How to install and connect a gitlab runner

Posted bynikster Leave a comment on How to install and connect a gitlab runner

What’s a gitlab runner and what do I need it for?

gitlab runners are worker nodes that can be connected to gitlab to run jobs on.
I use the docker executor a lot to build images, but you can run any sort of jobs on them like shell/$language scripts for testing, building, etc., whatever you configure in your projects(ci-/cd-) pipeline (by using .gitlab-ci.yaml or the auto dev-ops pipeline).

What’s this about?

In this post I’ll cover how to set up a runner and connect it to gitlab.

apt-get install -y apt-transport-https ca-certificates software-properties-common

make sure to install latest ca-certificates and the packages needed to conveniently manage apt repositories.

curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh | bash

execute the script.deb.sh, provided by gitlab. This basically identifies your OS Version (in my case: debian stretch), inserts the correct repository in you sources.list and imports the gpg.key. If it doesn’t work for some reason, just manually do apt-add-repository, wget gpg.key, apt-key add gpg.key.

apt-get -y install gitlab-runner

install the gitlab-runner package

gitlab-runner register

and register the runner.
This will ask for:

  • your gitlab url
  • a token

To get the token:

  • log in to your gitlab admin account (standard: root)
  • click the little tool icon (admin area) on the top left/middle.
  • select runners on the left sidebar
  • copy the token

That’s it!

If you come here from “how to set up gitlab and work with it” and used self signed certificates from the how to.
Then you should import your CA-Certificate on the runner.

cp ca-root.crt /usr/local/share/ca-certificates/ca-root.crt
update-ca-certificates
systemctl daemon-reload
systemctl restart gitlab-runner

Tips

If you plan to use your runner for building docker images (e.g. you want to build a pipeline) , you’ll need to configure some additional things:

vi /etc/gitlab-runner/config.toml

[[runners]]
  executor = "docker"
    environment = ["DOCKER_AUTH_CONFIG={\"auths\": { \"gitlab.my.domain\": { \"auth\": \"base64encodedcreds\" }}}"]

[runners.docker]
    tls-ca-file = "/etc/ssl/certs/ca-root.pem"
    tls_verify = false
    volumes = ["/var/run/docker.sock:/var/run/docker.sock","/cache"]
    dns = ["192.168.178.33"]

DOCKER_AUTH_CONFIG is available under ~/.docker/config.json after you have issued:

docker login -u usernme https://gitlab.your.domain:4567

tls-ca-file might prove useful if you are working with self-signed certs.
tls_verify = false disables verification
dns tells docker to use a specific dns server, this helps if you encounter “cannot resolve..” errors.

Troubleshooting Tips

  • check your firewall
  • check the config: (everything gitlab related and important is configured in /etc/gitlab-runner/config.toml)
  • if docker still complains about dns, try to add dns servers to /etc/docker/daemon.json
"dns": ["192.168.178.33","192.168.178.1"]

Leave a comment

Your email address will not be published. Required fields are marked *