Skip to main content
GitLab CI
CHAPTER 04

GitLab Runners

Updated: May 15, 2026
20 min read

# CHAPTER 4

GitLab Runners

1. Introduction

We have written our .gitlab-ci.yml file, and the pipeline executes beautifully. But *where* is it executing? GitLab.com is a web application; it does not compile your code itself. When a pipeline triggers, GitLab searches for an available worker drone to hand the job to. In the GitLab ecosystem, these worker drones are called GitLab Runners. Understanding how Runners operate, how to configure them, and the critical difference between Shared and Specific Runners is essential for optimizing pipeline speed, security, and computing costs. In this chapter, we will demystify the Runner architecture.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Define the function of a GitLab Runner.
  • Differentiate between Shared Runners and Specific Runners.
  • Understand the concept of Runner "Executors" (e.g., Shell, Docker).
  • Register a custom GitLab Runner on a private machine.
  • Use Runner Tags to route specific jobs to specific machines.

3. Beginner Explanation

Imagine you manage a giant fast-food franchise (GitLab).
  • A customer places a massive order at the drive-thru (The .gitlab-ci.yml file triggers).
  • You, the manager, do not cook the food. You look for an available cook in the kitchen.
  • The Cooks are the Runners.
  • Shared Runners: These are cooks provided by corporate headquarters. They cook for every franchise. Sometimes there is a line, and you have to wait your turn.
  • Specific Runners: You hire your own private cook who works *only* for your specific restaurant. They are instantly available, and you can give them specialized equipment (like a massive deep fryer) that corporate cooks don't have.

4. Shared vs. Specific Runners

  • Shared Runners: Hosted and maintained by GitLab.com. They are perfect for small, open-source projects. However, they use shared computing power. If your enterprise app requires 64GB of RAM to compile, a Shared Runner will crash. Furthermore, you share the IP address with thousands of other users, which is bad for secure firewall configurations.
  • Specific Runners: You rent a server from AWS or use a computer in your office, install the open-source GitLab Runner software on it, and link it securely to your GitLab project. You control the RAM, the security, and the software installed on it.

5. Runner Executors (How the Runner Runs)

When you install a Runner, you must choose an "Executor." This tells the Runner *how* to execute your scripts.
  1. 1. Shell Executor: The Runner simply opens the standard Linux terminal (Bash) on the server and runs your commands directly on the host machine. (Fast, but messy).
  1. 2. Docker Executor: The absolute industry standard. For every single job, the Runner spins up a brand new, isolated Docker container, runs your code inside it, and then instantly destroys the container when finished. This guarantees a perfectly clean environment every single time.

6. Mini Project: Configure a GitLab Runner

Let's simulate registering a specific runner for your project. (Note: You would normally do this on a cloud Linux server, but you can do it on your local laptop for testing).

Step-by-Step Walkthrough:

  1. 1. Navigate to your project on GitLab.com.
  1. 2. Go to Settings -> CI/CD -> expand the Runners section.
  1. 3. Under Specific runners, click the New project runner button.
  1. 4. Provide a Tag (e.g., my-macbook) and click Create runner.
  1. 5. GitLab will display a registration command containing a unique Registration Token.
  1. 6. On your local machine (assuming you downloaded the GitLab Runner binary), you run the registration command in your terminal:

bash
12345678 
   gitlab-runner register --url https://gitlab.com/ --registration-token <YOUR_TOKEN>
   ```
7. The terminal will ask you for an Executor. Type `docker`.
8. *The Result:* Refresh the GitLab Runners page. You will see a green dot next to your newly registered private Runner. It is now listening for jobs!

### 7. Routing Jobs with Tags
If you have multiple Specific Runners (e.g., one Mac for compiling iOS apps, one Linux box for deploying databases), how do you tell GitLab which Runner to use for which job? You use **Tags**.

yaml buildiosapp: stage: build script:

  • xcodebuild -project MyApp.xcodeproj
tags:
  • mac-os-runner # This ensures ONLY the Mac runner picks up this job!
``

8. Best Practices

  • Never Run Untrusted Code on Shell Executors: If you use a Shell Executor, the CI job runs with the permissions of the gitlab-runner user on the host server. A malicious developer could write a script in the .gitlab-ci.yml file to delete the entire server (rm -rf /). Always use the Docker Executor for isolation and security unless you have a highly specific architectural reason not to.

9. Common Mistakes

  • The "Pending" Pipeline Trap: You push your code, and the pipeline sits in a blue "Pending" state forever, never starting. 99% of the time, this happens because you added a tags: requirement in your YAML file (e.g., tags: [production-server]`), but no Runner with that exact tag is currently online or assigned to the project. The pipeline is waiting for a worker that doesn't exist.

10. Exercises

  1. 1. What is the fundamental difference between a Shared Runner and a Specific Runner?
  1. 2. Explain the security and consistency benefits of using the Docker Executor over the Shell Executor.

11. FAQs

Q: Can I install a GitLab Runner on a Windows Server? A: Yes! GitLab Runners support Windows, macOS, and Linux. This is critical for enterprise companies that need to compile legacy .NET applications or build software specifically for Windows environments.

12. Summary

In Chapter 4, we unmasked the hidden workforce powering our DevOps pipelines. We learned that GitLab Runners are the literal engines of CI/CD, bridging the gap between GitLab's cloud management and actual compute execution. We differentiated between the convenience of Shared Runners and the architectural necessity of Specific Runners. By understanding Executors—specifically prioritizing the isolated, ephemeral nature of Docker—and mastering Runner Tags, we gained the ability to route complex, multi-platform workloads securely and efficiently.

13. Next Chapter Recommendation

We have the pipeline, and we have our private robotic workforce. Now, it is time to do actual engineering work. Proceed to Chapter 5: Automated Testing with GitLab CI.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter GitLab CI YAML Syntax
Next Chapter Automated Testing with GitLab CI

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 4

Related Quizzes 5