无法在gitlab CI中的unix:///var/run/docker.sock上连接到Docker守护程序 [英] Cannot connect to the Docker daemon at unix:///var/run/docker.sock in gitlab CI
问题描述
我看了其他任何问题,但找不到自己的解决方案!我在gitlab中设置了配置项,并使用了gitlab的共享运行器。在构建阶段,我使用docker映像作为基本映像,但是当我使用 docker 命令时,它说:
I looked at any other questions but can't find my own solution! I setting up a CI in gitlab and use the gitlab's shared runner. In build stage I used docker image as base image but when i use docker command it says :
无法通过unix:///var/run/docker.sock连接到Docker守护程序。 docker守护进程正在运行吗?
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
我看着这个主题,但仍然不明白我该怎么办?
I looked at this topic but still don't understand what should I do?
.gitlab-ci.yml:
.gitlab-ci.yml :
stages:
- test
- build
- deploy
job_1:
image: python:3.6
stage: test
script:
- sh ./sh_script/install.sh
- python manage.py test -k
job_2:
image: docker:stable
stage: build
before_script:
- docker info
script:
- docker build -t my-docker-image .
我知道gitlab运行程序必须注册才能使用 docker 并共享 /var/run/docker.sock !但是,当使用gitlab自己的运行程序时,该怎么做?
I know that the gitlab runner must registered to use docker and share /var/run/docker.sock! But how to do this when using the gitlab own runner?
推荐答案
啊,那是我可爱的话题-使用 docker 用于 gitlab ci 。您遇到的问题通常称为 docker-in-docker 。
Ahh, that's my lovely topic - using docker for gitlab ci. The problem you are experiencing is better known as docker-in-docker.
在配置它之前,您可能需要阅读这篇精彩的文章: http://jpetazzo.github.io/2015/09/03/do-not-use-docker-in-docker-for-ci/
Before configuring it, you may want to read this brilliant post: http://jpetazzo.github.io/2015/09/03/do-not-use-docker-in-docker-for-ci/
这将使您有所了解什么是问题以及哪种解决方案最适合您。通常有两种主要方法:在 docker 内实际安装 docker 守护程序,并将主机的守护程序共享给容器。选择哪种方法-取决于您的需求。
That will give you a bit of understanding what is the problem and which solution best fits you. Generally there are 2 major approaches: actual installation of docker daemon inside docker and sharing host's daemon to containers. Which approach to choose - depends on your needs.
在 gitlab 中,您可以采用几种方式,我只是
In gitlab you can go in several ways, I will just share our experience.
方法1-使用 docker:dind 作为服务。
Way 1 - using docker:dind as a service.
设置非常简单。只需将 docker:dind 作为共享服务添加到您的 gitlab-ci.yml 文件,然后使用 docker:latest 作业的图像。
It is pretty simple to setup. Just add docker:dind as a shared service to your gitlab-ci.yml file and use docker:latest image for your jobs.
image: docker:latest # this sets default image for jobs
services:
- docker:dind
专业人士:
- 易于设置。
- 易于运行-默认情况下,您的源代码可用于您在
cwd中的工作,因为它们直接被拉到了dockerRunner
- simple to setup.
- simple to run - your source codes are available by default to your job in
cwdbecause they are being pulled directly to your docker runner
缺点:您必须为该服务配置Docker注册表,否则将得到<$ c每次管道启动时,都会从头开始构建$ c> Dockerfile 。对于我来说,这是不能接受的,因为可能要花费一个多小时,具体取决于您拥有的容器数量。
Cons: you have to configure docker registry for that service, otherwise you will get your Dockerfiles built from scratch each time your pipeline starts. As for me, it is unacceptable, because can take more than an hour depending on the number of containers you have.
方法2-共享 /var/run/docker.sock 主机docker守护进程
Way 2 - sharing /var/run/docker.sock of host docker daemon
我们使用docker守护进程设置了自己的docker executor,通过将套接字添加到 /etc/gitlab-runner/config.toml 文件中来共享套接字。因此,我们使容器内的 docker cli 可以使用机器的docker守护程序。 注意-在这种情况下,您不必为执行者提供特权模式。
We setup our own docker executor with docker daemon and shared the socket by adding it in /etc/gitlab-runner/config.toml file. Thus we made our machine's docker daemon available to docker cli inside containers. Note - you DONT need privileged mode for executor in this case.
之后,我们可以同时使用 docker 和 docker-compose 在我们的自定义docker映像中。此外,我们不需要特殊的Docker注册表,因为在这种情况下,我们在所有容器之间共享执行者的注册表。
After that we can use both docker and docker-compose in our custom docker images. Moreover, we dont need special docker registry because in this case we share executor's registry among all containers.
缺点
在这种情况下,您需要以某种方式将源传递到您的容器,因为您只能将它们安装到docker executor,而不安装到从其启动的容器。我们已经停止使用 git clone $ CI_REPOSITORY_URL --branch $ CI_COMMIT_REF_NAME --single-branch / project
You need to somehow pass sources to your containers in this case, because you get them mounted only to docker executor, but not to containers, launched from it. We've stopped on cloning them with command like git clone $CI_REPOSITORY_URL --branch $CI_COMMIT_REF_NAME --single-branch /project
这篇关于无法在gitlab CI中的unix:///var/run/docker.sock上连接到Docker守护程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
