7

I'm working on porting a collection of Docker images used for GitLab CI/CD building and deployment from Dockerhub to AWS public ECR. Everything works as it should except for the standard Docker image that we use as a Docker-in-Docker service. The same exact image that works when pulled from Dockerhub fails to login when pulled from public ECR.

.gitlab-ci.yml

    build-push:
      stage: package
      image: public.ecr.aws/x/x
      services:
      - public.ecr.aws/x/docker-dind:20.10

$ aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_DOCKER_REGISTRY_URL
> Logging in to Docker registry...
> error during connect: Post http://docker:2375/v1.24/auth: dial tcp: lookup docker on 8.8.8.8:53: no such host

$ cat /etc/hosts
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2  public.ecr.aws__*
172.17.0.2  public.ecr.aws-*
172.17.0.3  runner-*

Thank you.

Alex B.
  • 71
  • 1
  • 1
  • 2
  • This looks like a DNS or networking issue in (could be both) in your build container. – Nick Feb 05 '21 at 21:54
  • It looks like it’s resolving the name `docker` (from `http://docker:2375/v1.24/auth` URL) through `8.8.8.8` Google nameserver. – MLu Feb 06 '21 at 20:46
  • Did you find the solution for this? I am facing the same error. – realnsleo Aug 31 '21 at 06:29

6 Answers6

9

To resolve this problem just add on /etc/gitlab-runner/config.toml a volume map to docker sock.

volumes = ["/var/run/docker.sock:/var/run/docker.sock", "/cache"]
Anderson Dapper
  • 91
  • 1
  • 3
2

When building docker image in gitlab-ci, you must add this (dind is for "docker in docker"):

services:
  - docker:dind
Vincent J
  • 123
  • 3
0

It could be a misconfiguration of your Docker environment. For some reason it seems to be resolving the name docker (from http://docker:2375/v1.24/auth URL) through 8.8.8.8 Google nameserver. That can’t work obviously.

Try to add 120.0.0.1 docker record in your /etc/hosts - that may help.

MLu
  • 23,798
  • 5
  • 54
  • 81
0

You might need to add --docker-network-mode "host" to the Gitlab runner config. Before doing that I got the following error (assuming "dind" is the hostname, not "docker"):

ERROR: error during connect: Get http://dind:2375/v1.40/info: dial tcp: lookup dind on 8.8.8.8:53: no such host
Sean McCarthy
  • 101
  • 1
  • 5
0

As per gitlab documentation when using a custom dind docker image the docker hostname is still expected. To fix this you need to add an alias in your gitlab CI config like so:

build-push:
  stage: package
  image: public.ecr.aws/x/x
  services:
    - name: public.ecr.aws/x/docker-dind:20.10
    - alias: docker

Also not sure about your setup but the convention is to add -dind at the end of an image. Therefore, it should be public.ecr.aws/x/docker:20.10-dind

scieslak
  • 101
  • 1
0

As mentioned by @orban https://serverfault.com/users/190624/orb%c3%a1n-zolt%c3%a1n

Just add "privileged=true" to the /etc/gitlab-runner/config.toml

for ex

 [runners.docker]
    tls_verify = false
    image = "ruby:2.7"
    privileged = true <- change this from false to true
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/cache"]
    shm_size = 0
Faisal Affan
  • 1
  • 1