You are browsing a read-only backup copy of Wikitech. The primary site can be found at wikitech.wikimedia.org

GitLab/Gitlab Runner

From Wikitech-static
< GitLab
Revision as of 10:50, 27 August 2021 by imported>Jelto
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

GitLab Runner is an application that works with GitLab CI/CD to run jobs in a pipeline.[1] For more information see the official GitLab Runner documentation.

Current Gitlab Runner setup (T287279)

In WMCS there is a project gitlab-runners to host a set of shared GitLab runners. Currently the runners are installed and configured with Ansible playbook. To add runners, add the hosts to [gitlab_runners] section of 'hosts' file. Then run the Ansible Playbook for gitlab-runners. The command is wrapped in install-gitlab-runner.sh script.[2]

There are efforts to move all of the installation and configuration to puppet: T287279#7237735.

Future Gitlab Runner setup (T286958)

This section contains the requirements and plan for a future Gitlab-Runner setup. The goal is to find a secure, scalable and easy to build and maintain setup for the GitLab Runner infrastructure.

Compute Resources

GitLab Runner can run on various platforms, such as Kubernetes, Docker, OpenShift or just Linux VMs. Furthermore a wide range of compute platforms can be leveraged, such as WMCS, Ganetti, bare metal hosts or public clouds. So this section tries to compare the different options and collect advantages and disadvantages. Privacy considerations can be found in the next section.

Elastic demand

https://docs.gitlab.com/runner/configuration/autoscale.html

Privacy considerations

Whether these can safely run on a third-party platform

Monitoring of performance and usage

Gitlab-Runner export Prometheus metrics. This metrics should give insights in performance and usage. See Monitoring Gitlab Runner documentation.

However the Gitlab Runner exporter does not support authorization or https. So depending on where the Runners are hosted, a https proxy with authorization is required.

[3]