Hey i got GitLab and gitlab runner runned in docker in gitlab i got working container registry.
when in CI/CD im trying to do
stages: # List of stages for jobs, and their order of execution
- build
docker-build:
# Use the official docker image.
image: docker:latest
services:
- docker:dind
stage: build
script:
- echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin
I got error like
Get "https://git.domain.com:5050/v2/": x509: certificate signed by unknown authority
my runner config.toml looks like this
concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "Runner"
url = "http://git.domain.com/"
id = 3
token = "xxxxxxxxxcccccc"
token_obtained_at = 2023-02-07T22:14:54Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
clone_url = "http://git.domain.com/"
[runners.custom_build_dir]
[runners.cache]
MaxUploadedArchiveSize = 0
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
[runners.docker]
tls_verify = false
image = "node:latest"
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0
What can i do with this?
When i do login from my pc its works perfect
edit:
My cert is not selfsigned
I added my CA certificate to certificate, and now its works
Related
I have a local runner that cannot connect to the docker daemon.
I tried adding an alias to the service and it still failed
ERROR: Cannot connect to the Docker daemon at tcp://docker:2375/. Is the docker daemon running?
ERROR: Cannot connect to the Docker daemon at tcp://thealias:2375/. Is the docker daemon running?
gitlab-ci
push_image:
image: docker:20.10.16-dind
services:
- docker:20.10.16-dind
before_script:
- docker info
- docker login ext_registry.com -u $NEXUS_USER -p $NEXUS_PASS
script:
- docker build -t ext_registry.com.liberty.edu:5000/occ/groupsyncer:latest .
gitlab-runner.toml
[[runners]]
name = "docker-runner"
url = "https://gitlab.example.com/"
token = REDACTED
executor = "docker"
cache_dir="/cache"
clone_url = "https://gitlab.example.com"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
[runners.docker]
volumes = ["/opt/gitlab-runner/cache:/cache:rw"]
tls_verify = false
image = "docker:20.10.16"
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
shm_size = 0
In my case the error came from not sharing the docker sock.
[runners.docker]
volumes = ["/var/run/docker.sock:/var/run/docker.sock","/opt/gitlab-runner/cache:/cache:rw"]
Also make sure the gitlab-runner has permissions to docker.
usermod -aG docker gitlab-runner
I'm trying to create a fairly simple GitLab CI file to build out Docker images. Whenever I run the pipeline, I end up getting a Docker daemon connection issue. What can I do to properly build my image? Thanks!
GitLab CI:
image: docker:20.10.16
services:
- docker:20.10.16-dind
variables:
DOCKER_HOST: tcp://docker:2375
iac-build:
stage: build
extends: .iac
rules:
- if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
when: always
- if: $CI_PIPELINE_SOURCE == 'merge_request_event'
when: never
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
when: always
script:
- docker build -t testfirstimage .
allow_failure: false
Error:
$ docker build -t testfirstimage .
failed to dial gRPC: cannot connect to the Docker daemon. Is 'docker daemon' running on this host?: dial tcp 127.0.0.1:2375: connect: connection refused
Cleaning up project directory and file based variables
ERROR: Job failed: command terminated with exit code 1
First thing I would check is if you already have something running on that local host - I've literally tried running a server on a local host port for hours and kept having it refused, only to find out that I had forgotten to terminate my connection to that port.
If that isn't the issue, I had this issue before and had to run this command to get it to work:
concurrent = 1
check_interval = 0
[[runners]]
name = "#####"
url = "#####"
token = "#####"
executor = "docker"
[runners.docker]
tls_verify = false
image = "docker:latest"
privileged = false
disable_cache = false
cache_dir = "cache"
volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
[runners.cache]
Insecure = false
I spent forever trying to figure it out and couldn't get anything to work until I found out to add
volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
I didn't figure it out by magic though - props to this issues page: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/1986
Hopefully that works.
In order to get Docker-in-Docker working with GitLab CI, you will first need to decide if you want to use Docker-in-Docker with or without TLS. Then, change /etc/gitlab-runner/config.toml settings, and assign the DOCKER_TLS_CERTDIR in your .gitlab-ci.yml file. See the Docker-in-docker section of the GitLab docs.
Docker-in-docker with TLS:
# /etc/gitlab-runner/config.toml
[[runners]]
url = "https://gitlab.com/"
token = TOKEN
executor = "docker"
[runners.docker]
tls_verify = false
image = "docker:20.10.16"
privileged = true
disable_cache = false
volumes = ["/certs/client", "/cache"]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
# .gitlab-ci.yml
image: docker:20.10.16
variables:
DOCKER_TLS_CERTDIR: "/certs"
services:
- docker:20.10.16-dind
before_script:
- docker info
# rest of .gitlab-ci.yml
I have done a setup of my own Gitlab(-p 7022:22, 7080:9080), Gitlab Runner(-p 7093:8093), Sonatype Nexus3(Maven, Docker, Helm)(-p 10081:8081, 10082:10082, 10083:10083, 10084:10084). All are running as docker images of their own. And till docker build everything runs great(below code snippets doesn't have docker build related code). Problem is, I want to upload the final docker image to my Nexus3 Docker Registry which I am unable to do so.
