe: exec: command: -- GitLab