使用docker搭建gitlab-runner及使用:
1>拉取镜像
guoshipeng@tianyi510s:~$ docker pull docker.1ms.run/gitlab/gitlab-runner:latest
latest: Pulling from gitlab/gitlab-runner
86e5016c2693: Pull complete
5194af8da5c7: Pull complete
fdb3ce38ee35: Pull complete
7225e83a9762: Pull complete
Digest: sha256:5e6a430ca17726c0fa67d4bde6faeb32e1eeb7f3a53284b2fb2952ccf2f12f35
Status: Downloaded newer image for docker.1ms.run/gitlab/gitlab-runner:latest
docker.1ms.run/gitlab/gitlab-runner:latest
guoshipeng@tianyi510s:~$ docker image tag docker.1ms.run/gitlab/gitlab-runner:latest gitlab/gitlab-runner:latest
guoshipeng@tianyi510s:~$ docker rmi docker.1ms.run/gitlab/gitlab-runner:latest
2>安装命令
docker run -d --name gitlab-runner --restart always \
-v /srv/gitlab-runner/config:/etc/gitlab-runner \
-v /var/run/docker.sock:/var/run/docker.sock \
gitlab/gitlab-runner:latest
3>查看运行状态
docker ps | grep gitlab-runner
4>注册runner(和gitlab关联), 官方镜像一直提示放弃使用registration-token,而使用AUTHENTICATION_TOKEN,但是一直没有找到AUTHENTICATION_TOKEN在呢里配置的
docker exec -it gitlab-runner gitlab-runner register \
--url "YOUR_GITLAB_SERVER" \
--token "YOUR_AUTHENTICATION_TOKEN" \
--executor "docker" \
--docker-image "alpine:latest"
--url:你的 GitLab 地址(改成你自己的)
--token:在 GitLab 界面复制的 Authentication Token
--executor:GitLab Runner 的执行模式(如 docker、shell)
--docker-image:指定使用的 Docker 镜像(这里用 alpine:latest,你可以换成 ubuntu:latest 或其他)
关于token:
https://docs.gitlab.com/ee/security/tokens/index.html#runner-authentication-tokens-also-called-runner-tokens
只能尝试还是使用registration-token:
guoshipeng@tianyi510s:~$ docker exec -it gitlab-runner gitlab-runner register \
--url "http://gitlab.example.com:9080/" \
--registration-token a_RVyNwT6bNN9DvH2bvm \
--executor "docker" \
--docker-image "alpine:latest"
Runtime platform arch=amd64 os=linux pid=24 revision=690ce25c version=17.8.3
Running in system-mode.
Enter the GitLab instance URL (for example, https://gitlab.com/):
[http://gitlab.example.com:9080/]:
Enter the registration token:
[a_RVyNwT6bNN9DvH2bvm]:
Enter a description for the runner:
[8446a748968a]: a runner for local gitlab
Enter tags for the runner (comma-separated):
tag1
Enter optional maintenance note for the runner:
WARNING: Support for registration tokens and runner parameters in the 'register' command has been deprecated in GitLab Runner 15.6 and will be replaced with support for authentication tokens. For more information, see https://docs.gitlab.com/ee/ci/runners/new_creation_workflow
ERROR: Registering runner... failed runner=a_RVyNwT status=couldn't execute POST against http://gitlab.example.com:9080/api/v4/runners: Post "http://gitlab.example.com:9080/api/v4/runners": dial tcp: lookup gitlab.example.com on 192.168.5.1:53: no such host
PANIC: Failed to register the runner.
