10

在配置 gitlab-ci 以构建 docker 映像并将它们推送到我的 gitlab 的不安全注册表时,我遇到了几个错误。我的 gitlab-ci.yaml 如下所示:

stages:
  - build
  - deploy

variables:
  GIT_SUBMODULE_STRATEGY: recursive
  CONTAINER_IMAGE: XXX:$CI_COMMIT_REF_NAME

# The insecure-registry flag 
services:
  - docker:dind

build_container:
  image: docker:latest
  stage: build
  before_script:
    - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin

  script:
    - docker build --pull -t $CONTAINER_IMAGE .
    - docker push $CONTAINER_IMAGE

第一个错误是:

  $ docker login -u gitlab-ci-token -p $CI_JOB_TOKEN myregistry.gitlab.com
  WARNING! Using --password via the CLI is insecure. Use --password-stdin.
  Warning: failed to get default registry endpoint from daemon (Cannot connect 
  to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon 
  running?). Using system default: https://index.docker.io/v1/
  Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the 
  docker daemon running?

通过将登录命令更新为

echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" myregistry.gitlab.com --password-stdin

不幸的是,更新后,我遇到了另一个错误:

$ echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" myregistry.gitlab.com --password-stdin
Error response from daemon: Get https://myregistry.gitlab.com/v2/: dial tcp XX.XX.XXX.XXX:443: getsockopt: connection refused

我该如何解决这个问题?

4

1 回答 1

38

像任何其他 docker 安装一样,有必要指示 docker 守护进程允许连接到不安全的注册表。为了在 docker-in-docker 服务的上下文中执行此操作,必须将此配置传递给服务。这可以通过更新您的 gitlab-ci.yaml 以将服务指定为:

services:
  - name: docker:dind
    command: ["--insecure-registry=myregistry.gitlab.com"]
于 2018-05-02T11:02:00.243 回答