Gitlab Fargate 在 CI/CD 期间无法拉取图像
Gitlab Fargate unable to pull image during CI/CD
我的配置
config.toml
concurrent = 100
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "xyz_project_name"
url = "https://gitlab.com/"
token = "yieSD7McA-WFMtFv5nzg"
executor = "custom"
builds_dir = "/opt/gitlab-runner/builds"
cache_dir = "/opt/gitlab-runner/cache"
[runners.custom]
privileged = true
config_exec = "/opt/gitlab-runner/fargate"
config_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "config"]
prepare_exec = "/opt/gitlab-runner/fargate"
prepare_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "prepare"]
run_exec = "/opt/gitlab-runner/fargate"
run_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "run"]
cleanup_exec = "/opt/gitlab-runner/fargate"
cleanup_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "cleanup"]
.gitlab-ci.yaml
image: docker:latest
stages:
- install_dependencies
- lint
- bundle
- build
- deploy
install_dependencies:
stage: install_dependencies
image: node:14
script:
- node -v
- npm -v
- ls node_modules
- npm install --unsafe-perm
artifacts:
paths:
- node_modules/
- version.v
- repo.name
lint:
image: node:14
stage: lint
script:
- npm run lint
bundle:
image: node:14
stage: bundle
script:
- npm run build:prod
artifacts:
paths:
- dist/
build:
stage: build
image: aws-docker:2.0.0
services:
- docker:dind
before_script:
- aws ecr get-login-password | docker login --username AWS --password-stdin $AWS_ECR_REGISTRY
script:
- docker build -t $DOCKER_REGISTRY $DOCKER_REGISTRY:latest .
- docker push $DOCKER_REGISTRY:latest
问题:
管道给出以下错误
$ node -v
bash: line 140: node: command not found
ERRO[2022-04-20T03:49:47Z] Application execution failed
这个管道在普通的 GitLab runner 上工作正常但是当我把它移到 Fargate runner 时,它给出了这个错误。我认为 Fargate runner 无法拉取图像
我能做什么,我可以在容器镜像中安装节点 v-14。但是 aws-docker:2.0.0
呢?
感谢您抽出宝贵时间详细说明您的要求,这真的很有帮助!
fargate 自定义执行器完全忽略 image: 指令,如 the documentation:
中所述
The image and service keywords in your gitlab-ci.yml file are ignored. The runner only uses the values specified in the task definition.
如文档中所述,在设置您的 fargate runner 时,您必须 prepare an image that contains all the software you will need. This must be done in advance. The job uses this image that is defined in your ECS task definition created in step 6 设置文档。
But what about aws-docker:2.0.0
Fargate 的另一个关键限制是无法在 Fargate 内部使用 docker,因为在容器内部使用 docker 需要容器具有 特权,但 AWS 在 Fargate 上禁止特权容器,因此这是不可能的。
另请注意,即使不存在此限制,services: 也会遇到与 image: 相同的问题——执行程序会忽略该服务。
有一些替代方法可以构建和推送不需要 docker 守护程序(因此不需要特权容器)的图像,例如 using kaniko to build images. You can also see the GitLab blog for guidance on how to build containers on Fargate with AWS CodeBuild
我的配置
config.toml
concurrent = 100
check_interval = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "xyz_project_name"
url = "https://gitlab.com/"
token = "yieSD7McA-WFMtFv5nzg"
executor = "custom"
builds_dir = "/opt/gitlab-runner/builds"
cache_dir = "/opt/gitlab-runner/cache"
[runners.custom]
privileged = true
config_exec = "/opt/gitlab-runner/fargate"
config_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "config"]
prepare_exec = "/opt/gitlab-runner/fargate"
prepare_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "prepare"]
run_exec = "/opt/gitlab-runner/fargate"
run_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "run"]
cleanup_exec = "/opt/gitlab-runner/fargate"
cleanup_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "cleanup"]
.gitlab-ci.yaml
image: docker:latest
stages:
- install_dependencies
- lint
- bundle
- build
- deploy
install_dependencies:
stage: install_dependencies
image: node:14
script:
- node -v
- npm -v
- ls node_modules
- npm install --unsafe-perm
artifacts:
paths:
- node_modules/
- version.v
- repo.name
lint:
image: node:14
stage: lint
script:
- npm run lint
bundle:
image: node:14
stage: bundle
script:
- npm run build:prod
artifacts:
paths:
- dist/
build:
stage: build
image: aws-docker:2.0.0
services:
- docker:dind
before_script:
- aws ecr get-login-password | docker login --username AWS --password-stdin $AWS_ECR_REGISTRY
script:
- docker build -t $DOCKER_REGISTRY $DOCKER_REGISTRY:latest .
- docker push $DOCKER_REGISTRY:latest
问题:
管道给出以下错误
$ node -v
bash: line 140: node: command not found
ERRO[2022-04-20T03:49:47Z] Application execution failed
这个管道在普通的 GitLab runner 上工作正常但是当我把它移到 Fargate runner 时,它给出了这个错误。我认为 Fargate runner 无法拉取图像
我能做什么,我可以在容器镜像中安装节点 v-14。但是 aws-docker:2.0.0
感谢您抽出宝贵时间详细说明您的要求,这真的很有帮助!
fargate 自定义执行器完全忽略 image: 指令,如 the documentation:
The
imageandservicekeywords in yourgitlab-ci.ymlfile are ignored. The runner only uses the values specified in the task definition.
如文档中所述,在设置您的 fargate runner 时,您必须 prepare an image that contains all the software you will need. This must be done in advance. The job uses this image that is defined in your ECS task definition created in step 6 设置文档。
But what about aws-docker:2.0.0
Fargate 的另一个关键限制是无法在 Fargate 内部使用 docker,因为在容器内部使用 docker 需要容器具有 特权,但 AWS 在 Fargate 上禁止特权容器,因此这是不可能的。
另请注意,即使不存在此限制,services: 也会遇到与 image: 相同的问题——执行程序会忽略该服务。
有一些替代方法可以构建和推送不需要 docker 守护程序(因此不需要特权容器)的图像,例如 using kaniko to build images. You can also see the GitLab blog for guidance on how to build containers on Fargate with AWS CodeBuild