►
Description
Pairing session where we demo how we can provision Gitlab Reference Architectures automatically (by using GET as a module) from Support-Resources
Support-resources: https://gitlab.com/gitlab-com/support/support-resources
Gitlab Environment Toolkit - https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit
1K Reference Architecture in GET - https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit-configs/quality/-/blob/main/1k/terraform/environment.tf
Gitlab Reference Architectures - https://docs.gitlab.com/ee/administration/reference_architectures/
A
Okay,
so
thanks
john
for
joining
me
today,
we're
gonna
try
to
demo
the
support
resources.
Get
implementation
basically
create
a
reference.
Architecture
from
support,
resources
and
john
doesn't
have
any
experience
with
that.
So
hopefully
this
will
go
well
and
it
will
be
easy
and
we
will
run
through
any
problems
that
others
might
encounter.
A
Yeah
thanks
for
joining
me,
do
you
mind
sharing
your
screen,
so
we
can
start
looking
at
the
project
and
example.
I
think
okay.
A
A
Yep,
it
looks
like
it
so
we're
going
to
start
from
the
example
which
is
in
the
examples
folder
in
the
repo,
the
second
one
yeah
and
then
the
very
first
one
is
get
refs.tf.
A
So
we're
going
to
grab
that
and
create
a
new
branch
with
the
content
of
this
file.
This
file
and
yeah
actually
we're
gonna,
create
them,
because
if
you're
gonna
do
it
here,
I
don't
think
it's
gonna
run
so
we're
just
gonna
create
a
new
john
l
tf
file
in
the
root
yeah,
a
new
branch.
C
A
You
already,
okay,
let's
try
this
formatting.
A
I
don't
know
you
can
put
caps
anywho,
so
we're
gonna
need
to
add
a
well
first
of
all
the
license
file.
We're
gonna
need
a
license
file
that
we're
gonna
reference
in
the
tf
file.
The
terraform
file
yeah
just
upload
that
to
the
root,
or
I
mean
just
what
whatever
we
can.
We
can
then.
A
A
B
A
A
A
Okay,
yeah
and
then
we
have
to
have.
We
have
to
put
your
ssh
key
in
there.
A
All
right:
do
you
have
another
branch
where
you
have
that
already
or.
B
A
B
A
A
C
A
Little
branch
gitlab
runner-
let's
try
that
and
there
is
the
there's
a
gitlab
instance
runner
tf
file,
the
the
one
before
last
yeah
and
there's
another
ssh
key
so
copy
that.
A
All
right
looks
good,
just
yeah
delete
that
first
part:
okay,
cool
anything
else.
Let's
see
well
email,
but
that's
not
really
relevant.
That's
just
for
for
your
your
ssl,
so
I
mean
you
can
leave
that
in
or
we're
not
using
ssl,
either
way
so
yeah
and
then
labels,
that's
fine,
yeah,
the
rest
and
one
other
thing
that
you
need
to
replace
is
whatever
it
says.
A
Vlades
just
do
john,
but
do
ctrl
f,
so
we
can
do
it
all
over
the
place,
yeah
and
then
push
push
the
like
the
sign
that
says
bigger
than
just
before,
just
in
front
of
vlades.
There's
there's
a!
I
don't
see
your
cursor!
No,
no!
I
mean
in
the
search
box,
oh
yeah
there
and
then
yeah
just
do
john
or
yeah
and
then
replace
all
the
other
one
and
yeah.
It
should
have
replaced
all
of
them.
A
Okay
looks
good,
let's
see
just
a
second
yeah
that
one
you
can.
You
can
take
that
out,
because
that
yeah
and
then
put
another
one
at
the
end
at
the
very
end,
because
there's
multiple
configurations
as
examples,
so
you
don't
need
all
of
them.
You
just
do
the
first,
the
very
first
one
yeah,
that's
it
and
let's
go
up
again.
Hopefully
that's
the
1k
yeah
1k.
