... | @@ -59,7 +59,64 @@ Since GitLab CI is basically GitLab with external runners hooked up to |
... | @@ -59,7 +59,64 @@ Since GitLab CI is basically GitLab with external runners hooked up to |
|
it, this section documents how to install and register runners into
|
|
it, this section documents how to install and register runners into
|
|
GitLab.
|
|
GitLab.
|
|
|
|
|
|
### Linux
|
|
### Docker on Debian
|
|
|
|
|
|
|
|
A first runner (`ci-runner-01`) was setup by Puppet in the gnt-chi
|
|
|
|
cluster, using this command:
|
|
|
|
|
|
|
|
gnt-instance add \
|
|
|
|
-o debootstrap+buster \
|
|
|
|
-t drbd --no-wait-for-sync \
|
|
|
|
--net 0:ip=pool,network=gnt-chi-01 \
|
|
|
|
--no-ip-check \
|
|
|
|
--no-name-check \
|
|
|
|
--disk 0:size=10G \
|
|
|
|
--disk 1:size=2G,name=swap \
|
|
|
|
--disk 2:size=60G \
|
|
|
|
--backend-parameters memory=64g,vcpus=8 \
|
|
|
|
ci-runner-01.torproject.org
|
|
|
|
|
|
|
|
The `profile::gitlab_runner` Puppet class deploys the GitLab runner
|
|
|
|
code and hooks it into GitLab. But before enabling it on the instance,
|
|
|
|
the following operations need to be performed:
|
|
|
|
|
|
|
|
1. The shared runner token needs to be setup in Trocla, using:
|
|
|
|
|
|
|
|
trocla create profile::gitlab_runner::token plain
|
|
|
|
|
|
|
|
This only needs to be done once, and might already have been done.
|
|
|
|
|
|
|
|
TODO: add a way to use different tokens (e.g. per project, per
|
|
|
|
group) tokens.
|
|
|
|
|
|
|
|
2. setup the large partition in `/srv`, and bind-mount it to cover
|
|
|
|
for Docker:
|
|
|
|
|
|
|
|
mkfs -t ext4 -j /dev/sdc
|
|
|
|
echo "/dev/sdc /srv ext4 defaults 1 2" >> /etc/fstab
|
|
|
|
echo "/srv/docker /var/lib/docker none bind 0 0" >> /etc/fstab
|
|
|
|
mount /srv
|
|
|
|
mount /var/lib/docker
|
|
|
|
|
|
|
|
3. disable module loading:
|
|
|
|
|
|
|
|
touch /etc/no_modules_disabled
|
|
|
|
reboot
|
|
|
|
|
|
|
|
... otherwise the Docker package will fail to install because it
|
|
|
|
will try to load extra kernel modules.
|
|
|
|
|
|
|
|
4. *ONLY THEN* should you deploy `docker` and `gitlab-runner` through
|
|
|
|
Puppet.
|
|
|
|
|
|
|
|
NOTE: we used the Debian packages ([docker.io](https://tracker.debian.org/pkg/docker.io) and
|
|
|
|
[gitlab-runner](https://tracker.debian.org/gitlab-runner)) instead of the upstream official packages, because
|
|
|
|
those have a somewhat messed up installer and weird key deployment
|
|
|
|
policies. They are both somewhat out of date, and the latter is not
|
|
|
|
available in Debian buster (current stable), so it had to be installed
|
|
|
|
from bullseye.
|
|
|
|
|
|
|
|
### F-Droid runners
|
|
|
|
|
|
TODO: @ahf document how the F-Droid runners were hooked up to GitLab
|
|
TODO: @ahf document how the F-Droid runners were hooked up to GitLab
|
|
CI. Anything special on top of [the official docs](https://docs.gitlab.com/runner/register/)?
|
|
CI. Anything special on top of [the official docs](https://docs.gitlab.com/runner/register/)?
|
... | | ... | |