Skip to content

Instantly share code, notes, and snippets.

@zealot128 zealot128/README.md
Last active Aug 15, 2019

Embed
What would you like to do?
Gitlab runner with docker by cloud init on Hetzner Cloud

Quick Terraform script to deploy Gitlab runner with docker onto Hetzner Cloud (Hcloud)

  1. Create other terraform stuff
  • tf-backend,
  • creds.auto.tfvars with hcloud_token
  • ssh key: mkdir keys; ssh-keygen -f id_rsa
  1. modify cloudinit.yml:
  • change gitlab url
  • ADD_YOUR_REGISTRY_TOKEN -> Set to the Gitlab Runner Registration Token
  • Add more allowed images/services, if using gitlab registry, like that: registry.myinstance.com/administrators/docker-images/*, change base image etc.
  1. terraform init
  2. terraform plan; terraform apply

cx21 = 4GB, 2 core, 5 EUR / Monat,

#cloud-config [40/92]
groups:
- docker
users:
- name: gitlab-runner
groups: docker
apt:
sources:
docker.list:
source: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable'
keyid: 0EBFCD88
gitlab.list:
source: 'deb https://packages.gitlab.com/runner/gitlab-runner/ubuntu/ $RELEASE main'
keyid: F27EAB47 # key seems to be valid till 08/2019
package_upgrade: true
package_update: true
packages:
- debian-archive-keyring
- apt-transport-https
- ca-certificates
- software-properties-common
- htop
- docker-ce
- golang-go
- gitlab-runner
- fail2ban
- vim
write_files:
- owner: root:root
path: /etc/cron.d/your_cronjob
content: "* 5 * * * root (/usr/bin/docker ps --filter status=dead --filter status=exited -aq | /usr/bin/xargs /usr/bin/docker rm -v 2> /dev/null) || true"
- owner: root:root
path: /root/register.sh
content: |
gitlab-runner register --executor docker \
-u https://git.MYCOMPANY.com/ \
--run-untagged
--tag-list ruby \
--locked=false \
--non-interactive \
-r ADD_YOUR_REGISTRY_TOKEN \
--docker-privileged=true \
--docker-pull-policy=if-not-present \
--docker-shm-size=268435456 \
--docker-volumes='/cache' \
--docker-image="ruby:2.5" \
--docker-allowed-images '*' \
--docker-allowed-images '*/*' \
--docker-allowed-images '*/*/*' \
--docker-allowed-services 'redis:*' \
--docker-allowed-services 'postgres:*' \
--docker-allowed-services 'mysql:*'
runcmd:
- [/bin/bash, /root/register.sh]
power_state:
delay: "now"
mode: reboot
message: First reboot
condition: True
variable "hcloud_token" {}
provider "hcloud" {
token = "${var.hcloud_token}"
}
resource "hcloud_ssh_key" "default" {
name = "Terraform Key"
public_key = "${file("keys/id_rsa.pub")}"
}
data "local_file" "cloudinit" {
filename = "cloudinit.yml"
}
resource "hcloud_server" "worker" {
count = 2
name = "hcworker-${count.index}"
image = "ubuntu-18.04"
server_type = "cx21"
location = "fsn1"
ssh_keys = ["${hcloud_ssh_key.default.id}"]
user_data = "${data.local_file.cloudinit.content}"
}
output "ssh_ips" {
value = "ssh -i keys/id_rsa root@${join(" ", hcloud_server.worker.*.ipv4_address)}"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.