add example setups to mirroring doc; also other fixups

This commit is contained in:
Sitaram Chamarty 2011-08-28 21:49:25 +05:30
parent e139be927a
commit 7c8c5a899b

View file

@ -26,6 +26,11 @@ In this document:
* <a href="#_details">details</a> * <a href="#_details">details</a>
* <a href="#_the_conf_gitolite_conf_file">the `conf/gitolite.conf` file</a> * <a href="#_the_conf_gitolite_conf_file">the `conf/gitolite.conf` file</a>
* <a href="#_redirecting_pushes">redirecting pushes</a> * <a href="#_redirecting_pushes">redirecting pushes</a>
* <a href="#_example_setups">example setups</a>
* <a href="#_non_autonomous">non-autonomous</a>
* <a href="#_non_autonomous_with_local_repos">non-autonomous with local repos</a>
* <a href="#_semi_autonomous">semi-autonomous</a>
* <a href="#_autonomous">autonomous</a>
* <a href="#_discussion">discussion</a> * <a href="#_discussion">discussion</a>
* <a href="#_problems_with_the_old_mirroring_model">problems with the old mirroring model</a> * <a href="#_problems_with_the_old_mirroring_model">problems with the old mirroring model</a>
* <a href="#_the_new_mirroring_model">the new mirroring model</a> * <a href="#_the_new_mirroring_model">the new mirroring model</a>
@ -38,26 +43,45 @@ In this document:
### why ### why
This document is useful if: Gitolite's mirroring used to be very rigid -- one master, any number of
slaves, but the slaves are identical copies of the master. No variations
allowed.
* you have multiple repositories spread across multiple sites around the It's now been reworked to be much more flexible, to cater to almost any kind
country/world, and would like developers to access their local server of setup you need. Here're some advantages:
* **faster reads for everyone**: host a slave in every city you have a
sizable number of developers in, and have them access their local server
instead of hitting the WAN, at least for 'fetch' operations. instead of hitting the WAN, at least for 'fetch' operations.
* you don't want all your repos mirrored to all the servers for various * **faster writes for most devs**: one server doesn't have to be the master
reasons, technical or otherwise (epecially true when some of the mirrors for all repos! You can choose where a repo gets "mastered" based on where
don't belong to you). the majority of that repo's users are.
* you want some mirrors to be updated only at certain times of the day, This was the single biggest motivation for the re-work of gitolite's
(with a simple command), instead of every time a push happens. mirroring; the rest of the cool stuff just happened as this feature took
shape.
* you don't want *one* server being the master server for *all* repos; * **transparent writes**: if all the mirrors are in your control (i.e., you
instead you want to choose where a repo gets "mastered" based on where the trust their authentication) pushes to a slave can be transparently
majority of that repo's users are. redirected to the master, so developers simply access their local server
for everything. They don't need to know where the master is, so they're
insulated from any changes you make behind the scenes.
* you might even, if your servers are all in your control, want the * **partial mirroring**: all repos don't have to go all mirrors. You can
convenience of them *pushing to a mirror*, and having the push redirect choose not to mirror a repo at all, or mirror it only to certain servers.
transparently to the master server. This could be due to any reason: repo too big/high-traffic for the server,
repo has crypto code and the server is in a non-free country, repo has no
local users at that site, or (in autonomous setups) the server admin
simply doesn't want to mirror this specific repo.
* **late mirroring**: if you're ok with the lag, you can have some mirrors
updated only at certain times of the day, (with a simple command), instead
of every time a push happens.
* **autonomous mirrors**: finally, your mirrors don't have to be totally
under your control. They can be owned by someone else, and you negotiate
your mirroring with them.
As you can see, this is a bit more than a backup solution ;-) As you can see, this is a bit more than a backup solution ;-)
@ -75,6 +99,9 @@ Corollary: if the primary went down and you effected a changeover, you must
make sure that the primary does not come up in a push-enabled mode when it make sure that the primary does not come up in a push-enabled mode when it
recovers. recovers.
