►
Description
Pairing session where we demo how we can provision Gitlab Reference Architectures automatically (by using GET as a module) from Support-Resources
Support-resources: https://gitlab.com/gitlab-com/support/support-resources
Gitlab Environment Toolkit - https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit
1K Reference Architecture in GET - https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit-configs/quality/-/blob/main/1k/terraform/environment.tf
Gitlab Reference Architectures - https://docs.gitlab.com/ee/administration/reference_architectures/
A
Okay,
so
thanks
john
for
joining
me
today,
we're
gonna
try
to
demo
the
support
resources.
Get
implementation
basically
create
a
reference.
Architecture
from
support,
resources
and
john
doesn't
have
any
experience
with
that.
So
hopefully
this
will
go
well
and
it
will
be
easy
and
we
will
run
through
any
problems
that
others
might
encounter.
A
A
A
C
A
A
A
B
A
A
B
A
B
A
A
C
A
All
right
looks
good,
just
yeah
delete
that
first
part:
okay,
cool
anything
else.
Let's
see
well
email,
but
that's
not
really
relevant.
That's
just
for
for
your
your
ssl,
so
I
mean
you
can
leave
that
in
or
we're
not
using
ssl,
either
way
so
yeah
and
then
labels,
that's
fine,
yeah,
the
rest
and
one
other
thing
that
you
need
to
replace
is
whatever
it
says.
A
Vlades
just
do
john,
but
do
ctrl
f,
so
we
can
do
it
all
over
the
place,
yeah
and
then
push
push
the
like
the
sign
that
says
bigger
than
just
before,
just
in
front
of
vlades.
There's
there's
a!
I
don't
see
your
cursor!
No,
no!
I
mean
in
the
search
box,
oh
yeah
there
and
then
yeah
just
do
john
or
yeah
and
then
replace
all
the
other
one
and
yeah.
It
should
have
replaced
all
of
them.
A
Okay
looks
good,
let's
see
just
a
second
yeah
that
one
you
can.
You
can
take
that
out,
because
that
yeah
and
then
put
another
one
at
the
end
at
the
very
end,
because
there's
multiple
configurations
as
examples,
so
you
don't
need
all
of
them.
You
just
do
the
first,
the
very
first
one
yeah,
that's
it
and
let's
go
up
again.
Hopefully
that's
the
1k
yeah
1k.
It
says
1k
in
the
in
the
title:
okay,
okay!
So
at
this
point
we
should
be.
We
should
be
erased
here.
A
A
And
this
is
it,
the
only
difference
is
that
it
says
somewhere
towards
the
middle
actually
lower
from
the
middle.
It
says
h,
a
proxy
external
blah,
blah
blah,
that's
actually
missing
in
yeah,
just
yeah
that
one
that
line
you
don't
need
to
add
that
that's
that's
just
something
that
support
resources
takes
care
of
automatically
the
way
get
works
is
you're
supposed
to
create
an
ip
address
to
actually
provide
to
your
external
aha
proxy.
A
But
that's
that's
done
in
the
background
in
support
resources.
Okay.
So
at
this
point
and
if
you,
if
you
want
to
do
like
a
10k
reference
architecture
which
is
2,
000
users
or
5
or
10,
000
users
there's
other
examples
in
there.
So
you
you
just
need
to
add
more
more
nodes,
so
elastics
elastic
node
count
would
be
three,
for
example,
for
a
10k
nfs
would
still
be
one
but
rails
nodes
would
probably
be.
B
A
A
A
A
Running
and
it's
going
to
take
about
20
minutes,
20,
something
I
I
mean
we
we've
cut
that
down
to
from
like
50.
it
used
to
be.
It
used
to
run
very
slowly
slowly,
but
let's
say
that,
for
example,
in
in
a
10k
architecture,
which
is
as
high
as
I
went
in
testing
because
it
gets
really
expensive.
After
a
certain
point,
it
spins
up
about
40
something
servers.
