Resource relationships in Managed Service for GitLab
GitLab is an open-source web-based DevOps lifecycle tool. It is a code repository management system for Git with error tracking, CI/CD pipeline, dedicated Wiki, and other features.
Managed Service for GitLab helps configure application deployment on VMs in Yandex Compute Cloud and supports integration with Yandex Container Registry and Yandex Managed Service for Kubernetes.
How Managed Service for GitLab works:
GitLab instance
A GitLab instance is the main entity in Managed Service for GitLab. It is a VM deployed in Yandex Cloud. Managed Service for GitLab takes care of its routine maintenance, such as ensuring storage fault tolerance, applying security patches, automatically upgrading the GitLab version, and more.
Users can mange instances from the Yandex Cloud management console, CLI, and API.
Instance configuration
When creating an instance, you specify:
-
Instance type: Number of vCPUs and RAM amount. Below are available instance types:
Type Computing resources s2.micro 2 vCPUs, 8 GB RAM s2.small 4 vCPUs, 16 GB RAM s2.medium 8 vCPUs, 32 GB RAM s2.large 16 vCPUs, 64 GB RAM After you create an instance, you can upgrade its type to a higher performing one.
-
Warning
Currently, Yandex Cloud technical restrictions do not allow selecting a subnet with the
192.168.0.0/24address range. -
Disk size. After you create an instance, you can increase its disk size.
-
Name in the
.gitlab.yandexcloud.netdomain: Your GitLab instance's internet address. -
Administrator information:
- Email.
- Login.
Note
When you create an instance in Managed Service for GitLab, the system automatically generates an SSL certificate. Using HTTPS requires no advanced setup.
GitLab Runner
GitLab Runner is an open-source application that runs GitLab CI/CD pipeline jobs based on instructions from a special file named .gitlab-ci.yml. It helps run automated builds in Managed Service for Kubernetes clusters and on Compute Cloud VMs.
You can get started with GitLab Runner in the following ways:
- Install GitLab Runner in a Managed Service for Kubernetes cluster.
- Create a Compute Cloud VM and install GitLab Runner on it manually.
- Create a runner managed by Yandex Cloud.
Managed runners
Note
In Managed Service for GitLab, you can create a managed runner that automatically deploys a specified number of Compute Cloud VMs with installed GitLab workers. The managed runner also scales out the worker VMs to accommodate the load.
Warning
There is a fee for using VM instances (workers) (see Compute Cloud pricing).
You can specify the following managed runner settings:
-
Scaling settings:
- Minimum workers: Number of workers that are always running and ready to execute jobs. Default value:
1; minimum:0; maximum:10. - Maximum workers: Maximum number of workers that can be created to execute jobs. Default value:
3; minimum:1; maximum:30. The maximum number of workers cannot be less than the minimum number. - Maximum worker downtime, in minutes: Maximum idle time after which the additionally created worker will be deleted. Default value:
10; minimum:0. - Maximum number of jobs per worker: Maximum number of jobs after which the worker will be deleted. Default value:
100; minimum:0. - Number of parallel tasks per worker: Number of parallel jobs per worker. Default value:
1; minimum:0.
- Minimum workers: Number of workers that are always running and ready to execute jobs. Default value:
-
Worker VM settings:
-
Worker computing resource configuration:
- 2 vCPUs, 4 GB RAM
- 2 vCPUs, 8 GB RAM
- 4 vCPUs, 16 GB RAM
- 8 vCPUs, 64 GB RAM
- 16 vCPUs, 128 GB RAM
-
Disk type (HDD or SSD) and size. For more information, see Disk types.
-
Note
This service account will be associated with the worker VM. The worker can use the account to authenticate in the Yandex Cloud API and access cloud resources.
Assign your service account a role for the resource you want to manage.
-
For more on managed runners, see these pages:
Networking between GitLab and managed runners
The subnet of the instance the managed runner is connected to must have internet access via a NAT gateway or NAT instance.
To set up networking between GitLab and managed runners, you need to configure required, recommended, and optional security group settings.
Rules for incoming traffic
|
Rule purpose |
Rule settings |
|
To manage the runner from the GitLab instance over SSH. |
|
Rules for outgoing traffic
|
Rule purpose |
Rule settings |
|
To access the GitLab instance's public address over HTTPS, e.g., for cloning repositories or downloading artifacts. |
|
|
To access the artifact registry, e.g., Cloud Registry or dockerhub.io. |
|
|
To access object storages, e.g., LFS or Container Registry. |
|
|
To access external resources. |
|
GitLab Pages
GitLab Pages is a tool for publishing static websites composed of files residing in a GitLab repository. Websites are deployed via GitLab CI/CD jobs. GitLab Pages works with static website generators and standard HTML, CSS, and JavaScript files.
GitLab Pages enables you to use your own domains and SSL/TLS certificates and to configure access to websites.
For more information, see this GitLab article.
Note
This feature is in the Preview stage. To get access, contact tech support or your account manager.