Gitlab CI Docker in Docker just will not work!

I’m trying to get my Gitlab Runner working with Docker-in-Docker using TCP and TLS, but I just can not get it to work. At this point I’ve followed the official docs of how to set it up with a dind service in the ci environment and using TLS to connect to the daemon, this doesn’t work by following the docs, so I’ve tried countless (read >125 attempted) combinations of:

  • Different versions of docker-xx.xx.x-dind images in the .gitlab-ci.yml
  • Setting DOCKER_HOST to all kinds of tcp://docker:2375/2376/2378 tcp://localhost:2375 etc
  • Setting and not setting DOCKER_TLS_CERTDIR to “/certs” and “”
  • Setting the runner registration "DOCKER_HOST: “tcp://docker:2375” and not
  • Setting the DOCKER_IMAGE variable of the runner registration container to all the different versions I’ve tried in .gitlab-ci.yml
  • Setting DOCKER_DRIVER: overlay2 and not

At this point all I can say is that for the love of all that is holy, someone please show me a working configuration that you are actually using for running the dind service and successfully connecting to it.

My gitlab-runner register docker-compose.yml looks like this:

  register1: &register
    container_name: gl-registrator-1
    image: gitlab/gitlab-runner:latest
    environment: &regenv
      CI_SERVER_URL: "https://gitlab.com/"
      REGISTRATION_TOKEN: "xxxxxxxxxxxxxxxxxxxx"
      REGISTER_NON_INTERACTIVE: "true"
      REGISTER_RUN_UNTAGGED: "true"
      REGISTER_LOCKED: "false"
      REGISTER_ACCESS_LEVEL: "not_protected"
      RUNNER_NAME: "gl-runner-1"
      RUNNER_EXECUTOR: "docker"
      RUNNER_TAG_LIST: "docker"
      DOCKER_HOST: "tcp://docker:2375"
      DOCKER_CERT_PATH: "/certs"
      DOCKER_IMAGE: "docker:19.03.1"
      DOCKER_PRIVILEGED: "true"
      DOCKER_VOLUMES: "/certs/client"
      RUNNER_ENV: 'DOCKER_TLS_CERTDIR="/certs"'
    command: register
    volumes:
      - ./config:/etc/gitlab-runner

  runner1: &runner
    container_name: gl-runner-1
    image: gitlab/gitlab-runner:latest
    restart: unless-stopped
    volumes:
      - ./config:/etc/gitlab-runner
      # - /var/run/docker.sock:/var/run/docker.sock
    depends_on: [register1]

Which results in my config.toml:

concurrent = 1
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "gl-runner-1"
  url = "https://gitlab.com/"
  token = "xxxxxxxxx"
  executor = "docker"
  environment = ["DOCKER_TLS_CERTDIR=/certs"]
  [runners.custom_build_dir]
  [runners.docker]
    host = "tcp://docker:2375"
    tls_cert_path = "/certs"
    tls_verify = false
    image = "docker:19.03.1"
    privileged = true
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/certs/client", "/cache"]
    shm_size = 0
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]

gitlab-ci.yml:

variables:
  DOCKER_TLS_CERTDIR: /certs
  DOCKER_VERSION: "19.03.1"
  DOCKER_HOST: tcp://docker:2375
  DOCKER_DRIVER: overlay2

  # images
  DOCKER: docker:$DOCKER_VERSION
  DIND: docker:$DOCKER_VERSION-dind

stages:
  - build

build docker:
  image: docker:$DOCKER_VERSION
  services: [$DIND]
  stage: build
  before_script:
    - apk update && apk add curl git
    - curl -sL https://taskfile.dev/install.sh | sh -s -- -b /usr/bin
  script:
    - task docker:build
  only:
    refs:
      - branches
      - merge_requests
  tags:
    - docker

All of the above results in the below error, and no matter what I’ve tried to combine in the settings, it always comes back to either not being able to look up docker:NNNN or localhost:NNNN on 127.0.0.11:53.

What am I missing?