-
Notifications
You must be signed in to change notification settings - Fork 997
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Runner ignores DOCKER_HOST variable when starting container #827
Comments
I have the runner working with rootless docker, check the example / ubuntu dir https://github.com/philips-labs/terraform-aws-github-runner |
That terraform module is pure gold. 🥇 But im utterly confused. You did the very same I did. Essentially this line from your exmaple
is what I think is completly ignored by the runner when passing the sock file into the container. Yes, github does start builds in docker containers, but I believe you still can not run builds using the dind images, which rely on the proper mounting of the sock file. Can you confirm that your setup is actually running the dind-test-job above without problems? |
I also tried following @npalm's example, I added the path & docker_host exports to my .bashrc, my .profile and my .env and .path in the actions-runner directory. None of this seems to get the actions runner to respect those env vars. |
Turns out the problem was that I put "export DOCKER_HOST" (the notation in .profile and .bashrc) into the .env file of my actions-runner. Removing the export fixed the docker error. For clarity, my .env now looks like this:
(The lang was added by the runner setup itself) my .profile and .bashrc ends with:
So I think that the runner does respect the DOCKER_HOST variable. |
@Frederik-Baetens Can you successfully run this job
anf if so, could you provide the output of the docker create command during startup (from the github workflow output, step "Initialize cotainers -> Starting job container")? |
So it doesn't work, but what do you need dind for when you can access docker on the host? Dind is useful for when you need to run docker inside of another docker container because of the isolation/security model such as with gitlab's runner model where everything is forced to run in a container. But why do you need that for github actions? If you absolutely want to build in a docker container for some reason, just use kaniko. I wrote a more in depth stackoverflow post about how I set this up: https://stackoverflow.com/questions/66137419/how-to-enable-non-docker-actions-to-access-docker-created-files-on-my-self-hoste/66137420#66137420 This is probably also relevant to rootless dind: https://docs.docker.com/engine/security/rootless/#rootless-docker-in-docker Using that container version seems to get dind to use the right socket address for docker, but it gets a permission denied because of the lack of privileged, and I don't know if it's easy to add that privileged flag somehow. But again, I don't see why you need dind. |
Describe the bug
I tried to run a self hosted github runner with rootless docker. I added
to .env and
/home/runner/bin
to .path. In general github actions and rootless docker work fine.When the container is initialized it runs
As you can see it tries to volume mount the non existing /var/run/docker.sock from the host, which prevents any dind image from working. It seems this value is hardcoded here and DOCKER_HOST is ignored.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
/var/run/docker.sock should not be hard coded. DOCKER_HOST should be used if set.
Runner Version and Platform
Version of your runner? 2.274.2
OS of the machine running the runner? Linux, Ubuntu 18.04
Job Log Output
Runner starts the build step with
/home/runner/bin/docker create -[...] -v "/var/run/docker.sock":"/var/run/docker.sock" [...]
which makes this job
fail:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
The text was updated successfully, but these errors were encountered: