search

vegardit / docker-gitea-act-runner

Docker image based on debian:stable-slim to run Gitea's act_runner as a Docker container
https://buymeacoffee.com/vegardit
Apache License 2.0
164 stars 16 forks source link

DinD: Docker engine not starting #20

Closed Miladiir closed 1 year ago

Miladiir commented 1 year ago

After starting the container, the docker engine within the container does not seem to start correctly.

docker-compose.yml:

version: '3.8'

services:
  gitea_act_runner:
    image: vegardit/gitea-act-runner:dind-rootless-latest
    privileged: true
    volumes:
      - data:/data
    environment:
      TZ: "Europe/Berlin"
      GITEA_INSTANCE_URL: [redacted]
      GITEA_RUNNER_REGISTRATION_TOKEN: [redacted]
      GITEA_RUNNER_NAME: [redacted]
volumes:
  data:

Console output:

gitea_runner-gitea_act_runner-1  |    _____ _ _                            _     _____
gitea_runner-gitea_act_runner-1  |   / ____(_) |                 /\       | |   |  __ \
gitea_runner-gitea_act_runner-1  |  | |  __ _| |_ ___  __ _     /  \   ___| |_  | |__) |   _ _ __  _ __   ___ _ __
gitea_runner-gitea_act_runner-1  |  | | |_ | | __/ _ \/ _` |   / /\ \ / __| __| |  _  / | | | '_ \| '_ \ / _ \ '__|
gitea_runner-gitea_act_runner-1  |  | |__| | | ||  __/ (_| |  / ____ \ (__| |_  | | \ \ |_| | | | | | | |  __/ |
gitea_runner-gitea_act_runner-1  |   \_____|_|\__\___|\__,_| /_/    \_\___|\__| |_|  \_\__,_|_| |_|_| |_|\___|_|
gitea_runner-gitea_act_runner-1  |
gitea_runner-gitea_act_runner-1  | GIT_REPO:    https://github.com/vegardit/docker-gitea-act-runner
gitea_runner-gitea_act_runner-1  | GIT_BRANCH:  main
gitea_runner-gitea_act_runner-1  | GIT_COMMIT:  0866e7a @ 2023-07-03 17:10:59 UTC
gitea_runner-gitea_act_runner-1  | IMAGE_BUILD: 2023-07-03T17:11:52Z
gitea_runner-gitea_act_runner-1  |
gitea_runner-gitea_act_runner-1  | 2023-07-04 23:35:21 INFO [/opt/run.sh:26] Timezone is CEST +0200
gitea_runner-gitea_act_runner-1  | 2023-07-04 23:35:21 INFO [/opt/run.sh:27] Hostname: 3f504d42d9a3
gitea_runner-gitea_act_runner-1  | 2023-07-04 23:35:21 INFO [/opt/run.sh:28] IP Addresses:
gitea_runner-gitea_act_runner-1  |  - 172.20.0.2
gitea_runner-gitea_act_runner-1  | 2023-07-04 23:35:21 INFO [/opt/run.sh:62] Starting Docker engine...
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/cpuset: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/cpu: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/cpuacct: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/blkio: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/memory: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/devices: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/freezer: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/net_cls: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/perf_event: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/net_prio: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/hugetlb: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/pids: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/rdma: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | mount: /sys/fs/cgroup/misc: permission denied.
gitea_runner-gitea_act_runner-1  |        dmesg(1) may have more information after failed mount system call.
gitea_runner-gitea_act_runner-1  | Starting Docker: docker.
gitea_runner-gitea_act_runner-1  | 2023-07-04 23:35:22 INFO [/opt/run.sh:67] Waiting for Docker engine to start...
gitea_runner-gitea_act_runner-1  | time="2023-07-04T21:35:23.035500635Z" level=info msg="API listen on /var/run/docker.sock"
gitea_runner-gitea_act_runner-1  | 2023-07-04 23:35:24 INFO [/opt/run.sh:67] Waiting for Docker engine to start...

The last two lines are repeated endlessly. Any ideas?

sebthom commented 1 year ago

Does it only happen for the rootless image version?

Miladiir commented 1 year ago

Yep, the others work as expected.

Edit: Actually the "normal" DinD version cannot pull images? It seems to download the layers but maybe runs into an error while extracting? Afterwards it complains, that the image does not exist, which is wrong because I can pull it on another machine. I tried again using the third option DoD and that seems to work now. Weird.

