Gitlab目录服务:在另一个容器中使用Docker

iq0todco  于 2023-01-20  发布在  Docker
关注(0)|答案(1)|浏览(119)

好的,我已经说到了我需要在Gitlab CI中做一些类似这样的事情:
(Note:我过度简化了它,所以它有实际的目的运行这个)

  • . gitlab-ci. yml格式 *
workflow:
  rules:
    - when: always

image: "docker:20.10.7"

variables:
  DOCKER_TLS_CERTDIR: "/certs"

services:
  - "docker:20.10.7-dind"

integration-tests:
  stage: test
  script:
    - bin/run

因此Gitlab运行者将使用docker图像dind服务。
bin/run脚本为:

#!/usr/bin/env sh
# shellcheck disable=SC1091

set -eux

apk update
apk add bind-tools

echo "${DOCKER_HOST:=}"

docker container ls

host docker || true

nc -v docker 2376 || true

docker run --rm \
    -v "${DOCKER_CERT_PATH:=}:${DOCKER_CERT_PATH:=}:ro" \
    -e DOCKER_HOST="${DOCKER_HOST:=}" \
    -e DOCKER_CERT_PATH="${DOCKER_CERT_PATH:=}" \
    -e DOCKER_TLS_VERIFY="${DOCKER_TLS_VERIFY:=}" \
    --network "host" \
    "docker:20.10.7" docker container ls

在这里,我希望能够使用docker来运行 * 一个嵌套的 * docker容器,并调用嵌套的docker函数。
结果如下:

$ bin/run
+ apk update
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/community/x86_64/APKINDEX.tar.gz
v3.13.12-94-g0551adbecc [https://dl-cdn.alpinelinux.org/alpine/v3.13/main]
v3.13.12-94-g0551adbecc [https://dl-cdn.alpinelinux.org/alpine/v3.13/community]
OK: 13912 distinct packages available
+ apk add bind-tools
(1/17) Installing fstrm (0.6.0-r1)
...
(17/17) Installing bind-tools (9.16.33-r0)
Executing busybox-1.32.1-r6.trigger
OK: 24 MiB in 37 packages
+ echo tcp://docker:2376
tcp://docker:2376
+ docker container ls
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
+ host docker
Host docker not found: 3(NXDOMAIN)
+ true
+ nc -v docker 2376
docker (172.17.0.3:2376) open
+ docker run --rm -e 'DOCKER_HOST=tcp://docker:2376' --network host docker:20.10.7 docker container ls
Unable to find image 'docker:20.10.7' locally
20.10.7: Pulling from library/docker
...
9d806bc20361: Pull complete
Digest: sha256:bfc499cef26daa22da31b76be1752813a6921ee1fa1dd1f56d4fdf19c701d332
Status: Downloaded newer image for docker:20.10.7
error during connect: Get http://docker:2376/v1.24/containers/json: dial tcp: lookup docker on 169.254.169.254:53: no such host
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: exit code 1

我不明白的是:
1.为什么nc命令正常工作,但host命令在作业容器中失败?
1.为什么在嵌套容器中无法解析Docker服务?

t9aqgxwy

t9aqgxwy1#

好的,我找到了我的问题,我丢失了FF_NETWORK_PER_BUILD=true变量。

  • . gitlab-ci. yml格式 *
workflow:
  rules:
    - when: always

image: "docker:20.10.7"

variables:
  DOCKER_TLS_CERTDIR: "/certs"

services:
  - "docker:20.10.7-dind"

integration-tests:
  stage: test
  variables:
    FF_NETWORK_PER_BUILD: "true"
  script:
    - bin/run

相关问题