In GitLab 15.6, the PostgreSQL versions shipped with
have been upgraded to 12.12 and 13.8. Unless
explicitly opted out,
this can cause an automatic restart of the PostgreSQL service, and can
potentially cause downtime.
In GitLab 15.0, Omnibus GitLab ships with PostgreSQL versions 12.10 for upgrades and 13.6 for fresh installs. Because of underlying structural changes, the running PostgreSQL process must be restarted when it is upgraded before running database migrations. If automatic restart is skipped, you must run the following command before migrations are run:
# If using PostgreSQL sudo gitlab-ctl restart postgresql # If using Patroni for Database replication sudo gitlab-ctl restart patroni
If PostgreSQL is not restarted, you might face errors related to loading libraries.
Starting with GitLab 15.0,
geo-postgresql services are
automatically restarted when the PostgreSQL version changes. Restarting
PostgreSQL services causes downtime due to the temporary unavailability of the
database for operations. While this restart is mandatory for proper functioning
of the Database services, you might want more control over when the PostgreSQL
is restarted. For that purpose, you can choose to skip the automatic restarts as
gitlab-ctl reconfigure and manually restart the services.
To skip automatic restarts as part of GitLab 15.0 upgrade, perform the following steps before the upgrade:
/etc/gitlab/gitlab.rband add the following line:
# For PostgreSQL/Patroni postgresql['auto_restart_on_version_change'] = false # For Geo PostgreSQL geo_postgresql['auto_restart_on_version_change'] = false
sudo gitlab-ctl reconfigure
Starting with GitLab 15.0, the
AES256-GCM-SHA384 SSL cipher will not be allowed by
NGINX by default. If you require this cipher (for example, if you use
AWS’s Classic Load Balancer),
you can add the cipher back to the allow list by following the steps below:
/etc/gitlab/gitlab.rband add the following line to it:
nginx['ssl_ciphers'] = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:AES256-GCM-SHA384"
sudo gitlab-ctl reconfigure.
In 14.10, Gitaly introduced a new directory that holds all runtime data Gitaly requires to operate correctly. This new directory replaces the old internal socket directory, and consequentially the usage of
gitaly['internal_socket_dir'] was deprecated in favor of
gitaly['internal_socket_dir'] configuration was removed in this release.
PostgreSQL 13.6 is being shipped as the default version for fresh installs.
Users can manually upgrade to 13.6 following the upgrade docs.
Object storage now preferentially uses direct uploads.
The following keys are no longer supported in