Skip to content
GitLab
Next
    • GitLab: the DevOps platform
    • Explore GitLab
    • Install GitLab
    • How GitLab compares
    • Get started
    • GitLab docs
    • GitLab Learn
  • Pricing
  • Talk to an expert
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
    Projects Groups Topics Snippets
  • Register
  • Sign in
  • G GitLab Runner
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
    • Locked files
  • Issues 213
    • Issues 213
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 35
    • Merge requests 35
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.orgGitLab.org
  • charts
  • GitLab Runner
  • Issues
  • #151
Closed
Open
Issue created Mar 23, 2020 by Javier Domingo Cansino@txomon

Chart lacking for dind / privileged setup

TL;DR: Having CI to build containers in K8s has currently bad UX because there are no docs on how to achieve it without several hacks and polluting client config

I have been trying to get to work dind with the set up of the chart but I have failed in several ways in the process.

The documentation is extremely lacking in this regard.

https://docs.gitlab.com/runner/executors/kubernetes.html#using-dockerdind

Points you to the documentation of dind for docker executor, but that reference is not easy to apply to the kubernetes executor.

https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#use-docker-in-docker-workflow-with-docker-executor

I have tried to understand how you bring to gitlab-runner up to supply my own config.toml (because of the documentation applied in the previous link) but I have been surprised by the amount of hacks and workarounds present in the helm chart (referring to /scripts/ and everything around it), and had to drop that approach.

Would it be possible to:

a) Have a How-To guide specifically set for this usecase, which I assume is not straightforward?

b) Explain how are we supposed to map the certificates from the dind service container into the ci container within the same pod, and make all this process transparent to the user? This is mentioned in the docs but doesn't seem possible.

The setup I have arrived to is:

  1. in the helm chart set privileged=true
  2. in the .gitlab-ci.yaml set the following config:
variables:
  DOCKER_HOST: tcp://localhost:2735/
services:
  - name: docker:dind
    entrypoint:
      - dockerd
      - -H tcp://127.0.0.1:2735

I'm not sure on what's the best option, but I would advocate to do this either transparent to the end user, or crystal clear documented.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking