Separate runner agent private address #381
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Allow separate control of the private addresses for the runners and the Gitlab agent. You might want to have separate auto assign ip address settings for the Gitlab agent and runners. As an example when you which to have the Gitlab agent with a public ip address so it can register itself to the Gitlab cloud. Were you want the runners to be in a private subnet and have the external ip of the NAT gateway instead of their own ip. This is needed when you have a CICD account which will run deployments in a separate account. The CICD account will host the custom Gitlab runner. In this separate account you want to whitelist the CICD ip addresses so it can perform updates to the infrastructure.
|
@npalm I installed pre-commit and terraform-docs. But it seems the docs didn't got updated. |
|
We run also the agent in a private subnet, as long there is an connection to the gitlab server (or cloud) the agent can register itself. Only requires an egress |
I have just tested it locally:
Just ran: |
npalm
reviewed
Oct 8, 2021
|
I have added the documentation and updated the description. |
npalm
approved these changes
Oct 8, 2021
semantic-releaser bot
pushed a commit
that referenced
this pull request
Oct 8, 2021
## [4.33.0](4.32.0...4.33.0) (2021-10-08) ### Features * Separate runner agent private address ([#381](#381)) ([d45dc37](d45dc37))
|
🎉 This PR is included in version 4.33.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Allow separate control of the private addresses for the runners
and the Gitlab agent.
You might want to have separate auto assign ip address settings
for the Gitlab agent and runners.
As an example when you which to have the Gitlab agent with a
public ip address so it can register itself to the Gitlab
cloud. But if you want the runners to be in a private subnet
and have the external ip of the NAT gateway instead of their
own ip.
This is needed when you have a CICD account which will
run deployments in a separate account. The CICD account will
host the custom Gitlab runner.
In the separate account you which to deploy to you want to whitelist
the CICD ip addresses so it can perform updates to the infrastructure.
These ip addresses will be always the same, because the ip's are
used from the NAT gateway which have their own eip's.
Migrations required
YES, Users who are using public ip's addresses (
runners_use_private_addressis set tofalse) for their runners they have to set variablerunner_agent_uses_private_addresstofalsetoo.Verification
Tested it in my AWS account.