It
says
1k
in
the
in
the
title:
okay,
okay!
So
at
this
point
we
should
be.
We
should
be
erased
here.
B
Is
it
what
was
the
1k
where's?
It
specified.
A
A
And
this
is
it,
the
only
difference
is
that
it
says
somewhere
towards
the
middle
actually
lower
from
the
middle.
It
says
h,
a
proxy
external
blah,
blah
blah,
that's
actually
missing
in
yeah,
just
yeah
that
one
that
line
you
don't
need
to
add
that
that's
that's
just
something
that
support
resources
takes
care
of
automatically
the
way
get
works
is
you're
supposed
to
create
an
ip
address
to
actually
provide
to
your
external
aha
proxy.
A
But
that's
that's
done
in
the
background
in
support
resources.
Okay.
So
at
this
point
and
if
you,
if
you
want
to
do
like
a
10k
reference
architecture
which
is
2,
000
users
or
5
or
10,
000
users
there's
other
examples
in
there.
So
you
you
just
need
to
add
more
more
nodes,
so
elastics
elastic
node
count
would
be
three,
for
example,
for
a
10k
nfs
would
still
be
one
but
rails
nodes
would
probably
be.
B
A
The
first
variable
it's
the
number
of
nodes,
so
it's
just
going
to
be
the
one
elastic
search,
node
and
then
elastic
machine
type.
That's
just
the
the
type
of
machine
in
gcp.
So
it's
going
to
be
an
n1
standard,
four,
which
is
something
like
two
cpus
with
16
gigs
of
ram
and
some
other
stuff.
A
B
Do
these
run
on
tcp
or
yeah.
A
A
Running
and
it's
going
to
take
about
20
minutes,
20,
something
I
I
mean
we
we've
cut
that
down
to
from
like
50.
it
used
to
be.
It
used
to
run
very
slowly
slowly,
but
let's
say
that,
for
example,
in
in
a
10k
architecture,
which
is
as
high
as
I
went
in
testing
because
it
gets
really
expensive.
After
a
certain
point,
it
spins
up
about
40
something
servers.
So
you
can
imagine
that
that
amounts
to
some
some
costs
so
yeah
and
in
this
particular
yeah
go
ahead.
B
A
You
just
you
just
comment
out
everything,
so
you
just
comment
out
and
then
submit,
and
then
it
will
de-provision
everything
yeah,
but
obviously
your
your
your
entire
setup
will
will
go
down
where
it
will
cease
to
exist.
So
don't
don't
count
on
the
persistence
of
data
or.
A
So
one
of
the
things
that
I
wanted
to
point
out
is
so
for
a
10k,
but
okay,
some
something's
changed
since
that
benchmark.
We
actually
use
less
servers
now
by
by
five
or
something,
but
they
actually
run
run
a
test
and
having
a
10k
architecture
running
in
gcp
for
one
month
adds
up
to
something
like
seven
thousand
six
hundred
dollars
before
discounts
and
all
that
stuff
that
gitlab
gets.
But
anyway,
that's
that's
a
lot
of
money
right.
A
A
So
frugal
times
it's
actually
in
the
readme,
we
actually
have
some
time.
So
if
you
want
to
go
to
the
to
the
readme,
just
click
repository.
A
And
if
you
scroll
down,
I
think
the
second
yeah
yeah
go,
keep
going,
see
frugal
program
resources,
so
those
are
some
labels
that
you
add
to
your
instances
to
basically
have
them
shut
down
when
you're,
not
working
so
by
default.
I
think
your
resource,
if
you
don't
add
the
the
labels,
you
will.
A
Yeah,
we
can
actually
see
those.
It
says:
frugal
hours
equals
non-available,
minus
19.,
none
of
it
not
available
means
you
don't
have
a
starting
hour.
So
whenever
it
will
get
shut
down,
it
will
not
be
restarted
automatically.
A
So
your
your
resources
will
be
running
until
your
seven
o'clock
and
after
that
they
will
be
automatically
shut
down
and
never
restarted
again.
