►
From YouTube: Trying out GitLab Geo installation via the Helm Charts
Description
Going through the Geo docs to install Geo using our Helm Charts with two Omnibus, external (from k8s) DBs.
Issue link: https://gitlab.com/gitlab-org/gitlab/-/issues/36965
(there's a blank screen at ~15:30 because of a system crash, afterwards it continues with the second part)
A
B
B
Yeah,
so
we
don't,
we
don't
recommend
running
you
kind
of
your
own
postgres
version,
and
we
also
don't
have
like
a
tested
way
of
doing
replication,
like
the
main
thing
of
you
is
that
you
need
to
have
replicated
database
for
the
secondary
as
well.
So
in
this
case
we
already
have
like
the
omnibus
atoms,
or
you
could
also
use
like
an
external
postgres
and
set
up
the
application
yourself
there
sure,
but.
B
B
A
B
A
Maybe
something
we
can,
I
mean
this
is
maybe
something
we
can
do
at
the
like
sec
like
later
iteration,
because
I
don't
see
any
issue
with
that
at
all
right.
You
should
you
just
need
to
make
sure
that
your
databases
work
right
and
then
point
your
your
clusters
to
that
right
and
if
the
external
db
handles
the
replication
that
shouldn't
be
an
issue
yeah.
B
Cool
so
in
this
case
yeah
we're
going
to
use
the
only
bus
ones
so
we're
going
to
follow
the
docks.
This
is
like
the
most
straightforward
one,
because
we
already
have
all
the
setup
in
only
bus
for
like
regular
two
instances,
so
we
could
just
use
the
same
for
the
databases
and
have
the
install
in
kubernetes
so
going
to
the
docs
requirements.
B
D
B
B
B
B
B
C
D
B
B
A
B
Which
is
trying
to
implement
that
so
this
might
change
pretty
soon
yeah,
okay
cool!
So
let's
configure
the
primary
db
first.
So
we're
going
to
start
with
this
example:
config,
I'm
just
going
to
to
initially
paste
it
in
my
my
editor
and
then
we'll
actually
paste
it
in
the
on
the
server
itself
after
we
edit
it
so.
B
So
this
doesn't
need
to
be
the
exact
domain.
You
can
put
it
as
well-
oh
it
can
be
just
like
a
node
name
as
long
as
we're
going
to
use
the
same
in
the
ui
when
we
add
the
nodes,
this
is
more
important
for
the
secondary,
basically
so
that
when
we
add
it
in
in
the
primary
data
when
we're
editing
the
primary
ui
as
the
tune,
node
we're
going
to
need
to
match
the
geonote
name
and
the
external
url.
Just
so,
let's
your
setup
will
recognize
the
node.
B
A
C
D
B
So
it's
not
actually
mentioned
we
could
use
0.0.0.0,
which
means
it's
going
to
listen
on
all
addresses,
or
in
our
case
since
we
know
the
internality,
and
we
know
that
it's
already
bypassing
the
firewall
on
this
internal
network.
We
could
just
listen
on
this
ip
instead
of
force
listening
on
the
public
one
as
well,
and
then
for
the
user
password,
we
already
have
it
here,
I'm
going
to
copy
it,
okay
and
then
the
list
of
the
ca
cid
addresses.
B
So
if
we
leave
it
like
that,
we're
going
to
allow
all
instances
in
this
case
it's
only
on
an
internal
network.
So
that's
fine,
I'm
going
to
leave
it
like
that,
but
I
really
wanted
to
customize.
As
mentioned
in
the
in
the
docs,
you
you
want
to
add
your
local
ip
and
then
type
address
of
the
cluster
and
the
secondary
node
as
well.
B
A
B
B
B
B
B
B
And
I
think
it's
the
part
where
we
could
add
a
bit
in
the
docs
like
in
this
case.
I
know
because
I've
tested
I've
played
with
a
help
chart
before,
but
basically
it's
going
to
create
actually
a
kit
lab
dot
this
domain
when
it's
deployed,
so
the
domain
is
actually
like
the
the
base
domain,
where
this
install
is
going
to
leave
and
then
it's
going
to
create
automatically
gitlab
dot
and
then
menu
dot
and
registry,
both
so
we'll
end
up
with
this
url
for
our
primary
node.