So
you
can
imagine
that
that
amounts
to
some
some
costs
so
yeah
and
in
this
particular
yeah
go
ahead.
B
A
A
So
one
of
the
things
that
I
wanted
to
point
out
is
so
for
a
10k,
but
okay,
some
something's
changed
since
that
benchmark.
We
actually
use
less
servers
now
by
by
five
or
something,
but
they
actually
run
run
a
test
and
having
a
10k
architecture
running
in
gcp
for
one
month
adds
up
to
something
like
seven
thousand
six
hundred
dollars
before
discounts
and
all
that
stuff
that
gitlab
gets.
But
anyway,
that's
that's
a
lot
of
money
right.
A
A
A
A
A
So
your
your
resources
will
be
running
until
your
seven
o'clock
and
after
that
they
will
be
automatically
shut
down
and
never
restarted
again.
Unless
you
do
it
manually,
you
can
instead
of
the
n
a
thing
you
can
put
there,
nine
o
nine
and
it
will
actually
restart
it
every
morning
at
nine
o'clock
and
then
shut
it
down
at
seven
in
the
evening.
So.
A
So
that
means
you,
you
are
not
specifying
starting
time.
So
that
means
that
it
will
not
start
automatically
okay,
so
you
need
so.
Let's
say:
let's
say
you
spin
up
something
now,
if
you
leave
it
like
this,
it
will
shut
down
at
your
seven
o'clock,
so
1900
hours,
okay,
yeah
yeah,
and
it
will
not
start
again.
You
need
to
start
it
manually,
so
you
actually
have
to
go
into
the
gcp
console.
A
Look
for
all
your
resources
with
the
prefix
that
we've
set
and
and
then
basically
start
them
up
to
use
them
again.
Okay,
if
you,
if
you
don't
like
that,
if
you
want
to
have
it
waiting
for
you
at
nine
o'clock
in
the
morning,
you
can
set
09
there
and
at
or
whatever
07
or
whatever
time
you
need,
and
you
can,
you
can
have
it
start
up
automatically.
A
So
it
will
start
every
morning
at
nine
o'clock,
let's
say
and
then
be
shut
down
at
seven
and
then
the
next
day,
again
at
nine
and
then
again
shut
down
it
at
seven
and
it
will
not
be
up
over
the
weekend,
so
it
that
doesn't
apply
to
week
weekend.
It
will
be
shut
down,
but
you
can
obviously
start
it
automatic
manually.
Sorry
and
there's
also
an
option.
There's
also
an
option
that
says
frugal
skip.
So
the
the
label
is
frugal.
A
Minus
skip
equals
true,
and
that
means
don't
ever
shut
this
down,
because
this
is
important.
I
need
it,
but
you
actually
have
to
go
in
there
and
add
the
label.
If
you
don't
add
a
label,
it
will
just
shut
it
down
at.
I
believe
it's
seven
or
six
in
the
afternoon
in
the
afternoon
of
so
the
time
time
zone
is
of
the
region,
gcp
region,
that
you've
chosen.
So
for
you,
it's
europe
west,
four,
which
I
think
is
in
the
netherlands.
A
A
A
I
hope
that's
right,
you
should
have
copied
it,
but
yeah.
I
think
it's
good,
and
one
thing
I
would
I
would
do
now
is.
I
would
actually
change
the
name
so
copy
the
the
name
of
the
module
so
john
little
ref
arc,
01
1k,
so
that
whole
thing-
and
I
want
to
replace
that
with
like
the
same
but
o2
just
to
change
the
name,
so
it
it
gets,
respawned,
basically
yep,
replace
all
and
then
commit.
I
think
you
you
already
canceled
the
pipeline
right.
A
Yeah,
no,
it's
good,
it's
it's
running
and
the
other
one
is
cancelled.
So
that's
that's
good.
Maybe
we
should
also
go
through
some
of
the
some
of
the
options
in
the
module
because
there's
there's
some
stuff
in
there,
not
just
the
the
resource
types.
There's
also
some
options
that
you
have
when
you're
you're
speeding
that
up.
So
let's
see
the
jlittle
machine.tf
file
again
yeah,
so
yeah
just
scroll
a
little
bit.
That's
it
so
see
where
it
says:
prefix,
that's
that's!
A
A
I
mean
that
can
be
missing
because
we
are
defaulting
to
to
the
val
to
the
support
resources
project,
but
if
you're
using
it
somewhere
else,
you
would
need
to
pass
that
the
labels
we've
discussed
so
frugal
times
frugal
hours
and
it
also
has
a
label
with
your
username
and
support
team
and
some
some
other
things,
and
you
can
add
more
if
you'd
like
the
zone
is
where
your
resources
are
located
license
path.
Obviously,
we've
just
changed.
A
We
should
have
done
this
before
we
actually
hit
commit,
but
anyway
the
first
time
the
gitlab
version
you
can
specify
it
or
you
can.
You
can
actually
leave
that
blank
and
you
will
get
the
latest
or
actually
have
it
missing.
Comment
comment
that
out
ansible
ssh,
key
and
gcp
credentials
that
just
needs
to
be
there.
You
don't
need
to
touch
that.
So
that's
it.
I
mean
that's,
that's
all
the
the
things
that
you
you
can
put
in
and
then
the
rest
of
the
stuff.
A
So
that's
in
between
those
line,
those
hash
lines.
That's
basically
taken
out
of
get
and
just
put
here
from
to
actually
define
the
the
reference
architecture,
and
then
we
define
the
the
source
of
the
of
the
module
and
that's
it
and
then
the
the
last.
The
last
part
is
the
output
that
we
need
just
so
terraform
displays
nicely
what
you've
created
and,
like
your
your
password
and
your
ips
and
dns
entries
and
all
the
other
good
stuff
yeah
if
you'd
like.
Actually
let
me
look
yeah.
A
So
that's
your
pipeline.
That's
running
now
and
I
ran
one
just
before
I
mean
it
was
running
while
we
were
still
speaking
so
that
amounted
to
37
minutes,
not
bad.
I've
seen
it
complete
in
like
32,
but
that's
as
low
as
it
gets
and
yeah
I
mean
this.
Is
the
output?
Don't
don't
be
too
scared
about
about
it?
It's
it's
easy
to
follow
along.
Actually
you
don't
you
don't
need
to
see
all
of
it.
You
can
just
go
to
the
end
and
then
there's
like
your
stuff.
Well,
I've.
A
A
It's
100
user's
license
because
I've
I've
added
a
licenses.
I
believe
that
if
you
don't,
I
actually
know
I'm
certain
that
if
you
don't
add
a
license,
it
will
fail
because
it
it
needs
it
get
requires
it
and
yeah
here.
There's
it's
basically
a
description
of
what
has
been
generated.
You
can
go
through
this
or
not.
The
useful
stuff
is
at
the
end,
but
yeah
so
for
a
10k
architecture.
A
A
C
A
B
A
Mean
you
can
do
stuff
afterwards,
so
after
you've
installed
gitlab
and
like
the
whole
stack,
you
can
actually
go
in
there
and
do
the
https
related
stuff,
but
that's
considered
a
manual
step
at
this
point,
not
sure
about
the
plans.
I
can
ask
about
that
in
the
next
get
sync,
but
yeah
I
mean
that's,
that's
a
limitation
as
far
as
I
know
for
for
right
now.
A
B
A
B
A
So
your
pipeline
is
still
running
it's
going
to
be
a
while
still,
but
I
mean
I
can
see
already
that
it's
it's
started
to
do
the
ansible
part.
So
I
know
because
I
mean
this
is
the
output
that
we
compile
and
create
and
like
this
is
the
the
ansible
configuration
files
and
then
see
it
says,
running
playbook,
that's
actually
ansible
starting
to
run
after
it's
been
configured.
