unity-builder icon indicating copy to clipboard operation
unity-builder copied to clipboard

Published 20 hours ago verified publisher icon game-ci

Helm Chart or ARC support for Cloud-runner

Open defied opened this issue 3 years ago • 2 comments

Context

Reading through your k8s deploy of cloud-runner, it looks like you tune it primarily for a cluster on AWS (whether EC2 or EKS), with an exposed api endpoint. This may be problematic for more security-conscious cluster administrators.

Suggested solution

  1. Support ARC and self-hosted runners.
  2. Create a helm chart to deploy cloud-runner to a k8s environment, with a values file to ingest and use tokens and configurations.

Considered alternatives

An installable version of cloud-runner packaged into a series of CMD calls that can be tied into a self-hosted github-runner.

Additional details

I am using an internal ARC self-hosted runner for my builds, game-ci unity-builder fails with an error code 137 (resource issues). My runner resources: is configured at 4CPU's, 4GB RAM, and an open volume on a 16TB array for storage. There should be no resource issue, however the way ARC is set up, this may be by design.

defied avatar Oct 11 '22 20:10 defied

@defied in the error scenario you describe in "Additional details", are you using cloud runner, or standard game-ci?

it looks like you tune it primarily for a cluster on AWS

Currently testing against Google Cloud Kubernetes and AWS Kubernetes.

Regarding:

Support ARC and self-hosted runners.

Cloud Runner can currently be run on a self-hosted GitHub runner. I've been using it on a self-hosted machine and a "nested" self-initialized ephemeral self-hosted runner. (As in, it schedules a self-hosted runner and then the next step is on that self-hosted runner.) I use this for very long jobs.

Create a helm chart to deploy cloud-runner to a k8s environment, with a values file to ingest and use tokens and configurations.

Cloud Runner can be completely ephemeral outside of the jobs it runs (and optionally watches and logs). So there should be no need for a persistent controller from a helm chart as far as I can see.

Please do share any thoughts you have on this or the benefits you could see to helm support.

We could definitely export every job as a k8s or helm yaml file, so that a separate security environment could apply those files. But you would lose functionality like streaming logs of each task of course. Not sure if that's what you had in mind?

frostebite avatar Nov 12 '22 01:11 frostebite

Also thanks for your input @defied !

frostebite avatar Nov 12 '22 01:11 frostebite