Unless
you
do
it
manually,
you
can
instead
of
the
n
a
thing
you
can
put
there,
nine
o
nine
and
it
will
actually
restart
it
every
morning
at
nine
o'clock
and
then
shut
it
down
at
seven
in
the
evening.
So.
A
So
that
means
you,
you
are
not
specifying
starting
time.
So
that
means
that
it
will
not
start
automatically
okay,
so
you
need
so.
Let's
say:
let's
say
you
spin
up
something
now,
if
you
leave
it
like
this,
it
will
shut
down
at
your
seven
o'clock,
so
1900
hours,
okay,
yeah
yeah,
and
it
will
not
start
again.
You
need
to
start
it
manually,
so
you
actually
have
to
go
into
the
gcp
console.
A
Look
for
all
your
resources
with
the
prefix
that
we've
set
and
and
then
basically
start
them
up
to
use
them
again.
Okay,
if
you,
if
you
don't
like
that,
if
you
want
to
have
it
waiting
for
you
at
nine
o'clock
in
the
morning,
you
can
set
09
there
and
at
or
whatever
07
or
whatever
time
you
need,
and
you
can,
you
can
have
it
start
up
automatically.
A
So
it
will
start
every
morning
at
nine
o'clock,
let's
say
and
then
be
shut
down
at
seven
and
then
the
next
day,
again
at
nine
and
then
again
shut
down
it
at
seven
and
it
will
not
be
up
over
the
weekend,
so
it
that
doesn't
apply
to
week
weekend.
It
will
be
shut
down,
but
you
can
obviously
start
it
automatic
manually.
Sorry
and
there's
also
an
option.
There's
also
an
option
that
says
frugal
skip.
So
the
the
label
is
frugal.
A
Minus
skip
equals
true,
and
that
means
don't
ever
shut
this
down,
because
this
is
important.
I
need
it,
but
you
actually
have
to
go
in
there
and
add
the
label.
If
you
don't
add
a
label,
it
will
just
shut
it
down
at.
I
believe
it's
seven
or
six
in
the
afternoon
in
the
afternoon
of
so
the
time
time
zone
is
of
the
region,
gcp
region,
that
you've
chosen.
So
for
you,
it's
europe
west,
four,
which
I
think
is
in
the
netherlands.
A
So
it
would
be
six
o'clock,
netherlands
time
it
will
be
shut
down
and
then
restarted
at
nine,
and
that's
that's
the
default
behavior.
So
if
you
don't
add
anything,
your
resources
will
be
shut
down
at
six
and
restart
it
at
nine.
B
A
Yeah
yeah
you're
right,
it's
probably
gonna
fail.
So
that's
that's
a
that's
a
good
thing
to
to
point
out
yeah.
We
need
to
add
the
the
proper
path.
A
I
hope
that's
right,
you
should
have
copied
it,
but
yeah.
I
think
it's
good,
and
one
thing
I
would
I
would
do
now
is.
I
would
actually
change
the
name
so
copy
the
the
name
of
the
module
so
john
little
ref
arc,
01
1k,
so
that
whole
thing-
and
I
want
to
replace
that
with
like
the
same
but
o2
just
to
change
the
name,
so
it
it
gets,
respawned,
basically
yep,
replace
all
and
then
commit.
I
think
you
you
already
canceled
the
pipeline
right.
A
A
Yeah,
no,
it's
good,
it's
it's
running
and
the
other
one
is
cancelled.
So
that's
that's
good.
Maybe
we
should
also
go
through
some
of
the
some
of
the
options
in
the
module
because
there's
there's
some
stuff
in
there,
not
just
the
the
resource
types.
There's
also
some
options
that
you
have
when
you're
you're
speeding
that
up.
So
let's
see
the
jlittle
machine.tf
file
again
yeah,
so
yeah
just
scroll
a
little
bit.