My Gitlab Runner config is below
concurrent = 1
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "testing dind runner"
url = "http://192.168.0.250:7080/" ----> Gitlab git repo external url
token = "SOME TOKEN"
executor = "docker"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
[runners.docker]
tls_verify = false
image = "docker:19.03.12"
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
shm_size = 0
My Docker registry in Nexus3 is hosted as below
Web UI = http://192.168.0.250:10081/ (container internal port is 8081 and exposed to host on 10081)
Docker(Group) = 10084 (exposed as the same port through docker)
Docker(Hosted) = 10082 (exposed as the same port through docker)
Docker(Proxy) = 10083 (exposed as the same port through docker)
My project CI config is below
image: docker:19.03.12
services:
- name: docker:19.03.12-dind
variables:
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
before_script:
- docker info
- docker login -u nx-uploader -p 1234 192.168.0.250:10082
stages:
- test docker reg
test-docker:
stage: test docker reg
script:
- docker images
- docker search httpd
I am constantly getting errors as
$ docker login -u nx-uploader -p 1234 192.168.0.250:10082
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
error during connect: Post http://docker:2376/v1.40/auth: dial tcp: lookup docker on 192.168.0.1:53: no such host
ERROR: Job failed: exit code 1
Need help/pointers to fix this.
Thanks in advance.
I have a Ubuntu 18.04 server. On this server is running an gitlab-ce 12.7.5 instance in a docker container and a gitlab-runner 12.8.0 also in a docker container. Since a few days all the pipelines ar failing with:
*Running with gitlab-runner 12.8.0 (1b659122)
on ddddd kbuTsA6j
Using Docker executor with image ubuntu:18.04 ...
00:02
Pulling docker image ubuntu:18.04 ...
Using docker image sha256:2c047404e52d7f17bdac4121a13cd844447b74e13063f8cb8f8b314467feed06 for ubuntu:18.04 ...
ERROR: Job failed (system failure): Error response from daemon: OCI runtime create failed: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: process_linux.go:422: setting cgroup config for procHooks process caused: resulting devices cgroup doesn't match target mode: unknown (executor_docker.go:810:0s)*
The config.toml file of the gitlab-runner container looks like this:
concurrent = 1
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "ddddd"
url = "https://myreplacedname.stratoserver.net:8929/"
token = "kbuTsA6jgE_GrM"
tls-ca-file = "/etc/gitlab-runner/certs/myreplacedname.stratoserver.net.crt"
executor = "docker"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.docker]
tls_verify = false
image = "docker:19.03.1"
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/srv/gitlab-runner/config:/etc/gitlab-runner", "/cache", "/builds:/builds"]
shm_size = 0
Until a few days ago, everything worked fine. I would be very happy if you could help me. Thank you!
I spent several days trying to find a solution to the same problem. I found out that assigning the value false to the privileged field of your [runners.docker] section solves this problem.
So, in your case, the resulting configuration will look like this:
concurrent = 1
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "ddddd"
url = "https://myreplacedname.stratoserver.net:8929/"
token = "kbuTsA6jgE_GrM"
tls-ca-file = "/etc/gitlab-runner/certs/myreplacedname.stratoserver.net.crt"
executor = "docker"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.docker]
tls_verify = false
image = "docker:19.03.1"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/srv/gitlab-runner/config:/etc/gitlab-runner", "/cache", "/builds:/builds"]
shm_size = 0
Of course, to apply these changes, you must restart your gitlab-runner instance after performing these actions. I hope it helps you, too.
I started to work with GitLab CI/CD. I have setup my own GitLab-runner with docker executor. It is working fine. When I read about docker, I came to know that it creates a separate space for each run so that we could even access it and use it. I would like to know the path in which the docker images are created.
This is my config.toml
concurrent = 1
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "Linux-Docker1"
url = "https://gitlab.com/"
token = "4-UWY1A_J2rS7r32wxJi"
executor = "docker"
builds_dir = "/var/working/gitlab-runner-docker"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.docker]
tls_verify = false
image = "ruby:2.6"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0
[[runners]]
name = "Linux-Shell1"
url = "https://gitlab.com/"
token = "LzdxrS1zA58rXihSQWCn"
executor = "shell"
builds_dir = "/var/working/gitlab-runner"
[runners.custom_build_dir]
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
This is my .gitlab-ci.yml file
stages:
- build
- test
build:
stage: build
script:
- whoami
- mkdir test-build
- touch test-build/info.txt
- ls
- pwd
- cd ..
- pwd
- ls
artifacts:
paths:
- test-build/
test:
stage: test
script:
- echo "Test Script"
- ls
- test -f "test-build/info.txt"
In your case you didn't create a docker image, because in your build step you do not run docker build command
about the path, if you build a docker image, you need to push it to a container registry (docker hub or a private one)
look at this doc to know how to do it
https://docs.gitlab.com/ee/ci/docker/using_docker_build.html