Connection with a local docker:dind is failing
Summary
In our company, we are running a local gitlab instance.
- On one host, we are runnning a gitlab instance, deployed with omnibus over a Ubuntu 22.04 server.
- On another host, we are running a gitlab-runner instance, deployed with omnibus over a Ubuntu 22.04 server.
On a project, we need to build a docker image, and run this very image for test purpose.
We are failing at docker info:
$ docker info || true
Client:
Version: 24.0.7
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.12.0
Path: /usr/local/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.23.3
Path: /usr/local/libexec/docker/cli-plugins/docker-compose
Server:
ERROR: error during connect: Get "http://docker:2375/v1.24/info": dial tcp: lookup docker on 10.15.30.3:53: server misbehaving
errors pretty printing info
$ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
error during connect: Post "http://docker:2375/v1.24/auth": dial tcp: lookup docker on 10.15.30.3:53: server misbehavingIt must be noted that our instance is running with http, not https. This is the main difference between the failing case and the working case (hub.docker.com is running with https).
Steps to reproduce
- push a copy of docker:dind in local gitlab registry. NB: our gitlab instance is not using https.
- use this local docker image as
services: - name:in a pipeline job - run
docker infoordocker login
docker-builder runner configuration is described at the end of the issue.
Failing .gitlab-ci.yml with local docker:dind
echo:
tags:
- docker-builder
services:
- name: ${CI_REGISTRY}/common/docker/docker/dind:20240102
entrypoint: ["env", "-u", "DOCKER_HOST"]
command: ["sh", "-c", "dockerd-entrypoint.sh --insecure-registry $CI_REGISTRY --log-level debug --debug"]
variables:
DOCKER_TLS_CERTDIR: ""
CI_DEBUG_SERVICES: 'true'
script:
- docker info || true
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRYWorking .gitlab-ci.yml with dockerhub docker:dind
echo:
tags:
- docker-builder
services:
- name: docker:24.0.7-dind
entrypoint: ["env", "-u", "DOCKER_HOST"]
command: ["sh", "-c", "dockerd-entrypoint.sh --insecure-registry $CI_REGISTRY --log-level debug --debug"]
variables:
DOCKER_TLS_CERTDIR: ""
CI_DEBUG_SERVICES: 'true'
script:
- docker info || true
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRYActual behavior
$ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
error during connect: Post "http://docker:2375/v1.24/auth": dial tcp: lookup docker on 10.15.30.3:53: server misbehavingExpected behavior
$ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
Login SucceededRelevant logs and/or screenshots
Run failing
Running with gitlab-runner 16.7.0 (102c81ba)
on runner/dind 3Mp6PM7r, system ID: r_9kLHjaIfNieF
Preparing the "docker" executor 00:21
Using Docker executor with image gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 ...
Starting service gitlab.xxxxxx.com/common/docker/docker/dind:20240102 ...
Authenticating with credentials from job payload (GitLab Registry)
Pulling docker image gitlab.xxxxxx.com:5050/common/docker/docker/dind:20240102 ...
Using docker image sha256:e3bb58bfe1c96b523e42ce9dfbe6a85d91158c57a8afb9a923c84be458941b21 for gitlab.xxxxxx.com:5050/common/docker/docker/dind:20240102 with digest gitlab.xxxxxx.com:5050/common/docker/docker/dind@sha256:073461a0c212c03f3c026ce0184fcefe831369cd6fa298001c4d1719f3eada91 ...
Waiting for services to be up and running (timeout 30 seconds)...
info msg="Starting up"
warning msg="Binding to IP address without --tlsverify is insecure and gives root access on this machine to everyone who has access to your network." host="tcp://0.0.0.0:2375"
warning msg="Binding to an IP address, even on localhost, can also give access to scripts run in a browser. Be safe out there!" host="tcp://0.0.0.0:2375"
warning msg="Binding to an IP address without --tlsverify is deprecated. Startup is intentionally being slowed down to show this message" host="tcp://0.0.0.0:2375"
warning msg="Please consider generating tls certificates with client validation to prevent exposing unauthenticated root access to your network" host="tcp://0.0.0.0:2375"
warning msg="You can override this by explicitly specifying '--tls=false' or '--tlsverify=false'" host="tcp://0.0.0.0:2375"
warning msg="Support for listening on TCP without authentication or explicit intent to run without authentication will be removed in the next release" host="tcp://0.0.0.0:2375"
debug msg="Listener created for HTTP on tcp (0.0.0.0:2375)"
warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
debug msg="Listener created for HTTP on unix (/var/run/docker.sock)"
info msg="containerd not running, starting managed containerd"
info msg="started new containerd process" address=/var/run/docker/containerd/containerd.sock module=libcontainerd pid=39
info msg="starting containerd" revision=091922f03c2762540fd057fba91260237ff86acb version=v1.7.6
info msg="loading plugin \"io.containerd.snapshotter.v1.aufs\"..." type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.content.v1.content\"..." type=io.containerd.content.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.blockfile\"..." type=io.containerd.snapshotter.v1
info msg="skip loading plugin \"io.containerd.snapshotter.v1.blockfile\"..." error="no scratch file generator: skip plugin" type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.native\"..." type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.overlayfs\"..." type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.devmapper\"..." type=io.containerd.snapshotter.v1
warning msg="failed to load plugin io.containerd.snapshotter.v1.devmapper" error="devmapper not configured"
info msg="loading plugin \"io.containerd.snapshotter.v1.zfs\"..." type=io.containerd.snapshotter.v1
info msg="skip loading plugin \"io.containerd.snapshotter.v1.zfs\"..." error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.metadata.v1.bolt\"..." type=io.containerd.metadata.v1
warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured"
info msg="metadata content store policy set" policy=shared
info msg="loading plugin \"io.containerd.differ.v1.walking\"..." type=io.containerd.differ.v1
info msg="loading plugin \"io.containerd.event.v1.exchange\"..." type=io.containerd.event.v1
info msg="loading plugin \"io.containerd.gc.v1.scheduler\"..." type=io.containerd.gc.v1
info msg="loading plugin \"io.containerd.lease.v1.manager\"..." type=io.containerd.lease.v1
info msg="loading plugin \"io.containerd.nri.v1.nri\"..." type=io.containerd.nri.v1
info msg="NRI interface is disabled by configuration."