That's
it
so
see
where
it
says:
prefix,
that's
that's!
A
Actually
the
name
of
the
of
your
resource
stack,
so
that's
gonna
be
be
if
you're
looking
for
your
resources
in
the
gcp
console
you're
going
to
be
looking
for
that,
then
the
project
you're
passing
the
the
support
resources,
gcp
project.
I
think
that's
also.
A
I
mean
that
can
be
missing
because
we
are
defaulting
to
to
the
val
to
the
support
resources
project,
but
if
you're
using
it
somewhere
else,
you
would
need
to
pass
that
the
labels
we've
discussed
so
frugal
times
frugal
hours
and
it
also
has
a
label
with
your
username
and
support
team
and
some
some
other
things,
and
you
can
add
more
if
you'd
like
the
zone
is
where
your
resources
are
located
license
path.
Obviously,
we've
just
changed.
A
We
should
have
done
this
before
we
actually
hit
commit,
but
anyway
the
first
time
the
gitlab
version
you
can
specify
it
or
you
can.
You
can
actually
leave
that
blank
and
you
will
get
the
latest
or
actually
have
it
missing.
Comment
comment
that
out
ansible
ssh,
key
and
gcp
credentials
that
just
needs
to
be
there.
You
don't
need
to
touch
that.
So
that's
it.
I
mean
that's,
that's
all
the
the
things
that
you
you
can
put
in
and
then
the
rest
of
the
stuff.
A
So
that's
in
between
those
line,
those
hash
lines.
That's
basically
taken
out
of
get
and
just
put
here
from
to
actually
define
the
the
reference
architecture,
and
then
we
define
the
the
source
of
the
of
the
module
and
that's
it
and
then
the
the
last.
The
last
part
is
the
output
that
we
need
just
so
terraform
displays
nicely
what
you've
created
and,
like
your
your
password
and
your
ips
and
dns
entries
and
all
the
other
good
stuff
yeah
if
you'd
like.
Actually
let
me
look
yeah.
A
A
So
that's
your
pipeline.
That's
running
now
and
I
ran
one
just
before
I
mean
it
was
running
while
we
were
still
speaking
so
that
amounted
to
37
minutes,
not
bad.
I've
seen
it
complete
in
like
32,
but
that's
as
low
as
it
gets
and
yeah
I
mean
this.
Is
the
output?
Don't
don't
be
too
scared
about
about
it?
It's
it's
easy
to
follow
along.
Actually
you
don't
you
don't
need
to
see
all
of
it.
You
can
just
go
to
the
end
and
then
there's
like
your
stuff.
Well,
I've.
A
A
It's
100
user's
license
because
I've
I've
added
a
licenses.
I
believe
that
if
you
don't,
I
actually
know
I'm
certain
that
if
you
don't
add
a
license,
it
will
fail
because
it
it
needs
it
get
requires
it
and
yeah
here.
There's
it's
basically
a
description
of
what
has
been
generated.
You
can
go
through
this
or
not.
The
useful
stuff
is
at
the
end,
but
yeah
so
for
a
10k
architecture.
A
So
that's
how
I
know
it's
like
there's
three
console
nodes
and
then
there's
three
elastic
nodes
and
then
italy,
three
digitally
nodes
and
then
a
gitlab
nfs
node.
A
So
four
gitly
rails
nodes,
an
h
proxy,
an
external
hd
proxy
and
then
an
internal
hg
proxy.
A
One
prefect
postgres
so
the
db
for
for
prefect
three
redis
cache
nodes.
A
A
C
A
It's
http
get,
doesn't
support
https,
yet
so
that's
a
that's!
A
limitation
on
gets
part.
So
each
it's
http.
If
you,
if
you
look.
A
Yeah,
it's
http,
it's
not
https,
see
the
it's
okay.
B
A
Mean
you
can
do
stuff
afterwards,
so
after
you've
installed
gitlab
and
like
the
whole
stack,
you
can
actually
go
in
there
and
do
the
https
related
stuff,
but
that's
considered
a
manual
step
at
this
point,
not
sure
about
the
plans.
