英文:
gitlab runner not detecting docker
问题
这个问题看起来是与你的GitLab Runner和Docker服务之间的连接问题有关。错误信息表明 GitLab Runner 试图连接到 Docker 服务,但无法解析主机名 "docker",并且尝试在地址 "192.168.0.222:53" 上查找 DNS 服务器失败。
为了解决这个问题,你可以尝试以下步骤:
-
检查 DNS 设置:
- 确保你的GitLab Runner所在的主机上的DNS设置正确。你可以尝试使用
ping docker来检查是否可以解析主机名 "docker"。如果解析失败,可能需要修复你的DNS设置。
- 确保你的GitLab Runner所在的主机上的DNS设置正确。你可以尝试使用
-
检查网络连接:
- 确保GitLab Runner所在的主机能够正常连接到Docker服务。你可以尝试运行
docker info来验证Docker服务是否可访问。
- 确保GitLab Runner所在的主机能够正常连接到Docker服务。你可以尝试运行
-
查看GitLab Runner配置:
- 确保GitLab Runner配置文件中的GitLab URL是正确的,并且确保你的GitLab Runner已经正确注册到GitLab服务器。
-
尝试使用Docker Socket绑定:
- 在你的GitLab Runner配置中,你可以尝试将Docker服务的Socket文件绑定到GitLab Runner容器中,以便GitLab Runner可以直接访问Docker服务。修改你的GitLab Runner配置,将以下行添加到
[[runners.docker]]部分中:volumes = ["/var/run/docker.sock:/var/run/docker.sock"]
- 在你的GitLab Runner配置中,你可以尝试将Docker服务的Socket文件绑定到GitLab Runner容器中,以便GitLab Runner可以直接访问Docker服务。修改你的GitLab Runner配置,将以下行添加到
-
重启GitLab Runner:
- 在修改GitLab Runner配置后,重启GitLab Runner以使更改生效。
-
验证Harbor仓库凭据:
- 确保你在GitLab CI/CD变量中正确设置了
HARBOR_USERNAME和HARBOR_PASSWORD,以便在Docker登录时使用正确的凭据。
- 确保你在GitLab CI/CD变量中正确设置了
-
检查Docker版本:
- 确保GitLab Runner所在的主机上安装的Docker版本是兼容的。有时候,不同版本的Docker可能会导致问题。
完成上述步骤后,重新运行你的GitLab Pipeline,看看是否解决了这个连接问题。如果问题仍然存在,请提供更多详细信息,以便更进一步的排查。
英文:
I've a gitlab pipeline which looks like this:
stages:
- push
- deliver
port9070-image-push:
stage: push
tags:
- poc
- maifee
image: docker:stable
services:
- name: docker:dind
alias: docker
variables:
DOCKER_HOST: tcp://docker:2375
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
script:
- docker login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD harbor.my-domain.bd
- docker build -t harbor.my-domain.bd/library/port9070:latest -f Dockerfile .
- docker push harbor.my-domain.bd/library/port9070:latest
only:
- dev
- main
This Git hosting is hosted in my domain, also the gitlab-runner is installed on my VPS for that domain. And I have already tested with a basic pipeline, which is working. But when I am trying to do some real world work with docker, it's giving me error, saying: error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on 192.168.0.222:53: server misbehaving
Full log:
[0KRunning with gitlab-runner 16.1.0 (b72e108d)[0;m
[0K on gitlab-runner-poc-maifee sY3VsxEP, system ID: s_635e67621e1e[0;m
section_start:1688377044:prepare_executor
[0K[0K[36;1mPreparing the "docker" executor[0;m[0;m
[0KUsing Docker executor with image docker:stable ...[0;m
[0KStarting service docker:dind ...[0;m
[0KPulling docker image docker:dind ...[0;m
[0KUsing docker image sha256:ad6479b49f1e99b76779e8d08bff4cf388cd23d435bf248337998905fcdf310e for docker:dind with digest docker@sha256:28c6ddb5d7bfdc019fb39cc2797351a6e3e81458ad621808e5e9dd3e41538c77 ...[0;m
[0;33mWARNING: Service docker:dind is already created. Ignoring.[0;m
[0KWaiting for services to be up and running (timeout 30 seconds)...[0;m
[0;33m*** WARNING:[0;m Service runner-sy3vsxep-project-96-concurrent-0-741eca69b02ef2fe-docker-0 probably didn't start properly.
Health check error:
start service container: Error response from daemon: Cannot link to a non running container: /runner-sy3vsxep-project-96-concurrent-0-741eca69b02ef2fe-docker-0 AS /runner-sy3vsxep-project-96-concurrent-0-741eca69b02ef2fe-docker-0-wait-for-service/service (services.go:187:0s)
Service container logs:
2023-07-03T09:37:26.216621307Z ip: can't find device 'ip_tables'
2023-07-03T09:37:26.221332586Z ip_tables 36864 0
2023-07-03T09:37:26.221522267Z x_tables 53248 7 xt_nat,xt_tcpudp,xt_conntrack,xt_MASQUERADE,xt_addrtype,nft_compat,ip_tables
2023-07-03T09:37:26.222908529Z modprobe: can't change directory to '/lib/modules': No such file or directory
2023-07-03T09:37:26.230877486Z mount: permission denied (are you root?)
