How to setup Minio cache for GitLab CI/CD on linux
Minio is a very fast, simple to setup and easy to user object storage server. It can be able used as shared cache server by all GitLab-runner executors.
This article is a summary of DigitalOcean's article with additional GitLab runner setup intended for use on a local or secured network that can not be accessed from the internet.
Prerequisites
You need a linux server, preferably Centos 7/8, Ubuntu18/19. You can also use Debian, Fedora or any other distribution, but I can not guarantee that this tutorial will cover all of them.
Step 1 - install Minio server
Download minio server binary file from their official servers, save the file to /usr/local/bin/minio
and make it executable
wget -P /usr/local/bin/ https://dl.min.io/server/minio/release/linux-amd64/minio
chmod a+x /usr/local/bin/minio
Step 2 - User and folders
Create the user, group and folders that will be used by minio server
useradd -r minio-user -s /sbin/nologin
chown minio-user:minio-user /usr/local/bin/minio
mkdir /usr/local/share/minio
chown minio-user:minio-user /usr/local/share/minio
mkdir /etc/minio
chown minio-user:minio-user /etc/minio
Step 3 - configuration and service
Create the configuration file and set the authentication tokens.
Edit the config file /etc/default/minio
using your favorite text editor;
MINIO_ACCESS_KEY="ACCESSTOKEN"
MINIO_VOLUMES="/usr/local/share/minio/"
MINIO_OPTS="-C /etc/minio --address 0.0.0.0:9000"
MINIO_SECRET_KEY="SECRETTOKEN"
Download the systemd service file to /etc/systemd/system/
folder and start it up
wget -P /etc/systemd/system/ https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/minio.service
systemctl daemon-reload
systemctl enable minio
systemctl start minio
systemctl status minio
Step 4 - setup firewall
Minio requires only one port to be open. This is by default port 9000/tcp
. Open the port with the firewall manager that your distribution uses.
Centos7 has firewalld which has the firewall-cmd
command, other distributions have different commands.
firewall-cmd --permanent --add-port=9000/tcp
firewall-cmd --reload
Step 5 - Sign in the web interface
Now that we have opened the needed port we ca navigate to minio's web interface which is localted at http://YOUR_SERVER_IP:9000
and sign in with the credentials you set in the /etc/default/minio
file (read Step 3).
Step 6 - create new bucket



Configuring your runners
Now you just have to update your Gitlab runner's configuration and change the [runners.cache]
section. Remember to change the MINIO_SERVER_IP
, ACCESS_TOKEN
and SECRET_TOKEN
to the correct values.
[[runners]]
[runners.custom_build_dir]
[runners.cache]
Type = "s3"
Path = "gitlabci"
Shared = true
[runners.cache.s3]
ServerAddress = "MINIO_SERVER_IP:9000"
AccessKey = "ACCESS_TOKEN"
SecretKey = "SECRET_TOKEN"
BucketName = "gitlabci"
Insecure = true
[runners.cache.gcs]
/etc/gitlab-runner/config.toml
The only thing that's left to do is restart the gitlab runner service so the new configuration is applied and you're up and running with your very own shared storage for your runners.