gitlab runner使用docker报错(x509: certificate signed by unknown authority)定位

如果gitlab runner使用docker,docker是普通配置,配置好后,runner就可以正常执行任务了。

 

另外一个环节Docker配置了tls加密连接,添加runner后,runner的配置tls_verify 字段值为true:

tls_verify = true

执行任务时则会报错:

ERROR: Preparation failed: error during connect: Get https://127.0.0.1:2376/v1.25/info: x509: certificate signed by unknown authority (executor_docker.go:979:0s)

 

搜索错误原因,提示是docker找不到tls相关的证书,但是git-runner的主机上已经配置好了证书,docker命令可以正常执行。

仔细阅读gitlab文档,在https://docs.gitlab.com/runner/configuration/advanced-configuration.html里发现了tls_cert_path这个参数,

用来配置tls证书的路径的。

 在gitlab-runner的配置文件路径下/etc/gitlab-runner/config.toml,打开文件,

在runner中配置runner.docker的tls_cert_path字段值为tls文件所在路径,然后重启gitlab-runner即可

[[runners]]

  name = "root_test2"

  url = "http://10.10.10.10/"

  token = "df6bcfdbb75332d19a7712ca23b130"

  executor = "docker"

  [runners.custom_build_dir]

  [runners.docker]

    host = "tcp://127.0.0.1:2376"

    tls_verify = true

    tls_cert_path = "/root/.docker/"

    image = "gitlab:lasted"

    privileged = false

    disable_entrypoint_overwrite = false

    oom_kill_disable = false

    disable_cache = false

    volumes = ["/root/.docker:/root/.docker","/cache"]

    shm_size = 0

  [runners.cache]

    [runners.cache.s3]

    [runners.cache.gcs]

 

posted @ 2019-10-29 17:49  MyStitch  阅读(3913)  评论(0编辑  收藏  举报