Reputation: 2296
GitLab runner unable to clone repository via http
I have the latest docker image of GitLab running in a test environment and I'm running into an issue with the GitLab runner. It's unable to clone via the HTTP link, yielding the following message:
Running on runner-bd27e50b-project-1-concurrent-0 via machine...
Cloning repository...
Cloning into '/builds/my/awesome-project'...
fatal: unable to access 'http://gitlab-ci-token:[email protected]/my/awesome-project.git/':
Failed to connect to 127.0.0.1 port 80: Connection refused
ERROR: Build failed with: exit code 1
I ran gitlab-runner with the --debug flag and used the exact address it was trying (with the token in-tact) and I could clone the repository just fine. I'm at a loss as to why the service is unable to clone the repository. The runner executor is configured as 'docker' as well. Maybe there is some port mapping issue into that container?
Upvotes: 13
Views: 12448
Answers (5)
Reputation: 14853
Probably off-topic but: In my case, I could not resolve the host gitlab.com.
So, I configured the /etc/gitlab-runner/config.toml:
sudo nano /etc/gitlab-runner/config.toml
And I added this line to [[runners.docker]]
network_mode = "host"
Full file:
[[runners]]
# ...
executor = "docker"
[runners.docker]
# ...
network_mode = "host"
Then, I needed to restart the runner:
sudo gitlab-runner restart
Now, I can clone repositories!
Thanks:
Upvotes: 2
Reputation: 2798
The hypothesis of Anthony seemed to be correct for me. It looked like the GitLab docker runner was not able to reach the GitLab server from inside the docker. For me, the solution to this error was given by this answer:
# Works something but not all the way.
sudo gitlab-runner register \
--non-interactive \
--url "http://127.0.0.1" \
--description "somedescription" \
--registration-token "$runner_token" \
--docker-image "docker:20.10.16" \
--executor "docker" \
--docker-privileged \
--docker-volumes "/certs/client" \
--docker-network-mode host
That last line: --docker-network-mode host did the trick for me, I got it from the output of command: docker network ls. I think it tells the docker to look at the network of the host when it searches for the GitLab server at 127.0.0.1. (However that is just me guessing).
Upvotes: 3
Reputation: 1957
As for now (latest versions of gitlab - 9 and upwards) you need to use https with proper ssl certificate.
As soon you add new runner with https://... all should work just fine.
Upvotes: 0
Reputation: 1957
I know this question is pretty old, but you can use slightly different approach (in case you are using docker runner with the same problem).
Run Gitlab under a domain name - it may be totally virtual, just make sure that all your VMs can resolve the domain name.
Then modify /etc/gitlab-runner/config.toml and add extra_hosts variable to the [runners.docker] section with value ["your_domain_name:ip_address"]. You can also add any other hosts you may need.
You can find more info on runner config at https://gitlab.com/gitlab-org/gitlab-ci-multi-runner/blob/master/docs/configuration/advanced-configuration.md
Upvotes: 10
Reputation: 2296
I hypothesized the issue might have something to do with registering the runner as a docker container causing the localhost address not to resolve to the right machine (where I'm starting the runner); in this case it probably resolves to the container instead. Using the host's IP on the docker proxy interface (172.17.0.1 for me) or using the host's real address instead of "localhost" when registering the runner fixes the problem.
Edit: Here is a bit more detail on the problem as I understand it and a solution. The docker instance that's loaded up is like a (very) lightweight virtual machine. Docker configures a virtual network interface which you'll see if you run ifconfig from your host machine:
user@pc:~> ifconfig
docker0 Link encap:Ethernet HWaddr XXXX
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
...
This is the IP address of the host machine on that interface. So, if you want the runner to be able to connect to the service that's running on that host machine, you can't point it to localhost/127.0.0.1 because, coming from inside the runner's instance, that will route to the runner's "VM", but GitLab is not running inside that runner "VM", it's on the host, so the runner is unable to communicate with GitLab.
The solution is to register the runner to point to the host's virtual address on the docker interface (http://172.17.0.1/ci for me), or to use the host's public IP or a domain name if you have one and it's accessible publicly. Just don't send it to localhost or 127.0.0.1 because, to the runner, that points to its "VM", not your GitLab instance.
Upvotes: 10
Related Questions
- Gitlab Pipeline failing "remote: HTTP Basic: Access denied"
- clone git repository in gitlab runner
- gitlab-runner using directory path instead of URL to clone; fails with "does not appear to be a git repository"
- Runner cannot clone gitlab repository
- Why can't gitlab-runner clone my project? (Incorrect hostname, failed to connect)
- Gitlab-CI cannot clone
- Gitlab-CI Runner HTTP Basic Access denied with private repo (self-hosted)
- Can’t clone repo from GitLab CI in Docker
- Gitlab CI can't clone gitlab repo
- Gitlab: Unable to clone by http (cloning by ssh works well)