Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Gitlab Runner for CI

Scheduled Pinned Locked Moved Solved GitLab
gitlab
17 Posts 8 Posters 1.1k Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • girishG Offline
    girishG Offline
    girish Staff
    wrote on last edited by
    #5

    @parhelium Are you looking for the docker runner? The issue is that the docker runner requires complete access to docker. Which in turn means that a bug in the runner might nuke your entire Cloudron app installations. This seems very risky. It's best to run runner in VMs of their own. Is the 64GB server a dedicated server? If so, I recommend running something like Proxmox or some other hypervisor. Keep 1 VM as Cloudron and another as GitLab Runner.

    1 Reply Last reply
    2
  • ? Offline
    ? Offline
    A Former User
    wrote on last edited by A Former User
    #6

    So I just got this working. Kind of in a Janky way though. So I run Cloudron on bare metal (no virtualization), so I just spun up an Ubuntu 20 VM on my Cloudron Ubuntu 18 server and ran gitlab runner on there. Nailed it. I do want to try and move my cloudron install to a VM as well but I anticipate that being incredibly difficult.

    Screenshot: https://social.atrilahiji.dev/web/statuses/105347017032129546

    Edit: Actually @girish with your experience would you suggest my current setup or running cloudron on a VM running on this server I have?

    girishG 1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    replied to A Former User on last edited by
    #7

    @atrilahiji I think both approaches make sense. Generally, if you have a super beefy machine (compared to your Cloudron use), it makes sense to put Cloudron in a VM, so that you can play around with other things in other VMs. I think another consideration is if all the audio/video acceleration stuff work properly in a VM. I guess they need hardware pass through etc? (sorry, I don't have much experience with hypervisors, I run Cloudron on bare metal myself and apps like Emby have no problem)

    ? 1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to girish on last edited by
    #8

    @girish ah fair enough. I mean I use the machine for cloudron exclusively so maybe my bare metal approach works better

    robiR 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to A Former User on last edited by
    #9

    @atrilahiji if you want to play with sysbox, you'll be able to make machine image containers as an app soon.

    Life of sky tech

    marcusquinnM ? 2 Replies Last reply
    0
  • marcusquinnM Offline
    marcusquinnM Offline
    marcusquinn
    replied to robi on last edited by
    #10

    @robi Interesting, that's the first use-case I get, makes much more sense now!

    We're not here for a long time - but we are here for a good time :)
    Jersey/UK
    Work & Ecommerce Advice: https://brandlight.org
    Personal & Software Tips: https://marcusquinn.com

    1 Reply Last reply
    0
  • ? Offline
    ? Offline
    A Former User
    replied to robi on last edited by A Former User
    #11

    @robi For sure! As soon as thats ready I'll give it a shot. I like my current method except I cant manage resources from inside cloudron so this would be incredible.

    R 1 Reply Last reply
    1
  • R Offline
    R Offline
    Rodny Molina
    replied to A Former User on last edited by
    #12

    @atrilahiji you may find this one interesting for your use-case. Let me know if any question.

    1 Reply Last reply
    2
  • mehdiM Offline
    mehdiM Offline
    mehdi App Dev
    wrote on last edited by
    #13

    @girish is there a good reason that the Gitlab CI runner cannot be package as a Cloudron app currently, with the docker addon ? Or has it simply never been done ?

    girishG 2 Replies Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to mehdi on last edited by girish
    #14

    @mehdi I think mostly I fear that a bug in GitLab CI or some CI script can nuke the cloudron app/addon containers. Granted we do have a docker proxy now since Cloudron 5, but I can't say that proxy is battle tested. That proxy was specifically tested against jupyter hub (which spins up each notebook as a container). It's also why installing apps that use docker addon requires superadmin perms. I think since Cloudron 5, we also tag containers properly to be "cloudron managed" or not, so it is definitely now more possible to make CI as an app than before.

    My understanding is that in a sysbox world, we don't need this docker proxy since it can give a container it's own little docker world (like a VM). (I haven't played with sysbox)

    1 Reply Last reply
    1
  • girishG Offline
    girishG Offline
    girish Staff
    replied to mehdi on last edited by
    #15

    https://git.cloudron.io/cloudron/box/-/blob/master/src/dockerproxy.js is the proxy in question.

    @mehdi In general, I don't want the CI or any other app for that matter to "pollute" the main docker with it's own containers and images. My understanding is the sysbox runtime can be set at a container level, so whenever some app wants docker addon, we can attach this sysbox runtime. Removing the app will also remove all the artifacts it created cleanly. (which is currently not done at all for jupyer hub because there is no clean uninstall hook).

    R 1 Reply Last reply
    2
  • R Offline
    R Offline
    Rodny Molina
    replied to girish on last edited by
    #16

    @girish That's right. Sysbox can cohabit with other runtimes; you just rely on the "--runtime" flag to pick one or the other. And right, you won't need a docker-proxy with Sysbox runtime, which will also save you a few headaches due to the fact that the code/dockerfile that you are trying to build is typically in a different context than the docker instance building the image.

    Btw, I fully agree with your approach: no user-facing app should have root-level access to the host.

    1 Reply Last reply
    1
  • robiR Offline
    robiR Offline
    robi
    wrote on last edited by
    #17

    Someone got autoscaling docker machine working with Gitlab-runner using Sysbox.

    "The interesting point is that the arguments to use the sysbox runtime are passed in the “--engine-insecure-registry”; this allows additional parameters that docker-machine does not support to be added"

    Life of sky tech

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.