Create cloud-init script for bringing up runners
We should really get a cloud-init
script together so it's much easier to provision runners, and doesn't require manual typing.
Here's what I did for packet4 (x86-64), which is also the case for packet-arm2 (aarch64) with the obvious architecture tweaks.
Install Debian Buster and make sure it's fully upgraded. Then, going against all sensible advice, make it a horrible hybrid system where our primary system comes from Buster, but we pull gitlab-runner from sid (because it's not available - at least for aarch64? - in buster), and Docker from experimental. Using backports would be better for both if they were available there, but I didn't see that they were.
# cat /etc/apt/sources.list
deb [arch=amd64] http://security.debian.org buster/updates main non-free contrib
deb [arch=amd64] http://mirror.ewr1.packet.net/debian buster-backports main
deb [arch=amd64] http://mirror.ewr1.packet.net/debian buster main non-free contrib
deb [arch=amd64] http://mirror.ewr1.packet.net/debian buster-updates main non-free contrib
deb [arch=amd64] http://deb.debian.org/debian sid main
deb [arch=amd64] http://deb.debian.org/debian experimental main
# cat /etc/apt/preferences.d/no-sid
Package: gitlab-runner
Pin: release a=unstable
Pin-Priority: 500
Package: *
Pin: release a=unstable
Pin-Priority: 1
Once to this point, install the core runtime dependencies for Docker and gitlab-runner from Buster:
apt-get install binutils binutils-x86-64-linux-gnu binutils-common cdebootstrap cgroupfs-mount gettext-base git git-man zsh vim needrestart patch runc tini
Then install the other bits:
# apt-get install gitlab-runner/unstable docker.io
# curl -o /usr/local/sbin/docker-gc https://raw.githubusercontent.com/spotify/docker-gc/master/docker-gc
# chmod +x /usr/local/sbin/docker-gc
# crontab -e
*/15 * * * * GRACE_PERIOD_SECONDS=86400 REMOVE_VOLUMES=1 FORCE_IMAGE_REMOVAL=1 docker-gc
On x86-64 runners, install QEmu to allow people to run non-native binaries:
# apt-get install binfmt-misc qemu-user-static
(NB: Ensure that /proc/sys/fs/binfmt_misc/qemu-arm
has flags OCF
, so we can run binaries without containers having to themselves embed qemu-user-static
in the same location as the host filesystem.)
Then register the runner:
# gitlab-runner register --name fdo-packet-4 --non-interactive --limit 2 --request-concurrency 1 --executor docker --docker-image alpine:latest --docker-privileged --docker-devices /dev/kvm --docker-volumes "/var/cache/gitlab-runner/cache:/cache" --registration-token $TOKEN --env "DOCKER_TLS_CERTDIR=" --url https://gitlab.freedesktop.org
Doing this in a cloud-init
script would let us quickly bring up new runners on both Packet and GCE (as well as basically any other cloud-like host), which is in turn a path to autoprovisioning.
I intend to do this the next time I have to bring new runners up. As it was, I just brought packet4 and packet-arm2 up by hand, since it seemed relatively urgent (Mesa was on fire), and I was also on a train with limited time and worse connectivity.
/cc @anholt