New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker in Docker with additional_containers doesn't seem to work? #1034
Comments
Please read the TLS section of Docker image: since 18.09+, TLS connection is used by default and is available on port To enforce the old behavior, pass |
What about the MySQL repro though? |
Sorry, didn't noticed that part of your message. It seems that if you want to supply an empty password via |
This solved the MySQL issue. As for the Docker in Docker, the section that you referred to says to use Btw, is there any way to see output from additional containers or in general know whether they work? There is some info about starting the container in debugging information but no console output or anything from that container that would allow me to figure out why it doesn't work. I'd like to also say why I thought both of the examples from the issue description will just work - Cirrus CI's documentation presents both of them:
|
You only need to set
This is strange indeed, I'm going to reopen this for further investigation.
See #1035. |
Just to keep the repro simple, here are two tasks doing the
example_task:
container:
image: docker:latest
additional_containers:
- name: dockerdaemon
privileged: true
image: docker:dind
port: 2375
env:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
env:
DOCKER_HOST: tcp://localhost:2375
script:
- netstat -tulpn
- docker run ubuntu echo hello
example_task:
arm_container:
image: docker:latest
additional_containers:
- name: dockerdaemon
privileged: true
image: docker:dind
port: 2375
env:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
env:
DOCKER_HOST: tcp://localhost:2375
script:
- netstat -tulpn
- docker run ubuntu echo hello |
Unfortunately, we don't support privileged additional containers on managed by us clusters and example_task:
container:
image: docker:latest
kvm: true
additional_containers:
- name: dockerdaemon
image: docker:dind
cpu: 2
memory: 4G
port: 2375
env:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
env:
DOCKER_HOST: tcp://localhost:2375
sleep_script: sleep 30 # so docker starts
script: docker run ubuntu echo hello |
@fkorotkov I'm using your setup but using a matrix. It works for the amd64 but not for the arm64. I got https://cirrus-ci.com/task/6248340032061440 task:
only_if: $CIRRUS_TAG == ''
env:
DOCKER_HOST: tcp://localhost:2375
matrix:
- name: linux-amd64
container:
image: docker:latest
kvm: true
additional_containers:
- name: dockerdaemon
image: docker:dind
cpu: 2
memory: 4G
port: 2375
env:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
- name: linux-arm64
arm_container:
image: docker:latest
kvm: true
additional_containers:
- name: dockerdaemon
image: docker:dind
cpu: 2
memory: 4G
port: 2375
env:
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: ""
sleep_script: sleep 30 # so docker starts
script: docker run ubuntu echo hello |
Maybe arm containers can't be KVM-enabled? The documentation isn't clear on that and arm containers are using different services entirely (EKS Cluster on AWS rather than GKE cluster on Google Cloud) so it seems plausible. Would certainly be nice if this is something that Cirrus CI developers could fix though. Note that you can now also just use Docker Builder VM which can be ran on Cirrus CI's community cluster: That's what I ended up using for cibuildwheel and it's been working well. |
Yes, I'm aware of that. it's very useful. By the way, Is that doable right now from a Cirrus standing point? |
I'm talking about native arm64, that's what the CIRRUS_ARCH env var is for (however weird that may sound). It uses Google Cloud's ARM64 VMs. You can see documentation of that by switching to arm64 tab. |
@joseluisq I think theoretically you should be able to build and push two manifests separately and than stitch them together like this post: task:
name: Push Manifest ($CIRRUS_ARCH)
alias: manifest
compute_engine_instance:
image_project: cirrus-images
image: family/docker-builder-arm64
matrix:
architecture: amd64
architecture: arm64
platform: linux
build_script: ...
login_script: ...
push_script: docker push your-username/multiarch-example:manifest-$CIRRUS_ARCH
combine_docker_builder:
login_script: ...
create_script: |
docker manifest create \
your-username/multiarch-example:manifest-latest \
--amend your-username/multiarch-example:manifest-amd64 \
--amend your-username/multiarch-example:manifest-arm64
push_script: docker manifest push your-username/multiarch-example:manifest-latest |
@jack1142 @fkorotkov thank you guys for your help. Cirrus CI rocks! ⚡ |
Expected Behavior
I expected docker daemon to be exposed on port
2375
when using this configuration:Real Behavior
The docker daemon was not exposed and when trying to connect to it I got an error message:
Link to the task output:
container
: https://cirrus-ci.com/task/5163998269145088arm_container
: https://cirrus-ci.com/task/5620585639182336Related Info
This is a (tick one of the following):
container:
/arm_container:
)Additional information
I've also tried a less special image such as the MySQL docker image that was presented in the documentation and it also did not seem to work:
outputs for those:
container
: https://cirrus-ci.com/task/4790913250623488arm_container
: https://cirrus-ci.com/task/5256499583778816The text was updated successfully, but these errors were encountered: