One of the most significant limitations of AWS Fargate is the inability to run containers in privileged mode. This limitation means Docker-in-Docker (DinD), which enables the building and running of container images inside of containers, does not work with the AWS Fargate Custom Executor driver for GitLab Runner. The good news is that users don’t have to be blocked by this limitation and may use a cloud-native approach to build containers, effectively leveraging a seamless integration with AWS CodeBuild in the CI/CD pipeline.
We provide in-depth instructions on how to autoscale GitLab CI on AWS Fargate in GitLab Runner’s documentation. In this blog post, we explain how to instrument CI containers and source repositories to trigger AWS CodeBuild and use it to build container images.
How distinct CI workloads run on Fargate.
The picture above illustrates distinct GitLab CI workloads running on Fargate. The container identified by ci-coordinator (001)
is running a typical CI job which does not build containers, so it does not require additional configuration or dependencies. The second container, ci-coordinator (002)
, illustrates the problem to be tackled in this post: The CI container includes the AWS CLI in order to send content to an Amazon S3 Bucket, trigger the AWS CodeBuild job, and fetch logs.
Once these prerequisites are configured, you can dive into the six-step process to configure CI containers and source repositories to trigger AWS CodeBuild and use it to build container images.
S3
.Create bucket
.ci-container-build-bucket
will be used as example) and select your preferred region.Create bucket
.Create folder
.gitlab-runner-builds
name.Save
.Services
in the top menuCodeBuild
in the Developer Tools sectionCreate build project
Project Name
enter ci-container-build-project
Source provider
select Amazon S3
Bucket
select the ci-container-build-bucket
created in step onegitlab-runner-builds/build.zip
Environment image
, select Managed image
Operating system
select your preferred OS from the available optionsRuntime(s)
, choose Standard
.Image
, select aws/codebuild/standard:4.0
Image version
, select Always use the latest image for this runtime version
Environment type
select Linux
Privileged
flagService role
select New service role
and note the sugggested Role name
Build specifications
select Use a buildspec file
#aws #cloud computing #fargate custom executor