Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/ci/docker/using_docker_build.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/ci/docker/using_docker_build.md')
-rw-r--r--doc/ci/docker/using_docker_build.md70
1 files changed, 63 insertions, 7 deletions
diff --git a/doc/ci/docker/using_docker_build.md b/doc/ci/docker/using_docker_build.md
index 2505089e4be..beaa2291eea 100644
--- a/doc/ci/docker/using_docker_build.md
+++ b/doc/ci/docker/using_docker_build.md
@@ -1,8 +1,7 @@
---
stage: Verify
group: Pipeline Execution
-info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
-type: concepts, howto
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments
---
# Use Docker to build Docker images **(FREE ALL)**
@@ -319,6 +318,63 @@ To use Docker-in-Docker with TLS enabled in Kubernetes:
- docker run my-docker-image /script/to/run/tests
```
+##### Docker-in-Docker with TLS disabled in Kubernetes
+
+To use Docker-in-Docker with TLS disabled in Kubernetes, you must adapt the example above to:
+
+- Remove the `[[runners.kubernetes.volumes.empty_dir]]` section from the `values.yml` file.
+- Change the port from `2376` to `2375` with `DOCKER_HOST: tcp://docker:2375`.
+- Instruct Docker to start with TLS disabled with `DOCKER_TLS_CERTDIR: ""`.
+
+For example:
+
+1. Using the
+ [Helm chart](https://docs.gitlab.com/runner/install/kubernetes.html), update the
+ [`values.yml` file](https://gitlab.com/gitlab-org/charts/gitlab-runner/-/blob/00c1a2098f303dffb910714752e9a981e119f5b5/values.yaml#L133-137):
+
+ ```yaml
+ runners:
+ config: |
+ [[runners]]
+ [runners.kubernetes]
+ image = "ubuntu:20.04"
+ privileged = true
+ ```
+
+1. You can now use `docker` in the job script. You should include the
+ `docker:24.0.5-dind` service:
+
+ ```yaml
+ default:
+ image: docker:24.0.5
+ services:
+ - docker:24.0.5-dind
+ before_script:
+ - docker info
+
+ variables:
+ # When using dind service, you must instruct Docker to talk with
+ # the daemon started inside of the service. The daemon is available
+ # with a network connection instead of the default
+ # /var/run/docker.sock socket.
+ DOCKER_HOST: tcp://docker:2375
+ #
+ # The 'docker' hostname is the alias of the service container as described at
+ # https://docs.gitlab.com/ee/ci/services/#accessing-the-services.
+ # If you're using GitLab Runner 12.7 or earlier with the Kubernetes executor and Kubernetes 1.6 or earlier,
+ # the variable must be set to tcp://localhost:2376 because of how the
+ # Kubernetes executor connects services to the job container
+ # DOCKER_HOST: tcp://localhost:2376
+ #
+ # This instructs Docker not to start over TLS.
+ DOCKER_TLS_CERTDIR: ""
+ build:
+ stage: build
+ script:
+ - docker build -t my-docker-image .
+ - docker run my-docker-image /script/to/run/tests
+ ```
+
#### Known issues with Docker-in-Docker
Docker-in-Docker is the recommended configuration, but you should be aware of the following issues:
@@ -651,11 +707,11 @@ of the following executors:
In this example, you use Buildah to:
1. Build a Docker image.
-1. Push it to [GitLab Container Registry](../../user/packages/container_registry/index.md).
+1. Push it to [GitLab container registry](../../user/packages/container_registry/index.md).
In the last step, Buildah uses the `Dockerfile` under the
root directory of the project to build the Docker image. Finally, it pushes the image to the
-project's Container Registry:
+project's container registry:
```yaml
build:
@@ -671,7 +727,7 @@ build:
BUILDAH_FORMAT: docker
FQ_IMAGE_NAME: "$CI_REGISTRY_IMAGE/test"
before_script:
- # GitLab Container Registry credentials taken from the
+ # GitLab container registry credentials taken from the
# [predefined CI/CD variables](../variables/index.md#predefined-cicd-variables)
# to authenticate to the registry.
- echo "$CI_REGISTRY_PASSWORD" | buildah login -u "$CI_REGISTRY_USER" --password-stdin $CI_REGISTRY
@@ -685,10 +741,10 @@ build:
If you are using GitLab Runner Operator deployed to an OpenShift cluster, try the
[tutorial for using Buildah to build images in rootless container](buildah_rootless_tutorial.md).
-## Use the GitLab Container Registry
+## Use the GitLab container registry
After you've built a Docker image, you can push it to the
-[GitLab Container Registry](../../user/packages/container_registry/build_and_push_images.md#use-gitlab-cicd).
+[GitLab container registry](../../user/packages/container_registry/build_and_push_images.md#use-gitlab-cicd).
## Troubleshooting
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 19:01:58 +0300