GitLab stores some data in a Ceph-based S3-compatible object storage called APUS. This reduces disk usage and shortens backup and restore cycles for the GitLab hosts.

Artifacts

This files are generated in CI jobs and contain job logs, build artifacts and other files. This files are stored in a bucket called gitlab-artifacts on the APUS Ceph cluster. All GitLab instances (production and replicas) share the same bucket and data. Replicas use read-only credentials. This also means during a failover no artifacts have to be synchronized.

See also https://docs.gitlab.com/ci/jobs/job_artifacts/.

Packages

This files are also generated in CI jobs but contain bigger files like compiled applications, releases, Debian packages. This files will be stored in a bucket called gitlab-packages on the APUS Ceph cluster, currently packages are still stored on the GitLab host, see T378922.

See also https://docs.gitlab.com/ci/jobs/job_artifacts/.

Accessing the Ceph buckets

Direct access to the buckets is possible using tools like s3cmd. This tool is installed on newer cumin hosts and can be used when a .s3cfg file is populated with the correct credentials (which can be found in private puppet hieradata/common/profile/ceph/s3/client.yaml).

s3cmd can be used to list or delete files, create buckets or change acls:

jelto@cumin2002:~$ s3cmd mb gitlab-artifacts
jelto@cumin2002:~$ s3cmd mb gitlab-packages

jelto@cumin2002:~$ s3cmd ls
2025-05-27 08:32  s3://gitlab-artifacts
2025-05-27 08:32  s3://gitlab-packages

jelto@cumin2002:~$ s3cmd ls s3://gitlab-artifacts
...

See also https://phabricator.wikimedia.org/T378922, this is work in progress