B
A
A
C
B
C
Okay,
so
I
have
a
question
at
once:
yep,
so
are
you
supposed
to
create
the
file
before
you're
going
to
run
this
so
because,
basically
I
you
know
you
just
said
earlier
that,
oh
I
think
I
went
ahead
with
the
with
the
actual
file,
but
then
the
step
says:
oh
one
will
need
to
create
secret
blah
blah
blah.
Then
two
you
will
need
to
do
the
following.
So
basically
the
the
information
before
that
is
not
really
useful
at
the
moment.
A
A
B
A
B
B
B
B
B
B
Doesn't
mention
the
node
name
in
here,
but
it
should
be
the
one
that
we've
set
in
the
primary
dot
rb,
oh
and
by
the
way.
Another
point
this
one
specifically
shouldn't
be
needed
here,
because
the
gitlab
rails
settings
are
for
rails
itself,
but
we
only
run
the
database
on
this
node.
So
pretty
much.
The
node
name
wouldn't
do
anything
even
if
we
set
it
on
this
host.
So
this
is
actually
what
we
need
to
set
in.
B
B
B
B
B
B
B
B
A
C
C
B
B
C
C
B
B
C
B
Yeah
yeah,
that's
a
good
point,
don't
know
much
kubernetes
for
that,
but
I
think
you
can
look
first
at
the
ingressy
see
if
you,
if
you
get
an
ip,
because
I
think
the
main
problem
is
for
this
epi
to
get
allocated
by
the
cloud
provider
and
then
the
dns
to
be
set
and
afterwards,
if
you
get
those,
but
it's
still
not
happening
like
anything,
is
not
happening
and
the
ip
address
gets
resolved
or
looks
like
in
this
case.
It
start
now:
let's
see
okay,
so
we
didn't
get
a
certificate
yet.
C
B
Yeah
yeah,
so
it's
basically,
this
cert
manager
board,
which
I
think
is
doing
like
the
verification
and
then
also
setting
the
correct
certificate
once
it
got,
gets
back.
I
think,
even
if
we
look
at
the
logs
for
this
one,
okay
yeah
see
this
one
didn't
get
the
dns,
yet
it
says:
look
up
gitlab
dot
domain!
No
such
host,
so
forward
wait
for
a
few
seconds,
just
run
it
with
follow.
So
we
can
see.
B
Okay,
so
we
don't
get
an
error
anymore,
maybe
yeah!
Okay,
it
got
now
nice
cool,
so
it's
up
nice
and
now
look
into
github
and
up
your
you
upload
your
license
file
but
nightly
thing.
Okay.
So
now
there
is
a
problem
that
it's
not
mentioned
in
here,
but
I
think
it's
mentioned
in
the
particular
install
box
about
how
to
actually
get
that
password.
B
B
B
B
B
B
B
B
A
C
Yeah
now
it's
just
about
to
say
that
it
all
depends
on
how
do
we
con
how
you
we
write
the
following.
I
think
the
name
space
is
not
important.
It's
just
for
if
you,
if
you
have
a
lot
of
deployments,
it's
easy
for
you
to
spot
right
because
you're
going
to
set
the
name
for
it,
but
if
you're
just
going
to
set
this
99
of
the
time
it's
going
to
be
default,
unless
they
manually
specify
the
name
of
it.
Yeah
correct
me:
if
I'm
wrong.
B
Yeah
yeah,
I
think
best
practice-
is
to
usually
set
the
name
space.
I'm
not
sure
why
exactly
we
don't
have
one
here,
but
we
we
need
to
ask
the
distribution
team.
Maybe
there
is
a
reason.
Maybe
there
is
something
that's
necessary,
because
I
also
see
it's
upgrade
install.
So
I'm
not
sure
if
that,
if
that
makes
any
difference,
but
yes,
basically,
we
at
least
need
to
mention
if
we
don't
add
the
default
namespace
that
you
may
need
to
change
the
commands
before
doing
space.
If
you
don't
add
one
that
makes
sense
yeah.
B
B
Okay,
you
should
see
that
output
similar
to
below
don't
worry
about
the
exception
asking
when
these
containers
will
not
have
access
to
the
host
clock.
Okay,
so
we
do
get
that
and
then
authorize
keys
command
is
also
no
is
expected,
is
checking
for
a
local
sa
server
which
is
actually
present
in
the
glove
shelter
deployed
elsewhere.