info msg="loading plugin \"io.containerd.runtime.v2.task\"..." type=io.containerd.runtime.v2
info msg="loading plugin \"io.containerd.runtime.v2.shim\"..." type=io.containerd.runtime.v2
info msg="loading plugin \"io.containerd.sandbox.store.v1.local\"..." type=io.containerd.sandbox.store.v1
info msg="loading plugin \"io.containerd.sandbox.controller.v1.local\"..." type=io.containerd.sandbox.controller.v1
info msg="loading plugin \"io.containerd.streaming.v1.manager\"..." type=io.containerd.streaming.v1
info msg="loading plugin \"io.containerd.service.v1.introspection-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.containers-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.content-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.diff-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.images-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.namespaces-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.snapshots-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.runtime.v1.linux\"..." type=io.containerd.runtime.v1
info msg="loading plugin \"io.containerd.monitor.v1.cgroups\"..." type=io.containerd.monitor.v1
info msg="loading plugin \"io.containerd.service.v1.tasks-service\"..." type=io.containerd.service.v1
debug msg="No blockio config file specified, blockio not configured"
debug msg="No RDT config file specified, RDT not configured"
info msg="loading plugin \"io.containerd.grpc.v1.introspection\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.transfer.v1.local\"..." type=io.containerd.transfer.v1
info msg="loading plugin \"io.containerd.internal.v1.restart\"..." type=io.containerd.internal.v1
info msg="loading plugin \"io.containerd.grpc.v1.containers\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.content\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.diff\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.events\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.healthcheck\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.images\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.leases\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.namespaces\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.internal.v1.opt\"..." type=io.containerd.internal.v1
info msg="loading plugin \"io.containerd.grpc.v1.sandbox-controllers\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.sandboxes\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.snapshots\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.streaming\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.tasks\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.transfer\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.version\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." type=io.containerd.tracing.processor.v1
info msg="skip loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." error="no OpenTelemetry endpoint: skip plugin" type=io.containerd.tracing.processor.v1
info msg="loading plugin \"io.containerd.internal.v1.tracing\"..." type=io.containerd.internal.v1
info msg="skipping tracing processor initialization (no tracing plugin)" error="no OpenTelemetry endpoint: skip plugin"
info msg=serving... address=/var/run/docker/containerd/containerd-debug.sock
info msg=serving... address=/var/run/docker/containerd/containerd.sock.ttrpc
info msg=serving... address=/var/run/docker/containerd/containerd.sock
debug msg="sd notification" notified=false state="READY=1"
info msg="containerd successfully booted in 0.201075s"
debug msg="created containerd monitoring client" address=/var/run/docker/containerd/containerd.sock module=libcontainerd
debug msg="garbage collected" d=1.589208ms
debug msg="Golang's threads limit set to 462330"
debug msg="metrics API listening on /var/run/docker/metrics.sock"
debug msg="Using default logging driver json-file"
debug msg="processing event stream" module=libcontainerd namespace=plugins.moby
debug msg="No quota support for local volumes in /var/lib/docker/volumes: Filesystem does not support, or has not enabled quotas"
debug msg="[graphdriver] priority list: [overlay2 fuse-overlayfs btrfs zfs devicemapper vfs]"
debug msg="successfully detected metacopy status" storage-driver=overlay2 usingMetacopy=false
debug msg="backingFs=extfs, projectQuotaSupported=false, usingMetacopy=false, indexOff=\"index=off,\", userxattr=\"\"" storage-driver=overlay2
debug msg="Initialized graph driver overlay2"
debug msg="Max Concurrent Downloads: 3"
debug msg="Max Concurrent Uploads: 5"
debug msg="Max Download Attempts: 5"
info msg="Loading containers: start."
debug msg="Option DefaultDriver: bridge"
debug msg="Option DefaultNetwork: bridge"
debug msg="Network Control Plane MTU: 1500"
debug msg="processing event stream" module=libcontainerd namespace=moby
debug msg="unable to initialize firewalld; using raw iptables instead" error="Failed to connect to D-Bus system bus: dial unix /var/run/dbus/system_bus_socket: connect: no such file or directory"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-ISOLATION]"
debug msg="/sbin/iptables, [--wait -t nat -D PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -D OUTPUT -m addrtype --dst-type LOCAL ! --dst 127.0.0.0/8 -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -D OUTPUT -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -D PREROUTING]"
debug msg="/sbin/iptables, [--wait -t nat -D OUTPUT]"
debug msg="/sbin/iptables, [--wait -t nat -F DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -X DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER-ISOLATION]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER-ISOLATION]"
debug msg="/sbin/iptables, [--wait -t nat -n -L DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -N DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-1 -j RETURN]"
debug msg="/sbin/iptables, [--wait -A DOCKER-ISOLATION-STAGE-1 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-2 -j RETURN]"
debug msg="/sbin/iptables, [--wait -A DOCKER-ISOLATION-STAGE-2 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -A DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -D FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-USER]"
debug msg="Allocating IPv4 pools for network bridge (19b25936f98173672e92e81f482e40f089cfa18c6a8f977e34b948ae4394c643)"
debug msg="RequestPool(LocalDefault, , , map[], false)"
debug msg="RequestPool(LocalDefault, , , map[], false)"
debug msg="ReleasePool(LocalDefault/172.17.0.0/16)"
debug msg="RequestAddress(LocalDefault/172.18.0.0/16, <nil>, map[RequestAddressType:com.docker.network.gateway])"
debug msg="Request address PoolID:172.18.0.0/16 Bits: 65536, Unselected: 65534, Sequence: (0x80000000, 1)->(0x0, 2046)->(0x1, 1)->end Curr:0 Serial:false PrefAddress:invalid IP "
debug msg="Did not find any interface with name docker0: Link not found"
debug msg="Setting bridge mac address to 02:42:7c:a3:f8:fe"
debug msg="Assigning address to bridge interface docker0: 172.18.0.1/16"
debug msg="/sbin/iptables, [--wait -t nat -C POSTROUTING -s 172.18.0.0/16 ! -o docker0 -j MASQUERADE]"
debug msg="/sbin/iptables, [--wait -t nat -I POSTROUTING -s 172.18.0.0/16 ! -o docker0 -j MASQUERADE]"
debug msg="/sbin/iptables, [--wait -t nat -C DOCKER -i docker0 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t nat -I DOCKER -i docker0 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t nat -C POSTROUTING -m addrtype --src-type LOCAL -o docker0 -j MASQUERADE]"
debug msg="/sbin/iptables, [--wait -D FORWARD -i docker0 -o docker0 -j DROP]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -I FORWARD -i docker0 -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -I FORWARD -i docker0 ! -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -t nat -C PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -C OUTPUT -m addrtype --dst-type LOCAL -j DOCKER ! --dst 127.0.0.0/8]"
debug msg="/sbin/iptables, [--wait -t nat -A OUTPUT -m addrtype --dst-type LOCAL -j DOCKER ! --dst 127.0.0.0/8]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -o docker0 -j DOCKER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -o docker0 -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -I FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -I DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP]"
debug msg="/sbin/iptables, [--wait -t filter -I DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -D FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-USER]"
info msg="Loading containers: done."
Authenticating with credentials from job payload (GitLab Registry)
Pulling docker image gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 ...
Using docker image sha256:ad86af52c48c2de147094ba676f99df900860b79fc08ccd0bbb95224e7b066b8 for gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 with digest gitlab.xxxxxx.com:5050/common/docker/runner/dind@sha256:a9220b5390f25d58cdd09728d3f445fdf83665cf9684931455977021bdb94592 ...
