Running GitLab Runners on Kubernetes
In this short article, we will explore how we can run Gitlab runners on Kubernetes using GitLab official helm charts with a bit of customization. GitLab Runners are integral components of GitLab’s Continuous Integration/Continuous Deployment (CI/CD) infrastructure, responsible for executing the defined tasks and workflows outlined in .gitlab-ci.yml
configuration files. Now let's look at how to add one to your Kubernetes cluster.
Pre-requisites
- Kubernetes Cluster
- Helm CLI
Setup
- The first step is to add the helm charts via helm cli
# Add Chart
helm repo add gitlab https://charts.gitlab.io
helm repo update
2. To register a Gitlab Runner with your GitLab Instance, it needs a registration token, which can be created from the below URL. Please note that I am using GitLab.com instance and all my projects are under a particular group. Don't forget to copy the registration token after the creation :)
https://gitlab.com/groups/<groupname>/-/runners
3. Install the chart specifying the registration token, version, and values file
helm install --namespace gitlab-runner --create-namespace --set runnerRegistrationToken=<replacewithyourtoken> gitlab-runner gitlab/gitlab-runner --version v0.63.0 --values values.yaml
values.yaml
gitlabUrl: https://gitlab.com/
imagePullPolicy: IfNotPresent
concurrent: 4
imagePullSecrets:
- name: harbor-pull-secret
replicas: 5
rbac:
create: true
serviceAccountName: default
runners:
config: |
[[runners]]
name = "gitlab-runner"
executor="kubernetes"
environment = [
"FF_KUBERNETES_HONOR_ENTRYPOINT=false",
"FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY=true",
]
[runners.kubernetes]
poll_timeout = 2000
node_selector_overwrite_allowed = ".*"
helper_image = "gitlab/gitlab-runner-helper:arm64-v16.10.0"
image_pull_secrets=["harbor-pull-secret"]
unregisterRunners: true
securityContext:
allowPrivilegeEscalation: true
readOnlyRootFilesystem: false
runAsNonRoot: true
privileged: true
capabilities:
drop: ["ALL"]
4. The above value file has been used to deploy the chart on the arm64 Kubernetes nodes cluster and that is the reason the helper image used is with arm64
tag. The imagePullSecrets contains the name of the secret that the .dockerconfigjson,
will be used to pull images from the external container registry. You may create one, by reading the steps here
That’s all for now. Thanks for reading and feedback is always welcome. Until next time.
In case of any queries, please feel free to connect with me via the below social links