commit | 516df746a84acd97467e72efd0e544182f5b685f | [log] [tgz] |
---|---|---|
author | Antonio Barone <syntonyze@gmail.com> | Wed Jan 25 13:25:26 2023 +0100 |
committer | Antonio Barone <syntonyze@gmail.com> | Wed Jan 25 13:25:26 2023 +0100 |
tree | 8a6e25ff2e37c9006a6473fc7f468bfde03f2ce3 | |
parent | 37424d4cb43f5deead52c178fb845f15a7c7e1c9 [diff] |
Improve locking mechanism The current GC script checks whether a non-stale gc.log.lock file exists before aborting the execution of the current GC. This is because another, concurrent GC process might be be executed by jgit or cgit at the same time. However, this is not enough to ensure that no other processes are performing GC. Also, jgit only creates the gc.log.lock when the GC is performed in the background and thus we cannot rely _just_ on the existence of that lockfile to abort this script's GC. Improve the locking mechanism of the GC by: - _explicitly_ locking when running this script (to ensure no concurrent runs of the GC script occur, i.e. scheduling errors) - Not only checking the gc.log.lock file, but allowing _extra_ lockfiles to be configured through the usage of the `EXTRA_GC_LOCK_FILES` environment variable. This allows to account for external GC processes that also run GC against the same repository. Change-Id: I9e56f8f7debaaf7798777061d9966e4a0a4f8f38
Those are a collection of AWS CloudFormation templates and scripts to deploy Gerrit in AWS.
The aim is to provide some guidelines and example on how to deploy different Gerrit setups in the Cloud using AWS as provider.
The goal of Gerrit AWS Templates is to provide fully-functional Gerrit installations to helps users deploying Gerrit on AWS by providing out-of-the-box templates.
With Gerrit AWS Templates, developers and administrator can create a production-ready installation on the cloud in minutes and in a repeatable way, allowing them to focus on fine tuning of the Gerrit configuration to suit the user needs.
The provided CloudFormation templates automate the entire creation and deployment of the infrastructure and the application.
To manage your AWS services via command line you will need to install AWS CLI and set it up to point to your account.
To build gerrit and related-components' images Docker
To manipulate aws cloudformation outputs jq
This is a list of external services that you might need to setup your stack and some suggestions on how to easily create them.
If you need to setup a SMTP service Amazon Simple Email Service can be used. Details how setup Amazon SES can be found here.
To correctly setup email notifications Gerrit requires ssl protocol on default port 465 to be enabled on SMTP Server. It is possible to setup Gerrit to talk to standard SMTP port 25 but by default all EC2 instances are blocking it. To enable port 25 please follow this link.
If you need a testing LDAP server you can find details on how to easily create one in the LDAP folder.
All recipes stream every log to CloudWatch. This always includes sshd_log
, httpd_log
and gc_log
.
When possible AWS resources are explicitly named so that they can be easily distinguished when querying them via the aws-cli, or the AWS UI console, so that their intent is clear.
However, AWS requires that resource names be no longer than 32 characters. For this reason we adopt a naming-convention that trades off a bit of clarity in favour of a more economical usage of characters.
Some examples:
In the Load Balancers
section:
production-P-H
stands for Load Balancer serving HTTP traffic to the Primary Gerrit
production-R-S
stands for Load Balancer serving SSH traffic to the Gerrit Replica
production-Ps-H
stands for Load Balancer serving SSH traffic to both Gerrit primary instances
In the Target Groups
section:
production-P1-H
stands for Target Group registering the Primary1 Gerrit instance listening over HTTP
production-R-GS
stands for Target Group registering the Replica Gerrit instances listening over Git and SSH
The ‘error_log’ might or might not be available depending on which version of gerrit is being deployed. From gerrit 3.3 it will always be available. Prior to that it will be available from:
When the error_log
is not available, Gerrit will still output the same content to standard error. Refer to the standard error section.
Different recipes deploy different services to ECS (please refer to the documentation of each recipe for details on what services are actually deployed).
Every ECS service will stream anything outputted to stderr to cloudwatch, to a stream name that will take the form of:
{environmentName}/{serviceName}/{taskId}
For example, given the gerrit-primary
service running task bb21cb504ca44150b770ca05e922e332
, on the test
environment, the stderr will be streamed to:
test/gerrit-primary/bb21cb504ca44150b770ca05e922e332
The task name can be found in the Amazon ECS console's Task
section.
A set of utilities to perform operational tasks is also provided. Refer to the relevant documentation for details on this.