Preparing environment 00:01
warning msg="WARNING: API is accessible on http://0.0.0.0:2375 without encryption.\n Access to the remote API is equivalent to root access on the host. Refer\n to the 'Docker daemon attack surface' section in the documentation for\n more information: https://docs.docker.com/go/attack-surface/"
warning msg="WARNING: No swap limit support"
info msg="Docker daemon" commit=311b9ff graphdriver=overlay2 version=24.0.7
info msg="Daemon has completed initialization"
debug msg="Registering routers"
debug msg="Registering GET, /containers/{name:.*}/checkpoints"
debug msg="Registering POST, /containers/{name:.*}/checkpoints"
debug msg="Registering DELETE, /containers/{name}/checkpoints/{checkpoint}"
debug msg="Registering HEAD, /containers/{name:.*}/archive"
debug msg="Registering GET, /containers/json"
debug msg="Registering GET, /containers/{name:.*}/export"
debug msg="Registering GET, /containers/{name:.*}/changes"
debug msg="Registering GET, /containers/{name:.*}/json"
debug msg="Registering GET, /containers/{name:.*}/top"
debug msg="Registering GET, /containers/{name:.*}/logs"
debug msg="Registering GET, /containers/{name:.*}/stats"
debug msg="Registering GET, /containers/{name:.*}/attach/ws"
debug msg="Registering GET, /exec/{id:.*}/json"
debug msg="Registering GET, /containers/{name:.*}/archive"
debug msg="Registering POST, /containers/create"
debug msg="Registering POST, /containers/{name:.*}/kill"
debug msg="Registering POST, /containers/{name:.*}/pause"
debug msg="Registering POST, /containers/{name:.*}/unpause"
debug msg="Registering POST, /containers/{name:.*}/restart"
debug msg="Registering POST, /containers/{name:.*}/start"
debug msg="Registering POST, /containers/{name:.*}/stop"
debug msg="Registering POST, /containers/{name:.*}/wait"
debug msg="Registering POST, /containers/{name:.*}/resize"
debug msg="Registering POST, /containers/{name:.*}/attach"
debug msg="Registering POST, /containers/{name:.*}/copy"
debug msg="Registering POST, /containers/{name:.*}/exec"
debug msg="Registering POST, /exec/{name:.*}/start"
debug msg="Registering POST, /exec/{name:.*}/resize"
debug msg="Registering POST, /containers/{name:.*}/rename"
debug msg="Registering POST, /containers/{name:.*}/update"
debug msg="Registering POST, /containers/prune"
debug msg="Registering POST, /commit"
debug msg="Registering PUT, /containers/{name:.*}/archive"
debug msg="Registering DELETE, /containers/{name:.*}"
debug msg="Registering GET, /images/json"
debug msg="Registering GET, /images/search"
debug msg="Registering GET, /images/get"
debug msg="Registering GET, /images/{name:.*}/get"
debug msg="Registering GET, /images/{name:.*}/history"
debug msg="Registering GET, /images/{name:.*}/json"
debug msg="Registering POST, /images/load"
debug msg="Registering POST, /images/create"
debug msg="Registering POST, /images/{name:.*}/push"
debug msg="Registering POST, /images/{name:.*}/tag"
debug msg="Registering POST, /images/prune"
debug msg="Registering DELETE, /images/{name:.*}"
debug msg="Registering OPTIONS, /{anyroute:.*}"
debug msg="Registering GET, /_ping"
debug msg="Registering HEAD, /_ping"
debug msg="Registering GET, /events"
debug msg="Registering GET, /info"
debug msg="Registering GET, /version"
debug msg="Registering GET, /system/df"
debug msg="Registering POST, /auth"
debug msg="Registering GET, /volumes"
debug msg="Registering GET, /volumes/{name:.*}"
debug msg="Registering POST, /volumes/create"
debug msg="Registering POST, /volumes/prune"
debug msg="Registering PUT, /volumes/{name:.*}"
debug msg="Registering DELETE, /volumes/{name:.*}"
debug msg="Registering POST, /build"
debug msg="Registering POST, /build/prune"
debug msg="Registering POST, /build/cancel"
debug msg="Registering POST, /session"
debug msg="Registering POST, /swarm/init"
debug msg="Registering POST, /swarm/join"
debug msg="Registering POST, /swarm/leave"
debug msg="Registering GET, /swarm"
debug msg="Registering GET, /swarm/unlockkey"
debug msg="Registering POST, /swarm/update"
debug msg="Registering POST, /swarm/unlock"
debug msg="Registering GET, /services"
debug msg="Registering GET, /services/{id}"
debug msg="Registering POST, /services/create"
debug msg="Registering POST, /services/{id}/update"
debug msg="Registering DELETE, /services/{id}"
debug msg="Registering GET, /services/{id}/logs"
debug msg="Registering GET, /nodes"
debug msg="Registering GET, /nodes/{id}"
debug msg="Registering DELETE, /nodes/{id}"
debug msg="Registering POST, /nodes/{id}/update"
debug msg="Registering GET, /tasks"
debug msg="Registering GET, /tasks/{id}"
debug msg="Registering GET, /tasks/{id}/logs"
debug msg="Registering GET, /secrets"
debug msg="Registering POST, /secrets/create"
debug msg="Registering DELETE, /secrets/{id}"
debug msg="Registering GET, /secrets/{id}"
debug msg="Registering POST, /secrets/{id}/update"
debug msg="Registering GET, /configs"
debug msg="Registering POST, /configs/create"
debug msg="Registering DELETE, /configs/{id}"
debug msg="Registering GET, /configs/{id}"
debug msg="Registering POST, /configs/{id}/update"
debug msg="Registering GET, /plugins"
debug msg="Registering GET, /plugins/{name:.*}/json"
debug msg="Registering GET, /plugins/privileges"
debug msg="Registering DELETE, /plugins/{name:.*}"
debug msg="Registering POST, /plugins/{name:.*}/enable"
debug msg="Registering POST, /plugins/{name:.*}/disable"
debug msg="Registering POST, /plugins/pull"
debug msg="Registering POST, /plugins/{name:.*}/push"
debug msg="Registering POST, /plugins/{name:.*}/upgrade"
debug msg="Registering POST, /plugins/{name:.*}/set"
debug msg="Registering POST, /plugins/create"
debug msg="Registering GET, /distribution/{name:.*}/json"
debug msg="Registering POST, /grpc"
debug msg="Registering GET, /networks"
debug msg="Registering GET, /networks/"
debug msg="Registering GET, /networks/{id:.+}"
debug msg="Registering POST, /networks/create"
debug msg="Registering POST, /networks/{id:.*}/connect"
debug msg="Registering POST, /networks/{id:.*}/disconnect"
debug msg="Registering POST, /networks/prune"
debug msg="Registering DELETE, /networks/{id:.*}"
info msg="API listen on /var/run/docker.sock"
info msg="API listen on [::]:2375"
Running on runner-3mp6pm7r-project-94-concurrent-0 via 6145946be6f5...
Getting source from Git repository 00:02
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /builds/sandbox/bacasable/0/.git/
Checking out 31d24f4c as detached HEAD (ref is dev/jerome.reybert-pages/main)...
Skipping Git submodules setup
Executing "step_script" stage of the job script 00:01
Using docker image sha256:ad86af52c48c2de147094ba676f99df900860b79fc08ccd0bbb95224e7b066b8 for gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 with digest gitlab.xxxxxx.com:5050/common/docker/runner/dind@sha256:a9220b5390f25d58cdd09728d3f445fdf83665cf9684931455977021bdb94592 ...