A
A
A
See
so
way
more
stuff,
it's
37
37
servers
resources
which
have
firewalls
and
ip
addresses
and
a
lot
of
stuff
attached
to
them.
So
that's
why
I
mean
we.
We
kind
of
I
mean
we're
free
to
use
this,
but
we
have
to
be
mindful
of
the
the
resources
that
we're
spending
up,
so
I
mean
yeah
we
can.
We
can
go
for
example,
and
check
out
this
console
box
and
we'll
just
see
the
labels
that
we've
set
and,
like
the
the
all
the
tags
that
we're
using
in
the
firewalls
see.
A
The
another
label
is
your
your
branch,
the
branch
that
you
are
spinning
that
up
from
so
you
can
actually
go
into
the
the
the
project
and
look
that
up
and
see.
What's
up
with
that
that
branch,
if
you
find
some
resources
that
you
didn't
know,
you
had
and
then
yeah
a
bunch
of
things
that
are
also
related
to
get
and
then
owner
project
and
user.
A
B
A
C
B
C
A
B
B
A
A
Okay,
so
I
guess
I
can
also
explain
what's
going
on
here,
so
I've
said
the
the
playbooks
has
have
started
they're
actually
running
in
parallel.
There's
there's
a
way
to
do
that
in
in
get
when
running
answerable,
you
can
run
them
sequentially
or
in
parallel.
The
sequential
run
is
more
verbose.
Shows
you
more
information
like
what's
going
on
what
operations
are
are
going
on?
This
is
just
showing
you
that
it's
still
creating
the
grading
and
yeah.
It
just
says
when
it's
finished
and
successful.
A
At
the
end,
though
you,
if
your
pipeline
fails
for,
for
whatever
reason
in
the
artifacts,
you
will
have
logs
for
the
ansible
run
and
like
a
bunch
of
logs
for
terraform
as
well.
Mostly
the
issues
that
that
arise
are
from
ansible.
Terraform
is
pretty
light
in
the
sense
that
it's
done
in
like
six
minutes
and
then
the
rest
of
like
15
to
30
minutes
is
ansible
running
a
bunch
of
commands.
A
A
A
Okay,
we
used
to
use
like
a
alpine
image
and
then
install
a
bunch
of
things
that
we
needed
during
the
runtime.
Now
we're
creating
to
to
save
time
and
to
to
make
it
more
efficient.
We
actually
create
an
image
that
we
deploy,
that
has
all
the
stuff
that
we
need,
like
python,
ansible
terraform
we're
actually
installing
separately
during
the
runtime,
because
we
want
to
actually
be
able
to
set
the
the
version
from
outside,
but
like
gcloud
that
we
are,
you
know
using
for
authentication
and
stuff.
A
A
Like
reference
architectures,
you
will
need
to
upgrade
your
your
version,
so
that
means
changing
the
version
from
12
4
to
first
13.7,
just
change
the
the
version
run
it
once
it
will
update
the
state
file,
nothing
will
get
created.
It
will
just
take
a
a
short
while
and
then
go
to
14
4,
which
is
the
minimum
for
for
reference
architectures
for
for
the
get
integration,
and
then
we
see
where
we've
completed
the
run
successfully.
A
A
If
you
want
to
see
the
structure,
you
can
go
back
to
well,
you
can
download
this
whole
directory
and
go
to
ansible,
and
you
will
have
the
entire
structure
that
you
need
to
actually
run
ansible
manually.
So
you
can
download
this
and
then
go
in
your
console
to
this
location
and
then
run
ansible
playbook,
whatever
minus
all
that
whole
thing
from
from
from
the
get
instructions
and
yeah
you'll
see
in
environments,
support
resources,
inventories
you'll
see
the
vars.tml
file
inventory
files
which
I've
highlighted
in
the
pipeline
as
well.