GitHub-hosted runners are convenient, but for a DevOps Architect, they are often too slow and too restricted. When our build times for complex Docker images hit the 20-minute mark, I moved our CI/CD to Self-Hosted Runners on AWS.
1. Why Self-Hosted?
- Performance: Access to 16+ core machines and NVMe storage.
- Network: Direct access to your VPC (RDS, EMR, private ECR) without managing complex OIDC or VPN tunnels.
- Cache: Persistent disk caching for
node_modulesand Docker layers, which reduced our build times by 65%.
2. Automating the Runner Lifecycle
We don't manage these manually. We use Actions Runner Controller (ARC) on EKS to scale runners based on the number of pending jobs.
# Example of a RunnerDeployment spec
apiVersion: actions.summerwind.dev/v1alpha1
kind: RunnerDeployment
metadata:
name: thedevspectrum-runner
spec:
replicas: 5
template:
spec:
repository: pramodkrishnaV/thedevspectrum
labels:
- self-hosted
- high-perf3. Security Warning: The "PwnRequest"
Never use self-hosted runners for public repositories. A malicious Pull Request could execute arbitrary code on your EC2 instance and potentially access your AWS metadata service (169.254.169.254) to steal IAM credentials.