2016-09-25 06:16:14 -04:00
|
|
|
# Health Check
|
|
|
|
|
|
2017-04-25 05:19:43 -04:00
|
|
|
>**Notes:**
|
|
|
|
|
- Liveness and readiness probes were [introduced][ce-10416] in GitLab 9.1.
|
|
|
|
|
- The `health_check` endpoint was [introduced][ce-3888] in GitLab 8.8 and will
|
|
|
|
|
be deprecated in GitLab 9.1. Read more in the [old behavior](#old-behavior)
|
|
|
|
|
section.
|
2017-07-06 06:43:43 -04:00
|
|
|
- [Access token](#access-token) has been deprecated in GitLab 9.4
|
|
|
|
|
in favor of [IP Whitelist](#ip-whitelist)
|
2017-04-25 05:19:43 -04:00
|
|
|
|
|
|
|
|
GitLab provides liveness and readiness probes to indicate service health and
|
|
|
|
|
reachability to required services. These probes report on the status of the
|
|
|
|
|
database connection, Redis connection, and access to the filesystem. These
|
|
|
|
|
endpoints [can be provided to schedulers like Kubernetes][kubernetes] to hold
|
|
|
|
|
traffic until the system is ready or restart the container as needed.
|
2016-09-25 06:16:14 -04:00
|
|
|
|
2017-07-03 16:41:33 -04:00
|
|
|
## IP Whitelist
|
|
|
|
|
|
|
|
|
|
To access monitoring resources client IP needs to be included in the whitelist.
|
|
|
|
|
To add or remove hosts or ip ranges from the list you can edit `gitlab.yml`.
|
|
|
|
|
|
|
|
|
|
Example whitelist configuration:
|
|
|
|
|
```yaml
|
|
|
|
|
monitoring:
|
|
|
|
|
ip_whitelist:
|
|
|
|
|
- 127.0.0.0/8 # by default only local IPs are allowed to access monitoring resources
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Access Token (Deprecated)
|
2016-09-25 06:16:14 -04:00
|
|
|
|
2017-04-25 05:19:43 -04:00
|
|
|
An access token needs to be provided while accessing the probe endpoints. The current
|
|
|
|
|
accepted token can be found under the **Admin area ➔ Monitoring ➔ Health check**
|
|
|
|
|
(`admin/health_check`) page of your GitLab instance.
|
2016-09-25 06:16:14 -04:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The access token can be passed as a URL parameter:
|
|
|
|
|
|
|
|
|
|
```
|
2017-04-25 05:19:43 -04:00
|
|
|
https://gitlab.example.com/-/readiness?token=ACCESS_TOKEN
|
2016-09-25 06:16:14 -04:00
|
|
|
```
|
|
|
|
|
|
2017-04-25 05:19:43 -04:00
|
|
|
which will then provide a report of system health in JSON format:
|
2016-09-25 06:16:14 -04:00
|
|
|
|
2017-04-25 05:19:43 -04:00
|
|
|
```
|
|
|
|
|
{
|
|
|
|
|
"db_check": {
|
|
|
|
|
"status": "ok"
|
|
|
|
|
},
|
|
|
|
|
"redis_check": {
|
|
|
|
|
"status": "ok"
|
|
|
|
|
},
|
|
|
|
|
"fs_shards_check": {
|
|
|
|
|
"status": "ok",
|
|
|
|
|
"labels": {
|
|
|
|
|
"shard": "default"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-09-25 06:16:14 -04:00
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Using the Endpoint
|
|
|
|
|
|
2017-07-03 16:41:33 -04:00
|
|
|
With default whitelist settings, the probes can be accessed from localhost:
|
2017-04-25 05:19:43 -04:00
|
|
|
|
2017-07-03 16:41:33 -04:00
|
|
|
- `http://localhost/-/readiness`
|
|
|
|
|
- `http://localhost/-/liveness`
|
2017-04-25 05:19:43 -04:00
|
|
|
|
|
|
|
|
## Status
|
|
|
|
|
|
|
|
|
|
On failure, the endpoint will return a `500` HTTP status code. On success, the endpoint
|
|
|
|
|
will return a valid successful HTTP status code, and a `success` message.
|
|
|
|
|
|
|
|
|
|
## Old behavior
|
|
|
|
|
|
|
|
|
|
>**Notes:**
|
|
|
|
|
- Liveness and readiness probes were [introduced][ce-10416] in GitLab 9.1.
|
|
|
|
|
- The `health_check` endpoint was [introduced][ce-3888] in GitLab 8.8 and will
|
|
|
|
|
be deprecated in GitLab 9.1. Read more in the [old behavior](#old-behavior)
|
|
|
|
|
section.
|
|
|
|
|
|
|
|
|
|
GitLab provides a health check endpoint for uptime monitoring on the `health_check` web
|
|
|
|
|
endpoint. The health check reports on the overall system status based on the status of
|
|
|
|
|
the database connection, the state of the database migrations, and the ability to write
|
|
|
|
|
and access the cache. This endpoint can be provided to uptime monitoring services like
|
|
|
|
|
[Pingdom][pingdom], [Nagios][nagios-health], and [NewRelic][newrelic-health].
|
|
|
|
|
|
2017-07-06 06:43:43 -04:00
|
|
|
Once you have the [access token](#access-token) or your client IP is [whitelisted](#ip-whitelist),
|
|
|
|
|
health information can be retrieved as plain text, JSON, or XML using the `health_check` endpoint:
|
2016-09-25 06:16:14 -04:00
|
|
|
|
|
|
|
|
- `https://gitlab.example.com/health_check?token=ACCESS_TOKEN`
|
|
|
|
|
- `https://gitlab.example.com/health_check.json?token=ACCESS_TOKEN`
|
|
|
|
|
- `https://gitlab.example.com/health_check.xml?token=ACCESS_TOKEN`
|
|
|
|
|
|
|
|
|
|
You can also ask for the status of specific services:
|
|
|
|
|
|
|
|
|
|
- `https://gitlab.example.com/health_check/cache.json?token=ACCESS_TOKEN`
|
|
|
|
|
- `https://gitlab.example.com/health_check/database.json?token=ACCESS_TOKEN`
|
|
|
|
|
- `https://gitlab.example.com/health_check/migrations.json?token=ACCESS_TOKEN`
|
|
|
|
|
|
|
|
|
|
For example, the JSON output of the following health check:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
curl --header "TOKEN: ACCESS_TOKEN" https://gitlab.example.com/health_check.json
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
would be like:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
{"healthy":true,"message":"success"}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
On failure, the endpoint will return a `500` HTTP status code. On success, the endpoint
|
|
|
|
|
will return a valid successful HTTP status code, and a `success` message. Ideally your
|
|
|
|
|
uptime monitoring should look for the success message.
|
|
|
|
|
|
2017-04-29 01:25:26 -04:00
|
|
|
[ce-10416]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/10416
|
2016-09-25 06:16:14 -04:00
|
|
|
[ce-3888]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3888
|
|
|
|
|
[pingdom]: https://www.pingdom.com
|
|
|
|
|
[nagios-health]: https://nagios-plugins.org/doc/man/check_http.html
|
|
|
|
|
[newrelic-health]: https://docs.newrelic.com/docs/alerts/alert-policies/downtime-alerts/availability-monitoring
|
2017-04-25 05:19:43 -04:00
|
|
|
[kubernetes]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
|
