Database of GitLab Goes Out After Spam Attack
GitLab, a code-hosting site, suffer an outage on Tuesday following a "serious" incident, as one of Gitlab databases needed emergency maintenance. As per the company, database data comprising merge requests, users, issues, snippets, and comments, of six hours was lost for GitLab.com; and it was in process of restoring the data from backup. InfoWorld posted on 1st February, 2017, stating that the data was deleted accidentally as per the Twitter message.
GitLab said in one of the bulletin this morning that losing the production data is objectionable, and in the next few days Gitlab will post five reasons for this occurrence and the measures they will implement. Git.wiki repositories as well as self-hosted installations are not affected.
The restoration means that any data from 17:20 UTC to 23:25 UTC of the database was lost by the time GitLab.com goes live again. GitLab provided chronology of events, and said that it detected on Monday that the spammers are hammering its database with creation of snippets and rendering it unstable. GitLab has blocked spammers based on the IP address, and then removed user from using the repository as a CDN form. This caused 47,000 IPs signing in by using same account and thus causing a heavy database load, and GitLab removes users for the spamming.
As per a statement of the company this morning, the outrage has not affected the Enterprise customers or the majority of its users. The company further said that as part of the ongoing revival efforts, GitLab are vigorously investigating a possible data loss. Once confirmed, the data loss is going to affect less than 1% of Gitlab's user base, and more specifically the peripheral metadata written during the 6 hr. window.
GitLab, at the time of dealing with this problem, found replication of database lagged far behind, successfully stopping. This has taken place due to spike in writes, which are not timely processed by secondary database. GitLab was dealing with a chain of database issues, which includes a refusal to repeat.
Tim Anglade, interim marketing vice president of the company, said that GitLab.com has gone down on Tuesday at 6.28 pm PST, and was live again at 9:57 am PST today.
» SPAMfighter News - 07-02-2017