这里尝试把url改为gitlab的容器地址:
$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' gitlab
172.17.0.4
$ docker exec -it gitlab-runner gitlab-runner register \
--url "http://172.20.0.4:9080/" \
--registration-token a_RVyNwT6bNN9DvH2bvm \
--executor "docker" \
--docker-image "alpine:latest"
还是有问题,查看docker网络
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
fb9d0551c552 bridge bridge local
5319aeb64a2e host host local
7cbb16a986d6 laravel-dev-v2-external bridge local
fab0b27bf071 laravel-dev-v2_network-laravel-internal bridge local
e6742f9d2eb1 meta-dev-v2_network-meta-internal bridge local
331156baf737 minikube bridge local
62128f5c9c7c none null local
分别查看gitlab和gitlab-runner的网络,发现都是bridge,但是就是不能互相通信
$ docker inspect gitlab | grep -A 5 "Networks"
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"8a4f7a01b396",
$ docker inspect gitlab-runner | grep -A 5 "Networks"
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"8446a748968a"
$ docker network inspect bridge
[
{
"Name": "bridge",
"Id": "fb9d0551c552356cfa4995b2ef3b08ab9ed0a047ccb3718bc5cc86c741e827b7",
"Created": "2025-02-09T21:16:38.148797896+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"710c1256ac29156deb5c550f20ab450bce5ac64eb15524ea8f7d08964b058ada": {
"Name": "alist",
"EndpointID": "9761e9b19ef6ba76934e4c31f02b2baca1e2bd006fba5d22a4b923337e028897",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"8446a748968a0deecb2fc212192716c4c6e184ef480fac02c421b09de9a2c79d": {
"Name": "gitlab-runner",
"EndpointID": "bf49157aeddc10d1527b18f02fb0456a55202fa0a217d3b6b22cd83f3f1af1a6",
"MacAddress": "02:42:ac:11:00:04",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
},
"8a4f7a01b396f322bafa16d67702eda8b71094bc814aa961b4544ba64a90b105": {
"Name": "gitlab",
"EndpointID": "e193a83211c18a7e2ee65b2b55f889f9266a2b3bbdea969ea6344c78984f5ad6",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.4/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
5>网络问题分析
后来查询得知,在linux下,,需要把url配置为宿主机在局域网下的ip地址,通过如下命令可以获取本机的所有 IP 地址(IPv4 和 IPv6),但 不包括回环地址(如 127.0.0.1)。
$ hostname -I
192.168.5.17 192.168.49.1 172.17.0.1 172.18.0.1 172.20.0.1 172.19.0.1
通过 ip a 命令可以查看,这些 ip 对应的网卡:
$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp3s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether f4:6b:8c:89:58:f6 brd ff:ff:ff:ff:ff:ff
3: wlp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether e0:0a:f6:78:3b:1d brd ff:ff:ff:ff:ff:ff
inet 192.168.5.17/24 brd 192.168.5.255 scope global dynamic noprefixroute wlp2s0
valid_lft 77836sec preferred_lft 77836sec
inet6 fe80::76cf:e344:df5b:cd7d/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: br-331156baf737: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:39:32:14:79 brd ff:ff:ff:ff:ff:ff
inet 192.168.49.1/24 brd 192.168.49.255 scope global br-331156baf737
valid_lft forever preferred_lft forever
...
...
...
可以确定:
wlp2s0(无线网卡):
192.168.5.17 是当前设备在 局域网 (Wi-Fi) 中的 IP 地址。
这个地址是 动态分配的(dynamic),说明可能是从 DHCP 服务器(如你的路由器)获取的。
你可以使用 ping 192.168.5.17 从其他设备(同一局域网内)测试它是否可达。
br-331156baf737(Docker 网络桥):
192.168.49.1 是 Docker 创建的网桥 (bridge network),用于容器之间的通信。
可以用 docker network ls 确认它属于哪个 Docker 网络:
$ docker network ls | grep 331156baf737
331156baf737 minikube bridge local
可以看到
192.168.49.1 IP 地址是 Minikube 创建的 Docker 桥接网络 (bridge network),通常用于 Minikube 虚拟机与本机的通信。
运行:
$ docker network inspect minikube
[
{
"Name": "minikube",
"Id": "331156baf737418aef246012c7ae1d0cbd10e92e005873b8b0054651e679656b",
"Created": "2024-12-10T22:25:56.520372769+08:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "192.168.49.0/24",
"Gateway": "192.168.49.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {},
"Options": {
"--icc": "",
"--ip-masq": "",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {
"created_by.minikube.sigs.k8s.io": "true",
"name.minikube.sigs.k8s.io": "minikube"
}
}
]
会发现 "Gateway": "192.168.49.1", 说明这个是minikube和宿主机通信的地址,关于上面的配置分析如下:
192.168.49.1 作为 Minikube 内部网络的网关,主要用于 Minikube 虚拟机(或容器)与宿主机之间的通信。
通信原理
Minikube 在 192.168.49.0/24 子网内创建一个网络:
网关地址:192.168.49.1
Minikube 虚拟机的 IP(通常是 192.168.49.2)
运行在 Minikube 内部的 Pod 可能分配到 192.168.49.x 其他地址
宿主机如何访问 Minikube 内部?
Ubuntu 主机 可以通过 192.168.49.1 访问 Minikube 虚拟机,前提是 Minikube 正在运行。
总结:
192.168.49.1 是 Minikube 内部网络的网关,Minikube 及其 Pod 通过它访问宿主机。
宿主机可以访问 Minikube 虚拟机的 minikube ip,Minikube 内部可以通过 192.168.49.1 访问宿主机。
6>使用下面的命令试一试
docker exec -it gitlab-runner gitlab-runner register \
--url "http://192.168.5.17:9080/" \
--registration-token a_RVyNwT6bNN9DvH2bvm \
--executor "docker" \
--docker-image "alpine:latest"
执行:
$ docker exec -it gitlab-runner gitlab-runner register \
--url "http://192.168.5.17:9080/" \
--registration-token a_RVyNwT6bNN9DvH2bvm \
--executor "docker" \
--docker-image "alpine:latest"
Runtime platform arch=amd64 os=linux pid=91 revision=690ce25c version=17.8.3
Running in system-mode.
Enter the GitLab instance URL (for example, https://gitlab.com/):
[http://192.168.5.17:9080/]:
Enter the registration token:
[a_RVyNwT6bNN9DvH2bvm]:
Enter a description for the runner:
[8446a748968a]: a runner for local gitlab
Enter tags for the runner (comma-separated):
tag1
Enter optional maintenance note for the runner:
WARNING: Support for registration tokens and runner parameters in the 'register' command has been deprecated in GitLab Runner 15.6 and will be replaced with support for authentication tokens. For more information, see https://docs.gitlab.com/ee/ci/runners/new_creation_workflow
Registering runner... succeeded runner=a_RVyNwT
Enter an executor: kubernetes, instance, custom, shell, docker, docker-windows, docker+machine, ssh, parallels, virtualbox, docker-autoscaler:
[docker]:
Enter the default Docker image (for example, ruby:2.7):
[alpine:latest]:
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
Configuration (with the authentication token) was saved in "/etc/gitlab-runner/config.toml"
$ docker exec -it gitlab-runner gitlab-runner verify
Runtime platform arch=amd64 os=linux pid=114 revision=690ce25c version=17.8.3
Running in system-mode.
Verifying runner... is alive runner=t1_UNMMA
上面的配置说明 gitlab-runner 已经注册成功,我直接打开gitlab CI/CD runners的时候,发现拉取runners失败,重启调脑,就可以了,说明要重启一个gitlab才行,下次注意
也可能是,我之前直接在gitlab CI/CD runners 下创建了一个runner(其实这个runner只是有一个初始信息,并没有和gitlab-runner关联,没什么实际意义,唯一的可能是,可以直接在gitlab-runner上关联这个命名好的runner吧,但是没有测试过。其实可以直接在启动的gitlab-runner上通过命令注册的,如下面所说), 后来又通过gitlab-runner注册的,通过gitlab-runner注册的,也可以填写一些关于runner的信息,我感觉这两种方式有冲突,导致的问题.
