Introduction

Running a GitLab Runner inside a Talos-managed Kubernetes cluster provides a scalable and secure way to execute CI/CD jobs. Since Talos is a security-hardened OS, deploying a GitLab Runner requires some adjustments. In this post, I’ll guide you through the process.

Prerequisites

Before we begin, make sure you have:

  • A running Talos Kubernetes cluster with a control plane and at least one worker node.
  • kubectl configured to access the cluster.
  • A GitLab instance (self-hosted or GitLab.com).
  • A GitLab personal access token with api scope to register the runner.
  • Helm installed (brew install helm or apt install helm).

Step 1: Install the GitLab Runner Helm Chart

The easiest way to deploy a GitLab Runner in Kubernetes is via Helm. First, add the GitLab Helm repository:

helm repo add gitlab https://charts.gitlab.io
helm repo update

Next, create a namespace for the GitLab Runner:

kubectl create namespace gitlab-runner

Step 2: Configure Values for the Runner

Create a values.yaml file to customize the runner configuration:

## values.yaml
gitlabUrl: "https://gitlab.com/"
runnerRegistrationToken: "<your-gitlab-registration-token>"
rbac:
  create: true
runners:
  config: |
    [[runners]]
      name = "talos-runner"
      executor = "kubernetes"
      [runners.kubernetes]
        namespace = "gitlab-runner"
        privileged = true

Replace <your-gitlab-registration-token> with your actual GitLab Runner token.

Step 3: Deploy the GitLab Runner

Now, install the GitLab Runner in the Talos cluster:

helm install gitlab-runner gitlab/gitlab-runner -n gitlab-runner -f values.yaml

You can check if the runner is running with:

kubectl get pods -n gitlab-runner

Step 4: Verify Runner in GitLab

Go to GitLab → Settings → CI/CD → Runners and check if your talos-runner appears under active runners.

Step 5: Test the Runner

Create a .gitlab-ci.yml file in your GitLab repository to test the runner:

stages:
  - test

test-job:
  stage: test
  script:
    - echo "Hello from Talos Kubernetes!"

Commit and push this file, and you should see the job executing on your Talos-based GitLab Runner.

Conclusion

You now have a GitLab Runner running inside a Talos Kubernetes cluster! This setup provides a secure, isolated environment for CI/CD jobs. You can further enhance the configuration by setting up autoscaling, custom resource limits, or specific job constraints.

Happy coding! 🚀