diff options
author | Evan Read <eread@gitlab.com> | 2019-07-24 12:25:43 +0000 |
---|---|---|
committer | Marcia Ramos <marcia@gitlab.com> | 2019-07-24 12:25:43 +0000 |
commit | 047a77c990293c0451858ffabcbd8e46bb50d9c7 (patch) | |
tree | cf4d3de1327b1ab33f50f4fa522a3f3443c6eef7 /doc/user | |
parent | 562db3a36e56be2d0b7e9b3a94c8420a063b03c2 (diff) | |
download | gitlab-ce-047a77c990293c0451858ffabcbd8e46bb50d9c7.tar.gz |
Cross link to kaniko docs
Also make security warning more visible and
improves instructions.
Diffstat (limited to 'doc/user')
-rw-r--r-- | doc/user/group/clusters/index.md | 7 | ||||
-rw-r--r-- | doc/user/project/clusters/index.md | 13 |
2 files changed, 16 insertions, 4 deletions
diff --git a/doc/user/group/clusters/index.md b/doc/user/group/clusters/index.md index 99589cb1915..625c5440ec0 100644 --- a/doc/user/group/clusters/index.md +++ b/doc/user/group/clusters/index.md @@ -137,6 +137,13 @@ The result will then be: - The Staging cluster will be used for the `deploy to staging` job. - The Production cluster will be used for the `deploy to production` job. +## Security of Runners + +For important information about securely configuring GitLab Runners, see +[Security of +Runners](../../project/clusters/index.md#security-of-gitlab-runners) +documentation for project-level clusters. + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md index 4c247691757..35f2976899b 100644 --- a/doc/user/project/clusters/index.md +++ b/doc/user/project/clusters/index.md @@ -343,10 +343,15 @@ turn can do almost everything that the host can do. Be aware of the inherent security risk associated with performing `docker run` operations on arbitrary images as they effectively have root access. -If you don't want to use GitLab Runner in privileged mode, first make sure that -you don't have it installed via the applications, and then use the -[Runner's Helm chart](../../../install/kubernetes/gitlab_runner_chart.md) to -install it manually. +If you don't want to use GitLab Runner in privileged mode, either: + +- Use shared Runners on GitLab.com. They don't have this security issue. +- Set up your own Runners using configuration described at + [Shared Runners](../../gitlab_com/index.md#shared-runners). This involves: + 1. Making sure that you don't have it installed via + [the applications](#installing-applications). + 1. Installing a Runner + [using `docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html). ## Installing applications |