testcontainers-go
testcontainers-go copied to clipboard
Published
20 hours ago •
testcontainers
testcontainers
[Bug]: Error launching ryuk container in gitlab CI with network rules
Testcontainers version
v0.33.0
Using the latest Testcontainers version?
Yes
Host OS
Linux
Host arch
x86
Go version
1.23.0
Docker version
Client:
Version: 26.1.5
API version: 1.45
Go version: go1.22.5
Git commit: a72d7cdbeb991662bf954bfb8d02274124af21e3
Built: Fri Jul 26 17:51:06 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.3.1
API version: 1.47 (minimum version 1.24)
Go version: go1.22.7
Git commit: 41ca978
Built: Fri Sep 20 11:40:59 2024
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: 1.7.22
GitCommit: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
runc:
Version: 1.1.14
GitCommit: v1.1.14-0-g2c9f560
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Docker info
Client:
Version: 26.1.5
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.14.0
Path: /usr/libexec/docker/cli-plugins/docker-buildx
Server:
Containers: 108
Running: 41
Paused: 0
Stopped: 67
Images: 478
Server Version: 27.3.1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
runc version: v1.1.14-0-g2c9f560
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.8.0-45-generic
Operating System: Ubuntu 24.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 40
Total Memory: 188.3GiB
Name: par1dc2-is-prd-runner04
ID: 4e8b60d8-d422-4e20-a4d8-88bd6dfef5d0
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Default Address Pools:
Base: 100.64.0.0/15, Size: 24
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
What happened?
There are rules forbidding the listening of traffic on 0.0.0.0 on the GitLab CI runner at my company. In GitLab CI, jobs run alongside test containers, and the Ryuk container is run with a port exposed on the host that is accessible by everyone. However, due to the network rules, it is unreachable.
Relevant log output
failed waiting for reaper container 497d755e port tcp/8080 to be ready: dial tcp 100.64.23.1:32934: i/o timeout: creating reaper failed
Additional information
Is it possible to configure options to avoid exposing the port for the Ryuk container and to communicate with it through the container's IP address?
