好的,我已经说到了我需要在Gitlab CI中做一些类似这样的事情:
(Note:我过度简化了它,所以它有实际的目的运行这个)
- . gitlab-ci. yml格式 *
workflow:
rules:
- when: always
image: "docker:20.10.7"
variables:
DOCKER_TLS_CERTDIR: "/certs"
services:
- "docker:20.10.7-dind"
integration-tests:
stage: test
script:
- bin/run
因此Gitlab运行者将使用docker图像和dind服务。
bin/run脚本为:
#!/usr/bin/env sh
# shellcheck disable=SC1091
set -eux
apk update
apk add bind-tools
echo "${DOCKER_HOST:=}"
docker container ls
host docker || true
nc -v docker 2376 || true
docker run --rm \
-v "${DOCKER_CERT_PATH:=}:${DOCKER_CERT_PATH:=}:ro" \
-e DOCKER_HOST="${DOCKER_HOST:=}" \
-e DOCKER_CERT_PATH="${DOCKER_CERT_PATH:=}" \
-e DOCKER_TLS_VERIFY="${DOCKER_TLS_VERIFY:=}" \
--network "host" \
"docker:20.10.7" docker container ls
在这里,我希望能够使用docker来运行 * 一个嵌套的 * docker容器,并调用嵌套的docker函数。
结果如下:
$ bin/run
+ apk update
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/community/x86_64/APKINDEX.tar.gz
v3.13.12-94-g0551adbecc [https://dl-cdn.alpinelinux.org/alpine/v3.13/main]
v3.13.12-94-g0551adbecc [https://dl-cdn.alpinelinux.org/alpine/v3.13/community]
OK: 13912 distinct packages available
+ apk add bind-tools
(1/17) Installing fstrm (0.6.0-r1)
...
(17/17) Installing bind-tools (9.16.33-r0)
Executing busybox-1.32.1-r6.trigger
OK: 24 MiB in 37 packages
+ echo tcp://docker:2376
tcp://docker:2376
+ docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
+ host docker
Host docker not found: 3(NXDOMAIN)
+ true
+ nc -v docker 2376
docker (172.17.0.3:2376) open
+ docker run --rm -e 'DOCKER_HOST=tcp://docker:2376' --network host docker:20.10.7 docker container ls
Unable to find image 'docker:20.10.7' locally
20.10.7: Pulling from library/docker
...
9d806bc20361: Pull complete
Digest: sha256:bfc499cef26daa22da31b76be1752813a6921ee1fa1dd1f56d4fdf19c701d332
Status: Downloaded newer image for docker:20.10.7
error during connect: Get http://docker:2376/v1.24/containers/json: dial tcp: lookup docker on 169.254.169.254:53: no such host
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: exit code 1
我不明白的是:
1.为什么nc
命令正常工作,但host
命令在作业容器中失败?
1.为什么在嵌套容器中无法解析Docker服务?
1条答案
按热度按时间t9aqgxwy1#
好的,我找到了我的问题,我丢失了
FF_NETWORK_PER_BUILD=true
变量。