**Getting around rule number one**: see the section on "redirecting pushes"
later.
<a name="_IMPORTANT_cautions"></a> <a name="_IMPORTANT_cautions"></a>
### IMPORTANT cautions ### IMPORTANT cautions
@ -133,7 +160,8 @@ Servers can host 3 kinds of repos: master, slave, and local.
"master" server is a **native** repo, on slaves it is "non-native". "master" server is a **native** repo, on slaves it is "non-native".
* A **slave** repo cannot be pushed to by a user. It will only accept * A **slave** repo cannot be pushed to by a user. It will only accept
pushes from a master server. (But see later for an exception). pushes from a master server. (Exception: see the "redirecting pushes"
section later)
* A **local** repo is not involved in mirroring at all, in either direction. * A **local** repo is not involved in mirroring at all, in either direction.
@ -152,6 +180,10 @@ and 'gollum' as examples here.
machines with the appropriate names. I.e., frodo should have sam.pub and machines with the appropriate names. I.e., frodo should have sam.pub and
gollum.pub, etc. gollum.pub, etc.
**Warning**: server keys are different from user keys. Do NOT attempt to
(re-)use a server key for normal gitolite operations, as if the server
were a normal "user"; it won't work.
2. Install gitolite on all servers, under some 'hosting user' (we'll use 2. Install gitolite on all servers, under some 'hosting user' (we'll use
`git` in our examples here). You need not use the same hosting user on `git` in our examples here). You need not use the same hosting user on
all machines. all machines.
@ -182,6 +214,14 @@ and 'gollum' as examples here.
the 'gitolite.mirror.master' config variable set. (See 'details' section the 'gitolite.mirror.master' config variable set. (See 'details' section
below for more info on this variable). below for more info on this variable).
<font color="gray">
> If you wish, you can also add this hostname information to the
> `GL_SITE_INFO` variable in the rc file. See the rc file documentation
> for more on that.
</font>
5. On each machine, add the keys for all other machines. For example, on 5. On each machine, add the keys for all other machines. For example, on
frodo you'd run these two commands: frodo you'd run these two commands:
@ -224,23 +264,6 @@ allows you to create them from within the gitolite.conf file so that's
convenient), and use these to specify which machine is the master and which convenient), and use these to specify which machine is the master and which
machines are slaves for the repo. machines are slaves for the repo.
<font color="gray">
> Side note: if you just want to **simulate the old mirroring scheme**,
> despite its limitations, it's very easy. Say frodo is the master for all
> repos, and the other 2 are slaves. Just clone the gitolite-admin repos of
> all servers, add these lines to the top of each:
repo @all
config gitolite.mirror.master = "frodo"
config gitolite.mirror.slaves = "sam gollum"
> then commit, and push all 3. Finally, make a dummy commit on just the
> frodo clone and push again. At this point you can do a one-time manual
> sync (see Appendix A) if you wish but otherwise you're done.
</font>
Let's say frodo and sam are internal servers, while gollum is an external (and Let's say frodo and sam are internal servers, while gollum is an external (and
therefore less trusted) server that has agreed to help us out by mirroring one therefore less trusted) server that has agreed to help us out by mirroring one
of our high traffic repos. We want the following setup: of our high traffic repos. We want the following setup:
@ -484,6 +507,9 @@ incoming non-native push from a developer. Otherwise, it contains a list of
slaves that are permitted to redirect pushes (this might happen if you don't slaves that are permitted to redirect pushes (this might happen if you don't
trust some of your slaves enough to accept a redirected push from them). trust some of your slaves enough to accept a redirected push from them).
**Warning**: like `gitolite.mirror.slaves`, this key also should have only
hosts, no keys, in it.
