I'm beyond confused as to why I'm getting an error 'ERR_CONNECTION_REFUSED' when I try running a Gitlab docker container on port 80, but if I change the port number to 8000, it totally works.
I've scoured the internet for four days looking for answers, but the only thing I've seen suggested is the container is missing an SSL cert for the domain name. However, the container works just fine if I switch the port to 8000. Can anyone please liberate me from this frustration and explain why 8000 is OK and 80 is not?
Code that doesn't work:
sudo podman run --detach \
--name gitlab-ce \
--hostname gitlab.example.com \
--publish 443:443 \
--publish 80:80 \
--publish 8022:22 \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab:Z \
--volume /srv/gitlab/logs:/var/log/gitlab:Z \
--volume /srv/gitlab/data:/var/opt/gitlab:Z \
gitlab/gitlab-ce:latest
Code that does work:
sudo podman run --detach \
--name gitlab-ce \
--hostname gitlab.example.com \
--publish 443:443 \
--publish 8000:80 \
--publish 8022:22 \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab:Z \
--volume /srv/gitlab/logs:/var/log/gitlab:Z \
--volume /srv/gitlab/data:/var/opt/gitlab:Z \
gitlab/gitlab-ce:latest
It's the same exact code, the only difference is the one port number.
Well, apparently the answer to this question is patience. For some reason, when on port 8000 it only took about 2 minutes for the server to prepare itself. When using port 80, it took over 10 minutes to prepare itself. Not exactly sure why that is, but it's working now. So frustrating. I had blown away the container because it wasn't working fast enough, then tried again.
I find most of my questions on here to be answered the same way. Patience.
Related
I am trying to start gitlab running on Ubuntu 20.04.1 LTS. I have already an apache server running.
sudo docker run --detach \
--hostname hostname.de \
--publish 443:443 --publish 80:80 --publish 22:22 \
--name gitlab \
--restart always \
--volume $GITLAB_HOME/config:/etc/gitlab \
--volume $GITLAB_HOME/logs:/var/log/gitlab \
--volume $GITLAB_HOME/data:/var/opt/gitlab \
gitlab/gitlab-ee:latest
when i try to run that docker image i get the following error:
Error starting userland proxy: listen tcp4 0.0.0.0:443: bind: address already in use.
I run already a few websites on my apache webserver so i already use port 80 and 443.
How can I run that docker gitlab image beside my apache server?
on saturday I tried to install Gitlab-CE on a new root Ubuntu Server. I got this error:
/opt/gitlab/embedded/bin/runsvdir-start: line 24: ulimit: pending signals: cannot modify limit: Operation not permitted
/opt/gitlab/embedded/bin/runsvdir-start: line 37: /proc/sys/fs/file-max: Read-only file system
After setting the password and login (first time), gitlab shows me 404!
I already tried docker exec -it gitlab update-permissions, increase ulimit and so on!
sudo docker run -i \
--hostname ubuntu \
--publish 10443:443 --publish 10080:80 --publish 10022:22 \
--sysctl net.core.somaxconn=1024 \
--ulimit sigpending=62793 \
--ulimit nproc=131072 \
--ulimit nofile=60000 \
--ulimit core=0 \
--name gitlab \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab \
--volume /srv/gitlab/logs:/var/log/gitlab \
--volume /srv/gitlab/data:/var/opt/gitlab \
--volume /srv/gitlab/logs/reconfigure:/var/log/gitlab/reconfigure \
gitlab/gitlab-ce:latest
I definitely spent 15 hours on Google and tried out fixes. So far no chance
Had the same issue and was able to get my local Docker gitlab-ce working by adding:
--privileged
See this issue:3047
Note: It seems everyone else with this problem is using the wrong token - I'm using the one from the Admin Area -> Overview -> Runners under "Set up a shared Runner manually", so I'm sure it's correct.
I'm trying to get a basic setup of GitLab with one shared runner working from docker containers, but I keep getting this when I try to register:
ERROR: Registering runner... forbidden (check registration token) runner=Ds-3E59o
PANIC: Failed to register this runner. Perhaps you are having network problems
These are the steps I take (tested from fresh by removing /srv/gitlab):
Run GitLab:
# As per https://docs.gitlab.com/omnibus/docker/#pre-configure-docker-container.
sudo docker run --detach \
--hostname gitlab.example.com \
--env GITLAB_OMNIBUS_CONFIG="external_url 'http://gitlab.example.com/'; gitlab_rails['lfs_enabled'] = true;" \
--publish 443:443 --publish 80:80 --publish 22:22 \
--name gitlab \
--restart always \
--volume /srv/gitlab/config:/etc/gitlab \
--volume /srv/gitlab/logs:/var/log/gitlab \
--volume /srv/gitlab/data:/var/opt/gitlab \
gitlab/gitlab-ce:latest
Run the runner:
# As per: https://docs.gitlab.com/runner/install/docker.html#docker-image-installation.
docker run -d --name gitlab-runner --restart always \
-v /srv/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
Wait for gitlab to start, set root password, login as root, go to Configure GitLab -> Overview -> Runners, copy the access token.