2023-07-03T09:37:26.231056029Z Could not mount /sys/kernel/security.
2023-07-03T09:37:26.231072316Z AppArmor detection and --privileged mode might break.
2023-07-03T09:37:26.233428732Z mount: permission denied (are you root?)
[0;33m*********[0;m
[0KPulling docker image docker:stable ...[0;m
[0KUsing docker image sha256:b0757c55a1fdbb59c378fd34dde3e12bd25f68094dd69546cf5ca00ddbaa7a33 for docker:stable with digest docker@sha256:fd4d028713fd05a1fb896412805daed82c4a0cc84331d8dad00cb596d7ce3e3a ...[0;m
section_end:1688377051:prepare_executor
[0Ksection_start:1688377051:prepare_script
[0K[0K[36;1mPreparing environment[0;m[0;m
Running on runner-sy3vsxep-project-96-concurrent-0 via drone-io-01...
section_end:1688377051:prepare_script
[0Ksection_start:1688377051:get_sources
[0K[0K[36;1mGetting source from Git repository[0;m[0;m
[32;1mFetching changes with git depth set to 20...[0;m
Reinitialized existing Git repository in /builds/gitmhost/saas/pipeline-poc/.git/
[32;1mChecking out c0b3d7fd as detached HEAD (ref is dev)...[0;m
[32;1mSkipping Git submodules setup[0;m
section_end:1688377052:get_sources
[0Ksection_start:1688377052:step_script
[0K[0K[36;1mExecuting "step_script" stage of the job script[0;m[0;m
[0KUsing docker image sha256:b0757c55a1fdbb59c378fd34dde3e12bd25f68094dd69546cf5ca00ddbaa7a33 for docker:stable with digest docker@sha256:fd4d028713fd05a1fb896412805daed82c4a0cc84331d8dad00cb596d7ce3e3a ...[0;m
[32;1m$ docker login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD harbor.my-domain.bd[0;m
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on 192.168.0.222:53: server misbehaving
section_end:1688377053:step_script
[0K[31;1mERROR: Job failed: exit code 1
[0;m
I checked my system docker service is already running there. But for conveneince I have already added image, service etc. I don't know how to resolve this issue.
I also tried this pipeline, this also didn't work:
stages:
- push
- deliver
port9070-image-push:
stage: push
tags:
- poc
- maifee
variables:
DOCKER_TLS_CERTDIR: ""
script:
- docker login -u $HARBOR_USERNAME -p $HARBOR_PASSWORD harbor.my-domain.bd
- docker build -t harbor.my-domain.bd/library/port9070:latest -f Dockerfile .
- docker push harbor.my-domain.bd/library/port9070:latest
only:
- dev
- main
I have also modified the gitlab runner configuration file:
concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "PoC runner - maifee"
url = "my.git.url"
id = 0
token = "xyz"
token_obtained_at = 0001-01-01T00:00:00Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
[runners.docker]
tls_verify = false
image = "docker:stable"
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0
How can I resolve this issue?
答案1
得分: 0
这个问题仍然存在,但使用 kaniko 解决了整个过程。我的当前流水线如下:
docker-push:
stage: docker-push
...
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"harbor.my-domain.bd\":{\"auth\":\"$(printf \"%s:%s\" \"${HARBOR_USERNAME}\" \"${HARBOR_PASSWORD}\" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
script: |
/kaniko/executor \
--context $CI_PROJECT_DIR \
--dockerfile $CI_PROJECT_DIR/Dockerfile \
--destination "harbor.my-domain.bd/library/port9070:latest"
我仍然无法弄清楚为什么嵌套的 Docker 没有工作。我真的对此感到困惑,持续了一个星期,一直认为这可能是我项目配置的问题。
英文:
This isssue is still remaining, but sorted out the whole process using kaniko. My current pipeline looks like:
docker-push:
stage: docker-push
...
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script:
- echo "{\"auths\":{\"harbor.my-domain.bd\":{\"auth\":\"$(printf "%s:%s" "${HARBOR_USERNAME}" "${HARBOR_PASSWORD}" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
script: |
/kaniko/executor \
--context $CI_PROJECT_DIR \
--dockerfile $CI_PROJECT_DIR/Dockerfile \
--destination "harbor.my-domain.bd/library/port9070:latest"
I still can't figure out why docker in docker didn't work. I was really confused about it, for a week, and down, thought there is some issue with my configuration in my project.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论