$ echo DOCKER_HOST $DOCKER_HOST
DOCKER_HOST tcp://docker:2375
$ docker info || true
Client:
Version: 24.0.7
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.12.0
Path: /usr/local/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.23.3
Path: /usr/local/libexec/docker/cli-plugins/docker-compose
Server:
ERROR: error during connect: Get "http://docker:2375/v1.24/info": dial tcp: lookup docker on 10.15.30.3:53: server misbehaving
errors pretty printing info
$ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
error during connect: Post "http://docker:2375/v1.24/auth": dial tcp: lookup docker on 10.15.30.3:53: server misbehaving
ERROR: Job failed: exit code 1Run success
Running with gitlab-runner 16.7.0 (102c81ba)
on runner/dind 3Mp6PM7r, system ID: r_9kLHjaIfNieF
Preparing the "docker" executor 00:23
Using Docker executor with image gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 ...
Starting service docker:24.0.7-dind ...
Pulling docker image docker:24.0.7-dind ...
Using docker image sha256:6091c7bd89fd2789606b49815b2b9ea1a9142ee6e8762089ab3975afd6784a6c for docker:24.0.7-dind with digest docker@sha256:1b9844d846ce3a6a6af7013e999a373112c3c0450aca49e155ae444526a2c45e ...
Waiting for services to be up and running (timeout 30 seconds)...
info msg="Starting up"
warning msg="Binding to IP address without --tlsverify is insecure and gives root access on this machine to everyone who has access to your network." host="tcp://0.0.0.0:2375"
warning msg="Binding to an IP address, even on localhost, can also give access to scripts run in a browser. Be safe out there!" host="tcp://0.0.0.0:2375"
warning msg="Binding to an IP address without --tlsverify is deprecated. Startup is intentionally being slowed down to show this message" host="tcp://0.0.0.0:2375"
warning msg="Please consider generating tls certificates with client validation to prevent exposing unauthenticated root access to your network" host="tcp://0.0.0.0:2375"
warning msg="You can override this by explicitly specifying '--tls=false' or '--tlsverify=false'" host="tcp://0.0.0.0:2375"
warning msg="Support for listening on TCP without authentication or explicit intent to run without authentication will be removed in the next release" host="tcp://0.0.0.0:2375"
debug msg="Listener created for HTTP on tcp (0.0.0.0:2375)"
warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
debug msg="Listener created for HTTP on unix (/var/run/docker.sock)"
info msg="containerd not running, starting managed containerd"
info msg="started new containerd process" address=/var/run/docker/containerd/containerd.sock module=libcontainerd pid=34
info msg="starting containerd" revision=091922f03c2762540fd057fba91260237ff86acb version=v1.7.6
info msg="loading plugin \"io.containerd.snapshotter.v1.aufs\"..." type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.content.v1.content\"..." type=io.containerd.content.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.blockfile\"..." type=io.containerd.snapshotter.v1
info msg="skip loading plugin \"io.containerd.snapshotter.v1.blockfile\"..." error="no scratch file generator: skip plugin" type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.native\"..." type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.overlayfs\"..." type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.snapshotter.v1.devmapper\"..." type=io.containerd.snapshotter.v1
warning msg="failed to load plugin io.containerd.snapshotter.v1.devmapper" error="devmapper not configured"
info msg="loading plugin \"io.containerd.snapshotter.v1.zfs\"..." type=io.containerd.snapshotter.v1
info msg="skip loading plugin \"io.containerd.snapshotter.v1.zfs\"..." error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
info msg="loading plugin \"io.containerd.metadata.v1.bolt\"..." type=io.containerd.metadata.v1
warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured"
info msg="metadata content store policy set" policy=shared
info msg="loading plugin \"io.containerd.differ.v1.walking\"..." type=io.containerd.differ.v1
info msg="loading plugin \"io.containerd.event.v1.exchange\"..." type=io.containerd.event.v1
info msg="loading plugin \"io.containerd.gc.v1.scheduler\"..." type=io.containerd.gc.v1
info msg="loading plugin \"io.containerd.lease.v1.manager\"..." type=io.containerd.lease.v1
info msg="loading plugin \"io.containerd.nri.v1.nri\"..." type=io.containerd.nri.v1
info msg="NRI interface is disabled by configuration."
info msg="loading plugin \"io.containerd.runtime.v2.task\"..." type=io.containerd.runtime.v2
info msg="loading plugin \"io.containerd.runtime.v2.shim\"..." type=io.containerd.runtime.v2
info msg="loading plugin \"io.containerd.sandbox.store.v1.local\"..." type=io.containerd.sandbox.store.v1
info msg="loading plugin \"io.containerd.sandbox.controller.v1.local\"..." type=io.containerd.sandbox.controller.v1
info msg="loading plugin \"io.containerd.streaming.v1.manager\"..." type=io.containerd.streaming.v1
info msg="loading plugin \"io.containerd.service.v1.introspection-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.containers-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.content-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.diff-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.images-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.namespaces-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.service.v1.snapshots-service\"..." type=io.containerd.service.v1
info msg="loading plugin \"io.containerd.runtime.v1.linux\"..." type=io.containerd.runtime.v1
info msg="loading plugin \"io.containerd.monitor.v1.cgroups\"..." type=io.containerd.monitor.v1
info msg="loading plugin \"io.containerd.service.v1.tasks-service\"..." type=io.containerd.service.v1
debug msg="No blockio config file specified, blockio not configured"
debug msg="No RDT config file specified, RDT not configured"
info msg="loading plugin \"io.containerd.grpc.v1.introspection\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.transfer.v1.local\"..." type=io.containerd.transfer.v1
info msg="loading plugin \"io.containerd.internal.v1.restart\"..." type=io.containerd.internal.v1
info msg="loading plugin \"io.containerd.grpc.v1.containers\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.content\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.diff\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.events\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.healthcheck\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.images\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.leases\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.namespaces\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.internal.v1.opt\"..." type=io.containerd.internal.v1
info msg="loading plugin \"io.containerd.grpc.v1.sandbox-controllers\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.sandboxes\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.snapshots\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.streaming\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.tasks\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.transfer\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.grpc.v1.version\"..." type=io.containerd.grpc.v1
info msg="loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." type=io.containerd.tracing.processor.v1
info msg="skip loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." error="no OpenTelemetry endpoint: skip plugin" type=io.containerd.tracing.processor.v1
info msg="loading plugin \"io.containerd.internal.v1.tracing\"..." type=io.containerd.internal.v1
info msg="skipping tracing processor initialization (no tracing plugin)" error="no OpenTelemetry endpoint: skip plugin"
info msg=serving... address=/var/run/docker/containerd/containerd-debug.sock
info msg=serving... address=/var/run/docker/containerd/containerd.sock.ttrpc
info msg=serving... address=/var/run/docker/containerd/containerd.sock
debug msg="sd notification" notified=false state="READY=1"
info msg="containerd successfully booted in 0.109158s"
debug msg="created containerd monitoring client" address=/var/run/docker/containerd/containerd.sock module=libcontainerd
debug msg="Golang's threads limit set to 462330"
debug msg="metrics API listening on /var/run/docker/metrics.sock"
debug msg="Using default logging driver json-file"
debug msg="processing event stream" module=libcontainerd namespace=plugins.moby
debug msg="No quota support for local volumes in /var/lib/docker/volumes: Filesystem does not support, or has not enabled quotas"
debug msg="[graphdriver] priority list: [overlay2 fuse-overlayfs btrfs zfs devicemapper vfs]"
debug msg="successfully detected metacopy status" storage-driver=overlay2 usingMetacopy=false
debug msg="backingFs=extfs, projectQuotaSupported=false, usingMetacopy=false, indexOff=\"index=off,\", userxattr=\"\"" storage-driver=overlay2
debug msg="Initialized graph driver overlay2"
debug msg="Max Concurrent Downloads: 3"
debug msg="Max Concurrent Uploads: 5"
debug msg="Max Download Attempts: 5"
info msg="Loading containers: start."
