Search code examples
dockerdocker-composegitlabgitlab-cidocker-in-docker

Why can't I connect to my docker-compose service from Gitlab CI on localhost

I'm running this on Gitlab.com's CI runner(s). A truncated version of my .gitlab-ci.yml is

image: docker/compose:1.25.5
services:
  - docker:dind
Test:
  - script/test

And a truncated version of my script/test is

docker-compose run -d --name app1_test -p 8080:8080 app1 bash
docker-compose run -d --name app2_test -p 8081:8080 app2 bash
curl -s ORIGIN:8081/healthz

I find that regardless of whether my ORIGIN is localhost, docker, 0.0.0.0 etc. I always get can't connect to remote host (0.0.0.0): Connection refused

I've seen so many answers on Gitlab forums and stack overflow and none of them solved the problem. What is going on and how do I solve / diagnose the issue?

Solution

  • First of all, many of the answers on forums are pointing out the solution I ended up going with. In practice, the reason I wanted to check that service was so that another service in my docker-compose.yml could talk to it. So why not just use that service to do the ping? Then you get a better test and you can use Docker's automatic DNS with the --name option.

    docker exec -t app1_test curl -s app2_test:8080/healthz

    Now, if this still bugs you because you just want to know why this is happening and how to diagnose / solve it, or you really do need to talk to the container from the host. I recommend that you inspect some things in your script

    cat /etc/hosts
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' app1_test
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' app2_test

    what I got surprised me

     $ cat /etc/hosts
 127.0.0.1  localhost
 ::1    localhost ip6-localhost ip6-loopback
 fe00::0    ip6-localnet
 ff00::0    ip6-mcastprefix
 ff02::1    ip6-allnodes
 ff02::2    ip6-allrouters
 127.0.0.1  0hshit.hopto.org
 127.0.0.1  daymndaymn.myftp.org
 127.0.0.1  loba.webhop.me
 172.17.0.3 docker 26f99c2de716 runner-fa6cab46-project-18056856-concurrent-0-3b5b3ec1f3220cec-docker-0
 172.17.0.4 runner-fa6cab46-project-18056856-concurrent-0

$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' app1_test
172.20.0.3172.19.0.4

$ docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' app2_test
172.20.0.2172.19.0.3

    So the other answers about using docker weren't working because that is pointing to 172.17.0.3 but neither of my containers are there. I should now be able to do a curl to 172.20.0.2:8080 and be fine, but I didn't try it because by then I convinced myself it's better to just run curl in a container.

    I actually don't know why there are two IP addresses there like that, but some rabbits just make a turn in the hole that you don't follow you know?