| page_type | description | languages | products | ||||
|---|---|---|---|---|---|---|---|
sample |
Learn how to deploy self-hosted GitHub Actions Runners on AKS (Azure Kubernetes Service) |
|
|
This repo will demo shortly how you can connect to your github account a self-hosted runner which deployed on Azure Kubernetes Service (AKS) with auto-scale option - which provide an ability to handle successfully many github action job requests in parallel. This project include the following:
- Bicep deployment, which responsible to following tasks:
- AKS deployment
- Install GitHub Actions Runner Controller (ARC) on AKS with auto-scale configuration
- Deploying sample app using the installed self-hosted runner to AKS cluster without keeping Azure password in Github account
After deployment, the outcome will be:
This project framework provides the following features:
- Self-Hosted GitHub Action Runner over AKS
- Auto-Scale Github Action runner based on 'waiting number of jobs in the queue' metric
- Fork this repo to your github account
- In the forked repo Configure OpenID Connect in Azure. After completing the instructions, the following secrets should be created in your repo secrets: AZURE_CLIENT_ID, AZURE_SUBSCRIPTION_ID, AZURE_TENANT_ID
- Create additional GitHub Secrets in the repo:
- name: SSH_PUBLIC_KEY, value: [public key of ssh key which will be used during AKS creation]
- name: RUNNER_TOKEN, value: Create a new personal access token by login with a GitHub account that has admin privileges for your repo, and create a PAT with the appropriate scopes - for this sample:
- repo (Full Control)
- write:packages
Follow this instructions:
- Execute the Github Action - Build and Publish a runner image to ghcr
- Go to actions-runner-controller, replace
ghcr.io/yaronpri/githubrunneronaks:mainwith the full image name from previous step, this step is necessary in order to use a GitHub runner image with Azure CLI and kubectl as part of the image - Go to hra-scaler, replace
GithubRunnerOnAKSwith your repository name - Execute the GitHub Action - IaC deployment
When using private images, the RunnerDeployment will not be able to pull your image.
To use a private registry (e.g ghcr.io with visibility set to private) add the following:
- Go to IaC deployment and add the following:
# When using private registry, we need to create a secret for that as well
kubectl create secret docker-registry runnersecret \
--docker-server=https://${{ env.REGISTRY }}/ \
--docker-username=${{ github.repository }} \
--docker-password=${{ secrets.RUNNER_TOKEN }}- Go to runnerdeployment and append:
spec:
repository: yaronpri/GithubRunnerOnAKS
#organization: <YOUR ORG NAME IF WANT TO WORK AT ORG LEVEL>
image: ghcr.io/yaronpri/GithubRunnerOnAKS:<tag>
imagePullSecrets:
- name: runnersecretIn order to test the auto-scale of the runners, execute several times the GitHub Action - Deploy Sample App You will notice that after a while, a new runners are being added and able to pull the newly created jobs and process all of them in parallel