debug msg="Option DefaultDriver: bridge"
debug msg="Option DefaultNetwork: bridge"
debug msg="Network Control Plane MTU: 1500"
debug msg="processing event stream" module=libcontainerd namespace=moby
debug msg="unable to initialize firewalld; using raw iptables instead" error="Failed to connect to D-Bus system bus: dial unix /var/run/dbus/system_bus_socket: connect: no such file or directory"
debug msg="garbage collected" d=1.459049ms
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-ISOLATION]"
debug msg="/sbin/iptables, [--wait -t nat -D PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -D OUTPUT -m addrtype --dst-type LOCAL ! --dst 127.0.0.0/8 -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -D OUTPUT -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -D PREROUTING]"
debug msg="/sbin/iptables, [--wait -t nat -D OUTPUT]"
debug msg="/sbin/iptables, [--wait -t nat -F DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -X DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -F DOCKER-ISOLATION]"
debug msg="/sbin/iptables, [--wait -t filter -X DOCKER-ISOLATION]"
debug msg="/sbin/iptables, [--wait -t nat -n -L DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -N DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-1 -j RETURN]"
debug msg="/sbin/iptables, [--wait -A DOCKER-ISOLATION-STAGE-1 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-2 -j RETURN]"
debug msg="/sbin/iptables, [--wait -A DOCKER-ISOLATION-STAGE-2 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -N DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -A DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -D FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-USER]"
debug msg="Allocating IPv4 pools for network bridge (1d399a494f8b1e97d3d19a3afd56d340c264d6f52a5ce8cd0f5f280fbc12eebf)"
debug msg="RequestPool(LocalDefault, , , map[], false)"
debug msg="RequestPool(LocalDefault, , , map[], false)"
debug msg="ReleasePool(LocalDefault/172.17.0.0/16)"
debug msg="RequestAddress(LocalDefault/172.18.0.0/16, <nil>, map[RequestAddressType:com.docker.network.gateway])"
debug msg="Request address PoolID:172.18.0.0/16 Bits: 65536, Unselected: 65534, Sequence: (0x80000000, 1)->(0x0, 2046)->(0x1, 1)->end Curr:0 Serial:false PrefAddress:invalid IP "
debug msg="Did not find any interface with name docker0: Link not found"
debug msg="Setting bridge mac address to 02:42:40:1d:88:40"
debug msg="Assigning address to bridge interface docker0: 172.18.0.1/16"
debug msg="/sbin/iptables, [--wait -t nat -C POSTROUTING -s 172.18.0.0/16 ! -o docker0 -j MASQUERADE]"
debug msg="/sbin/iptables, [--wait -t nat -I POSTROUTING -s 172.18.0.0/16 ! -o docker0 -j MASQUERADE]"
debug msg="/sbin/iptables, [--wait -t nat -C DOCKER -i docker0 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t nat -I DOCKER -i docker0 -j RETURN]"
debug msg="/sbin/iptables, [--wait -t nat -C POSTROUTING -m addrtype --src-type LOCAL -o docker0 -j MASQUERADE]"
debug msg="/sbin/iptables, [--wait -D FORWARD -i docker0 -o docker0 -j DROP]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -i docker0 -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -I FORWARD -i docker0 -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -I FORWARD -i docker0 ! -o docker0 -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -t nat -C PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t nat -C OUTPUT -m addrtype --dst-type LOCAL -j DOCKER ! --dst 127.0.0.0/8]"
debug msg="/sbin/iptables, [--wait -t nat -A OUTPUT -m addrtype --dst-type LOCAL -j DOCKER ! --dst 127.0.0.0/8]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -o docker0 -j DOCKER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -o docker0 -j DOCKER]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -I FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-ISOLATION-STAGE-1]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -I DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP]"
debug msg="/sbin/iptables, [--wait -t filter -I DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP]"
debug msg="/sbin/iptables, [--wait -t filter -n -L DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -t filter -C DOCKER-USER -j RETURN]"
debug msg="/sbin/iptables, [--wait -t filter -C FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -D FORWARD -j DOCKER-USER]"
debug msg="/sbin/iptables, [--wait -I FORWARD -j DOCKER-USER]"
info msg="Loading containers: done."
warning msg="WARNING: API is accessible on http://0.0.0.0:2375 without encryption.\n Access to the remote API is equivalent to root access on the host. Refer\n to the 'Docker daemon attack surface' section in the documentation for\n more information: https://docs.docker.com/go/attack-surface/"
warning msg="WARNING: No swap limit support"
info msg="Docker daemon" commit=311b9ff graphdriver=overlay2 version=24.0.7
info msg="Daemon has completed initialization"
debug msg="Registering routers"
debug msg="Registering GET, /containers/{name:.*}/checkpoints"
debug msg="Registering POST, /containers/{name:.*}/checkpoints"
debug msg="Registering DELETE, /containers/{name}/checkpoints/{checkpoint}"
debug msg="Registering HEAD, /containers/{name:.*}/archive"
debug msg="Registering GET, /containers/json"
debug msg="Registering GET, /containers/{name:.*}/export"
debug msg="Registering GET, /containers/{name:.*}/changes"
debug msg="Registering GET, /containers/{name:.*}/json"
debug msg="Registering GET, /containers/{name:.*}/top"
debug msg="Registering GET, /containers/{name:.*}/logs"
debug msg="Registering GET, /containers/{name:.*}/stats"
debug msg="Registering GET, /containers/{name:.*}/attach/ws"
debug msg="Registering GET, /exec/{id:.*}/json"
debug msg="Registering GET, /containers/{name:.*}/archive"
debug msg="Registering POST, /containers/create"
debug msg="Registering POST, /containers/{name:.*}/kill"