This check needs to pass on both the master and slave servers; both have a say This check needs to pass on both the master and slave servers; both have a say
in deciding if this is allowed. (The master may have real reasons not to in deciding if this is allowed. (The master may have real reasons not to
allow this; see below. I cannot think of any real reason for the *slave* to allow this; see below. I cannot think of any real reason for the *slave* to
@ -521,6 +547,115 @@ There are some potential issues that you MUST consider before enabling this:
Ideally, I recommend that ad hoc repos not be mirrored at all. Keep Ideally, I recommend that ad hoc repos not be mirrored at all. Keep
mirroring for "blessed" repos only. mirroring for "blessed" repos only.
<a name="_example_setups"></a>
### example setups
Here is a sample of what is possible.
<a name="_non_autonomous"></a>
#### non-autonomous
In this setup, the slave server is under the same "management" as the master.
All repos, including gitolite-admin are mirrored, and *each slave is an exact
replica of the master*. Since the admin repo is mirrored, authentication info
is identical across all servers, and it is safe to use redirected pushes.
(This was the only type of mirroring possible in the old mirroring code in
gitolite).
Install gitolite on all servers. Then add these lines to the top of all admin
repos and push them all. This sets up the config for mirroring all repos.
repo @all
config gitolite.mirror.master = "frodo"
config gitolite.mirror.slaves = "sam gollum"
Once they're all pushed, sync the admin repo once:
# on master server
gl-mirror-shell request-push gitolite-admin
Since authentication is also being mirrored, you can take advantage of
redirected pushing if you wish:
repo @all
config gitolite.mirror.redirectOK = "true"
<a name="_non_autonomous_with_local_repos"></a>
#### non-autonomous with local repos
As above, but you want to allow each slave server to have some repos be
"local" to the server (not be mirrored), for whatever reason. Different slaves
may have different needs, so this really means that the same gitolite.conf
should behave differently on each server -- something which till now was
impossible.
Well what's life without a new feature once in a while? The string "HOSTNAME"
is now specially treated in an include filename. If it is seen without any
alphanumeric characters or underscores next to it on either side, it is
replaced by the value of `$GL_HOSTNAME`.
Setup the config as in the previous setup except that you shouldn't use repo
@all now; instead, you'll have to name the repos to be mirrored in some way.
Make sure gitolite-admin is in this list. Complete the mirror setup (including
the first-time sync command) like before.
Now add the line include "HOSTNAME.conf" to the end of conf/gitolite.conf, and
create new files, conf/frodo.conf, conf/sam.conf, etc., with appropriate
content.
That's it. When this config is pushed, each machine will have an effective
config that consists of the main file, with the correct HOSTNAME.conf included
(and all the others ignored) when the include statement is reached.
<a name="_semi_autonomous"></a>
#### semi-autonomous
So far, the "central" admin still has control over the gitolite.conf file and
all repos created. Sometimes it's easier to give control over parts of the
configuration to people at the mirror sites. To keep it simple, each admin
will be able to do whatever they want to directories within a subdirectory of
the same name as the hostname.
You can combine the "HOSTNAME" feature above with [delegation][deldoc]. Let's
say the admin for sam is a user called "gamgee", and the admin for gollum is
"smeagol".
[deldoc]: http://sitaramc.github.com/gitolite/doc/delegation.html
Add this to your conf file:
@sam = sam/..*
@gollum = gollum/..*
Then use NAME/ rules (see the delegation doc for details) and allow gamgee to
write only conf/sam.conf, and smeagol to write only conf/gollum.conf.
Now in the main config file, at the end (or wherever you wish), add one line:
subconf "HOSTNAME.conf"
<a name="_autonomous"></a>
#### autonomous
In many ways this is the simplest setup.
The slave server belongs to someone else. Their admin has final say on what
goes into their gitolite-admin repo and thus their server's config. The
gitolite-admin repo is NOT mirrored, and mirroring of individual repos (i.e.,
actual config lines included) is by negotiation/agreement between the admins.
Authentication info is not common. The master has no real control over who can
read the repos on the slave. Allowing redirected pushes is not a good idea,
unless you have other means of trust (administrative, contractual, legal,
etc.)
Best for open source projects with heavy "fetch" load compared to "push".
<a name="_discussion"></a> <a name="_discussion"></a>
### discussion ### discussion