I'm new to CI / CD and I'm trying with CircleCI to build and push my app on DockerHub.
I researched some things on the internet, and tried some things, without success.
I'm having an error:
#!/bin/bash -eo pipefail
sudo docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD
sudo docker tag $HUB_NAME $DOCKER_LOGIN/$HUB_NAME
sudo docker push $DOCKER_LOGIN/$HUB_NAMEr
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Exited with code 1
My config-yml where I am having trouble:
# run tests!
- run: mvn integration-test
- setup_remote_docker
- run:
name: Build and deploy docker images
command: |
docker build -t $HUB_NAME:latest .
- deploy:
name: Push application Docker image
command: |
sudo docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD
sudo docker tag $HUB_NAME $DOCKER_LOGIN/$HUB_NAME
sudo docker push $DOCKER_LOGIN/$HUB_NAME
It seems to me you should not be using sudo docker in your login, tag and push commands.
Just use docker login, docker tag and docker push without sudo and you should be good to go.
Explanation
The whole point of the setup_remote_docker step, which you are using in your configuration, is to set the environment variables that allow the docker command to access a remote docker environment with the current docker user.
In your pipeline output, if you open the step with the label Setup a remote Docker engine, you'll likely see an output like:
Allocating a remote Docker Engine
[ ... skip some output ...]
Remote Docker engine created. Using VM '...'
Created container accessible with:
DOCKER_CERT_PATH=/tmp/docker-certs(...)
DOCKER_HOST=tcp://XXX.XXX.XXX.XXX:YYYY
DOCKER_MACHINE_NAME=ZZZZ
DOCKER_TLS_VERIFY=1
NO_PROXY=127.0.0.1,localhost,circleci-internal-outer-build-agent,XXX.XXX.XXX.XXX:YYYY
[ ... some more output ...]
If you sudo into another user, you'll be missing out on those environment variables, and the docker command will attempt to connect to the standard docker unix socket in the local machine. Which is why you see:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Check the Building Docker Images documentation to see that they don't use sudo anywhere.
You probably copied those sudo commands from your own environment where your local machine restricts access to the docker unix socket.
Related
I want to build and test my app using dockerfile located in other private repository.
For that I'm using Alpine official docker image in which i run a bash script for cloning my private repo and running docker for building the docker image. This is how my .gitlab-ci.yml looks like.
image: alpine:3.15
stages:
- main
main-job:
stage: main
script:
- apk add --update docker openrc
- rc-update add docker boot
- apk add bash git curl
- bash build.sh $GH_TOKEN $REPO
And I have simple script in build.sh
git clone https://${GH_TOKEN}#github.com/${REPO} source
cd source || exit 1
docker container prune --force || true
docker build . --rm --force-rm --compress --no-cache=true --pull --file Dockerfile -t test-app
docker image ls
docker run --privileged --rm -i test-app
But Docker don't start and spams error.
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.
Also tried with other command in ubuntu docker like service start docker , dockerd, service restart docker and others.
But nothing seems to works as i guess we can't run docker inside a docker or something.
Can we have any alternative idea to it?
Looks like you don’t have a docker agent running. You can use the docker in docker service by adding the following:
services:
- docker:dind
See the GitLab-ci docs on building docker images for more info: https://docs.gitlab.com/ee/ci/docker/using_docker_build.html
I've meet the same issue. May be you have to permit gitlab-runner on your host.
sudo usermod -aG docker gitlab-runner
I‘d suggest you build and push your built image to dockerhub. Then you can start the container referencing your prebuilt image.
In Gitlab CI, when I want to push my image, I get:
Cannot connect to the Docker daemon at tcp://docker:2375. Is the docker daemon running?
Here is the code:
docker-push:
stage: publish
image: docker:stable
services:
- docker:dind
before_script:
- *inject-gopath
- docker login -u gitlab-ci-token -p $GITLAB_PERSONAL_ACCESS_TOKEN $REGISTRY_URL
# $CI_BUILD_TOKEN
script:
- docker build --build-arg GITLAB_TOKEN=${GITLAB_PERSONAL_ACCESS_TOKEN} --target=prod -t $REGISTRY_PACKAGE_API_NAME:$CI_BUILD_ID .
- docker build --build-arg GITLAB_TOKEN=${GITLAB_PERSONAL_ACCESS_TOKEN} --target=prod -t $REGISTRY_PACKAGE_API_NAME:latest .
- docker push $REGISTRY_PACKAGE_API_NAME:$CI_BUILD_ID
- docker push $REGISTRY_PACKAGE_API_NAME:latest
Here is the output:
Pulling docker image docker:stable ...
Using docker image sha256:23fb2c9b38b59433ea1913eafa12d2e15651ca0d08819dc7067d27d8f92e0428 for docker:stable ...
Running on runner-wmKFtEwx-project-7124308-concurrent-0 via ubuntu...
Fetching changes...
Removing release/
HEAD is now at 9c4894a Merge branch '5-supprimer-les-threads' into 'master'
Checking out 9c4894af as master...
Skipping Git submodules setup
Downloading artifacts for build (324707453)...
Downloading artifacts from coordinator... ok id=324707453 responseStatus=200 OK token=SVLY__Jy
$ mkdir -p $(dirname ${PACKAGE_PATH}) && ln -s ${CI_PROJECT_DIR} ${PACKAGE_PATH} && cd ${PACKAGE_PATH}
$ docker login -u gitlab-ci-token -p $GITLAB_PERSONAL_ACCESS_TOKEN $REGISTRY_URL
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
$ docker build --build-arg GITLAB_TOKEN=${GITLAB_PERSONAL_ACCESS_TOKEN} --target=prod -t $REGISTRY_PACKAGE_API_NAME:$CI_BUILD_ID .
