Operational procedures for managing the runner infrastructure.
To increase the maximum number of replicas for a runner type:
max value for the target runner in organization.yaml.tofu apply
kubectl get hpa -n {org}-runners
See HPA Tuning for details on stabilization windows and scaling behavior.
To rotate the GitLab runner registration token:
kubectl delete secret runner-token-TYPE -n {org}-runners
tofu apply
organization.yaml with its
configuration (base image, tags, resource limits, HPA settings).tfvars entries in the overlay for the new
runner type.tofu apply
To immediately stop all runners of a specific type:
Option A – Scale HPA to zero:
kubectl scale hpa runner-TYPE --replicas=0 -n {org}-runners
Option B – Delete the runner deployment:
kubectl delete deployment runner-TYPE -n {org}-runners
Note: Option B requires a tofu apply to recreate the deployment when
service is restored. Option A can be reversed by setting replicas back to
the desired minimum.
View logs for all pods of a specific runner type:
kubectl logs -n {org}-runners -l app=runner-TYPE
Follow logs in real time:
kubectl logs -n {org}-runners -l app=runner-TYPE --follow
From the overlay repository, run the health check target:
just runners-health
This verifies that all runner types have at least one healthy pod and that the runners are registered with GitLab.
To inspect the full state of the runner namespace:
kubectl get pods,hpa,deployments -n {org}-runners
For a specific runner type:
kubectl get pods -n {org}-runners -l app=runner-docker
kubectl describe hpa runner-docker -n {org}-runners