MarcA711 commented 1 year ago

I have the exact same error. However, for me it does not work with rootless nor rootful DinD image. But I have to add, that I use rootless podman and podman-compose and not docker and docker-compose on my host.

Edit: running podman as root doesn't work either.

sinitcin commented 1 year ago

The same happened for me too. My config:

version: "2"

services:
  gitea-app:
    image: gitea/gitea:1.20
    user: root:root
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - GITEA__database__DB_TYPE=postgres
      - GITEA__database__HOST=gitea-db:5432
      - GITEA__database__NAME=gitea
      - GITEA__database__USER=gitea
      - GITEA__database__PASSWD=gitea
      - GIT_DISCOVERY_ACROSS_FILESYSTEM=1
    restart: always
    volumes:
      - ./gitea:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "2222:2222"
    depends_on:
      - gitea-db

  gitea-db:
    image: postgres:14
    user: root:root
    restart: always
    environment:
      - POSTGRES_USER=gitea
      - POSTGRES_PASSWORD=gitea
      - POSTGRES_DB=gitea
    volumes:
      - ./postgres:/var/lib/postgresql/data

  gitea_act_runner:
    user: root:root
    image: vegardit/gitea-act-runner:dind-latest
    privileged: true
    volumes:
      - ./gitea_runner/data:/data:rw
      - ./gitea_runner/cache:/root/.cache
      - ./data/git/repositories:/repo
      - /var/run/docker.sock:/var/run/docker.sock:rw
    environment:
      - TZ=Europe/Moscow
      - GITEA_INSTANCE_URL=gitea-app:3000
      - GITEA_RUNNER_REGISTRATION_TOKEN=${RUNNER_TOKEN}
sebthom commented 1 year ago

@sinitcin when using dind you cannot mount the docker socket from the host system, i.e. you need to remove this line:

- /var/run/docker.sock:/var/run/docker.sock:rw
sebthom commented 1 year ago

@Miladiir the dind-rootless container tried to start docker without the rootless mode, I fixed that. please give it another try.

MarcA711 commented 1 year ago

I used the vegardit/gitea-act-runner:dind-rootless-latest from Docker Hub. However, I still get the error.

podman log:

Output GIT_REPO: https://github.com/vegardit/docker-gitea-act-runner GIT_BRANCH: main GIT_COMMIT: 6b01de7 @ 2023-07-23 11:41:44 UTC IMAGE_BUILD: 2023-07-23T11:42:28Z 2023-07-23 14:26:31 INFO [/opt/run.sh:26] act_runner version v0.2.3 2023-07-23 14:26:31 INFO [/opt/run.sh:27] Timezone: CEST +0200 2023-07-23 14:26:31 INFO [/opt/run.sh:28] Hostname: 70784b3a707b 2023-07-23 14:26:31 INFO [/opt/run.sh:29] IP Addresses: - 10.89.0.3 2023-07-23 14:26:31 INFO [/opt/run.sh:39] Starting Docker engine (rootless)... 2023-07-23 14:26:31 INFO [/opt/run.sh:54] Waiting for Docker engine to start... : exit status 1 2023-07-23 14:26:33 INFO [/opt/run.sh:54] Waiting for Docker engine to start... : exit status 1 2023-07-23 14:26:36 INFO [/opt/run.sh:54] Waiting for Docker engine to start... : exit status 1 ..........

My docker-compose.yml:

Content version: "3.8" services: server: image: gitea/gitea:1.20-rootless user: 1001 restart: always volumes: - ./data/gitea/data:/var/lib/gitea:Z - ./data/gitea/config:/etc/gitea:Z - /usr/share/zoneinfo/Europe/Berlin:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro ports: - "3000:3000" - "2222:2222" gitea_act_runner: image: vegardit/gitea-act-runner:dind-rootless-latest privileged: true volumes: - ./data/runner/data:/data:rw,Z environment: TZ: "Europe/Berlin" GITEA_INSTANCE_INSECURE: true GITEA_INSTANCE_URL: 'http://localhost:3000' GITEA_RUNNER_REGISTRATION_TOKEN: 'XXXXX'
sebthom commented 1 year ago

@JeffersonTerrerfield I am not using podman, the image is targeting the docker runtime. However if you find anything useful to improve podman support, PRs are welcome.

Miladiir commented 1 year ago

Works now. Thanks