Page MenuHomePhabricator
Create Task
Maniphest T416256

[Epic] Migrate gitlab-cloud-runner to WMCS
Open, In Progress, MediumPublic
Actions

Description

What

T403125: Investigate WMCS Magnum for GitLab runners is complete and shows that we can feasibly run gitlab-cloud-runner on WMCS using Magnum. Let's push forward with the migration from DigitalOcean to WMCS.

Why

DigitalOcean has provided us with a flexible k8s based platform for our GitLab CI runners for some time. However, maintaining a network of runners on third-party infrastructure has its downsides.

  1. Users needing to access services/resources from other WMCS projects have had to resort to using the Docker-based WMCS runners.
  2. Requests to services on the WMCS or WMF networks are subject to throttling and it has been difficult to identify/exempt traffic from DO.
  3. Email relaying (for notifications) from DO has been difficult.
  4. Service endpoints rely on non-WMF hostnames (e.g. registry.cloud.releng.team).
  5. The level of support from DO hasn't been bad per se, but with WMCS we have a dedicated WMF team to work with.

With WMCS/OpenStack Magnum we get the flexibility of a Tofu-configurable k8s provider without the above drawbacks.

Related Objects
Search...

Event Timeline

dduvall created this task.Feb 2 2026, 10:16 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 2 2026, 10:16 PM
dduvall added a subtask: T403125: Investigate WMCS Magnum for GitLab runners.Feb 2 2026, 10:16 PM
dduvall closed subtask T403125: Investigate WMCS Magnum for GitLab runners as Resolved.
dduvall created subtask T416257: Remove DigitalOcean coupling from gitlab-cloud-runner modules.Feb 2 2026, 10:19 PM
dduvall created subtask T416260: Separate gitlab-cloud-runner k8s cluster provisioning from provider configuration.Feb 2 2026, 10:25 PM
dduvall created subtask T416261: Implement WMCS module in gitlab-cloud-runner.Feb 2 2026, 10:28 PM
dduvall created subtask T416264: Request additional compute/storage/IP quota in gitlab-runners for Magnum.Feb 2 2026, 10:33 PM
Jdforrester-WMF subscribed.Feb 3 2026, 7:57 AM
dduvall changed the status of subtask T416257: Remove DigitalOcean coupling from gitlab-cloud-runner modules from Open to In Progress.Feb 11 2026, 7:50 PM
dduvall changed the status of subtask T416260: Separate gitlab-cloud-runner k8s cluster provisioning from provider configuration from Open to In Progress.
dduvall changed the task status from Open to In Progress.Feb 11 2026, 7:55 PM
dduvall triaged this task as Medium priority.
dduvall closed subtask T416260: Separate gitlab-cloud-runner k8s cluster provisioning from provider configuration as Resolved.Feb 26 2026, 12:16 AM
dduvall changed the status of subtask T416264: Request additional compute/storage/IP quota in gitlab-runners for Magnum from Open to In Progress.Feb 27 2026, 6:56 PM
dduvall changed the status of subtask T416261: Implement WMCS module in gitlab-cloud-runner from Open to In Progress.
Andrew subscribed.Apr 13 2026, 8:05 PM

I owe y'all an update about Magnum!

The news is not ideal: when Magnum leadership deprecated the Heat driver they directed deployers to adopt one of two CAPI drivers 'k8s_capi_helm’ or ‘k8s_cluster_api' -- after some research I chose the k8s_capi_helm and built that out in codfw1dev.

The latest capi_helm driver is not working that great, though, and when I checked in last week with upstream Magnum folks I learned that there has been a shake up at the company that employed the capi_helm devs (Azimuth, I think?) and that those devs are no longer contributing to the project.

So... does that mean that k8s_cluster_api is the clear winner and we should switch course? It's unclear, but the magnum Project Team Gathering is next week. I will attend as many magnum meetings as I'm able and see if we're able to reach a plan for going forward. If those meetings turn out to be just me and the project leader then that will send a clear signal as well.

I will update when I know more! One way or another we will find a platform for the gitlab-runner project.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits