Gitlab Fargate 在 CI/CD 期间无法拉取镜像

Question

My Configuration

config.toml

concurrent = 100
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "xyz_project_name"
  url = "https://gitlab.com/"
  token = "yieSD7McA-WFMtFv5nzg"
  executor = "custom"
  builds_dir = "/opt/gitlab-runner/builds"
  cache_dir = "/opt/gitlab-runner/cache"
  [runners.custom]
    privileged = true
    config_exec = "/opt/gitlab-runner/fargate"
    config_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "config"]
    prepare_exec = "/opt/gitlab-runner/fargate"
    prepare_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "prepare"]
    run_exec = "/opt/gitlab-runner/fargate"
    run_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "run"]
    cleanup_exec = "/opt/gitlab-runner/fargate"
    cleanup_args = ["--config", "/etc/gitlab-runner/fargate.toml", "custom", "cleanup"]

.gitlab-ci.yaml

image: docker:latest

stages:
  - install_dependencies
  - lint
  - bundle
  - build
  - deploy

install_dependencies:
  stage: install_dependencies
  image: node:14
  script:
    - node -v
    - npm -v
    - ls node_modules
    - npm install --unsafe-perm
  artifacts:
    paths:
      - node_modules/
      - version.v
      - repo.name

lint:
  image: node:14
  stage: lint
  script:
    - npm run lint

bundle:
  image: node:14
  stage: bundle
  script:
    - npm run build:prod
  artifacts:
    paths:
      - dist/

build:
  stage: build
  image: aws-docker:2.0.0
  services:
    - docker:dind
  before_script:
    - aws ecr get-login-password | docker login --username AWS --password-stdin $AWS_ECR_REGISTRY
  script:
    - docker build -t  $DOCKER_REGISTRY $DOCKER_REGISTRY:latest .
    - docker push $DOCKER_REGISTRY:latest

Issue:

pipeling giving following error

$ node -v
bash: line 140: node: command not found
ERRO[2022-04-20T03:49:47Z] Application execution failed

This pipeline works fine with a normal GitLab runner But when I moved it to Fargate runner, It's giving this error. I think Fargate runner is not able to pull the image

What I can do, I can install node v-14 in the container image. But what about aws-docker:2.0.0

Thanks for taking the time to be thorough in your request, it really helps!

Answer 1

The fargate custom executor ignores the image: directive entirely, as mentioned in the documentation :

The image and service keywords in your gitlab-ci.yml file are ignored. The runner only uses the values specified in the task definition.

As described in the documentation, when setting up your fargate runner, you must prepare an image that contains all the software you will need. This must be done in advance. The job uses this image that is defined in your ECS task definition created in step 6 of the setup documentation.

But what about aws-docker:2.0.0

Another key limitation of Fargate is that it is not possible to use docker inside of Fargate because using docker inside of a container requires the container to be privileged , but privileged containers are forbidden by AWS on Fargate, thus this is not possible.

Also note, even if this limitation didn't exist, you'll also have the same issue with services: as with image: -- the service is ignored by the executor.

There are some alternative ways to build and push images that don't require a docker daemon (and therefore don't require privileged containers) such as using kaniko to build images. You can also see the GitLab blog for guidance on how to build containers on Fargate with AWS CodeBuild