debug msg="Registering POST, /containers/{name:.*}/pause"
debug msg="Registering POST, /containers/{name:.*}/unpause"
debug msg="Registering POST, /containers/{name:.*}/restart"
debug msg="Registering POST, /containers/{name:.*}/start"
debug msg="Registering POST, /containers/{name:.*}/stop"
debug msg="Registering POST, /containers/{name:.*}/wait"
debug msg="Registering POST, /containers/{name:.*}/resize"
debug msg="Registering POST, /containers/{name:.*}/attach"
debug msg="Registering POST, /containers/{name:.*}/copy"
debug msg="Registering POST, /containers/{name:.*}/exec"
debug msg="Registering POST, /exec/{name:.*}/start"
debug msg="Registering POST, /exec/{name:.*}/resize"
debug msg="Registering POST, /containers/{name:.*}/rename"
debug msg="Registering POST, /containers/{name:.*}/update"
debug msg="Registering POST, /containers/prune"
debug msg="Registering POST, /commit"
debug msg="Registering PUT, /containers/{name:.*}/archive"
debug msg="Registering DELETE, /containers/{name:.*}"
debug msg="Registering GET, /images/json"
debug msg="Registering GET, /images/search"
debug msg="Registering GET, /images/get"
debug msg="Registering GET, /images/{name:.*}/get"
debug msg="Registering GET, /images/{name:.*}/history"
debug msg="Registering GET, /images/{name:.*}/json"
debug msg="Registering POST, /images/load"
debug msg="Registering POST, /images/create"
debug msg="Registering POST, /images/{name:.*}/push"
debug msg="Registering POST, /images/{name:.*}/tag"
debug msg="Registering POST, /images/prune"
debug msg="Registering DELETE, /images/{name:.*}"
debug msg="Registering OPTIONS, /{anyroute:.*}"
debug msg="Registering GET, /_ping"
debug msg="Registering HEAD, /_ping"
debug msg="Registering GET, /events"
debug msg="Registering GET, /info"
debug msg="Registering GET, /version"
debug msg="Registering GET, /system/df"
debug msg="Registering POST, /auth"
debug msg="Registering GET, /volumes"
debug msg="Registering GET, /volumes/{name:.*}"
debug msg="Registering POST, /volumes/create"
debug msg="Registering POST, /volumes/prune"
debug msg="Registering PUT, /volumes/{name:.*}"
debug msg="Registering DELETE, /volumes/{name:.*}"
debug msg="Registering POST, /build"
debug msg="Registering POST, /build/prune"
debug msg="Registering POST, /build/cancel"
debug msg="Registering POST, /session"
debug msg="Registering POST, /swarm/init"
debug msg="Registering POST, /swarm/join"
debug msg="Registering POST, /swarm/leave"
debug msg="Registering GET, /swarm"
debug msg="Registering GET, /swarm/unlockkey"
debug msg="Registering POST, /swarm/update"
debug msg="Registering POST, /swarm/unlock"
debug msg="Registering GET, /services"
debug msg="Registering GET, /services/{id}"
debug msg="Registering POST, /services/create"
debug msg="Registering POST, /services/{id}/update"
debug msg="Registering DELETE, /services/{id}"
debug msg="Registering GET, /services/{id}/logs"
debug msg="Registering GET, /nodes"
debug msg="Registering GET, /nodes/{id}"
debug msg="Registering DELETE, /nodes/{id}"
debug msg="Registering POST, /nodes/{id}/update"
debug msg="Registering GET, /tasks"
debug msg="Registering GET, /tasks/{id}"
debug msg="Registering GET, /tasks/{id}/logs"
debug msg="Registering GET, /secrets"
debug msg="Registering POST, /secrets/create"
debug msg="Registering DELETE, /secrets/{id}"
debug msg="Registering GET, /secrets/{id}"
debug msg="Registering POST, /secrets/{id}/update"
debug msg="Registering GET, /configs"
debug msg="Registering POST, /configs/create"
debug msg="Registering DELETE, /configs/{id}"
debug msg="Registering GET, /configs/{id}"
debug msg="Registering POST, /configs/{id}/update"
debug msg="Registering GET, /plugins"
debug msg="Registering GET, /plugins/{name:.*}/json"
debug msg="Registering GET, /plugins/privileges"
debug msg="Registering DELETE, /plugins/{name:.*}"
debug msg="Registering POST, /plugins/{name:.*}/enable"
debug msg="Registering POST, /plugins/{name:.*}/disable"
debug msg="Registering POST, /plugins/pull"
debug msg="Registering POST, /plugins/{name:.*}/push"
debug msg="Registering POST, /plugins/{name:.*}/upgrade"
debug msg="Registering POST, /plugins/{name:.*}/set"
debug msg="Registering POST, /plugins/create"
debug msg="Registering GET, /distribution/{name:.*}/json"
debug msg="Registering POST, /grpc"
debug msg="Registering GET, /networks"
debug msg="Registering GET, /networks/"
debug msg="Registering GET, /networks/{id:.+}"
debug msg="Registering POST, /networks/create"
debug msg="Registering POST, /networks/{id:.*}/connect"
debug msg="Registering POST, /networks/{id:.*}/disconnect"
debug msg="Registering POST, /networks/prune"
debug msg="Registering DELETE, /networks/{id:.*}"
info msg="API listen on /var/run/docker.sock"
info msg="API listen on [::]:2375"
Authenticating with credentials from job payload (GitLab Registry)
Pulling docker image gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 ...
Using docker image sha256:ad86af52c48c2de147094ba676f99df900860b79fc08ccd0bbb95224e7b066b8 for gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 with digest gitlab.xxxxxx.com:5050/common/docker/runner/dind@sha256:a9220b5390f25d58cdd09728d3f445fdf83665cf9684931455977021bdb94592 ...
Preparing environment 00:01
Running on runner-3mp6pm7r-project-94-concurrent-0 via 6145946be6f5...
Getting source from Git repository 00:02
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /builds/sandbox/bacasable/0/.git/
Checking out ebcb93a6 as detached HEAD (ref is dev/jerome.reybert-pages/main)...
Skipping Git submodules setup
Executing "step_script" stage of the job script 00:01
Using docker image sha256:ad86af52c48c2de147094ba676f99df900860b79fc08ccd0bbb95224e7b066b8 for gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228 with digest gitlab.xxxxxx.com:5050/common/docker/runner/dind@sha256:a9220b5390f25d58cdd09728d3f445fdf83665cf9684931455977021bdb94592 ...
