gitlab runner 未检测到 Docker。

huangapple go评论68阅读模式
英文:

gitlab runner not detecting docker

问题

这个问题看起来是与你的GitLab Runner和Docker服务之间的连接问题有关。错误信息表明 GitLab Runner 试图连接到 Docker 服务,但无法解析主机名 "docker",并且尝试在地址 "192.168.0.222:53" 上查找 DNS 服务器失败。

为了解决这个问题,你可以尝试以下步骤:

  1. 检查 DNS 设置

    • 确保你的GitLab Runner所在的主机上的DNS设置正确。你可以尝试使用ping docker来检查是否可以解析主机名 "docker"。如果解析失败,可能需要修复你的DNS设置。
  2. 检查网络连接

    • 确保GitLab Runner所在的主机能够正常连接到Docker服务。你可以尝试运行docker info来验证Docker服务是否可访问。
  3. 查看GitLab Runner配置

    • 确保GitLab Runner配置文件中的GitLab URL是正确的,并且确保你的GitLab Runner已经正确注册到GitLab服务器。
  4. 尝试使用Docker Socket绑定

    • 在你的GitLab Runner配置中,你可以尝试将Docker服务的Socket文件绑定到GitLab Runner容器中,以便GitLab Runner可以直接访问Docker服务。修改你的GitLab Runner配置,将以下行添加到 [[runners.docker]] 部分中:
      volumes = ["/var/run/docker.sock:/var/run/docker.sock"]
      
  5. 重启GitLab Runner

    • 在修改GitLab Runner配置后,重启GitLab Runner以使更改生效。
  6. 验证Harbor仓库凭据

    • 确保你在GitLab CI/CD变量中正确设置了HARBOR_USERNAMEHARBOR_PASSWORD,以便在Docker登录时使用正确的凭据。
  7. 检查Docker版本

    • 确保GitLab Runner所在的主机上安装的Docker版本是兼容的。有时候,不同版本的Docker可能会导致问题。

完成上述步骤后,重新运行你的GitLab Pipeline,看看是否解决了这个连接问题。如果问题仍然存在,请提供更多详细信息,以便更进一步的排查。

英文:

I've a gitlab pipeline which looks like this:

stages:
  - push
  - deliver

port9070-image-push:
  stage: push
  tags:
    - poc
    - maifee
  image: docker:stable
  services:
    - name: docker:dind
      alias: docker
  variables:
    DOCKER_HOST: tcp://docker:2375
    DOCKER_DRIVER: overlay2
    DOCKER_TLS_CERTDIR: ""
  script:
    - docker login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD harbor.my-domain.bd
    - docker build -t harbor.my-domain.bd/library/port9070:latest -f Dockerfile .
    - docker push harbor.my-domain.bd/library/port9070:latest
  only:
    - dev
    - main

This Git hosting is hosted in my domain, also the gitlab-runner is installed on my VPS for that domain. And I have already tested with a basic pipeline, which is working. But when I am trying to do some real world work with docker, it's giving me error, saying: error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on 192.168.0.222:53: server misbehaving

Full log:

[0KRunning with gitlab-runner 16.1.0 (b72e108d)[0;m
[0K  on gitlab-runner-poc-maifee sY3VsxEP, system ID: s_635e67621e1e[0;m
section_start:1688377044:prepare_executor
[0K[0K[36;1mPreparing the "docker" executor[0;m[0;m
[0KUsing Docker executor with image docker:stable ...[0;m
[0KStarting service docker:dind ...[0;m
[0KPulling docker image docker:dind ...[0;m
[0KUsing docker image sha256:ad6479b49f1e99b76779e8d08bff4cf388cd23d435bf248337998905fcdf310e for docker:dind with digest docker@sha256:28c6ddb5d7bfdc019fb39cc2797351a6e3e81458ad621808e5e9dd3e41538c77 ...[0;m
[0;33mWARNING: Service docker:dind is already created. Ignoring.[0;m
[0KWaiting for services to be up and running (timeout 30 seconds)...[0;m


[0;33m*** WARNING:[0;m Service runner-sy3vsxep-project-96-concurrent-0-741eca69b02ef2fe-docker-0 probably didn't start properly.


Health check error:
start service container: Error response from daemon: Cannot link to a non running container: /runner-sy3vsxep-project-96-concurrent-0-741eca69b02ef2fe-docker-0 AS /runner-sy3vsxep-project-96-concurrent-0-741eca69b02ef2fe-docker-0-wait-for-service/service (services.go:187:0s)


Service container logs:
2023-07-03T09:37:26.216621307Z ip: can't find device 'ip_tables'
2023-07-03T09:37:26.221332586Z ip_tables              36864  0 
2023-07-03T09:37:26.221522267Z x_tables               53248  7 xt_nat,xt_tcpudp,xt_conntrack,xt_MASQUERADE,xt_addrtype,nft_compat,ip_tables
2023-07-03T09:37:26.222908529Z modprobe: can't change directory to '/lib/modules': No such file or directory
2023-07-03T09:37:26.230877486Z mount: permission denied (are you root?)
2023-07-03T09:37:26.231056029Z Could not mount /sys/kernel/security.
2023-07-03T09:37:26.231072316Z AppArmor detection and --privileged mode might break.
2023-07-03T09:37:26.233428732Z mount: permission denied (are you root?)


