foo.yaml

global: 
  appConfig: 
    ldap: 
      preventSignin: false
      servers: 
        main: 
          active_directory: true
          allow_username_or_email_login: true
          base: 'DC=my_domain,DC=net'
          bind_dn: 'CN=gitlab,DC=my_domain,DC=foo,DC=bar'
          encryption: 'simple_tls'
          group_base: 'OU=Groups,DC=my_domain,DC=foo,DC=bar'
          host: 'my_domain.foo.bar'
          label: 'MY_DOMAIN.foo.bar'
          port: 636
          uid: 'sAMAccountName'
          verify_certificates: false
          password:
            secret: ldap-gitlab-pass
            key: password
  omniauth:
    enabled: false
  edition: ce
  #gitlab:
  #  https: true  
  grafana:
    enabled: false
  email:
    display_name: "GitLab Administrator"
    from: gitlabadmin@my_domain.foo.bar
    reply_to: gitlabadmin@my_domain.foo.bar
    subject_suffix: "[GitLab] "
  smtp:
    enabled: true
    address: smtp.my_domain.foo.bar
    port: 25
    tls: false
    user_name: gitlabadmin
    domain: my_domain.foo.bar
    authentication: ""
  shell:
    tcp:
      proxyProtocol: false # default false
    service:
      type: LoadBalancer
  hosts: 
    domain: my_domain.foo.bar
    https: true
  ingress: 
    class: gitlab-nginx
    configureCertmanager: false
    tls: 
      enabled: true
      secretName: ingress-default-cert
  psql:
    host: gitlabdb.my_domain.net
    database: gitlab
    username: gitlab
    password:
      secret: psql-pass
      key: password
  minio:
    enabled: true
certmanager:
  install: false
nginx-ingress:
  enabled: true
  controller:
    service:
      type: LoadBalancer
      #annotations:
      #  external-dns.alpha.kubernetes.io/hostname: gitlab.my_domain.net.
    ingressClassResource:
      controllerValue: k8s.io/gitlab-nginx
      name: "gitlab-nginx"
prometheus:
  install: false
gitlab:
gitlab:
  # n1-highcpu-16 in GKE is
  # - cpu:    15890m
  # - memory: 12011718Ki
  webservice:
    # Min pods recommended to be set to 75% of max to start
    maxReplicas: 3
    maxUnavailable: 1
    minReplicas: 2
    hpa:
      targetAverageValue: 1000m
    ingress:
      proxyBodySize: 0 # To allow large file uploads like imports
    #nodeSelector:
    #  workload: webservice
    resources:
      limits:
        #memory: 5.25G # roughly, 1.3GB/worker
        memory: 3.25G
      requests:
        cpu: 2 # requests.cpu <= workerProcesses
        memory: 3G # roughly, 1.25GB/worker
    workerProcesses: 2
  sidekiq:
    maxReplicas: 4
    minReplicas: 2
    hpa:
      targetAverageValue: 700m
    #nodeSelector:
    #  workload: sidekiq
    resources:
      # Running up to 8 pods with a ratio of roughly 1 vCPU to 2 GB RAM as a starting point for requests.
      # Per the 3k reference architecture (https://docs.gitlab.com/ee/administration/reference_architectures/3k_users.html),
      # consider the resource limitations in play:
      # For an n1-standard-4 node in GKE: 4 vCPU, 15 GB memory
      # - 3 nodes x 4 vCPU = 12 cores in total
      # - 3 nodes x 15 GB = 45Gb of memory in total
      # - 45GB memory / 12 cores = ~3.75 GB memory / core, excluding overhead
      # Each Sidekiq node has the following resources allocatable (roughly):
      # - cpu:    3920m
      # - memory: 12698332Ki
      # Notice that there is actually only <4 vCPU and <13GB memory allocatable.
      limits:
        memory: 3G
      requests:
        cpu: 900m # Assume single-process, 1 CPU
        memory: 1.5G
  gitaly:
    persistence:
      storageClass: nfs-gitlab
      size: 60Gi
minio:
  ingress:
    enabled: false
  persistence:
    storageClass: nfs-gitlab
    size: 1Ti
redis:
  master:
    persistence:
      storageClass: nfs-gitlab
      size: 10Gi