BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
b21995c6
Commit
b21995c6
authored
Jun 19, 2017
by
Ben Bodenmiller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
clarify NFS option details
parent
f01c5d86
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
26 additions
and
20 deletions
+26
-20
nfs.md
doc/administration/high_availability/nfs.md
+26
-20
No files found.
doc/administration/high_availability/nfs.md
View file @
b21995c6
# NFS
## Required NFS Server features
You can view information and options set for each of the mounted NFS file
systems by running
`sudo nfsstat -m`
.
## NFS Server features
### Required features
**File locking**
: GitLab
**requires**
advisory file locking, which is only
supported natively in NFS version 4. NFSv3 also supports locking as long as
Linux Kernel 2.6.5+ is used. We recommend using version 4 and do not
specifically test NFSv3.
### Recommended options
When you define your NFS exports, we recommend you also add the following
options:
-
`no_root_squash`
- NFS normally changes the
`root`
user to
`nobody`
. This is
a good security measure when NFS shares will be accessed by many different
users. However, in this case only GitLab will use the NFS share so it
is safe. GitLab recommends the
`no_root_squash`
setting because we need to
manage file permissions automatically. Without the setting you may receive
errors when the Omnibus package tries to alter permissions. Note that GitLab
and other bundled components do
**not**
run as
`root`
but as non-privileged
users. The recommendation for
`no_root_squash`
is to allow the Omnibus package
to set ownership and permissions on files, as needed.
-
`sync`
- Force synchronous behavior. Default is asynchronous and under certain
circumstances it could lead to data loss if a failure occurs before data has
synced.
## AWS Elastic File System
GitLab does not recommend using AWS Elastic File System (EFS).
...
...
@@ -26,27 +49,10 @@ GitLab does not recommend using EFS with GitLab.
For more details on another person's experience with EFS, see
[
Amazon's Elastic File System: Burst Credits
](
https://www.rawkode.io/2017/04/amazons-elastic-file-system-burst-credits/
)
### Recommended options
When you define your NFS exports, we recommend you also add the following
options:
-
`no_root_squash`
- NFS normally changes the
`root`
user to
`nobody`
. This is
a good security measure when NFS shares will be accessed by many different
users. However, in this case only GitLab will use the NFS share so it
is safe. GitLab recommends the
`no_root_squash`
setting because we need to
manage file permissions automatically. Without the setting you may receive
errors when the Omnibus package tries to alter permissions. Note that GitLab
and other bundled components do
**not**
run as
`root`
but as non-privileged
users. The recommendation for
`no_root_squash`
is to allow the Omnibus package
to set ownership and permissions on files, as needed.
-
`sync`
- Force synchronous behavior. Default is asynchronous and under certain
circumstances it could lead to data loss if a failure occurs before data has
synced.
## NFS Client mount options
Below is an example of an NFS mount point we use on GitLab.com:
Below is an example of an NFS mount point defined in
`/etc/fstab`
we use on
GitLab.com:
```
10.1.1.1:/var/opt/gitlab/git-data /var/opt/gitlab/git-data nfs4 defaults,soft,rsize=1048576,wsize=1048576,noatime,nobootwait,lookupcache=positive 0 2
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment