Example GitLab Runner docker compose configuration

After having spent some time the other day to redo my (“standalone”) runner setup, I figured that I would share this for the benefit of the community.




version: "3.5"

    image: docker:20-dind
    restart: always
    privileged: true
      - --storage-driver=overlay2

    restart: always
    image: registry.gitlab.com/gitlab-org/gitlab-runner:alpine
      - dind
      - DOCKER_HOST=tcp://dind:2375
      - ./config:/etc/gitlab-runner:z

    restart: 'no'
    image: registry.gitlab.com/gitlab-org/gitlab-runner:alpine
      - dind
      - register
      - --non-interactive
      - --locked=false
      - --name=${RUNNER_NAME}
      - --executor=docker
      - --docker-image=docker:20-dind
      - --docker-volumes=/var/run/docker.sock:/var/run/docker.sock
      - ./config:/etc/gitlab-runner:z

Source: TyIsI / gitlab-runner-docker-compose · GitLab


  • Because networks are not specified, docker-compose will create project network, which defaults to bridge mode.
  • The docker references can be a little bit confusing. So let me try to clear that up:
    • By setting DOCKER_TLS_CERTDIR to empty, the dind instance is forced to use plain TCP
    • The runner connects to dind over TCP.
    • The docker.sock referenced in the register-runner is in reference to the dind executor. It’s how the containers in the docker container can talk to docker.
  • This config runs fully in dind.
  • This config is based on a config that I found and then optimized (and brought up to docker 20).
  • The config in the repo does some filesystem caching.

Hope this helps anyone!


I was struggling for hours in order to have a full gitlab ci/cd-> docker-compose runner configuration up and running with no luck till now.
At a certain point it was clear to me that i needed to configure a dind service for my docker runner but i was unable to make it work correctly.
Now i ran your docker-compose and its working like a charm!
Thanks man!

1 Like

Great work, @ TyIsI
However, I’m not able to start the dind container:

ip: can't find device 'ip_tables'
ip_tables              36864  0 
x_tables               53248 12 xt_state,xt_ipvs,xt_nat,xt_policy,xt_mark,xt_u32,xt_tcpudp,xt_conntrack,xt_MASQUERADE,xt_addrtype,nft_compat,ip_tables
modprobe: can't change directory to '/lib/modules': No such file or directory
mount: permission denied (are you root?)
Could not mount /sys/kernel/security.
AppArmor detection and --privileged mode might break.
mount: permission denied (are you root?)

Any clues ?


Sorry for the late reply!

I’m getting the same error, but it continues fine after:

What do you see in the dind logging? (docker-compose logs -f dind)

The errors you see are because of the way that Docker normally works. (It sets up NAT with IP tables to allow incoming traffic to containers. However, as this is not required for dind, it’s safe to ignore this.)

Hi @TyIsI ,

Log shows the same as yours.

However, the “dind” service keeps dying and the register-runner repeats indefinitely starting/registering/dying cycles. The limit of 50 registered runners is reached, but no runner gets online.

Still, any clues?


i didnot get the gitlab-runner to run in the qnap container. I get the following error message:

Runtime platform arch=amd64 os=linux pid=7 revision=456e3482 version=15.10.0
Starting multi-runner from /etc/gitlab-runner/config.toml… builds=0
Running in system-mode.

WARNING: There might be a problem with your config
jsonschema: ‘/runners’ does not validate with https://gitlab.com/gitlab-org/gitlab-runner/common/config#/$ref/properties/runners/type: expected array, but got null
Created missing unique system ID system_id=r_OqExoOxwLG52
Configuration loaded builds=0
listen_address not defined, metrics & debug endpoints disabled builds=0
[session_server].listen_address not defined, session endpoints disabled builds=0
Initializing executor providers builds=0
ERROR: Failed to load config stat /etc/gitlab-runner/config.toml: no such file or directory builds=0