CI services from private docker registry work incorrect
Summary
Following instructions https://gitlab.com/jangorecki/postgres/blob/master/.gitlab-ci.yml and https://docs.gitlab.com/ce/ci/docker/using_docker_images.html#define-an-image-from-a-private-docker-registry I try use service from our private repository like:
variables:
# Configure postgres service (https://hub.docker.com/_/postgres/)
# https://gitlab.com/jangorecki/postgres/blob/master/.gitlab-ci.yml
POSTGRES_DB: custom_db
POSTGRES_USER: custom_user
POSTGRES_PASSWORD: custom_pass
services:
- docreg.taskdata.work:5000/egaisdb:latest
- docreg.taskdata.work:5000/egaisapp:latest
- postgres
...snip...
test_first:
stage: test
script:
- export PGPASSWORD=$POSTGRES_PASSWORD
# That works as expected:
- psql -h "postgres" -U "$POSTGRES_USER" -d "$POSTGRES_DB" -c "SELECT 'OK' AS status;"
# But next failed:
- psql -h "egaisdb" -U "postgres" -d "egais" -c "SELECT 'OK' AS status;"
Despite I should provide docker config authorization in runner like volume (-v /root/.docker/config.json:/root/.docker/config.json
) it seams works on first glance but produce warning on start:
Running with gitlab-ci-multi-runner 1.5.2 (76fdacd) Using Docker executor with image taskdata/egais-gitlab-builder:latest ... Pulling docker image docreg.taskdata.work:5000/egaisdb:latest ... Starting service docreg.taskdata.work:5000/egaisdb:latest ... WARNING: Service docreg.taskdata.work:5000/egaisapp:latest is already created. Ignoring.
Steps to reproduce
Try use private repository as provided before.
In this example docreg.taskdata.work:5000/egaisdb:latest
is private docker image build from postgres
and just holds predefined test-data.
Expected behavior
Second command:
- psql -h "egaisdb" -U "postgres" -d "egais" -c "SELECT 'OK' AS status;"
works fine as previous and return OK.
Actual behavior
$ psql -h "egaisdb" -U "postgres" -d "egais" -c "SELECT 'OK' AS status;" psql: could not translate host name "egaisdb" to address: Name or service not known ERROR: Build failed: exit code 1
I've dig some time and found what name of linked host exported incorrectly:
$ cat /etc/hosts
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.3 docreg.taskdata.work 3cab66dbbf57 runner-c5d61c02-project-63-concurrent-0-docreg.taskdata.work
172.17.0.4 postgres 0ae2fe09272f runner-c5d61c02-project-63-concurrent-0-postgres
172.17.0.5 runner-c5d61c02-project-63-concurrent-0
So, for my container domain docreg.taskdata.work
(used as part for two containers) linked to IP, but names like egaisdb
, egaisapp
just absent!
Output of checks
Results of GitLab application Check
I use docker
omnibus
variant:
Output of docker exec -it gitlab gitlab-rake gitlab:check SANITIZE=true
:
# docker exec -it gitlab gitlab-rake gitlab:check SANITIZE=true
Checking GitLab Shell ...
GitLab Shell version >= 3.4.0 ? ... OK (3.4.0)
Repo base directory exists?
default... yes
Repo storage directories are symlinks?
default... no
Repo paths owned by git:git?
default... yes
Repo paths access is drwxrws---?
default... yes
hooks directories in repos are links: ...
35/1 ... ok
46/2 ... ok
34/3 ... ok
36/5 ... ok
40/6 ... ok
42/7 ... ok
37/9 ... ok
36/11 ... ok
46/12 ... ok
34/14 ... ok
36/15 ... ok
41/16 ... ok
41/17 ... ok
47/18 ... ok
44/19 ... ok
34/20 ... ok
36/21 ... ok
37/22 ... ok
51/25 ... ok
51/26 ... ok
53/27 ... ok
55/28 ... ok
56/29 ... ok
34/30 ... repository is empty
45/31 ... ok
58/32 ... ok
51/33 ... ok
59/34 ... ok
59/35 ... ok
51/36 ... ok
66/37 ... ok
60/38 ... ok
51/39 ... ok
36/40 ... ok
69/41 ... ok
50/42 ... ok
64/43 ... ok
34/45 ... ok
70/47 ... ok
51/48 ... ok
70/49 ... ok
74/50 ... ok
43/51 ... ok
49/52 ... ok
51/53 ... ok
36/54 ... ok
44/55 ... ok
49/57 ... ok
51/58 ... ok
48/59 ... ok
51/60 ... ok
51/61 ... ok
41/62 ... ok
46/63 ... ok
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Check GitLab API access: OK
Access to /var/opt/gitlab/.ssh/authorized_keys: OK
Send ping to redis server: OK
gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Sidekiq ...