Okay,
so
that
that
seems
to
be
expected
cool.
B
B
B
B
B
B
B
B
B
Hash,
okay,
the
mb5
all
civil
addresses,
as
in
the
previous
example,
it
should
be
customized
to
to
pull
that
piece
of
the
class
that
would
connect
to
this
instance,
in
this
case
the
localhost
and
the
ip
of
the
secondary
chart.
But
in
my
case
I'm
already
in
that
internal
network,
so
it's
firewalled
out
from
the
outside,
so
I
can
keep
all
the
ips
allowed
in
it
and
the
same
for
the
geophysical
skill
is
going
to
be
the
same
ip.
B
B
Okay
and
then
the
password
is
used
here
to
allow
only
was
to
automate
the
postgres
configuration
cool
there.
Is
this
another
explanation
of
the
md5
votes
yeah
there
are
addresses
that
we've
discussed
for
the
primary
node,
so
this
can
be
left
as
0.0.0,
meaning
all
addresses
it's
not
best
practice.
However,
in
my
case,
I'm
on
an
internet,
or
so
that
should
be
fine
cool
once
the
configuration
above
is
prepared.
B
B
B
B
B
B
B
B
B
B
B
B
Okay,
let's
run
this
cool,
so
we've
created
the
geosecret
as
well
and
now
to
the
geosecondary
chart
deployment.
This
section
we
perform
the
secondary
kubernetes
cluster
in
order
to
deploy
this
chart.
As
you
see
when
I
will
start
from
this
example,
configuration
yeah
so
again
as
before
it
may
be
a
bit.
B
B
B
D
B
Again
for
this
one
we're
going
to
need
the
secondary
database,
let's
just
copy
the
internal
ip,
basically
as
we
did
for
the
for
the
for
the
primary
chart
and
leave
everything
else,
unchanged,
geosecondary,
node
name
so
again
for
the
node
name
as
well,
we're
going
to
use
the
one
that
we've
also
set
in
the
secondary
rb,
which
I
don't
think
it's
going
to
matter
in
the
actual
database.
But
it's
going
to
matter
here.
B
B
An
omnibus
instance,
and
it's
on
the
same
host
with
the
secondary
db,
is
going
to
be
the
same,
the
same
host,
the
same
internal
ip
and
it's
going
to
post
to
the
secondary
omnibus
instance.
But
if
you
use,
like
external
databases,
you're
going
to
want
to
point
this
to
the
tracking
database
instead
of
the
secondary
database.
As
in
here,
I
think
the
docs
are
written
with
omnibus
db's
in
mind,
which
is
why
it
uses
geo2.
B
B
D
B
B
B
B
B
B
B
B
B
B
Oh
so
we
got
the
hostname
as
well
the
certificate,
that's
awesome,
but
now
we're
redirected
to
the
sign
in.
However,
we
don't
want
that
because
this
is
the
jio
secondary.
So
we're
going
to
continue
with
the
steps
yeah.
It
says
that
wait
for
the
deployment
to
complete
an
application
will
come
online,
so
it
came
online
now
and
let's
go
to
next
step.
Add
secondary
g
instance
via
primaries.
So
now
that
both
dbs
are
configured
and
applications
are
deployed,
we
must
primary
that
the
secondary
exists
makes
sense.
B
B
That's
actually
for
the
secondary,
so
we're
going
to
add
the
secondary
suffix
and
then
for
the
name.
It's
also
mentioned
in
the
dogs
fill
in
the
name
with
the
geo,
the
global
geode
name.
The
value
must
be,
must
always
match
exactly
character
for
character.
So
I'm
just
going
to
copy
the
node
name
from
here
and
use
it
for.
Oh,
not
here,
use
it
for
name,
okay
and
then
save.
B
Cool,
so
it's
still
404
because
we've
just
added
it,
but
once
added
to
the
admin
panel,
the
secondary
instance
will
automatically
start
replicating
some
data.
Meanwhile,
the
primary
start,
25
stream
distance
of
any
changes
immediately.
Okay,
confirm
operational
status.
The
final
step
is
to
verify
that
your
application
status
on
the
secondary
instance
was
fully
configured
via
the
task:
runner
port.
Okay.
So,
let's
see
again
the
name
space
problem
we're
just
going
to
remove
the
namespace
okay,
we
got
the
pod
cube,
ctl
exec,
ti.