Attempt to register the runner:
# As per: https://docs.gitlab.com/runner/register/index.html#one-line-registration-command.
docker run --rm -v /srv/gitlab-runner/config:/etc/gitlab-runner gitlab/gitlab-runner register \
--non-interactive \
--executor "docker" \
--docker-image alpine:latest \
--url "http://gitlab.example.com/" \
--registration-token "VMTMR8TysySosb6xuTLZ" \
--description "docker-runner" \
--tag-list "docker" \
--run-untagged="true" \
--locked="false" \
--access-level="not_protected"
At this point, I get the error shown above.
I know it seem weird to run the runner and register it while it's running but 1. the documentation has it this way and 2. I get the same result when registering first.
Am I doing something stupid?
(Note: Copied from forum.gitlab.com, but I wasn't having much luck there: https://forum.gitlab.com/t/cant-register-runner-clean-latest-docker-install/30884)
I tried using host networking (i.e. adding --network host) to the gitlab container, and it worked. No idea why but I'd appreciate any insight anyone has.
I have multiple Docker containers running nginx that serves up a web application. These containers are running on a virtual machine abc.com. They all require https.
If I have just one container running, I can access the container running at abc.com:443 no problem. I can also run multiple containers using docker run and port mapping where I can map a port to 433 like this:
VersionA 0.0.0.0:5000->443 can hit on abc.com:5000
VersionB 0.0.0.0:5001->443 can hit on abc.com:5001
VersionC 0.0.0.0:5002->443 can hit on abc.com:5002
What I would like is:
vA.abc.com -> VersionAContainer:443
vB.abc.com -> VersionBContainer:443
vC.abc.com -> VersionCContainer:443
These containers will spin up and close regularly and need them to be picked up by Traefik. What is the proper build command for traefik and run command for the container using labels?
This is how I was running the Traefik container with no luck.
sudo docker container run -d --name traefik_proxy \
--network traefik_webgateway \
-p 80:80 \
-p 443:443 \
-p 8080:8080 \
--restart always \
--volume /var/run/docker.sock:/var/run/docker.sock \
--volume /dev/null:/traefik.toml \
traefik --docker --logLevel=INFO --api \
--entrypoints="Name:http Address::80 Redirect.EntryPoint:https" \
--entrypoints="Name:https Address::443 TLS" \
--defaultentrypoints="http,https"
And this is how I was running my container:
sudo docker run -d --name some-nginx \
--network traefik_webgateway \
--label traefik.docker.network=traefik_webgateway \
--label traefik.protocol=https \
--label traefik.frontend.entryPoints=http,https \
--label traefik.frontend.rule=Host:something.localhost \ # unsure if this is correct to use local host or abc.com
--label traefik.port=443 \
--label traefik.frontend.auth.forward.tls.insecureSkipVerify=true \
container:latest
An example of the commands being run:
docker run \
--detach \
--hostname gitlab.docker \
--publish 8443:443 \
--publish 8081:80 \
--publish 2222:22 \
--name gitlab \
--restart always -v /var/run/docker.sock:/var/run/docker.sock \
--volume /tmp/gitlab/config:/etc/gitlab \
--volume /tmp/gitlab/logs:/var/log/gitlab \
--volume /tmp/gitlab/data:/var/opt/gitlab \
--env GITLAB_OMNIBUS_CONFIG="external_url 'http://gitlab.docker:8081/'; gitlab_rails['lfs_enabled'] = true;" \
gitlab/gitlab-ce:latest
gitlab.rb
external_url "http://gitlab.docker:8081"
access url:
http://gitlab.docker:8081
Perhaps I'm missing something but when I remove the port I can access the interface on 8081, with it there it becomes inaccessible.
Any insights?
You need set 'nginx-listen-port' to make the nginx inside the docker to listen to port 80, instead of the port 8081 specified by 'external_url'.
See:
https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/nginx.md#setting-the-nginx-listen-port
I figured it out, when you run:
gitlab-ctl reconfigure
The port in the external url gets parsed and placed into nginx config so the docker port you were forwarding is no longer valid.