Request creation of mwcli VPS project
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Addshore
	Oct 25 2021, 5:48 PM

Description

Project Name: mwcli

Wikitech Usernames of requestors: addshore, jhuneidi

Purpose: Running a single gitlab runner for the mwcli project (was being run on the integration project up until now)

Brief description:

The plan would be to run a single VM at a similar size to g3.cores8.ram24.disk20.ephemeral40.4xiops which was previously used on the integration project.
8 Cores, 24GB Ram

I have already removed the instance from the integration project after puppet issues, and this is thus probably the right time to get a dedicated project.

This runner runs docker in docker in order to run CI for mwcli, which itself needs to create docker containers.
This VM may also be used for adhoc testing of the mwcli in a "clean" environment.
With the current gitlab CI plan, that means that this project is not a good candidate to make use of the shared runners.
If this changes in the future I may request deletion of this project.

How soon you are hoping this can be fulfilled: this week

Related Objects

Mentioned Here: T292094: Limit GitLab shared runners to trusted contributors

Event Timeline

Addshore created this task.Oct 25 2021, 5:48 PM

Addshore moved this task from Inbox to Watching & Blocked on the mwcli board.

Hi @Addshore, can you elaborate why you need a different project to run a single VM?
Are the people managing it different that the ones on the integration project?
Do you have different quota restrictions needed?
Do you need your own puppetmaster?
Something else?

Cheers!

I think this is a consequence of T292094: Limit GitLab shared runners to trusted contributors. The team behind gitlab hasn't decided yet how to setup/handle the CI runners workload.

Perhaps we should talk about this internally, we may get a bunch of requests to host dedicated CI runners in CloudVPS in the near future.

In T294283#7457824, @dcaro wrote:

Hi @Addshore, can you elaborate why you need a different project to run a single VM?

So, one part that was highlighted here in the past days was the more complex puppetmaster setup etc that happens as part of the integration project.
The integration project currently mainly covers jenkins worker nodes, and this single VM does not need any of the puppet magic applied at all.

Are the people managing it different that the ones on the integration project?

Yes, this single VM, and also the mwcli is primarily managed by me.
I am not a member of the releng team, who are the primary users of the integration project.

Do you have different quota restrictions needed?

Yes, the quota restrictions would be fine being at the level for created the 1 VM as detailed in the spec, as this is only for a single runner.

Do you need your own puppetmaster?

In T294283#7458213, @aborrero wrote:

I think this is a consequence of T292094: Limit GitLab shared runners to trusted contributors. The team behind gitlab hasn't decided yet how to setup/handle the CI runners workload.

Perhaps we should talk about this internally, we may get a bunch of requests to host dedicated CI runners in CloudVPS in the near future.

I certainly imagine you could get more requests in the future.
But I also think this is probably a separate case as this runner must run docker in docker and also run docker containers using images that are not part of the wikimedia registries.
Thus some of the jobs that happen in CI on this runner for this project would likely always need some separate / not so shared runner.

We had a brief chat internally @ WMCS and this request was approved.

Mentioned in SAL (#wikimedia-cloud) [2021-10-26T16:57:37Z] <arturo> create project with addshore and jhuneidi as projectadmins (T294283)

Request creation of mwcli VPS projectClosed, ResolvedPublicActions

Description

Related Objects

Event Timeline

Request creation of mwcli VPS project
Closed, ResolvedPublic
Actions