Cannot connect to the Docker daemon at tcp://docker:2375. Is the docker daemon running?
ERROR: Job failed: exit code 1
Weird thing is that I am in the image docker-stable, so I should have docker available, and previous step docker login is working well...
Is it a bug from Gitlab, or something I am doing wrong ?
PD: I am using Gitlab.com
PD2: I can push the image manually without any issue
As per comment it is just a GitLab problem.
There is no guarantee, with a free runner, that it will always work. In this case the docker deamon is not available so your build will keep failing until the runner is restarted when GitLab detects the error.
Notice this is my assumption given that often the error comes and then after a few hours it is gone. As you can see also my Gitlab Forums Thread received no reply from anyone so I am afraid I dont think you will be able to fix this. If mission critical then run your own runner so you can restart it on failure
I perform the following docker commands in the following order:
docker pull docker
docker run -ti <imgId>
https://hub.docker.com/_/docker/
Now I am inside the "docker" image for Docker
Now suppose I create a temp folder and download a Dockerfile
mkdir temp
cd temp
curl <dockerfile>
docker build .
It will tell me Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
This means that the docker service needs to be started, but as the official docker image comes on alpine linux, commands like service/systemctl are not available, so we must perform apk add openrc --no-cache to access these.
After I install it, I still cannot start the docker service.
Performing system docker start says that it cannot find docker as a service?
service: service docker does not exist
Eventually I want to build this via Jenkins.
In the build step, I perform Execute Shell
if [ -f "Dockerfile" ]; then
echo "Dockerfile exists ... removing it"
rm Dockerfile
fi
wget <dockerFile url>
docker build .
I purposely don't do the openrc on Jenkins since I want to test locally first
The image you're pulling here (with the latest tag) does not contain the docker daemon. It's meant to be used as the docker client. What you want is to first get the docker daemon running with the image tagged dind (docker in docker).
docker network create dind
docker run --privileged --name docker --network dind -v docker-client-certs:/certs/client -d docker:dind
To verify it started up and works, you can check the logs.
docker logs docker
Now you can use a client container to connect to the daemon. This is how you connect interactively to the shell, like you wanted to:
docker run -ti --network dind -e DOCKER_TLS_CERTDIR=/certs -v docker-client-certs:/certs/client:ro docker
Docker commands should work inside this container. If you do docker version, you should see the versions of both the client and the server.
Note the two containers share the same network (some examples online feature links, but those are deprecated). They also share some of the TLS certs, which are generated when starting up the dind image.
I have a custom gitlab ci that I want to compile a Golang app and build a docker image. I have decided to use alpine docker image for the gitlab runner. I can't seam to get docker started. I have tried to manually start docker and get an error ( * WARNING: docker is already starting ) and if I don't manually start the docker service I get (Fails (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?) Any one else experience this?
This would not be a duplicate question. Gitlab runner runs the docker alpine container in root (verified by running whoami). For the sake of trying I did try usermod -aG docker $(whoami) and had the same output.
.gitlab-ci.yml
image: alpine
variables:
GO_PROJECT: linkscout
before_script:
- apk add --update go git libc-dev docker openrc
- mkdir -p ~/go/src/${GO_PROJECT}
- cp -r ${CI_PROJECT_DIR}/* ~/go/src/${GO_PROJECT}/
- cd ~/go/src/${GO_PROJECT}
- service docker start # * WARNING: docker is already starting
stages:
- compile
- build
compile:
stage: compile
script:
- go get
- go build -a
build:
stage: build
script:
- docker version # If I don't run (service docker start) I get this message: Fails (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?)
By default you cannot use Docker-in-docker. You should configure your runner like this. Then, as stated in the explanation also use docker:latest as image instead of alpine.
I want to pull ubuntu image , but there is some errors shown
wangyaos-MBP-3:test wangyao$ sudo docker pull dl.dockerpool.com:5000/ubuntu:12.04
Post http:///var/run/docker.sock/v1.19/images/create?fromImage=dl.dockerpool.com%3A5000%2Fubuntu%3A12.04: dial unix /var/run/docker.sock: no such file or directory. Are you trying to connect to a TLS-enabled daemon without TLS?
but i can pull it in using $docker run ubuntu:14.04 grep -v '^#' /etc/apt/sources.list, it' too slowly.
How could I do to make it work ?
So your docker daemon is running with TLS and you are trying to connect without TLS(certificates). To check follow steps:-
boot2docker ssh - It will ssh to vm where docker daemon is running
ps -eaf | grep docker - check docker running with TLS and certificates.
You have 2 options -
Export DOCKER_CERT_PATH and DOCKER_TLS_VERIFY using $(boot2docker shellinit)
Or Start docker daemon without TLS.
Option 1
Run command $(boot2docker shellinit), it will set DOCKER_CERT_PATH and DOCKER_TLS_VERIFY for you and you will be able to run command.
Option 2
Follow steps -
boot2docker ssh
ps -eaf | grep docker - Get the PID of docker daemon running
sudo kill -9
docker -d -H unix:// -H tcp://0.0.0.0:2375 --insecure-registry dl.dockerpool.com:5000 &
exit from vm
export DOCKER_CERT_PATH=""
export DOCKER_TLS_VERIFY=""
export DOCKER_HOST=tcp://127.0.0.1:2375
Try to run docker pull command. It should work.
To summarize, if your docker daemon is running with TLS, you have to set certificate path and enable TLS. If your docker daemon is running without certificate then you will have to unset certificate and TLS(if set).