actions-runner-controller icon indicating copy to clipboard operation
actions-runner-controller copied to clipboard

Published 20 hours ago verified publisher icon actions

Docker container in dind containerMode cannot connect to Github

Open duchuyvp opened this issue 7 months ago • 13 comments

Checks

  • [X] I've already read https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/troubleshooting-actions-runner-controller-errors and I'm sure my issue is not covered in the troubleshooting guide.
  • [X] I am using charts that are officially provided

Controller Version

0.9.3

Deployment Method

ArgoCD

Checks

  • [X] This isn't a question or user support case (For Q&A and community support, go to Discussions).
  • [X] I've read the Changelog before submitting this issue and I'm sure it's not due to any recently-introduced backward-incompatible changes

To Reproduce

1. Deploy the gha-runner-scale-set-controller first with default values
   Deploy `gha-runner-scale-set` chart with release name `arc-runner-set`
   1.1 At this point, Github Actions work for simple workflow file.
2. Exec into `runner` container in `action-runne-set-****-runner-****` pod
3. Run `sudo apt update && sudo apt install git -y && git clone https://github.com/actions/actions-runner-controller.git` to make sure pod has access to public internet
4. Run `docker run --rm -it alpine sh -c "apk add git && git clone https://github.com/actions/actions-runner-controller.git"`

Describe the bug

Output from step 4:

fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.20/community/x86_64/APKINDEX.tar.gz
(1/13) Installing ca-certificates (20240705-r0)
(2/13) Installing brotli-libs (1.1.0-r2)
(3/13) Installing c-ares (1.28.1-r0)
(4/13) Installing libunistring (1.2-r0)
(5/13) Installing libidn2 (2.3.7-r0)
(6/13) Installing nghttp2-libs (1.62.1-r0)
(7/13) Installing libpsl (0.21.5-r1)
(8/13) Installing zstd-libs (1.5.6-r0)
(9/13) Installing libcurl (8.9.0-r0)
(10/13) Installing libexpat (2.6.2-r0)
(11/13) Installing pcre2 (10.43-r0)
(12/13) Installing git (2.45.2-r0)
(13/13) Installing git-init-template (2.45.2-r0)
Executing busybox-1.36.1-r29.trigger
Executing ca-certificates-20240705-r0.trigger
OK: 20 MiB in 27 packages
Cloning into 'actions-runner-controller'...
fatal: unable to access 'https://github.com/actions/actions-runner-controller.git/': SSL connection timeout

image

Describe the expected behavior

docker run command above run correctly without SSL connection timeout error

Additional Context

Yaml manifest I using to deploy `gha-runner-scale-set-controller` and `gha-runner-scale-set`


apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: arc
  namespace: argocd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  source:
    repoURL: ghcr.io/actions/actions-runner-controller-charts
    targetRevision: 0.9.3
    chart: gha-runner-scale-set-controller
    helm:
      releaseName: arc
  destination:
    name: in-cluster
    namespace: arc-systems
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
    syncOptions:
      - CreateNamespace=true
      - PrunePropagationPolicy=foreground
      - PruneLast=false
      - ServerSideApply=true
      - ApplyOutOfSyncOnly=true
    retry:
      limit: 5
      backoff:
        duration: 5s
        factor: 2
        maxDuration: 3m
  revisionHistoryLimit: 3
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: arc-runner-set
  namespace: argocd
spec:
  project: default
  destination:
    name: in-cluster
    namespace: arc-runners
  syncPolicy:
    automated:
      selfHeal: true
      allowEmpty: false
    syncOptions:
      - CreateNamespace=true
      - PrunePropagationPolicy=foreground
      - ServerSideApply=true
      - ApplyOutOfSyncOnly=true
    retry:
      limit: 5
      backoff:
        duration: 5s
        factor: 2
        maxDuration: 3m
  revisionHistoryLimit: 3

  source:
    repoURL: ghcr.io/actions/actions-runner-controller-charts
    targetRevision: 0.9.3
    chart: gha-runner-scale-set
    helm:
      releaseName: arc-runner-set
      parameters:
        - name: controllerServiceAccount.namespace
          value: arc-systems
        - name: controllerServiceAccount.name
          value: arc-gha-rs-controller
        - name: githubConfigUrl
          value: https://github.com/<organization>
        - name: minRunners
          value: "5"
        - name: containerMode.type
          value: dind
        - name: githubConfigSecret
          value: github-app-secret

Controller Logs

https://gist.github.com/duchuyvp/9b626aec67926976f09c52d303becd1a

Runner Pod Logs

This is logs when I push this workflow file:


name: Reproduce

on:
  push:
    branches: ['*']

jobs:
  push-reproduce:
    runs-on: arc-runner-set

    steps:
      - run: sudo apt update && sudo apt install git -y
      - run: git clone https://github.com/actions/actions-runner-controller.git
      - run: docker run --rm alpine sh -c "apk add git && git clone https://github.com/actions/actions-runner-controller.git"

https://gist.github.com/duchuyvp/6a5db187bfb3657a5361bcf62b0bd4ef

duchuyvp avatar Aug 01 '24 05:08 duchuyvp