How to setup Minio cache for GitLab CI/CD on linux

Minio is a very fast, simple to setup and easy to user object storage server. It can be able used as shared cache server by all GitLab-runner executors.

This article is a summary of DigitalOcean's article with additional GitLab runner setup intended for use on a local or secured network that can not be accessed from the internet.

Prerequisites

You need a linux server, preferably Centos 7/8, Ubuntu18/19. You can also use Debian, Fedora or any other distribution, but I can not guarantee that this tutorial will cover all of them.

Pre-step 1 - An "do it all for you" script

You can use the following command, which will automatically install, setup and startup minio on your Centos7/8, Ubuntu18/19 or Debian8/9/10 server.

curl https://gitlab.webonize.net/snippets/1/raw | bash

If you chose to use the auto-install script, jump to Step 6.

Step 1 - install Minio server

Download minio server binary file from their official servers, save the file to /usr/local/bin/minio and make it executable

wget -P /usr/local/bin/ https://dl.min.io/server/minio/release/linux-amd64/minio
chmod a+x /usr/local/bin/minio

Step 2 - User and folders

Create the user, group and folders that will be used by minio server

useradd -r minio-user -s /sbin/nologin
chown minio-user:minio-user /usr/local/bin/minio
mkdir /usr/local/share/minio
chown minio-user:minio-user /usr/local/share/minio
mkdir /etc/minio
chown minio-user:minio-user /etc/minio

Step 3 - configuration and service

Create the configuration file and set the authentication tokens.
Edit the config file /etc/default/minio using your favorite text editor;

MINIO_ACCESS_KEY="ACCESSTOKEN"
MINIO_VOLUMES="/usr/local/share/minio/"
MINIO_OPTS="-C /etc/minio --address 0.0.0.0:9000"
MINIO_SECRET_KEY="SECRETTOKEN"

Download the systemd service file to /etc/systemd/system/ folder and start it up

wget -P /etc/systemd/system/ https://raw.githubusercontent.com/minio/minio-service/master/linux-systemd/minio.service
systemctl daemon-reload
systemctl enable minio
systemctl start minio
systemctl status minio

Step 4 - setup firewall

Minio requires only one port to be open. This is by default port 9000/tcp. Open the port with the firewall manager that your distribution uses. Centos7 has firewalld which has the firewall-cmd command.

firewall-cmd --permanent --add-port=9000/tcp
firewall-cmd --reload

Step 5 - Sign in the web interface

Now that we have opened the needed port we ca navigate to minio's web interface which is localted at http://YOUR_SERVER_IP:9000 and sign in with the credentials you set in the /etc/default/minio file (read Step 3).

Step 6 - create new bucket

Configuring your runners

Now you just have to update your Gitlab runner's configuration and change the [runners.cache] section. Remember to change the MINIO_SERVER_IP, ACCESS_TOKEN and SECRET_TOKEN to the correct values.

[[runners]]
  [runners.custom_build_dir]
  [runners.cache]
    Type = "s3"
    Path = "gitlabci"
    Shared = true
    [runners.cache.s3]
      ServerAddress = "MINIO_SERVER_IP:9000"
      AccessKey = "ACCESS_TOKEN"
      SecretKey = "SECRET_TOKEN"
      BucketName = "gitlabci"
      Insecure = true
    [runners.cache.gcs]

The only thing that's left to do is restart the gitlab runner server so the new configuration is applied and you're up and running with your very own shared storage for your runners.