I
can
ask
about
that
in
the
next
get
sync,
but
yeah
I
mean
that's,
that's
a
limitation
as
far
as
I
know
for
for
right
now.
A
B
A
B
A
So
your
pipeline
is
still
running
it's
going
to
be
a
while
still,
but
I
mean
I
can
see
already
that
it's
it's
started
to
do
the
ansible
part.
So
I
know
because
I
mean
this
is
the
output
that
we
compile
and
create
and
like
this
is
the
the
ansible
configuration
files
and
then
see
it
says,
running
playbook,
that's
actually
ansible
starting
to
run
after
it's
been
configured.
A
A
And
there's
your
resources
right.
This
has
been
generated
in
comparison.
I
can
also
show
you
mine,
which
is
10k.
Yours
is
only
1k,
so
you
saw
it's
only
one
elastic
one
rails,
one
nfs
and
so
on,
and
so
on,
actually
not
that
one
and
so
on
and
so
forth.
But
I
think
it
looks.
A
See
so
way
more
stuff,
it's
37
37
servers
resources
which
have
firewalls
and
ip
addresses
and
a
lot
of
stuff
attached
to
them.
So
that's
why
I
mean
we.
We
kind
of
I
mean
we're
free
to
use
this,
but
we
have
to
be
mindful
of
the
the
resources
that
we're
spending
up,
so
I
mean
yeah
we
can.
We
can
go
for
example,
and
check
out
this
console
box
and
we'll
just
see
the
labels
that
we've
set
and,
like
the
the
all
the
tags
that
we're
using
in
the
firewalls
see.
A
So
I
have
frugal
skip
set
to
true,
because
that's
that's
how
I
set
it
in
my
in
my
here
my
code,
but
yours
will
be
not
available
19,
so
it
will
be
shut
down.
A
The
another
label
is
your
your
branch,
the
branch
that
you
are
spinning
that
up
from
so
you
can
actually
go
into
the
the
the
project
and
look
that
up
and
see.
What's
up
with
that
that
branch,
if
you
find
some
resources
that
you
didn't
know,
you
had
and
then
yeah
a
bunch
of
things
that
are
also
related
to
get
and
then
owner
project
and
user.
A
B
Actually
share
my
desk
top
one
second
just
to
get
to
the
same
position
as
you
sorry
can
you
repeat,
can
I
share
my
desktop,
so
I
can
get
to
the
same
screen
that
you
are.
A
C
A
B
C
A
Now
the
only
thing
would
be
for
the
the
pipeline
to
complete.
I
think
it's
gonna
be
a
like
five
more
minutes.
I
don't
know,
do
you
have
to
jump
or
yeah.
B
A
I
can
I
can
hang
on
the
line
and
until
it
it
finishes,
even
if
you
have
to
drop-
and
I
mean
for
the
sake
of
those
following
along
just
just
to
show
them
the
pipeline
completed
and
what
the
output
looks
like.
B
A
A
Okay,
so
I
guess
I
can
also
explain
what's
going
on
here,
so
I've
said
the
the
playbooks
has
have
started
they're
actually
running
in
parallel.
There's
there's
a
way
to
do
that
in
in
get
when
running
answerable,
you
can
run
them
sequentially
or
in
parallel.
The
sequential
run
is
more
verbose.
Shows
you
more
information
like
what's
going
on
what
operations
are
are
going
on?
This
is
just
showing
you
that
it's
still
creating
the
grading
and
yeah.
It
just
says
when
it's
finished
and
successful.
A
At
the
end,
though
you,
if
your
pipeline
fails
for,
for
whatever
reason
in
the
artifacts,
you
will
have
logs
for
the
ansible
run
and
like
a
bunch
of
logs
for
terraform
as
well.
Mostly
the
issues
that
that
arise
are
from
ansible.
