Configure the GitLab chart with an external database
For a production-ready GitLab chart deployment, use an external database.
Prerequisites:
- A deployment of PostgreSQL 14 or later. If you do not have one, consider a cloud provided solution like AWS RDS PostgreSQL or GCP Cloud SQL. For an alternative solution, consider the Linux package.
- An empty database named
gitlabhq_productionby default. - A user with full database access. See the external database documentation for details.
- A Kubernetes Secret with the password for the database user.
- The
pg_trgmandbtree_gistextensions. If you don’t provide an account with the Superuser flag to GitLab, ensure these extensions are loaded prior to proceeding with the database installation.
Networking prerequisites:
Ensure that the database is reachable from the cluster. Be sure that your firewall policies allow traffic.
If you plan to use PostgreSQL as a load balancing cluster and Kubernetes DNS for service discovery, when you install the
bitnami/postgresqlchart, use--set slave.service.clusterIP=None. This setting configures the PostgreSQL secondary service as a headless service to allow DNSArecords to be created for each secondary instance.For an example of how to use Kubernetes DNS for service discovery, see
examples/database/values-loadbalancing-discover.yaml.
To configure the GitLab chart to use an external database:
Set the following parameters:
postgresql.install: Set tofalseto disable the embedded database.global.psql.host: Set to the hostname of the external database, can be a domain or an IP address.global.psql.password.secret: The name of the secret that contains the database password for thegitlabuser.global.psql.password.key: Within the secret, the key that contains the password.
Optional. The following items can be further customized if you are not using the defaults:
global.psql.port: The port the database is available on. Defaults to5432.global.psql.database: The name of the database.global.psql.username: The user with access to the database.
Optional. If you use a mutual TLS connection to the database, set the following:
global.psql.ssl.secret: A secret that contains the client certificate, key, and certificate authority.global.psql.ssl.serverCA: In the secret, the key that refers to the certificate authority (CA).global.psql.ssl.clientCertificate: In the secret, the key that refers to the client certificate.global.psql.ssl.clientKey: In the secret, the client.
When you deploy the GitLab chart, add the values by using the
--setflag. For example:helm install gitlab gitlab/gitlab --set postgresql.install=false --set global.psql.host=psql.example --set global.psql.password.secret=gitlab-postgresql-password --set global.psql.password.key=postgres-password
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support