This application is a kind of Github Action Self-hosted Runner. It is light-weight and has enterprize, organization and repo level runners. It also supports the JIT, ephemeral runner and runner pool. This application contains 'dispatcher' and 'runer' micro-services. Each service can be deployed in same or different tenant. So it can be deployed as distributed dispatcher mode (every tenant has its event dispatcher and runner) and centralized dispatcher mode (which has only one centralized dispatcher for different tenant).
The application's dipatcher and runner are deployed under same tenant. Different team/tenant has isolated dispacher/runner. Each team can control its dispatcher/runner behavior. It will be easy to calculate the cloud fee under such mode. It will also reduce the workload of the dispacher since each tenant has its own dispatcher.
We can add below configuraton and run 'make lazy_install' to deploy the dispacher/runner into same tenant. Then assign 'l-ccoecn-a-itcnshg' as Admin of your repo/org and change the workflow run on label as "serverless-hosted-runner" or your customized lable.
# add your env.sh
export ALICLOUD_REGION=cn-shanghai
export ALICLOUD_ACCESS_KEY=<AliRAMAccessKey>
export ALICLOUD_SECRET_KEY=<AliRAMAccessPassword>
export TF_VAR_IMAGE_RETRIEVE_USERNAME=<DockerImageRetrieveUserName>
export TF_VAR_IMAGE_RETRIEVE_PWD=<DockerImageRetrievePassword>
export TF_VAR_IMAGE_RETRIEVE_SERVER=<DockerImageServerHostName>, e.g, artifactory.cloud.ingka-system.cn
export DISPATCHER_SG_ID=<DispacherAliSecurityGroupId>
export DISPATCHER_VSWITCH_ID=<DispatcherVSwitchId>
export SLS_ENC_KEY="xxxxx"
export SLS_GITHUB_TK="ghp_xxxxx"
export SLS_GITENT_TK="ghp_xxxxx"
# add a Registration_xxx.mk under ./registration
# and include this registration in Makefile
include ./Registration.mk
include ./registration/Registration_test.mk
# sample ./Registratation_test.mk
WF_SLS_DOMAIN := git.build.ingka.ikea.com
WF_SLS_ORG_NAME := labrador
WF_SLS_REPOS_NAME := "sentry-exporter"
WF_SLS_TYPE := "Org"
WF_SLS_SIZE := "1"
WF_SLS_SIZE_CPU := "2.0"
WF_SLS_SIZE_MEMORY := "4.0"
WF_SLS_LABELS := "cn-runner" #label should not contains blank
WF_SLS_CHARGE_LABELS := "sentry-group-charged" #label should not contains blank
WF_SLS_ORG_URL := https://${WF_SLS_DOMAIN}/${WF_SLS_ORG_NAME}
WF_SLS_REG_ITEM2 := "{${WF_SLS_REG_COMMON}, \"Type\":\"${WF_SLS_TYPE}\",\"Name\":\"${WF_SLS_ORG_NAME}\",\"Url\":\"${WF_SLS_ORG_URL}\",\"Size\":\"${WF_SLS_SIZE}\",\"Cpu\":\"${WF_SLS_SIZE_CPU}\",\"Memory\":\"${WF_SLS_SIZE_MEMORY}\",\"Repos\":\"${WF_SLS_REPOS_NAME}\",\"Labels\":\"${WF_SLS_LABELS}\",\"ChargeLabels\":\"${WF_SLS_CHARGE_LABELS}\"}"
REG2 := $(WF_SLS_REG_ITEM2)
WF_SLS_REGS := "[${REG2}]"If we want to add/change orgnaziation or repos configuration, please add/change the configuration under ./registration/Registration_<registration_alias>.mk and run 'make lazy_install ralias=<registration_alias>' again.
Under such mode, it has only one dispatcher. Different tenants can register their runner and let the dispatcher creating the runner into specific tenant. The centralized dispacher cost need to be shared with multiple teams.
Please follow the serverless runner onboarding process to register your runner on Allen portal.
We can still use 'make lazy_install' to install the centralized dispacther. Just make sure the repo/org's runner registration's "Key" and "Secret" in Registration.mk are different with dispacher's
WF_SLS_REG_COMMON := "\"Pat\":\"\",\"Key\":\"${YouRunnerTenatnAliAccessKey}\",\"Secret\":\"${YouRunnerTenatnAliAccessSecret}\",\"Region\":\"${WF_SLS_REGION}\",\"SecGpId\":\"${WF_SLS_SECGROUP_ID}\",\"VSwitchId\":\"${WF_SLS_VSWITCH_ID}\",\"PullInterval\":\"${WF_SLS_PULL_INTERVAL_Sec}\""- Please make sure to have the security group and vswitch configured to host runner.
- Make sure to assign 'l-ccoecn-a-itcnshg' as Admin of your repo/org.
- Then workflow run-on labels match the runner default label or customized label.
- Configure the env.sh and ./registrations (lazy_install mode).
- Run below command to build the images.
make image- Run below command to install the image with allen portal registrtion
make installor run below command for lazy registration
make lazy_install ralias=<registration_alias>If you don't want to deploy dispacher. You can use CCOECN team's dispacher instead. Below are steps:
- Assign 'l-ccoecn-a-itcnshg' as Admin of your Repo/Org.
- Prepare your run-on labels, charge labels, and the repos names.
- Ping hayue2 on teams for application.
Runner CPU and memory size can be configured in lazy configuration or Allen configuration. We also provide a workflow level dynamic runner size. Please use it with customized label or default label. E.g:
runs-on:
labels: [serverless-hosted-runner, cpu-0.5, memory-1.0]This config priority is higher than lazy/allen configuration. It is designed for some special workflow requirement.
Serverless runner can be deployed on multiple cloud. It can be used for different teams with Ali, Azure, GCP, AWS cloud.
For Azure cloud, please follow below configuration.
- Please add the arm environment registration and aci registration.
- Running the registration workflow and select "cloud provider" as "azure".
- Please notice that DinD need privilege which only available in "Confidential" tier. This tier is not available in China Azure Cloud. Please use global Azure Cloud instead.
- Please update the gcp credential,project,region registration and it as part of registration.
- Running the registration workflow and select "cloud provider" as "gcp".
CI building may raise "signal kill" error if the runner memory is not enough. You can add label as below to increase the memory size.
runs-on:
labels: [serverless-hosted-runner, cpu-2.0, memory-4.0]