Last updated on Mar 21, 2026
Update (March 2026): Since this post was written, Blacksmith runners have emerged as a significantly faster and simpler alternative to self-hosting runners on EC2. Blacksmith offers up to 2-3× faster builds with zero infrastructure management — we now default to Blacksmith for all Akadenia CI pipelines. This post remains useful if you need full control over your runner environment (custom AMIs, VPC access, on-prem), but Blacksmith is the easier path for most teams.
Spin up EC2 instance
- Get access to AWS
- Choose an EC2 instance type that will suit your needs. (We chose t2.xlarge.)
- Choose a security group that is suitable for the instance. This will dictate which ports (protocols) are open to the internet for inbound and outbound traffic. (I created one called
continuous-integrationthat currently exposes ssh, http, and https to the internet.) - Choose the storage amount for the instance
- Make sure to download the PEM file and store it in 1password
SSH to EC2 instance
-
Use PEM to SSH to instance. (If you've just created this instance and the connection times out you probably need to add inbound/outbound SSH to security group.)
-
SSH to the instance using the instructions from AWS
ssh -i "your-file.pem" username@ec2-instance-public-dns
Configure GitHub runners
-
sudo yum update -ysudo amazon-linux-extras install dockersudo service docker startsudo usermod -a -G docker ec2-user(will not take effect until next login)sudo systemctl enable docker(required to restart docker when ec2 instance boots up)
-
sudo ./start-org-runner.sh <RUNNER_TOKEN>(This script is in the ec2-user home dir)- GitHub org admins can get an org runner token.
- Repo admins can get a repo runner token
- Runner tokens expire after a short period of time (maybe an hour).
start-org-runner.shsource
docker run -d --restart always --name github-runner-$(date +%s) \ -e RUNNER_SCOPE="org" \ -e ORG_NAME="akadenia" \ -e LABELS="aws" \ -e RUNNER_NAME_PREFIX="akadenia-aws" \ -e RUNNER_TOKEN="$1" \ -e RUNNER_WORKDIR="/tmp/github-runner-akadenia" \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp/github-runner-akadenia:/tmp/github-runner-akadenia \ myoung34/github-runner:latest -
sudo ./start-org-runner.sh <RUNNER_TOKEN>(- GitHub org admins can get an org runner token.
- Repo admins can get a repo runner token
- Runner tokens expire after a short period of time (maybe an hour).
start-org-runner.shsource
docker run -d --restart always --name github-runner-$(date +%s) \ -e RUNNER_SCOPE="org" \ -e ORG_NAME="akadenia" \ -e LABELS="aws" \ -e RUNNER_NAME_PREFIX="akadenia-aws" \ -e RUNNER_TOKEN="$1" \ -e RUNNER_WORKDIR="/tmp/github-runner-akadenia" \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp/github-runner-akadenia:/tmp/github-runner-akadenia \ myoung34/github-runner:latest -
sudo ./start-org-runner.sh <RUNNER_TOKEN>(- GitHub org admins can get an org runner token.
- Repo admins can get a repo runner token
- Runner tokens expire after a short period of time (maybe an hour).
start-org-runner.shsource
docker run -d --restart always --name github-runner-$(date +%s) \ -e RUNNER_SCOPE="org" \ -e ORG_NAME="akadenia" \ -e LABELS="aws" \ -e RUNNER_NAME_PREFIX="akadenia-aws" \ -e RUNNER_TOKEN="$1" \ -e RUNNER_WORKDIR="/tmp/github-runner-akadenia" \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /tmp/github-runner-akadenia:/tmp/github-runner-akadenia \ myoung34/github-runner:latest
Need help managing your AWS infrastructure or CI/CD setup? Check out Akadenia's cloud managed services.
Written by
Engineering Team
Development
Our engineering team is a group of highly skilled and experienced software engineers with a passion for building high-quality web and mobile applications. They are dedicated to creating reliable, scalable, and user-friendly software solutions that meet the needs of our clients.
