Skip to content

Swarm GitLab Runner

Swarm GitLab Runner

The GitLab runner has a built-in docker executor.

As the Docker Swarm API is docker compatible, we can point the executor to a Swarm cluster.

Deploy the Swarm cluster

$ openstack coe cluster create gitlabci-swarm --keypair mykey \
    --cluster-template swarm --node-count 1

$ openstack coe cluster list
| uuid | name           | node_count | master_count | status             |
| .... | gitlabci-swarm | 1          | 1            | CREATE_COMPLETE    |

$ openstack coe cluster config gitlabci-swarm >

$ .

$ docker node ls
ID                           HOSTNAME                                                       STATUS  AVAILABILITY  MANAGER STATUS
1xfcqw5ee7n79fj9ufbhm5eqb  Ready   Active        
4gjbnzk653uo5r8krk7onkrm5 *  Ready   Active        Leader

Register the runner

If you have an existing runner registered (and the corresponding runner token), skip this step.

Launch a runner container and use it to register the runner. We will store the resulting configuration in the volume created above.

$ docker pull gitlab/gitlab-runner

$ docker run -d --restart always --name gitlab-runner \
    -v gitlab-runner-config:/etc/gitlab-runner \

$ docker exec -it gitlab-runner /bin/bash

Register the new runner, with the params as follows:

  • -r is the token taken from your project runners page (
  • --docker-host is the api_address of the cluster collected above
  • --name, --tag-list, --limit, etc are as defined in the runner documentation

Here's an example:

root@21a8219b04ca:/# gitlab-ci-multi-runner register -r 6cd104863475642eb0a5621f8e3c7d \
    --name gitlab-runner --tag-list rocha-swarm-builder --limit 1 \
    --url --executor docker \
    --docker-host tcp:// --docker-image centos:7 \
    --docker-disable-cache --docker-cert-path /etc/gitlab-runner

GitLab Runner config

Skip this step if you already have a previously created gitlab-runner-config volume.

Get the endpoint of the swarm cluster, to pass in the runner config:

$ openstack coe cluster show gitlabci-swarm | grep api_address
| api_address         | tcp://

Create a config.toml matching the runner, replacing:

  • 'host' with the value from above
  • 'name' with whatever name you want for this runner
concurrent = 1
check_interval = 0

  name = "cci-swarm-builder-01"
  limit = 1
  url = ""
  token = "21184dfc32024f6926136eb1f0d291"
  executor = "docker"
    host = "tcp://"
    tls_cert_path = "/etc/gitlab-runner"
    tls_verify = true
    image = "centos:7"
    privileged = true
    disable_cache = true
    volumes = ["/cache","/var/run/docker.sock:/var/run/docker.sock"]

Create a volume to store the gitlab-runner config, and copy the config contents:

$ docker volume create --name gitlab-runner-config
$ docker run -d --name tmp-runner -v gitlab-runner-config:/etc/gitlab-runner centos:7
$ docker cp ca.pem tmp-runner:/etc/gitlab-runner
$ docker cp cert.pem tmp-runner:/etc/gitlab-runner
$ docker cp key.pem tmp-runner:/etc/gitlab-runner
$ docker cp config.toml tmp-runner:/etc/gitlab-runner
$ docker rm -f tmp-runner

Launch the runner

Use this docker compose file, and launch the runner:

$ cat docker-compose.yml
version: '3'
    image: gitlab/gitlab-runner:v10.8.0
      - gitlab-runner-config:/etc/gitlab-runner
      - /var/run/docker.sock:/var/run/docker.sock
    image: docker:17.09.0
    command: |
      sh -c "
        set -e
        while true
          sleep 60
          docker system prune -a -f
      - /var/run/docker.sock:/var/run/docker.sock
    external: true

$ docker-compose up -d

Note also a docker-cleanup service is deployed, periodically pruning unused resources (images, containers, etc).

Check the logs of the runner to see if all is ok:

$ docker-compose logs
Starting multi-runner from /etc/gitlab-runner/config.toml ...  builds=0
Running in system-mode.                            

Configuration loaded                                builds=0

You should also see the new runner in your project's page (

Last update: July 4, 2019