Installing GitLab Runner
GitLab Runner is an open-source application that executes GitLab CI/CD pipeline jobs based on instructions from a special file named .gitlab-ci.yml. It helps run automated builds in a Managed Service for Kubernetes cluster.
Getting started
-
Make sure that the security groups for the Managed Service for Kubernetes cluster and its node groups are configured correctly. If any rule is missing, add it.
Warning
The configuration of security groups determines the performance and availability of the cluster and the services and applications running in it.
-
Open the GitLab administration panel in your browser:
- If GitLab is deployed on a Yandex Compute Cloud VM instance, use its public IP.
- If GitLab is deployed in Yandex Managed Service for GitLab, use the instance FQDN.
-
Get the GitLab Runner authentication token (Runner authentication token):
- To configure GitLab Runner throughout the GitLab instance (GitLab administrator access required):
- Click Admin area and select CI/CD → Runners.
- Click New instance runner and create a new GitLab Runner.
- Save the value of the
Runner authentication tokenparameter.
- To configure GitLab Runner for a group or project:
- Select a group or project you want to configure.
- On the left-hand side of the window that opens, click Settings and select the CI/CD option.
- Under Runners, click Expand.
- Click New project runner and create a new GitLab Runner.
- Save the value of the
Runner authentication tokenparameter.
- To configure GitLab Runner throughout the GitLab instance (GitLab administrator access required):
Installation using Yandex Cloud Marketplace
- Navigate to the folder dashboard and select Managed Service for Kubernetes.
- Click the name of the Managed Service for Kubernetes cluster you need and select the Marketplace tab.
- Under Application available for installation, select GitLab Runner and click Go to install.
- Configure the application:
-
Namespace: Create a new namespace, e.g.,
gitlab-runner-space. If you leave the default namespace, GitLab Runner may work incorrectly. -
Application name: Specify the application name.
-
GitLab domain name: Enter a domain for your GitLab instance.
-
Registration token: Specify the token you obtained previously.
-
(Optional) Privileged mode for running docker:dind: Enable this option if you want to use
docker:dindimages.Warning
The privileged mode increases the risk of information security incidents. Make sure to read the relevant documentation before using it.
-
(Optional) List of comma-separated tags: Provide a list of tags to distribute tasks between multiple GitLab Runners.
-
- Click Install.
- Wait for the application to change its status to
Deployed. - Go back to the Runners page of your GitLab instance, reload the page, and make sure you see a new GitLab Runner.
Installation using a Helm chart
-
Install Helm v3.8.0 or higher.
-
Install kubect and configure it to work with the new cluster.
-
To install a Helm chart with GitLab Runner, run the following command:
helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/gitlab-org/gitlab-runner/chart/gitlab-runner \ --version 0.54.0-8 \ --untar && \ helm install \ --namespace <namespace> \ --create-namespace \ --set gitlabDomain=<VM_public_IP_address_or_GitLab_instance_FQDN> \ --set runnerRegistrationToken=<previously_obtained_token> \ gitlab-runner ./gitlab-runner/If you set
namespaceto the default namespace, GitLab Runner may work incorrectly. We recommend you to specify a value different from all existing namespaces (e.g.,gitlab-runner-space).Note
If you are using a Helm version below 3.8.0, append the
export HELM_EXPERIMENTAL_OCI=1 && \string to the command to enable Open Container Initiative (OCI) support in the Helm client.
Use cases
- Continuous deployment of containerized applications using GitLab.
- Scanning Container Registry for vulnerabilities during continuous deployment of applications using GitLab.
- Storing Docker images in Yandex Container Registry.