AWS Gitlab Runner Launch Template

title: “AWS Gitlab Runner Launch Template”
date: 2022-11-24T09:36:52
slug: aws-gitlab-runner-launch-template

#!/bin/bash
# export environment variables from JSON
# these can be used by all subsequent programs
apt-get update
apt-get -y install jq
for s in $(echo '{}' | jq -r "to\_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ); do
export $s
done
echo "10.98.195.195 gitlab.netrtl.com" >> /etc/hosts
curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh | bash
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb\_release -cs) stable"
apt-get update
apt-get -y install docker-ce=5:19.03.14~3-0~ubuntu-bionic docker-ce-cli=5:19.03.14~3-0~ubuntu-bionic gitlab-runner python3-pip
pip3 install awscli==1.16.59
usermod -aG docker gitlab-runner
usermod -aG docker ubuntu
echo '#!/bin/sh' > /etc/cron.daily/docker
echo 'docker system prune --all --volumes --force' >> /etc/cron.daily/docker
chmod +x /etc/cron.daily/docker
echo '#!/bin/sh' > /etc/cron.hourly/refresh-ecr-tokens
# The central registry which sits in eu-west-1.
echo "/usr/local/bin/aws ecr get-login --no-include-email --region eu-west-1 --registry-ids 922307086101 | sh -" >> /etc/cron.hourly/refresh-ecr-tokens
# Extra registries in eu-central-1.
chmod +x /etc/cron.hourly/refresh-ecr-tokens
DOCKER\_LOGIN=''
if [ -n "${DOCKER\_LOGIN}" ]; then
IFS=',' read -r -a DOCKER\_LOGIN\_ARR <<< "${DOCKER\_LOGIN}"
for DOCKER\_LOGIN\_ITEM in "${DOCKER\_LOGIN\_ARR[@]}"; do
echo LOGIN ITEM: "${DOCKER\_LOGIN\_ITEM}"
IFS='|' read -r -a LOGIN\_ARR <<< "${DOCKER\_LOGIN\_ITEM}"
if [ ${#LOGIN\_ARR[@]} -eq "3" ]; then
USER="${LOGIN\_ARR[0]}"
PASS="${LOGIN\_ARR[1]}"
REGISTRY="${LOGIN\_ARR[2]}"
docker login --username "${USER}" --password "${PASS}" "${REGISTRY}"
else
echo "could not parse login: ${DOCKER\_LOGIN\_ITEM}"
echo "expected \"{USER}|{PASS}|{REGISTRY}\""
fi
done
fi
# Login to registries.
bash /etc/cron.hourly/refresh-ecr-tokens
gitlab-runner register --non-interactive --locked=false --url "https://gitlab.netrtl.com/" \
--registration-token "z3gsKxs4\_-e79bV4keyX" --description "runner podcast-squad-embed-player-$(hostname)" --executor docker \
--tag-list "env-preprod,podcast-squad-embed-player" --docker-image "ubuntu:18.04" \
--access-level="not\_protected" \
--docker-volumes /var/run/docker.sock:/var/run/docker.sock \
--docker-pull-policy always --docker-extra-hosts "gitlab.netrtl.com:10.98.195.195" \
--limit 0
if false
then
sed -i -e 's/privileged = false/privileged = true/' /etc/gitlab-runner/config.toml
fi
if false
then
sed -i -e '/\[session\_server\]/a\ \ listen\_address = "0.0.0.0:8093"' /etc/gitlab-runner/config.toml
fi
systemctl restart gitlab-runner
systemctl enable gitlab-runner
docker run -d --restart='always' --name=node\_exporter --net='host' --pid='host' -v '/:/host:ro,rslave' quay.io/prometheus/node-exporter:v0.16.0 --path.procfs /host/proc --path.sysfs /host/sys
docker run -d --restart='always' --name=cadvisor -v '/:/rootfs:ro' -v '/var/run:/var/run:ro' -v '/sys:/sys:ro' -v '/var/lib/docker/:/var/lib/docker:ro' -v '/dev/disk/:/dev/disk:ro' -p 8080:8080 google/cadvisor:v0.32.0
Print Friendly, PDF & Email