基于Kubernetes运行的runner和docker主要区别在于运行环境在pod内，容器间网络连接只需要localhost即可。我们先通过docker启动一个临时runner注册一个runner token，参考docker部署

先从一下页面获取URL和register token:

gitlab-runner.png

# docker exec -it 70cc4f291a28 gitlab-runner register
Running in system-mode.

Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://git.xxxxx.com
Please enter the gitlab-ci token for this runner:
5Cq7JxB57jjzQXjzE2mP
Please enter the gitlab-ci description for this runner:
[70cc4f291a28]: kubernetes-runner
Please enter the gitlab-ci tags for this runner (comma separated):
kubernetes,gitlab-runner
Whether to run untagged builds [true/false]:
[false]: true
Whether to lock the Runner to current project [true/false]:
[true]: false
Registering runner... succeeded                     runner=5Cq7JxB5
Please enter the executor: ssh, docker+machine, kubernetes, docker, parallels, virtualbox, docker-ssh+machine, docker-ssh, shell:
kubernetes
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!

# docker exec -it 70cc4f291a28 grep "token" /etc/gitlab-runner/config.toml
  token = "f7cb691ad136a10ad0cab0b319925b"

注意: 该token在注册runner后生成，不要将它与gitlab项目settings> ci/cd>runners设置下找到的注册令牌作混淆。

如下为runner的deployment.yml描述文件

---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: gitlab-runner
spec:
  replicas: 1
  selector:
    matchLabels:
      name: gitlab-runner
  template:
    metadata:
      labels:
        name: gitlab-runner
    spec:
      imagePullSecrets:
        - name: docker-secret
      containers:
        - args:
            - run
          image: gitlab-runner:v10.6.0
          imagePullPolicy: IfNotPresent
          name: gitlab-runner
          volumeMounts:
            - mountPath: /etc/gitlab-runner
              name: config
              readOnly: true
      restartPolicy: Always
      volumes:
        - configMap:
            name: gitlab-runner
          name: config

Configmap

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: gitlab-runner
data:
  config.toml: |
    concurrent = 40
    check_interval = 0

    [[runners]]
      name = "kubernetes runner"
      url = "https://git.xxxx.com"
      token = "f7cb691ad136a10ad0cab0b319925b"
      executor = "kubernetes"
      [runners.cache]
      # 分布式cache,根据需求选择。
        Type = "s3"
        ServerAddress = "s3.amazonaws.com"
        AccessKey = "xxxxxxxx"
        SecretKey = "SFgNXHMJnDogFD+XAkXCG+0Ifd/Lk4PaJZHAucyw"
        BucketName = "gitlab-runners"
        BucketLocation = "cn-north-1"
        Insecure = false
        Path = "kubernetes-runner"
        Shared = false
      [runners.kubernetes]
        # kubernetes apiserver 地址，默认走kubernetes.default,需要serviceaccount
        host = "http://10.255.1.173:8080"
        image = "alpine:3.7"
        helper_image = "gitlab-runner-helper:x86_64-d89fa34a"
        pull_policy = "if-not-present"
        extra_hosts = ["other-host:127.0.0.1"]
        poll_timeout = 3000
        namespace = "gitlab"
        namespace_overwrite_allowed = ""
        privileged = true
        service_account_overwrite_allowed = ""

部署并应用

kubectl apply -f deployment.yml
kubectl apply -f configmap.yml

部署完成查看gitlab页面是否注册成功

gitlab-runner2.jpg