Allow arbitrary resource requests and limits on the kubernetes executor
Description
Currently with the kubernetes executor you cannot set any resource requests/limits other than cpu and memory. With device plugins any arbitrary string could be a valid resource. Our use case for this is we want to mount /dev/fuse for running podman in podman without the privileged flag. I know docker in docker exists but podman avoids the typical issues present with docker in docker for CI builds since it does not rely a daemon on the host worker node.
Proposal
The proposal is to add an additional config table like:
[[runners.kubernetes.(service|builder|helper).resources]]
[requests]
"my-device-plugin/fuse" = 1
[limits]
"my-device-plugin/fuse" = 1
These options would not be overridable by a ci yaml. It seems like this could be done similar to how volumes are currently configured. One thing I am not sure of is what do we do if there are multiple service containers? How do we tell this config to only be applied to only a particular service? Can I define a service that attaches to all jobs at the runner level?
And of course this could be used by anyone who wants to use any device plugin with Gitlab CI as well
Links to related issues and merge requests / references
- This Issue is looking for the same thing but with less specific scope
- This guide has more info about the specifics of what I am trying to achieve with this feature. I am targeting the "Rootless Podman without the privileged flag" setup.