7>由于实际项目中,使用shell作为executor,所以这里要修改
# docker exec -it gitlab-runner /bin/bash
# apt update && apt install -y vim //已经是root用户,不需要sudo
# vim /etc/gitlab-runner/config.toml
concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "a runner for local gitlab"
url = "http://192.168.5.17:9080/"
id = 4
token = "t1_UNMMAbUzz1k-_5zyzyQa"
token_obtained_at = 2025-02-09T14:42:54Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "docker"
[runners.custom_build_dir]
[runners.cache]
MaxUploadedArchiveSize = 0
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
[runners.docker]
tls_verify = false
image = "alpine:latest"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = ["/cache"]
shm_size = 0
network_mtu = 0
修改后为:
[[runners]]
name = "your-runner-name"
url = "http://your-gitlab-url"
token = "your-registration-token"
executor = "shell" # 更改为 shell
同时把runners.docker 相关的删除
保存,重启gitlab-runner:
docker restart gitlab-runner
8>实际使用过程中,gitlab的pipelines的job一直报
Running with gitlab-runner 17.8.3 (690ce25c)
on a runner for local gitlab t1_UNMMA, system ID: r_iTJKxTxte9W9
Preparing the "shell" executor
00:00
Using Shell (bash) executor...
Preparing environment
00:00
Running on 8446a748968a...
Getting source from Git repository
00:00
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /home/gitlab-runner/builds/t1_UNMMA/0/front/laravel-15/.git/
fatal: unable to access 'http://gitlab.example.com/front/laravel-15.git/': Could not resolve host: gitlab.example.com
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: exit status 1
设个问题说明tilab-runner在拉取gitlab的代码的时候,出了问题,重新进入到gitlab-runner容器,修改config.toml配置
# vim /etc/gitlab-runner/config.toml
concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "a runner for local gitlab"
url = "http://192.168.5.17:9080/"
id = 4
token = "t1_UNMMAbUzz1k-_5zyzyQa"
token_obtained_at = 2025-02-09T14:42:54Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "shell"
clone_url = "http://192.168.5.17:9080/" # 确保拉取代码时使用正确的 URL,加了这个确实可以了
[runners.custom_build_dir]
[runners.cache]
MaxUploadedArchiveSize = 0
[runners.cache.s3]
[runners.cache.gcs]
[runners.cache.azure]
现在pipelines中的job运行成功:
//默认的main分支
Running with gitlab-runner 17.8.3 (690ce25c)
on a runner for local gitlab t1_UNMMA, system ID: r_iTJKxTxte9W9
Preparing the "shell" executor
00:00
Using Shell (bash) executor...
Preparing environment
00:00
Running on 8446a748968a...
Getting source from Git repository
00:04
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /home/gitlab-runner/builds/t1_UNMMA/0/front/laravel-15/.git/
Checking out 24a2c686 as detached HEAD (ref is main)...
Skipping Git submodules setup
Executing "step_script" stage of the job script
00:10
$ echo "Linting code... This will take about 10 seconds."
Linting code... This will take about 10 seconds.
$ sleep 10
$ echo "No lint issues found."
No lint issues found.
Cleaning up project directory and file based variables
00:00
Job succeeded
//新增一个 feat/1001_get-user 分支
Running with gitlab-runner 17.8.3 (690ce25c)
on a runner for local gitlab t1_UNMMA, system ID: r_iTJKxTxte9W9
Preparing the "shell" executor
00:00
Using Shell (bash) executor...
Preparing environment
00:00
Running on 8446a748968a...
Getting source from Git repository
00:01
Fetching changes with git depth set to 20...
Reinitialized existing Git repository in /home/gitlab-runner/builds/t1_UNMMA/0/front/laravel-15/.git/
Checking out c1367898 as detached HEAD (ref is feat/1001_get-user)...
Skipping Git submodules setup
Executing "step_script" stage of the job script
00:00
$ echo "Compiling the code..."
Compiling the code...
$ echo "Compile complete."
Compile complete.
Cleaning up project directory and file based variables
00:00
Job succeeded
至此,gitlab-runner成功运行起来,这是是一个基本的使用,还有关于网络部分的配置分析,我想重新来一个篇幅,还有配合=自定义的docker registory 使用的