linux.rst

Deploying a Linux-based CI

This document contains instructions to build and deploy a new bare-OS CI for Linux. Instructions for deployment assume a freshly installed machine, with Idiap's latest Debian distribution running. Our builds use Docker images. We also configure docker-in-docker to enable to run docker builds (and other tests) within docker images.

Warning

Idiap has throttling rules that are typically applied to all machines in the lab network. To avoid issues for newly installed CI nodes, ensure you request throttling to be disabled for new CI machines.

Docker and Gitlab-runner setup

Base docker installation: https://secure.idiap.ch/intranet/system/software/docker

Ensure to add/configure for auto-loading the overlay kernel module in /etc/modules. Then update/create /etc/docker/daemon.json to contain the entry "storage-driver": "overlay2".

To ensure that you can control memory and CPU usage for launched docker containers, you'll need to enable "cgroups" on your machine. In essence, change /etc/default/grub to contain the line GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1". Then, re-run update-grub after such change.

To install docker at Idiap, you also need to follow the security guidelines from Cédric at https://secure.idiap.ch/intranet/system/software/docker. If you do not follow such guidelines, the machine will not be acessible from outside via the login gateway, as the default docker installation conflicts with Idiap's internal setup. You may also find other network connectivity issues.

Also, you want to place /var/lib/docker on a fast disk. Normally, we have a scratch partition for this. Follow the instructions at https://linuxconfig.org/how-to-move-docker-s-default-var-lib-docker-to-another-directory-on-ubuntu-debian-linux for this step: