Support passing cloud-config user data to google driver
After merging it please change the target branch to master
and proceed with merging this MR
What critical bug this MR is fixing?
Adds support for passing user data in cloud-config format to the created GCP instance. This is required to start the iptables-restore
service in Google Container Optimized OS.
How does this change help reduce cost of usage? What scale of cost reduction is it?
In what scenarios is this change usable with GitLab Runner's docker+machine executor?
How to test the MR
-
Login on one of our private runner managers
-
Download the Docker Machine binary build for this MR
wget https://gitlab-docker-machine-downloads.s3.amazonaws.com/support-google-cloud-config/docker-machine-Linux-x86_64 chmod +x ./docker-machine-Linux-x86_64
-
Copy the cloud-config configuration file that was prepared by our cookbook:
sudo cp /etc/gitlab-runner/cloud-config.conf ./
-
Create Docker VM with Docker Machine
./docker-machine-Linux-x86_64 \ create \ --driver google \ --google-project gitlab-ci-155816 \ --google-disk-size 50 \ --google-machine-type n1-standard-2 \ --google-username cos \ --google-use-internal-ip \ --google-zone us-east1-c \ --google-machine-image gitlab-ci-155816/global/images/runners-cos-stable-swtich-to-google-cos \ --google-user-data-file ./cloud-config.conf \ test-cloud-config-vm
-
Login to the created VM
./docker-machine-Linux-x86_64 ssh test-cloud-config-vm
-
Check that
iptables-restore
service was executedsudo journalctl -u iptables-restore.service
-
Check that iptables have our custom rules applied
sudo iptables -S
The output can be compared with the definition at https://dev.gitlab.org/cookbooks/packer-runner-machines/-/blob/fc87c887f84e94221b488abd3f902c9a7b0e0227/assets/iptables_rules (GitLab internal access only).
-
Check the
user-data
metadata entry:-
by requesting the metadata server:
curl -H "Metadata-Flavor: Google" http://metadata.google.internal/computeMetadata/v1/instance/attributes/user-data
It should be
update_disabled
. -
by checking the GCP console:
- go to https://console.cloud.google.com/compute/instances?project=gitlab-ci-155816 and filter the list of VMs with
test-cloud-config-vm
(or try this link) - open the
test-cloud-config-vm
instance - scroll down to the
Custom metadata
section.
There should be the
user-data
entry with the content of https://gitlab.com/gitlab-cookbooks/cookbook-wrapper-gitlab-runner/-/blob/a8ff2098ebcc40166b3a35e2e45b24e40c51cd55/files/default/cloud-config.conf as the value - go to https://console.cloud.google.com/compute/instances?project=gitlab-ci-155816 and filter the list of VMs with
-
-
Logout from the VM and remove it
./docker-machine-Linux-x86_64 rm test-cloud-config-vm
Related to #14 (closed)