Omnibus GitLab High Availability Roles All tiers Self-managed

Omnibus GitLab includes various software components/services to support running GitLab in a high availability configuration. By default, some of these supporting services are disabled, and Omnibus GitLab is configured to run as a single node installation. Each service can be enabled or disabled using configuration settings in /etc/gitlab/gitlab.rb, but the introduction of roles allows you to easily enable a group of services, and provides better default configuration based on the high availability roles you have enabled.

Not specifying any Roles (the default configuration)

When you don’t configure GitLab with any roles, GitLab enables the default services for a single node install. These include things like PostgreSQL, Redis, Puma, Sidekiq, Gitaly, GitLab Workhorse, NGINX, etc.

These can still be individually enable/disabled by the settings in your /etc/gitlab/gitlab.rb.

Specifying Roles

Roles are passed as an array in /etc/gitlab/gitlab.rb

Example specifying multiple roles:

roles ['redis_sentinel_role', 'redis_master_role']

Example specifying a single role:

roles ['geo_primary_role']

Roles

The majority of the following roles will only work on a GitLab Enterprise Edition, meaning a gitlab-ee Omnibus package. It will be mentioned next to each role.

GitLab App Role

  • application_role (gitlab-ce/gitlab-ee)

    The GitLab App role is used to configure an instance where only GitLab is running. Redis, PostgreSQL, and Consul services are disabled by default.

Redis Server Roles

Documentation on the use of the Redis Roles can be found in Configuring Redis for Scaling

  • redis_sentinel_role (gitlab-ee)

    Enables the sentinel service on the machine,

    By default, enables no other services.

  • redis_master_role (gitlab-ee)

    Enables the Redis service and monitoring, and allows configuring the master password

    By default, enables no other services.

  • redis_replica_role (gitlab-ee, introduced in GitLab 13.0)

    Enables the Redis service and monitoring

    By default, enables no other services.

GitLab Geo Roles

The GitLab Geo roles are used for configuration of GitLab Geo sites. See the Geo Setup Documentation for configuration steps.

  • geo_primary_role (gitlab-ee)

    This role:

    • Configures a single-node PostgreSQL database as a leader for streaming replication.
    • Prevents automatic upgrade of PostgreSQL since it requires downtime of streaming replication to Geo secondary sites.
    • Enables all single-node GitLab services including NGINX, Puma, Redis, and Sidekiq. If you are segregating services, then you must explicitly disable unwanted services in /etc/gitlab/gitlab.rb. Therefore, this role is only useful on a single-node PostgreSQL in a Geo primary site.
    • Cannot be used to set up a PostgreSQL cluster in a Geo primary site. Instead, see Geo multi-node database replication.

    By default, enables standard single-node GitLab services including NGINX, Puma, Redis, and Sidekiq.

  • geo_secondary_role (gitlab-ee)

    • Configures the secondary read-only replica database for incoming replication.
    • Configures the Rails connection to the Geo tracking database.
    • Enables the Geo tracking database geo-postgresql.
    • Enables the Geo Log Cursor geo-logcursor.
    • Disables automatic database migrations on the read-only replica database during reconfigure.
    • Reduces the number of Puma workers to save memory for other services.
    • Sets gitlab_rails['enable'] = true.

    This role is intended to be used in a Geo secondary site running on a single node. If using this role in a Geo site with multiple nodes, undesired services will need to be explicitly disabled in /etc/gitlab/gitlab.rb. See Geo for multiple nodes.

    This role should not be used to set up a PostgreSQL cluster in a Geo secondary site. Instead, see Geo multi-node database replication.

    By default, enables all of the GitLab default single node services. (NGINX, Puma, Redis, Sidekiq, etc)

Monitoring Roles

Introduced in GitLab 12.1.

Monitoring roles are used to set up monitoring of installations. For additional information, see the Monitoring documentation.

  • monitoring_role (gitlab-ce/gitlab-ee)

    Configures a central monitoring server to collect metrics and provide dashboards.

    Enables Prometheus and Alertmanager.

PostgreSQL Roles

Documentation on the usage of the PostgreSQL Roles can be found in Configuring PostgreSQL for Scaling

  • postgres_role (gitlab-ce/gitlab-ee)

    Enables the PostgreSQL and Consul services on the machine

    By default, enables no other services.

  • patroni_role (gitlab-ee, introduced in GitLab 13.8)

    Enables the PostgreSQL, patroni, and Consul services on the machine

    By default, enables no other services.

  • pgbouncer_role (gitlab-ee)

    Enables the PgBouncer and Consul services on the machine

    By default, enables no other services.

  • consul_role (gitlab-ee)

    Enables the Consul service on the machine

    By default, enables no other services.

GitLab Pages Roles

Introduced in GitLab 13.6.

GitLab Pages roles are used to setup and configure GitLab Pages. For additional information, see the GitLab Pages Administration documentation

  • pages_role (gitlab-ce/gitlab-ee)

    Configures the server with a GitLab Pages instance.

    By default, enables no other services.

Sidekiq Roles

Introduced in GitLab 14.1.

Sidekiq roles are used to setup and configure Sidekiq. For additional information, see the Sidekiq Administration documentation

  • sidekiq_role (gitlab-ce/gitlab-ee)

    Configures the server with Sidekiq service.

    By default, enables no other services.

Spamcheck Roles

Introduced in GitLab 14.9.

Spamcheck roles are used to setup and configure Spamcheck services. For additional information, see the Spamcheck documentation

  • spamcheck_role (gitlab-ee)

    Configures the server with spamcheck and spam-classifier services.

    By default, enables no other services.