Terraform
is
pretty
light
in
the
sense
that
it's
done
in
like
six
minutes
and
then
the
rest
of
like
15
to
30
minutes
is
ansible
running
a
bunch
of
commands.
A
A
Interest,
another
thing
that
would
be
interesting
to
see
is
the
configuration
files
that
were
generated,
so
these
would
be
the
ones
that
get
is
also
referencing
when
saying
to
so
create
a
var
that
yamo
file
in
the
documentation.
A
Yeah
so
inventory
cb
ammo,
and
this
is
the
content
of
that
and
again
you
will
find
those
in
the
in
the
artifacts.
A
So
essentially,
if
you're
trying
to
start
up
using
get,
you
can
use
this
as
a
as
a
baseline
as
a
reference
point
to
kind
of
see
what
it
it's
supposed
to
be
configured
as
and
the
structure
of
the
files
and
then
do
your
own
manually
do
like
the
terraform
run
and
then
the
answer
will
run
and
create
that
that
structure,
because
I
know
a
lot
of
people
struggle
with
that
in
the
beginning.
A
One
thing
that
I
I
should
also
point
out:
I
don't
know
if
we
can
still
see
that
yeah
we
can,
we
can
still
see
it.
We
are
now
using
a
custom
image.
A
Okay,
we
used
to
use
like
a
alpine
image
and
then
install
a
bunch
of
things
that
we
needed
during
the
runtime.
Now
we're
creating
to
to
save
time
and
to
to
make
it
more
efficient.
We
actually
create
an
image
that
we
deploy,
that
has
all
the
stuff
that
we
need,
like
python,
ansible
terraform
we're
actually
installing
separately
during
the
runtime,
because
we
want
to
actually
be
able
to
set
the
the
version
from
outside,
but
like
gcloud
that
we
are,
you
know
using
for
authentication
and
stuff.
A
A
Nope,
just
a
little
bit
left,
maybe
two
or
three
minutes,
and
then
I
just
want
to
look
really
briefly
at
the
artifacts,
since
I've
mentioned
it
and
the
structure
in
there,
okay,
so
post
configure
that
will
take
about
one
minute
so
and
then
we'll
see
the
output
and
the
artifacts
structure.
A
Another
thing
that
I
might
want
to
mention
is
that,
if
you're
using
an
older
version
of
terraform-
let's
say
12
4
and
you
have
instances
that
are
spun
up
on
there
and
you
want
to
upgrade
to
the
to
use
the
version
of
terraform
that
actually
allows
you
to
to
do
this
kind
of
stuff.
A
Like
reference
architectures,
you
will
need
to
upgrade
your
your
version,
so
that
means
changing
the
version
from
12
4
to
first
13.7,
just
change
the
the
version
run
it
once
it
will
update
the
state
file,
nothing
will
get
created.
It
will
just
take
a
a
short
while
and
then
go
to
14
4,
which
is
the
minimum
for
for
reference
architectures
for
for
the
get
integration,
and
then
we
see
where
we've
completed
the
run
successfully.
A
A
If
you
want
to
see
the
structure,
you
can
go
back
to
well,
you
can
download
this
whole
directory
and
go
to
ansible,
and
you
will
have
the
entire
structure
that
you
need
to
actually
run
ansible
manually.
So
you
can
download
this
and
then
go
in
your
console
to
this
location
and
then
run
ansible
playbook,
whatever
minus
all
that
whole
thing
from
from
from
the
get
instructions
and
yeah
you'll
see
in
environments,
support
resources,
inventories
you'll
see
the
vars.tml
file
inventory
files
which
I've
highlighted
in
the
pipeline
as
well.
A
Form
environments-
well
not
here
modules.
A
A
A
A
Yeah
you
can
find
that
in
the
in
the
artifacts,
so
yeah,
that's
it.
If
you
have
any
questions,
please
feel
free
to
contact
me
and
I
will
set
up
parents
session
or
answer
your
questions.
Thanks,
bye.