$ echo DOCKER_HOST $DOCKER_HOST
DOCKER_HOST tcp://docker:2375
$ docker info || true
debug msg="Calling HEAD /_ping"
debug msg="Calling GET /v1.43/info"
Client:
Version: 24.0.7
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.12.0
Path: /usr/local/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.23.3
Path: /usr/local/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 24.0.7
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 091922f03c2762540fd057fba91260237ff86acb
runc version: v1.1.9-0-gccaecfc
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
Kernel Version: 5.4.0-166-generic
Operating System: Alpine Linux v3.19 (containerized)
OSType: linux
Architecture: x86_64
CPUs: 24
Total Memory: 62.8GiB
Name: 94db64b442ef
ID: 64909ab0-f301-49d1-bdd2-23e09bf0a52b
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 25
Goroutines: 41
System Time: 2024-01-02T13:13:33.057298938Z
EventsListeners: 0
Experimental: false
Insecure Registries:
gitlab.xxxxxx.com:5050
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
WARNING: API is accessible on http://0.0.0.0:2375 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the 'Docker daemon attack surface' section in the documentation for
more information: https://docs.docker.com/go/attack-surface/
WARNING: No swap limit support
$ docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
debug msg="Calling HEAD /_ping"
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
debug msg="Calling POST /v1.43/auth"
debug msg="form data: {\"password\":\"*****\",\"serveraddress\":\"gitlab.xxxxxx.com:5050\",\"username\":\"gitlab-ci-token\"}"
debug msg="attempting v2 login to registry endpoint https://gitlab.xxxxxx.com:5050/v2/"
info msg="Error logging in to endpoint, trying next endpoint" error="Get \"https://gitlab.xxxxxx.com:5050/v2/\": http: server gave HTTP response to HTTPS client"
debug msg="attempting v2 login to registry endpoint http://gitlab.xxxxxx.com:5050/v2/"
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
Job succeededEnvironment description
docker inspect docker:24.0.7-dind (the one from hub.docker, working)
[
{
"Id": "sha256:aa93deb4ad1b0d89a24411a139b6867bd175cfc69e0e8e087bfc69911f99943d",
"RepoTags": [
"docker:24.0.7",
"docker:24.0.7-dind",
"docker:dind"
],
"RepoDigests": [
"docker@sha256:c90e58d30700470fc59bdaaf802340fd25c1db628756d7bf74e100c566ba9589"
],
"Parent": "",
"Comment": "buildkit.dockerfile.v0",
"Created": "2023-11-28T00:04:30Z",
"Container": "",
"ContainerConfig": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"DockerVersion": "",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"2375/tcp": {},
"2376/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"DOCKER_VERSION=24.0.7",
"DOCKER_BUILDX_VERSION=0.12.0",
"DOCKER_COMPOSE_VERSION=2.23.3",
"DOCKER_TLS_CERTDIR=/certs",
"DIND_COMMIT=65cfcc28ab37cb75e1560e4b4738719c07c6618e"
],
"Cmd": null,
"ArgsEscaped": true,
"Image": "",
"Volumes": {
"/var/lib/docker": {}
},
"WorkingDir": "",
"Entrypoint": [
"dockerd-entrypoint.sh"
],
"OnBuild": null,
"Labels": null
},
"Architecture": "amd64",
"Os": "linux",
"Size": 330408974,
"VirtualSize": 330408974,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/da12b57ea31f20c33a09f9fadd6572e44bb0a59d4e1ddc46af7b7fe3448839a1/diff:/var/lib/docker/overlay2/f8c3d76c2c39b018785cd183f03e457262802f38381be93b8bc5679694666b5b/diff:/var/lib/docker/overlay2/ea1789dbd381e5d73cd977e2a1a552d4f9532cc5aed2123e188e3eebed46f768/diff:/var/lib/docker/overlay2/fd4e8d0a90f644a9b4f78e2304b4578aa36d44c38dcbee352fe0aca700242977/diff:/var/lib/docker/overlay2/cfb489c0e5bfe484db8cdf63ea21e88b0e47e9ed095c08236f60e9cc881b8a82/diff:/var/lib/docker/overlay2/217d23c830edce6492d4c987a139bf423d8088b1e0806ff35c780fd1d39d603c/diff:/var/lib/docker/overlay2/2b3f97b73e2bab68fc76632995ef4dd1aec8940a8000eb407d21c55ac750997b/diff:/var/lib/docker/overlay2/f08bef6775709ccde40fd8bfa4ebaab1f08ca6f4abe56e5b73902de72eeb668d/diff:/var/lib/docker/overlay2/c226b756a71a978d9bdbf1e13f4eb1c70f1d60fac2dd18fabff131a2124e1476/diff:/var/lib/docker/overlay2/919cb9e50a1292be5ccd66e1b1a385457b10db0c50762865dbe23d47aae102bc/diff:/var/lib/docker/overlay2/3f751329cc08777512bb6275c2e9f7e7c7521a2f84566c1664a55c34d2609cb4/diff:/var/lib/docker/overlay2/f7b4eb2c943a2452a2d9b2001a3c954f14478081c1fe25895940c667cb13953f/diff:/var/lib/docker/overlay2/4ae3b61e4c843f357900002554880996c547d3a97a50152a5432cf96f2d6b945/diff",
"MergedDir": "/var/lib/docker/overlay2/9edc79bdf1ab001ffe94a90a8ff01199368fc98020c6f5e64e62f4b3cd58b11d/merged",
"UpperDir": "/var/lib/docker/overlay2/9edc79bdf1ab001ffe94a90a8ff01199368fc98020c6f5e64e62f4b3cd58b11d/diff",
"WorkDir": "/var/lib/docker/overlay2/9edc79bdf1ab001ffe94a90a8ff01199368fc98020c6f5e64e62f4b3cd58b11d/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:9fe9a137fd002363ac64f5af66146702432b638a83ee0c5b620c40a9e433e813",
"sha256:27bb4dc69238c5c1d3129b165807311b17609ef9b9d8f1180f3fb1ec99ed9a7e",
"sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef",
"sha256:3838cd3955490a59ca499f6305b33f0544dd068ec595fa7adb34d5617f1d1bec",
"sha256:a1dd4f4aeab036122b0236f8525fcc65a169c8edfe9d9cf3a5d9d62015f249ce",
"sha256:d2f9bd6f2f078602d386cbe62fc58fc60b21ffd44ac4185e86af56a5eb163219",
"sha256:a8b35e60a5821ba54cf8f12e2812dd8d28ed6c0cae02ecbc9fb653483c4cded7",
"sha256:95867e7d13f40ab731bb3917b7923337f87ade7dafb10f71c15bc479dc4339fd",
"sha256:f90c206ef76024f048cbd87edf33b45d8c451d47b2e39f6cea10a0f1e68fd81c",
"sha256:98ee80c7b5c48e8657781815c87e78e97c50c2d69290f6c604f7a45dbfc20a58",
"sha256:f098492c958450fdc05b0aef094394755d936a1caefa51fee259453ca0145c74",
"sha256:1f0600cdf71df4f6d9c3002c688f114f7bbe8714e7a6b18668e72d50694a51d6",
"sha256:3d1f5c4ca87d3f9229910a7ab40f27c4e67100107f4827a15805d42ebc22708f",
"sha256:ccde64aaa023cc356e5bfc15b40e4e0414bcea25786c8169ed3f5746dcc6d5b4"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
]docker inspect gitlab.xxxxxx.com:5050/common/docker/docker/dind:20240102 (the one from our local registry, not working)
