From dd1bb4a54160826cc63c0052cc6b7d8008476e2c Mon Sep 17 00:00:00 2001 From: Elizabeth Krumbach Joseph Date: Thu, 22 Aug 2013 17:13:42 -0700 Subject: [PATCH] Update git documentation with HAProxy details Update the documentation for our public git servers to reflect that it's now a pool of servers load balanced with HAProxy. Change-Id: Ib8bfec5cf8b339f2dfb57aaaf46d988ff32fc261 --- doc/source/git.rst | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/doc/source/git.rst b/doc/source/git.rst index f37507dcb5..18d3ca8053 100644 --- a/doc/source/git.rst +++ b/doc/source/git.rst @@ -12,6 +12,7 @@ At a Glance :Hosts: * https://git.openstack.org + * git*.openstack.org :Puppet: * :file:`modules/cgit` * :file:`modules/openstack_project/manifests/git.pp` @@ -26,14 +27,20 @@ At a Glance Overview ======== -The OpenStack git repositories are hosted on this server and served up via -https using cgit and via git:// by git-daemon. +The OpenStack git repositories are hosted on a pool of CentOS servers with the +EPEL repository that includes the cgit package. They are served up via https +using cgit and via git:// by git-daemon behind HAProxy which handles load +balancing across the nodes. -Apache is running on a CentOS 6 system with the EPEL repository that includes -the cgit package. SELinux is enabled and requires restorecon to be run against -/var/lib/git to set the appropriate SELinux security context, this is handled -by puppet. +SELinux is enabled on these nodes and requires restorecon to be run against +/var/lib/git to set the appropriate SELinux security context. SELinux rules are +also in place to allow for Apache to run on a non-standard port so it can sit +behind HAProxy. This is all handled by puppet. + +In order to mitigate potential problems with HTTP(S) responses, HAProxy is +configured using the source balance method so that every request from a single +host will be served by one backend node unless nodes are added or removed. The jeepyb script create-cgitrepos runs against projects.yaml to generate the /etc/cgitrepos file listing all the git repositories. The git repositories are -synced from the Gerrit server. +synced to all the nodes from the Gerrit server.