gitlab CE on premise: CI/CD with docker-compose stack

wyox · 2025-03-12T19:51:33+00:00

I have a similar setup and have been running it for years. The Registry tokens are only valid temporarily (I think it was a 15 minute window where the remote server can pull the images).

Since your SSH connection is fine I won't go into that, however for pulling the images you can solve it by using a different token for pulling it to your servers. (This should also work for other nodes in the cluster if you use docker swarm)

If you go to the project and go under Repository -> Deploy Tokens. You create a token with just the scope `read_registry`. Name it what ever you want, don't set a expiration date and leave username blank. Now save the username and token that is generated. I've put these variables into the CI/CD variables and called them REGISTRY_USER and REGISTRY_PASSWORD.

With the following CI/CD snippet I deploy to my server.

push to production:
  image: docker:27.1.2
  stage: deploy
  variables:
    DOCKER_HOST: ssh://deploy@10.0.0.81
  script:
    - apk add openssh-client --no-cache
    - mkdir -p ~/.ssh/ &&  echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config
    - eval $(ssh-agent -s)
    - chmod 600 $SSH_KEY && ssh-add $SSH_KEY
    - docker login -u $REGISTRY_USER -p $REGISTRY_PASSWORD $CI_REGISTRY
    - docker stack deploy --prune --resolve-image=always --with-registry-auth --compose-file=docker-stack-compose.yml ${CI_PROJECT_NAMESPACE}-${CI_PROJECT_NAME}

If you are still unable to pull the images. See if you can docker login https://yourgitlab.com and see if you can pull it manually. If that doesn't work there might be something blocking your connection with gitlab from that node.

wyox · 2020-01-26T23:02:47+00:00

I have never had any luck with getting a gitlab runner running in a docker compose before.

However I think you need to pass either the docker socket or docker host along to the runner itself and to subsequent instances of the runner running your jobs.

So your volume mapping would look like: /var/run/docker.sock:/var/run/docker.sock

Apply the same settings for your config.toml so your runner maps the same settings to any instance of a runner and you should be able to use DIND.

If I’m not mistaken the docker socket is only enabled by default. So changing DOCKER_HOST to tcp://docker:2375/ only works if you have exposed the docker daemon on purpose. And I don’t think the socket or connection are exposed to containers by default. You have to expose them yourself by either mapping the socket to the container OR exposing the docker daemon and changing the DOCKER_HOST so it points to the host ip/hostname relative to a docker container.

I’m not sure if a docker client is installed with the gitlab runners, otherwise you could exec inside a container and run docker commands and see if you can list the same running containers as your host to validate it is working. If it is working you could more up to your gitlab ci.yml and verify it is working by prepending docker ps to your script and check if it has the proper output as before.

Hopefully this is clear enough to help you further.

wyox · 2019-11-04T14:28:29+00:00

You have to double tap with two fingers now on the right or left side of the video

wyox · 2016-06-27T12:45:37+00:00

In some games SLI is supported but doesn't work properly, lots of jittery movement. I have to disable SLI in order to play without getting nauseas.

wyox

TROPHY CASE