Open ghost opened 1 year ago
Thanks for opening the issue, we will verify if docker in docker is not supported for local invoke and get back to you
Hi,
Just spent way to much time to fix my problem that seems very similar to yours. Exact same environment & versions except using another region, and using seashell container instead of DiD.
seashell is «a dev workstation in a container», basically bringing all the tools you need to develop & administrate systems, including aws, docker, and of course sam. The seashell startup script does 2 important things for this process:
So, that's the same case:
/var/run/docker.sock
local socket, as your DiD.aws invoke
needs to mount the local path that is probably different inside the seashell container than outside on the host.Also, if you're having DHCP configuration, the external IP might change, and is not visible from within the container. But I realized that for simple local docker, we do not need to connect to the host external interface, it also works by connecting to the local docker network bridge gateway.
So, if you have jq
, and you change the <absolute path to my project on host>
, you can run this pretty generic command from within a container on the docker daemon (same host).
sam local invoke \
-v /<absolute path to SAM project on host>/.aws-sam/build \
--container-host $(docker network inspect bridge | jq -r '.[0].IPAM.Config[0].Gateway') \
--container-host-interface 0.0.0.0 \
--debug
For anyone trying to run invoke
in a DIND context inside gitlab:
My --container-host
was always wrong and I tried everything under the sun. I came across a myriad of posts that pointed me to the fact that SAM references a DOCKER_HOST
variable. Checking this variable inside my gitlab runner I saw that it was tcp://docker:2375
.
Also running docker context ls
gave me:
NAME DESCRIPTION DOCKER ENDPOINT KUBERNETES ENDPOINT ORCHESTRATOR
default * Current DOCKER_HOST based configuration tcp://docker:2375 swarm
It revealed to me that my --container-host
needed to be set docker
. This allowed SAM to correctly connect to my docker container.
full command:
sam local invoke --container-host docker --container-host-interface 0.0.0.0 --debug]
Description:
I'm interested in using SAM CLI in our CI/CD pipelines to perform testing of our lambdas. I'm most interested in commands like "local invoke" and "local start-api".
My company uses Gitlab CI for our CI/CD pipelines. In Gitlab, using docker requires a Docker-In-Docker (DIND) configuration. The docker service runs in a separate container from the pipeline runner, with a network alias of 'docker'.
When running "sam local invoke" in a DIND environment, I'm either getting a timeout, or an ImportModuleError.
Steps to reproduce:
I created a Github project that sets up a DIND environment.
Workflow Script: https://github.com/PeterBuschSF/sam-cli-test/blob/main/.github/workflows/aws-sam-cli.yml
It sets up a DIND environment to simulate the run environment we get in Gitlab.
It then runs "sam init" to pull the hello world application for python3.9.
Then I try several different ways of calling "sam local invoke" with different values for container-host and container-host-interface options.
Observed result:
Sometimes it fails with: "Timed out while attempting to establish a connection to the container. You can increase this timeout by setting the SAM_CLI_CONTAINER_CONNECTION_TIMEOUT environment variable. The current timeout is 60.0 (seconds)."
Sometimes it fails with "Error: Runtime.ImportModuleError: Unable to import module 'app': No module named 'app'"
Full output can be found here: https://github.com/PeterBuschSF/sam-cli-test/actions/runs/3950602390/jobs/6763349604
Expected result:
Successful response from sam init
Additional environment details (Ex: Windows, Mac, Amazon Linux etc)
sam --version
: SAM CLI, version 1.70.0Add --debug flag to command you are running