Docker-in-Docker Explainer (Gitlab Runners)

This is old and largely irrelevant.

Run your gitlab runners in a kubes cluster. It’s easier and funner.

Docker in Docker with Gitlab Runners

I actually didn’t realize that I have been building my images with shell executers. I would personally prefer to do Docker-in-Docker so that I can take that next step towards moving into my Kubernetes cluster fulltime. This whole thing was meant to be an explainer but I took too longer to figure out why tf things were broken, so I’ll just document that for future reference.

I won’t bother writing how to install basic shit. Look at this: (https://docs.gitlab.com/runner/install/). The hot take, and thing I want to remind myself of later, is two part.

Firstly, I got the following error:

error during connect: Post "http://docker:2375/v1.24/auth": dial tcp: lookup docker on 10.10.10.10:53: no such host

If you’re getting this with the official Docker image, you have to mount docker.sock:

docker run --rm -it -v /var/run/docker.sock:/var/run/docker.sock docker:20.10

What’s more likely is that you’re getting this error in Gitlab CICD. To solve it for this, there are two things; firstly make sure that you’re using the docker:20.10-dind as your default image (or defined in your build if need be). If the error is persisting, update /etc/gitlab-runner/config.toml to reflect the following, paying attention to the volume:

[[runners]]
  name = "dxcker-hxst-docker"
  url = "https://gitlab.com/"
  token = "696969_420420420420"
  executor = "docker"
  [runners.custom_build_dir]
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]
    [runners.cache.azure]
  [runners.docker]
    tls_verify = false
    image = "docker:20.10-dind"
    privileged = true
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
    shm_size = 0

Three things that I changed from default: image from docker -> docker:20.10-dind, privileged from false to true and finally volumes to include the mapped docker socket.

Auth

Something else that I forgot to add; when you’re working with private repositories, you’re going to want to add a login thingo to your config. Otherwise you won’t have permissions to pull your private repos down.

Create a Personal Access Token, then create a b64 string using your username and not the gitlab-ci-token username! This part is important (I didn’t realize that you couldn’t use the gitlab-ci-token user).

echo "your-user:your-pat" | base64

Then bung that string into some json like below:

{
    "auths": {
        "registry.gitlab.com:5000": {
            "auth": "696969696==="
        }
    }
}

Then you want to minify and plop it into your config as such:

*/etc/gitlab-runner/config.toml

[[runners]]
  name = "some_fully_sick_name_uleh"
  url = "https://gitlab.com/"
  token = "420420_696969696"
  executor = "docker"
  environment = ["DOCKER_AUTH_CONFIG={\"auths\":{\"registry.example.com:5000\":{\"auth\":\"bXladWNqc45hqWU6bXlfcGFzc3dvcmQ=\"}}}"]

Then it should all work fine.