Running? ... yes
Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking Reply by email ...
Reply by email is disabled in config/gitlab.yml
Checking Reply by email ... Finished
Checking LDAP ...
LDAP is disabled in config/gitlab.yml
Checking LDAP ... Finished
Checking GitLab ...
Git configured with autocrlf=input? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config outdated? ... no
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory setup correctly? ... no
Try fixing it:
sudo chown -R git /var/opt/gitlab/gitlab-rails/uploads
sudo find /var/opt/gitlab/gitlab-rails/uploads -type f -exec chmod 0644 {} \;
sudo find /var/opt/gitlab/gitlab-rails/uploads -type d -not -path /var/opt/gitlab/gitlab-rails/uploads -exec chmod 0700 {} \;
For more information see:
doc/install/installation.md in section "GitLab"
Please fix the error above and rerun the checks.
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
projects have namespace: ...
35/1 ... yes
46/2 ... yes
34/3 ... yes
36/5 ... yes
40/6 ... yes
42/7 ... yes
37/9 ... yes
36/11 ... yes
46/12 ... yes
34/14 ... yes
36/15 ... yes
41/16 ... yes
41/17 ... yes
47/18 ... yes
44/19 ... yes
34/20 ... yes
36/21 ... yes
37/22 ... yes
51/25 ... yes
51/26 ... yes
53/27 ... yes
55/28 ... yes
56/29 ... yes
34/30 ... yes
45/31 ... yes
58/32 ... yes
51/33 ... yes
59/34 ... yes
59/35 ... yes
51/36 ... yes
66/37 ... yes
60/38 ... yes
51/39 ... yes
36/40 ... yes
69/41 ... yes
50/42 ... yes
64/43 ... yes
34/45 ... yes
70/47 ... yes
51/48 ... yes
70/49 ... yes
74/50 ... yes
43/51 ... yes
49/52 ... yes
51/53 ... yes
36/54 ... yes
44/55 ... yes
49/57 ... yes
51/58 ... yes
48/59 ... yes
51/60 ... yes
51/61 ... yes
41/62 ... yes
46/63 ... yes
Redis version >= 2.8.0? ... yes
Ruby version >= 2.1.0 ? ... yes (2.3.1)
Your git bin path is "/opt/gitlab/embedded/bin/git"
Git version >= 2.7.3 ? ... yes (2.7.4)
Active users: 39
Checking GitLab ... Finished
Results of GitLab environment info
Output of docker exec -it gitlab gitlab-rake gitlab:env:info
# docker exec -it gitlab gitlab-rake gitlab:env:info
System information
System:
Current User: git
Using RVM: no
Ruby Version: 2.3.1p112
Gem Version: 2.6.6
Bundler Version:2.3.0
Rake Version: 10.5.0
Sidekiq Version:4.1.4
GitLab information
Version: 8.11.6
Revision: 410d751
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: postgresql
URL: http://git.taskdata.com
HTTP Clone URL: http://git.taskdata.com/some-group/some-project.git
SSH Clone URL: ssh://git@git.taskdata.com:7022/some-group/some-project.git
Using LDAP: no
Using Omniauth: no
GitLab Shell
Version: 3.4.0
Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories
Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks/
Git: /opt/gitlab/embedded/bin/git
Possible fixes
I will try add my registry into default searchable one.
But suggest extend in .gitlab-ci.yml
services
syntax to something allow provide credentials and aliases like:
services:
- docreg.taskdata.work:5000/egaisdb:latest:
alias: db
user: some
password: secret