Installing GitLab Runner
GitLab Runner is an open-source application that runs GitLab CI/CD jobs using instructions in a special file named .gitlab-ci.yml. It helps run automated builds in a Managed Service for Kubernetes cluster.
Getting started
-
Make sure the security groups for the Managed Service for Kubernetes cluster and its node groups are configured correctly. If a rule is missing, add it.
Warning
The configuration of security groups determines performance and availability of the cluster and the services and applications running in it.
-
Open the GitLab administration panel in your browser:
- If GitLab is deployed on a Yandex Compute Cloud VM instance, use its public IP address.
- If GitLab is deployed in Yandex Managed Service for GitLab, use the instance FQDN.
-
Get the GitLab Runner authentication token:
- To configure GitLab Runner for the entire GitLab instance (GitLab admin permissions required):
- Click Admin area and select CI/CD → Runners.
- Click New instance runner and create a new GitLab Runner.
- Save the value of the
Runner authentication tokenparameter.
- To configure GitLab Runner for a group or project:
- Select a group or project you want to configure.
- On the left-hand side of the window that opens, click Settings and select CI/CD.
- Under Runners, click Expand.
- Click New project runner and create a new GitLab Runner.
- Save the value of the
Runner authentication tokenparameter.
- To configure GitLab Runner for the entire GitLab instance (GitLab admin permissions required):
Installation from Yandex Cloud Marketplace
- Navigate to the folder dashboard and select Managed Service for Kubernetes.
- Click the name of the Managed Service for Kubernetes cluster you need and select the Marketplace tab.
- Under Application available for installation, select GitLab Runner and click Go to install.
- Configure the application:
-
Namespace: Create a new namespace, e.g.,
gitlab-runner-space. If you leave the default namespace, GitLab Runner may work incorrectly. -
Application name: Specify the application name.
-
GitLab domain name: Enter a domain for your GitLab instance.
-
Registration token: Specify the token you obtained previously.
-
Privileged mode for running docker:dind: This is an optional setting. Enable it if you want to use
docker:dindimages.Warning
The privileged mode increases the risk of information security incidents. Check out this article before using it.
-
List of comma-separated tags: This is an optional setting. Provide a list of tags to distribute jobs between multiple GitLab Runners.
-
- Click Install.
- Wait for the application to change its status to
Deployed. - Go back to the Runners page of your GitLab instance, refresh the page, and make sure you see a new GitLab Runner.
Installation using a Helm chart
-
Install Helm v3.8.0 or higher.
-
Install kubect and configure it to work with the new cluster.
-
To install a Helm chart with GitLab Runner, run this command:
helm pull oci://cr.yandex/yc-marketplace/yandex-cloud/gitlab-org/gitlab-runner/chart/gitlab-runner \ --version 0.54.0-8 \ --untar && \ helm install \ --namespace <namespace> \ --create-namespace \ --set gitlabDomain=<VM_public_IP_address_or_GitLab_instance_FQDN> \ --set runnerRegistrationToken=<previously_obtained_token> \ gitlab-runner ./gitlab-runner/If you set
namespaceto the default namespace, GitLab Runner may work incorrectly. We recommend specifying a value different from all the existing namespaces, e.g.,gitlab-runner-space.Note
If you are using a Helm version below 3.8.0, add the
export HELM_EXPERIMENTAL_OCI=1 && \string at the beginning of the command to enable Open Container Initiative (OCI) support in the Helm client.
Use cases
- Continuous deployment of containerized applications using GitLab.
- Scanning Container Registry for vulnerabilities during continuous deployment of applications using GitLab.
- Storing Docker images in Yandex Container Registry.