[
{
"Id": "sha256:e3bb58bfe1c96b523e42ce9dfbe6a85d91158c57a8afb9a923c84be458941b21",
"RepoTags": [
"docker/dind:20240102",
"gitlab.xxxxxx.com:5050/common/docker/docker/dind:20240102",
"gitlab.xxxxxx.com:5050/common/docker/docker/dind:dind"
],
"RepoDigests": [
"gitlab.xxxxxx.com:5050/common/docker/docker/dind@sha256:073461a0c212c03f3c026ce0184fcefe831369cd6fa298001c4d1719f3eada91"
],
"Parent": "",
"Comment": "buildkit.dockerfile.v0",
"Created": "2023-11-28T00:04:30Z",
"Container": "",
"ContainerConfig": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"DockerVersion": "",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"2375/tcp": {},
"2376/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"DOCKER_VERSION=24.0.7",
"DOCKER_BUILDX_VERSION=0.12.0",
"DOCKER_COMPOSE_VERSION=2.23.3",
"DOCKER_TLS_CERTDIR=/certs",
"DIND_COMMIT=65cfcc28ab37cb75e1560e4b4738719c07c6618e"
],
"Cmd": null,
"ArgsEscaped": true,
"Image": "",
"Volumes": {
"/var/lib/docker": {}
},
"WorkingDir": "",
"Entrypoint": [
"dockerd-entrypoint.sh"
],
"OnBuild": null,
"Labels": {
"base-update-date": "20231227",
"build-date": "2024-01-02T14:09:09.875518",
"tag-date": "20240102",
"vcs-ref": "b7bd0d9da6a6aa3f"
}
},
"Architecture": "amd64",
"Os": "linux",
"Size": 330408974,
"VirtualSize": 330408974,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/da12b57ea31f20c33a09f9fadd6572e44bb0a59d4e1ddc46af7b7fe3448839a1/diff:/var/lib/docker/overlay2/f8c3d76c2c39b018785cd183f03e457262802f38381be93b8bc5679694666b5b/diff:/var/lib/docker/overlay2/ea1789dbd381e5d73cd977e2a1a552d4f9532cc5aed2123e188e3eebed46f768/diff:/var/lib/docker/overlay2/fd4e8d0a90f644a9b4f78e2304b4578aa36d44c38dcbee352fe0aca700242977/diff:/var/lib/docker/overlay2/cfb489c0e5bfe484db8cdf63ea21e88b0e47e9ed095c08236f60e9cc881b8a82/diff:/var/lib/docker/overlay2/217d23c830edce6492d4c987a139bf423d8088b1e0806ff35c780fd1d39d603c/diff:/var/lib/docker/overlay2/2b3f97b73e2bab68fc76632995ef4dd1aec8940a8000eb407d21c55ac750997b/diff:/var/lib/docker/overlay2/f08bef6775709ccde40fd8bfa4ebaab1f08ca6f4abe56e5b73902de72eeb668d/diff:/var/lib/docker/overlay2/c226b756a71a978d9bdbf1e13f4eb1c70f1d60fac2dd18fabff131a2124e1476/diff:/var/lib/docker/overlay2/919cb9e50a1292be5ccd66e1b1a385457b10db0c50762865dbe23d47aae102bc/diff:/var/lib/docker/overlay2/3f751329cc08777512bb6275c2e9f7e7c7521a2f84566c1664a55c34d2609cb4/diff:/var/lib/docker/overlay2/f7b4eb2c943a2452a2d9b2001a3c954f14478081c1fe25895940c667cb13953f/diff:/var/lib/docker/overlay2/4ae3b61e4c843f357900002554880996c547d3a97a50152a5432cf96f2d6b945/diff",
"MergedDir": "/var/lib/docker/overlay2/9edc79bdf1ab001ffe94a90a8ff01199368fc98020c6f5e64e62f4b3cd58b11d/merged",
"UpperDir": "/var/lib/docker/overlay2/9edc79bdf1ab001ffe94a90a8ff01199368fc98020c6f5e64e62f4b3cd58b11d/diff",
"WorkDir": "/var/lib/docker/overlay2/9edc79bdf1ab001ffe94a90a8ff01199368fc98020c6f5e64e62f4b3cd58b11d/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:9fe9a137fd002363ac64f5af66146702432b638a83ee0c5b620c40a9e433e813",
"sha256:27bb4dc69238c5c1d3129b165807311b17609ef9b9d8f1180f3fb1ec99ed9a7e",
"sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef",
"sha256:3838cd3955490a59ca499f6305b33f0544dd068ec595fa7adb34d5617f1d1bec",
"sha256:a1dd4f4aeab036122b0236f8525fcc65a169c8edfe9d9cf3a5d9d62015f249ce",
"sha256:d2f9bd6f2f078602d386cbe62fc58fc60b21ffd44ac4185e86af56a5eb163219",
"sha256:a8b35e60a5821ba54cf8f12e2812dd8d28ed6c0cae02ecbc9fb653483c4cded7",
"sha256:95867e7d13f40ab731bb3917b7923337f87ade7dafb10f71c15bc479dc4339fd",
"sha256:f90c206ef76024f048cbd87edf33b45d8c451d47b2e39f6cea10a0f1e68fd81c",
"sha256:98ee80c7b5c48e8657781815c87e78e97c50c2d69290f6c604f7a45dbfc20a58",
"sha256:f098492c958450fdc05b0aef094394755d936a1caefa51fee259453ca0145c74",
"sha256:1f0600cdf71df4f6d9c3002c688f114f7bbe8714e7a6b18668e72d50694a51d6",
"sha256:3d1f5c4ca87d3f9229910a7ab40f27c4e67100107f4827a15805d42ebc22708f",
"sha256:ccde64aaa023cc356e5bfc15b40e4e0414bcea25786c8169ed3f5746dcc6d5b4"
]
},
"Metadata": {
"LastTagTime": "2024-01-02T14:09:12.37011719+01:00"
}
}
]Diff between images
3c3
< "Id": "sha256:aa93deb4ad1b0d89a24411a139b6867bd175cfc69e0e8e087bfc69911f99943d",
---
> "Id": "sha256:e3bb58bfe1c96b523e42ce9dfbe6a85d91158c57a8afb9a923c84be458941b21",
5,7c5,7
< "docker:24.0.7",
< "docker:24.0.7-dind",
< "docker:dind"
---
> "docker/dind:20240102",
> "gitlab.xxxxxx.com:5050/common/docker/docker/dind:20240102",
> "gitlab.xxxxxx.com:5050/common/docker/docker/dind:dind"
10c10
< "docker@sha256:c90e58d30700470fc59bdaaf802340fd25c1db628756d7bf74e100c566ba9589"
---
> "gitlab.xxxxxx.com:5050/common/docker/docker/dind@sha256:073461a0c212c03f3c026ce0184fcefe831369cd6fa298001c4d1719f3eada91"
70c70,75
< "Labels": null
---
> "Labels": {
> "base-update-date": "20231227",
> "build-date": "2024-01-02T14:09:09.875518",
> "tag-date": "20240102",
> "vcs-ref": "b7bd0d9da6a6aa3f"
> }
105c110
< "LastTagTime": "0001-01-01T00:00:00Z"
---
> "LastTagTime": "2024-01-02T14:09:12.37011719+01:00"docker-builder config in config.toml
[[runners]]
name = "runner/dind"
limit = 1
url = "http://gitlab.xxxxxx.com"
id = 1671
token = "xxxxxxxxxxxxxxxxxxxx"
token_obtained_at = 2023-12-29T17:10:38Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
environment = ["GIT_CLONE_PATH=$CI_BUILDS_DIR/$CI_PROJECT_PATH/$CI_CONCURRENT_ID"]
[runners.custom_build_dir]
enabled = true
[runners.cache]
MaxUploadedArchiveSize = 0
[runners.docker]
tls_verify = false
image = "gitlab.xxxxxx.com:5050/common/docker/runner/dind:20231228"
privileged = false
services_privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0
network_mtu = 0Used GitLab Runner version
Version: 16.7.0
Git revision: 102c81ba
Git branch: 16-7-stable
GO version: go1.20.10
Built: 2023-12-21T17:01:32+0000
OS/Arch: linux/amd64Possible fixes
Don't know how to fix, but the first lead would be to check if the fact that the docker image comes from an insecure registry may lead to this error.
Edited by Jérôme Reybert