Configure Docker with Gitlab CI/CD? - docker

I have a simple project setup in Gitlab CI/CD using Docker to serve the site on a Container following this guide. But I get "Container already in use..." error whenever there is a new job running on a push event. How do I "push" the new code to my already running website without taking it down or killing the container?
# .gitlab-ci.yml
stages:
- build
job 1:
stage: build
tags:
- windows-test
script:
- docker build -t vuejs-cookbook/dockerize-vuejs-app .
- docker run -p 8080:80 --rm --name dockerize-vuejs-app-1 vuejs-cookbook/dockerize-vuejs-app

The container name is the same every time. Stop and remove the old container first.
Run docker stop dockerize-vuejs-app-1 and docker rm dockerize-vuejs-app-1 after docker build.
Beside that I would suggest to run your container detached (-d) with --restart always (docs).
docker build -t vuejs-cookbook/dockerize-vuejs-app .
docker stop dockerize-vuejs-app-1
docker rm dockerize-vuejs-app-1
docker run -p 8080:80 -d --restart always --name dockerize-vuejs-app-1 vuejs-cookbook/dockerize-vuejs-app

Related

how to run a local docker registry inside a docker container

I am trying to run a process in gitlab ci that mimics the clients use case to make sure our modifications do not disrupt their use case. This is the specific job that is failing.
docker-source:
stage: build
image: carlallen/docker:buildx
services:
- name: docker:dind
command: ["dockerd", "--host=tcp://0.0.0.0:2375"]
alias: 'docker'
script:
- echo "Building..."
- docker --version
- docker buildx
- docker buildx create --use --config buildkit.toml --driver-opt network=host --buildkitd-flags '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host' --name test_name
- docker run -d -p 5000:5000 --restart=always --name registry registry:2
- ./build-docker.sh
$ docker --version
Docker version 19.03.14, build 5eb3275
$ docker buildx
Usage: docker buildx [OPTIONS] COMMAND
Build with BuildKit
Options:
--builder string Override the configured builder instance
Management Commands:
imagetools Commands to work on images in registry
Commands:
bake Build from a file
build Start a build
create Create a new builder instance
du Disk usage
inspect Inspect current builder instance
ls List builder instances
prune Remove build cache
rm Remove a builder instance
stop Stop builder instance
use Set the current builder instance
version Show buildx version information
Run 'docker buildx COMMAND --help' for more information on a command.
$ docker buildx create --use --config buildkit.toml --driver-opt network=host --buildkitd-flags '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host' --name test_name
test_name
$ docker run -d -p 5000:5000 --restart=always --name registry registry:2
docker: error during connect: Post http://docker:2375/v1.40/containers/create?name=registry: dial tcp: lookup docker on XXX.XX.X.X:53: no such host.
See 'docker run --help'.
Thank you for the help!
Do not override the command or entrypoint for the docker:dind image. Use environment variables to control the behavior.
variables:
DOCKER_HOST: 'docker'
DOCKER_TLS_CERTDIR: "" # disable tls, force use of port 2375
services:
- docker:dind
script:
- docker info # verify connection/server details
If this doesn't work, then you are probably using a self-hosted runner that is not configured correctly for use with docker-in-docker. You should follow the docker in docker guide and make sure you runner is setup according to the documentation.

Why the customized docker container cannot connect to the Docker daemon at tcp://docker:2375?

For CI/CD purposes, I need docker in docker:
docker network create some-network
docker volume create some-docker-certs-ca
docker volume create some-docker-certs-client
docker run --privileged --name some-dind -d --network some-network --network-alias docker -e DOCKER_TLS_CERTDIR=/certs -v some-docker-certs-ca:/certs/ca -v some-docker-certs-client:/certs/client docker:dind
Now if I run the docker:latest image with -it option, I can use docker in the container as expected:
docker run --rm -it --network some-network -e DOCKER_TLS_CERTDIR=/certs -v some-docker-certs-client:/certs/client:ro docker:latest sh
/ # docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
/ #
But I need to customize docker:latest image in a Dockerfile:
FROM docker:latest
# install package1
# install package2
# install package3
...
# install package4
And build the customized docker image:
docker build -t customized-docker .
But when I run the customized-docker image with -it options, It cannot connect to docker daemon:
docker run --rm -it --network some-network -e DOCKER_TLS_CERTDIR=/certs -v some-docker-certs-client:/certs/client:ro customized-docker:latest sh
/ # docker ps
Cannot connect to the Docker daemon at tcp://docker:2375. Is the docker daemon running?
/ #
What is the problem? Isn't there any way I can use customized docker image?
Edit:
I found a better way to do my CI/CD without "docker in docker". As David Maze mentioned, most of the times, there is no need to use "docker in docker". But my question still remains: Why can the docker:latest container connect to docker daemon but a customized docker container cannot.

How to run docker command in docker container for appveyor server docker builds?

I'm setting up a new appveyor server and trying to build docker images with using the docker build feature. But when I try to run docker commands in my custom build container, got the error that shown below.
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
I think the appveyor server should run our custom build containers with the volume option that point the docker.sock.
sudo docker run --rm -it -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker name-of-the-custom-image bash
You can modify Docker cloud settings under Account -> Build environment and put the following into Custom Docker command arguments:
-v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker
https://help.appveyor.com/discussions/problems/24364-how-to-run-docker-command-in-docker-container-for-appveyor-server-docker-builds

Official Docker image says docker not running?

I perform the following docker commands in the following order:
docker pull docker
docker run -ti <imgId>
https://hub.docker.com/_/docker/
Now I am inside the "docker" image for Docker
Now suppose I create a temp folder and download a Dockerfile
mkdir temp
cd temp
curl <dockerfile>
docker build .
It will tell me Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
This means that the docker service needs to be started, but as the official docker image comes on alpine linux, commands like service/systemctl are not available, so we must perform apk add openrc --no-cache to access these.
After I install it, I still cannot start the docker service.
Performing system docker start says that it cannot find docker as a service?
service: service docker does not exist
Eventually I want to build this via Jenkins.
In the build step, I perform Execute Shell
if [ -f "Dockerfile" ]; then
echo "Dockerfile exists ... removing it"
rm Dockerfile
fi
wget <dockerFile url>
docker build .
I purposely don't do the openrc on Jenkins since I want to test locally first
The image you're pulling here (with the latest tag) does not contain the docker daemon. It's meant to be used as the docker client. What you want is to first get the docker daemon running with the image tagged dind (docker in docker).
docker network create dind
docker run --privileged --name docker --network dind -v docker-client-certs:/certs/client -d docker:dind
To verify it started up and works, you can check the logs.
docker logs docker
Now you can use a client container to connect to the daemon. This is how you connect interactively to the shell, like you wanted to:
docker run -ti --network dind -e DOCKER_TLS_CERTDIR=/certs -v docker-client-certs:/certs/client:ro docker
Docker commands should work inside this container. If you do docker version, you should see the versions of both the client and the server.
Note the two containers share the same network (some examples online feature links, but those are deprecated). They also share some of the TLS certs, which are generated when starting up the dind image.

Gitlab CI/CD runner and docker connection configuration

I am trying to configure gitlab CI/CD runner. On the runner, I have deployed maven and java that builds my project and executes the test. So far so good, but the final step which it should pakage the code as a docker image and deploy fails. Here is the script which runs fine in cloud.But it says docker command not found in local, and I did not understand the workflow. Now for that to run, am I supposed to install docker on to my runner ? As the runner itself is a container inside docker. I could not figure out what should I do for this step to run. Please help.
docker-build:
stage: package
script:
- docker build -t registry.gitlab.com/imran_yusubov/gs-spring-boot-docker .
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com
- docker push registry.gitlab.com/imran_yusubov/gs-spring-boot-docker
How are you starting the runner?
The proper way to start the runner would be:
docker run -d --name gitlab-runner --restart always \
-v /srv/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
Where you pass your docker socket and then in your pipeline you would have to call the docker:dind service in order to be able to run Docker in Docker which will allow you to build Docker images and run containers
You could find more info in this tutorial

Resources