Abner Run
文章 标签 分类
Abner Run

目录

Cannot connect to the Docker daemon

Abner Zhou 收录于 DevOps
   约 580 字   预计阅读 2 分钟 

错误复现

参考官网文档配置.gitlab-ci.yaml文件内容如下1

default:
  image: docker:24.0.5
  services:
    - name: docker:24.0.5-dind
  before_script:
    - docker info
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY

variables:
  DOCKER_REGISTRY: ${CI_REGISTRY}
  DOCKER_IMAGE: ${CI_REGISTRY_IMAGE}

stages:
  - build

build:
  stage: build
  script:
    - docker build -t $DOCKER_IMAGE:$CI_COMMIT_SHA .
    - docker push $DOCKER_IMAGE:$CI_COMMIT_SHA
    - |
      if [ "$CI_COMMIT_BRANCH" == "main" ]; then
        docker tag $DOCKER_IMAGE:$CI_COMMIT_SHA $DOCKER_IMAGE:latest
        docker push $DOCKER_IMAGE:latest
      fi

执行过程中会提示如下错误:

ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

使用TCP连接并禁用TLS

当使用dind服务的时候,必须使用tcp连接,而非sock连接2

When using dind service, you must instruct docker to talk with the daemon started inside of the service. The daemon is available with a network connection instead of the default /var/run/docker.sock socket.

修改yaml文件中的variables部分

variables:
  DOCKER_HOST: tcp://docker:2375
  # This instructs Docker not to start over TLS.
  DOCKER_TLS_CERTDIR: ""

发现错误变成了下面这样

docker: Cannot connect to the Docker daemon at tcp://docker:2375. Is the docker daemon running?

等待Docker daemon启动

当使用Kubernetes executor时,会遇到Docker daemon还没启动,就尝试连接情况3

解决方案有两个:

docker info 循环

增加一个循环,直到docker info能够正常输出以后再进行后续操作

before_script:
  - until docker info; do sleep 1; done
  - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY

HEALTHCHECK TCP PORT

在设置service的时候,增加一个HEALTHCHECK_TCP_PORT操作

services:
    - name: docker:dind
      command: [ "--tls=false" ]
      variables:
        HEALTHCHECK_TCP_PORT: "2375"

完整的gitlab-ci.yaml文件

default:
  image: docker:24.0.5
  services:
    - name: docker:24.0.5-dind
      variables:
        HEALTHCHECK_TCP_PORT: "2375"  # 检查2375端口监听情况
  before_script:
    - docker info
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY


variables:
  DOCKER_TLS_CERTDIR: ""   # 禁用TLS
  DOCKER_REGISTRY: ${CI_REGISTRY}
  DOCKER_IMAGE: ${CI_REGISTRY_IMAGE}
  DOCKER_HOST: tcp://docker:2375  # 使用TCP连接

stages:
  - build

build:
  stage: build
  script:
    - docker build -t $DOCKER_IMAGE:$CI_COMMIT_SHA .
    - docker push $DOCKER_IMAGE:$CI_COMMIT_SHA
    - |
      if [ "$CI_COMMIT_BRANCH" == "main" ]; then
        docker tag $DOCKER_IMAGE:$CI_COMMIT_SHA $DOCKER_IMAGE:latest
        docker push $DOCKER_IMAGE:latest
      fi

References

  1. use-docker-in-docker-with-privileged-mode ↩︎

  2. Use Docker to build Docker images | GitLab ↩︎

  3. Create readiness probes for services in kubernetes executor (#27215) · Issues · GitLab.org / gitlab-runner · GitLab ↩︎

更新于 2025-02-08
阅读原始文档
 DockerGitLab CI/CDKubernetes
返回 | 主页