Gitlabrunner + docker executor - publishing ports

Hi,

I would like to get some advise on how to accomplish e.g.
docker run -p 443:443
via the gitlabrunner configuration file.

I can not see that there is such an option in the configuration according to this: https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-executors
But I might be missing something?

I tried using the “port” option, but it does not seem to be doing what I need.

What would be the best way to accomplish publishing the ports?

Thanks,
Maiken

Hi maikenp,

it’s not really clear what kind of runner you’re trying to configure?! Have a look here for different types.

I guess the port is related to the kind of executor, e.g.:

executor = “ssh”

This executor will communicate over port 22, why this should be changed?

Good luck!

Hi, thanks for your reply.

It is a docker executor as the title indicates. I have installed gitlabrunner, and now I want to use the gitlab ci to deploy my services for testing purposes on the gitlab runner machine.

The reason I want to publish e.g. port 443, but also 2811 is that I am deploying services which use these port and others, so I need to be able to connect to those ports. I know that running docker directly (not through gitlabrunner docker executor) with docker -p 443:443 works, I can deploy the services on the gitlab runner machine, and they work as they should. But I need to use gitlabrunner since I am deploying the service via Gitlab CI. So how to pass the publish option e.g. via the config.toml of gitlab-runner?

Or if not in this way, is there any other good way to accomplish the wanted effect?

Have you read this?

Yes thanks I have. It could be that I could use docker-in-docker for instance, but it seems over-complicated.

It could also be that I could use “services”.

However, the software that I am testing is a software that is running several services - not external ones, but inherit. So I want to start all the services by deploying the software with GitLab CI - and starting up all the services in one container.

If it is not possible to do something similar to

docker run -it -p 443:443 2811:2811 <mydockerimage> /bin/bash

which would typically be

 [runners.docker]
    publish = ['443:443', '2811:2811']

then I just will have to find alternatives ways to accomplish what I need, although they all seem very cumbersome compared to having a configuration option for this.

If you use multiple service definitions the build container will be able to access the started services on the ports automatically.

E.g.

mytestjob:
services:
- mysql
image: alpine
script:
- nc -v -z mysql 3306

Should just work (note that I am not sure that alpine contains netcat)

For a multi-Service setup with services depending on others, however, this will not work, as the services do not know their dns names. If you reuse the docker-daemon which did start the build container via a mounted socket, you may invent a name and just access the services on the ports. Exposure is only needed when you do not use the bridge interface.

Hi,

thanks for that

So you mean mounting the socket with volumes=/var/run/docker.sock:/var/run/docker.sock \ option in config.toml ?

What I basically need to do is ask the client of the program I am deploying on the gitlab-runner machine to submit a job to the web service running on the same machine. This service is configured to listen for jobs on port 443 lets say. My command (which I run as a part of the script section in my gitlab-ci.yml) would something like

mysubmitcommand <ip-adress-machine>  <myjobdescriptionscript>

but I could also do

 mysubmitcommand <ip-adress-machine>:443/<servicename>  <myjobdescriptionscript>

How would I rewrite this according to your suggestion:

Thanks a lot,
Maiken

If you already have webservice as docker image with an entrypoint starting the service on port 443 the following should work:

jobname:
  service:
    - myregistry.example.com/webservice
  image: alpine
  script:
    - install-submit-command
    - submit-command myregistry.example.com-webservice

Hi again,

in the end I went for the docker socket (docker-in-docker) solution.
Something like the following:

image: docker:stable
stages:
  - deploy_and_test
deploy_staging_el7:
  stage: deploy_and_test
  script:
     - docker run --rm --publish  443:443 --publish 2811:2811 --publish 9000-9100:9000-9100  --publish 9000-9100:9000-9100/udp  <my-custom-centos7-image>

My config.toml looks like:

 [[runners]]
  name = "Docker-runner"
  url = "<my-url>"
  token = "<mytoken>"
    executor = "docker"
   [runners.docker]
     tls_verify = false
    image = "docker:stable"
    privileged = true
    disable_cache = false
    volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
    shm_size = 0
  [runners.cache]

Of course would have been much easier just to have config.toml support the publish option to pass to docker, but there you go. Suppose it will be implemented sometime.

Hi, use docker in docker solution. how could i exec this has port mapping docker container and run some script

I’m still looking for a solution like this one:
Is it somehow implemented ?