doc/administration/cells.md
{{< details >}}
{{< /details >}}
[!disclaimer]
To test cell functionality, configure the GitLab Rails console.
[!note] This feature is available for administrators of GitLab.com only. This feature is not available for GitLab Self-Managed or GitLab Dedicated instances.
Cells 1.0 is in development. For more information about the state of cell development, see epic 12383.
To configure your GitLab instance as a Cell instance:
{{< tabs >}}
{{< tab title="Self-compiled (source)" >}}
The cells related configuration in config/gitlab.yml is in this format:
cell:
enabled: true
id: 1
database:
skip_sequence_alteration: false
topology_service_client:
address: topology-service.gitlab.example.com:443
ca_file: /home/git/gitlab/config/topology-service-ca.pem
certificate_file: /home/git/gitlab/config/topology-service-cert.pem
private_key_file: /home/git/gitlab/config/topology-service-key.pem
{{< /tab >}}
{{< tab title="Linux Package (Omnibus)" >}}
Edit /etc/gitlab/gitlab.rb and add the following lines:
gitlab_rails['cell'] = {
enabled: true,
id: 1,
database: {
skip_sequence_alteration: false
},
topology_service_client: {
enabled: true,
address: 'topology-service.gitlab.example.com:443',
ca_file: 'path/to/your/ca/.pem',
certificate_file: 'path/to/your/cert/.pem',
private_key_file: 'path/to/your/key/.pem'
}
}
Reconfigure and restart GitLab:
sudo gitlab-ctl reconfigure
sudo gitlab-ctl restart
{{< /tab >}}
{{< tab title="Helm chart" >}}
Edit gitlab_values.yaml:
global:
appConfig:
cell:
enabled: true
id: 1
database:
skipSequenceAlteration: false
topologyServiceClient:
address: "topology-service.gitlab.example.com:443"
tls:
enabled: true
Save the file and apply the new values:
helm upgrade -f gitlab_values.yaml gitlab gitlab/gitlab
{{< /tab >}}
{{< /tabs >}}
| Configuration | Default value | Description |
|---|---|---|
cell.enabled | false | To configure whether the instance is a Cell or not. false means all Cell features are disabled. session_cookie_prefix_token is not affected, and can be set separately. |
cell.id | nil | Required to be a positive integer when cell.enabled is true. Otherwise, it must be nil. This is the unique integer identifier for the cell in a cluster. This ID is used inside the routable tokens. When cell.id is nil, the other attributes inside the routable tokens, like organization_id will still be used |
cell.database.skip_sequence_alteration | false | When true, skips database sequence alteration for the cell. Enable for the legacy cell (cell-1) before the monolith cell is available for use, being tracked in this epic: Phase 6: Monolith Cell. |
cell.topology_service_client.address | "topology-service.gitlab.example.com:443" | Required when cell.enabled is true. Address and port of the topology service server. |
cell.topology_service_client.tls.enabled | true | When true, enables mTLS for communication with the topology service. This requires the cell.topology_service_client.tls.secret to be properly configured. If set to false, the connection will be made without TLS encryption. |
cell.topology_service_client.tls.secret | nil | Kubernetes TLS Secret name that contains the mTLS credentials. Required when TLS is enabled. The secret must include tls.crt and tls.key keys. If not explicitly set, defaults to <release.name>-topology-tls. This secret must be created manually; the Helm chart does not create it automatically. |
For information on how to configure other components of the cells architecture, see: