Gitlab Runner Docker 登录在连接期间无法正常工作错误：Post http://docker:2375/v1.40/auth: dial tcp: Lookup docker on 67.207.67.3:53

Question

Gitlab Runner Docker 登录在连接期间无法正常工作错误：Post http://docker:2375/v1.40/auth: dial tcp: Lookup docker on 67.207.67.3:53

Muh*_*diq 11 continuous-integration gitlab docker gitlab-ci cicd

我在 gitlab runner 上使用 docker executor 作为我正在使用的图像，但docker:stable 收到此错误：

$ docker login gitlab.mydomain.com:5050 -u myusername-p mytoken
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on 67.207.67.3:53: no such host
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1

Run Code Online (Sandbox Code Playgroud)

这是我的config.toml

concurrent = 1
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "dev-env"
  url = "https://gitlab.mydomain.com/"
  token = "REDACTED"
  executor = "docker"
  [runners.custom_build_dir]
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]
    [runners.cache.azure]
  [runners.docker]
    tls_verify = false
    image = "docker:stable"
    privileged = false
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/cache"]
    shm_size = 0

Run Code Online (Sandbox Code Playgroud)

这是我的 ci 文件

deploy-dev:
  stage: deploy
  before_script:
    - apk add make
  script:
    - docker login gitlab.mydomain.com:5050 -u myusnerma -p mytoken
  only:
    - mybranch
  tags:
    - dev

Run Code Online (Sandbox Code Playgroud)

Answer 1

syt*_*ech 17

您必须将该docker:dind服务添加到您的作业配置中：

deploy-dev:
  variables:
    # these values may need to be different if using TLS, k8s, etc.
    # You can alternatively set defaults in your runner config
    DOCKER_TLS_CERTDIR: ""
    DOCKER_HOST: "tcp://docker:2375"
  services:
    - docker:dind
  # ...

Run Code Online (Sandbox Code Playgroud)

为了使 dind 容器正常工作，您的运行程序必须允许特权容器：

  [runners.docker]
    privileged = true
    # ...

Run Code Online (Sandbox Code Playgroud)

Answer 2

小智 5

除此之外，privileged = true您还应该将/var/run/docker.sockdocker 容器内部映射到/var/run/docker.sock主机上。像这样的东西：

concurrent = 1
check_interval = 0
[session_server]
  session_timeout = 1800
[[runners]]
  name = "my-runner"
  url = "https://gitlab.mydomain.com/"
  token = "GITLAB_RUNNER_TOKEN"
  executor = "docker"
  [runners.custom_build_dir]
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]
    [runners.cache.azure]
  [runners.docker]
    tls_verify = false
    image = "docker:stable"
    privileged = true
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
    shm_size = 0

Run Code Online (Sandbox Code Playgroud)

来自techoverflow的更多信息

如果您打算使用 `dind` 服务，则不应映射 docker 套接字。安装 docker 套接字使作业可以直接访问主机 docker 守护进程，这可能会产生许多负面影响，但在这种情况下您不需要 docker:dind 服务。 (2认同)

归档时间：	3 年，10 月前
查看次数：	22818 次
最近记录：	2 年前