时间戳

首页 > 解决方案 > Gitlab DIND Runner TLS失败

docker - Gitlab DIND Runner TLS失败

问题描述

我试图用 dind 设置一个 gitlab 运行器,以在 Gitlab CI Pipelines 中构建 docker 图像,但每次构建时都会出现以下错误:

*** WARNING: Service runner-project-2-concurrentdocker-0 probably didn't start properly.
Health check error:
service "runner-project-2-concurrentdocker-0-wait-for-service" timeout
Health check container logs:
Service container logs:
2021-10-12T14:12:26.652132966Z time="2021-10-12T14:12:26.651911909Z" level=info msg="Starting up"
2021-10-12T14:12:26.653211174Z time="2021-10-12T14:12:26.653132075Z" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
2021-10-12T14:12:26.653320513Z time="2021-10-12T14:12:26.653240584Z" level=warning msg="Binding to IP address without --tlsverify is insecure and gives root access on this machine to everyone who has access to your network." host="tcp://0.0.0.0:2375"
2021-10-12T14:12:27.653863417Z time="2021-10-12T14:12:27.653434622Z" level=warning msg="Binding to an IP address without --tlsverify is deprecated. Startup is intentionally being slowed down to show this message" host="tcp://0.0.0.0:2375"

我的 Gitlab Runner config.toml 看起来像这样:

concurrent = 10
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "gitlab-runner-docker"
  url = "https://gitlab.my.host/"
  token = "MYTOKEN"
  executor = "docker"
  environment = ["DOCKER_DRIVER=overlay2", "DOCKER_HOST=tcp://docker:2375/", "DOCKER_TLS_CERTDIR="]
  [runners.docker]
    tls_verify = false
    image = "docker:dind"
    privileged = true
    [[runners.docker.services]]
      name = "docker:dind"
      command = ["--registry-mirror", "http://192.168.1.21"]
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/certs/client", "/cache"]
    shm_size = 0

有关于这些错误的神秘错误报告和用户问题,但似乎没有一个能解决我的问题。我尝试删除tls_verify设置,并设置 DOCKER_TLS_CERTDIR: ""CI Pipeline 变量等等。有没有机会让那些跑步者在有或没有 tls 验证的情况下再次快速启动?

标签: dockergitlabgitlab-cigitlab-ci-runner

解决方案

推荐阅读