instead of `find /usr/lib/postgresql -name pg_isready | sort | tail -n1`
for db readiness query command
To solve following error:
find /var/lib/postgresql : No such file or directory
I'm sure the directory is exists so I'm not sure why the error reported
Because this is required on runtime
and BUILD_DEPENDENCIES will be removed at the end of installation
Installation of `libyaml-dev` is written in Dockerfile
so additional installation is not reeded
if not, following error reported on runtime
> LoadError: libyaml-0.so.2: cannot open shared object file: No such or directory - /usr/local/lib/ruby/3.2.0/x86_64-linux/psych.so
This is because Ruby 3.2.0 (psych 5.0.0) or later
does not contain libyaml any more
https://github.com/ruby/psych/pull/541
Access to health check resources such as /-/liveness
is restricted to IPs specified in gitlab.monitoring.ip_whitelist
(`GITLAB_MONITORING_IP_WHITELIST`).
The name `localhost` is solved to IPv6 loopback address (::1)
that is not listed in the whitelist by default.
Possible alternate designs:
- Add IPv6 loopback to whitelist
- Disable IPv6 for gitlab container by specifying `net.ipv6.conf.all.disable_ipv6=1`
in docker-compose.yml for example
See https://github.com/sameersbn/docker-gitlab/issues/2766#issuecomment-2098030791
On upstream, expected default value is `127.0.0.1/8`
and it is already listed in corresponding configuration.
`GITLAB_MONITORING_IP_WHITELIST` is used to allow monitoring from hosts other than loopback (localhost).
So just unset default value for it.
If the value is not set, the line specifying this "additional" IP range will be removed.
When the healthcheck feature introduced, the script were generated on build time
and url was fixed to "http://localhost/-/liveness".
See pull request #2102
nginx is configured to redirect all http traffic to https when `GITLAB_HTTPS` is enabled.
(see https://github.com/sameersbn/docker-gitlab/blob/ac9e1fe/assets/runtime/config/nginx/gitlab-ssl#L41-L54),
`--location` option is set to follow the redirection.
See pull request #2165
Health check script generation has been ported to the runtime,
allowing us to dynamically generate health check URLs
while referencing configuration parameters.
See #2338
If configured correctly, the redirect will not occur and the option can be removed.
Original removal suggestion by @Gaibhne , additional (historical) research by @kkimurak.
Co-authored-by: Kazunori Kimura <kkimura@ims.ac.jp>