[0;33m*********[0;m


[0KPulling docker image docker:stable ...[0;m
[0KUsing docker image sha256:b0757c55a1fdbb59c378fd34dde3e12bd25f68094dd69546cf5ca00ddbaa7a33 for docker:stable with digest docker@sha256:fd4d028713fd05a1fb896412805daed82c4a0cc84331d8dad00cb596d7ce3e3a ...[0;m
section_end:1688377051:prepare_executor
[0Ksection_start:1688377051:prepare_script
[0K[0K[36;1mPreparing environment[0;m[0;m
Running on runner-sy3vsxep-project-96-concurrent-0 via drone-io-01...
section_end:1688377051:prepare_script
[0Ksection_start:1688377051:get_sources
[0K[0K[36;1mGetting source from Git repository[0;m[0;m
[32;1mFetching changes with git depth set to 20...[0;m
Reinitialized existing Git repository in /builds/gitmhost/saas/pipeline-poc/.git/
[32;1mChecking out c0b3d7fd as detached HEAD (ref is dev)...[0;m


[32;1mSkipping Git submodules setup[0;m
section_end:1688377052:get_sources
[0Ksection_start:1688377052:step_script
[0K[0K[36;1mExecuting "step_script" stage of the job script[0;m[0;m
[0KUsing docker image sha256:b0757c55a1fdbb59c378fd34dde3e12bd25f68094dd69546cf5ca00ddbaa7a33 for docker:stable with digest docker@sha256:fd4d028713fd05a1fb896412805daed82c4a0cc84331d8dad00cb596d7ce3e3a ...[0;m
[32;1m$ docker login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD harbor.my-domain.bd[0;m
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on 192.168.0.222:53: server misbehaving
section_end:1688377053:step_script
[0K[31;1mERROR: Job failed: exit code 1
[0;m

I checked my system docker service is already running there. But for conveneince I have already added image, service etc. I don't know how to resolve this issue.

I also tried this pipeline, this also didn't work:

stages:
  - push
  - deliver

port9070-image-push:
  stage: push
  tags:
    - poc
    - maifee
  variables:
    DOCKER_TLS_CERTDIR: ""
  script:
    - docker login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD harbor.my-domain.bd
    - docker build -t harbor.my-domain.bd/library/port9070:latest -f Dockerfile .
    - docker push harbor.my-domain.bd/library/port9070:latest
  only:
    - dev
    - main

I have also modified the gitlab runner configuration file:

concurrent = 1
check_interval = 0
shutdown_timeout = 0


[session_server]
  session_timeout = 1800


[[runners]]
  name = "PoC runner - maifee"
  url = "my.git.url"
  id = 0
  token = "xyz"
  token_obtained_at = 0001-01-01T00:00:00Z
  token_expires_at = 0001-01-01T00:00:00Z
  executor = "docker"
  [runners.docker]
    tls_verify = false
    image = "docker:stable"
    privileged = true
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/cache"]
    shm_size = 0

How can I resolve this issue?

答案1

得分: 0

这个问题仍然存在,但使用 kaniko 解决了整个过程。我的当前流水线如下:

docker-push:
  stage: docker-push
  ...
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  before_script:
    - echo "{\"auths\":{\"harbor.my-domain.bd\":{\"auth\":\"$(printf \"%s:%s\" \"${HARBOR_USERNAME}\" \"${HARBOR_PASSWORD}\" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
  script: |
    /kaniko/executor \
      --context $CI_PROJECT_DIR \
      --dockerfile $CI_PROJECT_DIR/Dockerfile \
      --destination "harbor.my-domain.bd/library/port9070:latest"    

我仍然无法弄清楚为什么嵌套的 Docker 没有工作。我真的对此感到困惑,持续了一个星期,一直认为这可能是我项目配置的问题。

英文:

This isssue is still remaining, but sorted out the whole process using kaniko. My current pipeline looks like:

docker-push:
 stage: docker-push
 ...
 image:
   name: gcr.io/kaniko-project/executor:debug
   entrypoint: [""]
 before_script:
   - echo "{\"auths\":{\"harbor.my-domain.bd\":{\"auth\":\"$(printf "%s:%s" "${HARBOR_USERNAME}" "${HARBOR_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
 script: |
     /kaniko/executor \
       --context $CI_PROJECT_DIR \
       --dockerfile $CI_PROJECT_DIR/Dockerfile \
       --destination "harbor.my-domain.bd/library/port9070:latest"

I still can't figure out why docker in docker didn't work. I was really confused about it, for a week, and down, thought there is some issue with my configuration in my project.

huangapple
  • 本文由 发表于 2023年7月3日 18:45:16
  • 转载请务必保留本文链接:https://go.coder-hub.com/76603998.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定