Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Error launching ryuk container in gitlab CI with network rules #2817

Open
romainlaurent opened this issue Oct 8, 2024 · 0 comments
Open

[Bug]: Error launching ryuk container in gitlab CI with network rules #2817

romainlaurent opened this issue Oct 8, 2024 · 0 comments
Labels
bug An issue with the library

Comments

@romainlaurent
Copy link

Testcontainers version

v0.33.0

Using the latest Testcontainers version?

Yes

Host OS

Linux

Host arch

x86

Go version

1.23.0

Docker version

Client:
Version: 26.1.5
API version: 1.45
Go version: go1.22.5
Git commit: a72d7cdbeb991662bf954bfb8d02274124af21e3
Built: Fri Jul 26 17:51:06 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.3.1
API version: 1.47 (minimum version 1.24)
Go version: go1.22.7
Git commit: 41ca978
Built: Fri Sep 20 11:40:59 2024
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: 1.7.22
GitCommit: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
runc:
Version: 1.1.14
GitCommit: v1.1.14-0-g2c9f560
docker-init:
Version: 0.19.0
GitCommit: de40ad0

Docker info

Client:
Version: 26.1.5
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.14.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
Server:
Containers: 108
Running: 41
Paused: 0
Stopped: 67
Images: 478
Server Version: 27.3.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
runc version: v1.1.14-0-g2c9f560
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.8.0-45-generic
Operating System: Ubuntu 24.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 40
Total Memory: 188.3GiB
Name: par1dc2-is-prd-runner04
ID: 4e8b60d8-d422-4e20-a4d8-88bd6dfef5d0
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Default Address Pools:
Base: 100.64.0.0/15, Size: 24
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

What happened?

There are rules forbidding the listening of traffic on 0.0.0.0 on the GitLab CI runner at my company. In GitLab CI, jobs run alongside test containers, and the Ryuk container is run with a port exposed on the host that is accessible by everyone. However, due to the network rules, it is unreachable.

Relevant log output

failed waiting for reaper container 497d755e port tcp/8080 to be ready: dial tcp 100.64.23.1:32934: i/o timeout: creating reaper failed

Additional information

Is it possible to configure options to avoid exposing the port for the Ryuk container and to communicate with it through the container's IP address?
@romainlaurent romainlaurent added the bug An issue with the library label Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug An issue with the library
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@romainlaurent