Review customer feedback to update and improve "Autoscaling GitLab CI on AWS Fargate" documentation
The following customer feedback has been received regarding our documentation of Autoscaling GitLab CI on AWS Fargate:
"We want to deploy custom containers as gitlab-runners to AWS Fargate from our self-managed instace. Basically this is working for us now, but the documentation here to me looks more like a prototype than an enterprise quality guidance. Security should definetly more get a concern of GitLab, as well as also to think about customers using self-hosted instances.
Please revise this document and provide some proper documentation. Just some of the many things missing:
- The referenced image (registry.gitlab.com/tmaczukin-test-projects/fargate:latest) does not exist anymore
- I would expect gitlab to provide a proper official example rather than some click-to-play repos
- No proper permissions for IAM are being described at the different layers
- Minimal permission sets should be prepared in the docs
- The SSH-section of /etc/gitlab-runner/fargate.toml is not properly described, parameters like Port are missing
- It would be great to get some ideas what instance size for EC2 is needed to be cost-effective
- The network firewall settings that are needed between EC2-instance and gitlab-isntance would be necessary, as well as the port definitions that are needed between Fargate/the VPC and the gitlab instance (egress/ingress) etc."
Let's get some eyes on this and see if we can improve this documentation. The first two points are particularly problematic in my opinion
Links:
Edited by Shem Gyll